Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code

feat(ghost): Add ghost (#1977) 

* feat(ghost): Add ghost

* update docs

* use correct image

* full perms for tests

* don't set url on test

* set to localhost

* try default port

* whoops

* add more gui options

* strict perms

* rofs off

* root + rofs

* root + rofs off

* use strict perms

* Update charts/incubator/ghost/values.yaml

* Update charts/incubator/ghost/questions.yaml

* Update charts/incubator/ghost/questions.yaml

* Update charts/incubator/ghost/values.yaml

* update url env

Co-authored-by: Kjeld Schouten-Lebbing <kjeld@schouten-lebbing.nl>
This commit is contained in:
Stavros Kois 2022-02-28 18:15:10 +02:00 committed by GitHub
parent 1f3db0c79d
commit 317d3508d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 632 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
charts/incubator/ghost/Chart.yaml Normal file
View File

@ -0,0 +1,33 @@
apiVersion: v2
appVersion: "10.6.2"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.16.0
- condition: mariadb.enabled
name: mariadb
repository: https://truecharts.org/
version: 1.0.73
description: Ghost is an open source, professional publishing platform built on a modern Node.js technology stack — designed for teams who need power, flexibility and performance.
home: https://github.com/truecharts/apps/tree/master/charts/stable/ghost
icon: https://truecharts.org/_static/img/appicons/ghost-icon.png
keywords:
- ghost
- blog
- cms
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: ghost
sources:
- https://github.com/TryGhost/Ghost
- https://hub.docker.com/_/ghost
- https://ghost.org/docs/
version: 0.0.1
annotations:
truecharts.org/catagories: |
- productivity
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

