feat(cloudflareddns): BREAKING CHANGE - Rewrite GUI (#5995)

* fix(cloudflareddns) validate cf hosts and zones

* add _secrets.tpl and major gui overhaul

* fix _secret.tpl variables

* remove variable from zone variable

* fix zones variable

* fix variable

* make some cchanges

* update regex

* update doc

* whoops

* fix CF_HOSTS variable

* Update charts/stable/cloudflareddns/Chart.yaml

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
This commit is contained in:
Xstar97 2023-01-06 04:39:09 -05:00 committed by GitHub
parent 996a97e7ad
commit a48faf35a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 224 additions and 124 deletions

View File

@ -1,33 +1,31 @@
apiVersion: v2
kubeVersion: ">=1.16.0-0"
name: cloudflareddns
version: 3.0.10
appVersion: "latest"
description: Update your Cloudflare DNS records automatically for those with a dynamic IP
type: application
deprecated: false
home: https://truecharts.org/charts/stable/cloudflareddns
icon: https://truecharts.org/img/hotlink-ok/chart-icons/cloudflareddns.png
keywords:
- ddns
- cloudflare
- cloudflareddns
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/cloudflareddns
- https://github.com/hotio/cloudflareddns
- https://hotio.dev/containers/cloudflareddns/
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 11.1.2
# condition:
deprecated: false
description: Automate Cloudflare DNS records for those with a dynamic IP.
home: https://truecharts.org/charts/stable/cloudflareddns
icon: https://truecharts.org/img/hotlink-ok/chart-icons/cloudflareddns.png
keywords:
- cloudflareddns
- ddns
- cloudflare
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: cloudflareddns
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/cloudflareddns
- https://github.com/hotio/cloudflareddns
- https://hotio.dev/containers/cloudflareddns/
type: application
version: 4.0.0
annotations:
truecharts.org/catagories: |
- incubator
- networking
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@ -0,0 +1,31 @@
# Input Validation
**`CF Hosts`**
**Not** accepted domains are:
- Domain ending in `.cf` (eg. `example.cf`)
- Domain ending in `.ga` (eg. `example.ga`)
- Domain ending in `.gq` (eg. `example.gq`)
- Domain ending in `.ml` (eg. `example.ml`)
- Domain ending in `.tk` (eg. `example.tk`)
Regex used to match this: `^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$`
You can try live [here](https://regex101.com/r/rZBln5/1)
**`CF Zones`**
**Not** accepted domains are:
- Domain ending in `.cf` (eg. `example.cf`)
- Domain ending in `.ga` (eg. `example.ga`)
- Domain ending in `.gq` (eg. `example.gq`)
- Domain ending in `.ml` (eg. `example.ml`)
- Domain ending in `.tk` (eg. `example.tk`)
Regex used to match this: `^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$`
You can try live [here](https://regex101.com/r/rZBln5/1)
---
_If you find a field that you think it needs validation, please open an issue on github_

