Commit new App releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
parent
462cf4f089
commit
588931c321
Binary file not shown.
|
@ -1,6 +1,15 @@
|
|||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="authelia-8.0.1"></a>
|
||||
### [authelia-8.0.1](https://github.com/truecharts/apps/compare/authelia-8.0.0...authelia-8.0.1) (2021-11-16)
|
||||
|
||||
#### Chore
|
||||
|
||||
* bump postgresql again
|
||||
|
||||
|
||||
|
||||
<a name="authelia-8.0.0"></a>
|
||||
### [authelia-8.0.0](https://github.com/truecharts/apps/compare/authelia-7.0.12...authelia-8.0.0) (2021-11-16)
|
||||
|
||||
|
@ -88,12 +97,3 @@
|
|||
* update non-major deps helm releases ([#1267](https://github.com/truecharts/apps/issues/1267))
|
||||
|
||||
|
||||
|
||||
<a name="authelia-7.0.5"></a>
|
||||
### [authelia-7.0.5](https://github.com/truecharts/apps/compare/authelia-7.0.4...authelia-7.0.5) (2021-11-01)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major deps helm releases ([#1264](https://github.com/truecharts/apps/issues/1264))
|
||||
|
||||
|
|
@ -4,9 +4,9 @@ dependencies:
|
|||
version: 8.6.2
|
||||
- name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.0
|
||||
version: 6.0.1
|
||||
- name: redis
|
||||
repository: https://truecharts.org/
|
||||
version: 1.0.5
|
||||
digest: sha256:2c96b92df1fcdce274b26fcc97cbbe1d387bd6fa4d875311636c56931cbb337a
|
||||
generated: "2021-11-16T15:20:33.470891464Z"
|
||||
digest: sha256:fce65af1813e8b00c4a998509f2a6803f5b34e3ace5cebbd6b922b1543615fa0
|
||||
generated: "2021-11-16T15:53:04.931226489Z"
|
|
@ -7,7 +7,7 @@ dependencies:
|
|||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.0
|
||||
version: 6.0.1
|
||||
- condition: redis.enabled
|
||||
name: redis
|
||||
repository: https://truecharts.org/
|
||||
|
@ -38,7 +38,7 @@ sources:
|
|||
- https://github.com/authelia/chartrepo
|
||||
- https://github.com/authelia/authelia
|
||||
type: application
|
||||
version: 8.0.0
|
||||
version: 8.0.1
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- security
|
|
@ -18,7 +18,7 @@ Kubernetes: `>=1.16.0-0`
|
|||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://truecharts.org/ | postgresql | 6.0.0 |
|
||||
| https://truecharts.org/ | postgresql | 6.0.1 |
|
||||
| https://truecharts.org/ | redis | 1.0.5 |
|
||||
| https://truecharts.org | common | 8.6.2 |
|
||||
|
Binary file not shown.
Binary file not shown.
|
@ -1,6 +1,15 @@
|
|||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="gitea-5.0.1"></a>
|
||||
### [gitea-5.0.1](https://github.com/truecharts/apps/compare/gitea-5.0.0...gitea-5.0.1) (2021-11-16)
|
||||
|
||||
#### Chore
|
||||
|
||||
* bump postgresql again
|
||||
|
||||
|
||||
|
||||
<a name="gitea-5.0.0"></a>
|
||||
### [gitea-5.0.0](https://github.com/truecharts/apps/compare/gitea-4.0.15...gitea-5.0.0) (2021-11-16)
|
||||
|
||||
|
@ -88,12 +97,3 @@
|
|||
|
||||
* Simplify GUI for deployment, persistence and securityContext ([#1289](https://github.com/truecharts/apps/issues/1289))
|
||||
|
||||
#### Feat
|
||||
|
||||
* Simplify the Services GUI ([#1290](https://github.com/truecharts/apps/issues/1290))
|
||||
|
||||
|
||||
|
||||
<a name="gitea-4.0.7"></a>
|
||||
### [gitea-4.0.7](https://github.com/truecharts/apps/compare/gitea-4.0.6...gitea-4.0.7) (2021-11-02)
|
||||
|
|
@ -4,9 +4,9 @@ dependencies:
|
|||
version: 8.6.2
|
||||
- name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.0
|
||||
version: 6.0.1
|
||||
- name: memcached
|
||||
repository: https://truecharts.org/
|
||||
version: 1.0.4
|
||||
digest: sha256:4a63cdac91ab354f7a77f6b87982eb2f7136b780cb160b9e75e94f8579f9572e
|
||||
generated: "2021-11-16T15:21:23.305319202Z"
|
||||
digest: sha256:f4ec82bc93a2aff142e3b5ec37557270a636bf5c57fab553fb158aacedfec987
|
||||
generated: "2021-11-16T15:53:47.821664643Z"
|
|
@ -7,7 +7,7 @@ dependencies:
|
|||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.0
|
||||
version: 6.0.1
|
||||
- condition: memcached.enabled
|
||||
name: memcached
|
||||
repository: https://truecharts.org/
|
||||
|
@ -34,7 +34,7 @@ sources:
|
|||
- https://github.com/go-gitea/gitea
|
||||
- https://hub.docker.com/r/gitea/gitea/
|
||||
type: application
|
||||
version: 5.0.0
|
||||
version: 5.0.1
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- GIT
|
|
@ -20,7 +20,7 @@ Kubernetes: `>=1.16.0-0`
|
|||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://truecharts.org/ | memcached | 1.0.4 |
|
||||
| https://truecharts.org/ | postgresql | 6.0.0 |
|
||||
| https://truecharts.org/ | postgresql | 6.0.1 |
|
||||
| https://truecharts.org | common | 8.6.2 |
|
||||
|
||||
## Installing the Chart
|
Binary file not shown.
