diff --git a/deprecated/nzbhydra/5.2.4/Chart.lock b/deprecated/nzbhydra/5.2.4/Chart.lock index db67ef6af24..f38a8ad25bb 100644 --- a/deprecated/nzbhydra/5.2.4/Chart.lock +++ b/deprecated/nzbhydra/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:20.672890069Z" +generated: "2021-06-10T12:53:35.679043692Z" diff --git a/develop/prototype-gui/0.0.14/Chart.lock b/develop/prototype-gui/0.0.14/Chart.lock index 418cc75aba7..98ba3e56f83 100644 --- a/develop/prototype-gui/0.0.14/Chart.lock +++ b/develop/prototype-gui/0.0.14/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:19.946278937Z" +generated: "2021-06-10T12:53:34.875097443Z" diff --git a/incubator/appdaemon/2.2.4/Chart.lock b/incubator/appdaemon/2.2.4/Chart.lock index 46cf092dc5c..202edf47192 100644 --- a/incubator/appdaemon/2.2.4/Chart.lock +++ b/incubator/appdaemon/2.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:58.780414569Z" +generated: "2021-06-10T12:53:12.070387075Z" diff --git a/incubator/bazarr/5.2.4/Chart.lock b/incubator/bazarr/5.2.4/Chart.lock index a6af8616d10..4843fc0105d 100644 --- a/incubator/bazarr/5.2.4/Chart.lock +++ b/incubator/bazarr/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:59.519265831Z" +generated: "2021-06-10T12:53:12.883474782Z" diff --git a/incubator/calibre-web/5.2.4/Chart.lock b/incubator/calibre-web/5.2.4/Chart.lock index a8fcb973d86..f4a3e3b5066 100644 --- a/incubator/calibre-web/5.2.4/Chart.lock +++ b/incubator/calibre-web/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:00.25499329Z" +generated: "2021-06-10T12:53:13.69055455Z" diff --git a/incubator/deluge/5.2.4/Chart.lock b/incubator/deluge/5.2.4/Chart.lock index b9a9d66fd1b..11f88fc31f5 100644 --- a/incubator/deluge/5.2.4/Chart.lock +++ b/incubator/deluge/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:00.96173826Z" +generated: "2021-06-10T12:53:14.494343295Z" diff --git a/incubator/fireflyiii/3.2.7/Chart.lock b/incubator/fireflyiii/3.2.7/Chart.lock index 18015e97b69..ad0e19119f8 100644 --- a/incubator/fireflyiii/3.2.7/Chart.lock +++ b/incubator/fireflyiii/3.2.7/Chart.lock @@ -6,4 +6,4 @@ dependencies: repository: https://charts.bitnami.com/bitnami version: 10.4.9 digest: sha256:299d4839c2ac8b84cf7388efce1d04df7d17e938bcd433a459e64baa21181adc -generated: "2021-06-08T11:28:04.429141171Z" +generated: "2021-06-10T12:53:18.133576447Z" diff --git a/incubator/freshrss/5.2.5/Chart.lock b/incubator/freshrss/5.2.5/Chart.lock index bc59a979976..7db68741546 100644 --- a/incubator/freshrss/5.2.5/Chart.lock +++ b/incubator/freshrss/5.2.5/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:08.100837977Z" +generated: "2021-06-10T12:53:21.71822098Z" diff --git a/incubator/gaps/5.2.4/Chart.lock b/incubator/gaps/5.2.4/Chart.lock index 60a59ba36af..9882d33856d 100644 --- a/incubator/gaps/5.2.4/Chart.lock +++ b/incubator/gaps/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:08.871322356Z" +generated: "2021-06-10T12:53:22.53127223Z" diff --git a/incubator/grocy/5.2.4/Chart.lock b/incubator/grocy/5.2.4/Chart.lock index 0c1037c070f..44540405675 100644 --- a/incubator/grocy/5.2.4/Chart.lock +++ b/incubator/grocy/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:09.629325823Z" +generated: "2021-06-10T12:53:23.349324414Z" diff --git a/incubator/heimdall/5.2.4/Chart.lock b/incubator/heimdall/5.2.4/Chart.lock index 76e6135c7cd..36fccb387af 100644 --- a/incubator/heimdall/5.2.4/Chart.lock +++ b/incubator/heimdall/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:10.349758718Z" +generated: "2021-06-10T12:53:24.14564405Z" diff --git a/incubator/lazylibrarian/5.2.4/Chart.lock b/incubator/lazylibrarian/5.2.4/Chart.lock index 581d656682d..20a1333665e 100644 --- a/incubator/lazylibrarian/5.2.4/Chart.lock +++ b/incubator/lazylibrarian/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:11.086163822Z" +generated: "2021-06-10T12:53:24.921203944Z" diff --git a/incubator/lychee/5.2.4/Chart.lock b/incubator/lychee/5.2.4/Chart.lock index d6d7202d489..10c21bf184c 100644 --- a/incubator/lychee/5.2.4/Chart.lock +++ b/incubator/lychee/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:11.817226088Z" +generated: "2021-06-10T12:53:25.755043736Z" diff --git a/incubator/navidrome/5.2.4/Chart.lock b/incubator/navidrome/5.2.4/Chart.lock index 9310e20cf5c..f15a89887c5 100644 --- a/incubator/navidrome/5.2.4/Chart.lock +++ b/incubator/navidrome/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:12.577385292Z" +generated: "2021-06-10T12:53:26.570383302Z" diff --git a/incubator/node-red/5.2.4/Chart.lock b/incubator/node-red/5.2.4/Chart.lock index 98b30e3a418..c33f19122f5 100644 --- a/incubator/node-red/5.2.4/Chart.lock +++ b/incubator/node-red/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:13.278044039Z" +generated: "2021-06-10T12:53:27.375562308Z" diff --git a/incubator/nzbget/5.2.5/Chart.lock b/incubator/nzbget/5.2.5/Chart.lock index 7d8ea809e1f..3255952cd08 100644 --- a/incubator/nzbget/5.2.5/Chart.lock +++ b/incubator/nzbget/5.2.5/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:13.980119575Z" +generated: "2021-06-10T12:53:28.194714047Z" diff --git a/incubator/organizr/5.2.4/Chart.lock b/incubator/organizr/5.2.4/Chart.lock index 90aa1aa0405..149f1ef46d1 100644 --- a/incubator/organizr/5.2.4/Chart.lock +++ b/incubator/organizr/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:14.77846129Z" +generated: "2021-06-10T12:53:28.968895404Z" diff --git a/incubator/podgrab/3.2.4/Chart.lock b/incubator/podgrab/3.2.4/Chart.lock index cd0e34568d7..ac37cf554be 100644 --- a/incubator/podgrab/3.2.4/Chart.lock +++ b/incubator/podgrab/3.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:15.518385016Z" +generated: "2021-06-10T12:53:29.880918826Z" diff --git a/incubator/qbittorrent/5.2.4/Chart.lock b/incubator/qbittorrent/5.2.4/Chart.lock index ccc5e357a57..ed526dd5689 100644 --- a/incubator/qbittorrent/5.2.4/Chart.lock +++ b/incubator/qbittorrent/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:16.27744005Z" +generated: "2021-06-10T12:53:30.794371457Z" diff --git a/incubator/readarr/5.2.5/Chart.lock b/incubator/readarr/5.2.5/Chart.lock index 40471de9ba7..1b8e393c470 100644 --- a/incubator/readarr/5.2.5/Chart.lock +++ b/incubator/readarr/5.2.5/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:17.036817604Z" +generated: "2021-06-10T12:53:31.582027598Z" diff --git a/incubator/sabnzbd/5.2.5/Chart.lock b/incubator/sabnzbd/5.2.5/Chart.lock index 911b357e4ec..c1a827c19c4 100644 --- a/incubator/sabnzbd/5.2.5/Chart.lock +++ b/incubator/sabnzbd/5.2.5/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:17.779169647Z" +generated: "2021-06-10T12:53:32.405940967Z" diff --git a/incubator/tvheadend/6.2.4/Chart.lock b/incubator/tvheadend/6.2.4/Chart.lock index 71c2437e11b..1d11876a3e1 100644 --- a/incubator/tvheadend/6.2.4/Chart.lock +++ b/incubator/tvheadend/6.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:18.524703981Z" +generated: "2021-06-10T12:53:33.261259833Z" diff --git a/incubator/unifi/5.2.4/Chart.lock b/incubator/unifi/5.2.4/Chart.lock index c301f5b4d55..e0b9f7fb369 100644 --- a/incubator/unifi/5.2.4/Chart.lock +++ b/incubator/unifi/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:28:19.20778185Z" +generated: "2021-06-10T12:53:34.074672139Z" diff --git a/stable/collabora-online/5.2.6/Chart.lock b/stable/collabora-online/5.2.6/Chart.lock index fdb0a4e2b8c..e5aa9b79585 100644 --- a/stable/collabora-online/5.2.6/Chart.lock +++ b/stable/collabora-online/5.2.6/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:35.992933095Z" +generated: "2021-06-10T12:52:48.695578473Z" diff --git a/stable/deepstack-cpu/3.2.4/Chart.lock b/stable/deepstack-cpu/3.2.4/Chart.lock index 6a6de30ada6..4e62b1349d5 100644 --- a/stable/deepstack-cpu/3.2.4/Chart.lock +++ b/stable/deepstack-cpu/3.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:36.798421338Z" +generated: "2021-06-10T12:52:49.539255723Z" diff --git a/stable/emby/5.2.5/Chart.lock b/stable/emby/5.2.5/Chart.lock index 81fb2039f88..646e52c3436 100644 --- a/stable/emby/5.2.5/Chart.lock +++ b/stable/emby/5.2.5/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:37.568519027Z" +generated: "2021-06-10T12:52:50.368395456Z" diff --git a/stable/esphome/5.2.4/Chart.lock b/stable/esphome/5.2.4/Chart.lock index 1ef747af3ad..90cd46e75de 100644 --- a/stable/esphome/5.2.4/Chart.lock +++ b/stable/esphome/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:38.376409845Z" +generated: "2021-06-10T12:52:51.187139604Z" diff --git a/stable/handbrake/5.2.4/Chart.lock b/stable/handbrake/5.2.4/Chart.lock index bbf02f476c9..d7992b3c3a7 100644 --- a/stable/handbrake/5.2.4/Chart.lock +++ b/stable/handbrake/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:39.148805864Z" +generated: "2021-06-10T12:52:52.018685756Z" diff --git a/stable/home-assistant/5.2.5/Chart.lock b/stable/home-assistant/5.2.5/Chart.lock index e7671fbe40f..4d1d536de00 100644 --- a/stable/home-assistant/5.2.5/Chart.lock +++ b/stable/home-assistant/5.2.5/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:39.870729615Z" +generated: "2021-06-10T12:52:52.85166432Z" diff --git a/stable/jackett/5.2.7/Chart.lock b/stable/jackett/5.2.7/Chart.lock index 3a5fdc1c63d..56766fded33 100644 --- a/stable/jackett/5.2.7/Chart.lock +++ b/stable/jackett/5.2.7/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:40.584339527Z" +generated: "2021-06-10T12:52:53.682858069Z" diff --git a/stable/jackett/5.2.7/templates/common.yaml