View File

@ -6,111 +6,129 @@ questions:
# Include{replicas}
# Include{replica1}
# Include{controllerExpertExtraArgs}
- variable: secretEnv
group: "App Configuration"
label: "Image Secrets"
- variable: cloudflareddns
group: App Configuration
label: Cloudflareddns Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: CF_APITOKEN
label: "CF_APITOKEN"
- variable: user
label: CF User
description: Cloudflare Username (eg. your.cf.email@example.com)
schema:
type: string
default: ""
- variable: api_token
label: CF API Token
schema:
type: string
private: true
default: ""
- variable: CF_APIKEY
label: "CF_APIKEY"
- variable: api_key
label: CF API Key
schema:
type: string
private: true
default: ""
- variable: CF_APITOKEN_ZONE
label: "CF_APITOKEN_ZONE"
- variable: api_token_zone
label: CF API Token Zone
schema:
type: string
private: true
default: ""
- variable: env
group: "App Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: INTERVAL
label: "INTERVAL"
description: "Update your DDNS interval in seconds"
- variable: interval
label: Interval
description: Update your DDNS interval in seconds
schema:
type: int
default: 300
- variable: LOG_LEVEL
label: "LOG_LEVEL"
description: "Level of detail your logs need"
min: 60
- variable: detect_mode
label: Detection Mode
description: How you want to get your WAN IP
schema:
type: string
default: dig-whoami.cloudflare
enum:
- value: dig-whoami.cloudflare
description: dig-whoami.cloudflare
- value: curl-ifconfig.co
description: curl-ifconfig.co
- value: curl-icanhazip.com
description: curl-icanhazip.com
- value: curl-wtfismyip.com
description: curl-wtfismyip.com
- value: curl-showmyip.ca
description: curl-showmyip.ca
- value: curl-da.gd
description: curl-da.gd
- value: curl-seeip.org
description: curl-seeip.org
- value: dig-google.com
description: dig-google.com
- value: dig-opendns.com
description: dig-opendns.com
- variable: detect_override
label: Detection mode Override
description: If you want to set DETECTION_MODE to 'local:eth0' for a local interface, this will override the dropdown selection
schema:
type: string
default: ""
- variable: log_level
label: Log Level
description: Level of detail your logs need
schema:
type: int
default: 3
- variable: DETECT_MODE
label: "DETECTION_MODE"
description: "How you want to get your WAN IP"
schema:
type: string
default: "dig-whoami.cloudflare"
enum:
- value: "dig-whoami.cloudflare"
description: "dig-whoami.cloudflare"
- value: "curl-ifconfig.co"
description: "curl-ifconfig.co"
- value: "curl-icanhazip.com"
description: "curl-icanhazip.com"
- value: "curl-wtfismyip.com"
description: "curl-wtfismyip.com"
- value: "curl-showmyip.ca"
description: "curl-showmyip.ca"
- value: "curl-da.gd"
description: "curl-da.gd"
- value: "curl-seeip.org"
description: "curl-seeip.org"
- value: "dig-google.com"
description: "dig-google.com"
- value: "dig-opendns.com"
description: "dig-opendns.com"
- variable: DETECT_OVERRIDE
label: "DETECTION_MODE_OVERRIDE"
description: "If you want to set DETECTION_MODE to 'local:eth0' for a local interface, this will override the dropdown selection"
- value: 0
description: No log output
- value: 1
description: UPDATE, WARNING, ERROR
- value: 2
description: UPDATE, WARNING, ERROR, INFO
- value: 3
description: UPDATE, WARNING, ERROR, INFO, DEBUG
- variable: host_zone_record
label: Hosts, Zones and Record Types
schema:
type: string
default: ""
- variable: CF_USER
label: "CF_USER"
description: "Cloudflare Username (eg. your.cf.email@example.com)"
schema:
type: string
default: ""
- variable: CF_HOSTS
label: "CF_HOSTS"
description: "Cloudflare Hosts (Domains) (eg. test.example.com;test.foobar.com)"
schema:
type: string
default: ""
- variable: CF_ZONES
label: "CF_ZONES"
description: "Cloudflare DNS Zones (eg. example.com;foobar.com;foobar.com)"
schema:
type: string
default: ""
- variable: CF_RECORDTYPES
label: "CF_RECORDTYPES"
description: "Cloudflare DNS Zones"
schema:
type: string
default: "A;A;AAAA"
type: list
default: []
items:
- variable: hostRecordEntry
label: Host, Zone and Record Type Entry
schema:
type: dict
additional_attrs: true
attrs:
- variable: domain
label: Domain
schema:
type: string
required: true
default: "example.com"
valid_chars: '^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$'
- variable: zone
label: Zone
schema:
type: string
required: true
valid_chars: '^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$'
default: ""
- variable: type
label: Record Type
schema:
type: string
required: true
default: "A"
# Include{containerConfig}
# Include{serviceList}
# Include{persistenceRoot}
- variable: config
label: "App Config Storage"
description: "Stores the Application Configuration."
label: App Config Storage
description: Stores the Application Configuration.
schema:
additional_attrs: true
type: dict
@ -120,41 +138,41 @@ questions:
# Include{security}
# Include{securityContextAdvancedRoot}
- variable: privileged
label: "Privileged mode"
label: Privileged mode
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
label: ReadOnly Root Filesystem
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
label: Allow Privilege Escalation
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
label: runAsNonRoot
schema:
type: boolean
default: false
# Include{podSecurityContextRoot}
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
label: runAsUser
description: The UserID of the user running the application
schema:
type: int
default: 0
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
label: runAsGroup
description: The groupID this App of the user running the application
schema:
type: int
default: 0
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
label: fsGroup
description: The group that should own ALL storage.
schema:
type: int
default: 568