523
charts/incubator/ghost/questions.yaml Normal file
View File

@ -0,0 +1,523 @@
# Include{groups}
portals:
open:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
admin:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
path: "/ghost"
questions:
- variable: portal
group: "Container Image"
label: "Configure Portal Button"
schema:
type: dict
hidden: true
attrs:
- variable: enabled
label: "Enable"
description: "enable the portal button"
schema:
hidden: true
editable: false
type: boolean
default: true
# Include{global}
- variable: controller
group: "Controller"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: advanced
label: "Show Advanced Controller Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
description: "Please specify type of workload to deploy"
label: "(Advanced) Controller Type"
schema:
type: string
default: "deployment"
required: true
enum:
- value: "deployment"
description: "Deployment"
- value: "statefulset"
description: "Statefulset"
- value: "daemonset"
description: "Daemonset"
- variable: replicas
description: "Number of desired pod replicas"
label: "Desired Replicas"
schema:
type: int
default: 1
required: true
- variable: strategy
description: "Please specify type of workload to deploy"
label: "(Advanced) Update Strategy"
schema:
type: string
default: "Recreate"
required: true
enum:
- value: "Recreate"
description: "Recreate: Kill existing pods before creating new ones"
- value: "RollingUpdate"
description: "RollingUpdate: Create new pods and then kill old ones"
- value: "OnDelete"
description: "(Legacy) OnDelete: ignore .spec.template changes"
# Include{controllerExpert}
# Docker specific env
- variable: env
group: "Container Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
# Include{fixedEnv}
- variable: url
label: "URL"
description: "Enter the URL that is used to access your publication"
schema:
type: string
default: "http://localhost:10165"
- variable: useMinFiles
label: "useMinFiles"
description: "Generate assets url with .min notation"
schema:
type: boolean
default: true
- variable: imageOptimization__resize
label: "Image Optimization: Resize"
description: "Automatically process and compress"
schema:
type: boolean
default: true
- variable: imageOptimization__srcsets
label: "Image Optimization: srcsets"
description: "Image Optimization: srcsets"
schema:
type: boolean
default: true
- variable: compress
label: "Compress"
description: "Compress"
schema:
type: boolean
default: true
- variable: preloadHeaders
label: "Preload Headers"
description: "Preload Headers"
schema:
type: boolean
default: false
- variable: adminFrameProtection
label: "Admin Frame Protection"
description: "Admin Frame Protection"
schema:
type: boolean
default: true
- variable: sendWelcomeEmail
label: "Send Welcome Email"
description: "Send Welcome Email"
schema:
type: boolean
default: true
- variable: stripeDirect
label: "Stripe Direct"
description: "Stripe Direct"
schema:
type: boolean
default: false
- variable: enableStripePromoCodes
label: "Enable Stripe Promo Codes"
description: "Enable Stripe Promo Codes"
schema:
type: boolean
default: false
- variable: emailAnalytics
label: "Email Analytics"
description: "Email Analytics"
schema:
type: boolean
default: true
- variable: backgroundJobs__emailAnalytics
label: "Background Jobs Email Analytics"
description: "Background Jobs Email Analytics"
schema:
type: boolean
default: true
- variable: useMinFiles
label: "useMinFiles"
description: "Generate assets url with .min notation"
schema:
type: boolean
default: true
- variable: privacy__useTinfoil
label: "Privacy: Use Tin Foil"
description: "Turn privacy features on or off"
schema:
type: boolean
default: false
show_subquestions_if: false
subquestions:
- variable: privacy__useUpdateCheck
label: "Privacy: Use Update Checks"
description: "Enable Update Checks"
schema:
type: boolean
default: true
- variable: privacy__useGravatar
label: "Privacy: Use Gravatar"
description: "Enable Gravatar"
schema:
type: boolean
default: true
- variable: privacy__useRpcPing
label: "Privacy: Use RPC Ping"
description: "Enable RPC Pings"
schema:
type: boolean
default: true
- variable: privacy__useStructuredData
label: "Privacy: Use Structured Data"
description: "Enable Structured Data"
schema:
type: boolean
default: true
- variable: mailenabled
label: "Mail Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: mail__from
label: "Mail: From Address"
description: "From Address eg ('Ghost Admin' <support@example.com>)"
schema:
type: string
default: ""
- variable: mail__transport
label: "Mail: Transport"
description: "Transport"
schema:
type: string
default: "SMTP"
- variable: mail__options__service
label: "Mail: Options - Service"
description: "Service eg (Mailgun)"
schema:
type: string
default: ""
- variable: mail__options__port
label: "Mail: Options - Port"
description: "Port eg (587)"
schema:
type: string
default: ""
- variable: mail__options__secure
label: "Mail: Options - Secure"
description: "Enable Secure Mail"
schema:
type: boolean
default: false
- variable: mail__options__auth__user
label: "Mail: Options - Auth - User"
description: "Username for mail provider"
schema:
type: string
default: ""
- variable: mail__options__auth__pass
label: "Mail: Options - Auth - Password"
description: "Password for mail provider"
schema:
type: string
private: true
default: ""
- variable: integrationsenabled
label: "Integration Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: twitter__privateReadOnlyToken
label: "Twitter: Private Read Only Token"
description: "Twitter: Private Read Only Token"
schema:
type: string
private: true
default: ""
- variable: opensea__privateReadOnlyApiKey
label: "Opensea: Private Read Only API Key"
description: "Opensea: Private Read Only API Key"
schema:
type: string
private: true
default: ""
- variable: tenor__publicReadOnlyApiKey
label: "Tenor: Private Read Only API Key"
description: "Tenor: Private Read Only API Key"
schema:
type: string
private: true
default: ""
- variable: tenor__contentFilter
label: "Tenor: Content Filter"
description: "Tenor: Content Filter"
schema:
type: string
default: "off"
enum:
- value: "off"
description: "off"
- value: "on"
description: "on"
# Include{containerConfig}
- variable: service
group: "Networking and Services"
label: "Configure Service(s)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 10166
required: true
- variable: advanced
label: "Show Advanced settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: protocol
label: "Port Type"
schema:
type: string
default: "HTTP"
enum:
- value: HTTP
description: "HTTP"
- value: "HTTPS"
description: "HTTPS"
- value: TCP
description: "TCP"
- value: "UDP"
description: "UDP"
- variable: nodePort
label: "Node Port (Optional)"
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
schema:
type: int
min: 9000
max: 65535
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 10166
- variable: serviceexpert
group: "Networking and Services"
label: "Show Expert Config"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
group: "Networking and Services"
label: "Host-Networking (Complicated)"
schema:
type: boolean
default: false
# Include{serviceExpert}
# Include{serviceList}
- variable: persistence
label: "Integrated Persistent Storage"
description: "Integrated Persistent Storage"
group: "Storage and Persistence"
schema:
additional_attrs: true
type: dict
attrs:
- variable: content
label: "App Content Storage"
description: "Stores the Application Content."
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: "Type of Storage"
description: "Sets the persistence type, Anything other than PVC could break rollback!"
schema:
type: string
default: "simplePVC"
enum:
- value: "simplePVC"
description: "PVC (simple)"
- value: "simpleHP"
description: "HostPath (simple)"
- value: "emptyDir"
description: "emptyDir"
- value: "pvc"
description: "pvc"
- value: "hostPath"
description: "hostPath"
# Include{persistenceBasic}
- variable: hostPath
label: "hostPath"
description: "Path inside the container the storage is mounted"
schema:
show_if: [["type", "=", "hostPath"]]
type: hostpath
- variable: medium
label: "EmptyDir Medium"
schema:
show_if: [["type", "=", "emptyDir"]]
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "Memory"
description: "Memory"
# Include{persistenceAdvanced}
# Include{persistenceList}
- variable: ingress
label: ""
group: "Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressExpert}
# Include{ingressList}
- variable: advancedSecurity
label: "Show Advanced Security Settings"
group: "Security and Permissions"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: securityContext
label: "Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: true
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
schema:
type: boolean
default: true
# Include{securityContextAdvanced}
- variable: podSecurityContext
group: "Security and Permissions"
label: "Pod Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 568
- variable: runAsGroup
label: "runAsGroup"
description: The groupID this App of the user running the application"
schema:
type: int
default: 568
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}

