Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code

feat(tt-rss) reimplement with upstream container images (#17293) 

**Description**
It appears that the k8s-at-home project which this app was based on is
unmaintained, and the container has stopped running successfully for
myself and others. This pull request moves the tt-rss app back to dev
train, and includes an initial attempt at migrating from k8s-at-home to
the tt-rss author's docker images.
<!--
Please include a summary of the change and which issue is fixed. Please
also include relevant motivation and context. List any dependencies that
are required for this change.
-->

⚒️ Approaches fix for  #8647 <!--(issue)-->

// EDIT: Stavros
Closes #8647

**⚙️ Type of change**

- [ ] ⚙️ Feature/App addition
- [x] 🪛 Bugfix
- [ ] ⚠️ Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [ ] 🔃 Refactor of current code

**🧪 How Has This Been Tested?**
Tested with helm+kubernetes on local Docker Desktop instance. Deploys
successfully with a local.yaml file which sets LoadBalancer and the Self
URL variable:
```
$ cat local.yaml 
service:
  main:
    type: LoadBalancer
workload:
  main:
    podSpec:
      containers:
        main:
          env:
            TTRSS_SELF_URL_PATH: "http://localhost:10104/tt-rss/"
```
<!--
Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration
-->

**📃 Notes:**
I have not tried implementing updated TrueNAS questions yet, or made
updates to the app documentation. The app does not provide semantic
versioning that I have found, versions arbitrarily bumped.
<!-- Please enter any other relevant information here -->

**✔️ Checklist:**

- [x] ⚖️ My code follows the style guidelines of this project
- [x] 👀 I have performed a self-review of my own code
- [ ] #️⃣ I have commented my code, particularly in hard-to-understand
areas
- [ ] 📄 I have made corresponding changes to the documentation
- [ ] ⚠️ My changes generate no new warnings
- [ ] 🧪 I have added tests to this description that prove my fix is
effective or that my feature works
- [ ] ⬆️ I increased versions for any altered app according to semantic
versioning

** App addition**

If this PR is an app addition please make sure you have done the
following.

- [x] 🪞 I have opened a PR on
[truecharts/containers](https://github.com/truecharts/containers) adding
the container to TrueCharts mirror repo.
- [x] 🖼️ I have added an icon in the Chart's root directory called
`icon.png`

---

_Please don't blindly check all the boxes. Read them and only check
those that apply.
Those checkboxes are there for the reviewer to see what is this all
about and
the status of this PR with a quick glance._

---------

Signed-off-by: Christopher <bigbero@gmail.com>
Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
This commit is contained in:
Christopher 2024-01-26 16:26:55 -06:00 committed by GitHub
parent 30e0ac7d47
commit 9dbe4546b8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 253 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
charts/stable/tt-rss/Chart.yaml
View File

@ -5,9 +5,9 @@ annotations:
truecharts.org/category: rss
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.12"
truecharts.org/train: stable
truecharts.org/train: incubator
apiVersion: v2
appVersion: 2.0.9113
appVersion: 3.0.0
dependencies:
- name: common
version: 17.2.29
@ -32,6 +32,6 @@ name: tt-rss
sources:
- https://git.tt-rss.org/fox/tt-rss
- https://github.com/truecharts/charts/tree/master/charts/stable/tt-rss
- https://ghcr.io/k8s-at-home/tt-rss
- https://hub.docker.com/r/cthulhoo/ttrss-fpm-pgsql-static/tags
type: application
version: 14.1.10
version: 15.0.0

6
charts/stable/tt-rss/docs/credentials.md
View File

@ -1,6 +0,0 @@
---
title: Default Username/Password
---
- **Username**: `admin`
- **Password**: `password`

