Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code

feat(ferdi-server): Add ferdi-server (#2367) 

* feat(ferdi-server): add ferdi-server

* feat(ferdi-server): Add ferdi-server

* root

* add app_key

* fix name

* add app_url

* health probe

* whoops

* secret

* pff

* typo

* nopg ssl

* installcont
This commit is contained in:
Stavros Kois 2022-04-01 10:18:18 +03:00 committed by GitHub
parent bbe2ee99a1
commit 3a1deb15c3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 628 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
charts/incubator/ferdi-server/Chart.yaml Normal file
View File

@ -0,0 +1,29 @@
apiVersion: v2
appVersion: "10.6.2"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 9.2.6
- condition: postgresql.enabled
name: postgresql
repository: https://charts.truecharts.org/
version: 7.0.27
description: Server for Ferdi that you can re-use to run your own
home: https://github.com/truecharts/apps/tree/master/charts/stable/ferdi-server
icon: https://truecharts.org/_static/img/appicons/ferdi-server.png
keywords:
- ferdi
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: ferdi-server
sources:
- https://github.com/getferdi/server
version: 0.0.1
annotations:
truecharts.org/catagories: |
- media
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

460
charts/incubator/ferdi-server/questions.yaml Normal file
View File

@ -0,0 +1,460 @@
# Include{groups}
portals:
open:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
questions:
- variable: portal
group: "Container Image"
label: "Configure Portal Button"
schema:
type: dict
hidden: true
attrs:
- variable: enabled
label: "Enable"
description: "enable the portal button"
schema:
hidden: true
editable: false
type: boolean
default: true
# Include{global}
- variable: controller
group: "Controller"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: advanced
label: "Show Advanced Controller Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
description: "Please specify type of workload to deploy"
label: "(Advanced) Controller Type"
schema:
type: string
default: "deployment"
required: true
enum:
- value: "deployment"
description: "Deployment"
- value: "statefulset"
description: "Statefulset"
- value: "daemonset"
description: "Daemonset"
- variable: replicas
description: "Number of desired pod replicas"
label: "Desired Replicas"
schema:
type: int
default: 1
required: true
- variable: strategy
description: "Please specify type of workload to deploy"
label: "(Advanced) Update Strategy"
schema:
type: string
default: "Recreate"
required: true
enum:
- value: "Recreate"
description: "Recreate: Kill existing pods before creating new ones"
- value: "RollingUpdate"
description: "RollingUpdate: Create new pods and then kill old ones"
- value: "OnDelete"
description: "(Legacy) OnDelete: ignore .spec.template changes"
# Include{controllerExpert}
- variable: env
group: "Container Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: APP_URL
label: "APP_URL"
description: "Specify the URL of the Ferdi-server, including http:// or https:// as relevant."
schema:
type: string
required: true
- variable: IS_CREATION_ENABLED
label: "IS_CREATION_ENABLED"
description: "Specify whether to enable the creation of custom recipes."
schema:
type: boolean
- variable: IS_DASHBOARD_ENABLED
label: "IS_DASHBOARD_ENABLED"
description: "Specify whether to enable the Ferdi-server dashboard."
schema:
type: boolean
- variable: IS_REGISTRATION_ENABLED
label: "IS_REGISTRATION_ENABLED"
description: "Specify whether to allow user registration."
schema:
type: boolean
- variable: CONNECT_WITH_FRANZ
label: "CONNECT_WITH_FRANZ"
description: "Specify whether to enable connections to the Franz server."
schema:
type: boolean
- variable: mailsettings
label: "Mail Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: MAIL_CONNECTION
label: "MAIL_CONNECTION"
description: "Specify the mail sender to be used."
schema:
type: string
default: "smtp"
- variable: SMTP_HOST
label: "SMTP_HOST"
description: "Specify the mail host to be used"
schema:
type: string
default: ""
- variable: SMTP_PORT
label: "SMTP_PORT"
description: "Specify the mail port to be used."
schema:
type: int
default: 587
- variable: MAIL_SSL
label: "MAIL_SSL"
description: "Specify SMTP mail security."
schema:
type: boolean
default: true
- variable: MAIL_USERNAME
label: "MAIL_USERNAME"
description: "Specify your mail username to be used."
schema:
type: string
default: ""
- variable: MAIL_PASSWORD
label: "MAIL_PASSWORD"
description: "Specify your mail password to be used."
schema:
type: string
private: true