View File

@ -0,0 +1,40 @@
{{/* Define the secret */}}
{{- define "cloudflareddns.secret" -}}
{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }}
{{- $cfddns := .Values.cloudflareddns -}}
{{- $domains := list }}
{{- $records := list }}
{{- $zones := list }}
{{- range $item := $cfddns.host_and_record }}
{{- $domains = mustAppend $domains $item.domain }}
{{- $records = mustAppend $records $item.record }}
{{- $zones = mustAppend $zones $item.zone }}
{{- end }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
stringData:
{{- with $cfddns.user }}
CF_USER: {{ . | quote }}
{{- end }}
{{- with $cfddns.api_key }}
CF_APIKEY: {{ . | quote }}
{{- end }}
{{- with $cfddns.api_token }}
CF_APITOKEN: {{ . | quote }}
{{- end }}
{{- with $cfddns.api_token_zone }}
CF_APITOKEN_ZONE: {{ . | quote }}
{{- end }}
INTERVAL: {{ $cfddns.interval | quote }}
LOG_LEVEL: {{ $cfddns.log_level | quote }}
DETECTION_MODE: {{ $cfddns.detect_override | default $cfddns.detect_mode | quote }}
CF_ZONES: {{ join ";" $zones | quote }}
CF_HOSTS: {{ join ";" $domains | quote }}
CF_RECORDTYPES: {{ join ";" $records | quote }}
{{- end -}}

View File

@ -1 +1,8 @@
{{ include "tc.common.loader.all" . }}
{{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{/* Render secret */}}
{{- include "cloudflareddns.secret" . }}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}

View File

@ -11,23 +11,25 @@ podSecurityContext:
runAsUser: 0
runAsGroup: 0
secretEnv:
CF_APITOKEN: ""
CF_APIKEY: ""
CF_APITOKEN_ZONE: ""
env:
DETECTION_MODE: '{{ ternary .Values.env.DETECT_MODE .Values.env.DETECT_OVERRIDE (eq .Values.env.DETECT_OVERRIDE "") }}'
# Use Defined
INTERVAL: 300
DETECT_MODE: "dig-whoami.cloudflare"
DETECT_OVERRIDE: ""
LOG_LEVEL: 3
cloudflareddns: ""
CF_USER: "your.cf.email@example.com"
CF_HOSTS: "test.example.com;test.foobar.com;test2.foobar.com"
CF_ZONES: "example.com;foobar.com;foobar.com"
CF_RECORDTYPES: "A;A;AAAA"
cloudflareddns:
user: your.cf.email@example.com
api_token: ""
api_key: ""
api_token_zone: ""
interval: 300
detect_mode: dig-whoami.cloudflare
detect_override: ""
log_level: 3
host_zone_record:
- domain: example.com
zone: example.com
record: A
- domain: foobar.com
zone: foobar.com
record: A
- domain: foobar.com
zone: foobar.com
record: AAAA
probes:
liveness:
@ -37,6 +39,10 @@ probes:
startup:
enabled: false
envFrom:
- secretRef:
name: '{{ include "tc.common.names.fullname" . }}-secret'
service:
main:
enabled: false
@ -47,7 +53,7 @@ service:
persistence:
config:
enabled: true
mountPath: "/config"
mountPath: /config
varrun:
enabled: true