34
charts/stable/tt-rss/docs/installation_notes.md
View File

@ -1,8 +1,34 @@
---
title: Installation Notes
title: TT-RSS Installation Notes
---
- Set `TTRSS Self URL Path` to `http://scale_ip:APP_PORT/` and then login using the default [credentials](./credentials.md).
- If you plan to use ingress and a domain you need to:
- Set `TTRSS Self URL Path` to `https://app.mydomain.tld/`
## Credentials
TT-RSS will create a user (named `admin`) on first run. If no password is given in the *TTRSS Admin User Pass* field, then a password is automatically generated and printed to the app's logs. Otherwise the password entered in that field will be used.
Be warned that if the app restarts before collecting the automatically generated password, it may be rotated out of the logs and the app will require re-installing to set and print a new password.
To reach the automatically generated password, select the tt-rss app in TrueNAS's Applications list. Under Workloads click the View Logs icon beside the tt-rss container. In the dialog that pops up, there will be several containers, look for the one without `-cnpg`, `-nginx`, or `-updater` in the name. The password log section will look like this:
```
*****************************************************************************
* Setting initial built-in admin user password to '$RANDOM_PASS' *
* If you want to set it manually, use ADMIN_USER_PASS environment variable. *
*****************************************************************************
```
## Configuring path and URL
TT-RSS has defaults which expect it to be installed and reachable at a url ending in `/tt-rss/` (e.g. https://rss.me.com/tt-rss/). This SCALE app comes with adjusted defaults that eliminate this ending portion (e.g. https://rss.me.com/).
If an advanced user wishes to alter the app path, use the *App Web Root Path* and *App Base Path* fields to do so. Read more here: https://tt-rss.org/wiki/InstallationNotes#how-do-i-make-it-run-without-tt-rss-in-the-url-i.e.-at-website-root
### Install to subdomain with traefik + ingress
- Set `TTRSS Self URL Path` to `https://subdomain.scale_domain.tld/`.
- Configure ingress on the app
### Install to IP address
- Set `TTRSS Self URL Path` to `http://SCALE_IP:APP_PORT/`.
- Ensure the app's port is set to LoadBalancer to allow external browsers to reach it.

18
charts/stable/tt-rss/questions.yaml
View File

@ -18,9 +18,17 @@ questions:
attrs:
- variable: TTRSS_SELF_URL_PATH
label: TTRSS Self URL Path
description: Sets the URL for the app.
description: You will likely need to set this to the correct value - it should point to external tt-rss URL as seen in your browser. e.g. https://rss.example.com
schema:
type: string
required: true
default: ""
- variable: ADMIN_USER_PASS
label: TTRSS Admin User Password
description: Leave blank and tt-rss will generate a random password to use with admin account on first run. Check container logs for password.
schema:
type: string
private: true
default: ""
# Include{containerBasic}
# Include{containerAdvanced}
@ -53,6 +61,14 @@ questions:
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceRoot}
- variable: html
label: App HTML Storage
description: Stores the Application files.
schema:
additional_attrs: true
type: dict
attrs:
# Include{persistenceBasic}
- variable: config
label: App Config Storage
description: Stores the Application Configuration.

