fix(meshcentral): BREAKING CHANGE - rewrite config generation (#2526)
* fix(meshcentral): fix * escape * escape more * more * fix * rename vars * update configmap and fix metadata * cleanup configmap from ingored values * add domain * change persistence name * change moutn * try basic config * close config file * syntax * whoops * spaces? * preview * test install * use a more "popular" image * change paths * squotes * preview * preview and run * add schema * expand var * actually expand variables... * cleanup * dont cat config file
This commit is contained in:
parent
f16ed218c7
commit
b1559f76f7
|
@ -1,7 +1,7 @@
|
|||
apiVersion: v2
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
name: meshcentral
|
||||
version: 0.1.11
|
||||
version: 1.0.0
|
||||
appVersion: "latest"
|
||||
description: MeshCentral is a full computer management web site
|
||||
type: application
|
||||
|
|
|
@ -74,67 +74,7 @@ questions:
|
|||
- value: "OnDelete"
|
||||
description: "(Legacy) OnDelete: ignore .spec.template changes"
|
||||
# Include{controllerExpert}
|
||||
- variable: env
|
||||
group: "Container Configuration"
|
||||
label: "Image Environment"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: HOSTNAME
|
||||
label: "HOSTNAME"
|
||||
description: "your hostname"
|
||||
schema:
|
||||
type: string
|
||||
default: "my.domain.com"
|
||||
- variable: REVERSE_PROXY
|
||||
label: "REVERSE_PROXY"
|
||||
description: "Set to your reverse proxy domain if you want to put meshcentral behind a reverse proxy"
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: REVERSE_PROXY_TLS_PORT
|
||||
label: "REVERSE_PROXY_TLS_PORT"
|
||||
description: "Set to your reverse proxy port if you want to put meshcentral behind a reverse proxy"
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: IFRAME
|
||||
label: "IFRAME"
|
||||
description: "Set to true if you wish to enable iframe support"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: ALLOW_NEW_ACCOUNTS
|
||||
label: "ALLOW_NEW_ACCOUNTS"
|
||||
description: "Set to false if you want disable self-service creation of new accounts besides the first (admin)"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: WEBRTC
|
||||
label: "WEBRTC"
|
||||
description: "Set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: ALLOWPLUGINS
|
||||
label: "ALLOWPLUGINS"
|
||||
description: "Set to true to allow plugins"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: LOCALSESSIONRECORDING
|
||||
label: "LOCALSESSIONRECORDING"
|
||||
description: "Set to true to allow session recording"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: MINIFY
|
||||
label: "MINIFY"
|
||||
description: "Set to enable or disable minification of json, reduces traffic"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
|
||||
# Include{containerConfig}
|
||||
|
||||
- variable: service
|
||||
|
@ -198,7 +138,7 @@ questions:
|
|||
description: "The internal(!) port on the container the Application runs on"
|
||||
schema:
|
||||
type: int
|
||||
default: 443
|
||||
default: 10205
|
||||
|
||||
- variable: serviceexpert
|
||||
group: "Networking and Services"
|
||||
|
@ -270,9 +210,9 @@ questions:
|
|||
- value: "Memory"
|
||||
description: "Memory"
|
||||
# Include{persistenceAdvanced}
|
||||
- variable: user
|
||||
label: "user Storage"
|
||||
description: "Stores uploading for users live"
|
||||
- variable: files
|
||||
label: "Files Storage"
|
||||
description: "Stores the Files"
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
|
|
|
@ -1,66 +0,0 @@
|
|||
{{/* Define the configmap */}}
|
||||
{{- define "meshcentral.configmap" -}}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: meshcentral-init
|
||||
data:
|
||||
init.sh: |-
|
||||
#!/bin/sh
|
||||
if test -f "/opt/meshcentral/meshcentral-data/config.json"; then
|
||||
echo "config.json exists."