b/stable/jackett/5.2.7/templates/common.yaml index a6613c2ce21..9fc1b544f82 100644 --- a/stable/jackett/5.2.7/templates/common.yaml +++ b/stable/jackett/5.2.7/templates/common.yaml @@ -1 +1,2 @@ -{{ include "common.all" . }} + {{- include "common.values.setup" . }} + {{- include "common.pvc" . }} diff --git a/stable/jellyfin/5.2.4/Chart.lock b/stable/jellyfin/5.2.4/Chart.lock index 62de4e90097..a679787fa9c 100644 --- a/stable/jellyfin/5.2.4/Chart.lock +++ b/stable/jellyfin/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:41.381149228Z" +generated: "2021-06-10T12:52:54.453747628Z" diff --git a/stable/kms/5.2.4/Chart.lock b/stable/kms/5.2.4/Chart.lock index a6fef10442f..d513fb4dedf 100644 --- a/stable/kms/5.2.4/Chart.lock +++ b/stable/kms/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:42.127564965Z" +generated: "2021-06-10T12:52:55.284970111Z" diff --git a/stable/lidarr/5.2.4/Chart.lock b/stable/lidarr/5.2.4/Chart.lock index e344da808b5..609af274511 100644 --- a/stable/lidarr/5.2.4/Chart.lock +++ b/stable/lidarr/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:42.840548137Z" +generated: "2021-06-10T12:52:56.097074251Z" diff --git a/stable/ombi/5.2.6/Chart.lock b/stable/ombi/5.2.6/Chart.lock index d3ec34f6d6e..5ce5feda26a 100644 --- a/stable/ombi/5.2.6/Chart.lock +++ b/stable/ombi/5.2.6/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:43.536154883Z" +generated: "2021-06-10T12:52:57.055495108Z" diff --git a/stable/plex/4.2.4/Chart.lock b/stable/plex/4.2.4/Chart.lock index b08191c9fa2..afd6e78e4a2 100644 --- a/stable/plex/4.2.4/Chart.lock +++ b/stable/plex/4.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:44.302730326Z" +generated: "2021-06-10T12:52:57.859508392Z" diff --git a/stable/radarr/5.2.6/Chart.lock b/stable/radarr/5.2.6/Chart.lock index 4176e0df5fd..14c8b170250 100644 --- a/stable/radarr/5.2.6/Chart.lock +++ b/stable/radarr/5.2.6/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:45.050827671Z" +generated: "2021-06-10T12:52:58.694598491Z" diff --git a/stable/sonarr/5.2.4/Chart.lock b/stable/sonarr/5.2.4/Chart.lock index 21b57c39510..d941621b739 100644 --- a/stable/sonarr/5.2.4/Chart.lock +++ b/stable/sonarr/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:45.847256571Z" +generated: "2021-06-10T12:52:59.490941522Z" diff --git a/stable/syncthing/5.3.5/Chart.lock b/stable/syncthing/5.3.5/Chart.lock index 779b5abaac8..e7ba57fc894 100644 --- a/stable/syncthing/5.3.5/Chart.lock +++ b/stable/syncthing/5.3.5/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:46.558924802Z" +generated: "2021-06-10T12:53:00.312151626Z" diff --git a/stable/tautulli/5.2.4/Chart.lock b/stable/tautulli/5.2.4/Chart.lock index 4e2ece55475..43bacea7280 100644 --- a/stable/tautulli/5.2.4/Chart.lock +++ b/stable/tautulli/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:47.283397532Z" +generated: "2021-06-10T12:53:01.13920387Z" diff --git a/stable/traefik/5.0.0/CONFIG.md b/stable/traefik/5.0.0/CONFIG.md new file mode 100644 index 00000000000..6d760c18421 --- /dev/null +++ b/stable/traefik/5.0.0/CONFIG.md @@ -0,0 +1,8 @@ +# Configuration Options + +##### Connecting to other apps +If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Together" guide: +https://truecharts.org/manual/linking/ + +##### Available config options +In the future this page is going to contain an automated list of options available in the installation/edit UI. diff --git a/stable/traefik/5.0.0/Chart.lock b/stable/traefik/5.0.0/Chart.lock new file mode 100644 index 00000000000..a06482270ff --- /dev/null +++ b/stable/traefik/5.0.0/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: https://truecharts.org/ + version: 3.5.8 +digest: sha256:3971287359f37fa19d595fdaebb5f719657f6cf61a53db51f00004cd30e82073 +generated: "2021-06-10T12:53:01.945854572Z" diff --git a/stable/traefik/5.0.0/Chart.yaml b/stable/traefik/5.0.0/Chart.yaml new file mode 100644 index 00000000000..37b474cd874 --- /dev/null +++ b/stable/traefik/5.0.0/Chart.yaml @@ -0,0 +1,28 @@ +apiVersion: v2 +appVersion: "2.4" +dependencies: +- name: common + repository: https://truecharts.org/ + version: 3.5.8 +deprecated: false +description: A Traefik based Reverse Proxy and Certificate Manager +home: https://github.com/truecharts/apps/tree/master/charts/stable/traefik +icon: https://raw.githubusercontent.com/traefik/traefik/v2.3/docs/content/assets/img/traefik.logo.png +keywords: +- traefik +- ingress +kubeVersion: '>=1.16.0-0' +maintainers: +- email: info@truecharts.org + name: TrueCharts + url: truecharts.org +- email: kjeld@schouten-lebbing.nl + name: Ornias1993 + url: truecharts.org +name: traefik +sources: +- https://github.com/traefik/traefik +- https://github.com/traefik/traefik-helm-chart +- https://traefik.io/ +type: application +version: 5.0.0 diff --git a/stable/traefik/5.0.0/LICENSE b/stable/traefik/5.0.0/LICENSE new file mode 100644 index 00000000000..907ff83212c --- /dev/null +++ b/stable/traefik/5.0.0/LICENSE @@ -0,0 +1,202 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2020 Containous + Copyright 2020 Traefik Labs + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/stable/traefik/5.0.0/README.md b/stable/traefik/5.0.0/README.md new file mode 100644 index 00000000000..6af83a1ddaa --- /dev/null +++ b/stable/traefik/5.0.0/README.md @@ -0,0 +1,57 @@ +# Introduction + +![Version: 3.2.3](https://img.shields.io/badge/Version-3.2.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: auto](https://img.shields.io/badge/AppVersion-auto-informational?style=flat-square) + +A Traefik based Reverse Proxy and Certificate Manager + +TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation. +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)** + +## Source Code + +* +* +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://helm.traefik.io/traefik | traefik | 9.19.0 | +| https://truecharts.org/ | common | 3.5.5 | + +## Installing the Chart + +To install the chart with the release name `traefik` + +- Open TrueNAS SCALE +- Go to Apps +- Click "Install" for this specific Apps +- Fill out the configuration form + +## Uninstalling the Chart + +To uninstall the `traefik` deployment + +- Open TrueNAS SCALE +- Go to Apps +- Go to "Installed Apps" +- Expand the menu in the top-right corner of this App +- Click "Remove" for this specific Apps + +The command removes all the Kubernetes components associated with the chart **including storage volumes** _(Except hostPath Storage)_ and deletes the release. + +## Support + +- See the [Wiki](https://truecharts.org) +- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) +- Ask a [question](https://github.com/truecharts/apps/discussions) + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) +All Rights Reserved - The TrueCharts Project diff --git a/stable/traefik/5.0.0/app-readme.md b/stable/traefik/5.0.0/app-readme.md new file mode 100644 index 00000000000..753f84f7068 --- /dev/null +++ b/stable/traefik/5.0.0/app-readme.md @@ -0,0 +1,3 @@ +A Traefik based Reverse Proxy and Certificate Manager +This App is supplied by TrueCharts, for more information please visit https://truecharts.org +A Traefik based Reverse Proxy and Certificate Manager diff --git a/stable/traefik/5.0.0/charts/common-3.5.8.tgz b/stable/traefik/5.0.0/charts/common-3.5.8.tgz new file mode 100644 index 00000000000..af4992544b0 Binary files /dev/null and b/stable/traefik/5.0.0/charts/common-3.5.8.tgz differ diff --git a/stable/traefik/5.0.0/crds/ingressroute.yaml b/stable/traefik/5.0.0/crds/ingressroute.yaml new file mode 100644 index 00000000000..9422be3c878 --- /dev/null +++ b/stable/traefik/5.0.0/crds/ingressroute.yaml @@ -0,0 +1,12 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ingressroutes.traefik.containo.us +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: IngressRoute + plural: ingressroutes + singular: ingressroute + scope: Namespaced diff --git a/stable/traefik/5.0.0/crds/ingressroutetcp.yaml b/stable/traefik/5.0.0/crds/ingressroutetcp.yaml new file mode 100644 index 00000000000..b50eb9dcc46 --- /dev/null +++ b/stable/traefik/5.0.0/crds/ingressroutetcp.yaml @@ -0,0 +1,12 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ingressroutetcps.traefik.containo.us +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: IngressRouteTCP + plural: ingressroutetcps + singular: ingressroutetcp + scope: Namespaced diff --git a/stable/traefik/5.0.0/crds/ingressrouteudp.yaml b/stable/traefik/5.0.0/crds/ingressrouteudp.yaml new file mode 100644 index 00000000000..d7c2624b576 --- /dev/null +++ b/stable/traefik/5.0.0/crds/ingressrouteudp.yaml @@ -0,0 +1,13 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ingressrouteudps.traefik.containo.us + +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: IngressRouteUDP + plural: ingressrouteudps + singular: ingressrouteudp + scope: Namespaced diff --git a/stable/traefik/5.0.0/crds/middlewares.yaml b/stable/traefik/5.0.0/crds/middlewares.yaml new file mode 100644 index 00000000000..513b36f5d8a --- /dev/null +++ b/stable/traefik/5.0.0/crds/middlewares.yaml @@ -0,0 +1,12 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: middlewares.traefik.containo.us +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: Middleware + plural: middlewares + singular: middleware + scope: Namespaced diff --git a/stable/traefik/5.0.0/crds/serverstransports.yaml b/stable/traefik/5.0.0/crds/serverstransports.yaml new file mode 100644 index 00000000000..689a57f71bd --- /dev/null +++ b/stable/traefik/5.0.0/crds/serverstransports.yaml @@ -0,0 +1,12 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: serverstransports.traefik.containo.us +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: ServersTransport + plural: serverstransports + singular: serverstransport + scope: Namespaced diff --git a/stable/traefik/5.0.0/crds/tlsoptions.yaml b/stable/traefik/5.0.0/crds/tlsoptions.yaml new file mode 100644 index 00000000000..a0c2573fb93 --- /dev/null +++ b/stable/traefik/5.0.0/crds/tlsoptions.yaml @@ -0,0 +1,12 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: tlsoptions.traefik.containo.us +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: TLSOption + plural: tlsoptions + singular: tlsoption + scope: Namespaced diff --git a/stable/traefik/5.0.0/crds/tlsstores.yaml b/stable/traefik/5.0.0/crds/tlsstores.yaml new file mode 100644 index 00000000000..f9a40052ba6 --- /dev/null +++ b/stable/traefik/5.0.0/crds/tlsstores.yaml @@ -0,0 +1,13 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: tlsstores.traefik.containo.us + +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: TLSStore + plural: tlsstores + singular: tlsstore + scope: Namespaced diff --git a/stable/traefik/5.0.0/crds/traefikservices.yaml b/stable/traefik/5.0.0/crds/traefikservices.yaml new file mode 100644 index 00000000000..59fa4839477 --- /dev/null +++ b/stable/traefik/5.0.0/crds/traefikservices.yaml @@ -0,0 +1,12 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: traefikservices.traefik.containo.us +spec: + group: traefik.containo.us + version: v1alpha1 + names: + kind: TraefikService + plural: traefikservices + singular: traefikservice + scope: Namespaced diff --git a/stable/traefik/5.0.0/ix_values.yaml b/stable/traefik/5.0.0/ix_values.yaml new file mode 100644 index 00000000000..7bae09f16bc --- /dev/null +++ b/stable/traefik/5.0.0/ix_values.yaml @@ -0,0 +1,316 @@ +# Default values for Traefik +image: + name: traefik + # defaults to appVersion + tag: v2.4 + pullPolicy: IfNotPresent + +# +# Configure the deployment +# +deployment: + enabled: true + # Can be either Deployment or DaemonSet + kind: Deployment + # Number of pods of the deployment (only applies when kind == Deployment) + replicas: 1 + # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) + annotations: {} + # Additional deployment labels (e.g. for filtering deployment by custom labels) + labels: {} + # Additional pod annotations (e.g. for mesh injection or prometheus scraping) + podAnnotations: {} + # Additional Pod labels (e.g. for filtering Pod by custom labels) + podLabels: {} + # Additional containers (e.g. for metric offloading sidecars) + additionalContainers: [] + # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host + # - name: socat-proxy + # image: alpine/socat:1.0.5 + # args: ["-s", "-u", "udp-recv:8125", "unix-sendto:/socket/socket"] + # volumeMounts: + # - name: dsdsocket + # mountPath: /socket + # Additional volumes available for use with initContainers and additionalContainers + additionalVolumes: [] + # - name: dsdsocket + # hostPath: + # path: /var/run/statsd-exporter + # Additional initContainers (e.g. for setting file permission as shown below) + initContainers: [] + # The "volume-permissions" init container is required if you run into permission issues. + # Related issue: https://github.com/traefik/traefik/issues/6972 + # - name: volume-permissions + # image: busybox:1.31.1 + # command: ["sh", "-c", "chmod -Rv 600 /data/*"] + # volumeMounts: + # - name: data + # mountPath: /data + # Custom pod DNS policy. Apply if `hostNetwork: true` + # dnsPolicy: ClusterFirstWithHostNet + # Additional imagePullSecrets + imagePullSecrets: [] + # - name: myRegistryKeySecretName + +# Pod disruption budget +podDisruptionBudget: + enabled: false + # maxUnavailable: 1 + # minAvailable: 0 + +# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x +ingressClass: + # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 + enabled: false + isDefaultClass: false + # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" + fallbackApiVersion: + +# Activate Pilot integration +pilot: + enabled: false + token: "" + # Toggle Pilot Dashboard + # dashboard: false + +# Enable experimental features +experimental: + plugins: + enabled: false + kubernetesGateway: + enabled: false + appLabelSelector: "traefik" + certificates: [] + # - group: "core" + # kind: "Secret" + # name: "mysecret" + +# Create an IngressRoute for the dashboard +ingressRoute: + dashboard: + enabled: true + # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) + annotations: {} + # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) + labels: {} + +rollingUpdate: + maxUnavailable: 1 + maxSurge: 1 + + +# +# Configure providers +# +providers: + kubernetesCRD: + enabled: true + namespaces: [] + # - "default" + kubernetesIngress: + enabled: true + # labelSelector: environment=production,method=traefik + namespaces: [] + # - "default" + # IP used for Kubernetes Ingress endpoints + publishedService: + enabled: false + # Published Kubernetes Service to copy status from. Format: namespace/servicename + # By default this Traefik service + # pathOverride: "" + +# +# Add volumes to the traefik pod. The volume name will be passed to tpl. +# This can be used to mount a cert pair or a configmap that holds a config.toml file. +# After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: +# additionalArguments: +# - "--providers.file.filename=/config/dynamic.toml" +# - "--ping" +# - "--ping.entrypoint=web" +volumes: [] +# - name: public-cert +# mountPath: "/certs" +# type: secret +# - name: '{{ printf "%s-configs" .Release.Name }}' +# mountPath: "/config" +# type: configMap + +# Additional volumeMounts to add to the Traefik container +additionalVolumeMounts: [] + # For instance when using a logshipper for access logs + # - name: traefik-logs + # mountPath: /var/log/traefik + +# Logs +# https://docs.traefik.io/observability/logs/ +logs: + # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). + general: + # By default, the logs use a text format (common), but you can + # also ask for the json format in the format option + # format: json + # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. + level: INFO + access: + # To enable access logs + enabled: false + # By default, logs are written using the Common Log Format (CLF). + # To write logs in JSON, use json in the format option. + # If the given format is unsupported, the default (CLF) is used instead. + # format: json + # To write the logs in an asynchronous fashion, specify a bufferingSize option. + # This option represents the number of log lines Traefik will keep in memory before writing + # them to the selected output. In some cases, this option can greatly help performances. + # bufferingSize: 100 + # Filtering https://docs.traefik.io/observability/access-logs/#filtering + filters: {} + # statuscodes: "200,300-302" + # retryattempts: true + # minduration: 10ms + # Fields + # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers + fields: + general: + defaultmode: keep + names: {} + # Examples: + # ClientUsername: drop + headers: + defaultmode: drop + names: {} + # Examples: + # User-Agent: redact + # Authorization: drop + # Content-Type: keep + +globalArguments: + - "--global.checknewversion" + +# +# Configure Traefik static configuration +# Additional arguments to be passed at Traefik's binary +# All available options available on https://docs.traefik.io/reference/static-configuration/cli/ +## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` +additionalArguments: + - "--metrics.prometheus" + - "--ping" + - "--serverstransport.insecureskipverify=true" + +# Environment variables to be passed to Traefik's binary +env: [] +# - name: SOME_VAR +# value: some-var-value +# - name: SOME_VAR_FROM_CONFIG_MAP +# valueFrom: +# configMapRef: +# name: configmap-name +# key: config-key +# - name: SOME_SECRET +# valueFrom: +# secretKeyRef: +# name: secret-name +# key: secret-key + +envFrom: [] + +# TLS Options are created as TLSOption CRDs +# https://doc.traefik.io/traefik/https/tls/#tls-options +# Example: +tlsOptions: + default: + sniStrict: false + minVersion: VersionTLS12 + curvePreferences: + - CurveP521 + - CurveP384 + cipherSuites: + - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 + - TLS_AES_128_GCM_SHA256 + - TLS_AES_256_GCM_SHA384 + - TLS_CHACHA20_POLY1305_SHA256 + +# Options for the main traefik service, where the entrypoints traffic comes +# from. +service: + enabled: true + type: LoadBalancer + # Additional annotations (e.g. for cloud provider specific config) + annotations: {} + # Additional service labels (e.g. for filtering Service by custom labels) + labels: {} + # Additional entries here will be added to the service spec. Cannot contains + # type, selector or ports entries. + spec: {} + # externalTrafficPolicy: Cluster + # loadBalancerIP: "1.2.3.4" + # clusterIP: "2.3.4.5" + loadBalancerSourceRanges: [] + # - 192.168.0.1/32 + # - 172.16.0.0/16 + externalIPs: [] + # - 1.2.3.4 + +## Create HorizontalPodAutoscaler object. +## +autoscaling: + enabled: false +# minReplicas: 1 +# maxReplicas: 10 +# metrics: +# - type: Resource +# resource: +# name: cpu +# targetAverageUtilization: 60 +# - type: Resource +# resource: +# name: memory +# targetAverageUtilization: 60 + +# Whether Role Based Access Control objects like roles and rolebindings should be created +rbac: + enabled: true + + # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. + # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace + namespaced: false + +# Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding +podSecurityPolicy: + enabled: false + +# The service account the pods will use to interact with the Kubernetes API +serviceAccount: + # If set, an existing service account is used + # If not set, a service account is created automatically using the fullname template + name: "" + +# Additional serviceAccount annotations (e.g. for oidc authentication) +serviceAccountAnnotations: {} + +affinity: {} +# # This example pod anti-affinity forces the scheduler to put traefik pods +# # on nodes where no other traefik pods are scheduled. +# # It should be used when hostNetwork: true to prevent port conflicts +# podAntiAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# - labelSelector: +# matchExpressions: +# - key: app +# operator: In +# values: +# - {{ template "traefik.name" . }} +# topologyKey: failure-domain.beta.kubernetes.io/zone +nodeSelector: {} +tolerations: [] + +# Pods can have priority. +# Priority indicates the importance of a Pod relative to other Pods. +priorityClassName: "" + +# Set the container security context +# To run the container with ports below 1024 this will need to be adjust to run as root +securityContext: + capabilities: + drop: [ALL] diff --git a/stable/traefik/5.0.0/questions.yaml b/stable/traefik/5.0.0/questions.yaml new file mode 100644 index 00000000000..e1a4fb626ae --- /dev/null +++ b/stable/traefik/5.0.0/questions.yaml @@ -0,0 +1,339 @@ +groups: + - name: "Container Image" + description: "Image to be used for container" + - name: "Controller" + description: "Configure workload deployment" + - name: "Container Configuration" + description: "additional container configuration" + - name: "App Configuration" + description: "App specific config options" + - name: "Networking and Services" + description: "Configure Network and Services for container" + - name: "Storage and Persistence" + description: "Persist and share data that is separate from the container" + - name: "Ingress" + description: "Ingress Configuration" + - name: "Security and Permissions" + description: "Configure security context and permissions" + - name: "Resources and Devices" + description: "Specify resources/devices to be allocated to workload" + - name: "Advanced" + description: "Advanced Configuration" +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: true + + - variable: hostNetwork + group: "Networking and Services" + label: "Enable Host Networking" + schema: + type: boolean + default: false + + - variable: ports + label: "(Advanced) Traefik Entrypoints" + group: "Networking and Services" + schema: + type: dict + attrs: + - variable: traefik + label: "traefik internal" + schema: + type: dict + attrs: + - variable: port + label: "Internal Port" + description: "(advanced) Port inside the container network" + schema: + type: int + required: true + hidden: true + default: 9000 + - variable: expose + label: "Expose to Outside" + description: "Port to the outside of all(!) nodes" + schema: + type: boolean + default: true + - variable: exposedPort + label: "Outside Port" + description: "Port on the outside" + schema: + type: int + show_if: [["expose", "=", true]] + default: 9000 + - variable: protocol + label: "Protocol" + description: "TCP or UDP reverse proxying?" + schema: + type: string + default: "TCP" + - variable: web + label: "web" + schema: + type: dict + attrs: + - variable: port + label: "Internal Port" + description: "(advanced) Port inside the container network" + schema: + type: int + required: true + hidden: true + default: 9080 + - variable: expose + label: "Expose to Outside" + description: "Port to the outside of all(!) nodes" + schema: + type: boolean + default: true + - variable: exposedPort + label: "Outside Port" + description: "Port to the outside of all(!) nodes" + schema: + type: int + show_if: [["expose", "=", true]] + required: true + default: 9080 + - variable: protocol + label: "Protocol" + description: "TCP or UDP reverse proxying?" + schema: + type: string + required: true + default: "TCP" + hidden: true + - variable: redirectEnable + label: "Enable Redirect" + schema: + type: boolean + default: true + show_subquestions_if: true + subquestions: + - variable: redirectTo + label: "Target Entrypoint" + description: "Select the Target Entrypoint to redirect to" + schema: + type: string + required: true + default: "websecure" + - variable: websecure + label: "websecure" + schema: + type: dict + attrs: + - variable: port + label: "Internal Port" + description: "(advanced) Port inside the container network" + schema: + type: int + required: true + hidden: true + default: 9443 + - variable: expose + label: "Expose to Outside" + description: "Port to the outside of all(!) nodes" + schema: + type: boolean + default: true + - variable: exposedPort + label: "Outside Port" + description: "Port to the outside of all(!) nodes" + schema: + type: int + show_if: [["expose", "=", true]] + required: true + default: 9443 + - variable: protocol + label: "Protocol" + description: "TCP or UDP reverse proxying?" + schema: + type: string + required: true + default: "TCP" + hidden: true + + ## TrueCharts Specific + - variable: persistence + label: "Integrated Persistent Storage" + group: "Storage and Persistence" + schema: + type: dict + attrs: + - variable: config + label: "App Config Storage" + description: "Stores the Application Configuration." + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + - variable: storageClass + label: "Type of Storage" + description: " Warning: Anything other than SCALE-ZFS will break rollback!" + schema: + type: string + default: "SCALE-ZFS" + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "/data" + hidden: true + - variable: emptyDir + label: "EmptyDir Volume" + schema: + type: dict + attrs: + - variable: enabled + label: "Use emptyDir volume" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: medium + label: "EmptyDir Medium" + schema: + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "Memory" + description: "Memory" + - variable: accessMode + label: "Access Mode (Advanced)" + description: "Allow or disallow multiple PVC's writhing to the same PVC" + schema: + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: size + label: "Size quotum of storage" + schema: + type: string + default: "1Gi" + + + - variable: securityContext + group: "Security and Permissions" + label: "Security Context" + schema: + type: dict + attrs: + - variable: privileged + label: "Enable privileged mode for Common-Chart based charts" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: true + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 65532 + - variable: runAsGroup + label: "runAsGroup" + description: The groupID this App of the user running the application" + schema: + type: int + default: 65532 + + + + - variable: podSecurityContext + group: "Security and Permissions" + label: "Pod Security Context" + schema: + type: dict + attrs: + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 65532 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: "OnRootMismatch" + enum: + - value: "OnRootMismatch" + description: "OnRootMismatch" + - value: "Always" + description: "Always" + + - variable: resources + group: "Resources and Devices" + label: "" + schema: + type: dict + attrs: + - variable: limits + label: "Advanced Limit Resource Consumption" + schema: + type: dict + attrs: + - variable: cpu + label: "CPU" + schema: + type: string + default: "2000m" + - variable: memory + label: "Memory RAM" + schema: + type: string + default: "2Gi" + - variable: requests + label: "Advanced Request minimum resources required" + schema: + type: dict + attrs: + - variable: cpu + label: "CPU" + schema: + type: string + default: "10m" + - variable: memory + label: "Memory RAM" + schema: + type: string + default: "50Mi" diff --git a/stable/traefik/5.0.0/templates/_helpers.tpl b/stable/traefik/5.0.0/templates/_helpers.tpl new file mode 100644 index 00000000000..f7b055fa82e --- /dev/null +++ b/stable/traefik/5.0.0/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "traefik.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "traefik.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "traefik.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +The name of the service account to use +*/}} +{{- define "traefik.serviceAccountName" -}} +{{- default (include "traefik.fullname" .) .Values.serviceAccount.name -}} +{{- end -}} + +{{/* +Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice. +By convention this will simply use the / to match the name of the +service generated. +Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride` +*/}} +{{- define "providers.kubernetesIngress.publishedServicePath" -}} +{{- $defServiceName := printf "%s/%s" .Release.Namespace (include "traefik.fullname" .) -}} +{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }} +{{- print $servicePath | trimSuffix "-" -}} +{{- end -}} + +{{/* +Construct a comma-separated list of whitelisted namespaces +*/}} +{{- define "providers.kubernetesIngress.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }} +{{- end -}} +{{- define "providers.kubernetesCRD.