|
@ -0,0 +1,99 @@
|
|||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="nextcloud-10.0.1"></a>
|
||||
### [nextcloud-10.0.1](https://github.com/truecharts/apps/compare/nextcloud-10.0.0...nextcloud-10.0.1) (2021-11-16)
|
||||
|
||||
#### Chore
|
||||
|
||||
* bump postgresql again
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-10.0.0"></a>
|
||||
### [nextcloud-10.0.0](https://github.com/truecharts/apps/compare/nextcloud-9.0.12...nextcloud-10.0.0) (2021-11-16)
|
||||
|
||||
#### Chore
|
||||
|
||||
* bump postgresql on some Apps
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-9.0.12"></a>
|
||||
### [nextcloud-9.0.12](https://github.com/truecharts/apps/compare/nextcloud-9.0.11...nextcloud-9.0.12) (2021-11-15)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major docker tags ([#1339](https://github.com/truecharts/apps/issues/1339))
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-9.0.11"></a>
|
||||
### [nextcloud-9.0.11](https://github.com/truecharts/apps/compare/nextcloud-9.0.10...nextcloud-9.0.11) (2021-11-15)
|
||||
|
||||
#### Chore
|
||||
|
||||
* persistence cleanup and small bugfixes ([#1329](https://github.com/truecharts/apps/issues/1329))
|
||||
* update non-major deps helm releases ([#1338](https://github.com/truecharts/apps/issues/1338))
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-9.0.10"></a>
|
||||
### [nextcloud-9.0.10](https://github.com/truecharts/apps/compare/nextcloud-9.0.9...nextcloud-9.0.10) (2021-11-14)
|
||||
|
||||
#### Chore
|
||||
|
||||
* fixes around the GUI refactor ([#1316](https://github.com/truecharts/apps/issues/1316))
|
||||
* move port above advanced in GUI ([#1326](https://github.com/truecharts/apps/issues/1326))
|
||||
* clean up Chart.yaml ([#1322](https://github.com/truecharts/apps/issues/1322))
|
||||
* update non-major deps helm releases ([#1328](https://github.com/truecharts/apps/issues/1328))
|
||||
* update non-major ([#1327](https://github.com/truecharts/apps/issues/1327))
|
||||
|
||||
#### Feat
|
||||
|
||||
* use our own redis chart ([#1312](https://github.com/truecharts/apps/issues/1312))
|
||||
* use our own redis chart ([#1310](https://github.com/truecharts/apps/issues/1310))
|
||||
|
||||
#### Fix
|
||||
|
||||
* Allow spaces in paths ([#1306](https://github.com/truecharts/apps/issues/1306))
|
||||
* revert nextcloud container update due to upstream performance issues
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-9.0.9"></a>
|
||||
### [nextcloud-9.0.9](https://github.com/truecharts/apps/compare/nextcloud-9.0.8...nextcloud-9.0.9) (2021-11-09)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major deps helm releases ([#1297](https://github.com/truecharts/apps/issues/1297))
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-9.0.8"></a>
|
||||
### [nextcloud-9.0.8](https://github.com/truecharts/apps/compare/nextcloud-9.0.7...nextcloud-9.0.8) (2021-11-07)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major deps helm releases ([#1295](https://github.com/truecharts/apps/issues/1295))
|
||||
|
||||
|
||||
|
||||
<a name="nextcloud-9.0.7"></a>
|
||||
### [nextcloud-9.0.7](https://github.com/truecharts/apps/compare/nextcloud-9.0.6...nextcloud-9.0.7) (2021-11-07)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major deps helm releases ([#1291](https://github.com/truecharts/apps/issues/1291))
|
||||
* Update label / description on admin credentials ([#1274](https://github.com/truecharts/apps/issues/1274))
|
||||
|
||||
#### Chore
|
||||
|
||||
* Simplify GUI for deployment, persistence and securityContext ([#1289](https://github.com/truecharts/apps/issues/1289))
|
||||
|
||||
#### Feat
|
||||
|
||||
* Simplify the Services GUI ([#1290](https://github.com/truecharts/apps/issues/1290))
|
||||
|
||||
#### Fix
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
# Configuration Options
|
||||
|
||||
##### Connecting to other apps
|
||||
If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Internally" quick-start guide:
|
||||
https://truecharts.org/manual/Quick-Start%20Guides/14-linking-apps/
|
||||
|
||||
##### Available config options
|
||||
In the future this page is going to contain an automated list of options available in the installation/edit UI.
|
|
@ -0,0 +1,12 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
version: 8.6.2
|
||||
- name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.1
|
||||
- name: redis
|
||||
repository: https://truecharts.org
|
||||
version: 1.0.5
|
||||
digest: sha256:ff121c2f525ba47d19f1d86ed3dc841521c6e3759f9581e0d09bbd951b0ac64f
|
||||
generated: "2021-11-16T15:54:30.946039464Z"
|
|
@ -0,0 +1,41 @@
|
|||
apiVersion: v2
|
||||
appVersion: "22.2.2"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
version: 8.6.2
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.1
|
||||
- condition: redis.enabled
|
||||
name: redis
|
||||
repository: https://truecharts.org
|
||||
version: 1.0.5
|
||||
deprecated: false
|
||||
description: A private cloud server that puts the control and security of your own
|
||||
data back into your hands.
|
||||
home: https://nextcloud.com/
|
||||
icon: https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/Nextcloud_Logo.svg/1280px-Nextcloud_Logo.svg.png
|
||||
keywords:
|
||||
- nextcloud
|
||||
- storage
|
||||
- http
|
||||
- web
|
||||
- php
|
||||
kubeVersion: '>=1.16.0-0'
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: nextcloud
|
||||
sources:
|
||||
- https://github.com/nextcloud/docker
|
||||
- https://github.com/nextcloud/helm
|
||||
type: application
|
||||
version: 10.0.1
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- cloud
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
|
@ -0,0 +1,40 @@
|
|||
# Introduction
|
||||
|
||||
A private cloud server that puts the control and security of your own data back into your hands.
|
||||
|
||||
TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/nextcloud/docker>
|
||||
* <https://github.com/nextcloud/helm>
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>=1.16.0-0`
|
||||
|
||||
## Dependencies
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://truecharts.org/ | postgresql | 6.0.1 |
|
||||
| https://truecharts.org | common | 8.6.2 |
|
||||
| https://truecharts.org | redis | 1.0.5 |
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/03-Installing-an-App/).
|
||||
|
||||
## Uninstalling the Chart
|
||||
|
||||
To remove this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/07-Deleting-an-App/).
