Commit new Chart releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot 2022-10-27 13:56:21 +00:00
parent 6e1d90fb03
commit 1d1d396c3d
16 changed files with 203 additions and 71 deletions

View File

@ -2,6 +2,19 @@
## [meshcentral-5.0.10](https://github.com/truecharts/charts/compare/meshcentral-5.0.9...meshcentral-5.0.10) (2022-10-27)
### Chore
- Auto-update chart README [skip ci]
### Fix
- correctly merge custom domain for scale gui ([#4211](https://github.com/truecharts/charts/issues/4211))
## [meshcentral-5.0.9](https://github.com/truecharts/charts/compare/meshcentral-5.0.8...meshcentral-5.0.9) (2022-10-27)
### Chore
@ -84,16 +97,3 @@
- Auto-update chart README [skip ci]
- update helm general non-major ([#4182](https://github.com/truecharts/charts/issues/4182))
## [meshcentral-5.0.2](https://github.com/truecharts/charts/compare/meshcentral-5.0.1...meshcentral-5.0.2) (2022-10-25)
### Chore
- Auto-update chart README [skip ci]
### Fix
- use transitioning variable tcdefaultdomain in scale GUI ([#4184](https://github.com/truecharts/charts/issues/4184))

View File

@ -0,0 +1,9 @@
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.7.8
- name: mongodb
repository: https://charts.truecharts.org/
version: 2.0.42
digest: sha256:368ab09d96987d02826b4821e7040b6230712e811bfec896c486195289b5f81d
generated: "2022-10-27T13:54:35.334142339Z"

View File

@ -2,7 +2,7 @@ apiVersion: v2
kubeVersion: ">=1.16.0-0"
name: meshcentral
appVersion: "1.0.90"
version: 5.0.9
version: 5.0.10
description: MeshCentral is a full computer management web site
type: application
deprecated: false
@ -18,11 +18,11 @@ sources:
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.7.7
version: 10.7.8
- condition: mongodb.enabled
name: mongodb
repository: https://charts.truecharts.org/
version: 2.0.40
version: 2.0.42
maintainers:
- email: info@truecharts.org
name: TrueCharts

View File

@ -22,8 +22,8 @@ Kubernetes: `>=1.16.0-0`
| Repository | Name | Version |
|------------|------|---------|
| https://charts.truecharts.org/ | mongodb | 2.0.40 |
| https://library-charts.truecharts.org | common | 10.7.7 |
| https://charts.truecharts.org/ | mongodb | 2.0.42 |
| https://library-charts.truecharts.org | common | 10.7.8 |
## Installing the Chart

Binary file not shown.

Binary file not shown.

View File

@ -6,8 +6,6 @@ image:
command:
- node
- meshcentral/meshcentral
- --configfile
- /opt/meshcentral/meshcentral-config/config.json
securityContext:
readOnlyRootFilesystem: false
@ -17,12 +15,6 @@ podSecurityContext:
runAsUser: 0
runAsGroup: 0
env:
trigger_redeploy:
secretKeyRef:
name: '{{ include "tc.common.names.fullname" . }}-secret'
key: trigger_redeploy
# - Values with the character _ in-front of them are pruned. Add or remove _ to disable or enable options
# - More in-depth info for each options can be found here: https://github.com/Ylianst/MeshCentral/blob/master/meshcentral-config-schema.json
# - Check for this chart's specific info in our webpage https://truecharts.org
@ -64,7 +56,7 @@ meshcentral:
_StrictTransportSecurity: null
# - When enabled, the MeshCentral web site can be embedded within another website's iframe.
allowFraming: false
# - Options: strict | lax | none
# - Options: strict | lax | none | true
_cookieIpCheck: lax
# - When enabled, allows use of WebRTC to allow direct network traffic between the agent and browser.
webRTC: false
@ -93,7 +85,7 @@ meshcentral:
# - Enables server-side, websocket per-message deflate compression.
wsCompression: true
# - Enables agent-side, websocket per-message deflate compression. wscompression must also be true for this to work.
_agentWsCompression: true
agentWsCompression: true
# - Set to 1 to present the server from updating any agent.
_noAgentUpdate: 0
# - When set to 2, all agents that need to be updated will use the meshcore.js update system. With the default value of 1, the native update system is used.
@ -209,25 +201,25 @@ meshcentral:
_redirects:
meshcommander: https://www.meshcommander.com/
# - This section described a policy for how many times an IP address is allowed to attempt to login incorrectly. By default it's 10 times in 10 minutes, but this can be changed here.
_maxInvalidLogin:
maxInvalidLogin:
# - Ranges of IP addresses that are not subject to invalid login limitations. For example: 192.168.1.0/24,172.16.0.1
exclude: null
_exclude: ""
# - Time in minutes over which the a maximum number of invalid login attempts is allowed from an IP address.
time: 10
# - Maximum number of invalid login attempts from an IP address in the time period.
count: 10
# - Additional time in minute that login attempts will be denied once the invalid login limit is reached.
coolofftime: null
coolofftime: 30
# - This section described a policy for how many times an IP address is allowed to attempt to perform two-factor authentication (2FA) incorrectly. By default it's 10 times in 10 minutes, but this can be changed here.
_maxInvalid2fa:
maxInvalid2fa:
# - Ranges of IP addresses that are not subject to invalid 2FA limitations. For example: 192.168.1.0/24,172.16.0.1
exclude: null
_exclude: ""
# - Time in minutes over which the a maximum number of invalid 2FA attempts is allowed from an IP address.
time: 10
# - Maximum number of invalid 2FA attempts from an IP address in the time period.
count: 10
# - Additional time in minute that 2FA attempts will be denied once the invalid login limit is reached.
coolofftime: null
coolofftime: 30
# - When present, this section will enable the Intel AMT provisioning server on the local network. This is used for Intel AMT bare-metal ACM activation.
_amtProvisioningServer:
# - Port number that provisioning server will listen to.
@ -529,13 +521,13 @@ meshcentral:
# - Action taken if one of the lines in meshagent.tag contains ~ServerTags:tag1,tag2,tag3. 0=Ignore, 1=Set, 2=SetIfEmpty, 3=Append.
ServerTags: 0
# - Enables the geo-location feature and device location map in the user interface, this feature is not being worked on.
_geoLocation: false
geoLocation: true
# - When enabled, activates the built-in web-based VNC client.
_novnc: true
novnc: true
# - When enabled, activates the built-in web-based RDP client.
_mstsc: false
mstsc: true
# - When enabled, activates the built-in web-based SSH client.
_ssh: false
ssh: true
# - Path where to find custom email templates for this domain.
_webEmailsPath: null
_customUI: null
@ -995,10 +987,8 @@ persistence:
readOnly: true
defaultMode: "0600"
objectName: '{{ include "tc.common.names.fullname" . }}-secret'
mountPath: /opt/meshcentral/meshcentral-config
items:
- key: config.json
path: config.json
mountPath: /opt/meshcentral/meshcentral-data/config.json
subPath: config.json
portal:
enabled: true