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/_podtemplate.tpl b/stable/traefik/5.0.0/templates/_podtemplate.tpl new file mode 100644 index 00000000000..9e8fe8aca34 --- /dev/null +++ b/stable/traefik/5.0.0/templates/_podtemplate.tpl @@ -0,0 +1,265 @@ +{{- define "traefik.podTemplate" }} + metadata: + annotations: + {{- with .Values.deployment.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- with .Values.deployment.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.deployment.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "traefik.serviceAccountName" . }} + terminationGracePeriodSeconds: 60 + hostNetwork: {{ .Values.hostNetwork }} + {{- with .Values.deployment.dnsPolicy }} + dnsPolicy: {{ . }} + {{- end }} + {{- with .Values.deployment.initContainers }} + initContainers: + {{- toYaml . | nindent 6 }} + {{- end }} + containers: + - image: "{{ .Values.image.name }}:{{ default .Chart.AppVersion .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + name: {{ template "traefik.fullname" . }} + resources: + {{- with .Values.resources }} + {{- toYaml . | nindent 10 }} + {{- end }} + readinessProbe: + httpGet: + path: /ping + port: {{ default .Values.ports.traefik.port .Values.ports.traefik.healthchecksPort }} + failureThreshold: 1 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + livenessProbe: + httpGet: + path: /ping + port: {{ default .Values.ports.traefik.port .Values.ports.traefik.healthchecksPort }} + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 2 + ports: + {{- range $name, $config := .Values.ports }} + {{- if $config }} + - name: {{ $name | quote }} + containerPort: {{ $config.port }} + {{- if $config.hostPort }} + hostPort: {{ $config.hostPort }} + {{- end }} + {{- if $config.hostIP }} + hostIP: {{ $config.hostIP }} + {{- end }} + protocol: {{ default "TCP" $config.protocol | quote }} + {{- end }} + {{- end }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 10 }} + {{- end }} + volumeMounts: + - name: {{ .Values.persistence.name }} + mountPath: {{ .Values.persistence.path }} + {{- if .Values.persistence.subPath }} + subPath: {{ .Values.persistence.subPath }} + {{- end }} + - name: tmp + mountPath: /tmp + {{- $root := . }} + {{- range .Values.volumes }} + - name: {{ tpl (.name) $root }} + mountPath: {{ .mountPath }} + readOnly: true + {{- end }} + {{- if .Values.experimental.plugins.enabled }} + - name: plugins + mountPath: "/plugins-storage" + {{- end }} + {{- if .Values.additionalVolumeMounts }} + {{- toYaml .Values.additionalVolumeMounts | nindent 10 }} + {{- end }} + args: + {{- with .Values.globalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- range $name, $config := .Values.ports }} + {{- if $config }} + - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}" + {{- end }} + {{- end }} + - "--api.dashboard=true" + - "--ping=true" + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress" + {{- if and .Values.service.enabled .Values.providers.kubernetesIngress.publishedService.enabled }} + - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.labelSelector }} + - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}" + {{- end }} + {{- end }} + {{- if .Values.experimental.kubernetesGateway.enabled }} + - "--providers.kubernetesgateway" + - "--experimental.kubernetesgateway" + {{- end }} + {{- if and .Values.rbac.enabled .Values.rbac.namespaced }} + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}" + {{- end }} + {{- end }} + {{- range $entrypoint, $config := $.Values.ports }} + {{- if $config.redirectTo }} + {{- $toPort := index $.Values.ports $config.redirectTo }} + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.exposedPort }}" + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" + {{- end }} + {{- if $config.tls }} + {{- if $config.tls.enabled }} + - "--entrypoints.{{ $entrypoint }}.http.tls=true" + {{- if $config.tls.options }} + - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}" + {{- end }} + {{- if $config.tls.certResolver }} + - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}" + {{- end }} + {{- if $config.tls.domains }} + {{- range $index, $domain := $config.tls.domains }} + {{- if $domain.main }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}" + {{- end }} + {{- if $domain.sans }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}" + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.logs }} + {{- if .general.format }} + - "--log.format={{ .general.format }}" + {{- end }} + {{- if ne .general.level "ERROR" }} + - "--log.level={{ .general.level | upper }}" + {{- end }} + {{- if .access.enabled }} + - "--accesslog=true" + {{- if .access.format }} + - "--accesslog.format={{ .access.format }}" + {{- end }} + {{- if .access.bufferingsize }} + - "--accesslog.bufferingsize={{ .access.bufferingsize }}" + {{- end }} + {{- if .access.filters }} + {{- if .access.filters.statuscodes }} + - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}" + {{- end }} + {{- if .access.filters.retryattempts }} + - "--accesslog.filters.retryattempts" + {{- end }} + {{- if .access.filters.minduration }} + - "--accesslog.filters.minduration={{ .access.filters.minduration }}" + {{- end }} + {{- end }} + - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.general.names }} + - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.headers.names }} + - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.pilot.enabled }} + - "--pilot.token={{ .Values.pilot.token }}" + {{- end }} + {{- if hasKey .Values.pilot "dashboard" }} + - "--pilot.dashboard={{ .Values.pilot.dashboard }}" + {{- end }} + {{- with .Values.additionalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- with .Values.env }} + env: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.envFrom }} + envFrom: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- if .Values.deployment.additionalContainers }} + {{- toYaml .Values.deployment.additionalContainers | nindent 6 }} + {{- end }} + volumes: + - name: {{ .Values.persistence.name }} + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ default (include "traefik.fullname" .) .Values.persistence.existingClaim }} + {{- else }} + emptyDir: {} + {{- end }} + - name: tmp + emptyDir: {} + {{- $root := . }} + {{- range .Values.volumes }} + - name: {{ tpl (.name) $root }} + {{- if eq .type "secret" }} + secret: + secretName: {{ tpl (.name) $root }} + {{- else if eq .type "configMap" }} + configMap: + name: {{ tpl (.name) $root }} + {{- end }} + {{- end }} + {{- if .Values.deployment.additionalVolumes }} + {{- toYaml .Values.deployment.additionalVolumes | nindent 8 }} + {{- end }} + {{- if .Values.experimental.plugins.enabled }} + - name: plugins + emptyDir: {} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + {{- with .Values.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} +{{ end -}} diff --git a/stable/traefik/5.0.0/templates/custom/common.yaml b/stable/traefik/5.0.0/templates/custom/common.yaml new file mode 100644 index 00000000000..e69de29bb2d diff --git a/stable/traefik/5.0.0/templates/custom/portal.yaml b/stable/traefik/5.0.0/templates/custom/portal.yaml new file mode 100644 index 00000000000..44b48e77d49 --- /dev/null +++ b/stable/traefik/5.0.0/templates/custom/portal.yaml @@ -0,0 +1,44 @@ +{{- if .Values.portal }} +{{- if .Values.portal.enabled }} +{{- $ingr := dict -}} +{{- $host := "$node_ip" }} +{{- $port := 443 }} +{{- $protocol := "https" }} +{{- $portProtocol := "" }} +{{- $path := "/" }} + +{{- if $ingr }} + {{- if $ingr.enabled }} + {{- range $ingr.hosts }} + {{- if .hostTpl }} + {{ $host = ( tpl .hostTpl $ ) }} + {{- else if .host }} + {{ $host = .host }} + {{- else }} + {{ $host = "$node_ip" }} + {{- end }} + {{- if .paths }} + {{- $path = (first .paths).path }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} + +{{- if eq $host "$node_ip" }} + {{- $port = .Values.ports.traefik.exposedPort }} +{{- end }} + +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + protocol: {{ $protocol }} + host: {{ $host | quote }} + port: {{ $port | quote }} + path: {{ $path | quote }} + url: {{ ( printf "%v://%v:%v%v" $protocol $host $port $path ) | quote }} +{{- end }} +{{- end }} diff --git a/stable/traefik/5.0.0/templates/daemonset.yaml b/stable/traefik/5.0.0/templates/daemonset.yaml new file mode 100644 index 00000000000..469e105c358 --- /dev/null +++ b/stable/traefik/5.0.0/templates/daemonset.yaml @@ -0,0 +1,40 @@ +{{- if and .Values.deployment.enabled (eq .Values.deployment.kind "DaemonSet") -}} + {{- with .Values.additionalArguments -}} + {{- range . -}} + {{- if contains ".acme." . -}} + {{- fail (printf "ACME functionality is not supported when running Traefik as a DaemonSet") -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- if eq (default .Chart.AppVersion .Values.image.tag) "latest" }} + {{- fail "\n\n ERROR: latest tag should not be used" }} + {{- end }} + +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- with .Values.deployment.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + annotations: + {{- with .Values.deployment.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + updateStrategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: {{ .Values.rollingUpdate.maxUnavailable }} + template: {{ template "traefik.podTemplate" . }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/dashboard-hook-ingressroute.yaml b/stable/traefik/5.0.0/templates/dashboard-hook-ingressroute.yaml new file mode 100644 index 00000000000..ec278c26910 --- /dev/null +++ b/stable/traefik/5.0.0/templates/dashboard-hook-ingressroute.yaml @@ -0,0 +1,28 @@ +{{- if .Values.ingressRoute.dashboard.enabled -}} +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: {{ template "traefik.fullname" . }}-dashboard + annotations: + helm.sh/hook: "post-install,post-upgrade" + {{- with .Values.ingressRoute.dashboard.