default: ""
- variable: MAIL_SENDER
label: "MAIL_SENDER"
description: "Specify the mail sender address to be used."
schema:
type: string
default: ""
- variable: SPARKPOST_API_KEY
label: "SPARKPOST_API_KEY"
description: "Specify SparkPost API Key to be used."
schema:
type: string
private: true
default: ""
- variable: MAILGUN_DOMAIN
label: "MAILGUN_DOMAIN"
description: "Specify Mailgun domain to be used."
schema:
type: string
default: ""
- variable: MAILGUN_API_REGION
label: "MAILGUN_API_REGION"
description: "Specify Mailgun API Region to be used."
schema:
type: string
default: ""
- variable: MAILGUN_API_KEY
label: "MAILGUN_API_KEY"
description: "Specify Mailgun API Key to be used."
schema:
type: string
private: true
default: ""
# Include{containerConfig}
- variable: service
group: "Networking and Services"
label: "Configure Service(s)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 10206
required: true
- variable: advanced
label: "Show Advanced settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: protocol
label: "Port Type"
schema:
type: string
default: "HTTP"
enum:
- value: HTTP
description: "HTTP"
- value: "HTTPS"
description: "HTTPS"
- value: TCP
description: "TCP"
- value: "UDP"
description: "UDP"
- variable: nodePort
label: "Node Port (Optional)"
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
schema:
type: int
min: 9000
max: 65535
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 3333
- variable: serviceexpert
group: "Networking and Services"
label: "Show Expert Config"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
group: "Networking and Services"
label: "Host-Networking (Complicated)"
schema:
type: boolean
default: false
# Include{serviceExpert}
# Include{serviceList}
- variable: persistence
label: "Integrated Persistent Storage"
description: "Integrated Persistent Storage"
group: "Storage and Persistence"
schema:
additional_attrs: true
type: dict
attrs:
- variable: data
label: "App Data Storage"
description: "Stores the Application Data."
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: "Type of Storage"
description: "Sets the persistence type, Anything other than PVC could break rollback!"
schema:
type: string
default: "simplePVC"
enum:
- value: "simplePVC"
description: "PVC (simple)"
- value: "simpleHP"
description: "HostPath (simple)"
- value: "emptyDir"
description: "emptyDir"
- value: "pvc"
description: "pvc"
- value: "hostPath"
description: "hostPath"
# Include{persistenceBasic}
- variable: hostPath
label: "hostPath"
description: "Path inside the container the storage is mounted"
schema:
show_if: [["type", "=", "hostPath"]]
type: hostpath
- variable: medium
label: "EmptyDir Medium"
schema:
show_if: [["type", "=", "emptyDir"]]
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "Memory"
description: "Memory"
# Include{persistenceAdvanced}
- variable: recipes
label: "App Recipes Storage"
description: "Stores the Application Recipes."
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: "Type of Storage"
description: "Sets the persistence type, Anything other than PVC could break rollback!"
schema:
type: string
default: "simplePVC"
enum:
- value: "simplePVC"
description: "PVC (simple)"
- value: "simpleHP"
description: "HostPath (simple)"
- value: "emptyDir"
description: "emptyDir"
- value: "pvc"
description: "pvc"
- value: "hostPath"
description: "hostPath"
# Include{persistenceBasic}
- variable: hostPath
label: "hostPath"
description: "Path inside the container the storage is mounted"
schema:
show_if: [["type", "=", "hostPath"]]
type: hostpath
- variable: medium
label: "EmptyDir Medium"
schema:
show_if: [["type", "=", "emptyDir"]]
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "Memory"
description: "Memory"
# Include{persistenceAdvanced}
# Include{persistenceList}
- variable: ingress
label: ""
group: "Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressExpert}
# Include{ingressList}
# Include{security}
- variable: advancedSecurity
label: "Show Advanced Security Settings"
group: "Security and Permissions"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: securityContext
label: "Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
schema:
type: boolean
default: false
# Include{securityContextAdvanced}
- variable: podSecurityContext
group: "Security and Permissions"
label: "Pod Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 0
- variable: runAsGroup
label: "runAsGroup"
description: The groupID this App of the user running the application"
schema:
type: int
default: 0
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}