View File

@ -235,6 +235,12 @@ questions:
schema:
type: boolean
default: true
- variable: agentWsCompression
label: agentWsCompression
description: Enables agent-side, websocket per-message deflate compression. wscompression must also be true for this to work.
schema:
type: boolean
default: true
- variable: allowFraming
label: allowFraming
description: When enabled, the MeshCentral web site can be embedded within another website's iframe.
@ -253,6 +259,18 @@ questions:
schema:
type: boolean
default: true
- variable: agentLogDump
label: agentLogDump
description: Automatically downloads all agent error logs into meshcentral-data/agenterrorlogs.txt.
schema:
type: boolean
default: false
- variable: agentCoreDump
label: agentCoreDump
description: Automatically activates and transfers any agent crash dump files to the server in meshcentral-data/coredumps.
schema:
type: boolean
default: false
- variable: browserPing
label: browserPing
description: When specified, sends data to the browser at x seconds interval and expects a response from the browser.
@ -283,17 +301,66 @@ questions:
schema:
type: int
default: -99
- variable: plugins
label: Section <plugins>
- variable: maxInvalidLogin
label: Section <maxInvalidLogin>
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
- variable: time
label: time
description: Time in minutes over which the a maximum number of invalid login attempts is allowed from an IP address.
schema:
type: boolean
default: false
type: int
default: 10
- variable: count
label: count
description: Maximum number of invalid login attempts from an IP address in the time period.
schema:
type: int
default: 10
- variable: coolofftime
label: coolofftime
description: Additional time in minute that login attempts will be denied once the invalid login limit is reached.
schema:
type: int
default: 30
- variable: exclude
label: exclude
description: Ranges of IP addresses that are not subject to invalid login limitations. For example 192.168.1.0/24,172.16.0.1
schema:
type: string
default: ""
- variable: maxInvalid2fa
label: Section <maxInvalid2fa>
schema:
additional_attrs: true
type: dict
attrs:
- variable: time
label: time
description: Time in minutes over which the a maximum number of invalid 2FA attempts is allowed from an IP address.
schema:
type: int
default: 10
- variable: count
label: count
description: Maximum number of invalid 2FA attempts from an IP address in the time period.
schema:
type: int
default: 10
- variable: coolofftime
label: coolofftime
description: Additional time in minute that 2FA attempts will be denied once the invalid login limit is reached.
schema:
type: int
default: 30
- variable: exclude
label: exclude
description: Ranges of IP addresses that are not subject to invalid 2FA limitations. For example 192.168.1.0/24,172.16.0.1
schema:
type: string
default: ""
- variable: autobackup
label: Section <autobackup>
schema:
@ -376,6 +443,17 @@ questions:
type: string
required: true
default: ""
- variable: plugins
label: Section <plugins>
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: false
- variable: domains
label: Section <domains>
schema:
@ -428,6 +506,30 @@ questions:
schema:
type: boolean
default: true
- variable: mstsc
label: mstsc
description: When enabled, activates the built-in web-based RDP client.
schema:
type: boolean
default: true
- variable: ssh
label: ssh
description: When enabled, activates the built-in web-based SSH client.
schema:
type: boolean
default: true
- variable: novnc
label: novnc
description: When enabled, activates the built-in web-based VNC client.
schema:
type: boolean
default: true
- variable: geoLocation
label: geoLocation
description: Enables the geo-location feature and device location map in the user interface, this feature is not being worked on.
schema:
type: boolean
default: true
- variable: nightMode
label: nightMode
description: 0 = User selects day/night mode, 1 = Always night mode, 2 = Always day mode
@ -446,6 +548,30 @@ questions:
max: 2
requited: true
default: 2
- variable: deviceMeshRouterLinks
label: Section <deviceMeshRouterLinks>
schema:
additional_attrs: true
type: dict
attrs:
- variable: rdp
label: rdp
description: Display a RDP link in the device tab when supported
schema:
type: boolean
default: true
- variable: ssh
label: ssh
description: Display a SSH link in the device tab when supported
schema:
type: boolean
default: true
- variable: scp
label: scp
description: Display a SCP link in the device tab when supported
schema:
type: boolean
default: true
- variable: agentCustomization
label: Section <agentCustomization>
schema:

