diff --git a/charts/stable/meshcentral/Chart.yaml b/charts/stable/meshcentral/Chart.yaml index 631b9914e14..98405ee5245 100644 --- a/charts/stable/meshcentral/Chart.yaml +++ b/charts/stable/meshcentral/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 kubeVersion: ">=1.16.0-0" name: meshcentral -version: 9.0.23 +version: 9.0.24 appVersion: "1.1.2" description: MeshCentral is a full computer management web site type: application diff --git a/charts/stable/meshcentral/questions.yaml b/charts/stable/meshcentral/questions.yaml index 7f94c06f420..a86f3889e3c 100644 --- a/charts/stable/meshcentral/questions.yaml +++ b/charts/stable/meshcentral/questions.yaml @@ -37,17 +37,15 @@ questions: default: "" - variable: tlsOffload label: tlsOffload - description: When true, indicates that a TLS offloader is in front of the MeshCentral server. More typically, set this to the IP address of the reverse proxy or TLS offloader so that IP forwarding headers will be trusted. For example traefik.ix-traefik.svc.cluster.local + description: When true, indicates that a TLS offloader is in front of the MeshCentral server. More typically, set this to the IP address of the reverse proxy or TLS offloader so that IP forwarding headers will be trusted. For example 172.16.0.0/16 schema: type: string - required: true - default: "" + default: "172.16.0.0/16" - variable: trustedProxy label: trustedProxy - description: Trust forwarded headers from these IPs or domains. Providing the magic string "CloudFlare" will cause the server to download the IP address list of trusted CloudFlare proxies directly from CloudFlare on each server start. For example traefik.ix-traefik.svc.cluster.local + description: Trust forwarded headers from these IPs or domains. Providing the magic string "CloudFlare" will cause the server to download the IP address list of trusted CloudFlare proxies directly from CloudFlare on each server start. For example 172.16.0.0/16. This should be left empty if traefik is used. schema: type: string - required: true default: "" - variable: WANonly label: WANonly diff --git a/charts/stable/meshcentral/templates/_secret.tpl b/charts/stable/meshcentral/templates/_secret.tpl index 7b284354132..002192eb66c 100644 --- a/charts/stable/meshcentral/templates/_secret.tpl +++ b/charts/stable/meshcentral/templates/_secret.tpl @@ -1,73 +1,72 @@ {{/* Define the secret */}} {{- define "meshcentral.secret" -}} -{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }} -{{- $secretStorageName := printf "%s-storage-secret" (include "tc.common.names.fullname" .) }} +{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) -}} +{{- $secretStorageName := printf "%s-storage-secret" (include "tc.common.names.fullname" .) -}} -{{- $config := .Values.meshcentral }} -{{- $mc_custom := .Values.additional_meshcentral }} +{{- $config := .Values.meshcentral -}} +{{- $mc_custom := .Values.additional_meshcentral -}} -{{- $isScale := false }} -{{- if hasKey .Values.global "isSCALE" }} - {{- $isScale = .Values.global.isSCALE }} -{{- else }} - {{- $isScale = false }} -{{- end }} +{{- $isScale := false -}} +{{- if hasKey .Values.global "isSCALE" -}} + {{- $isScale = .Values.global.isSCALE -}} +{{- else -}} + {{- $isScale = false -}} +{{- end -}} -{{- if $isScale }} - {{- if .Values.additional_meshcentral }} - {{- $mc_custom = (include "render.custom.scale.values" $mc_custom) }} - {{- $mc_custom_merged := dict }} +{{- if $isScale -}} + {{- if .Values.additional_meshcentral -}} + {{- $mc_custom = (include "render.custom.scale.values" $mc_custom) -}} + {{- $mc_custom_merged := dict -}} {{/* We created a new unique section# for each key we parsed */}} {{/* And we merge them here, as without it we would have multiple */}} {{/* same top level keys */}} - {{- range $section := (fromYaml $mc_custom) }} - {{- $mc_custom_merged = mergeOverwrite $mc_custom_merged $section }} - {{- end }} - {{- $config = mergeOverwrite $config $mc_custom_merged }} - {{- end }} -{{- end }} + {{- range $section := (fromYaml $mc_custom) -}} + {{- $mc_custom_merged = mergeOverwrite $mc_custom_merged $section -}} + {{- end -}} + {{- $config = mergeOverwrite $config $mc_custom_merged -}} + {{- end -}} +{{- end -}} -{{- $sessionKey := "" }} -{{- with (lookup "v1" "Secret" .Release.Namespace $secretStorageName) }} - {{- $sessionKey = (index .data "session_key") | b64dec }} -{{- else }} - {{- $sessionKey = randAlphaNum 32 | b64enc }} -{{- end }} +{{- $sessionKey := "" -}} +{{- with (lookup "v1" "Secret" .Release.Namespace $secretStorageName) -}} + {{- $sessionKey = (index .data "session_key") | b64dec -}} +{{- else -}} + {{- $sessionKey = randAlphaNum 32 | b64enc -}} +{{- end -}} {{/* Inject some values */}} -{{- $_ := set $config "$schema" "http://info.meshcentral.com/downloads/meshcentral-config-schema.json" }} +{{- $_ := set $config "$schema" "http://info.meshcentral.com/downloads/meshcentral-config-schema.json" -}} -{{- if not (hasKey $config "settings") }} - {{- $_ := set $config "settings" dict }} -{{- end }} +{{- if not (hasKey $config "settings") -}} + {{- $_ := set $config "settings" dict -}} +{{- end -}} -{{- $_ := set $config.settings "mongoDB" (.Values.mongodb.url.complete | trimAll "\"") }} -{{- $_ := set $config.settings "mongoDbName" .Values.mongodb.mongodbDatabase }} -{{- $_ := set $config.settings "sessionKey" $sessionKey }} -{{- $_ := set $config.settings "port" .Values.service.main.ports.main.port }} +{{- $_ := set $config.settings "mongoDB" (.Values.mongodb.url.complete | trimAll "\"") -}} +{{- $_ := set $config.settings "mongoDbName" .Values.mongodb.mongodbDatabase -}} +{{- $_ := set $config.settings "sessionKey" $sessionKey -}} +{{- $_ := set $config.settings "port" .Values.service.main.ports.main.port -}} {{/* Force disable some functions that are not appliable in docker */}} -{{- $_ := set $config.settings "selfUpdate" false }} -{{- $_ := set $config.settings "cleanNpmCacheOnUpdate" false }} +{{- $_ := set $config.settings "selfUpdate" false -}} +{{- $_ := set $config.settings "cleanNpmCacheOnUpdate" false -}} {{/* Disallows administrators to update the server from the My Server tab. For ANY domains defined */}} -{{- range $domain := $config.domains }} - {{- if not (hasKey $domain "myServer") }} - {{- $_ := set $domain "myServer" dict }} - {{- end }} - {{- $_ := set $domain.myServer "Upgrade" false }} -{{- end }} +{{- range $domain := $config.domains -}} + {{- if not (hasKey $domain "myServer") -}} + {{- $_ := set $domain "myServer" dict -}} + {{- end -}} + {{- $_ := set $domain.myServer "Upgrade" false -}} +{{- end -}} -{{- if $isScale }} - {{- $config = (include "mergeAndrenameDefaultDomain" $config) }} - {{- $config = (include "prune.keys.scale" (fromYaml $config)) }} -{{- else }} - {{- $config = (include "prune.keys" $config) }} +{{- if $isScale -}} + {{- $config = (include "mergeAndrenameDefaultDomain" $config) -}} + {{- $config = (include "prune.keys.scale" (fromYaml $config)) -}} +{{- else -}} + {{- $config = (include "prune.keys" $config) -}} {{- end }} --- - apiVersion: v1 kind: Secret type: Opaque @@ -80,7 +79,6 @@ data: session_key: {{ $sessionKey | b64enc }} --- - apiVersion: v1 kind: Secret type: Opaque @@ -91,72 +89,80 @@ metadata: data: {{/* The actual config */}} config.json: | - {{- toPrettyJson (fromYaml $config) | b64enc | nindent 4 }} -{{- end }} + {{- toPrettyJson (fromYaml $config) | b64enc |nindent 4 }} +{{- end -}} {{/* Prunes keys that start with _ */}} -{{- define "prune.keys" }} - {{- $values := . }} - {{- range $k, $v := $values }} - {{- if (hasPrefix "_" $k) }} - {{- $_ := unset $values $k }} - {{- else }} - {{- if eq (kindOf $v) "map" }} - {{- $v := (include "prune.keys" $v) }} - {{- end }} - {{- end }} - {{- end }} - {{- toYaml $values }} -{{- end }} +{{- define "prune.keys" -}} + {{- $values := . -}} + {{- range $k, $v := $values -}} + {{- if (hasPrefix "_" $k) -}} + {{- $_ := unset $values $k -}} + {{- else -}} + {{- if eq (kindOf $v) "map" -}} + {{- $v := (include "prune.keys" $v) -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- toYaml $values -}} +{{- end -}} {{/* Only on TrueNAS Scale */}} {{/* Prunes empty lists */}} {{/* Prunes int and float equal to -99 */}} {{/* Prunes empty strings (Does not prune empty strings in lists) */}} {{/* Prunes keys that start with _ */}} -{{- define "prune.keys.scale" }} - {{- $values := . }} - {{- range $k, $v := $values }} - {{- if eq (kindOf $v) "string" }} - {{- if not $v }} - {{- $_ := unset $values $k }} - {{- end }} - {{- end }} - {{- if or (eq (kindOf $v) "float64") (eq (kindOf $v) "int64") }} - {{- if eq (int $v) -99 }} - {{- $_ := unset $values $k }} - {{- end }} - {{- end }} - {{- if eq (kindOf $v) "slice" }} - {{- if not $v }} - {{- $_ := unset $values $k }} - {{- end }} - {{- end }} - {{- if (hasPrefix "_" $k) }} - {{- $_ := unset $values $k }} - {{- else }} - {{- if eq (kindOf $v) "map" }} - {{- $v := (include "prune.keys.scale" $v) }} - {{- end }} - {{- end }} - {{- end }} - {{- toYaml $values }} -{{- end }} +{{/* There are cases you want to pass strings or bools on the same field */}} +{{/* So if eq string, and eq true/false/null convert to the real values */}} +{{- define "prune.keys.scale" -}} + {{- $values := . -}} + {{- range $k, $v := $values -}} + {{- if eq (kindOf $v) "string" -}} + {{- if not $v -}} + {{- $_ := unset $values $k -}} + {{- else if or (eq $v "true") -}} + {{- $_ := set $values $k true -}} + {{- else if or (eq $v "false") -}} + {{- $_ := set $values $k false -}} + {{- else if or (eq $v "null") -}} + {{- $_ := set $values $k nil -}} {{/* nil == null on helm */}} + {{- end -}} + {{- end -}} + {{- if or (eq (kindOf $v) "float64") (eq (kindOf $v) "int64") -}} + {{- if eq (int $v) -99 -}} + {{- $_ := unset $values $k -}} + {{- end -}} + {{- end -}} + {{- if eq (kindOf $v) "slice" -}} + {{- if not $v -}} + {{- $_ := unset $values $k -}} + {{- end -}} + {{- end -}} + {{- if (hasPrefix "_" $k) -}} + {{- $_ := unset $values $k -}} + {{- else -}} + {{- if eq (kindOf $v) "map" -}} + {{- $v := (include "prune.keys.scale" $v) -}} + {{- end -}} + {{- end -}} + {{- end -}} + {{- toYaml $values -}} +{{- end -}} {{/* Renames tcdefaultdomain variable to "" as this is the key used by MeshCentral */}} {{/* but SCALE GUI does not handle it well */}} -{{- define "mergeAndrenameDefaultDomain" }} - {{- $values := . }} - {{- $defaultDomain := index $values.domains "" }} - {{- $computedDomain := mergeOverwrite $defaultDomain $values.domains.tcdefaultdomain }} - {{- $_ := set $values.domains "" $computedDomain }} - {{- $_ := unset $values.domains "tcdefaultdomain" }} - {{- toYaml $values }} -{{- end }} +{{- define "mergeAndrenameDefaultDomain" -}} + {{- $values := . -}} + {{- $defaultDomain := index $values.domains "" -}} + {{- $computedDomain := mergeOverwrite $defaultDomain $values.domains.tcdefaultdomain -}} + {{- $_ := set $values.domains "" $computedDomain -}} + {{- $_ := unset $values.domains "tcdefaultdomain" -}} + {{- toYaml $values -}} +{{- end -}} {{/* Takes a list of dicts with a value and a */}} {{/* key formatted in dot notaion and converts it to yaml */}} -{{- define "render.custom.scale.values" }} +{{- define "render.custom.scale.values" -}} {{- $values := . }} {{- $section := 1 }} {{- range $item := $values }} @@ -166,7 +172,7 @@ data: {{- range (split "." $item.key) }} {{- . | nindent (int $indent) }}: {{- $indent = (add 2 (int $indent)) }} - {{- end -}} + {{- end }} {{- printf " %v" $item.value }} {{- end }} -{{- end }} +{{- end -}}