fix(kodi-headless) set rofs to false + default credentials (#4902)
* fix(kodi-headless) set perms rootless * rofs false | docs * rar
This commit is contained in:
parent
d086f90ce5
commit
b0c13f2ee7
|
@ -1,29 +1,28 @@
|
|||
apiVersion: v2
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
name: kodi-headless
|
||||
version: 4.0.1
|
||||
appVersion: "190"
|
||||
description: A headless install of kodi in a docker container.
|
||||
type: application
|
||||
deprecated: false
|
||||
home: https://truecharts.org/docs/charts/stable/kodi-headless
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/kodi-headless.png
|
||||
keywords:
|
||||
- kodi-headless
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/stable/kodi-headless
|
||||
- https://hub.docker.com/r/linuxserver/kodi-headless
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 11.0.3
|
||||
# condition:
|
||||
deprecated: false
|
||||
description: A headless install of kodi in a docker container.
|
||||
home: https://truecharts.org/docs/charts/stable/kodi-headless
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/kodi-headless.png
|
||||
keywords:
|
||||
- kodi-headless
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: kodi-headless
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/stable/kodi-headless
|
||||
- https://hub.docker.com/r/linuxserver/kodi-headless
|
||||
type: application
|
||||
version: 4.0.2
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- incubator
|
||||
- media
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
# Default credentials
|
||||
|
||||
- Username: `kodi`
|
||||
- Password: `kodi`
|
|
@ -11,8 +11,8 @@ questions:
|
|||
# Include{containerConfig}
|
||||
# Include{serviceRoot}
|
||||
- variable: main
|
||||
label: "Main Service"
|
||||
description: "The Primary service on which the healthcheck runs, often the webUI"
|
||||
label: Main Service
|
||||
description: The Primary service on which the healthcheck runs, often the webUI
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
|
@ -20,21 +20,21 @@ questions:
|
|||
# Include{serviceSelectorLoadBalancer}
|
||||
# Include{serviceSelectorExtras}
|
||||
- variable: main
|
||||
label: "Main Service Port Configuration"
|
||||
label: Main Service Port Configuration
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: port
|
||||
label: "Port"
|
||||
description: "This port exposes the container port on the service"
|
||||
label: Port
|
||||
description: This port exposes the container port on the service
|
||||
schema:
|
||||
type: int
|
||||
default: 10148
|
||||
required: true
|
||||
- variable: websocket
|
||||
label: "websocket Service"
|
||||
description: "The websocket service."
|
||||
label: websocket Service
|
||||
description: The websocket service.
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
|
@ -42,21 +42,21 @@ questions:
|
|||
# Include{serviceSelectorLoadBalancer}
|
||||
# Include{serviceSelectorExtras}
|
||||
- variable: websocket
|
||||
label: "websocket Service Port Configuration"
|
||||
label: websocket Service Port Configuration
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: port
|
||||
label: "Port"
|
||||
description: "This port exposes the container port on the service"
|
||||
label: Port
|
||||
description: This port exposes the container port on the service
|
||||
schema:
|
||||
type: int
|
||||
default: 10152
|
||||
required: true
|
||||
- variable: esall
|
||||
label: "esall Service"
|
||||
description: "The esall service."
|
||||
label: esall Service
|
||||
description: The esall service.
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
|
@ -64,14 +64,14 @@ questions:
|
|||
# Include{serviceSelectorLoadBalancer}
|
||||
# Include{serviceSelectorExtras}
|
||||
- variable: esall
|
||||
label: "esall Service Port Configuration"
|
||||
label: esall Service Port Configuration
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: port
|
||||
label: "Port"
|
||||
description: "This port exposes the container port on the service"
|
||||
label: Port
|
||||
description: This port exposes the container port on the service
|
||||
schema:
|
||||
type: int
|
||||
default: 9777
|
||||
|
@ -82,8 +82,8 @@ questions:
|
|||
# Include{serviceList}
|
||||
# Include{persistenceRoot}
|
||||
- variable: config
|
||||
label: "App Config Storage"
|
||||
description: "Stores the Application Configuration."
|
||||
label: App Config Storage
|
||||
description: Stores the Application Configuration.
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
|
@ -92,7 +92,7 @@ questions:
|
|||
# Include{persistenceList}
|
||||
# Include{ingressRoot}
|
||||
- variable: main
|
||||
label: "Main Ingress"
|
||||
label: Main Ingress
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
|
@ -104,41 +104,41 @@ questions:
|
|||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
label: runAsUser
|
||||
description: The UserID of the user running the application
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
label: runAsGroup
|
||||
description: The groupID this App of the user running the application
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
|
|
@ -4,6 +4,7 @@ image:
|
|||
tag: v190
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: false
|
||||
|
||||
podSecurityContext:
|
||||
|
|
Loading…
Reference in New Issue