Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code

feat(outline): Add outline (#2230) 

* feat(outline): add outline

* fix minio

* remove minio as it's optional

* vars

* update questions

* fix ports

* common

* common version

* dont init db

* try migrate as install

* update image and try rootless
This commit is contained in:
Stavros Kois 2022-03-22 21:21:25 +02:00 committed by GitHub
parent d7c451a722
commit 3de489424e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 721 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
charts/incubator/outline/Chart.yaml Normal file
View File

@ -0,0 +1,36 @@
apiVersion: v2
appVersion: "5.6.13"
dependencies:
- name: common
repository: https://truecharts.org
version: 9.1.8
- condition: postgresql.enabled
name: postgresql
repository: https://truecharts.org/
version: 7.0.6
- condition: redis.enabled
name: redis
repository: https://truecharts.org
version: 2.0.5
deprecated: false
description: A fast, collaborative, knowledge base for your team built using React and Node.js.
home: https://github.com/truecharts/apps/tree/master/charts/stable/outline
icon: https://truecharts.org/_static/img/appicons/outline.png
keywords:
- outline
- knowledge
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: outline
sources:
- https://github.com/outline/outline
type: application
version: 0.0.1
annotations:
truecharts.org/catagories: |
- productivity
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

504
charts/incubator/outline/questions.yaml Normal file
View File

@ -0,0 +1,504 @@
# Include{groups}
portals:
open:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
questions:
- variable: portal
group: "Container Image"
label: "Configure Portal Button"
schema:
type: dict
hidden: true
attrs:
- variable: enabled
label: "Enable"
description: "enable the portal button"
schema:
hidden: true
editable: false
type: boolean
default: true
# Include{global}
- variable: controller
group: "Controller"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: advanced
label: "Show Advanced Controller Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
description: "Please specify type of workload to deploy"
label: "(Advanced) Controller Type"
schema:
type: string
default: "deployment"
required: true
enum:
- value: "deployment"
description: "Deployment"
- value: "statefulset"
description: "Statefulset"
- value: "daemonset"
description: "Daemonset"
- variable: replicas
description: "Number of desired pod replicas"
label: "Desired Replicas"
schema:
type: int
default: 1
required: true
- variable: strategy
description: "Please specify type of workload to deploy"
label: "(Advanced) Update Strategy"
schema:
type: string
default: "Recreate"
required: true
enum:
- value: "Recreate"
description: "Recreate: Kill existing pods before creating new ones"
- value: "RollingUpdate"
description: "RollingUpdate: Create new pods and then kill old ones"
- value: "OnDelete"
description: "(Legacy) OnDelete: ignore .spec.template changes"
# Include{controllerExpert}
- variable: env
group: "Container Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: URL
label: "URL"
description: "URL should point to the fully qualified, publicly accessible URL."
schema:
type: string
default: "http://localhost:10194"
- variable: COLLABORATION_URL
label: "COLLABORATION_URL"
description: "URL for external collaboration server"
schema:
type: string
default: ""
- variable: ALLOWED_DOMAINS
label: "ALLOWED_DOMAINS"
description: "Comma separated list of domains to be allowed to signin to the wiki. If not set, all domains are allowed by default when using Google OAuth to signin"
schema:
type: string
default: ""
- variable: SLACK_MESSAGE_ACTIONS
label: "SLACK_MESSAGE_ACTIONS"
schema:
type: boolean
default: true
- variable: ENABLE_UPDATES
label: "ENABLE_UPDATES"
schema:
type: boolean
default: true
- variable: WEB_CONCURRENCY
label: "WEB_CONCURRENCY"
description: "How many processes should be spawned. As a reasonable rule divide your servers available memory by 512 for a rough estimate"
schema:
type: int
default: 1
- variable: DEFAULT_LANGUAGE
label: "DEFAULT_LANGUAGE"
description: "The default interface language. See translate.getoutline.com for a list of available language codes and their rough percentage translated."
schema:
type: string
default: "en_US"
- variable: TEAM_LOGO
label: "TEAM_LOGO URL"
description: "Custom logo that displays on the authentication screen, scaled to height: 60px (Insert URL here)"
schema:
type: string
default: ""
- variable: MAXIMUM_IMPORT_SIZE
label: "MAXIMUM_IMPORT_SIZE"
description: "Override the maxium size of document imports, could be required if you have especially large Word documents with embedded imagery"
schema:
type: int
default: 5120000
- variable: SENTRY_DSN
label: "SENTRY_DSN"
schema:
type: string
default: ""
- variable: slackenabled