221
charts/stable/tt-rss/values.yaml
View File

@ -1,23 +1,59 @@
image:
repository: ghcr.io/k8s-at-home/tt-rss
repository: cthulhoo/ttrss-fpm-pgsql-static
pullPolicy: IfNotPresent
tag: v2.0.9113@sha256:217951fc8f013623923850c865d87509172914fc01f9227559e3d6e6096c15b3
service:
main:
ports:
main:
port: 10104
targetPort: 8080
tag: latest@sha256:7eff9bb881d680906a9026c4414b2d85b4a0f892be235dbebfff6dc052b2ba6a
nginxImage:
repository: cthulhoo/ttrss-web-nginx
pullPolicy: IfNotPresent
tag: latest@sha256:662d1914a75071526e03a58c09b90d87decd8a563a2da9da9b654d3606747c6b
updaterImage:
repository: cthulhoo/ttrss-fpm-pgsql-static
pullPolicy: IfNotPresent
tag: latest@sha256:7eff9bb881d680906a9026c4414b2d85b4a0f892be235dbebfff6dc052b2ba6a
securityContext:
container:
readOnlyRootFilesystem: false
runAsNonRoot: false
runAsUser: 0
runAsGroup: 0
persistence:
html:
enabled: true
targetSelector:
main:
main:
mountPath: /var/www/html
nginx:
nginx:
mountPath: /var/www/html
readOnly: true
updater:
updater:
mountPath: /var/www/html
config:
enabled: true
mountPath: /config
targetSelector:
main:
main:
mountPath: /opt/tt-rss/config.d
updater:
updater:
mountPath: /opt/tt-rss/config.d
nginx-conf:
enabled: true
type: configmap
objectName: config
targetSelector:
nginx:
nginx:
mountPath: /etc/nginx/templates/nginx.conf.template
subPath: nginx.conf.template
plugins:
enabled: true
mountPath: /app/plugins.local
mountPath: /var/www/html/tt-rss/plugins.local
themes:
enabled: true
mountPath: /app/themes.local
mountPath: /var/www/html/tt-rss/themes.local
cnpg:
main:
enabled: true
@ -26,12 +62,6 @@ cnpg:
portal:
open:
enabled: true
securityContext:
container:
readOnlyRootFilesystem: false
runAsNonRoot: false
runAsUser: 0
runAsGroup: 0
workload:
main:
podSpec:
@ -39,11 +69,92 @@ workload:
main:
probes:
liveness:
type: tcp
type: exec
command:
- /bin/sh
- -c
- netstat -npl | grep :9000
readiness:
type: tcp
type: exec
command:
- /bin/sh
- -c
- ls /var/www/html/tt-rss/.app_is_ready
startup:
type: tcp
port: "{{ .Values.service.app.ports.app.port }}"
env:
TTRSS_SELF_URL_PATH: ""
# tt-rss tests with "-z" so an empty string should still allow the randomly generated password to be made.
ADMIN_USER_PASS: ""
TTRSS_DB_NAME: "{{ .Values.cnpg.main.database }}"
TTRSS_DB_USER: "{{ .Values.cnpg.main.user }}"
TTRSS_DB_PORT: "5432"
TTRSS_DB_PASS:
secretKeyRef:
name: cnpg-main-user
key: password
TTRSS_DB_HOST:
secretKeyRef:
name: cnpg-main-urls
key: host
nginx:
enabled: true
type: Deployment
podSpec:
containers:
nginx:
enabled: true
primary: true
imageSelector: nginxImage
probes:
readiness:
enabled: true
type: http
path: "/public.php?op=healthcheck"
port: "{{ .Values.service.main.ports.main.port }}"
liveness:
enabled: true
type: http
path: "/public.php?op=healthcheck"
port: "{{ .Values.service.main.ports.main.port }}"
startup:
enabled: true
type: tcp
port: "{{ .Values.service.main.ports.main.port }}"
env:
APP_UPSTREAM: '{{ printf "%s-app" (include "tc.v1.common.lib.chart.names.fullname" .) }}'
APP_WEB_ROOT: /var/www/html/tt-rss
APP_BASE: ""
updater:
enabled: true
type: Deployment
podSpec:
containers:
updater:
enabled: true
primary: true
imageSelector: updaterImage
args: /opt/tt-rss/updater.sh
probes:
liveness:
type: exec
command:
- /usr/bin/test
- -f
- "/var/www/html/tt-rss/lock/update_daemon.lock"
readiness:
type: exec
command:
- /usr/bin/test
- -f
- "/var/www/html/tt-rss/lock/update_daemon.lock"
startup:
type: exec
command:
- /usr/bin/test
- -f
- "/var/www/html/tt-rss/lock/update_daemon.lock"
env:
TTRSS_SELF_URL_PATH: ""
TTRSS_DB_NAME: "{{ .Values.cnpg.main.database }}"
@ -57,3 +168,75 @@ workload:
secretKeyRef:
name: cnpg-main-urls
key: host
service:
# Main service links to ingress easier (according to nextcloud's values.yaml)
# That's why the nginx is swapped with app
main:
targetSelector: nginx
ports:
main:
targetSelector: nginx
port: 10104
app:
enabled: true
targetSelector: main
ports:
app:
enabled: true
targetSelector: main
port: 9000
targetPort: 9000
configmap:
config:
enabled: true
data:
nginx.conf.template: |-
worker_processes auto;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stdout;
error_log /dev/stderr warn;
sendfile on;
index index.php;
# Removed during app integration to Truecharts.
# See: https://github.com/truecharts/charts/pull/17293#discussion_r1461102952
#resolver ${RESOLVER} valid=5s;
server {
listen {{ .Values.service.main.ports.main.port }};
root ${APP_WEB_ROOT};
location ${APP_BASE}/cache {
aio threads;
internal;
}
location ${APP_BASE}/backups {
internal;
}
rewrite ${APP_BASE}/healthz ${APP_BASE}/public.php?op=healthcheck;
location ~ \.php$ {
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
# See note for `resolver` line above
#set $backend "${APP_UPSTREAM}:9000";
# See note for `resolver` line above
#fastcgi_pass $backend;
fastcgi_pass ${APP_UPSTREAM}:9000;
}
location / {
try_files $uri $uri/ =404;
}
}
}