Compare commits
380 Commits
matrix-hoo
...
main
Author | SHA1 | Date | |
---|---|---|---|
72da712906 | |||
c7871ee4b6 | |||
3d6d0a1cfb | |||
b46e63218d | |||
d37c77f244 | |||
3a1a432005 | |||
77a3e4a926 | |||
b88454612b | |||
57e5184bee
|
|||
a789214d01 | |||
cbe22fc5e4
|
|||
617fcc0ef8 | |||
b9727e4afc | |||
e5c767b6c5 | |||
f95dd80e3a | |||
a56d7a435c
|
|||
222a273671 | |||
c4345f3e7b | |||
be5dee1fd8
|
|||
595f234afa | |||
6214d8a397 | |||
69ab6f82a0 | |||
376ea6ee88 | |||
1c9b2e93f4 | |||
83ef3d23cb | |||
8f2c262845 | |||
4f9ab170f4 | |||
ad5d06b065
|
|||
50cf277ecb | |||
e4795f1041 | |||
dc64cb498e | |||
9646667d75 | |||
1b68fcabf5 | |||
d95b7ef6ac | |||
8f92b4b3ef | |||
2d04080009 | |||
b63140e74f | |||
e430d3fe32 | |||
8e748b7084 | |||
f339e8698c | |||
fbc9293355 | |||
2371aeb612 | |||
799340aa3b | |||
9da5f721c7 | |||
aa919178a4 | |||
55e878d517 | |||
3683209b23 | |||
2be7e3789c | |||
f5bb3e2403 | |||
0ef4b6ba3c | |||
7f46106a10 | |||
71dbdbf9df | |||
1e17a769dc | |||
78024a129f | |||
5cca3b2717 | |||
a70137cfbd | |||
dc4df55373 | |||
a3f42e13ce | |||
a48262f115 | |||
bd458a3a3d | |||
3aa9113d24 | |||
1fe8881dfb | |||
fa6067e68b | |||
8a50f22e31 | |||
deaa0c94d8 | |||
e251ff65ef | |||
245212e878 | |||
a7150e1d20 | |||
8d67cc9209 | |||
e57f859564 | |||
e98973b467 | |||
cb5c199d03 | |||
df4bb2acd7 | |||
7f494fcc1e | |||
337aee6940 | |||
74c2bca3ae | |||
e1a2ee71f8 | |||
37478087d4 | |||
9af2f7d52a | |||
ab89f723a7 | |||
884cae31a3 | |||
9c2afe436d | |||
e0b707fa32 | |||
2b02da90fd | |||
225ffc6c7e | |||
fa470296b9 | |||
336a6f2815 | |||
406737ed6a | |||
ffcd5139ef | |||
69a554bd9d | |||
2aacb4115a | |||
56d7b063bd | |||
1ca985edc7 | |||
47d7604aac | |||
ecf6e80a20 | |||
f6bc5f42a5 | |||
1b28dbf3db | |||
0f2d18fc7a | |||
0c093bd754 | |||
0c8d26e3eb | |||
82d93fc450 | |||
2657f162c4 | |||
b7d53203da | |||
21a646dabd | |||
0d15a1dadd | |||
a7fe403702 | |||
34957e0c18 | |||
a9286227f7 | |||
3f6faacaa1 | |||
5817f674f4 | |||
2786520504 | |||
c93f608874 | |||
4164f50bce | |||
c060846f7b | |||
673a8c686f | |||
707cb159b9 | |||
90a61573bc | |||
ad1fa6786a | |||
28ed0e8735 | |||
0e3de3cca7 | |||
53f37bc75a | |||
01d96d9a25 | |||
76823dc414 | |||
f97b6ab657 | |||
4bee2a675c | |||
0094b5611f | |||
bb7fb1eadb | |||
99ed8cce53 | |||
02bec682c2 | |||
c549882df9 | |||
e28f44b697 | |||
78afcf24d3 | |||
86e87dbbba | |||
39134cbd95 | |||
9f66bd588c | |||
81aac4790e | |||
|
94b6b4b0fb | ||
|
27edd0a1ef | ||
94184ea569 | |||
08473fc265 | |||
81d3ecf237 | |||
8392d67790 | |||
3f06bf148c | |||
5259488c05 | |||
09c693d371 | |||
ec6f44c6bc | |||
35f331e29a | |||
3b0481fcb1 | |||
e2dfd70dc4 | |||
ffc253ef7d | |||
77dd85362e | |||
d5bb83bf84 | |||
11d3dd927b | |||
1b67b5cbb6 | |||
56fe199fb9 | |||
8ec7f590b2 | |||
d2444fb544 | |||
202a534e8e | |||
c36e4e371f | |||
1ac9444bb2 | |||
275fcd8568 | |||
158d4ca676 | |||
32e232d8e2 | |||
93d2f916fb | |||
b1a6a2fd39 | |||
d3307d4f70 | |||
1b7018d3bd | |||
b75721ae1d | |||
|
e0e4f6ee8a | ||
|
7dd80d4528 | ||
24af841f19 | |||
16211d4c62 | |||
513c46c957 | |||
3fad4e4ff0 | |||
1f867e0276 | |||
601790ab7a | |||
16ebdda6a4 | |||
dbf8f14512 | |||
22dcd7a14c | |||
8862d97c27 | |||
1f4cd543c0 | |||
4aac272e98 | |||
b8602fb919 | |||
fb34897269 | |||
ec27eff4da | |||
2b31df483e | |||
53191f1d68 | |||
172526fb79 | |||
5d5aad265a | |||
84af71da49 | |||
ab3ca49103 | |||
8b2342d1c2 | |||
9107020db2 | |||
3ecef5f8d1 | |||
|
e5b1b733fe | ||
843e37e233 | |||
ee944a6b83 | |||
|
5fe95ea7ad | ||
6a33a670e1 | |||
27cdfd742e | |||
9f68b30a31 | |||
668d50dfdb | |||
93a232947e | |||
667236239d | |||
875f0c143c | |||
670b6e600c | |||
6f5b5ffcb4 | |||
|
295a7296bc | ||
f1b4020287 | |||
969357a664 | |||
5685190e43 | |||
5e88f116fc | |||
f99ebfaa44 | |||
64e3612762 | |||
a6821995ca | |||
4291c3d18c | |||
|
3f1fc33123 | ||
fad13607e6 | |||
a1811097c0 | |||
6b850205ad | |||
d075a47f03 | |||
0a437d983d | |||
7058201439 | |||
42cd8834b9 | |||
2cda957b4c | |||
238d01c5e4 | |||
9f0fae9fdf | |||
d2f062e3db | |||
a1c9367b6d | |||
9857d61093 | |||
cfe7ebea99 | |||
aface2b57d | |||
8158d1689c | |||
276921cf8a | |||
e420e092c9 | |||
e20049fc8c | |||
37ba06acc7 | |||
02228e31cc | |||
6708443275 | |||
987cedb98a | |||
7f0fd5d5c7 | |||
d381bdee39 | |||
ed4a43cd31 | |||
1b01ed0ba2 | |||
58151e21aa | |||
3f2615097f | |||
a8bbc84740 | |||
a8b3615f2f | |||
590b095a32 | |||
5d2cdc9648 | |||
99c106bd63 | |||
e6938fe645 | |||
7f5d870579 | |||
6cf2db87f4 | |||
537d9bd125 | |||
9627287f30 | |||
dd724b5b32 | |||
cd91a16c75 | |||
69900d3931 | |||
f80cec8c82 | |||
f3d629fe00 | |||
4d3574ffa8 | |||
f98268fd25 | |||
7514ea022e | |||
a65a0dbcec | |||
6bc5aea01f | |||
80940910a9 | |||
6895b078b5 | |||
27e70a1786 | |||
de21d07a5d | |||
58cc48724b | |||
8a357574e9 | |||
220e9e011b | |||
9483523eb8 | |||
ca205a8802 | |||
36267ada6f | |||
153b7a1ad2 | |||
9b30408661 | |||
947120d73c | |||
a62e24142c | |||
03c825e816 | |||
38c2be01f9 | |||
|
5ac88f9aa8 | ||
|
3c3f1bdb76 | ||
|
718acdc607 | ||
|
71a5d81c09 | ||
|
e2d4c395e5 | ||
fd611813b7 | |||
ab5da15b10 | |||
e584566dde | |||
f06aa3a175 | |||
9abeba8f9d | |||
1f498323a4 | |||
646e3a2c36 | |||
197ca6ef81 | |||
b8780a7339 | |||
b90968ea85 | |||
d3275f8067 | |||
649f362824 | |||
732761d73b | |||
0e7627cb7d | |||
d81c246b35 | |||
|
b97dd1f892 | ||
0b8374753d | |||
cb29afdcb2 | |||
4f366535c3 | |||
f32ef77551 | |||
d02f649164 | |||
3b50ca2bfe | |||
17796a1183 | |||
512b1d4243 | |||
a2b0cdd5b6 | |||
e79af169b9 | |||
661f9342b9 | |||
9d1244c7a1 | |||
0dc50bf88f | |||
75accbbf87 | |||
19fbd95a79 | |||
d73c42fd42 | |||
|
6399a8ca97 | ||
|
580c7da73a | ||
|
11d47799f1 | ||
|
7d825da72d | ||
|
adf49292bd | ||
|
63e69df14a | ||
7bd8a4525a | |||
a860789056 | |||
58f89640a8 | |||
132e086d6d | |||
617505ee99 | |||
34a21702ab | |||
15d3253af9 | |||
90970ef172 | |||
0d6f789ffd | |||
f968776cd0 | |||
0b2beb08b7 | |||
8fae31a679 | |||
f67ac05610 | |||
7803519d04 | |||
55e63c2c72 | |||
6e083293bb | |||
60e427826c | |||
f905b4ccfe | |||
487786455c | |||
585d39657a | |||
e5e2812ed5 | |||
506218210e | |||
a7a08ef9f3 | |||
0fe94afd2a | |||
|
73262aa60a | ||
a322553210 | |||
09aae9e79d | |||
c72c25a74d | |||
9c93b1dc4a | |||
cfd426f657 | |||
93f4991a05 | |||
ce0f3c7b07 | |||
58c5443de1 | |||
b3acbf3cbc | |||
3270a3102b | |||
acc9710c72 | |||
756ef9b0c6 | |||
|
8baec6fd41 | ||
c1ab4afc46 | |||
bdcd63284a | |||
|
e8a951405d | ||
|
93caa67bad | ||
|
0dfaebdb7f | ||
|
2f721343aa | ||
270b62be53 | |||
0984e40cc8 | |||
4e26a7c727 | |||
17d146a444 | |||
323955129b | |||
d4eaeb7c21 | |||
725e83af07 | |||
|
d58fbbd819 | ||
bab4c95580 | |||
536b133850 | |||
ead44d21f7 |
39
.gitea/workflows/lint-test.yaml
Normal file
39
.gitea/workflows/lint-test.yaml
Normal file
@@ -0,0 +1,39 @@
|
||||
name: lint-and-test
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
lint-test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
version: latest
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.13"
|
||||
check-latest: true
|
||||
|
||||
- name: Set up Chart Testing
|
||||
uses: helm/chart-testing-action@v2.7.0
|
||||
|
||||
- name: Run Chart Testing (list-changed)
|
||||
id: list-changed
|
||||
run: |
|
||||
changed=$(ct list-changed --target-branch ${{ gitea.event.repository.default_branch }})
|
||||
if [[ -n "$changed" ]]; then
|
||||
echo "changed=true" >> $GITHUB_OUTPUT
|
||||
fi
|
||||
|
||||
- name: Run Chart Testing (lint)
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
run: ct lint --validate-maintainers=false --target-branch ${{ gitea.event.repository.default_branch }}
|
40
.gitea/workflows/process-repository.yaml
Normal file
40
.gitea/workflows/process-repository.yaml
Normal file
@@ -0,0 +1,40 @@
|
||||
name: process-repository
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '@daily'
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
process-repository:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Python Script
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
repository: alexlebens/workflow-scripts
|
||||
ref: main
|
||||
token: ${{ secrets.BOT_TOKEN }}
|
||||
path: workflow-scripts
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: '3.13'
|
||||
|
||||
- name: Install dependencies
|
||||
run: pip install requests immutabledict
|
||||
|
||||
- name: Run Script
|
||||
env:
|
||||
INSTANCE_URL: ${{ vars.INSTANCE_URL }}
|
||||
REPOSITORY: ${{ gitea.repository }}
|
||||
TOKEN: ${{ secrets.BOT_TOKEN }}
|
||||
LOG_LEVEL: DEBUG
|
||||
ISSUE_STALE_DAYS: 3
|
||||
ISSUE_STALE_TAG: stale
|
||||
ISSUE_EXCLUDE_TAG: Renovate
|
||||
PULL_REQUEST_STALE_DAYS: 3
|
||||
PULL_REQUEST_STALE_TAG: stale
|
||||
run: python ./workflow-scripts/process-repository.py
|
85
.gitea/workflows/release-charts-cloudflared.yml
Normal file
85
.gitea/workflows/release-charts-cloudflared.yml
Normal file
@@ -0,0 +1,85 @@
|
||||
name: release-charts-cloudflared
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "charts/cloudflared/**"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
WORKFLOW_DIR: "charts/cloudflared"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: latest
|
||||
|
||||
- name: Package Helm Chart
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
helm dependency build
|
||||
echo "PACKAGE_PATH=$(helm package . | awk '{print $NF}')" >> $GITEA_ENV
|
||||
|
||||
- name: Publish Helm Chart to Harbor
|
||||
run: |
|
||||
helm registry login ${{ vars.REGISTRY_HOST }} -u ${{ vars.REGISTRY_USER }} -p ${{ secrets.REGISTRY_SECRET }}
|
||||
helm push ${{ env.PACKAGE_PATH }} oci://${{ vars.REGISTRY_HOST }}/helm-charts
|
||||
|
||||
- name: Publish Helm Chart to Gitea
|
||||
run: |
|
||||
helm plugin install https://github.com/chartmuseum/helm-push
|
||||
helm repo add --username ${{ gitea.actor }} --password ${{ secrets.REPOSITORY_TOKEN }} helm-charts https://${{ vars.REPOSITORY_HOST }}/api/packages/alexlebens/helm
|
||||
helm cm-push ${{ env.PACKAGE_PATH }} helm-charts
|
||||
|
||||
- name: Extract Chart Metadata
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
echo "CHART_VERSION=$(yq '.version' Chart.yaml)" >> $GITEA_ENV
|
||||
echo "CHART_NAME=$(yq '.name' Chart.yaml)" >> $GITEA_ENV
|
||||
|
||||
- name: Release Helm Chart
|
||||
uses: akkuman/gitea-release-action@v1
|
||||
with:
|
||||
name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
tag_name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for cloudflared release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for cloudflared release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
85
.gitea/workflows/release-charts-generic-device-plugin.yml
Normal file
85
.gitea/workflows/release-charts-generic-device-plugin.yml
Normal file
@@ -0,0 +1,85 @@
|
||||
name: release-charts-generic-device-plugin
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "charts/generic-device-plugin/**"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
WORKFLOW_DIR: "charts/generic-device-plugin"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: latest
|
||||
|
||||
- name: Package Helm Chart
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
helm dependency build
|
||||
echo "PACKAGE_PATH=$(helm package . | awk '{print $NF}')" >> $GITEA_ENV
|
||||
|
||||
- name: Publish Helm Chart to Harbor
|
||||
run: |
|
||||
helm registry login ${{ vars.REGISTRY_HOST }} -u ${{ vars.REGISTRY_USER }} -p ${{ secrets.REGISTRY_SECRET }}
|
||||
helm push ${{ env.PACKAGE_PATH }} oci://${{ vars.REGISTRY_HOST }}/helm-charts
|
||||
|
||||
- name: Publish Helm Chart to Gitea
|
||||
run: |
|
||||
helm plugin install https://github.com/chartmuseum/helm-push
|
||||
helm repo add --username ${{ gitea.actor }} --password ${{ secrets.REPOSITORY_TOKEN }} helm-charts https://${{ vars.REPOSITORY_HOST }}/api/packages/alexlebens/helm
|
||||
helm cm-push ${{ env.PACKAGE_PATH }} helm-charts
|
||||
|
||||
- name: Extract Chart Metadata
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
echo "CHART_VERSION=$(yq '.version' Chart.yaml)" >> $GITEA_ENV
|
||||
echo "CHART_NAME=$(yq '.name' Chart.yaml)" >> $GITEA_ENV
|
||||
|
||||
- name: Release Helm Chart
|
||||
uses: akkuman/gitea-release-action@v1
|
||||
with:
|
||||
name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
tag_name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for generic-device-plugin release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for generic-device-plugin release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
85
.gitea/workflows/release-charts-gitea-actions.yml
Normal file
85
.gitea/workflows/release-charts-gitea-actions.yml
Normal file
@@ -0,0 +1,85 @@
|
||||
name: release-charts-gitea-actions
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "charts/gitea-actions/**"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
WORKFLOW_DIR: "charts/gitea-actions"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: latest
|
||||
|
||||
- name: Package Helm Chart
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
helm dependency build
|
||||
echo "PACKAGE_PATH=$(helm package . | awk '{print $NF}')" >> $GITEA_ENV
|
||||
|
||||
- name: Publish Helm Chart to Harbor
|
||||
run: |
|
||||
helm registry login ${{ vars.REGISTRY_HOST }} -u ${{ vars.REGISTRY_USER }} -p ${{ secrets.REGISTRY_SECRET }}
|
||||
helm push ${{ env.PACKAGE_PATH }} oci://${{ vars.REGISTRY_HOST }}/helm-charts
|
||||
|
||||
- name: Publish Helm Chart to Gitea
|
||||
run: |
|
||||
helm plugin install https://github.com/chartmuseum/helm-push
|
||||
helm repo add --username ${{ gitea.actor }} --password ${{ secrets.REPOSITORY_TOKEN }} helm-charts https://${{ vars.REPOSITORY_HOST }}/api/packages/alexlebens/helm
|
||||
helm cm-push ${{ env.PACKAGE_PATH }} helm-charts
|
||||
|
||||
- name: Extract Chart Metadata
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
echo "CHART_VERSION=$(yq '.version' Chart.yaml)" >> $GITEA_ENV
|
||||
echo "CHART_NAME=$(yq '.name' Chart.yaml)" >> $GITEA_ENV
|
||||
|
||||
- name: Release Helm Chart
|
||||
uses: akkuman/gitea-release-action@v1
|
||||
with:
|
||||
name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
tag_name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for gitea-actions release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for gitea-actions release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
85
.gitea/workflows/release-charts-postgres-cluster.yml
Normal file
85
.gitea/workflows/release-charts-postgres-cluster.yml
Normal file
@@ -0,0 +1,85 @@
|
||||
name: release-charts-postgres-cluster
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "charts/postgres-cluster/**"
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
env:
|
||||
WORKFLOW_DIR: "charts/postgres-cluster"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
token: ${{ secrets.GITEA_TOKEN }}
|
||||
version: latest
|
||||
|
||||
- name: Package Helm Chart
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
helm dependency build
|
||||
echo "PACKAGE_PATH=$(helm package . | awk '{print $NF}')" >> $GITEA_ENV
|
||||
|
||||
- name: Publish Helm Chart to Harbor
|
||||
run: |
|
||||
helm registry login ${{ vars.REGISTRY_HOST }} -u ${{ vars.REGISTRY_USER }} -p ${{ secrets.REGISTRY_SECRET }}
|
||||
helm push ${{ env.PACKAGE_PATH }} oci://${{ vars.REGISTRY_HOST }}/helm-charts
|
||||
|
||||
- name: Publish Helm Chart to Gitea
|
||||
run: |
|
||||
helm plugin install https://github.com/chartmuseum/helm-push
|
||||
helm repo add --username ${{ gitea.actor }} --password ${{ secrets.REPOSITORY_TOKEN }} helm-charts https://${{ vars.REPOSITORY_HOST }}/api/packages/alexlebens/helm
|
||||
helm cm-push ${{ env.PACKAGE_PATH }} helm-charts
|
||||
|
||||
- name: Extract Chart Metadata
|
||||
run: |
|
||||
cd $WORKFLOW_DIR
|
||||
echo "CHART_VERSION=$(yq '.version' Chart.yaml)" >> $GITEA_ENV
|
||||
echo "CHART_NAME=$(yq '.name' Chart.yaml)" >> $GITEA_ENV
|
||||
|
||||
- name: Release Helm Chart
|
||||
uses: akkuman/gitea-release-action@v1
|
||||
with:
|
||||
name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
tag_name: ${{ env.CHART_NAME }}-${{ env.CHART_VERSION }}
|
||||
files: |-
|
||||
${{ env.PACKAGE_PATH }}
|
||||
|
||||
- name: ntfy Success
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: success()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 3
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,successfully,completed
|
||||
details: 'Helm Chart for postgres-cluster release workflow has successfully completed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
|
||||
- name: ntfy Failed
|
||||
uses: niniyas/ntfy-action@master
|
||||
if: failure()
|
||||
with:
|
||||
url: '${{ secrets.NTFY_URL }}'
|
||||
topic: '${{ secrets.NTFY_TOPIC }}'
|
||||
title: 'Gitea Action'
|
||||
priority: 4
|
||||
headers: '{"Authorization": "Bearer ${{ secrets.NTFY_CRED }}"}'
|
||||
tags: action,failed
|
||||
details: 'Helm Chart for postgres-cluster release workflow has failed!'
|
||||
icon: 'https://cdn.jsdelivr.net/gh/selfhst/icons/png/gitea.png'
|
||||
actions: '[{"action": "view", "label": "Open Gitea", "url": "https://gitea.alexlebens.dev/alexlebens/site-profile/actions?workflow=release-image.yml", "clear": true}]'
|
||||
image: true
|
32
.gitea/workflows/renovate.yaml
Normal file
32
.gitea/workflows/renovate.yaml
Normal file
@@ -0,0 +1,32 @@
|
||||
name: renovate
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "@daily"
|
||||
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-latest
|
||||
container: ghcr.io/renovatebot/renovate:41
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Renovate
|
||||
run: renovate
|
||||
env:
|
||||
RENOVATE_PLATFORM: gitea
|
||||
RENOVATE_ENDPOINT: ${{ vars.INSTANCE_URL }}
|
||||
RENOVATE_REPOSITORIES: alexlebens/helm-charts
|
||||
RENOVATE_GIT_AUTHOR: Renovate Bot <renovate-bot@alexlebens.net>
|
||||
LOG_LEVEL: info
|
||||
RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }}
|
||||
RENOVATE_GIT_PRIVATE_KEY: ${{ secrets.RENOVATE_GIT_PRIVATE_KEY }}
|
||||
RENOVATE_GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }}
|
||||
RENOVATE_REDIS_URL: ${{ vars.RENOVATE_REDIS_URL }}
|
@@ -1,2 +0,0 @@
|
||||
# This file is processed by Renovate bot so that it creates a PR on new major Renovate versions
|
||||
FROM renovate/renovate:37
|
112
.github/renovate.json
vendored
112
.github/renovate.json
vendored
@@ -1,112 +0,0 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:recommended",
|
||||
"mergeConfidence:all-badges",
|
||||
":rebaseStalePrs"
|
||||
],
|
||||
"timezone": "US/Mountain",
|
||||
"schedule": [
|
||||
"every weekday"
|
||||
],
|
||||
"labels": [],
|
||||
"packageRules": [
|
||||
{
|
||||
"description": "Disables for non major Renovate version",
|
||||
"matchPaths": [
|
||||
".github/renovate-update-notification/Dockerfile"
|
||||
],
|
||||
"matchUpdateTypes": [
|
||||
"minor",
|
||||
"patch",
|
||||
"pin",
|
||||
"digest",
|
||||
"rollback"
|
||||
],
|
||||
"enabled": false
|
||||
},
|
||||
{
|
||||
"description": "Generate for major Renovate version",
|
||||
"matchPaths": [
|
||||
".github/renovate-update-notification/Dockerfile"
|
||||
],
|
||||
"matchUpdateTypes": [
|
||||
"major"
|
||||
],
|
||||
"addLabels": [
|
||||
"upgrade"
|
||||
],
|
||||
"automerge": false
|
||||
},
|
||||
{
|
||||
"description": "Label service images",
|
||||
"matchPackageNames": [
|
||||
"ghcr.io/alex1989hu/kubelet-serving-cert-approver",
|
||||
"ghcr.io/cloudnative-pg/postgresql",
|
||||
"redis/redis-stack-server"
|
||||
],
|
||||
"matchDatasources": [
|
||||
"docker"
|
||||
],
|
||||
"addLabels": [
|
||||
"service",
|
||||
"image"
|
||||
],
|
||||
"automerge": false,
|
||||
"minimumReleaseAge": "3 days"
|
||||
},
|
||||
{
|
||||
"description": "Label service charts",
|
||||
"matchPackageNames": [
|
||||
"elasticsearch",
|
||||
"redis"
|
||||
],
|
||||
"matchDatasources": [
|
||||
"helm"
|
||||
],
|
||||
"addLabels": [
|
||||
"serivce",
|
||||
"chart"
|
||||
],
|
||||
"automerge": false,
|
||||
"minimumReleaseAge": "3 days"
|
||||
},
|
||||
{
|
||||
"description": "Label application images",
|
||||
"matchPackageNames": [
|
||||
"bbilly1/tubearchivist-jf",
|
||||
"bbilly1/tubearchivist",
|
||||
"freshrss/freshrss",
|
||||
"ghcr.io/gethomepage/homepage",
|
||||
"homeassistant/home-assistant",
|
||||
"linuxserver/calibre",
|
||||
"linuxserver/code-server",
|
||||
"linuxserver/cops",
|
||||
"outlinewiki/outline",
|
||||
"rmcrackan/libation"
|
||||
],
|
||||
"matchDatasources": [
|
||||
"docker"
|
||||
],
|
||||
"addLabels": [
|
||||
"application",
|
||||
"image"
|
||||
],
|
||||
"automerge": false,
|
||||
"minimumReleaseAge": "3 days"
|
||||
},
|
||||
{
|
||||
"description": "Label application charts",
|
||||
"matchPackageNames": [],
|
||||
"matchDatasources": [
|
||||
"helm"
|
||||
],
|
||||
"addLabels": [
|
||||
"application",
|
||||
"chart"
|
||||
],
|
||||
"automerge": false,
|
||||
"minimumReleaseAge": "3 days"
|
||||
}
|
||||
]
|
||||
}
|
37
.github/workflows/lint-test.yaml
vendored
37
.github/workflows/lint-test.yaml
vendored
@@ -1,37 +0,0 @@
|
||||
name: lint-and-test-charts
|
||||
|
||||
on: pull_request
|
||||
|
||||
jobs:
|
||||
lint-test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Set up Helm
|
||||
uses: azure/setup-helm@v4
|
||||
with:
|
||||
version: v3.13.3
|
||||
|
||||
- uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: "3.10"
|
||||
check-latest: true
|
||||
|
||||
- name: Set up chart-testing
|
||||
uses: helm/chart-testing-action@v2.6.1
|
||||
|
||||
- name: Run chart-testing (list-changed)
|
||||
id: list-changed
|
||||
run: |
|
||||
changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }})
|
||||
if [[ -n "$changed" ]]; then
|
||||
echo "changed=true" >> "$GITHUB_OUTPUT"
|
||||
fi
|
||||
|
||||
- name: Run chart-testing (lint)
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
run: ct lint --target-branch ${{ github.event.repository.default_branch }}
|
@@ -4,6 +4,8 @@ on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- "charts/**"
|
||||
|
||||
jobs:
|
||||
release:
|
||||
@@ -22,6 +24,6 @@ jobs:
|
||||
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
|
||||
|
||||
- name: Run chart-releaser
|
||||
uses: helm/chart-releaser-action@v1.6.0
|
||||
uses: helm/chart-releaser-action@v1.7.0
|
||||
env:
|
||||
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
5
.gitignore
vendored
5
.gitignore
vendored
@@ -1,3 +1,6 @@
|
||||
# Archived
|
||||
charts/**/archive
|
||||
|
||||
# Compiled Helm chart dependencies
|
||||
charts/**/Chart.lock
|
||||
charts/**/charts/
|
||||
@@ -6,4 +9,4 @@ charts/**/charts/
|
||||
__snapshot__/
|
||||
|
||||
# Docs
|
||||
_site/
|
||||
_site/
|
||||
|
19
.pre-commit-config.yaml
Normal file
19
.pre-commit-config.yaml
Normal file
@@ -0,0 +1,19 @@
|
||||
repos:
|
||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||
rev: v2.3.0
|
||||
hooks:
|
||||
- id: end-of-file-fixer
|
||||
- id: trailing-whitespace
|
||||
- id: check-added-large-files
|
||||
- id: check-yaml
|
||||
exclude: 'charts/'
|
||||
args:
|
||||
- --multi
|
||||
- repo: https://github.com/norwoodj/helm-docs
|
||||
rev: v1.14.2
|
||||
hooks:
|
||||
- id: helm-docs
|
||||
args:
|
||||
- --chart-search-root=charts
|
||||
- --template-files=./_templates.gotmpl
|
||||
- --template-files=README.md.gotmpl
|
@@ -1,13 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: calibre-server
|
||||
version: 0.0.6
|
||||
description: Chart for Calibre content database
|
||||
keywords:
|
||||
- media
|
||||
- books
|
||||
sources:
|
||||
- https://github.com/kovidgoyal/calibre
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://raw.githubusercontent.com/kovidgoyal/calibre/master/resources/images/lt.png
|
||||
appVersion: 7.5.1
|
@@ -1,18 +0,0 @@
|
||||
## Introduction
|
||||
|
||||
[Calibre](https://calibre-ebook.com/)
|
||||
|
||||
calibre is an e-book manager. It can view, convert, edit and catalog e-books in all of the major e-book formats. It can also talk to e-book reader devices. It can go out to the internet and fetch metadata for your books. It can download newspapers and convert them into e-books for convenient reading.
|
||||
|
||||
This chart bootstraps a [Calibre](https://github.com/home-assistant) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes
|
||||
- Helm
|
||||
- Traefik v2 / IngressRoute
|
||||
- Authentik / Auth
|
||||
|
||||
## Parameters
|
||||
|
||||
See the [values files](values.yaml).
|
@@ -1,83 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: calibre-server
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: {{ .Values.deployment.replicas }}
|
||||
strategy:
|
||||
type: {{ .Values.deployment.strategy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: calibre-server
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
- name: calibre-server
|
||||
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.http.port }}
|
||||
protocol: TCP
|
||||
- name: content
|
||||
containerPort: {{ .Values.service.content.port }}
|
||||
protocol: TCP
|
||||
env:
|
||||
{{- range $k,$v := .Values.deployment.env }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: calibre-server-config
|
||||
- mountPath: /books
|
||||
name: calibre-server-books
|
||||
resources:
|
||||
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
startupProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 30
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 5
|
||||
volumes:
|
||||
- name: calibre-server-config
|
||||
persistentVolumeClaim:
|
||||
claimName: calibre-server-config
|
||||
- name: calibre-server-books
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.books.claimName }}
|
@@ -1,34 +0,0 @@
|
||||
{{- if .Values.ingressRoute.enabled }}
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: calibre-server
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: calibre-server
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.ingressRoute.http.host }}`)"
|
||||
middlewares:
|
||||
- name: "authentik-{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
priority: 10
|
||||
services:
|
||||
- kind: Service
|
||||
name: calibre-server
|
||||
port: {{ .Values.service.http.port }}
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.ingressRoute.http.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
|
||||
priority: 15
|
||||
services:
|
||||
- kind: Service
|
||||
name: {{ .Values.ingressRoute.authentik.outpost }}
|
||||
port: {{ .Values.ingressRoute.authentik.port }}
|
||||
{{- end }}
|
@@ -1,29 +0,0 @@
|
||||
{{- if .Values.ingressRoute.enabled }}
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: "authentik-{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: auth
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: "http://{{ .Values.ingressRoute.authentik.outpost }}.authentik:{{ .Values.ingressRoute.authentik.port }}/outpost.goauthentik.io/auth/traefik"
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
||||
{{- end }}
|
@@ -1,19 +0,0 @@
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: calibre-server-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.config.storageSize }}
|
||||
storageClassName: {{ .Values.persistence.config.storageClassName }}
|
||||
volumeMode: {{ .Values.persistence.config.volumeMode }}
|
@@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: calibre-server
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: calibre-server
|
@@ -1,44 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: calibre-server
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: {{ .Values.service.http.port }}
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: calibre-server-content
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: {{ .Values.service.content.port }}
|
||||
targetPort: content
|
||||
protocol: TCP
|
||||
name: content
|
||||
selector:
|
||||
app.kubernetes.io/name: calibre-server
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
@@ -1,42 +0,0 @@
|
||||
deployment:
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
image:
|
||||
repository: linuxserver/calibre
|
||||
tag: v7.5.1-ls269
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
PGID: "1001"
|
||||
PUID: "1001"
|
||||
TZ: UTC
|
||||
UMASK_SET: "022"
|
||||
CUSTOM_USER: calibre
|
||||
TITLE: Calibre Server
|
||||
NO_DECOR: true
|
||||
envFrom:
|
||||
resources:
|
||||
requests:
|
||||
memory: 256Mi
|
||||
cpu: 50m
|
||||
limits:
|
||||
memory: 1Gi
|
||||
cpu: 500m
|
||||
service:
|
||||
http:
|
||||
port: 8080
|
||||
content:
|
||||
port: 8081
|
||||
ingressRoute:
|
||||
enabled: true
|
||||
http:
|
||||
host:
|
||||
authentik:
|
||||
outpost:
|
||||
port: 9000
|
||||
persistence:
|
||||
config:
|
||||
storageClassName: default
|
||||
storageSize: 5Gi
|
||||
volumeMode: Filesystem
|
||||
books:
|
||||
claimName:
|
18
charts/cloudflared/Chart.yaml
Normal file
18
charts/cloudflared/Chart.yaml
Normal file
@@ -0,0 +1,18 @@
|
||||
apiVersion: v2
|
||||
name: cloudflared
|
||||
version: 1.18.0
|
||||
description: Cloudflared Tunnel
|
||||
keywords:
|
||||
- cloudflare
|
||||
- tunnel
|
||||
sources:
|
||||
- https://github.com/cloudflare/cloudflared
|
||||
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/library/common
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.1.2
|
||||
icon: https://avatars.githubusercontent.com/u/314135?s=48&v=4
|
||||
appVersion: "2025.6.0"
|
35
charts/cloudflared/README.md
Normal file
35
charts/cloudflared/README.md
Normal file
@@ -0,0 +1,35 @@
|
||||
# cloudflared
|
||||
|
||||
 
|
||||
|
||||
Cloudflared Tunnel
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| alexlebens | | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/cloudflare/cloudflared>
|
||||
* <https://github.com/bjw-s-labs/helm-charts/tree/main/charts/library/common>
|
||||
|
||||
## Requirements
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.1.2 |
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| existingSecretKey | string | `"cf-tunnel-token"` | Name of key that contains the token in the existingSecret |
|
||||
| existingSecretName | string | `"cloudflared-secret"` | Name of existing secret that contains Cloudflare token |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.6.1"}` | Default image |
|
||||
| name | string | `"cloudflared"` | Name override of release |
|
||||
| resources | object | `{"requests":{"cpu":"10m","memory":"128Mi"}}` | Default resources |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
41
charts/cloudflared/templates/common.yaml
Normal file
41
charts/cloudflared/templates/common.yaml
Normal file
@@ -0,0 +1,41 @@
|
||||
{{- include "bjw-s.common.loader.init" . }}
|
||||
|
||||
{{- define "cloudflared.hardcodedValues" -}}
|
||||
{{ if not .Values.global.nameOverride }}
|
||||
global:
|
||||
nameOverride: {{ .Values.name }}
|
||||
{{ end }}
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
strategy: Recreate
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: {{ .Values.image.repository }}
|
||||
tag: {{ .Values.image.tag }}
|
||||
pullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- tunnel
|
||||
- --protocol
|
||||
- http2
|
||||
- --no-autoupdate
|
||||
- run
|
||||
- --token
|
||||
- $(CF_MANAGED_TUNNEL_TOKEN)
|
||||
env:
|
||||
- name: CF_MANAGED_TUNNEL_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.existingSecretName }}
|
||||
key: {{ .Values.existingSecretKey }}
|
||||
resources:
|
||||
{{- with .Values.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 10 }}
|
||||
{{ end }}
|
||||
{{- end -}}
|
||||
{{- $_ := mergeOverwrite .Values (include "cloudflared.hardcodedValues" . | fromYaml) -}}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "bjw-s.common.loader.generate" . }}
|
20
charts/cloudflared/values.yaml
Normal file
20
charts/cloudflared/values.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
# -- Name override of release
|
||||
name: cloudflared
|
||||
|
||||
# -- Name of existing secret that contains Cloudflare token
|
||||
existingSecretName: cloudflared-secret
|
||||
|
||||
# -- Name of key that contains the token in the existingSecret
|
||||
existingSecretKey: cf-tunnel-token
|
||||
|
||||
# -- Default image
|
||||
image:
|
||||
repository: cloudflare/cloudflared
|
||||
tag: "2025.7.0"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Default resources
|
||||
resources:
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 128Mi
|
@@ -1,12 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: cops
|
||||
version: 0.0.3
|
||||
description: Chart for Calibre OPDS (and HTML) PHP Server
|
||||
keywords:
|
||||
- calibre
|
||||
- OPDS
|
||||
sources:
|
||||
- https://github.com/seblucas/cops
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
appVersion: 1.1.3
|
@@ -1,22 +0,0 @@
|
||||
## Introduction
|
||||
|
||||
[Calibre OPDS (and HTML) PHP Server](https://github.com/seblucas/cops)
|
||||
|
||||
COPS's main advantages are :
|
||||
|
||||
- No need for many dependencies.
|
||||
- No need for a lot of CPU or RAM.
|
||||
- Not much code.
|
||||
- Search is available.
|
||||
- It was fun to code.
|
||||
|
||||
This chart bootstraps a [COPS](https://github.com/seblucas/cops) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes
|
||||
- Helm
|
||||
|
||||
## Parameters
|
||||
|
||||
See the [values files](values.yaml).
|
@@ -1,82 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace | quote }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: {{ .Values.deployment.replicas }}
|
||||
strategy:
|
||||
type: {{ .Values.deployment.strategy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: {{ .Release.Name }}
|
||||
containers:
|
||||
- name: {{ .Release.Name }}
|
||||
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.http.port }}
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: cops-config
|
||||
- mountPath: /books
|
||||
name: cops-books
|
||||
resources:
|
||||
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
||||
env:
|
||||
{{- range $k,$v := .Values.deployment.env }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 5
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 5
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 5
|
||||
failureThreshold: 30
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 1
|
||||
volumes:
|
||||
- name: cops-config
|
||||
persistentVolumeClaim:
|
||||
claimName: cops-config
|
||||
- name: cops-books
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.books.claimName }}
|
@@ -1,32 +0,0 @@
|
||||
{{- if .Values.ingress.enabled }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
{{- toYaml .Values.ingress.annotations | nindent 4 }}
|
||||
spec:
|
||||
ingressClassName: {{ .Values.ingress.className }}
|
||||
tls:
|
||||
- hosts:
|
||||
- {{ .Values.ingress.host }}
|
||||
secretName: {{ .Release.Name }}-secret-tls
|
||||
rules:
|
||||
- host: {{ .Values.ingress.host }}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: {{ .Release.Name }}
|
||||
port:
|
||||
name: http
|
||||
{{- end }}
|
@@ -1,19 +0,0 @@
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: cops-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.config.storageSize }}
|
||||
storageClassName: {{ .Values.persistence.config.storageClassName }}
|
||||
volumeMode: {{ .Values.persistence.config.volumeMode }}
|
@@ -1,26 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-test-connection"
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
"helm.sh/hook": test-success
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
containers:
|
||||
- name: wget
|
||||
image: busybox
|
||||
command: ['wget']
|
||||
args: ['{{ .Release.Name }}:{{ .Values.service.http.port }}']
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
@@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
@@ -1,22 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
externalTrafficPolicy:
|
||||
ports:
|
||||
- port: {{ .Values.service.http.port }}
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
@@ -1,36 +0,0 @@
|
||||
deployment:
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
image:
|
||||
repository: linuxserver/cops
|
||||
tag: 2.3.1-ls185
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
PGID: "1000"
|
||||
PUID: "1000"
|
||||
TZ: UTC
|
||||
envFrom:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
||||
serviceAccount:
|
||||
create: true
|
||||
service:
|
||||
http:
|
||||
port: 80
|
||||
ingress:
|
||||
enabled: false
|
||||
annotations:
|
||||
className:
|
||||
host:
|
||||
persistence:
|
||||
config:
|
||||
storageClassName: default
|
||||
storageSize: 5Gi
|
||||
volumeMode: Filesystem
|
||||
books:
|
||||
claimName:
|
@@ -1,12 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: freshrss
|
||||
version: 0.0.3
|
||||
description: Chart for Freshrss
|
||||
keywords:
|
||||
- rss
|
||||
sources:
|
||||
- https://github.com/FreshRSS/FreshRSS
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/9414285?s=48&v=4
|
||||
appVersion: "1.23.1"
|
@@ -1,18 +0,0 @@
|
||||
## Introduction
|
||||
|
||||
[FreshRSS](https://github.com/FreshRSS/FreshRSS)
|
||||
|
||||
FreshRSS is a self-hosted RSS feed aggregator.
|
||||
|
||||
It is lightweight, easy to work with, powerful, and customizable.
|
||||
|
||||
This chart bootstraps a [FreshRSS](https://github.com/FreshRSS/FreshRSS) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes
|
||||
- Helm
|
||||
|
||||
## Parameters
|
||||
|
||||
See the [values files](values.yaml).
|
@@ -1,76 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace | quote }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: {{ .Values.deployment.replicas }}
|
||||
strategy:
|
||||
type: {{ .Values.deployment.strategy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: {{ .Release.Name }}
|
||||
containers:
|
||||
- name: {{ .Release.Name }}
|
||||
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.http.port }}
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- name: {{ .Release.Name }}-config
|
||||
mountPath: /config
|
||||
resources:
|
||||
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
||||
env:
|
||||
- name: LISTEN
|
||||
value: "0.0.0.0:{{ .Values.service.http.port }}"
|
||||
{{- range $k,$v := .Values.deployment.env }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
startupProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 30
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 5
|
||||
volumes:
|
||||
- name: {{ .Release.Name }}-config
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Release.Name }}-config
|
@@ -1,32 +0,0 @@
|
||||
{{- if .Values.ingress.enabled }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
{{- toYaml .Values.ingress.annotations | nindent 4 }}
|
||||
spec:
|
||||
ingressClassName: {{ .Values.ingress.className }}
|
||||
tls:
|
||||
- hosts:
|
||||
- {{ .Values.ingress.host }}
|
||||
secretName: {{ .Release.Name }}-secret-tls
|
||||
rules:
|
||||
- host: {{ .Values.ingress.host }}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: {{ .Release.Name }}
|
||||
port:
|
||||
name: http
|
||||
{{- end }}
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.config.storageSize }}
|
||||
storageClassName: {{ .Values.persistence.config.storageClassName }}
|
||||
volumeMode: {{ .Values.persistence.config.volumeMode }}
|
@@ -1,26 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-test-connection"
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
"helm.sh/hook": test-success
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
containers:
|
||||
- name: wget
|
||||
image: busybox
|
||||
command: ['wget']
|
||||
args: ['{{ .Release.Name }}:{{ .Values.service.http.port }}']
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
@@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
@@ -1,21 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: {{ .Values.service.http.port }}
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
@@ -1,33 +0,0 @@
|
||||
deployment:
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
image:
|
||||
repository: freshrss/freshrss
|
||||
tag: 1.23.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
PGID: "568"
|
||||
PUID: "568"
|
||||
TZ: UTC
|
||||
FRESHRSS_ENV: production
|
||||
envFrom:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
||||
service:
|
||||
http:
|
||||
port: 80
|
||||
ingress:
|
||||
enabled: true
|
||||
className:
|
||||
annotations:
|
||||
host:
|
||||
persistence:
|
||||
config:
|
||||
storageClassName: default
|
||||
storageSize: 5Gi
|
||||
volumeMode: Filesystem
|
18
charts/generic-device-plugin/Chart.yaml
Normal file
18
charts/generic-device-plugin/Chart.yaml
Normal file
@@ -0,0 +1,18 @@
|
||||
apiVersion: v2
|
||||
name: generic-device-plugin
|
||||
version: 0.4.0
|
||||
description: Generic Device Plugin
|
||||
keywords:
|
||||
- generic-device-plugin
|
||||
- device
|
||||
- plugin
|
||||
sources:
|
||||
- https://github.com/squat/generic-device-plugin
|
||||
- https://github.com/bjw-s/helm-charts/tree/main/charts/library/common
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://bjw-s-labs.github.io/helm-charts/
|
||||
version: 4.1.2
|
||||
appVersion: 0.2.0
|
37
charts/generic-device-plugin/README.md
Normal file
37
charts/generic-device-plugin/README.md
Normal file
@@ -0,0 +1,37 @@
|
||||
# generic-device-plugin
|
||||
|
||||
 
|
||||
|
||||
Generic Device Plugin
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| alexlebens | | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/squat/generic-device-plugin>
|
||||
* <https://github.com/bjw-s/helm-charts/tree/main/charts/library/common>
|
||||
|
||||
## Requirements
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://bjw-s-labs.github.io/helm-charts/ | common | 4.1.2 |
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| config | object | `{"data":"devices:\n - name: serial\n groups:\n - paths:\n - path: /dev/ttyUSB*\n - paths:\n - path: /dev/ttyACM*\n - paths:\n - path: /dev/tty.usb*\n - paths:\n - path: /dev/cu.*\n - paths:\n - path: /dev/cuaU*\n - paths:\n - path: /dev/rfcomm*\n - name: video\n groups:\n - paths:\n - path: /dev/video0\n - name: fuse\n groups:\n - count: 10\n paths:\n - path: /dev/fuse\n - name: audio\n groups:\n - count: 10\n paths:\n - path: /dev/snd\n - name: capture\n groups:\n - paths:\n - path: /dev/snd/controlC0\n - path: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC1\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC1D0c\n mountPath: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC2\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC2D0c\n mountPath: /dev/snd/pcmC0D0c\n - paths:\n - path: /dev/snd/controlC3\n mountPath: /dev/snd/controlC0\n - path: /dev/snd/pcmC3D0c\n mountPath: /dev/snd/pcmC0D0c\n","enabled":true}` | Config map |
|
||||
| config.data | string | See [values.yaml](./values.yaml) | generic-device-plugin config file [[ref]](https://github.com/squat/generic-device-plugin#usage) |
|
||||
| deviceDomain | string | `"squat.ai"` | Domain used by devices for identifcation |
|
||||
| image | object | `{"pullPolicy":"Always","repository":"ghcr.io/squat/generic-device-plugin","tag":"latest@sha256:d7d0951df7f11479185fd9fba1c1cb4d9c8f3232d38a5468d6fe80074f2b45d5"}` | Default image |
|
||||
| name | string | `"generic-device-plugin"` | Name override of release |
|
||||
| resources | object | `{"limit":{"cpu":"100m","memory":"20Mi"},"requests":{"cpu":"50m","memory":"10Mi"}}` | Default resources |
|
||||
| service | object | `{"listenPort":8080}` | Service port |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
82
charts/generic-device-plugin/templates/common.yaml
Normal file
82
charts/generic-device-plugin/templates/common.yaml
Normal file
@@ -0,0 +1,82 @@
|
||||
{{ include "bjw-s.common.loader.init" . }}
|
||||
|
||||
{{ define "genericDevicePlugin.hardcodedValues" }}
|
||||
{{ if not .Values.global.nameOverride }}
|
||||
global:
|
||||
nameOverride: {{ .Values.name }}
|
||||
{{ end }}
|
||||
controllers:
|
||||
main:
|
||||
type: daemonset
|
||||
pod:
|
||||
priorityClassName: system-node-critical
|
||||
tolerations:
|
||||
- operator: "Exists"
|
||||
effect: "NoExecute"
|
||||
- operator: "Exists"
|
||||
effect: "NoSchedule"
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: {{ .Values.image.repository }}
|
||||
tag: {{ .Values.image.tag }}
|
||||
pullPolicy: {{ .Values.image.pullPolicy }}
|
||||
args:
|
||||
- --config=/config/config.yaml
|
||||
env:
|
||||
- name: LISTEN
|
||||
value: :{{ .Values.service.listenPort }}
|
||||
- name: PLUGIN_DIRECTORY
|
||||
value: /var/lib/kubelet/device-plugins
|
||||
- name: DOMAIN
|
||||
value: {{ .Values.deviceDomain }}
|
||||
probes:
|
||||
liveness:
|
||||
type: HTTP
|
||||
path: /health
|
||||
readiness:
|
||||
type: HTTP
|
||||
path: /health
|
||||
startup:
|
||||
type: HTTP
|
||||
path: /health
|
||||
securityContext:
|
||||
privileged: True
|
||||
configMaps:
|
||||
config:
|
||||
enabled: {{ .Values.config.enabled }}
|
||||
data:
|
||||
config.yaml: {{ toYaml .Values.config.data | nindent 8 }}
|
||||
service:
|
||||
main:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: {{ .Values.service.listenPort }}
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
type: configMap
|
||||
name: {{ .Values.name }}-config
|
||||
device-plugins:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /var/lib/kubelet/device-plugins
|
||||
dev:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /dev
|
||||
serviceMonitor:
|
||||
main:
|
||||
serviceName: generic-device-plugin
|
||||
endpoints:
|
||||
- port: http
|
||||
scheme: http
|
||||
path: /metrics
|
||||
interval: 30s
|
||||
scrapeTimeout: 10s
|
||||
{{ end }}
|
||||
{{ $_ := mergeOverwrite .Values (include "genericDevicePlugin.hardcodedValues" . | fromYaml) }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "bjw-s.common.loader.generate" . }}
|
80
charts/generic-device-plugin/values.yaml
Normal file
80
charts/generic-device-plugin/values.yaml
Normal file
@@ -0,0 +1,80 @@
|
||||
# -- Name override of release
|
||||
name: generic-device-plugin
|
||||
|
||||
# -- Default image
|
||||
image:
|
||||
repository: ghcr.io/squat/generic-device-plugin
|
||||
tag: latest@sha256:1f779444c72c7bf06b082c44698d6268a8e642ebd9488a35c84a603087940e64
|
||||
pullPolicy: Always
|
||||
|
||||
# -- Domain used by devices for identifcation
|
||||
deviceDomain: squat.ai
|
||||
|
||||
# -- Service port
|
||||
service:
|
||||
listenPort: 8080
|
||||
|
||||
# -- Default resources
|
||||
resources:
|
||||
limit:
|
||||
cpu: 100m
|
||||
memory: 20Mi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 10Mi
|
||||
|
||||
# -- Config map
|
||||
config:
|
||||
enabled: true
|
||||
# -- generic-device-plugin config file [[ref]](https://github.com/squat/generic-device-plugin#usage)
|
||||
# @default -- See [values.yaml](./values.yaml)
|
||||
data: |
|
||||
devices:
|
||||
- name: serial
|
||||
groups:
|
||||
- paths:
|
||||
- path: /dev/ttyUSB*
|
||||
- paths:
|
||||
- path: /dev/ttyACM*
|
||||
- paths:
|
||||
- path: /dev/tty.usb*
|
||||
- paths:
|
||||
- path: /dev/cu.*
|
||||
- paths:
|
||||
- path: /dev/cuaU*
|
||||
- paths:
|
||||
- path: /dev/rfcomm*
|
||||
- name: video
|
||||
groups:
|
||||
- paths:
|
||||
- path: /dev/video0
|
||||
- name: fuse
|
||||
groups:
|
||||
- count: 10
|
||||
paths:
|
||||
- path: /dev/fuse
|
||||
- name: audio
|
||||
groups:
|
||||
- count: 10
|
||||
paths:
|
||||
- path: /dev/snd
|
||||
- name: capture
|
||||
groups:
|
||||
- paths:
|
||||
- path: /dev/snd/controlC0
|
||||
- path: /dev/snd/pcmC0D0c
|
||||
- paths:
|
||||
- path: /dev/snd/controlC1
|
||||
mountPath: /dev/snd/controlC0
|
||||
- path: /dev/snd/pcmC1D0c
|
||||
mountPath: /dev/snd/pcmC0D0c
|
||||
- paths:
|
||||
- path: /dev/snd/controlC2
|
||||
mountPath: /dev/snd/controlC0
|
||||
- path: /dev/snd/pcmC2D0c
|
||||
mountPath: /dev/snd/pcmC0D0c
|
||||
- paths:
|
||||
- path: /dev/snd/controlC3
|
||||
mountPath: /dev/snd/controlC0
|
||||
- path: /dev/snd/pcmC3D0c
|
||||
mountPath: /dev/snd/pcmC0D0c
|
15
charts/gitea-actions/Chart.yaml
Normal file
15
charts/gitea-actions/Chart.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
apiVersion: v2
|
||||
name: gitea-actions
|
||||
version: 0.2.1
|
||||
description: Gitea Actions
|
||||
keywords:
|
||||
- cicd
|
||||
- runner
|
||||
- actions
|
||||
sources:
|
||||
- https://gitea.com/gitea/helm-actions
|
||||
- https://gitea.com/gitea/act
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/100373852?s=48&v=4
|
||||
appVersion: 0.2.11
|
18
charts/gitea-actions/LICENSE
Normal file
18
charts/gitea-actions/LICENSE
Normal file
@@ -0,0 +1,18 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2025 gitea
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
|
||||
associated documentation files (the "Software"), to deal in the Software without restriction, including
|
||||
without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the
|
||||
following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all copies or substantial
|
||||
portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
|
||||
LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO
|
||||
EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
||||
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
|
||||
USE OR OTHER DEALINGS IN THE SOFTWARE.
|
54
charts/gitea-actions/README.md
Normal file
54
charts/gitea-actions/README.md
Normal file
@@ -0,0 +1,54 @@
|
||||
# gitea-actions
|
||||
|
||||
 
|
||||
|
||||
Gitea Actions
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| alexlebens | | |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://gitea.com/gitea/helm-actions>
|
||||
* <https://gitea.com/gitea/act>
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| enabled | bool | `true` | |
|
||||
| existingSecret | string | `""` | |
|
||||
| existingSecretKey | string | `""` | |
|
||||
| giteaRootURL | string | `""` | |
|
||||
| global.fullnameOverride | string | `""` | |
|
||||
| global.imageRegistry | string | `""` | |
|
||||
| global.nameOverride | string | `""` | |
|
||||
| global.storageClass | string | `""` | |
|
||||
| init.image.repository | string | `"busybox"` | |
|
||||
| init.image.tag | string | `"1.37.0"` | |
|
||||
| statefulset.actRunner.config | string | `"log:\n level: debug\ncache:\n enabled: false\n"` | |
|
||||
| statefulset.actRunner.extraVolumeMounts | list | `[]` | |
|
||||
| statefulset.actRunner.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| statefulset.actRunner.repository | string | `"gitea/act_runner"` | |
|
||||
| statefulset.actRunner.tag | string | `"0.2.11"` | |
|
||||
| statefulset.affinity | object | `{}` | |
|
||||
| statefulset.annotations | object | `{}` | |
|
||||
| statefulset.dind.extraEnvs | list | `[]` | |
|
||||
| statefulset.dind.extraVolumeMounts | list | `[]` | |
|
||||
| statefulset.dind.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| statefulset.dind.repository | string | `"docker"` | |
|
||||
| statefulset.dind.tag | string | `"25.0.2-dind"` | |
|
||||
| statefulset.extraVolumes | list | `[]` | |
|
||||
| statefulset.labels | object | `{}` | |
|
||||
| statefulset.nodeSelector | object | `{}` | |
|
||||
| statefulset.persistence.size | string | `"1Gi"` | |
|
||||
| statefulset.persistence.storageClass | string | `""` | |
|
||||
| statefulset.replicas | int | `1` | |
|
||||
| statefulset.resources | object | `{}` | |
|
||||
| statefulset.tolerations | list | `[]` | |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
102
charts/gitea-actions/templates/_helpers.tpl
Normal file
102
charts/gitea-actions/templates/_helpers.tpl
Normal file
@@ -0,0 +1,102 @@
|
||||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
|
||||
{{- define "gitea.actions.name" -}}
|
||||
{{- default .Chart.Name .Values.global.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "gitea.actions.fullname" -}}
|
||||
{{- if .Values.global.fullnameOverride -}}
|
||||
{{- .Values.global.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.global.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "gitea.actions.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Storage Class
|
||||
*/}}
|
||||
{{- define "gitea.actions.persistence.storageClass" -}}
|
||||
{{- $storageClass := (tpl ( default "" .Values.statefulset.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }}
|
||||
{{- if $storageClass }}
|
||||
storageClassName: {{ $storageClass | quote }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "gitea.actions.labels" -}}
|
||||
helm.sh/chart: {{ include "gitea.actions.chart" . }}
|
||||
app: {{ include "gitea.actions.name" . }}
|
||||
{{ include "gitea.actions.selectorLabels" . }}
|
||||
app.kubernetes.io/version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.labels.actRunner" -}}
|
||||
helm.sh/chart: {{ include "gitea.actions.chart" . }}
|
||||
app: {{ include "gitea.actions.name" . }}-act-runner
|
||||
{{ include "gitea.actions.selectorLabels.actRunner" . }}
|
||||
app.kubernetes.io/version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
version: {{ .Values.statefulset.actRunner.tag | default .Chart.AppVersion | quote }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "gitea.actions.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "gitea.actions.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.selectorLabels.actRunner" -}}
|
||||
app.kubernetes.io/name: {{ include "gitea.actions.name" . }}-act-runner
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.actions.local_root_url" -}}
|
||||
{{- .Values.giteaRootURL -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Parse the http url to hostname + port separated by space for the nc command
|
||||
*/}}
|
||||
{{- define "gitea.actions.nc" -}}
|
||||
{{- $url := include "gitea.actions.local_root_url" . | urlParse -}}
|
||||
{{- $host := get $url "host" -}}
|
||||
{{- $scheme := get $url "scheme" -}}
|
||||
{{- $port := "80" -}}
|
||||
{{- if contains ":" $host -}}
|
||||
{{- $hostAndPort := regexSplit ":" $host 2 -}}
|
||||
{{- $host = index $hostAndPort 0 -}}
|
||||
{{- $port = index $hostAndPort 1 -}}
|
||||
{{- else if eq $scheme "https" -}}
|
||||
{{- $port = "443" -}}
|
||||
{{- else if eq $scheme "http" -}}
|
||||
{{- $port = "80" -}}
|
||||
{{- end -}}
|
||||
{{- printf "%s %s" $host $port -}}
|
||||
{{- end -}}
|
15
charts/gitea-actions/templates/config-map.yaml
Normal file
15
charts/gitea-actions/templates/config-map.yaml
Normal file
@@ -0,0 +1,15 @@
|
||||
{{- if .Values.enabled }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner-config
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.actions.labels" . | nindent 4 }}
|
||||
data:
|
||||
config.yaml: |
|
||||
{{- with .Values.statefulset.actRunner.config -}}
|
||||
{{ . | nindent 4}}
|
||||
{{- end -}}
|
||||
{{- end }}
|
127
charts/gitea-actions/templates/stateful-set.yaml
Normal file
127
charts/gitea-actions/templates/stateful-set.yaml
Normal file
@@ -0,0 +1,127 @@
|
||||
{{- if .Values.enabled }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "gitea.actions.labels.actRunner" . | nindent 4 }}
|
||||
{{- with .Values.statefulset.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
{{- with .Values.statefulset.annotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
spec:
|
||||
replicas: {{ .Values.statefulset.replicas }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "gitea.actions.selectorLabels.actRunner" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "gitea.actions.labels.actRunner" . | nindent 8 }}
|
||||
{{- with .Values.statefulset.labels }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
initContainers:
|
||||
- name: init-gitea
|
||||
image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
while ! nc -z {{ include "gitea.actions.nc" . }}; do
|
||||
sleep 5
|
||||
done
|
||||
containers:
|
||||
- name: act-runner
|
||||
image: "{{ .Values.statefulset.actRunner.repository }}:{{ .Values.statefulset.actRunner.tag }}"
|
||||
imagePullPolicy: {{ .Values.statefulset.actRunner.pullPolicy }}
|
||||
workingDir: /data
|
||||
env:
|
||||
- name: DOCKER_HOST
|
||||
value: tcp://127.0.0.1:2376
|
||||
- name: DOCKER_TLS_VERIFY
|
||||
value: "1"
|
||||
- name: DOCKER_CERT_PATH
|
||||
value: /certs/server
|
||||
- name: GITEA_RUNNER_REGISTRATION_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: "{{ .Values.existingSecret | default "gitea-actions-token" }}"
|
||||
key: "{{ .Values.existingSecretKey | default "token" }}"
|
||||
- name: GITEA_INSTANCE_URL
|
||||
value: {{ include "gitea.actions.local_root_url" . }}
|
||||
- name: CONFIG_FILE
|
||||
value: /actrunner/config.yaml
|
||||
resources:
|
||||
{{- toYaml .Values.statefulset.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- mountPath: /actrunner/config.yaml
|
||||
name: act-runner-config
|
||||
subPath: config.yaml
|
||||
- mountPath: /certs/server
|
||||
name: docker-certs
|
||||
- mountPath: /data
|
||||
name: data-act-runner
|
||||
{{- with .Values.statefulset.actRunner.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
- name: dind
|
||||
image: "{{ .Values.statefulset.dind.repository }}:{{ .Values.statefulset.dind.tag }}"
|
||||
imagePullPolicy: {{ .Values.statefulset.dind.pullPolicy }}
|
||||
env:
|
||||
- name: DOCKER_HOST
|
||||
value: tcp://127.0.0.1:2376
|
||||
- name: DOCKER_TLS_VERIFY
|
||||
value: "1"
|
||||
- name: DOCKER_CERT_PATH
|
||||
value: /certs/server
|
||||
{{- if .Values.statefulset.dind.extraEnvs }}
|
||||
{{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
resources:
|
||||
{{- toYaml .Values.statefulset.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- mountPath: /certs/server
|
||||
name: docker-certs
|
||||
{{- with .Values.statefulset.dind.extraVolumeMounts }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- range $key, $value := .Values.statefulset.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.statefulset.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.statefulset.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: act-runner-config
|
||||
configMap:
|
||||
name: {{ include "gitea.actions.fullname" . }}-act-runner-config
|
||||
- name: docker-certs
|
||||
emptyDir: {}
|
||||
{{- with .Values.statefulset.extraVolumes }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: data-act-runner
|
||||
spec:
|
||||
accessModes: [ "ReadWriteOnce" ]
|
||||
{{- include "gitea.actions.persistence.storageClass" . | nindent 8 }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.statefulset.persistence.size }}
|
||||
{{- end }}
|
102
charts/gitea-actions/values.yaml
Normal file
102
charts/gitea-actions/values.yaml
Normal file
@@ -0,0 +1,102 @@
|
||||
# Configure Gitea Actions
|
||||
# - must enable persistence if the job is enabled
|
||||
## @section Gitea Actions
|
||||
#
|
||||
## @param enabled Create an act runner StatefulSet.
|
||||
## @param init.image.repository The image used for the init containers
|
||||
## @param init.image.tag The image tag used for the init containers
|
||||
## @param statefulset.annotations Act runner annotations
|
||||
## @param statefulset.labels Act runner labels
|
||||
## @param statefulset.resources Act runner resources
|
||||
## @param statefulset.nodeSelector NodeSelector for the statefulset
|
||||
## @param statefulset.tolerations Tolerations for the statefulset
|
||||
## @param statefulset.affinity Affinity for the statefulset
|
||||
## @param statefulset.extraVolumes Extra volumes for the statefulset
|
||||
## @param statefulset.actRunner.repository The Gitea act runner image
|
||||
## @param statefulset.actRunner.tag The Gitea act runner tag
|
||||
## @param statefulset.actRunner.pullPolicy The Gitea act runner pullPolicy
|
||||
## @param statefulset.actRunner.extraVolumeMounts Allows mounting extra volumes in the act runner container
|
||||
## @param statefulset.actRunner.config [default: Too complex. See values.yaml] Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details.
|
||||
## @param statefulset.dind.repository The Docker-in-Docker image
|
||||
## @param statefulset.dind.tag The Docker-in-Docker image tag
|
||||
## @param statefulset.dind.pullPolicy The Docker-in-Docker pullPolicy
|
||||
## @param statefulset.dind.extraVolumeMounts Allows mounting extra volumes in the Docker-in-Docker container
|
||||
## @param statefulset.dind.extraEnvs Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY`
|
||||
## @param statefulset.persistence.size Size for persistence to store act runner data
|
||||
## @param provisioning.enabled Create a job that will create and save the token in a Kubernetes Secret
|
||||
## @param provisioning.annotations Job's annotations
|
||||
## @param provisioning.labels Job's labels
|
||||
## @param provisioning.resources Job's resources
|
||||
## @param provisioning.nodeSelector NodeSelector for the job
|
||||
## @param provisioning.tolerations Tolerations for the job
|
||||
## @param provisioning.affinity Affinity for the job
|
||||
## @param provisioning.ttlSecondsAfterFinished ttl for the job after finished in order to allow helm to properly recognize that the job completed
|
||||
## @param provisioning.publish.repository The image that can create the secret via kubectl
|
||||
## @param provisioning.publish.tag The publish image tag that can create the secret
|
||||
## @param provisioning.publish.pullPolicy The publish image pullPolicy that can create the secret
|
||||
## @param existingSecret Secret that contains the token
|
||||
## @param existingSecretKey Secret key
|
||||
## @param giteaRootURL URL the act_runner registers and connect with
|
||||
enabled: true
|
||||
statefulset:
|
||||
replicas: 1
|
||||
annotations: {}
|
||||
labels: {}
|
||||
resources: {}
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
affinity: {}
|
||||
extraVolumes: []
|
||||
|
||||
actRunner:
|
||||
repository: gitea/act_runner
|
||||
tag: 0.2.11
|
||||
pullPolicy: IfNotPresent
|
||||
extraVolumeMounts: []
|
||||
|
||||
# See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml
|
||||
config: |
|
||||
log:
|
||||
level: debug
|
||||
cache:
|
||||
enabled: false
|
||||
|
||||
dind:
|
||||
repository: docker
|
||||
tag: 25.0.2-dind
|
||||
pullPolicy: IfNotPresent
|
||||
extraVolumeMounts: []
|
||||
|
||||
# If the container keeps crashing in your environment, you might have to add the `DOCKER_IPTABLES_LEGACY` environment variable.
|
||||
# See https://github.com/docker-library/docker/issues/463#issuecomment-1881909456
|
||||
extraEnvs:
|
||||
[]
|
||||
# - name: "DOCKER_IPTABLES_LEGACY"
|
||||
# value: "1"
|
||||
|
||||
persistence:
|
||||
storageClass: ""
|
||||
size: 1Gi
|
||||
|
||||
init:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: "1.37.0"
|
||||
|
||||
## Specify an existing token secret
|
||||
##
|
||||
existingSecret: ""
|
||||
existingSecretKey: ""
|
||||
|
||||
## Specify the root URL of the Gitea instance
|
||||
giteaRootURL: ""
|
||||
|
||||
## @section Global
|
||||
#
|
||||
## @param global.imageRegistry global image registry override
|
||||
## @param global.storageClass global storage class override
|
||||
global:
|
||||
imageRegistry: ""
|
||||
storageClass: ""
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
@@ -1,12 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: home-assistant
|
||||
version: 0.1.4
|
||||
description: Chart for Home Assistant
|
||||
keywords:
|
||||
- home-automation
|
||||
sources:
|
||||
- https://github.com/home-assistant
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/13844975?s=200&v=4
|
||||
appVersion: v2024.3.3
|
@@ -1,18 +0,0 @@
|
||||
## Introduction
|
||||
|
||||
[Home Assistant](https://www.home-assistant.io/)
|
||||
|
||||
Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts. Perfect to run on a Raspberry Pi or a local server.
|
||||
|
||||
This chart bootstraps a [Home-Assistant](https://github.com/home-assistant) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes
|
||||
- Helm
|
||||
- Traefik v2 / IngressRoute
|
||||
- Authentik / Auth
|
||||
|
||||
## Parameters
|
||||
|
||||
See the [values files](values.yaml).
|
@@ -1,98 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: home-assistant
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: {{ .Values.deployment.replicas }}
|
||||
strategy:
|
||||
type: {{ .Values.deployment.strategy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: {{ .Release.Name }}
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
- name: {{ .Release.Name }}
|
||||
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.http.port }}
|
||||
protocol: TCP
|
||||
env:
|
||||
{{- range $k,$v := .Values.deployment.env }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: home-assistant-config
|
||||
resources:
|
||||
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 3
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 10
|
||||
startupProbe:
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
initialDelaySeconds: 0
|
||||
failureThreshold: 30
|
||||
timeoutSeconds: 1
|
||||
periodSeconds: 5
|
||||
{{- if .Values.codeserver.enabled }}
|
||||
- name: codeserver
|
||||
image: "{{ .Values.codeserver.image.repository }}:{{ .Values.codeserver.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.codeserver.image.imagePullPolicy }}
|
||||
ports:
|
||||
- containerPort: {{ .Values.codeserver.service.http.port }}
|
||||
name: codeserver-http
|
||||
protocol: TCP
|
||||
env:
|
||||
{{- range $k,$v := .Values.codeserver.env }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.codeserver.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.codeserver.securityContext | nindent 12 }}
|
||||
volumeMounts:
|
||||
- mountPath: /config/home-assistant
|
||||
name: home-assistant-config
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: home-assistant-config
|
||||
persistentVolumeClaim:
|
||||
claimName: "{{ .Release.Name }}-config"
|
@@ -1,70 +0,0 @@
|
||||
{{- if .Values.ingressRoute.enabled }}
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.ingressRoute.host }}`)"
|
||||
middlewares:
|
||||
- name: "authentik-{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
priority: 10
|
||||
services:
|
||||
- kind: Service
|
||||
name: {{ .Release.Name }}
|
||||
port: {{ .Values.service.http.port }}
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
|
||||
priority: 15
|
||||
services:
|
||||
- kind: Service
|
||||
name: {{ .Values.ingressRoute.authentik.outpost }}
|
||||
port: {{ .Values.ingressRoute.authentik.port }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if and .Values.codeserver.ingressRoute.enabled .Values.codeserver.enabled }}
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-codeserver"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.codeserver.ingressRoute.host }}`)"
|
||||
middlewares:
|
||||
- name: "authentik-{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
priority: 10
|
||||
services:
|
||||
- kind: Service
|
||||
name: "{{ .Release.Name }}-codeserver"
|
||||
port: {{ .Values.codeserver.service.http.port }}
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
|
||||
priority: 15
|
||||
services:
|
||||
- kind: Service
|
||||
name: {{ .Values.ingressRoute.authentik.outpost }}
|
||||
port: {{ .Values.ingressRoute.authentik.port }}
|
||||
{{- end }}
|
@@ -1,29 +0,0 @@
|
||||
{{- if .Values.ingressRoute.enabled }}
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: "authentik-{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: auth
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: "http://{{ .Values.ingressRoute.authentik.outpost }}.authentik:{{ .Values.ingressRoute.authentik.port }}/outpost.goauthentik.io/auth/traefik"
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
||||
{{- end }}
|
@@ -1,19 +0,0 @@
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-config"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.config.storageSize }}
|
||||
storageClassName: {{ .Values.persistence.config.storageClassName }}
|
||||
volumeMode: {{ .Values.persistence.config.volumeMode }}
|
@@ -1,18 +0,0 @@
|
||||
{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
groups:
|
||||
- name: {{ .Release.Name }}
|
||||
rules:
|
||||
{{- toYaml .Values.metrics.prometheusRule.rules | nindent 8 }}
|
||||
{{- end }}
|
@@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
@@ -1,26 +0,0 @@
|
||||
{{- if .Values.metrics.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
endpoints:
|
||||
- port: http
|
||||
interval: {{ .Values.metrics.serviceMonitor.interval }}
|
||||
scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
|
||||
path: /api/prometheus
|
||||
bearerTokenSecret:
|
||||
name: {{ .Values.metrics.serviceMonitor.bearerTokenSecret.name }}
|
||||
key: {{ .Values.metrics.serviceMonitor.bearerTokenSecret.key }}
|
||||
{{- end }}
|
@@ -1,46 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: {{ .Values.service.http.port }}
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
|
||||
---
|
||||
{{- if .Values.codeserver.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-codeserver"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: {{ .Values.codeserver.service.http.port }}
|
||||
targetPort: codeserver-http
|
||||
protocol: TCP
|
||||
name: codeserver-http
|
||||
selector:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
@@ -1,74 +0,0 @@
|
||||
deployment:
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
image:
|
||||
repository: homeassistant/home-assistant
|
||||
tag: 2024.3.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
TZ: UTC
|
||||
envFrom:
|
||||
resources:
|
||||
requests:
|
||||
memory: 512Mi
|
||||
cpu: 50m
|
||||
limits:
|
||||
memory: 1Gi
|
||||
cpu: 500m
|
||||
service:
|
||||
http:
|
||||
port: 8123
|
||||
ingressRoute:
|
||||
enabled: true
|
||||
host:
|
||||
authentik:
|
||||
outpost:
|
||||
port: 9000
|
||||
metrics:
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
interval: 1m
|
||||
scrapeTimeout: 30s
|
||||
## See https://www.home-assistant.io/docs/authentication/ for where to find
|
||||
## long lived access token creation under your account profile, which is
|
||||
## needed to monitor Home Assistant
|
||||
bearerTokenSecret:
|
||||
name: ""
|
||||
key: ""
|
||||
prometheusRule:
|
||||
enabled: false
|
||||
rules:
|
||||
- alert: HomeAssistantAbsent
|
||||
annotations:
|
||||
description: Home Assistant has disappeared from Prometheus service discovery.
|
||||
summary: Home Assistant is down.
|
||||
expr: |
|
||||
absent(up{job=~".*home-assistant.*"} == 1)
|
||||
for: 5m
|
||||
labels:
|
||||
severity: critical
|
||||
persistence:
|
||||
config:
|
||||
storageClassName: default
|
||||
storageSize: 1Gi
|
||||
volumeMode: Filesystem
|
||||
codeserver:
|
||||
enabled: false
|
||||
image:
|
||||
repository: linuxserver/code-server
|
||||
tag: 4.22.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
TZ: UTC
|
||||
PUID: 1000
|
||||
PGID: 1000
|
||||
DEFAULT_WORKSPACE: /config
|
||||
envFrom:
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
service:
|
||||
http:
|
||||
port: 8443
|
||||
ingressRoute:
|
||||
enabled: false
|
||||
host:
|
@@ -1,12 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: homepage
|
||||
version: 0.0.9
|
||||
description: Chart for benphelps homepage
|
||||
keywords:
|
||||
- dashboard
|
||||
sources:
|
||||
- https://github.com/gethomepage/homepage
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://github.com/benphelps/homepage/blob/de584eae8f12a0d257e554e9511ef19bd2a1232c/public/mstile-150x150.png
|
||||
appVersion: v0.8.10
|
@@ -1,18 +0,0 @@
|
||||
## Introduction
|
||||
|
||||
[Homepage](https://github.com/benphelps/homepage)
|
||||
|
||||
A modern (fully static, fast), secure (fully proxied), highly customizable application dashboard with integrations for more than 25 services and translations for over 15 languages. Easily configured via YAML files (or discovery via docker labels).
|
||||
|
||||
This chart bootstraps a [Homepage](https://github.com/benphelps/homepage) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes
|
||||
- Helm
|
||||
- Traefik v2 / IngressRoute
|
||||
- Authentik / Auth
|
||||
|
||||
## Parameters
|
||||
|
||||
See the [values files](values.yaml).
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: homepage
|
||||
namespace: {{ .Release.Namespace }}
|
@@ -1,51 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- namespaces
|
||||
- pods
|
||||
- nodes
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- extensions
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingresses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- traefik.containo.us
|
||||
- traefik.io
|
||||
resources:
|
||||
- ingressroutes
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- metrics.k8s.io
|
||||
resources:
|
||||
- nodes
|
||||
- pods
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- apiextensions.k8s.io
|
||||
resources:
|
||||
- customresourcedefinitions/status
|
||||
verbs:
|
||||
- get
|
@@ -1,36 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: homepage-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: homepage
|
||||
data:
|
||||
bookmarks.yaml: {{- if .Values.config.bookmarks }} |
|
||||
{{- .Values.config.bookmarks | toYaml | nindent 4}}
|
||||
{{- else }} ""
|
||||
{{- end }}
|
||||
docker.yaml: {{- if .Values.config.docker }} |
|
||||
{{- .Values.config.docker | toYaml | nindent 4 }}
|
||||
{{- else }} ""
|
||||
{{- end }}
|
||||
kubernetes.yaml: {{- if .Values.config.kubernetes }} |
|
||||
{{- .Values.config.kubernetes | toYaml | nindent 4 }}
|
||||
{{- else }} ""
|
||||
{{- end }}
|
||||
services.yaml: {{- if .Values.config.services }} |
|
||||
{{- .Values.config.services | toYaml | nindent 4 }}
|
||||
{{- else }} ""
|
||||
{{- end }}
|
||||
settings.yaml: {{- if .Values.config.settings }} |
|
||||
{{- .Values.config.settings | toYaml | nindent 4 }}
|
||||
{{- else }} ""
|
||||
{{- end }}
|
||||
widgets.yaml: {{- if .Values.config.widgets }} |
|
||||
{{- .Values.config.widgets | toYaml | nindent 4 }}
|
||||
{{- else }} ""
|
||||
{{- end }}
|
@@ -1,95 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: homepage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: homepage
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: {{ .Values.deployment.replicas }}
|
||||
strategy:
|
||||
type: {{ .Values.deployment.strategy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: homepage
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
- name: {{ .Release.Name }}
|
||||
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: {{ .Values.service.http.port }}
|
||||
protocol: TCP
|
||||
env:
|
||||
{{- range $k,$v := .Values.deployment.env }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: homepage-config
|
||||
subPath: bookmarks.yaml
|
||||
mountPath: /app/config/bookmarks.yaml
|
||||
- name: homepage-config
|
||||
subPath: docker.yaml
|
||||
mountPath: /app/config/docker.yaml
|
||||
- name: homepage-config
|
||||
subPath: kubernetes.yaml
|
||||
mountPath: /app/config/kubernetes.yaml
|
||||
- name: homepage-config
|
||||
subPath: services.yaml
|
||||
mountPath: /app/config/services.yaml
|
||||
- name: homepage-config
|
||||
subPath: settings.yaml
|
||||
mountPath: /app/config/settings.yaml
|
||||
- name: homepage-config
|
||||
subPath: widgets.yaml
|
||||
mountPath: /app/config/widgets.yaml
|
||||
- name: logs
|
||||
mountPath: /app/config/logs
|
||||
resources:
|
||||
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
||||
livenessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 0
|
||||
periodSeconds: 10
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
timeoutSeconds: 1
|
||||
readinessProbe:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 0
|
||||
periodSeconds: 10
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
timeoutSeconds: 1
|
||||
startupProbe:
|
||||
failureThreshold: 30
|
||||
initialDelaySeconds: 0
|
||||
periodSeconds: 5
|
||||
tcpSocket:
|
||||
port: {{ .Values.service.http.port }}
|
||||
timeoutSeconds: 1
|
||||
volumes:
|
||||
- name: homepage-config
|
||||
configMap:
|
||||
name: homepage-config
|
||||
- name: logs
|
||||
emptyDir: {}
|
@@ -1,32 +0,0 @@
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: homepage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: homepage
|
||||
spec:
|
||||
entryPoints:
|
||||
- websecure
|
||||
routes:
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.ingressRoute.host }}`)"
|
||||
middlewares:
|
||||
- name: "authentik-{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
priority: 10
|
||||
services:
|
||||
- kind: Service
|
||||
name: homepage
|
||||
port: {{ .Values.service.http.port }}
|
||||
- kind: Rule
|
||||
match: "Host(`{{ .Values.ingressRoute.host }}`) && PathPrefix(`/outpost.goauthentik.io/`)"
|
||||
priority: 15
|
||||
services:
|
||||
- kind: Service
|
||||
name: {{ .Values.ingressRoute.authentik.outpost }}
|
||||
port: {{ .Values.ingressRoute.authentik.port }}
|
@@ -1,27 +0,0 @@
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: "authentik-{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ .Release.Name }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: auth
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: "http://{{ .Values.ingressRoute.authentik.outpost }}.authentik:{{ .Values.ingressRoute.authentik.port }}/outpost.goauthentik.io/auth/traefik"
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
@@ -1,14 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: kubernetes.io/service-account-token
|
||||
metadata:
|
||||
name: "{{ .Release.Name }}-sa-token"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: homepage
|
||||
annotations:
|
||||
kubernetes.io/service-account.name: homepage
|
@@ -1,13 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: homepage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: homepage
|
||||
secrets:
|
||||
- name: "{{ .Release.Name }}-sa-token"
|
@@ -1,21 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: homepage
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: homepage
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: {{ .Values.service.http.port }}
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
selector:
|
||||
app.kubernetes.io/name: homepage
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
@@ -1,32 +0,0 @@
|
||||
deployment:
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
image:
|
||||
repository: ghcr.io/gethomepage/homepage
|
||||
tag: v0.8.10
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
envFrom:
|
||||
resources:
|
||||
requests:
|
||||
memory: 256Mi
|
||||
cpu: 50m
|
||||
limits:
|
||||
memory: 512Mi
|
||||
cpu: 500m
|
||||
service:
|
||||
http:
|
||||
port: 3000
|
||||
ingressRoute:
|
||||
host:
|
||||
authentik:
|
||||
outpost:
|
||||
port: 9000
|
||||
config:
|
||||
bookmarks:
|
||||
services:
|
||||
widgets:
|
||||
kubernetes:
|
||||
mode: cluster
|
||||
docker:
|
||||
settings:
|
@@ -1,13 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: kubelet-serving-cert-approver
|
||||
version: 0.0.4
|
||||
description: Kubelet Serving TLS Certificate Signing Request Approver
|
||||
keywords:
|
||||
- kubernetes
|
||||
- certificate
|
||||
sources:
|
||||
- https://github.com/alex1989hu/kubelet-serving-cert-approver
|
||||
- https://github.com/alexlebens/helm-charts/charts/homepage
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
appVersion: 0.8.1
|
@@ -1,16 +0,0 @@
|
||||
## Introduction
|
||||
|
||||
[Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver)
|
||||
|
||||
Kubelet Serving Certificate Approver is a custom approving controller which approves kubernetes.io/kubelet-serving Certificate Signing Request that kubelet use to serve TLS endpoints.
|
||||
|
||||
This chart bootstraps a [Kubelet Serving Certificate Approver](https://github.com/alex1989hu/kubelet-serving-cert-approver) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes
|
||||
- Helm
|
||||
|
||||
## Parameters
|
||||
|
||||
See the [values files](values.yaml).
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: kubelet-serving-cert-approver
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/part-of: kubelet-serving-cert-approver
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: "certificates:{{ .Release.Name }}"
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
@@ -1,61 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: "certificates:{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/part-of: kubelet-serving-cert-approver
|
||||
rules:
|
||||
- apiGroups:
|
||||
- certificates.k8s.io
|
||||
resources:
|
||||
- certificatesigningrequests
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- certificates.k8s.io
|
||||
resources:
|
||||
- certificatesigningrequests/approval
|
||||
verbs:
|
||||
- update
|
||||
- apiGroups:
|
||||
- authorization.k8s.io
|
||||
resources:
|
||||
- subjectaccessreviews
|
||||
verbs:
|
||||
- create
|
||||
- apiGroups:
|
||||
- certificates.k8s.io
|
||||
resourceNames:
|
||||
- kubernetes.io/kubelet-serving
|
||||
resources:
|
||||
- signers
|
||||
verbs:
|
||||
- approve
|
||||
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: "events:{{ .Release.Name }}"
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/part-of: kubelet-serving-cert-approverv
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- events
|
||||
verbs:
|
||||
- create
|
||||
- patch
|
@@ -1,88 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: kubelet-serving-cert-approver
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/part-of: kubelet-serving-cert-approver
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: {{ .Values.deployment.replicas }}
|
||||
strategy:
|
||||
type: {{ .Values.deployment.strategy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- preference:
|
||||
matchExpressions:
|
||||
- key: node-role.kubernetes.io/master
|
||||
operator: DoesNotExist
|
||||
- key: node-role.kubernetes.io/control-plane
|
||||
operator: DoesNotExist
|
||||
weight: 100
|
||||
containers:
|
||||
- name: {{ .Release.Name }}
|
||||
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: health
|
||||
- containerPort: 9090
|
||||
name: metrics
|
||||
args:
|
||||
- serve
|
||||
env:
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
resources:
|
||||
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: health
|
||||
initialDelaySeconds: 6
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /readyz
|
||||
port: health
|
||||
initialDelaySeconds: 3
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
privileged: false
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
priorityClassName: {{ .Values.deployment.priorityClassName }}
|
||||
securityContext:
|
||||
fsGroup: 65534
|
||||
runAsGroup: 65534
|
||||
runAsUser: 65534
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
serviceAccountName: kubelet-serving-cert-approver
|
||||
tolerations:
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
operator: Exists
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/control-plane
|
||||
operator: Exists
|
@@ -1,10 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: kubelet-serving-cert-approver
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
pod-security.kubernetes.io/audit: restricted
|
||||
pod-security.kubernetes.io/enforce: restricted
|
||||
pod-security.kubernetes.io/warn: restricted
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: "events:{{ .Release.Name }}"
|
||||
namespace: default
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/part-of: kubelet-serving-cert-approver
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: "events:{{ .Release.Name }}"
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: kubelet-serving-cert-approver
|
||||
namespace: {{ .Release.Name }}
|
@@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: kubelet-serving-cert-approver
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/part-of: kubelet-serving-cert-approver
|
@@ -1,20 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: kubelet-serving-cert-approver
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: server
|
||||
app.kubernetes.io/part-of: kubelet-serving-cert-approver
|
||||
spec:
|
||||
ports:
|
||||
- name: metrics
|
||||
port: 9090
|
||||
protocol: TCP
|
||||
targetPort: metrics
|
||||
selector:
|
||||
app.kubernetes.io/name: kubelet-serving-cert-approver
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
@@ -1,15 +0,0 @@
|
||||
deployment:
|
||||
replicas: 1
|
||||
strategy: Recreate
|
||||
priorityClassName: system-cluster-critical
|
||||
image:
|
||||
repository: ghcr.io/alex1989hu/kubelet-serving-cert-approver
|
||||
tag: main
|
||||
imagePullPolicy: Always
|
||||
resources:
|
||||
limits:
|
||||
cpu: 250m
|
||||
memory: 32Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 16Mi
|
@@ -1,13 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: libation
|
||||
version: 0.0.6
|
||||
description: Import library from audible
|
||||
keywords:
|
||||
- audiobooks
|
||||
- job
|
||||
sources:
|
||||
- https://github.com/rmcrackan/Libation
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://getlibation.com/images/libation-logo.png
|
||||
appVersion: "11.1.0"
|
@@ -1,18 +0,0 @@
|
||||
## Introduction
|
||||
|
||||
[Libation](https://github.com/rmcrackan/Libation)
|
||||
|
||||
Libation: Liberate your Library. Import library from audible, including cover art
|
||||
|
||||
|
||||
This chart bootstraps a [Libation](https://github.com/benphelps/homepage) CronJob on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
- Kubernetes
|
||||
- Helm
|
||||
- CronJob
|
||||
|
||||
## Parameters
|
||||
|
||||
See the [values files](values.yaml).
|
@@ -1,39 +0,0 @@
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: libation
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: libation
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: job
|
||||
app.kubernetes.io/part-of: libation
|
||||
spec:
|
||||
schedule: {{ .Values.job.schedule }}
|
||||
successfulJobsHistoryLimit: 3
|
||||
failedJobsHistoryLimit: 3
|
||||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
containers:
|
||||
- name: libation
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
env:
|
||||
- name: SLEEP_TIME
|
||||
value: "-1"
|
||||
volumeMounts:
|
||||
- name: libation-config
|
||||
mountPath: /config
|
||||
- name: libation-books
|
||||
mountPath: /data
|
||||
volumes:
|
||||
- name: libation-config
|
||||
persistentVolumeClaim:
|
||||
claimName: libation-config
|
||||
- name: libation-books
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ .Values.persistence.books.claimName }}
|
@@ -1,19 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: libation-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: libation
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: storage
|
||||
app.kubernetes.io/part-of: libation
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.config.storageSize }}
|
||||
storageClassName: {{ .Values.persistence.config.storageClassName }}
|
||||
volumeMode: {{ .Values.persistence.config.volumeMode }}
|
@@ -1,13 +0,0 @@
|
||||
job:
|
||||
schedule: "0 * * * *"
|
||||
image:
|
||||
repository: rmcrackan/libation
|
||||
tag: "11.1.0"
|
||||
pullPolicy: IfNotPresent
|
||||
persistence:
|
||||
config:
|
||||
storageClassName: default
|
||||
storageSize: 1Gi
|
||||
volumeMode: Filesystem
|
||||
books:
|
||||
claimName:
|
@@ -1,14 +0,0 @@
|
||||
apiVersion: v2
|
||||
name: matrix-hookshot
|
||||
version: 0.0.7
|
||||
description: Chart for Matrix Hookshot
|
||||
keywords:
|
||||
- matrix
|
||||
- matrix-hookshot
|
||||
- webhook
|
||||
sources:
|
||||
- https://github.com/matrix-org/matrix-hookshot
|
||||
maintainers:
|
||||
- name: alexlebens
|
||||
icon: https://avatars.githubusercontent.com/u/8418310?s=48&v=4
|
||||
appVersion: "5.2.1"
|
@@ -1,43 +0,0 @@
|
||||
{{/*
|
||||
Helper for secret name
|
||||
*/}}
|
||||
{{- define "hookshot.secretName" -}}
|
||||
{{- if .Values.hookshot.existingSecret }}
|
||||
{{- printf "%s" .Values.hookshot.existingSecret -}}
|
||||
{{- else }}
|
||||
{{- printf "matrix-hookshot-config-secret" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Helper for registration secret name
|
||||
*/}}
|
||||
{{- define "hookshot.registrationSecretName" -}}
|
||||
{{- if .Values.hookshot.existingRegistrationSecret }}
|
||||
{{- printf "%s" .Values.hookshot.existingRegistrationSecret -}}
|
||||
{{- else }}
|
||||
{{- printf "matrix-hookshot-registration-secret" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Helper for passkey secret name
|
||||
*/}}
|
||||
{{- define "hookshot.passkeySecretName" -}}
|
||||
{{- if .Values.hookshot.existingPasskeySecret }}
|
||||
{{- printf "%s" .Values.hookshot.existingPasskeySecret -}}
|
||||
{{- else }}
|
||||
{{- printf "matrix-hookshot-passkey-secret" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Helper for passkey file name
|
||||
*/}}
|
||||
{{- define "hookshot.passFile" -}}
|
||||
{{- if .Values.hookshot.config.passFile }}
|
||||
{{- printf "%s" .Values.hookshot.config.passFile -}}
|
||||
{{- else }}
|
||||
{{- printf "passkey.pem" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
@@ -1,76 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: matrix-hookshot
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
spec:
|
||||
revisionHistoryLimit: 3
|
||||
replicas: {{ .Values.deployment.replicas }}
|
||||
strategy:
|
||||
type: {{ .Values.deployment.strategy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: matrix-hookshot
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: {{ .Release.Name }}
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
- name: matrix-hookshot
|
||||
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
||||
ports:
|
||||
- name: webhook
|
||||
containerPort: {{ .Values.service.webhook.port }}
|
||||
protocol: TCP
|
||||
- name: metrics
|
||||
containerPort: {{ .Values.service.metrics.port }}
|
||||
protocol: TCP
|
||||
- name: appservice
|
||||
containerPort: {{ .Values.service.appservice.port }}
|
||||
protocol: TCP
|
||||
env:
|
||||
{{- range $k,$v := .Values.deployment.env }}
|
||||
- name: {{ $k }}
|
||||
value: {{ $v | quote }}
|
||||
{{- end }}
|
||||
{{- with .Values.deployment.envFrom }}
|
||||
envFrom:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /data/config.yml
|
||||
subPath: config.yml
|
||||
readOnly: true
|
||||
- name: registration
|
||||
mountPath: /data/registration.yml
|
||||
subPath: registration.yml
|
||||
readOnly: true
|
||||
- name: passkey
|
||||
mountPath: "/data/{{ template "hookshot.passFile" . }}"
|
||||
subPath: {{ template "hookshot.passFile" . }}
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: config
|
||||
secret:
|
||||
secretName: {{ template "hookshot.secretName" . }}
|
||||
- name: registration
|
||||
secret:
|
||||
secretName: {{ template "hookshot.registrationSecretName" . }}
|
||||
- name: passkey
|
||||
secret:
|
||||
secretName: {{ template "hookshot.passkeySecretName" . }}
|
@@ -1,66 +0,0 @@
|
||||
{{- if .Values.ingress.webhook.enabled }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: matrix-hookshot-webhook
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot-webhook
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
{{- toYaml .Values.ingress.webhook.annotations | nindent 4 }}
|
||||
spec:
|
||||
ingressClassName: {{ .Values.ingress.webhook.className }}
|
||||
tls:
|
||||
- hosts:
|
||||
- {{ .Values.ingress.webhook.host }}
|
||||
secretName: {{ .Release.Name }}-webhook-secret-tls
|
||||
rules:
|
||||
- host: {{ .Values.ingress.webhook.host }}
|
||||
http:
|
||||
paths:
|
||||
- path: /webhook/
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: {{ .Release.Name }}
|
||||
port:
|
||||
name: webhook
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if .Values.ingress.appservice.enabled }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: matrix-hookshot-appservice
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot-appservice
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
{{- toYaml .Values.ingress.appservice.annotations | nindent 4 }}
|
||||
spec:
|
||||
ingressClassName: {{ .Values.ingress.appservice.className }}
|
||||
tls:
|
||||
- hosts:
|
||||
- {{ .Values.ingress.appservice.host }}
|
||||
secretName: {{ .Release.Name }}-appservice-secret-tls
|
||||
rules:
|
||||
- host: {{ .Values.ingress.appservice.host }}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: {{ .Release.Name }}
|
||||
port:
|
||||
name: appservice
|
||||
{{- end }}
|
@@ -1,26 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: matrix-hookshot-test-connection
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot-test-connection
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
annotations:
|
||||
"helm.sh/hook": test-success
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
containers:
|
||||
- name: wget
|
||||
image: busybox
|
||||
command: ['wget']
|
||||
args: ['matrix-hookshot:{{ .Values.service.webhook.port }}']
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 50m
|
||||
memory: 256Mi
|
@@ -1,52 +0,0 @@
|
||||
{{- if not .Values.hookshot.existingSecret }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: matrix-hookshot-config-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot-config
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
data:
|
||||
config.yml: |
|
||||
{{ toYaml .Values.hookshot.config | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if not .Values.hookshot.existingRegistrationSecret }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: matrix-hookshot-registration-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot-registration
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
data:
|
||||
registration.yml: |
|
||||
{{ toYaml .Values.hookshot.registration | indent 4 }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if not .Values.hookshot.existingPasskeySecret }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: matrix-hookshot-passkey-secret
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot-passkey
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
data:
|
||||
{{ .Values.hookshot.config.passFile }}: |
|
||||
{{ toYaml .Values.hookshot.passkey | indent 4 }}
|
||||
{{- end }}
|
@@ -1,11 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: matrix-hookshot
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix-hookshot
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
||||
app.kubernetes.io/component: web
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user