View File

@ -2,6 +2,8 @@
{{- define "meshcentral.secret" -}}
{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }}
{{- $secretStorageName := printf "%s-storage-secret" (include "tc.common.names.fullname" .) }}
{{- $config := .Values.meshcentral }}
{{- $isScale := false }}
@ -12,7 +14,7 @@
{{- end }}
{{- $sessionKey := "" }}
{{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }}
{{- with (lookup "v1" "Secret" .Release.Namespace $secretStorageName) }}
{{- $sessionKey = (index .data "session_key") }}
{{- else }}
{{- $sessionKey = randAlphaNum 32 }}
@ -43,10 +45,25 @@
{{- end }}
{{- if $isScale }}
{{- $config = (include "prune.keys.scale" $config) }}
{{- $config = (include "mergeAndrenameDefaultDomain" $config) }}
{{- $config = (include "prune.keys.scale" (fromYaml $config)) }}
{{- else }}
{{- $config = (include "prune.keys" $config) }}
{{- end }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ $secretStorageName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
data:
{{/* Store session_key to reuse */}}
session_key: {{ $sessionKey | b64enc }}
---
apiVersion: v1
@ -57,9 +74,6 @@ metadata:
labels:
{{- include "tc.common.labels" . | nindent 4 }}
data:
{{/* Store session_key to reuse */}}
session_key: {{ $sessionKey | b64enc }}
trigger_redeploy: {{ randAlpha 5 | b64enc }}
{{/* The actual config */}}
config.json: |
{{- toPrettyJson (fromYaml $config) | b64enc | nindent 4 }}
@ -85,17 +99,8 @@ data:
{{/* Prunes int and float equal to -99 */}}
{{/* Prunes empty strings (Does not prune empty strings in lists) */}}
{{/* Prunes keys that start with _ */}}
{{/* Renames tcdefaultdomain variable to "" as this is the key used by MeshCentral */}}
{{/* but SCALE GUI does not handle it well */}}
{{- define "prune.keys.scale" }}
{{- $values := . }}
{{- if (hasKey $values "domains") }}
{{- if (hasKey $values.domains "tcdefaultdomain") }}
{{- $defaultDomain := $values.domains.tcdefaultdomain }}
{{- $_ := set $values.domains "" $defaultDomain }}
{{- $_ := unset $values.domains "tcdefaultdomain" }}
{{- end }}
{{- end }}
{{- range $k, $v := $values }}
{{- if eq (kindOf $v) "string" }}
{{- if not $v }}
@ -122,3 +127,14 @@ data:
{{- end }}
{{- toYaml $values }}
{{- end }}
{{/* Renames tcdefaultdomain variable to "" as this is the key used by MeshCentral */}}
{{/* but SCALE GUI does not handle it well */}}
{{- define "mergeAndrenameDefaultDomain" }}
{{- $values := . }}
{{- $defaultDomain := index $values.domains "" }}
{{- $computedDomain := mergeOverwrite $defaultDomain $values.domains.tcdefaultdomain }}
{{- $_ := set $values.domains "" $computedDomain }}
{{- $_ := unset $values.domains "tcdefaultdomain" }}
{{- toYaml $values }}
{{- end }}

View File

@ -1,9 +0,0 @@
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.7.7
- name: mongodb
repository: https://charts.truecharts.org/
version: 2.0.40
digest: sha256:d4f7a8e0a0b71397241720094b69aaafad84c580c21f86c83d521e03affddb20
generated: "2022-10-27T08:06:13.936954863Z"