1
charts/incubator/ghost/templates/common.yaml Normal file
View File

@ -0,0 +1 @@
{{ include "common.all" . }}

73
charts/incubator/ghost/values.yaml Normal file
View File

@ -0,0 +1,73 @@
image:
repository: tccr.io/truecharts/ghost
tag: v4.36.32@sha256:d897092217e34dcdb98ffb452f650d2f19d02236729a216246df1df810536661
pullPolicy: IfNotPresent
env:
# db env
database__client: "mysql"
database__connection__port: 3306
database__connection__user: "{{ .Values.mariadb.mariadbUsername }}"
database__connection__database: "{{ .Values.mariadb.mariadbDatabase }}"
# server env
NODE_ENV: "production"
server__port: "{{ .Values.service.main.ports.main.port }}"
url: "http://localhost:10166"
useMinFiles: true
compress: true
imageOptimization__resize: true
imageOptimization__srcsets: true
preloadHeaders: false
sendWelcomeEmail: true
adminFrameProtection: true
emailAnalytics: true
backgroundJobs__emailAnalytics: true
stripeDirect: false
enableStripePromoCodes: false
# privacy env
privacy__useTinfoil: true
privacy__useUpdateCheck: false
privacy__useGravatar: false
privacy__useRpcPing: false
privacy__useStructuredData: false
# mail env
mail__from: ""
mail__transport: ""
mail__options__service: ""
mail__options__port: ""
mail__options__secure: false
mail__options__auth__user: ""
mail__options__auth__pass: ""
# integrations env
tenor__publicReadOnlyApiKey: ""
tenor__contentFilter: "off"
opensea__privateReadOnlyApiKey: ""
twitter__privateReadOnlyToken: ""
envValueFrom:
database__connection__host:
secretKeyRef:
name: mariadbcreds
key: plainhost
database__connection__password:
secretKeyRef:
name: mariadbcreds
key: mariadb-password
service:
main:
ports:
main:
port: 10166
targetPort: 10166
persistence:
content:
enabled: true
mountPath: "/var/lib/ghost/content"
mariadb:
enabled: true
mariadbUsername: ghost
mariadbDatabase: ghost
existingSecret: "mariadbcreds"

BIN
docs/_static/img/appicons/ghost-icon.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

2
docs/apps/app-requests.md
View File

@ -62,7 +62,6 @@ _This list is to track `App Requests` from one place._
- [ ] Geth #1348
- [ ] Spotify Connect #1319
- [ ] Machinaris #1304
- [ ] Ghost #1282
- [ ] teslamate
##### TODO: Requires More-Than-Average effort
@ -518,3 +517,4 @@ _These Apps have specific requirements or need specific customisation and care_
- [x] Librephotos #293
- [x] AMD - Automated Music Downloader
- [x] Deemix #628
- [x] Ghost #1282

1
docs/manual/default-ports.md
View File

@ -322,6 +322,7 @@ These defaults can of course be changed, but as we guarantee "sane, working defa
| grist | main | main | 10163 | TCP | |
| grist | api | api | 10164 | TCP | |
| budge | main | main | 10165 | TCP | |
| ghost | main | main | 10166 | TCP | |
| satisfactory | beacon | beacon | 15000 | UDP | |
| satisfactory | query | query | 15777 | UDP | |
| minecraft-bedrock | main | main | 19132 | UDP | |