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Open-Apps/) first.
|
||||
- See the [Wiki](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
|
||||
---
|
||||
All Rights Reserved - The TrueCharts Project
|
|
@ -0,0 +1,3 @@
|
|||
A private cloud server that puts the control and security of your own data back into your hands.
|
||||
|
||||
This App is supplied by TrueCharts, for more information please visit https://truecharts.org
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,62 @@
|
|||
# Default Helm-Values
|
||||
|
||||
TrueCharts is primarily build to supply TrueNAS SCALE Apps.
|
||||
However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
|
||||
|
||||
Most of our Apps also consume our "common" Helm Chart.
|
||||
If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
|
||||
You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| cronjob.annotations | object | `{}` | |
|
||||
| cronjob.failedJobsHistoryLimit | int | `5` | |
|
||||
| cronjob.schedule | string | `"*/5 * * * *"` | |
|
||||
| cronjob.successfulJobsHistoryLimit | int | `2` | |
|
||||
| env.NEXTCLOUD_ADMIN_PASSWORD | string | `"adminpass"` | |
|
||||
| env.NEXTCLOUD_ADMIN_USER | string | `"admin"` | |
|
||||
| env.TRUSTED_PROXIES | string | `"172.16.0.0/16"` | |
|
||||
| envFrom[0].configMapRef.name | string | `"nextcloudconfig"` | |
|
||||
| envTpl.POSTGRES_DB | string | `"{{ .Values.postgresql.postgresqlDatabase }}"` | |
|
||||
| envTpl.POSTGRES_USER | string | `"{{ .Values.postgresql.postgresqlUsername }}"` | |
|
||||
| envValueFrom.POSTGRES_HOST.secretKeyRef.key | string | `"plainporthost"` | |
|
||||
| envValueFrom.POSTGRES_HOST.secretKeyRef.name | string | `"dbcreds"` | |
|
||||
| envValueFrom.POSTGRES_PASSWORD.secretKeyRef.key | string | `"postgresql-password"` | |
|
||||
| envValueFrom.POSTGRES_PASSWORD.secretKeyRef.name | string | `"dbcreds"` | |
|
||||
| envValueFrom.REDIS_HOST.secretKeyRef.key | string | `"plainhost"` | |
|
||||
| envValueFrom.REDIS_HOST.secretKeyRef.name | string | `"rediscreds"` | |
|
||||
| envValueFrom.REDIS_HOST_PASSWORD.secretKeyRef.key | string | `"redis-password"` | |
|
||||
| envValueFrom.REDIS_HOST_PASSWORD.secretKeyRef.name | string | `"rediscreds"` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"docker.io/nextcloud"` | |
|
||||
| image.tag | string | `"22.2.2@sha256:2394d656bf45d63e2a009390773220aebd8ef862798c4f6940aec55c5d3f6a6d"` | |
|
||||
| persistence.data.enabled | bool | `true` | |
|
||||
| persistence.data.mountPath | string | `"/var/www/html"` | |
|
||||
| podSecurityContext.fsGroup | int | `33` | |
|
||||
| podSecurityContext.runAsGroup | int | `0` | |
|
||||
| podSecurityContext.runAsUser | int | `0` | |
|
||||
| postgresql.enabled | bool | `true` | |
|
||||
| postgresql.existingSecret | string | `"dbcreds"` | |
|
||||
| postgresql.postgresqlDatabase | string | `"nextcloud"` | |
|
||||
| postgresql.postgresqlUsername | string | `"nextcloud"` | |
|
||||
| probes | object | See below | Probe configuration -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) |
|
||||
| probes.liveness | object | See below | Liveness probe configuration |
|
||||
| probes.liveness.spec | object | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
|
||||
| probes.readiness | object | See below | Redainess probe configuration |
|
||||
| probes.readiness.spec | object | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
|
||||
| probes.startup | object | See below | Startup probe configuration |
|
||||
| probes.startup.spec | object | "/" | If a HTTP probe is used (default for HTTP/HTTPS services) this path is used |