20
charts/incubator/ferdi-server/templates/_secrets.tpl Normal file
View File

@ -0,0 +1,20 @@
{{/* Define the secrets */}}
{{- define "ferdi-server.secrets" -}}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: ferdi-server-secrets
{{- $ferdiprevious := lookup "v1" "Secret" .Release.Namespace "ferdi-server-secrets" }}
{{- $app_key := "" }}
data:
{{- if $ferdiprevious}}
APP_KEY: {{ index $ferdiprevious.data "APP_KEY" }}
{{- else }}
{{- $app_key := randAlphaNum 32 }}
APP_KEY: {{ $app_key | b64enc }}
{{- end }}
{{- end -}}

8
charts/incubator/ferdi-server/templates/common.yaml Normal file
View File

@ -0,0 +1,8 @@
{{/* Make sure all variables are set properly */}}
{{- include "common.setup" . }}
{{/* Render secrets for ferdi-server */}}
{{- include "ferdi-server.secrets" . }}
{{/* Render the templates */}}
{{ include "common.postSetup" . }}

110
charts/incubator/ferdi-server/values.yaml Normal file
View File

@ -0,0 +1,110 @@
image:
repository: getferdi/ferdi-server
tag: 1.3.2@sha256:b94315a20480e8c47f960590279766c8636c53f9deaaa7697499a51028e33dec
pullPolicy: IfNotPresent
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
env:
NODE_ENV: "production"
DATA_DIR: "/app/data"
DB_CONNECTION: "pg"
DB_PORT: "5432"
DB_SSL: false
DB_USER: "{{ .Values.postgresql.postgresqlUsername }}"
DB_DATABASE: "{{ .Values.postgresql.postgresqlDatabase }}"
# User Defined
APP_URL: "http://localhost:3333"
IS_CREATION_ENABLED: true
IS_DASHBOARD_ENABLED: true
IS_REGISTRATION_ENABLED: true
CONNECT_WITH_FRANZ: true
# MAIL_CONNECTION: "smtp"
# SMTP_HOST: "localhost"
# SMTP_PORT: 587
# MAIL_SSL: true
# MAIL_USERNAME: "username@example.com"
# MAIL_PASSWORD: "password"
# MAIL_SENDER: "noreply@example.com"
# SPARKPOST_API_KEY: ""
# MAILGUN_DOMAIN: ""
# MAILGUN_API_REGION: ""
# MAILGUN_API_KEY: ""
envValueFrom:
DB_HOST:
secretKeyRef:
name: dbcreds
key: plainhost
DB_PASSWORD:
secretKeyRef:
name: dbcreds
key: postgresql-password
probes:
liveness:
path: "/health"
readiness:
path: "/health"
startup:
path: "/health"
service:
main:
ports:
main:
port: 10206
targetPort: 3333
persistence:
data:
enabled: true
mountPath: "/app/data"
recipes:
enabled: true
mountPath: "/app/recipes"
postgresql:
enabled: true
existingSecret: "dbcreds"
postgresqlUsername: ferdi-server
postgresqlDatabase: ferdi-server
installContainers:
1-create-key-file:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
volumeMounts:
- name: data
mountPath: "/app/data"
env:
- name: APP_KEY
valueFrom:
secretKeyRef:
name: ferdi-server-secrets
key: APP_KEY
command: ["sh", "-c"]
args:
- >
keyfile="/app/data/FERDI_APP_KEY.txt";
if [ ! -f ${keyfile} ];
then
echo "No APP_KEY File...";
echo "Creating APP_KEY file...";
echo "${APP_KEY}" > ${keyfile};
if [ -f ${keyfile} ];
then
echo "Success!";
else
echo "Failed.";
fi;
else
echo "APP_KEY File exists. Skipping...";
fi;

BIN
docs/_static/img/appicons/ferdi-server.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 333 KiB

1
docs/manual/default-ports.md
View File

@ -369,6 +369,7 @@ These defaults can of course be changed, but as we guarantee "sane, working defa
| technitium | dns-https | dns-https | 10203 | TCP | |
| technitium | dns-https-proxy | dns-https-proxy | 10204 | TCP | |
| meshcentral | main | main | 10205 | TCP | |
| ferdi | main | main | 10206 | TCP | |
| storj-node | main | main | 14002 | TCP | |
| satisfactory | beacon | beacon | 15000 | UDP | |
| satisfactory | query | query | 15777 | UDP | |