> ## Documentation Index
> Fetch the complete documentation index at: https://dorguai.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Configuration Overview

> All operator configuration options: command-line flags and feature toggles

The operator is configured through command-line flags, which map directly to Helm values when deploying via Helm. All features are opt-in except the core reconciliation controllers.

## Feature matrix

| Feature                       | Default                                        | Flag                 | Description                                       |
| ----------------------------- | ---------------------------------------------- | -------------------- | ------------------------------------------------- |
| ApplicationPersona controller | Enabled                                        | Always on            | Validates deployments against persona constraints |
| ClusterPersona controller     | Enabled                                        | Always on            | Discovers cluster state and resource capacity     |
| ArgoCD watcher                | Enabled                                        | `--enable-argocd`    | Watches ArgoCD Applications for sync status       |
| Validating webhook            | Disabled                                       | `--enable-webhook`   | Intercepts Deployment create/update               |
| Prometheus integration        | Disabled                                       | `--prometheus-url`   | Queries Prometheus for resource baselines         |
| WebSocket server              | Disabled                                       | `--enable-websocket` | Real-time CLI communication                       |
| Leader election               | Disabled (flag default; enabled in Helm chart) | `--leader-elect`     | HA mode for multi-replica deployments             |
| Secure metrics                | Enabled                                        | `--metrics-secure`   | HTTPS metrics endpoint with RBAC                  |

## Command-line flags

### Core

| Flag                          | Type   | Default | Description                                                                                      |
| ----------------------------- | ------ | ------- | ------------------------------------------------------------------------------------------------ |
| `--metrics-bind-address`      | string | `0`     | Metrics endpoint bind address. Use `:8443` for HTTPS or `:8080` for HTTP. Set to `0` to disable. |
| `--health-probe-bind-address` | string | `:8081` | Health and readiness probe bind address                                                          |
| `--leader-elect`              | bool   | `false` | Enable leader election for HA deployments                                                        |
| `--enable-http2`              | bool   | `false` | Enable HTTP/2 for metrics and webhook servers                                                    |

### Webhook

| Flag                  | Type   | Default    | Description                                              |
| --------------------- | ------ | ---------- | -------------------------------------------------------- |
| `--enable-webhook`    | bool   | `false`    | Enable the validating admission webhook                  |
| `--webhook-mode`      | string | `advisory` | `advisory` (warn only) or `enforcing` (reject on errors) |
| `--webhook-cert-path` | string | `""`       | Directory containing webhook TLS certificate             |
| `--webhook-cert-name` | string | `tls.crt`  | Webhook certificate filename                             |
| `--webhook-cert-key`  | string | `tls.key`  | Webhook private key filename                             |

### Metrics

| Flag                  | Type   | Default   | Description                                  |
| --------------------- | ------ | --------- | -------------------------------------------- |
| `--metrics-secure`    | bool   | `true`    | Serve metrics over HTTPS with RBAC           |
| `--metrics-cert-path` | string | `""`      | Directory containing metrics TLS certificate |
| `--metrics-cert-name` | string | `tls.crt` | Metrics certificate filename                 |
| `--metrics-cert-key`  | string | `tls.key` | Metrics private key filename                 |

### Integrations

| Flag                 | Type   | Default | Description                                 |
| -------------------- | ------ | ------- | ------------------------------------------- |
| `--enable-argocd`    | bool   | `true`  | Enable ArgoCD Application watching          |
| `--prometheus-url`   | string | `""`    | Prometheus server URL for baseline learning |
| `--enable-websocket` | bool   | `false` | Enable WebSocket server for CLI             |
| `--websocket-addr`   | string | `:9090` | WebSocket server listen address             |

<Info>
  The ArgoCD watcher only activates if both `--enable-argocd=true` **and** the ArgoCD Application CRD (`argoproj.io/v1alpha1`) is detected in the cluster. If the CRD is missing, the watcher silently skips registration.
</Info>

## Example: Full-featured deployment

```bash theme={null}
./bin/manager \
  --metrics-bind-address :8443 \
  --health-probe-bind-address :8081 \
  --leader-elect \
  --enable-webhook \
  --webhook-mode enforcing \
  --enable-argocd \
  --prometheus-url http://prometheus-server.monitoring:9090 \
  --enable-websocket \
  --websocket-addr :9090
```

<CardGroup cols={2}>
  <Card title="Helm values" icon="helm" href="/operator/configuration/helm-values">
    Complete Helm values.yaml reference
  </Card>

  <Card title="Installation" icon="download" href="/operator/installation">
    Install methods and verification
  </Card>
</CardGroup>