|
||||
| redis.enabled | bool | `true` | |
|
||||
| redis.existingSecret | string | `"rediscreds"` | |
|
||||
| securityContext.readOnlyRootFilesystem | bool | `false` | |
|
||||
| securityContext.runAsNonRoot | bool | `false` | |
|
||||
| service.hpb.enabled | bool | `true` | |
|
||||
| service.hpb.ports.hpb.enabled | bool | `true` | |
|
||||
| service.hpb.ports.hpb.port | int | `7867` | |
|
||||
| service.hpb.ports.hpb.targetPort | int | `7867` | |
|
||||
| service.main.ports.main.port | int | `80` | |
|
||||
| service.main.ports.main.targetPort | int | `80` | |
|
||||
|
||||
All Rights Reserved - The TrueCharts Project
|
|
@ -0,0 +1,147 @@
|
|||
# Default values for Bitwarden.
|
||||
|
||||
image:
|
||||
repository: docker.io/nextcloud
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 22.2.2@sha256:2394d656bf45d63e2a009390773220aebd8ef862798c4f6940aec55c5d3f6a6d
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: false
|
||||
|
||||
podSecurityContext:
|
||||
runAsUser: 0
|
||||
runAsGroup: 0
|
||||
fsGroup: 33
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
port: 80
|
||||
targetPort: 80
|
||||
hpb:
|
||||
enabled: true
|
||||
ports:
|
||||
hpb:
|
||||
enabled: true
|
||||
port: 7867
|
||||
targetPort: 7867
|
||||
|
||||
env:
|
||||
NEXTCLOUD_ADMIN_USER: "admin"
|
||||
NEXTCLOUD_ADMIN_PASSWORD: "adminpass"
|
||||
TRUSTED_PROXIES: "172.16.0.0/16"
|
||||
|
||||
envTpl:
|
||||
POSTGRES_DB: "{{ .Values.postgresql.postgresqlDatabase }}"
|
||||
POSTGRES_USER: "{{ .Values.postgresql.postgresqlUsername }}"
|
||||
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: nextcloudconfig
|
||||
|
||||
envValueFrom:
|
||||
POSTGRES_PASSWORD:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: postgresql-password
|
||||
POSTGRES_HOST:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: plainporthost
|
||||
REDIS_HOST:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: plainhost
|
||||
REDIS_HOST_PASSWORD:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: redis-password
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
mountPath: "/var/www/html"
|
||||
# -- Probe configuration
|
||||
# -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/)
|
||||
# @default -- See below
|
||||
probes:
|
||||
# -- Liveness probe configuration
|
||||
# @default -- See below
|
||||
liveness:
|
||||
custom: true
|
||||
# -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
|
||||
# @default -- "/"
|
||||
spec:
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 80
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 2
|
||||
failureThreshold: 5
|
||||
|
||||
# -- Redainess probe configuration
|
||||
# @default -- See below
|
||||
readiness:
|
||||
custom: true
|
||||
# -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
|
||||
# @default -- "/"
|
||||
spec:
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 80
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 2
|
||||
failureThreshold: 5
|
||||
|
||||
# -- Startup probe configuration
|
||||
# @default -- See below
|
||||
startup:
|
||||
custom: true
|
||||
# -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
|
||||
# @default -- "/"
|
||||
spec:
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 80
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 2
|
||||
failureThreshold: 5
|
||||
|
||||
## Cronjob to execute Nextcloud background tasks
|
||||
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#webcron
|
||||
##
|
||||
cronjob:
|
||||
# Every 5 minutes
|
||||
# Note: Setting this to any any other value than 5 minutes might
|
||||
# cause issues with how nextcloud background jobs are executed
|
||||
schedule: "*/5 * * * *"
|
||||
annotations: {}
|
||||
failedJobsHistoryLimit: 5
|
||||
successfulJobsHistoryLimit: 2
|
||||
|
||||
# Enabled postgres
|
||||
postgresql:
|
||||
enabled: true
|
||||
existingSecret: "dbcreds"
|
||||
postgresqlUsername: nextcloud
|
||||
postgresqlDatabase: nextcloud
|
||||
|
||||
# Enabled redis
|
||||
# ... for more options see https://github.com/bitnami/charts/tree/master/bitnami/redis
|
||||
redis:
|
||||
enabled: true
|
||||
existingSecret: "rediscreds"
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,35 @@
|
|||
{{/* Define the configmap */}}
|
||||
{{- define "nextcloud.configmap" -}}
|
||||
|
||||
{{- $hosts := "" }}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{- range .Values.ingress }}
|
||||
{{- range $index, $host := .hosts }}
|
||||
{{- if $index }}
|
||||
{{ $hosts = ( printf "%v %v" $hosts $host.host ) }}
|
||||
{{- else }}
|
||||
{{ $hosts = ( printf "%s" $host.host ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: nextcloudconfig
|
||||
data:
|
||||
NEXTCLOUD_TRUSTED_DOMAINS: {{ ( printf "%v %v %v %v %v" "test.fakedomain.dns" ( .Values.env.NODE_IP | default "localhost" ) ( printf "%v-%v" .Release.Name "nextcloud" ) ( printf "%v-%v" .Release.Name "nextcloud-hpb" ) $hosts ) | quote }}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
APACHE_DISABLE_REWRITE_IP: "1"
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: hpbconfig
|
||||
data:
|
||||
NEXTCLOUD_URL: {{ ( printf "%v-%v" .Release.Name "nextcloud" ) | quote }}
|
||||
|
||||
{{- end -}}
|
|
@ -0,0 +1,51 @@
|
|||
{{/* Define the cronjob */}}
|
||||
{{- define "nextcloud.cronjob" -}}
|
||||
{{- $jobName := include "common.names.fullname" . }}
|
||||
|
||||
---
|
||||
apiVersion: batch/v1beta1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: {{ printf "%s-cronjob" $jobName }}
|
||||
labels:
|
||||
{{- include "common.labels" . | nindent 4 }}
|
||||
spec:
|
||||
schedule: "{{ .Values.cronjob.schedule }}"
|
||||
concurrencyPolicy: Forbid
|
||||
{{- with .Values.cronjob.failedJobsHistoryLimit }}
|
||||
failedJobsHistoryLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.cronjob.successfulJobsHistoryLimit }}
|
||||
successfulJobsHistoryLimit: {{ . }}
|
||||
{{- end }}
|
||||
jobTemplate:
|
||||
metadata:
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
{{- with (include "common.controller.volumes" . | trim) }}
|
||||
volumes:
|
||||
{{- nindent 12 . }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
image: "{{ .Values.image.repository }}:{{ default .Values.image.tag }}"
|
||||
imagePullPolicy: {{ default .Values.image.pullPolicy }}
|
||||
command: [ "php" ]
|
||||
args:
|
||||
- "-f"
|
||||
- "/var/www/html/cron.php"
|
||||
# Will mount configuration files as www-data (id: 33) by default for nextcloud
|
||||
{{- with (include "common.controller.volumeMounts" . | trim) }}
|
||||
volumeMounts:
|
||||
{{ nindent 16 . }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
runAsUser: 33
|
||||
runAsGroup: 33
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 16 }}
|
||||
