diff --git a/charts/incubator/browserless-chrome/Chart.yaml b/charts/incubator/browserless-chrome/Chart.yaml index f8eb52b2af3..aa6f98cf5b5 100644 --- a/charts/incubator/browserless-chrome/Chart.yaml +++ b/charts/incubator/browserless-chrome/Chart.yaml @@ -20,7 +20,7 @@ name: browserless-chrome sources: - https://docs.browserless.io/docs/docker.html - https://hub.docker.com/r/browserless/chrome/ -version: 0.0.4 +version: 0.0.5 annotations: truecharts.org/catagories: | - productivity diff --git a/charts/incubator/browserless-chrome/questions.yaml b/charts/incubator/browserless-chrome/questions.yaml index f1db13e6baf..391063e5069 100644 --- a/charts/incubator/browserless-chrome/questions.yaml +++ b/charts/incubator/browserless-chrome/questions.yaml @@ -105,7 +105,7 @@ questions: description: "You can optionally apply a TOKEN param that will restrict calls without a token query-string parameter" schema: type: string - default: "admin" + default: "" private: true - variable: env group: "Container Configuration" diff --git a/charts/incubator/doplarr/Chart.yaml b/charts/incubator/doplarr/Chart.yaml index eadbf152775..1276a1acb25 100644 --- a/charts/incubator/doplarr/Chart.yaml +++ b/charts/incubator/doplarr/Chart.yaml @@ -17,7 +17,7 @@ maintainers: name: doplarr sources: - https://github.com/kiranshila/Doplarr -version: 0.0.3 +version: 0.0.4 annotations: truecharts.org/catagories: | - media diff --git a/charts/incubator/doplarr/values.yaml b/charts/incubator/doplarr/values.yaml index 6a97303acbc..158d6dd4f6d 100644 --- a/charts/incubator/doplarr/values.yaml +++ b/charts/incubator/doplarr/values.yaml @@ -9,10 +9,10 @@ secret: SONARR__API: "" RADARR__API: "" DISCORD__ROLE_ID: "" + DISCORD__TOKEN: "" env: OVERSEERR__URL: "" - DISCORD__TOKEN: "" DISCORD__MAX_RESULTS: 25 DISCORD__REQUESTED_MSG_STYLE: ":plain" SONARR__URL: "" diff --git a/charts/incubator/kimai/questions.yaml b/charts/incubator/kimai/questions.yaml index d6779f25c61..49eb3528533 100644 --- a/charts/incubator/kimai/questions.yaml +++ b/charts/incubator/kimai/questions.yaml @@ -106,7 +106,7 @@ questions: description: "Comma separated list of trusted hosts." schema: type: string - default: "172.16.0.0/12" + default: "localhost" # Include{containerConfig} @@ -304,7 +304,7 @@ questions: label: "runAsNonRoot" schema: type: boolean - default: false + default: true # Include{securityContextAdvanced} - variable: podSecurityContext @@ -319,13 +319,13 @@ questions: description: "The UserID of the user running the application" schema: type: int - default: 0 + default: 33 - variable: runAsGroup label: "runAsGroup" description: The groupID this App of the user running the application" schema: type: int - default: 0 + default: 33 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." diff --git a/charts/incubator/kimai/templates/common.yaml b/charts/incubator/kimai/templates/common.yaml index a6613c2ce21..eecba2d2028 100644 --- a/charts/incubator/kimai/templates/common.yaml +++ b/charts/incubator/kimai/templates/common.yaml @@ -1 +1,18 @@ -{{ include "common.all" . }} +{{- include "common.setup" . }} + +{{/* Append the hardcoded settings */}} +{{- define "kimai.harcodedValues" -}} +persistence: + kimai-config: + enabled: "true" + mountPath: "/etc/nginx/conf.d/default.conf" + subPath: "nginx-config" + type: "custom" + volumeSpec: + configMap: + name: {{ printf "%v-config" (include "common.names.fullname" .) }} +{{- end -}} +{{- $_ := mergeOverwrite .Values (include "kimai.harcodedValues" . | fromYaml) -}} + +{{/* Render the templates */}} +{{ include "common.postSetup" . }} diff --git a/charts/incubator/kimai/templates/configmap.yaml b/charts/incubator/kimai/templates/configmap.yaml new file mode 100644 index 00000000000..a6452a5dd75 --- /dev/null +++ b/charts/incubator/kimai/templates/configmap.yaml @@ -0,0 +1,42 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.names.fullname" . }}-config + labels: + {{- include "common.labels" . | nindent 4 }} +data: + nginx-config: |- + server { + listen 80; + index index.php; + server_name nginx; + server_tokens off; + root /opt/kimai/public; + + # cache static asset files + location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ { + expires max; + log_not_found off; + } + + # for health checks + location /health { + return 200 'alive'; + add_header Content-Type text/plain; + } + + location / { + try_files $uri $uri/ /index.php$is_args$args; + } + + location ~ ^/index\.php(/|$) { + fastcgi_hide_header X-Powered-By; + fastcgi_pass localhost:9000; + fastcgi_split_path_info ^(.+\.php)(/.*)$; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + fastcgi_param DOCUMENT_ROOT $realpath_root; + internal; + } + } diff --git a/charts/incubator/kimai/values.yaml b/charts/incubator/kimai/values.yaml index ed2515bce9c..8e6172035b2 100644 --- a/charts/incubator/kimai/values.yaml +++ b/charts/incubator/kimai/values.yaml @@ -1,15 +1,15 @@ image: - repository: kimai/kimai2 - tag: apache-1.19-prod@sha256:e4a92b3a87c782a8ad75fcb8468c654232ea8043efe5409877e1b06c7562f95b + repository: tccr.io/truecharts/kimai + tag: v1.19@sha256:c397c8f343f90c7997cf524d9b05636571c017db8d9e6db3c6328abfe3cd3b81 pullPolicy: IfNotPresent securityContext: - readOnlyRootFilesystem: false runAsNonRoot: false + readOnlyRootFilesystem: false podSecurityContext: - runAsUser: 0 - runAsGroup: 0 + runAsUser: 33 + runAsGroup: 33 secret: ADMINMAIL: "admin@mysecretdomain.com" @@ -21,7 +21,7 @@ env: DB_USER: "{{ .Values.mariadb.mariadbDatabase }}" DB_BASE: "{{ .Values.mariadb.mariadbUsername }}" # User Defined - TRUSTED_HOSTS: "172.16.0.0/12" + TRUSTED_HOSTS: "localhost" envValueFrom: DB_PASS: @@ -40,10 +40,18 @@ service: port: 10198 targetPort: 8001 +probes: + liveness: + path: "/en/login" + readiness: + path: "/en/login" + startup: + path: "/en/login" + persistence: data: enabled: true - mountPath: "/opt/kimai/public" + mountPath: "/opt/kimai/var" mariadb: enabled: true