label: "Enable Slack Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: SLACK_KEY
label: "SLACK_KEY"
schema:
type: string
default: ""
private: true
- variable: SLACK_SECRET
label: "SLACK_SECRET"
schema:
type: string
default: ""
private: true
- variable: SLACK_VERIFICATION_TOKEN
label: "SLACK_VERIFICATION_TOKEN"
schema:
type: string
default: ""
private: true
- variable: SLACK_APP_ID
label: "SLACK_APP_ID"
schema:
type: string
default: ""
private: true
- variable: googlenabled
label: "Enable Google Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: GOOGLE_CLIENT_ID
label: "GOOGLE_CLIENT_ID"
schema:
type: string
default: ""
private: true
- variable: GOOGLE_CLIENT_SECRET
label: "GOOGLE_CLIENT_SECRET"
schema:
type: string
default: ""
private: true
- variable: GOOGLE_ANALYTICS_ID
label: "GOOGLE_ANALYTICS_ID"
schema:
type: string
default: ""
private: true
- variable: azureenabled
label: "Enable Azure Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: AZURE_CLIENT_ID
label: "AZURE_CLIENT_ID"
schema:
type: string
default: ""
private: true
- variable: AZURE_CLIENT_SECRET
label: "AZURE_CLIENT_SECRET"
schema:
type: string
default: ""
private: true
- variable: AZURE_RESOURCE_APP_ID
label: "AZURE_RESOURCE_APP_ID"
schema:
type: string
default: ""
private: true
- variable: oidcenabled
label: "Enable OIDC Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: OIDC_CLIENT_ID
label: "OIDC_CLIENT_ID"
schema:
type: string
default: ""
private: true
- variable: OIDC_CLIENT_SECRET
label: "OIDC_CLIENT_SECRET"
schema:
type: string
default: ""
private: true
- variable: OIDC_AUTH_URI
label: "OIDC_AUTH_URI"
schema:
type: string
default: ""
- variable: OIDC_TOKEN_URI
label: "OIDC_TOKEN_URI"
schema:
type: string
default: ""
- variable: OIDC_USERINFO_URI
label: "OIDC_USERINFO_URI"
schema:
type: string
default: ""
- variable: OIDC_USERNAME_CLAIM
label: "OIDC_USERNAME_CLAIM"
schema:
type: string
default: "preferred_username"
- variable: OIDC_DISPLAY_NAME
label: "OIDC_DISPLAY_NAME"
schema:
type: string
default: "OpenID"
- variable: OIDC_SCOPES
label: "OIDC_SCOPES"
schema:
type: string
default: "openid profile email"
- variable: sthreenabled
label: "Enable AWS / Minio (S3) Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: AWS_ACCESS_KEY_ID
label: "AWS_ACCESS_KEY_ID"
schema:
type: string
default: ""
private: true
- variable: AWS_SECRET_ACCESS_KEY
label: "AWS_SECRET_ACCESS_KEY"
schema:
type: string
default: ""
private: true
- variable: AWS_REGION
label: "AWS_REGION"
schema:
type: string
default: ""
- variable: AWS_S3_ACCELERATE_URL
label: "AWS_S3_ACCELERATE_URL"
schema:
type: string
default: ""
- variable: AWS_S3_UPLOAD_BUCKET_URL
label: "AWS_S3_UPLOAD_BUCKET_URL"
schema:
type: string
default: ""
- variable: AWS_S3_UPLOAD_BUCKET_NAME
label: "AWS_S3_UPLOAD_BUCKET_NAME"
schema:
type: string
default: ""
- variable: AWS_S3_UPLOAD_MAX_SIZE
label: "AWS_S3_UPLOAD_MAX_SIZE"
schema:
type: int
default: 26214400
- variable: AWS_S3_FORCE_PATH_STYLE
label: "AWS_S3_FORCE_PATH_STYLE"
schema:
type: boolean
default: true
- variable: AWS_S3_ACL
label: "AWS_S3_ACL"
schema:
type: string
default: "private"
# Include{containerConfig}
- variable: service
group: "Networking and Services"
label: "Configure Service(s)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 10196
required: true
- variable: advanced
label: "Show Advanced settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: protocol
label: "Port Type"
schema:
type: string
default: "HTTP"
enum:
- value: HTTP
description: "HTTP"
- value: "HTTPS"
description: "HTTPS"
- value: TCP
description: "TCP"
- value: "UDP"
description: "UDP"
- variable: nodePort
label: "Node Port (Optional)"
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
schema:
type: int
min: 9000
max: 65535
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 10196
- variable: serviceexpert
group: "Networking and Services"
label: "Show Expert Config"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
group: "Networking and Services"
label: "Host-Networking (Complicated)"
schema:
type: boolean
default: false
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceList}
- variable: ingress
label: ""
group: "Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressExpert}
# Include{ingressList}
# Include{security}
- variable: advancedSecurity
label: "Show Advanced Security Settings"
group: "Security and Permissions"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: securityContext
label: "Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
schema:
type: boolean
default: false
# Include{securityContextAdvanced}
- variable: podSecurityContext
group: "Security and Permissions"
label: "Pod Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 0
- variable: runAsGroup
label: "runAsGroup"
description: The groupID this App of the user running the application"
schema:
type: int
default: 0
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}

