feat(cloudflareddns): BREAKING CHANGE - Rewrite GUI (#5995)

* fix(cloudflareddns) validate cf hosts and zones

* add _secrets.tpl and major gui overhaul

* fix _secret.tpl variables

* remove variable from zone variable

* fix zones variable

* fix variable

* make some cchanges

* update regex

* update doc

* whoops

* fix CF_HOSTS variable

* Update charts/stable/cloudflareddns/Chart.yaml

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
This commit is contained in:
Xstar97 2023-01-06 04:39:09 -05:00 committed by GitHub
parent 996a97e7ad
commit a48faf35a4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 224 additions and 124 deletions

View File

@ -1,33 +1,31 @@
apiVersion: v2 apiVersion: v2
kubeVersion: ">=1.16.0-0"
name: cloudflareddns
version: 3.0.10
appVersion: "latest" appVersion: "latest"
description: Update your Cloudflare DNS records automatically for those with a dynamic IP
type: application
deprecated: false
home: https://truecharts.org/charts/stable/cloudflareddns
icon: https://truecharts.org/img/hotlink-ok/chart-icons/cloudflareddns.png
keywords:
- ddns
- cloudflare
- cloudflareddns
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/cloudflareddns
- https://github.com/hotio/cloudflareddns
- https://hotio.dev/containers/cloudflareddns/
dependencies: dependencies:
- name: common - name: common
repository: https://library-charts.truecharts.org repository: https://library-charts.truecharts.org
version: 11.1.2 version: 11.1.2
# condition: deprecated: false
description: Automate Cloudflare DNS records for those with a dynamic IP.
home: https://truecharts.org/charts/stable/cloudflareddns
icon: https://truecharts.org/img/hotlink-ok/chart-icons/cloudflareddns.png
keywords:
- cloudflareddns
- ddns
- cloudflare
kubeVersion: ">=1.16.0-0"
maintainers: maintainers:
- email: info@truecharts.org - email: info@truecharts.org
name: TrueCharts name: TrueCharts
url: https://truecharts.org url: https://truecharts.org
name: cloudflareddns
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/cloudflareddns
- https://github.com/hotio/cloudflareddns
- https://hotio.dev/containers/cloudflareddns/
type: application
version: 4.0.0
annotations: annotations:
truecharts.org/catagories: | truecharts.org/catagories: |
- incubator
- networking - networking
truecharts.org/SCALE-support: "true" truecharts.org/SCALE-support: "true"
truecharts.org/grade: U truecharts.org/grade: U

View File

@ -0,0 +1,31 @@
# Input Validation
**`CF Hosts`**
**Not** accepted domains are:
- Domain ending in `.cf` (eg. `example.cf`)
- Domain ending in `.ga` (eg. `example.ga`)
- Domain ending in `.gq` (eg. `example.gq`)
- Domain ending in `.ml` (eg. `example.ml`)
- Domain ending in `.tk` (eg. `example.tk`)
Regex used to match this: `^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$`
You can try live [here](https://regex101.com/r/rZBln5/1)
**`CF Zones`**
**Not** accepted domains are:
- Domain ending in `.cf` (eg. `example.cf`)
- Domain ending in `.ga` (eg. `example.ga`)
- Domain ending in `.gq` (eg. `example.gq`)
- Domain ending in `.ml` (eg. `example.ml`)
- Domain ending in `.tk` (eg. `example.tk`)
Regex used to match this: `^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$`
You can try live [here](https://regex101.com/r/rZBln5/1)
---
_If you find a field that you think it needs validation, please open an issue on github_