|
||||
else
|
||||
cp /init/meshcentral/config.json.template /opt/meshcentral/meshcentral-data/config.json
|
||||
sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
sed -i "s/\"enabled\": false/\"enabled\": \"$ALLOWPLUGINS\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": \"$LOCALSESSIONRECORDING\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
sed -i "s/\"minify\": true/\"minify\": \"$MINIFY\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
if [ "$REVERSE_PROXY" != "false" ]; then
|
||||
sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" /opt/meshcentral/meshcentral-data/config.json
|
||||
fi
|
||||
fi
|
||||
config.json.template: |-
|
||||
{
|
||||
"$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",
|
||||
"settings": {
|
||||
"plugins":{"enabled": false},
|
||||
"cert": "myserver.mydomain.com",
|
||||
"_WANonly": true,
|
||||
"_LANonly": true,
|
||||
"_sessionKey": "MyReallySecretPassword1",
|
||||
"port": 443,
|
||||
"_aliasPort": 443,
|
||||
"redirPort": 80,
|
||||
"_redirAliasPort": 80,
|
||||
"AgentPong": 300,
|
||||
"TLSOffload": false,
|
||||
"SelfUpdate": false,
|
||||
"AllowFraming": false,
|
||||
"WebRTC": false,
|
||||
"mongodb": {{ ( printf "%s?client_encoding=utf8" ( .Values.mongodb.url.complete | trimAll "\"" ) ) | quote }},
|
||||
"mongodbcol": "meshcentral"
|
||||
},
|
||||
"domains": {
|
||||
"": {
|
||||
"_title": "MyServer",
|
||||
"_title2": "Servername",
|
||||
"minify": true,
|
||||
"NewAccounts": true,
|
||||
"localSessionRecording": false,
|
||||
"_userNameIsEmail": true,
|
||||
"_certUrl": "my.reverse.proxy"
|
||||
}
|
||||
},
|
||||
"_letsencrypt": {
|
||||
"__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
|
||||
"_email": "myemail@mydomain.com",
|
||||
"_names": "myserver.mydomain.com",
|
||||
"production": false
|
||||
}
|
||||
}
|
||||
|
||||
{{- end -}}
|
|
@ -1,10 +1 @@
|
|||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "common.setup" . }}
|
||||
|
||||
{{/* Render configmap for meshcentral */}}
|
||||
{{- include "meshcentral.configmap" . }}
|
||||
|
||||
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "common.postSetup" . }}
|
||||
{{- include "common.all" . }}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
image:
|
||||
repository: tccr.io/truecharts/meshcentral
|
||||
repository: uldiseihenbergs/meshcentral
|
||||
pullPolicy: IfNotPresent
|
||||
tag: latest@sha256:1c28727b9d2e1d4288c05bfc50a3b789dd293e2b83f44068a504b36e3b0de558
|
||||
tag: 1.0.1@sha256:c630bace032988cdab8b660ed120be7a32539afcab2045f9b0d384cf094a692f
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: false
|
||||
|
@ -11,40 +11,43 @@ podSecurityContext:
|
|||
runAsUser: 0
|
||||
runAsGroup: 0
|
||||
|
||||
env:
|
||||
# your hostname
|
||||
HOSTNAME: "my.domain.com"
|
||||
# set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy
|
||||
REVERSE_PROXY: false
|
||||
REVERSE_PROXY_TLS_PORT: ""
|
||||
# set to true if you wish to enable iframe support
|
||||
IFRAME: false
|
||||
# set to false if you want disable self-service creation of new accounts besides the first (admin)
|
||||
ALLOW_NEW_ACCOUNTS: true
|
||||
# set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
|
||||
WEBRTC: false
|
||||
# set to true to allow plugins
|
||||
ALLOWPLUGINS: false
|
||||
# set to true to allow session recording
|
||||
LOCALSESSIONRECORDING: false
|
||||
# set to enable or disable minification of json, reduces traffic
|
||||
MINIFY: true
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
protocol: "HTTPS"
|
||||
targetPort: 443
|
||||
port: 10205
|
||||
|
||||
initContainers:
|
||||
init:
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
command: ["/init/meshcentral/init.sh"]
|
||||
volumeMounts:
|
||||
- name: init
|
||||
mountPath: "/init/meshcentral"
|
||||
- name: data
|
||||
mountPath: "/home/node/meshcentral/meshcentral-data"
|
||||
env:
|
||||
- name: svcPort
|
||||
value: "{{ .Values.service.main.ports.main.port }}"
|
||||
- name: "mongodbURL"
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: mongodbcreds
|
||||
key: url
|
||||
command: ["/bin/sh", "-c"]
|
||||
args:
|
||||
- >
|
||||
export configfile='/home/node/meshcentral/meshcentral-data/config.json';
|
||||
if [ -f $configfile ]; then
|
||||
echo 'Config File exists, skipping...';
|
||||
else
|
||||
echo 'Creating basic config to $configfile...';
|
||||
echo '{' >> $configfile;
|
||||
echo ' "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",' >> $configfile
|
||||
echo ' "settings": {' >> $configfile;
|
||||
echo ' "port": '$svcPort',' >> $configfile;
|
||||
echo ' "mongoDb": "'$mongodbURL'"' >> $configfile;
|
||||
echo ' }' >> $configfile;
|
||||
echo '}' >> $configfile;
|
||||
fi;
|
||||
|
||||
mongodb:
|
||||
enabled: true
|
||||
|
@ -55,17 +58,7 @@ mongodb:
|
|||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
mountPath: "/opt/meshcentral/meshcentral-data"
|
||||
user:
|
||||
mountPath: "/home/node/meshcentral/meshcentral-data"
|
||||
files:
|
||||
enabled: true
|
||||
mountPath: "/opt/meshcentral/meshcentral-files"
|
||||
init:
|
||||
enabled: "true"
|
||||
mountPath: "/init/meshcentral"
|
||||
noMount: true
|
||||
readOnly: true
|
||||
type: "custom"
|
||||
volumeSpec:
|
||||
configMap:
|
||||
name: meshcentral-init
|
||||
defaultMode: 0777
|
||||
mountPath: "/home/node/meshcentral/meshcentral-files"
|
||||
|
|
Loading…
Reference in New Issue