24
charts/incubator/outline/templates/_secrets.tpl Normal file
View File

@ -0,0 +1,24 @@
{{/* Define the secrets */}}
{{- define "outline.secrets" -}}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: outline-secrets
{{- $outlineprevious := lookup "v1" "Secret" .Release.Namespace "outline-secrets" }}
{{- $secret_key := "" }}
{{- $utils_secret := "" }}
data:
{{- if $outlineprevious}}
SECRET_KEY: {{ index $outlineprevious.data "SECRET_KEY" }}
UTILS_SECRET: {{ index $outlineprevious.data "UTILS_SECRET" }}
{{- else }}
{{- $secret_key := randAlphaNum 32 }}
{{- $utils_secret := randAlphaNum 32 }}
SECRET_KEY: {{ $secret_key | b64enc }}
UTILS_SECRET: {{ $utils_secret | b64enc }}
{{- end }}
{{- end -}}

8
charts/incubator/outline/templates/common.yaml Normal file
View File

@ -0,0 +1,8 @@
{{/* Make sure all variables are set properly */}}
{{- include "common.setup" . }}
{{/* Render secrets for fireflyiii */}}
{{- include "outline.secrets" . }}
{{/* Render the templates */}}
{{ include "common.postSetup" . }}

148
charts/incubator/outline/values.yaml Normal file
View File

@ -0,0 +1,148 @@
image:
repository: tccr.io/truecharts/outline
pullPolicy: IfNotPresent
tag: v0.62.0@sha256:9350ace6f88ae314620ab32e9990481d0e89895409b171fa0545b8ef9f7ede65
minioImage:
repository: tccr.io/truecharts/minio
tag: latest@sha256:bd004ba41b2456f115c7f1360d7c49f4478f5d9ce20ad042c8ce2cf5aff46d24
# # Needs check
# securityContext:
# readOnlyRootFilesystem: false
# runAsNonRoot: false
# # Needs check
# podSecurityContext:
# runAsUser: 0
# runAsGroup: 0
env:
FORCE_HTTPS: false
PGSSLMODE: "disable"
PORT: "{{ .Values.service.main.ports.main.port }}"
# User defined
SLACK_MESSAGE_ACTIONS: true
ENABLE_UPDATES: true
WEB_CONCURRENCY: 1
DEFAULT_LANGUAGE: "en_US"
TEAM_LOGO: ""
MAXIMUM_IMPORT_SIZE: 5120000
ALLOWED_DOMAINS: ""
URL: "http://localhost:{{ .Values.service.main.ports.main.port }}"
COLLABORATION_URL: ""
SLACK_KEY: ""
SLACK_SECRET: ""
SLACK_VERIFICATION_TOKEN: ""
SLACK_APP_ID: ""
GOOGLE_CLIENT_ID: ""
GOOGLE_CLIENT_SECRET: ""
GOOGLE_ANALYTICS_ID: ""
AZURE_CLIENT_ID: ""
AZURE_CLIENT_SECRET: ""
AZURE_RESOURCE_APP_ID: ""
OIDC_CLIENT_ID: ""
OIDC_CLIENT_SECRET: ""
OIDC_AUTH_URI: ""
OIDC_TOKEN_URI: ""
OIDC_USERINFO_URI: ""