|
||||
{{- end -}}
|
|
@ -0,0 +1,14 @@
|
|||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "common.setup" . }}
|
||||
|
||||
{{/* Render configmap for nextcloud */}}
|
||||
{{- include "nextcloud.configmap" . }}
|
||||
|
||||
{{- $newMiddlewares := append .Values.ingress.main.fixedMiddlewares "tc-nextcloud-chain" }}
|
||||
{{- $_ := set .Values.ingress.main "fixedMiddlewares" $newMiddlewares -}}
|
||||
|
||||
{{/* Render cronjob for nextcloud */}}
|
||||
{{- include "nextcloud.cronjob" . }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "common.postSetup" . }}
|
|
@ -0,0 +1,99 @@
|
|||
# Changelog<br>
|
||||
|
||||
|
||||
<a name="vaultwarden-13.0.1"></a>
|
||||
### [vaultwarden-13.0.1](https://github.com/truecharts/apps/compare/vaultwarden-13.0.0...vaultwarden-13.0.1) (2021-11-16)
|
||||
|
||||
#### Chore
|
||||
|
||||
* bump postgresql again
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-13.0.0"></a>
|
||||
### [vaultwarden-13.0.0](https://github.com/truecharts/apps/compare/vaultwarden-12.0.11...vaultwarden-13.0.0) (2021-11-16)
|
||||
|
||||
#### Chore
|
||||
|
||||
* bump postgresql on some Apps
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-12.0.11"></a>
|
||||
### [vaultwarden-12.0.11](https://github.com/truecharts/apps/compare/vaultwarden-12.0.10...vaultwarden-12.0.11) (2021-11-15)
|
||||
|
||||
#### Chore
|
||||
|
||||
* persistence cleanup and small bugfixes ([#1329](https://github.com/truecharts/apps/issues/1329))
|
||||
* update non-major deps helm releases ([#1338](https://github.com/truecharts/apps/issues/1338))
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-12.0.10"></a>
|
||||
### [vaultwarden-12.0.10](https://github.com/truecharts/apps/compare/vaultwarden-12.0.9...vaultwarden-12.0.10) (2021-11-14)
|
||||
|
||||
#### Chore
|
||||
|
||||
* fixes around the GUI refactor ([#1316](https://github.com/truecharts/apps/issues/1316))
|
||||
* move port above advanced in GUI ([#1326](https://github.com/truecharts/apps/issues/1326))
|
||||
* clean up Chart.yaml ([#1322](https://github.com/truecharts/apps/issues/1322))
|
||||
* update non-major deps helm releases ([#1328](https://github.com/truecharts/apps/issues/1328))
|
||||
|
||||
#### Fix
|
||||
|
||||
* split udp and tcp ports ([#1321](https://github.com/truecharts/apps/issues/1321))
|
||||
* Allow spaces in paths ([#1306](https://github.com/truecharts/apps/issues/1306))
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-12.0.9"></a>
|
||||
### [vaultwarden-12.0.9](https://github.com/truecharts/apps/compare/vaultwarden-12.0.8...vaultwarden-12.0.9) (2021-11-09)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major deps helm releases ([#1297](https://github.com/truecharts/apps/issues/1297))
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-12.0.8"></a>
|
||||
### [vaultwarden-12.0.8](https://github.com/truecharts/apps/compare/vaultwarden-12.0.7...vaultwarden-12.0.8) (2021-11-07)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major deps helm releases ([#1295](https://github.com/truecharts/apps/issues/1295))
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-12.0.7"></a>
|
||||
### [vaultwarden-12.0.7](https://github.com/truecharts/apps/compare/vaultwarden-12.0.6...vaultwarden-12.0.7) (2021-11-07)
|
||||
|
||||
#### Chore
|
||||
|
||||
* update non-major deps helm releases ([#1291](https://github.com/truecharts/apps/issues/1291))
|
||||
|
||||
#### Chore
|
||||
|
||||
* Simplify GUI for deployment, persistence and securityContext ([#1289](https://github.com/truecharts/apps/issues/1289))
|
||||
|
||||
#### Feat
|
||||
|
||||
* Simplify the Services GUI ([#1290](https://github.com/truecharts/apps/issues/1290))
|
||||
|
||||
#### Fix
|
||||
|
||||
* prevent duplicate port use and fix some questions.yaml mistakes
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-12.0.6"></a>
|
||||
### [vaultwarden-12.0.6](https://github.com/truecharts/apps/compare/vaultwarden-12.0.5...vaultwarden-12.0.6) (2021-11-04)
|
||||
|
||||
#### Fix
|
||||
|
||||
* correctly define ingress ([#1283](https://github.com/truecharts/apps/issues/1283))
|
||||
|
||||
|
||||
|
||||
<a name="vaultwarden-12.0.5"></a>
|
||||
### [vaultwarden-12.0.5](https://github.com/truecharts/apps/compare/vaultwarden-12.0.4...vaultwarden-12.0.5) (2021-11-02)
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
# Configuration Options
|
||||
|
||||
##### Connecting to other apps
|
||||
If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Internally" quick-start guide:
|
||||
https://truecharts.org/manual/Quick-Start%20Guides/14-linking-apps/
|
||||
|
||||
##### Available config options
|
||||
In the future this page is going to contain an automated list of options available in the installation/edit UI.
|
|
@ -0,0 +1,9 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
version: 8.6.2
|
||||
- name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.1
|
||||
digest: sha256:29091b4603d21dfa1dd3dce6c89c82557f694400091bc61c6e11335cdfbfa2c9
|
||||
generated: "2021-11-16T15:55:12.35790053Z"
|
|
@ -0,0 +1,36 @@
|
|||
apiVersion: v2
|
||||
appVersion: "1.23.0"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://truecharts.org
|
||||
version: 8.6.2
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://truecharts.org/
|
||||
version: 6.0.1
|
||||
deprecated: false
|
||||
description: Unofficial Bitwarden compatible server written in Rust
|
||||
home: https://github.com/truecharts/apps/tree/master/charts/stable/vaultwarden
|
||||
icon: https://raw.githubusercontent.com/bitwarden/brand/master/icons/256x256.png
|
||||
keywords:
|
||||
- bitwarden
|
||||
- bitwardenrs
|
||||
- bitwarden_rs
|
||||
- vaultwarden
|
||||
- password
|
||||
- rust
|
||||
kubeVersion: '>=1.16.0-0'
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: vaultwarden
|
||||
sources:
|
||||
- https://github.com/dani-garcia/vaultwarden
|
||||
type: application
|
||||
version: 13.0.1
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- security
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
|
@ -0,0 +1,38 @@
|
|||
# Introduction
|
||||
|
||||
Unofficial Bitwarden compatible server written in Rust
|
||||
|
||||
TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/dani-garcia/vaultwarden>
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>=1.16.0-0`
|
||||
|
||||
## Dependencies
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://truecharts.org/ | postgresql | 6.0.1 |
|
||||
| https://truecharts.org | common | 8.6.2 |
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/03-Installing-an-App/).
|
||||
|
||||
## Uninstalling the Chart
|
||||
|
||||
To remove this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/07-Deleting-an-App/).
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Open-Apps/) first.
|
||||
- See the [Wiki](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
|
||||
---
|
||||
All Rights Reserved - The TrueCharts Project
|
|
@ -0,0 +1,3 @@
|
|||
Unofficial Bitwarden compatible server written in Rust
|
||||
|
||||
This App is supplied by TrueCharts, for more information please visit https://truecharts.org
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,67 @@
|
|||
# -- Configure the ingresses for the chart here.
|
||||
# Additional ingresses can be added by adding a dictionary key similar to the 'main' ingress.
|
||||
# @default -- See below
|
||||
ingress:
|
||||
main:
|
||||
# -- Enables or disables the ingress
|
||||
enabled: true
|
||||
|
||||
# -- Make this the primary ingress (used in probes, notes, etc...).
|
||||
# If there is more than 1 ingress, make sure that only 1 ingress is marked as primary.
|
||||
primary: true
|
||||
|
||||
# -- Override the name suffix that is used for this ingress.
|
||||
nameOverride:
|
||||
|
||||
# -- List of middlewares in the traefikmiddlewares k8s namespace to add automatically
|
||||
# Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
|
||||
# Primarily used for TrueNAS SCALE to add additional (seperate) middlewares without exposing them to the end-user
|
||||
fixedMiddlewares:
|
||||
- chain-basic
|
||||
|
||||
# -- Additional List of middlewares in the traefikmiddlewares k8s namespace to add automatically
|
||||
# Creates an annotation with the middlewares and appends k8s and traefik namespaces to the middleware names
|
||||
middlewares: []
|
||||
annotationsList: []
|
||||
# - name: somename
|
||||
# value: somevalue
|
||||
# -- Provide additional annotations which may be required.
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
|
||||
labelsList: []
|
||||
# - name: somename
|
||||
# value: somevalue
|
||||
# -- Set labels on the deployment/statefulset/daemonset
|
||||
# -- Provide additional labels which may be required.
|
||||
# -- Provide additional labels which may be required.
|
||||
labels: {}
|
||||
|
||||
# -- Set the ingressClass that is used for this ingress.
|
||||
# Requires Kubernetes >=1.19
|
||||
ingressClassName: # "nginx"
|
||||
|
||||
## Configure the hosts for the ingress
|
||||
hosts:
|
||||
- # -- Host address. Helm template can be passed.
|
||||
host: chart-example.local
|
||||
## Configure the paths for the host
|
||||
paths:
|
||||
- # -- Path. Helm template can be passed.
|
||||
path: /
|
||||
# -- Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
service:
|
||||
# -- Overrides the service name reference for this path
|
||||
name:
|
||||
# -- Overrides the service port reference for this path
|
||||
targetPort:
|
||||
|
||||
# -- Configure TLS for the ingress. Both secretName and hosts can process a Helm template.
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# -- Create a secret from a GUI selected TrueNAS SCALE certificate
|
||||
# scaleCert: true
|
||||
# hosts:
|
||||
# - chart-example.local
|
|
@ -0,0 +1,54 @@
|
|||
# Default Helm-Values
|
||||
|
||||
TrueCharts is primarily build to supply TrueNAS SCALE Apps.
|
||||
However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
|
||||
|
||||
Most of our Apps also consume our "common" Helm Chart.
|
||||
If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
|
||||
You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| database.type | string | `"postgresql"` | |
|
||||
| database.wal | bool | `true` | |
|
||||
| env | object | `{}` | |
|
||||
| envFrom[0].configMapRef.name | string | `"vaultwardenconfig"` | |
|
||||
| envFrom[1].secretRef.name | string | `"vaultwardensecret"` | |
|
||||
| envTpl.DOMAIN | string | `"https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"` | |
|
||||
| envValueFrom.DATABASE_URL.secretKeyRef.key | string | `"url"` | |
|
||||
| envValueFrom.DATABASE_URL.secretKeyRef.name | string | `"dbcreds"` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"ghcr.io/truecharts/vaultwarden"` | |
|
||||
| image.tag | string | `"v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869"` | |
|
||||
| persistence.data.enabled | bool | `true` | |
|
||||
| persistence.data.mountPath | string | `"/data"` | |
|
||||
| postgresql.enabled | bool | `true` | |
|
||||
| postgresql.existingSecret | string | `"dbcreds"` | |
|
||||
| postgresql.postgresqlDatabase | string | `"vaultwarden"` | |
|
||||
| postgresql.postgresqlUsername | string | `"vaultwarden"` | |
|
||||
| service.main.ports.main.port | int | `8080` | |
|
||||
| service.main.ports.main.targetPort | int | `8080` | |
|
||||
| service.ws.ports.ws.enabled | bool | `true` | |
|
||||
| service.ws.ports.ws.port | int | `3012` | |
|
||||
| service.ws.ports.ws.targetPort | int | `3012` | |
|
||||
| vaultwarden.admin.disableAdminToken | bool | `false` | |
|
||||
| vaultwarden.admin.enabled | bool | `false` | |
|
||||
| vaultwarden.allowInvitation | bool | `true` | |
|
||||
| vaultwarden.allowSignups | bool | `true` | |
|
||||
| vaultwarden.enableWebVault | bool | `true` | |
|
||||
| vaultwarden.enableWebsockets | bool | `true` | |
|
||||
| vaultwarden.icons.disableDownload | bool | `false` | |
|
||||
| vaultwarden.log.file | string | `""` | |
|
||||
| vaultwarden.log.level | string | `"trace"` | |
|
||||
| vaultwarden.orgCreationUsers | string | `"all"` | |
|
||||
| vaultwarden.requireEmail | bool | `false` | |
|
||||
| vaultwarden.showPasswordHint | bool | `true` | |
|
||||
| vaultwarden.smtp.enabled | bool | `false` | |
|
||||
| vaultwarden.smtp.from | string | `""` | |
|
||||
| vaultwarden.smtp.host | string | `""` | |
|
||||
| vaultwarden.verifySignup | bool | `false` | |
|
||||
| vaultwarden.yubico.enabled | bool | `false` | |
|
||||
|
||||
All Rights Reserved - The TrueCharts Project
|
|
@ -0,0 +1,158 @@
|
|||
# Default values for Bitwarden.
|
||||
|
||||
image:
|
||||
repository: ghcr.io/truecharts/vaultwarden
|
||||
pullPolicy: IfNotPresent
|
||||
tag: v1.23.0@sha256:1e65dd23569e566576c3c80de76f711e0b9fc5e29a39d45f49f0a44d1282d869
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
port: 8080
|
||||
targetPort: 8080
|
||||
ws:
|
||||
ports:
|
||||
ws:
|
||||
enabled: true
|
||||
port: 3012
|
||||
targetPort: 3012
|
||||
|
||||
env: {}
|
||||
|
||||
envTpl:
|
||||
DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}"
|
||||
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: vaultwardenconfig
|
||||
- secretRef:
|
||||
name: vaultwardensecret
|
||||
|
||||
envValueFrom:
|
||||
DATABASE_URL:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: url
|
||||
|
||||
database:
|
||||
# Database type, must be one of: 'sqlite', 'mysql' or 'postgresql'.
|
||||
type: postgresql
|
||||
# Enable DB Write-Ahead-Log for SQLite, disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled
|
||||
wal: true
|
||||
## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port).
|
||||
# url: ""
|
||||
## Set the size of the database connection pool.
|
||||
# maxConnections: 10
|
||||
## Connection retries during startup, 0 for infinite. 1 second between retries.
|
||||
# retries: 15
|
||||
|
||||
# Set Bitwarden_rs application variables
|
||||
vaultwarden:
|
||||
# Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users
|
||||
allowSignups: true
|
||||
## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set.
|
||||
# signupDomains:
|
||||
# - domain.tld
|
||||
# Verify e-mail before login is enabled. SMTP must be enabled.
|
||||
verifySignup: false
|
||||
# When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled.
|
||||
requireEmail: false
|
||||
## Maximum attempts before an email token is reset and a new email will need to be sent.
|
||||
# emailAttempts: 3
|
||||
## Email token validity in seconds.
|
||||
# emailTokenExpiration: 600
|
||||
# Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations
|
||||
allowInvitation: true
|
||||
# Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display
|
||||
## Default organization name in invitation e-mails that are not coming from a specific organization.
|
||||
# defaultInviteName: ""
|
||||
showPasswordHint: true
|
||||
# Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications
|
||||
# Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured.
|
||||
enableWebsockets: true
|
||||
# Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting
|
||||
enableWebVault: true
|
||||
# Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users.
|
||||
orgCreationUsers: all
|
||||
## Limit attachment disk usage per organization.
|
||||
# attachmentLimitOrg:
|
||||
## Limit attachment disk usage per user.
|
||||
# attachmentLimitUser:
|
||||
## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key.
|
||||
# hibpApiKey:
|
||||
|
||||
admin:
|
||||
# Enable admin portal.
|
||||
enabled: false
|
||||
# Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token
|
||||
disableAdminToken: false
|
||||
## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page
|
||||
# token:
|
||||
|
||||
# Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration
|
||||
smtp:
|
||||
enabled: false
|
||||
# SMTP hostname, required if SMTP is enabled.
|
||||
host: ""
|
||||
# SMTP sender e-mail address, required if SMTP is enabled.
|
||||
from: ""
|
||||
## SMTP sender name, defaults to 'Bitwarden_RS'.
|
||||
# fromName: ""
|
||||
## Enable SSL connection.
|
||||
# ssl: true
|
||||
## SMTP port. Defaults to 25 without SSL, 587 with SSL.
|
||||
# port: 587
|
||||
## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
|
||||
# authMechanism: Plain
|
||||
## Hostname to be sent for SMTP HELO. Defaults to pod name.
|
||||
# heloName: ""
|
||||
## SMTP timeout.
|
||||
# timeout: 15
|
||||
## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!
|
||||
# invalidHostname: false
|
||||
## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!
|
||||
# invalidCertificate: false
|
||||
## SMTP username.
|
||||
# user: ""
|
||||
## SMTP password. Required is user is specified, ignored if no user provided.
|
||||
# password: ""
|
||||
|
||||
## Enable Yubico OTP authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication
|
||||
yubico:
|
||||
enabled: false
|
||||
## Yubico server. Defaults to YubiCloud.
|
||||
# server:
|
||||
## Yubico ID and Secret Key.
|
||||
# clientId:
|
||||
# secretKey:
|
||||
|
||||
## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
|
||||
log:
|
||||
# Log to file.
|
||||
file: ""
|
||||
# Log level. Options are "trace", "debug", "info", "warn", "error" or "off".
|
||||
level: "trace"
|
||||
## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds.
|
||||
# timeFormat: ""
|
||||
|
||||
icons:
|
||||
# Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero.