View File

@ -6,111 +6,129 @@ questions:
# Include{replicas} # Include{replicas}
# Include{replica1} # Include{replica1}
# Include{controllerExpertExtraArgs} # Include{controllerExpertExtraArgs}
- variable: secretEnv - variable: cloudflareddns
group: "App Configuration" group: App Configuration
label: "Image Secrets" label: Cloudflareddns Configuration
schema: schema:
additional_attrs: true additional_attrs: true
type: dict type: dict
attrs: attrs:
- variable: CF_APITOKEN - variable: user
label: "CF_APITOKEN" label: CF User
description: Cloudflare Username (eg. your.cf.email@example.com)
schema:
type: string
default: ""
- variable: api_token
label: CF API Token
schema: schema:
type: string type: string
private: true private: true
default: "" default: ""
- variable: CF_APIKEY - variable: api_key
label: "CF_APIKEY" label: CF API Key
schema: schema:
type: string type: string
private: true private: true
default: "" default: ""
- variable: CF_APITOKEN_ZONE - variable: api_token_zone
label: "CF_APITOKEN_ZONE" label: CF API Token Zone
schema: schema:
type: string type: string
private: true private: true
default: "" default: ""
- variable: env - variable: interval
group: "App Configuration" label: Interval
label: "Image Environment" description: Update your DDNS interval in seconds
schema:
additional_attrs: true
type: dict
attrs:
- variable: INTERVAL
label: "INTERVAL"
description: "Update your DDNS interval in seconds"
schema: schema:
type: int type: int
default: 300 default: 300
- variable: LOG_LEVEL min: 60
label: "LOG_LEVEL" - variable: detect_mode
description: "Level of detail your logs need" label: Detection Mode
description: How you want to get your WAN IP
schema:
type: string
default: dig-whoami.cloudflare
enum:
- value: dig-whoami.cloudflare
description: dig-whoami.cloudflare
- value: curl-ifconfig.co
description: curl-ifconfig.co
- value: curl-icanhazip.com
description: curl-icanhazip.com
- value: curl-wtfismyip.com
description: curl-wtfismyip.com
- value: curl-showmyip.ca
description: curl-showmyip.ca
- value: curl-da.gd
description: curl-da.gd
- value: curl-seeip.org
description: curl-seeip.org
- value: dig-google.com
description: dig-google.com
- value: dig-opendns.com
description: dig-opendns.com
- variable: detect_override
label: Detection mode Override
description: If you want to set DETECTION_MODE to 'local:eth0' for a local interface, this will override the dropdown selection
schema:
type: string
default: ""
- variable: log_level
label: Log Level
description: Level of detail your logs need
schema: schema:
type: int type: int
default: 3 default: 3
- variable: DETECT_MODE
label: "DETECTION_MODE"
description: "How you want to get your WAN IP"
schema:
type: string
default: "dig-whoami.cloudflare"
enum: enum:
- value: "dig-whoami.cloudflare" - value: 0
description: "dig-whoami.cloudflare" description: No log output
- value: "curl-ifconfig.co" - value: 1
description: "curl-ifconfig.co" description: UPDATE, WARNING, ERROR
- value: "curl-icanhazip.com" - value: 2
description: "curl-icanhazip.com" description: UPDATE, WARNING, ERROR, INFO
- value: "curl-wtfismyip.com" - value: 3
description: "curl-wtfismyip.com" description: UPDATE, WARNING, ERROR, INFO, DEBUG
- value: "curl-showmyip.ca" - variable: host_zone_record
description: "curl-showmyip.ca" label: Hosts, Zones and Record Types
- value: "curl-da.gd"
description: "curl-da.gd"
- value: "curl-seeip.org"
description: "curl-seeip.org"
- value: "dig-google.com"
description: "dig-google.com"
- value: "dig-opendns.com"
description: "dig-opendns.com"
- variable: DETECT_OVERRIDE
label: "DETECTION_MODE_OVERRIDE"
description: "If you want to set DETECTION_MODE to 'local:eth0' for a local interface, this will override the dropdown selection"
schema: schema:
type: string type: list
default: "" default: []
- variable: CF_USER items:
label: "CF_USER" - variable: hostRecordEntry
description: "Cloudflare Username (eg. your.cf.email@example.com)" label: Host, Zone and Record Type Entry
schema: schema:
type: string type: dict
default: "" additional_attrs: true
- variable: CF_HOSTS attrs:
label: "CF_HOSTS" - variable: domain
description: "Cloudflare Hosts (Domains) (eg. test.example.com;test.foobar.com)" label: Domain
schema: schema:
type: string type: string
default: "" required: true
- variable: CF_ZONES default: "example.com"
label: "CF_ZONES" valid_chars: '^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$'
description: "Cloudflare DNS Zones (eg. example.com;foobar.com;foobar.com)" - variable: zone
schema: label: Zone
type: string schema:
default: "" type: string
- variable: CF_RECORDTYPES required: true
label: "CF_RECORDTYPES" valid_chars: '^((?!(\.cf|\.ga|\.gq|\.ml|\.tk)$).)*$'
description: "Cloudflare DNS Zones" default: ""
schema: - variable: type
type: string label: Record Type
default: "A;A;AAAA" schema:
type: string
required: true
default: "A"
# Include{containerConfig} # Include{containerConfig}
# Include{serviceList} # Include{serviceList}
# Include{persistenceRoot} # Include{persistenceRoot}
- variable: config - variable: config
label: "App Config Storage" label: App Config Storage
description: "Stores the Application Configuration." description: Stores the Application Configuration.
schema: schema:
additional_attrs: true additional_attrs: true
type: dict type: dict
@ -120,41 +138,41 @@ questions:
# Include{security} # Include{security}
# Include{securityContextAdvancedRoot} # Include{securityContextAdvancedRoot}
- variable: privileged - variable: privileged
label: "Privileged mode" label: Privileged mode
schema: schema:
type: boolean type: boolean
default: false default: false
- variable: readOnlyRootFilesystem - variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem" label: ReadOnly Root Filesystem
schema: schema:
type: boolean type: boolean
default: false default: false
- variable: allowPrivilegeEscalation - variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation" label: Allow Privilege Escalation
schema: schema:
type: boolean type: boolean
default: false default: false
- variable: runAsNonRoot - variable: runAsNonRoot
label: "runAsNonRoot" label: runAsNonRoot
schema: schema:
type: boolean type: boolean
default: false default: false
# Include{podSecurityContextRoot} # Include{podSecurityContextRoot}
- variable: runAsUser - variable: runAsUser
label: "runAsUser" label: runAsUser
description: "The UserID of the user running the application" description: The UserID of the user running the application
schema: schema:
type: int type: int
default: 0 default: 0
- variable: runAsGroup - variable: runAsGroup
label: "runAsGroup" label: runAsGroup
description: "The groupID this App of the user running the application" description: The groupID this App of the user running the application
schema: schema:
type: int type: int
default: 0 default: 0
- variable: fsGroup - variable: fsGroup
label: "fsGroup" label: fsGroup
description: "The group that should own ALL storage." description: The group that should own ALL storage.
schema: schema:
type: int type: int
default: 568 default: 568

View File

@ -0,0 +1,40 @@
{{/* Define the secret */}}
{{- define "cloudflareddns.secret" -}}
{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }}
{{- $cfddns := .Values.cloudflareddns -}}
{{- $domains := list }}
{{- $records := list }}
{{- $zones := list }}
{{- range $item := $cfddns.host_and_record }}
{{- $domains = mustAppend $domains $item.domain }}
{{- $records = mustAppend $records $item.record }}
{{- $zones = mustAppend $zones $item.zone }}
{{- end }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
stringData:
{{- with $cfddns.user }}
CF_USER: {{ . | quote }}
{{- end }}
{{- with $cfddns.api_key }}
CF_APIKEY: {{ . | quote }}
{{- end }}
{{- with $cfddns.api_token }}
CF_APITOKEN: {{ . | quote }}
{{- end }}
{{- with $cfddns.api_token_zone }}
CF_APITOKEN_ZONE: {{ . | quote }}
{{- end }}
INTERVAL: {{ $cfddns.interval | quote }}
LOG_LEVEL: {{ $cfddns.log_level | quote }}
DETECTION_MODE: {{ $cfddns.detect_override | default $cfddns.detect_mode | quote }}
CF_ZONES: {{ join ";" $zones | quote }}
CF_HOSTS: {{ join ";" $domains | quote }}
CF_RECORDTYPES: {{ join ";" $records | quote }}
{{- end -}}

View File

@ -1 +1,8 @@
{{ include "tc.common.loader.all" . }} {{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{/* Render secret */}}
{{- include "cloudflareddns.secret" . }}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}

View File

@ -11,23 +11,25 @@ podSecurityContext:
runAsUser: 0 runAsUser: 0
runAsGroup: 0 runAsGroup: 0
secretEnv: cloudflareddns:
CF_APITOKEN: "" user: your.cf.email@example.com
CF_APIKEY: "" api_token: ""
CF_APITOKEN_ZONE: "" api_key: ""
api_token_zone: ""
env: interval: 300
DETECTION_MODE: '{{ ternary .Values.env.DETECT_MODE .Values.env.DETECT_OVERRIDE (eq .Values.env.DETECT_OVERRIDE "") }}' detect_mode: dig-whoami.cloudflare
# Use Defined detect_override: ""
INTERVAL: 300 log_level: 3
DETECT_MODE: "dig-whoami.cloudflare" host_zone_record:
DETECT_OVERRIDE: "" - domain: example.com
LOG_LEVEL: 3 zone: example.com
cloudflareddns: "" record: A
CF_USER: "your.cf.email@example.com" - domain: foobar.com
CF_HOSTS: "test.example.com;test.foobar.com;test2.foobar.com" zone: foobar.com
CF_ZONES: "example.com;foobar.com;foobar.com" record: A
CF_RECORDTYPES: "A;A;AAAA" - domain: foobar.com
zone: foobar.com
record: AAAA
probes: probes:
liveness: liveness:
@ -37,6 +39,10 @@ probes:
startup: startup:
enabled: false enabled: false
envFrom:
- secretRef:
name: '{{ include "tc.common.names.fullname" . }}-secret'
service: service:
main: main:
enabled: false enabled: false
@ -47,7 +53,7 @@ service:
persistence: persistence:
config: config:
enabled: true enabled: true
mountPath: "/config" mountPath: /config
varrun: varrun:
enabled: true enabled: true