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- with .Values.ingressRoute.dashboard.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + entryPoints: + - traefik + routes: + - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`) + kind: Rule + services: + - name: api@internal + kind: TraefikService +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/deployment.yaml b/stable/traefik/5.0.0/templates/deployment.yaml new file mode 100644 index 00000000000..494087cfd0a --- /dev/null +++ b/stable/traefik/5.0.0/templates/deployment.yaml @@ -0,0 +1,47 @@ +{{- if and .Values.deployment.enabled (eq .Values.deployment.kind "Deployment") -}} + {{- if gt (int .Values.deployment.replicas) 1 -}} + {{- with .Values.additionalArguments -}} + {{- range . -}} + {{- if contains ".acme." . -}} + {{- fail (printf "You can not enable acme if you set more than one traefik replica") -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- if eq (default .Chart.AppVersion .Values.image.tag) "latest" }} + {{- fail "\n\n ERROR: latest tag should not be used" }} + {{- end }} + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- with .Values.deployment.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + annotations: + {{- with .Values.deployment.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ default 1 .Values.deployment.replicas }} + {{- end }} + selector: + matchLabels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + strategy: + type: RollingUpdate + rollingUpdate: + {{- with .Values.rollingUpdate }} + {{- toYaml . | nindent 6 }} + {{- end }} + template: {{ template "traefik.podTemplate" . }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/gateway.yaml b/stable/traefik/5.0.0/templates/gateway.yaml new file mode 100644 index 00000000000..85194211fe5 --- /dev/null +++ b/stable/traefik/5.0.0/templates/gateway.yaml @@ -0,0 +1,33 @@ +{{- if .Values.experimental.kubernetesGateway.enabled }} +--- +apiVersion: networking.x-k8s.io/v1alpha1 +kind: Gateway +metadata: + name: traefik-gateway + namespace: default +spec: + gatewayClassName: traefik + listeners: + - port: {{ .Values.ports.web.port }} + protocol: HTTP + routes: + kind: HTTPRoute + selector: + matchLabels: + app: {{ .Values.experimental.kubernetesGateway.appLabelSelector }} + + {{- range $index, $cert:= .Values.experimental.kubernetesGateway.certificates }} + - port: {{ $.Values.ports.websecure.port }} + protocol: HTTPS + tls: + certificateRef: + name: {{ $cert.name }} + group: {{ $cert.group }} + kind: {{ $cert.kind }} + routes: + kind: HTTPRoute + selector: + matchLabels: + app: {{ $.Values.experimental.kubernetesGateway.appLabelSelector }} + {{- end }} +{{- end }} diff --git a/stable/traefik/5.0.0/templates/gatewayclass.yaml b/stable/traefik/5.0.0/templates/gatewayclass.yaml new file mode 100644 index 00000000000..61bf007db1e --- /dev/null +++ b/stable/traefik/5.0.0/templates/gatewayclass.yaml @@ -0,0 +1,9 @@ +{{- if .Values.experimental.kubernetesGateway.enabled }} +--- +kind: GatewayClass +apiVersion: networking.x-k8s.io/v1alpha1 +metadata: + name: traefik +spec: + controller: traefik.io/gateway-controller +{{- end }} diff --git a/stable/traefik/5.0.0/templates/hpa.yaml b/stable/traefik/5.0.0/templates/hpa.yaml new file mode 100644 index 00000000000..bf37117de6a --- /dev/null +++ b/stable/traefik/5.0.0/templates/hpa.yaml @@ -0,0 +1,20 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "traefik.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: +{{ toYaml .Values.autoscaling.metrics | indent 4 }} +{{- end }} diff --git a/stable/traefik/5.0.0/templates/ingressclass.yaml b/stable/traefik/5.0.0/templates/ingressclass.yaml new file mode 100644 index 00000000000..7c62458c82e --- /dev/null +++ b/stable/traefik/5.0.0/templates/ingressclass.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.ingressClass.enabled (semverCompare ">=2.3.0" (default .Chart.AppVersion .Values.image.tag)) -}} + {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }} +apiVersion: networking.k8s.io/v1 + {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }} +apiVersion: networking.k8s.io/v1beta1 + {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }} +apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }} + {{- else }} + {{- fail "\n\n ERROR: You must have atleast networking.k8s.io/v1beta1 to use ingressClass" }} + {{- end }} +kind: IngressClass +metadata: + annotations: + ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + name: {{ template "traefik.fullname" . }} +spec: + controller: traefik.io/ingress-controller +{{- end }} diff --git a/stable/traefik/5.0.0/templates/poddisruptionbudget.yaml b/stable/traefik/5.0.0/templates/poddisruptionbudget.yaml new file mode 100644 index 00000000000..9893e521759 --- /dev/null +++ b/stable/traefik/5.0.0/templates/poddisruptionbudget.yaml @@ -0,0 +1,22 @@ +{{- if .Values.podDisruptionBudget.enabled -}} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable | int }} + {{- end }} + {{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable | int }} + {{- end }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/rbac/clusterrole.yaml b/stable/traefik/5.0.0/templates/rbac/clusterrole.yaml new file mode 100644 index 00000000000..2c63e006414 --- /dev/null +++ b/stable/traefik/5.0.0/templates/rbac/clusterrole.yaml @@ -0,0 +1,112 @@ +{{- if and .Values.rbac.enabled (not .Values.rbac.namespaced) -}} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +rules: + - apiGroups: + - "" + resources: + - services + - endpoints + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - traefik.containo.us + resources: + - ingressroutes + - ingressroutetcps + - ingressrouteudps + - middlewares + - tlsoptions + - tlsstores + - traefikservices + - serverstransports + verbs: + - get + - list + - watch +{{- if .Values.podSecurityPolicy.enabled }} + - apiGroups: + - policy + resourceNames: + - {{ template "traefik.fullname" . }} + resources: + - podsecuritypolicies + verbs: + - use +{{- end -}} +{{- if .Values.experimental.kubernetesGateway.enabled }} + - apiGroups: + - networking.x-k8s.io + resources: + - gatewayclasses + - gatewayclasses/status + - gateways + verbs: + - get + - list + - watch + - apiGroups: + - networking.x-k8s.io + resources: + - gatewayclasses/status + verbs: + - get + - patch + - update + - apiGroups: + - networking.x-k8s.io + resources: + - gateways/status + verbs: + - get + - patch + - update + - apiGroups: + - networking.x-k8s.io + resources: + - httproutes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.x-k8s.io + resources: + - httproutes/status + verbs: + - get + - patch + - update +{{- end -}} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/rbac/clusterrolebinding.yaml b/stable/traefik/5.0.0/templates/rbac/clusterrolebinding.yaml new file mode 100644 index 00000000000..509e92ff2b7 --- /dev/null +++ b/stable/traefik/5.0.0/templates/rbac/clusterrolebinding.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.rbac.enabled (not .Values.rbac.namespaced) }} +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "traefik.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "traefik.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/rbac/podsecuritypolicy.yaml b/stable/traefik/5.0.0/templates/rbac/podsecuritypolicy.yaml new file mode 100644 index 00000000000..66bc1458d55 --- /dev/null +++ b/stable/traefik/5.0.0/templates/rbac/podsecuritypolicy.yaml @@ -0,0 +1,68 @@ +{{- if .Values.podSecurityPolicy.enabled }} +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: runtime/default + seccomp.security.alpha.kubernetes.io/defaultProfileName: runtime/default + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +spec: + privileged: false + allowPrivilegeEscalation: false + requiredDropCapabilities: + - ALL +{{- if not .Values.securityContext.runAsNonRoot }} + allowedCapabilities: + - NET_BIND_SERVICE +{{- end }} + hostNetwork: {{ .Values.hostNetwork }} + hostIPC: false + hostPID: false + fsGroup: +{{- if .Values.securityContext.runAsNonRoot }} + ranges: + - max: 65535 + min: 1 + rule: MustRunAs +{{- else }} + rule: RunAsAny +{{- end }} +{{- if .Values.hostNetwork }} + hostPorts: + - max: 65535 + min: 1 +{{- end }} + readOnlyRootFilesystem: true + runAsUser: +{{- if .Values.securityContext.runAsNonRoot }} + rule: MustRunAsNonRoot +{{- else }} + rule: RunAsAny +{{- end }} + seLinux: + rule: RunAsAny + supplementalGroups: +{{- if .Values.securityContext.runAsNonRoot }} + ranges: + - max: 65535 + min: 1 + rule: MustRunAs +{{- else }} + rule: RunAsAny +{{- end }} + volumes: + - configMap + - downwardAPI + - secret + - emptyDir + - projected +{{- if .Values.persistence.enabled }} + - persistentVolumeClaim +{{- end -}} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/rbac/role.yaml b/stable/traefik/5.0.0/templates/rbac/role.yaml new file mode 100644 index 00000000000..6c763065d6f --- /dev/null +++ b/stable/traefik/5.0.0/templates/rbac/role.yaml @@ -0,0 +1,61 @@ +{{- if and .Values.rbac.enabled .Values.rbac.namespaced }} +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +rules: + - apiGroups: + - "" + resources: + - services + - endpoints + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - extensions + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - traefik.containo.us + resources: + - ingressroutes + - ingressroutetcps + - ingressrouteudps + - middlewares + - tlsoptions + - tlsstores + - traefikservices + - serverstransports + verbs: + - get + - list + - watch +{{- if .Values.podSecurityPolicy.enabled }} + - apiGroups: + - extensions + resourceNames: + - {{ template "traefik.fullname" . }} + resources: + - podsecuritypolicies + verbs: + - use +{{- end -}} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/rbac/rolebinding.yaml b/stable/traefik/5.0.0/templates/rbac/rolebinding.yaml new file mode 100644 index 00000000000..10416401867 --- /dev/null +++ b/stable/traefik/5.0.0/templates/rbac/rolebinding.