fix(kodi-headless) set rofs to false + default credentials (#4902)

* fix(kodi-headless) set perms rootless

* rofs false | docs

* rar
This commit is contained in:
Xstar97 2022-11-27 16:40:19 -05:00 committed by GitHub
parent d086f90ce5
commit b0c13f2ee7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 48 additions and 44 deletions

View File

@ -1,29 +1,28 @@
apiVersion: v2
kubeVersion: ">=1.16.0-0"
name: kodi-headless
version: 4.0.1
appVersion: "190"
description: A headless install of kodi in a docker container.
type: application
deprecated: false
home: https://truecharts.org/docs/charts/stable/kodi-headless
icon: https://truecharts.org/img/hotlink-ok/chart-icons/kodi-headless.png
keywords:
- kodi-headless
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/kodi-headless
- https://hub.docker.com/r/linuxserver/kodi-headless
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 11.0.3
# condition:
deprecated: false
description: A headless install of kodi in a docker container.
home: https://truecharts.org/docs/charts/stable/kodi-headless
icon: https://truecharts.org/img/hotlink-ok/chart-icons/kodi-headless.png
keywords:
- kodi-headless
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: kodi-headless
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/kodi-headless
- https://hub.docker.com/r/linuxserver/kodi-headless
type: application
version: 4.0.2
annotations:
truecharts.org/catagories: |
- incubator
- media
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@ -0,0 +1,4 @@
# Default credentials
- Username: `kodi`
- Password: `kodi`

View File

@ -11,8 +11,8 @@ questions:
# Include{containerConfig}
# Include{serviceRoot}
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
label: Main Service
description: The Primary service on which the healthcheck runs, often the webUI
schema:
additional_attrs: true
type: dict
@ -20,21 +20,21 @@ questions:
# Include{serviceSelectorLoadBalancer}
# Include{serviceSelectorExtras}
- variable: main
label: "Main Service Port Configuration"
label: Main Service Port Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
label: Port
description: This port exposes the container port on the service
schema:
type: int
default: 10148
required: true
- variable: websocket
label: "websocket Service"
description: "The websocket service."
label: websocket Service
description: The websocket service.
schema:
additional_attrs: true
type: dict
@ -42,21 +42,21 @@ questions:
# Include{serviceSelectorLoadBalancer}
# Include{serviceSelectorExtras}
- variable: websocket
label: "websocket Service Port Configuration"
label: websocket Service Port Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
label: Port
description: This port exposes the container port on the service
schema:
type: int
default: 10152
required: true
- variable: esall
label: "esall Service"
description: "The esall service."
label: esall Service
description: The esall service.
schema:
additional_attrs: true
type: dict
@ -64,14 +64,14 @@ questions:
# Include{serviceSelectorLoadBalancer}
# Include{serviceSelectorExtras}
- variable: esall
label: "esall Service Port Configuration"
label: esall Service Port Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
label: Port
description: This port exposes the container port on the service
schema:
type: int
default: 9777
@ -82,8 +82,8 @@ questions:
# Include{serviceList}
# Include{persistenceRoot}
- variable: config
label: "App Config Storage"
description: "Stores the Application Configuration."
label: App Config Storage
description: Stores the Application Configuration.
schema:
additional_attrs: true
type: dict
@ -92,7 +92,7 @@ questions:
# Include{persistenceList}
# Include{ingressRoot}
- variable: main
label: "Main Ingress"
label: Main Ingress
schema:
additional_attrs: true
type: dict
@ -104,41 +104,41 @@ questions:
# Include{security}
# Include{securityContextAdvancedRoot}
- variable: privileged
label: "Privileged mode"
label: Privileged mode
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
label: ReadOnly Root Filesystem
schema:
type: boolean
default: true
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
label: Allow Privilege Escalation
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
label: runAsNonRoot
schema:
type: boolean
default: false
# Include{podSecurityContextRoot}
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
label: runAsUser
description: The UserID of the user running the application
schema:
type: int
default: 0
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
label: runAsGroup
description: The groupID this App of the user running the application
schema:
type: int
default: 0
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
label: fsGroup
description: The group that should own ALL storage.
schema:
type: int
default: 568

View File

@ -4,6 +4,7 @@ image:
tag: v190
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: false
podSecurityContext: