Compare commits
8 Commits
volsync-ta
...
cloudflare
| Author | SHA1 | Date | |
|---|---|---|---|
| de71b388ca | |||
| 96fb5c3dfa | |||
| d30d351058 | |||
| cd7a9d2a04 | |||
| e25d09a69b | |||
| 9fd28d1a54 | |||
| 308ad1e7c4 | |||
| 6e97b34c88 |
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: cloudflared
|
||||
version: 1.23.2
|
||||
version: 2.1.1
|
||||
description: Cloudflared Tunnel
|
||||
keywords:
|
||||
- cloudflare
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# cloudflared
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Cloudflared Tunnel
|
||||
|
||||
@@ -25,11 +25,14 @@ Cloudflared Tunnel
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| existingSecretKey | string | `"cf-tunnel-token"` | Name of key that contains the token in the existingSecret |
|
||||
| existingSecretName | string | `"cloudflared-secret"` | Name of existing secret that contains Cloudflare token |
|
||||
| image | object | `{"pullPolicy":"IfNotPresent","repository":"cloudflare/cloudflared","tag":"2025.11.1"}` | Default image |
|
||||
| name | string | `"cloudflared"` | Name override of release |
|
||||
| name | string | `"rgw"` | Name override of release |
|
||||
| resources | object | `{"requests":{"cpu":"10m","memory":"128Mi"}}` | Default resources |
|
||||
| secret | object | `{"existingSecret":{"key":"cf-tunnel-token","name":"cloudflared-secret"},"externalSecret":{"additionalLabels":{},"enabled":true,"nameOverride":"","store":{"name":"vault","path":"/cloudflare/tunnels","property":"token"}}}` | Secret configuration |
|
||||
| secret.existingSecret | object | `{"key":"cf-tunnel-token","name":"cloudflared-secret"}` | Name of existing secret that contains Cloudflare token |
|
||||
| secret.externalSecret | object | `{"additionalLabels":{},"enabled":true,"nameOverride":"","store":{"name":"vault","path":"/cloudflare/tunnels","property":"token"}}` | External Secret configuration |
|
||||
| secret.externalSecret.additionalLabels | object | `{}` | Add additional labels |
|
||||
| secret.externalSecret.store | object | `{"name":"vault","path":"/cloudflare/tunnels","property":"token"}` | Cluster store config |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
|
||||
82
charts/cloudflared/templates/_helpers.tpl
Normal file
82
charts/cloudflared/templates/_helpers.tpl
Normal file
@@ -0,0 +1,82 @@
|
||||
{{/*
|
||||
Generate the root name
|
||||
*/}}
|
||||
{{- define "cloudflared.name" -}}
|
||||
{{- if .Values.name }}
|
||||
{{- printf "%s-cloudflared" .Values.name -}}
|
||||
{{- else }}
|
||||
{{- printf "cloudflared" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Generate the secret name
|
||||
*/}}
|
||||
{{- define "secret.name" -}}
|
||||
{{- if .Values.secret.externalSecret.enabled }}
|
||||
{{- if .Values.secret.externalSecret.nameOverride }}
|
||||
{{- .Values.secret.externalSecret.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-secret" (include "cloudflared.name" .) -}}
|
||||
{{- end }}
|
||||
{{- else if .Values.secret.existingSecret.name }}
|
||||
{{- printf "%s" .Values.secret.existingSecret.name -}}
|
||||
{{- else }}
|
||||
{{ fail "No Secret Name Found!" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Generate the name of the secret key
|
||||
*/}}
|
||||
{{- define "secret.key" -}}
|
||||
{{- if .Values.secret.externalSecret.enabled }}
|
||||
{{- printf "cf-tunnel-token" -}}
|
||||
{{- else if .Values.secret.existingSecret.key }}
|
||||
{{- printf "%s" .Values.secret.existingSecret.key -}}
|
||||
{{- else }}
|
||||
{{ fail "No Secret Key Found!" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Generate path in the secret store
|
||||
*/}}
|
||||
{{- define "secret.path" -}}
|
||||
{{- if and (.Values.secret.externalSecret.enabled) (.Values.secret.externalSecret.store.path) }}
|
||||
{{- printf "%s/%s" .Values.secret.externalSecret.store.path .Release.Name -}}
|
||||
{{- else }}
|
||||
{{ fail "No Secret Store Path Found!" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "secret.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "secret.labels" -}}
|
||||
helm.sh/chart: {{ include "secret.chart" $ }}
|
||||
{{ include "secret.selectorLabels" $ }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.Version | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/name: {{ include "secret.name" . }}
|
||||
{{- with .Values.secret.externalSecret.additionalLabels }}
|
||||
{{ toYaml . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "secret.selectorLabels" -}}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
app.kubernetes.io/part-of: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
@@ -1,10 +1,9 @@
|
||||
{{- include "bjw-s.common.loader.init" . }}
|
||||
|
||||
{{- define "cloudflared.hardcodedValues" -}}
|
||||
{{ if not .Values.global.nameOverride }}
|
||||
global:
|
||||
nameOverride: {{ .Values.name }}
|
||||
{{ end }}
|
||||
nameOverride: {{ include "cloudflared.name" . }}
|
||||
fullNameOverride: {{ include "cloudflared.name" . }}
|
||||
controllers:
|
||||
main:
|
||||
type: deployment
|
||||
@@ -27,8 +26,8 @@ controllers:
|
||||
- name: CF_MANAGED_TUNNEL_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.existingSecretName }}
|
||||
key: {{ .Values.existingSecretKey }}
|
||||
name: {{ include "secret.name" . }}
|
||||
key: {{ include "secret.key" . }}
|
||||
resources:
|
||||
{{- with .Values.resources }}
|
||||
resources:
|
||||
|
||||
23
charts/cloudflared/templates/external-secret.yaml
Normal file
23
charts/cloudflared/templates/external-secret.yaml
Normal file
@@ -0,0 +1,23 @@
|
||||
{{- if .Values.secret.externalSecret.enabled }}
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-{{ include "secret.name" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "secret.labels" . | nindent 4 }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: ClusterSecretStore
|
||||
name: {{ .Values.secret.externalSecret.store.name | required "External Secret store name is required" }}
|
||||
data:
|
||||
- secretKey: {{ include "secret.key" . }}
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
key: {{ include "secret.path" . }}
|
||||
metadataPolicy: None
|
||||
property: {{ .Values.secret.externalSecret.store.property | required "External Secret store property is required" }}
|
||||
|
||||
{{- end }}
|
||||
@@ -1,11 +1,27 @@
|
||||
# -- Name override of release
|
||||
name: cloudflared
|
||||
name: "rgw"
|
||||
|
||||
# -- Secret configuration
|
||||
secret:
|
||||
|
||||
# -- External Secret configuration
|
||||
externalSecret:
|
||||
enabled: true
|
||||
nameOverride: ""
|
||||
|
||||
# -- Cluster store config
|
||||
store:
|
||||
name: vault
|
||||
path: /cloudflare/tunnels
|
||||
property: token
|
||||
|
||||
# -- Add additional labels
|
||||
additionalLabels: {}
|
||||
|
||||
# -- Name of existing secret that contains Cloudflare token
|
||||
existingSecretName: cloudflared-secret
|
||||
|
||||
# -- Name of key that contains the token in the existingSecret
|
||||
existingSecretKey: cf-tunnel-token
|
||||
existingSecret:
|
||||
name: cloudflared-secret
|
||||
key: cf-tunnel-token
|
||||
|
||||
# -- Default image
|
||||
image:
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: volsync-target
|
||||
version: 0.4.0
|
||||
version: 0.6.0
|
||||
description: Volsync Replication set to target specific PVC with preconfigured settings
|
||||
keywords:
|
||||
- volsync-target
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# volsync-target
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
Volsync Replication set to target specific PVC with preconfigured settings
|
||||
|
||||
@@ -20,23 +20,23 @@ Volsync Replication set to target specific PVC with preconfigured settings
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| additionalLabels | object | `{}` | Add additional labels |
|
||||
| external | object | `{"enabled":true,"externalSecret":{"credentialPath":"/digital-ocean/home-infra/volsync-backups","volsyncPath":"/volsync/restic/digital-ocean"},"restic":{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":3,"hourly":1,"monthly":2,"weekly":2,"yearly":4},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"},"schedule":"0 4 * * *"}` | External backup configuration |
|
||||
| external | object | `{"enabled":true,"externalSecret":{"credentialPath":"/digital-ocean/home-infra/volsync-backups","volsyncPath":"/volsync/restic/digital-ocean"},"restic":{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":7,"hourly":0,"monthly":3,"weekly":4,"yearly":1},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"},"schedule":"0 9 * * *"}` | External backup configuration |
|
||||
| external.externalSecret | object | `{"credentialPath":"/digital-ocean/home-infra/volsync-backups","volsyncPath":"/volsync/restic/digital-ocean"}` | External Secret configuration |
|
||||
| external.restic | object | `{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":3,"hourly":1,"monthly":2,"weekly":2,"yearly":4},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"}` | Backup configuration, inserted directly into the yaml |
|
||||
| external.schedule | string | `"0 4 * * *"` | 5 character cron schedule |
|
||||
| external.restic | object | `{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":7,"hourly":0,"monthly":3,"weekly":4,"yearly":1},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"}` | Backup configuration, inserted directly into the yaml |
|
||||
| external.schedule | string | `"0 9 * * *"` | 5 character cron schedule |
|
||||
| externalSecrets | object | `{"enabled":true}` | Use external secrets |
|
||||
| local | object | `{"enabled":true,"externalSecret":{"credentialPath":"/garage/home-infra/volsync-backups","volsyncPath":"/volsync/restic/garage-local"},"restic":{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":3,"hourly":1,"monthly":2,"weekly":2,"yearly":4},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"},"schedule":"0 2 * * *"}` | Local backup configuration |
|
||||
| local | object | `{"enabled":true,"externalSecret":{"credentialPath":"/garage/home-infra/volsync-backups","volsyncPath":"/volsync/restic/garage-local"},"restic":{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":7,"hourly":0,"monthly":3,"weekly":4,"yearly":1},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"},"schedule":"0 8 * * *"}` | Local backup configuration |
|
||||
| local.externalSecret | object | `{"credentialPath":"/garage/home-infra/volsync-backups","volsyncPath":"/volsync/restic/garage-local"}` | External Secret configuration |
|
||||
| local.restic | object | `{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":3,"hourly":1,"monthly":2,"weekly":2,"yearly":4},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"}` | Backup configuration, inserted directly into the yaml |
|
||||
| local.schedule | string | `"0 2 * * *"` | 5 character cron schedule |
|
||||
| local.restic | object | `{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":7,"hourly":0,"monthly":3,"weekly":4,"yearly":1},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"}` | Backup configuration, inserted directly into the yaml |
|
||||
| local.schedule | string | `"0 8 * * *"` | 5 character cron schedule |
|
||||
| moverSecurityContext | object | `{}` | Glocal security context for restic mover |
|
||||
| nameOverride | string | `""` | Default pattern follows <pvcTarget>-backup |
|
||||
| namespaceOverride | string | `""` | Override the namespace of the chart |
|
||||
| pvcTarget | string | `"data"` | Name of the PVC target |
|
||||
| remote | object | `{"enabled":true,"externalSecret":{"credentialPath":"/garage/home-infra/volsync-backups","volsyncPath":"/volsync/restic/garage-remote"},"restic":{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":3,"hourly":1,"monthly":2,"weekly":2,"yearly":4},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"},"schedule":"0 3 * * *"}` | Remote backup configuration |
|
||||
| remote | object | `{"enabled":true,"externalSecret":{"credentialPath":"/garage/home-infra/volsync-backups","volsyncPath":"/volsync/restic/garage-remote"},"restic":{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":7,"hourly":0,"monthly":3,"weekly":4,"yearly":1},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"},"schedule":"0 10 * * *"}` | Remote backup configuration |
|
||||
| remote.externalSecret | object | `{"credentialPath":"/garage/home-infra/volsync-backups","volsyncPath":"/volsync/restic/garage-remote"}` | External Secret configuration |
|
||||
| remote.restic | object | `{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":3,"hourly":1,"monthly":2,"weekly":2,"yearly":4},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"}` | Backup configuration, inserted directly into the yaml |
|
||||
| remote.schedule | string | `"0 3 * * *"` | 5 character cron schedule |
|
||||
| remote.restic | object | `{"cacheCapacity":"1Gi","copyMethod":"Snapshot","pruneIntervalDays":7,"repository":"","retain":{"daily":7,"hourly":0,"monthly":3,"weekly":4,"yearly":1},"storageClassName":"ceph-block","volumeSnapshotClassName":"ceph-blockpool-snapshot"}` | Backup configuration, inserted directly into the yaml |
|
||||
| remote.schedule | string | `"0 10 * * *"` | 5 character cron schedule |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
|
||||
@@ -25,7 +25,7 @@ spec:
|
||||
{{- if .Values.moverSecurityContext }}
|
||||
moverSecurityContext:
|
||||
{{- with .Values.moverSecurityContext }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
copyMethod: {{ .Values.local.restic.copyMethod }}
|
||||
@@ -61,7 +61,7 @@ spec:
|
||||
{{- if .Values.moverSecurityContext }}
|
||||
moverSecurityContext:
|
||||
{{- with .Values.moverSecurityContext }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
copyMethod: {{ .Values.remote.restic.copyMethod }}
|
||||
@@ -97,7 +97,7 @@ spec:
|
||||
{{- if .Values.moverSecurityContext }}
|
||||
moverSecurityContext:
|
||||
{{- with .Values.moverSecurityContext }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- toYaml . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
copyMethod: {{ .Values.external.restic.copyMethod }}
|
||||
|
||||
@@ -22,18 +22,18 @@ local:
|
||||
enabled: true
|
||||
|
||||
# -- 5 character cron schedule
|
||||
schedule: 0 2 * * *
|
||||
schedule: 0 8 * * *
|
||||
|
||||
# -- Backup configuration, inserted directly into the yaml
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: ""
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
hourly: 0
|
||||
daily: 7
|
||||
weekly: 4
|
||||
monthly: 3
|
||||
yearly: 1
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -51,18 +51,18 @@ remote:
|
||||
enabled: true
|
||||
|
||||
# -- 5 character cron schedule
|
||||
schedule: 0 3 * * *
|
||||
schedule: 0 10 * * *
|
||||
|
||||
# -- Backup configuration, inserted directly into the yaml
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: ""
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
hourly: 0
|
||||
daily: 7
|
||||
weekly: 4
|
||||
monthly: 3
|
||||
yearly: 1
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
@@ -80,18 +80,18 @@ external:
|
||||
enabled: true
|
||||
|
||||
# -- 5 character cron schedule
|
||||
schedule: 0 4 * * *
|
||||
schedule: 0 9 * * *
|
||||
|
||||
# -- Backup configuration, inserted directly into the yaml
|
||||
restic:
|
||||
pruneIntervalDays: 7
|
||||
repository: ""
|
||||
retain:
|
||||
hourly: 1
|
||||
daily: 3
|
||||
weekly: 2
|
||||
monthly: 2
|
||||
yearly: 4
|
||||
hourly: 0
|
||||
daily: 7
|
||||
weekly: 4
|
||||
monthly: 3
|
||||
yearly: 1
|
||||
copyMethod: Snapshot
|
||||
storageClassName: ceph-block
|
||||
volumeSnapshotClassName: ceph-blockpool-snapshot
|
||||
|
||||
Reference in New Issue
Block a user