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.rbac.enabled .Values.rbac.namespaced }} +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "traefik.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "traefik.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/rbac/serviceaccount.yaml b/stable/traefik/5.0.0/templates/rbac/serviceaccount.yaml new file mode 100644 index 00000000000..bcc941eec95 --- /dev/null +++ b/stable/traefik/5.0.0/templates/rbac/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- if not .Values.serviceAccount.name -}} +kind: ServiceAccount +apiVersion: v1 +metadata: + name: {{ include "traefik.serviceAccountName" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + annotations: + {{- with .Values.serviceAccountAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/service.yaml b/stable/traefik/5.0.0/templates/service.yaml new file mode 100644 index 00000000000..aa9f418ae06 --- /dev/null +++ b/stable/traefik/5.0.0/templates/service.yaml @@ -0,0 +1,112 @@ +{{- if .Values.service.enabled -}} + +{{ $tcpPorts := dict }} +{{ $udpPorts := dict }} +{{- range $name, $config := .Values.ports }} + {{- if eq (toString $config.protocol) "UDP" }} + {{ $_ := set $udpPorts $name $config }} + {{- else }} + {{ $_ := set $tcpPorts $name $config }} + {{- end }} +{{- end }} + +apiVersion: v1 +kind: List +items: +{{- if $tcpPorts }} + - apiVersion: v1 + kind: Service + metadata: + name: {{ template "traefik.fullname" . }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- with .Values.service.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + {{- with .Values.service.annotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- $type := default "LoadBalancer" .Values.service.type }} + type: {{ $type }} + {{- with .Values.service.spec }} + {{- toYaml . | nindent 6 }} + {{- end }} + selector: + app.kubernetes.io/name: {{ template "traefik.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + ports: + {{- range $name, $config := $tcpPorts }} + {{- if $config.expose }} + - port: {{ default $config.port $config.exposedPort }} + name: {{ $name }} + targetPort: {{ $name | quote }} + protocol: {{ default "TCP" $config.protocol | quote }} + {{- if $config.nodePort }} + nodePort: {{ $config.nodePort }} + {{- end }} + {{- end }} + {{- end }} + {{- if eq $type "LoadBalancer" }} + {{- with .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml . | nindent 6 }} + {{- end -}} + {{- end -}} + {{- with .Values.service.externalIPs }} + externalIPs: + {{- toYaml . | nindent 6 }} + {{- end -}} +{{- end }} + +{{- if $udpPorts }} + - apiVersion: v1 + kind: Service + metadata: + name: {{ template "traefik.fullname" . }}-udp + labels: + app.kubernetes.io/name: {{ template "traefik.name" . }} + helm.sh/chart: {{ template "traefik.chart" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/instance: {{ .Release.Name }} + annotations: + {{- with .Values.service.annotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- $type := default "LoadBalancer" .Values.service.type }} + type: {{ $type }} + {{- with .Values.service.spec }} + {{- toYaml . | nindent 6 }} + {{- end }} + selector: + app.kubernetes.io/name: {{ template "traefik.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + ports: + {{- range $name, $config := $udpPorts }} + {{- if $config.expose }} + - port: {{ default $config.port $config.exposedPort }} + name: {{ $name }} + targetPort: {{ $name | quote }} + protocol: {{ default "UDP" $config.protocol | quote }} + {{- if $config.nodePort }} + nodePort: {{ $config.nodePort }} + {{- end }} + {{- end }} + {{- end }} + {{- if eq $type "LoadBalancer" }} + {{- with .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- toYaml . | nindent 6 }} + {{- end -}} + {{- end -}} + {{- with .Values.service.externalIPs }} + externalIPs: + {{- toYaml . | nindent 6 }} + {{- end -}} +{{- end }} +{{- end -}} diff --git a/stable/traefik/5.0.0/templates/tlsoption.yaml b/stable/traefik/5.0.0/templates/tlsoption.yaml new file mode 100644 index 00000000000..ec46e8bbc94 --- /dev/null +++ b/stable/traefik/5.0.0/templates/tlsoption.yaml @@ -0,0 +1,14 @@ +{{- range $name, $config := .Values.tlsOptions }} +apiVersion: traefik.containo.us/v1alpha1 +kind: TLSOption +metadata: + name: {{ $name }} + labels: + app.kubernetes.io/name: {{ template "traefik.name" $ }} + helm.sh/chart: {{ template "traefik.chart" $ }} + app.kubernetes.io/managed-by: {{ $.Release.Service }} + app.kubernetes.io/instance: {{ $.Release.Name }} +spec: + {{- toYaml $config | nindent 2 }} +--- +{{- end -}} diff --git a/stable/traefik/5.0.0/test_values.yaml b/stable/traefik/5.0.0/test_values.yaml new file mode 100644 index 00000000000..8d0ba5213e5 --- /dev/null +++ b/stable/traefik/5.0.0/test_values.yaml @@ -0,0 +1,406 @@ +# Default values for Traefik +image: + name: traefik + # defaults to appVersion + tag: v2.4 + pullPolicy: IfNotPresent + +# +# Configure the deployment +# +deployment: + enabled: true + # Can be either Deployment or DaemonSet + kind: Deployment + # Number of pods of the deployment (only applies when kind == Deployment) + replicas: 1 + # Additional deployment annotations (e.g. for jaeger-operator sidecar injection) + annotations: {} + # Additional deployment labels (e.g. for filtering deployment by custom labels) + labels: {} + # Additional pod annotations (e.g. for mesh injection or prometheus scraping) + podAnnotations: {} + # Additional Pod labels (e.g. for filtering Pod by custom labels) + podLabels: {} + # Additional containers (e.g. for metric offloading sidecars) + additionalContainers: [] + # https://docs.datadoghq.com/developers/dogstatsd/unix_socket/?tab=host + # - name: socat-proxy + # image: alpine/socat:1.0.5 + # args: ["-s", "-u", "udp-recv:8125", "unix-sendto:/socket/socket"] + # volumeMounts: + # - name: dsdsocket + # mountPath: /socket + # Additional volumes available for use with initContainers and additionalContainers + additionalVolumes: [] + # - name: dsdsocket + # hostPath: + # path: /var/run/statsd-exporter + # Additional initContainers (e.g. for setting file permission as shown below) + initContainers: [] + # The "volume-permissions" init container is required if you run into permission issues. + # Related issue: https://github.com/traefik/traefik/issues/6972 + # - name: volume-permissions + # image: busybox:1.31.1 + # command: ["sh", "-c", "chmod -Rv 600 /data/*"] + # volumeMounts: + # - name: data + # mountPath: /data + # Custom pod DNS policy. Apply if `hostNetwork: true` + # dnsPolicy: ClusterFirstWithHostNet + # Additional imagePullSecrets + imagePullSecrets: [] + # - name: myRegistryKeySecretName + +# Pod disruption budget +podDisruptionBudget: + enabled: false + # maxUnavailable: 1 + # minAvailable: 0 + +# Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x +ingressClass: + # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 + enabled: false + isDefaultClass: false + # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" + fallbackApiVersion: + +# Activate Pilot integration +pilot: + enabled: false + token: "" + # Toggle Pilot Dashboard + # dashboard: false + +# Enable experimental features +experimental: + plugins: + enabled: false + kubernetesGateway: + enabled: false + appLabelSelector: "traefik" + certificates: [] + # - group: "core" + # kind: "Secret" + # name: "mysecret" + +# Create an IngressRoute for the dashboard +ingressRoute: + dashboard: + enabled: true + # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) + annotations: {} + # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) + labels: {} + +rollingUpdate: + maxUnavailable: 1 + maxSurge: 1 + + +# +# Configure providers +# +providers: + kubernetesCRD: + enabled: true + namespaces: [] + # - "default" + kubernetesIngress: + enabled: true + # labelSelector: environment=production,method=traefik + namespaces: [] + # - "default" + # IP used for Kubernetes Ingress endpoints + publishedService: + enabled: false + # Published Kubernetes Service to copy status from. Format: namespace/servicename + # By default this Traefik service + # pathOverride: "" + +# +# Add volumes to the traefik pod. The volume name will be passed to tpl. +# This can be used to mount a cert pair or a configmap that holds a config.toml file. +# After the volume has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: +# additionalArguments: +# - "--providers.file.filename=/config/dynamic.toml" +# - "--ping" +# - "--ping.entrypoint=web" +volumes: [] +# - name: public-cert +# mountPath: "/certs" +# type: secret +# - name: '{{ printf "%s-configs" .Release.Name }}' +# mountPath: "/config" +# type: configMap + +# Additional volumeMounts to add to the Traefik container +additionalVolumeMounts: [] + # For instance when using a logshipper for access logs + # - name: traefik-logs + # mountPath: /var/log/traefik + +# Logs +# https://docs.traefik.io/observability/logs/ +logs: + # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). + general: + # By default, the logs use a text format (common), but you can + # also ask for the json format in the format option + # format: json + # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. + level: INFO + access: + # To enable access logs + enabled: false + # By default, logs are written using the Common Log Format (CLF). + # To write logs in JSON, use json in the format option. + # If the given format is unsupported, the default (CLF) is used instead. + # format: json + # To write the logs in an asynchronous fashion, specify a bufferingSize option. + # This option represents the number of log lines Traefik will keep in memory before writing + # them to the selected output. In some cases, this option can greatly help performances. + # bufferingSize: 100 + # Filtering https://docs.traefik.io/observability/access-logs/#filtering + filters: {} + # statuscodes: "200,300-302" + # retryattempts: true + # minduration: 10ms + # Fields + # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers + fields: + general: + defaultmode: keep + names: {} + # Examples: + # ClientUsername: drop + headers: + defaultmode: drop + names: {} + # Examples: + # User-Agent: redact + # Authorization: drop + # Content-Type: keep + +globalArguments: + - "--global.checknewversion" + +# +# Configure Traefik static configuration +# Additional arguments to be passed at Traefik's binary +# All available options available on https://docs.traefik.io/reference/static-configuration/cli/ +## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` +additionalArguments: + - "--metrics.prometheus" + - "--ping" + - "--serverstransport.insecureskipverify=true" + +# Environment variables to be passed to Traefik's binary +env: [] +# - name: SOME_VAR +# value: some-var-value +# - name: SOME_VAR_FROM_CONFIG_MAP +# valueFrom: +# configMapRef: +# name: configmap-name +# key: config-key +# - name: SOME_SECRET +# valueFrom: +# secretKeyRef: +# name: secret-name +# key: secret-key + +envFrom: [] +# - configMapRef: +# name: config-map-name +# - secretRef: +# name: secret-name + +# Configure ports +ports: + # The name of this one can't be changed as it is used for the readiness and + # liveness probes, but you can adjust its config to your liking + traefik: + port: 9000 + # Use hostPort if set. + # hostPort: 9000 + # + # Use hostIP if set. If not set, Kubernetes will default to 0.0.0.0, which + # means it's listening on all your interfaces and all your IPs. You may want + # to set this value if you need traefik to listen on specific interface + # only. + # hostIP: 192.168.100.10 + + # Defines whether the port is exposed if service.type is LoadBalancer or + # NodePort. + # + # You SHOULD NOT expose the traefik port on production deployments. + # If you want to access it from outside of your cluster, + # use `kubectl port-forward` or create a secure ingress + expose: false + # The exposed port for this service + exposedPort: 9000 + # The port protocol (TCP/UDP) + protocol: TCP + web: + port: 9080 + # hostPort: 8000 + expose: true + exposedPort: 80 + # The port protocol (TCP/UDP) + protocol: TCP + # Use nodeport if set. This is useful if you have configured Traefik in a + # LoadBalancer + # nodePort: 32080 + # Port Redirections + # Added in 2.2, you can make permanent redirects via entrypoints. + # https://docs.traefik.io/routing/entrypoints/#redirection + redirectTo: websecure + websecure: + port: 9443 + # hostPort: 8443 + expose: true + exposedPort: 443 + # The port protocol (TCP/UDP) + protocol: TCP + # nodePort: 32443 + # Set TLS at the entrypoint + # https://doc.traefik.io/traefik/routing/entrypoints/#tls + tls: + enabled: true + +# TLS Options are created as TLSOption CRDs +# https://doc.traefik.io/traefik/https/tls/#tls-options +# Example: +tlsOptions: + default: + sniStrict: false + minVersion: VersionTLS12 + curvePreferences: + - CurveP521 + - CurveP384 + cipherSuites: + - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 + - TLS_AES_128_GCM_SHA256 + - TLS_AES_256_GCM_SHA384 + - TLS_CHACHA20_POLY1305_SHA256 + +# Options for the main traefik service, where the entrypoints traffic comes +# from. +service: + enabled: true + type: LoadBalancer + # Additional annotations (e.g. for cloud provider specific config) + annotations: {} + # Additional service labels (e.g. for filtering Service by custom labels) + labels: {} + # Additional entries here will be added to the service spec. Cannot contains + # type, selector or ports entries. + spec: {} + # externalTrafficPolicy: Cluster + # loadBalancerIP: "1.2.3.4" + # clusterIP: "2.3.4.5" + loadBalancerSourceRanges: [] + # - 192.168.0.1/32 + # - 172.16.0.0/16 + externalIPs: [] + # - 1.2.3.4 + +## Create HorizontalPodAutoscaler object. +## +autoscaling: + enabled: false +# minReplicas: 1 +# maxReplicas: 10 +# metrics: +# - type: Resource +# resource: +# name: cpu +# targetAverageUtilization: 60 +# - type: Resource +# resource: +# name: memory +# targetAverageUtilization: 60 + +# Enable persistence using Persistent Volume Claims +# ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ +# After the pvc has been mounted, add the configs into traefik by using the `additionalArguments` list below, eg: +# additionalArguments: +# - "--certificatesresolvers.le.acme.storage=/data/acme.json" +# It will persist TLS certificates. +persistence: + enabled: false + name: data + accessMode: ReadWriteOnce + size: 128Mi + path: /data + +# If hostNetwork is true, runs traefik in the host network namespace +# To prevent unschedulabel pods due to port collisions, if hostNetwork=true +# and replicas>1, a pod anti-affinity is recommended and will be set if the +# affinity is left as default. +hostNetwork: false + +# Whether Role Based Access Control objects like roles and rolebindings should be created +rbac: + enabled: true + + # If set to false, installs ClusterRole and ClusterRoleBinding so Traefik can be used across namespaces. + # If set to true, installs namespace-specific Role and RoleBinding and requires provider configuration be set to that same namespace + namespaced: false + +# Enable to create a PodSecurityPolicy and assign it to the Service Account via RoleBinding or ClusterRoleBinding +podSecurityPolicy: + enabled: false + +# The service account the pods will use to interact with the Kubernetes API +serviceAccount: + # If set, an existing service account is used + # If not set, a service account is created automatically using the fullname template + name: "" + +# Additional serviceAccount annotations (e.g. for oidc authentication) +serviceAccountAnnotations: {} + +resources: {} + # requests: + # cpu: "100m" + # memory: "50Mi" + # limits: + # cpu: "300m" + # memory: "150Mi" +affinity: {} +# # This example pod anti-affinity forces the scheduler to put traefik pods +# # on nodes where no other traefik pods are scheduled. +# # It should be used when hostNetwork: true to prevent port conflicts +# podAntiAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# - labelSelector: +# matchExpressions: +# - key: app +# operator: In +# values: +# - {{ template "traefik.name" . }} +# topologyKey: failure-domain.beta.kubernetes.io/zone +nodeSelector: {} +tolerations: [] + +# Pods can have priority. +# Priority indicates the importance of a Pod relative to other Pods. +priorityClassName: "" + +# Set the container security context +# To run the container with ports below 1024 this will need to be adjust to run as root +securityContext: + capabilities: + drop: [ALL] + readOnlyRootFilesystem: true + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + +podSecurityContext: + fsGroup: 65532 diff --git a/stable/traefik/5.0.0/values.yaml b/stable/traefik/5.0.0/values.yaml new file mode 100644 index 00000000000..e69de29bb2d diff --git a/stable/transmission/5.2.4/Chart.lock b/stable/transmission/5.2.4/Chart.lock index 91882b52786..e3ea0d6a52f 100644 --- a/stable/transmission/5.2.4/Chart.lock +++ b/stable/transmission/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:50.113139797Z" +generated: "2021-06-10T12:53:03.013091552Z" diff --git a/stable/truecommand/5.2.4/Chart.lock b/stable/truecommand/5.2.4/Chart.lock index 42f30f3491a..36e349f2157 100644 --- a/stable/truecommand/5.2.4/Chart.lock +++ b/stable/truecommand/5.2.4/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:50.853108394Z" +generated: "2021-06-10T12:53:03.861661156Z" diff --git a/stable/vaultwarden/2.2.8/Chart.lock b/stable/vaultwarden/2.2.8/Chart.lock index 128923455a6..e4bd72a9b64 100644 --- a/stable/vaultwarden/2.2.8/Chart.lock +++ b/stable/vaultwarden/2.2.8/Chart.lock @@ -6,4 +6,4 @@ dependencies: repository: https://charts.bitnami.com/bitnami version: 10.4.9 digest: sha256:299d4839c2ac8b84cf7388efce1d04df7d17e938bcd433a459e64baa21181adc -generated: "2021-06-08T11:27:54.365834102Z" +generated: "2021-06-10T12:53:07.474451112Z" diff --git a/stable/zwavejs2mqtt/5.2.6/Chart.lock b/stable/zwavejs2mqtt/5.2.6/Chart.lock index c93acd4070e..501b614c376 100644 --- a/stable/zwavejs2mqtt/5.2.6/Chart.lock +++ b/stable/zwavejs2mqtt/5.2.6/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://truecharts.org/ version: 5.1.3 digest: sha256:46cfe3fd743066d150b4909dc15f72e333c802c771966ec439e4b1d409c8547b -generated: "2021-06-08T11:27:58.060617949Z" +generated: "2021-06-10T12:53:11.254283549Z"