|
||||
disableDownload: false
|
||||
## Cache time-to-live for icons fetched. 0 means no purging.
|
||||
# cache: 2592000
|
||||
## Cache time-to-live for icons that were not available. 0 means no purging.
|
||||
# cacheFailed: 259200
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
mountPath: "/data"
|
||||
|
||||
|
||||
# Enabled postgres
|
||||
postgresql:
|
||||
enabled: true
|
||||
existingSecret: "dbcreds"
|
||||
postgresqlUsername: vaultwarden
|
||||
postgresqlDatabase: vaultwarden
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,116 @@
|
|||
{{/* Define the configmap */}}
|
||||
{{- define "vaultwarden.configmap" -}}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: vaultwardenconfig
|
||||
data:
|
||||
ROCKET_PORT: "8080"
|
||||
SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }}
|
||||
{{- if .Values.vaultwarden.signupDomains }}
|
||||
SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }}
|
||||
{{- end }}
|
||||
{{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}}
|
||||
SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }}
|
||||
{{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}}
|
||||
REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }}
|
||||
{{- if .Values.vaultwarden.emailAttempts }}
|
||||
EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.emailTokenExpiration }}
|
||||
EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }}
|
||||
{{- end }}
|
||||
INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }}
|
||||
{{- if .Values.vaultwarden.defaultInviteName }}
|
||||
INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }}
|
||||
{{- end }}
|
||||
SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }}
|
||||
WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }}
|
||||
WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }}
|
||||
ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }}
|
||||
{{- if .Values.vaultwarden.attachmentLimitOrg }}
|
||||
ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.attachmentLimitUser }}
|
||||
USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.hibpApiKey }}
|
||||
HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }}
|
||||
{{- end }}
|
||||
{{- include "vaultwarden.dbTypeValid" . }}
|
||||
{{- if .Values.database.retries }}
|
||||
DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.database.maxConnections }}
|
||||
DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.smtp.enabled true }}
|
||||
SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }}
|
||||
SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }}
|
||||
{{- if .Values.vaultwarden.smtp.fromName }}
|
||||
SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.ssl }}
|
||||
SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.port }}
|
||||
SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.authMechanism }}
|
||||
SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.heloName }}
|
||||
HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.timeout }}
|
||||
SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.invalidHostname }}
|
||||
SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.smtp.invalidCertificate }}
|
||||
SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.file }}
|
||||
LOG_FILE: {{ .Values.vaultwarden.log.file | quote }}
|
||||
{{- end }}
|
||||
{{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }}
|
||||
EXTENDED_LOGGING: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.level }}
|
||||
{{- include "vaultwarden.logLevelValid" . }}
|
||||
LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.log.timeFormat }}
|
||||
LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.disableDownload }}
|
||||
DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }}
|
||||
{{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }}
|
||||
ICON_CACHE_TTL: "0"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.cache }}
|
||||
ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.vaultwarden.icons.cacheFailed }}
|
||||
ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.admin.enabled true }}
|
||||
{{- if eq .Values.vaultwarden.admin.disableAdminToken true }}
|
||||
DISABLE_ADMIN_TOKEN: "true"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.vaultwarden.yubico.enabled true }}
|
||||
{{- if .Values.vaultwarden.yubico.server }}
|
||||
YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if eq .Values.database.type "sqlite" }}
|
||||
ENABLE_DB_WAL: {{ .Values.database.wal | quote }}
|
||||
{{- else }}
|
||||
ENABLE_DB_WAL: "false"
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,36 @@
|
|||
{{/* Define the secrets */}}
|
||||
{{- define "vaultwarden.secrets" -}}
|
||||
|
||||
{{- $adminToken := "" }}
|
||||
{{- if eq .Values.vaultwarden.admin.enabled true }}
|
||||
{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{- $smtpUser := "" }}
|
||||
{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }}
|
||||
{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{- $yubicoClientId := "" }}
|
||||
{{- if eq .Values.vaultwarden.yubico.enabled true }}
|
||||
{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }}
|
||||
{{- end -}}
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: vaultwardensecret
|
||||
data:
|
||||
{{- if ne $adminToken "" }}
|
||||
ADMIN_TOKEN: {{ $adminToken }}
|
||||
{{- end }}
|
||||
{{- if ne $smtpUser "" }}
|
||||
SMTP_USERNAME: {{ $smtpUser }}
|
||||
SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- if ne $yubicoClientId "" }}
|
||||
YUBICO_CLIENT_ID: {{ $yubicoClientId }}
|
||||
YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,17 @@
|
|||
{{/*
|
||||
Ensure valid DB type is select, defaults to SQLite
|
||||
*/}}
|
||||
{{- define "vaultwarden.dbTypeValid" -}}
|
||||
{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }}
|
||||
{{- required "Invalid database type" nil }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Ensure log type is valid
|
||||
*/}}
|
||||
{{- define "vaultwarden.logLevelValid" -}}
|
||||
{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }}
|
||||
{{- required "Invalid log level" nil }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,38 @@
|
|||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "common.setup" . }}
|
||||
|
||||
|
||||
{{/* Render configmap for vaultwarden */}}
|
||||
{{- include "vaultwarden.configmap" . }}
|
||||
|
||||
{{/* Render secrets for vaultwarden */}}
|
||||
{{- include "vaultwarden.secrets" . }}
|
||||
|
||||
{{/* Define path for websocket */}}
|
||||
{{- define "vaultwarden.websocket" -}}
|
||||
path: "/notifications/hub"
|
||||
# -- Ignored if not kubeVersion >= 1.14-0
|
||||
pathType: Prefix
|
||||
service:
|
||||
# -- Overrides the service name reference for this path
|
||||
name: ws
|
||||
port: {{ .Values.service.ws.ports.ws.port }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* inject websocket path to all main ingress hosts*/}}
|
||||
{{- define "vaultwarden.websocketinjector" -}}
|
||||
{{- $path := list (include "vaultwarden.websocket" . | fromYaml) -}}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{- range .Values.ingress.main.hosts }}
|
||||
{{- $newpaths := list }}
|
||||
{{- $newpaths := concat .paths $path }}
|
||||
{{- $_ := set . "paths" ( deepCopy $newpaths ) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/* inject websocket paths in ingress */}}
|
||||
{{- include "vaultwarden.websocketinjector" . }}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "common.postSetup" . }}
|
Loading…
Reference in New Issue