OIDC_USERNAME_CLAIM: ""
OIDC_DISPLAY_NAME: ""
OIDC_SCOPES: ""
SENTRY_DSN: ""
AWS_ACCESS_KEY_ID: ""
AWS_SECRET_ACCESS_KEY: ""
AWS_REGION: ""
AWS_S3_ACCELERATE_URL: ""
AWS_S3_UPLOAD_BUCKET_URL: ""
AWS_S3_UPLOAD_BUCKET_NAME: ""
AWS_S3_UPLOAD_MAX_SIZE: 26214400
AWS_S3_FORCE_PATH_STYLE: true
AWS_S3_ACL: ""
envValueFrom:
DATABASE_URL:
secretKeyRef:
name: dbcreds
key: url-noql
REDIS_URL:
secretKeyRef:
name: rediscreds
key: url
SECRET_KEY:
secretKeyRef:
name: outline-secrets
key: SECRET_KEY
UTILS_SECRET:
secretKeyRef:
name: outline-secrets
key: UTILS_SECRET
service:
main:
ports:
main:
port: 10196
# Enabled redis
redis:
enabled: true
existingSecret: "rediscreds"
# Enabled postgres
postgresql:
enabled: true
existingSecret: "dbcreds"
postgresqlUsername: outline
postgresqlDatabase: outline
installContainers:
initdb:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: dbcreds
key: url-noql
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: rediscreds
key: url
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: outline-secrets
key: SECRET_KEY
- name: UTILS_SECRET
valueFrom:
secretKeyRef:
name: outline-secrets
key: UTILS_SECRET
command: ["sh", "-c", "yarn sequelize db:migrate --env=production-ssl-disabled"]
upgradeContainers:
upgradedb:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: dbcreds
key: url-noql
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: rediscreds
key: url
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: outline-secrets
key: SECRET_KEY
- name: UTILS_SECRET
valueFrom:
secretKeyRef:
name: outline-secrets
key: UTILS_SECRET
command: ["sh", "-c", "yarn sequelize db:migrate --env=production-ssl-disabled"]

BIN
docs/_static/img/appicons/outline.png vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

1
docs/manual/default-ports.md
View File

@ -352,6 +352,7 @@ These defaults can of course be changed, but as we guarantee "sane, working defa
| verysync | main | main | 10193 | HTTP | |
| browserless | main | main | 10194 | TCP | |
| kutt | main | main | 10195 | TCP | |
| outline | main | main | 10196 | TCP | |
| storj-node | main | main | 14002 | TCP | |
| satisfactory | beacon | beacon | 15000 | UDP | |
| satisfactory | query | query | 15777 | UDP | |