From b1559f76f7f53785136cdd71b7f03fc5787e76c9 Mon Sep 17 00:00:00 2001 From: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Date: Thu, 21 Apr 2022 13:09:07 +0300 Subject: [PATCH] fix(meshcentral): BREAKING CHANGE - rewrite config generation (#2526) * fix(meshcentral): fix * escape * escape more * more * fix * rename vars * update configmap and fix metadata * cleanup configmap from ingored values * add domain * change persistence name * change moutn * try basic config * close config file * syntax * whoops * spaces? * preview * test install * use a more "popular" image * change paths * squotes * preview * preview and run * add schema * expand var * actually expand variables... * cleanup * dont cat config file --- charts/incubator/meshcentral/Chart.yaml | 2 +- charts/incubator/meshcentral/questions.yaml | 70 ++----------------- .../meshcentral/templates/_configmap.tpl | 66 ----------------- .../meshcentral/templates/common.yaml | 11 +-- charts/incubator/meshcentral/values.yaml | 69 ++++++++---------- 5 files changed, 38 insertions(+), 180 deletions(-) delete mode 100644 charts/incubator/meshcentral/templates/_configmap.tpl diff --git a/charts/incubator/meshcentral/Chart.yaml b/charts/incubator/meshcentral/Chart.yaml index 3ed75524647..5a898c83c19 100644 --- a/charts/incubator/meshcentral/Chart.yaml +++ b/charts/incubator/meshcentral/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 kubeVersion: ">=1.16.0-0" name: meshcentral -version: 0.1.11 +version: 1.0.0 appVersion: "latest" description: MeshCentral is a full computer management web site type: application diff --git a/charts/incubator/meshcentral/questions.yaml b/charts/incubator/meshcentral/questions.yaml index 4e6af5fb24e..d463a43b11b 100644 --- a/charts/incubator/meshcentral/questions.yaml +++ b/charts/incubator/meshcentral/questions.yaml @@ -74,67 +74,7 @@ questions: - value: "OnDelete" description: "(Legacy) OnDelete: ignore .spec.template changes" # Include{controllerExpert} - - variable: env - group: "Container Configuration" - label: "Image Environment" - schema: - additional_attrs: true - type: dict - attrs: - - variable: HOSTNAME - label: "HOSTNAME" - description: "your hostname" - schema: - type: string - default: "my.domain.com" - - variable: REVERSE_PROXY - label: "REVERSE_PROXY" - description: "Set to your reverse proxy domain if you want to put meshcentral behind a reverse proxy" - schema: - type: string - default: "" - - variable: REVERSE_PROXY_TLS_PORT - label: "REVERSE_PROXY_TLS_PORT" - description: "Set to your reverse proxy port if you want to put meshcentral behind a reverse proxy" - schema: - type: string - default: "" - - variable: IFRAME - label: "IFRAME" - description: "Set to true if you wish to enable iframe support" - schema: - type: boolean - default: false - - variable: ALLOW_NEW_ACCOUNTS - label: "ALLOW_NEW_ACCOUNTS" - description: "Set to false if you want disable self-service creation of new accounts besides the first (admin)" - schema: - type: boolean - default: true - - variable: WEBRTC - label: "WEBRTC" - description: "Set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution" - schema: - type: boolean - default: false - - variable: ALLOWPLUGINS - label: "ALLOWPLUGINS" - description: "Set to true to allow plugins" - schema: - type: boolean - default: false - - variable: LOCALSESSIONRECORDING - label: "LOCALSESSIONRECORDING" - description: "Set to true to allow session recording" - schema: - type: boolean - default: false - - variable: MINIFY - label: "MINIFY" - description: "Set to enable or disable minification of json, reduces traffic" - schema: - type: boolean - default: true + # Include{containerConfig} - variable: service @@ -198,7 +138,7 @@ questions: description: "The internal(!) port on the container the Application runs on" schema: type: int - default: 443 + default: 10205 - variable: serviceexpert group: "Networking and Services" @@ -270,9 +210,9 @@ questions: - value: "Memory" description: "Memory" # Include{persistenceAdvanced} - - variable: user - label: "user Storage" - description: "Stores uploading for users live" + - variable: files + label: "Files Storage" + description: "Stores the Files" schema: additional_attrs: true type: dict diff --git a/charts/incubator/meshcentral/templates/_configmap.tpl b/charts/incubator/meshcentral/templates/_configmap.tpl deleted file mode 100644 index 553b99b1518..00000000000 --- a/charts/incubator/meshcentral/templates/_configmap.tpl +++ /dev/null @@ -1,66 +0,0 @@ -{{/* Define the configmap */}} -{{- define "meshcentral.configmap" -}} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: meshcentral-init -data: - init.sh: |- - #!/bin/sh - if test -f "/opt/meshcentral/meshcentral-data/config.json"; then - echo "config.json exists." - else - cp /init/meshcentral/config.json.template /opt/meshcentral/meshcentral-data/config.json - sed -i "s/\"cert\": \"myserver.mydomain.com\"/\"cert\": \"$HOSTNAME\"/" /opt/meshcentral/meshcentral-data/config.json - sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" /opt/meshcentral/meshcentral-data/config.json - sed -i "s/\"enabled\": false/\"enabled\": \"$ALLOWPLUGINS\"/" /opt/meshcentral/meshcentral-data/config.json - sed -i "s/\"localSessionRecording\": false/\"localSessionRecording\": \"$LOCALSESSIONRECORDING\"/" /opt/meshcentral/meshcentral-data/config.json - sed -i "s/\"minify\": true/\"minify\": \"$MINIFY\"/" /opt/meshcentral/meshcentral-data/config.json - sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" /opt/meshcentral/meshcentral-data/config.json - sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" /opt/meshcentral/meshcentral-data/config.json - if [ "$REVERSE_PROXY" != "false" ]; then - sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" /opt/meshcentral/meshcentral-data/config.json - fi - fi - config.json.template: |- - { - "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json", - "settings": { - "plugins":{"enabled": false}, - "cert": "myserver.mydomain.com", - "_WANonly": true, - "_LANonly": true, - "_sessionKey": "MyReallySecretPassword1", - "port": 443, - "_aliasPort": 443, - "redirPort": 80, - "_redirAliasPort": 80, - "AgentPong": 300, - "TLSOffload": false, - "SelfUpdate": false, - "AllowFraming": false, - "WebRTC": false, - "mongodb": {{ ( printf "%s?client_encoding=utf8" ( .Values.mongodb.url.complete | trimAll "\"" ) ) | quote }}, - "mongodbcol": "meshcentral" - }, - "domains": { - "": { - "_title": "MyServer", - "_title2": "Servername", - "minify": true, - "NewAccounts": true, - "localSessionRecording": false, - "_userNameIsEmail": true, - "_certUrl": "my.reverse.proxy" - } - }, - "_letsencrypt": { - "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>", - "_email": "myemail@mydomain.com", - "_names": "myserver.mydomain.com", - "production": false - } - } - -{{- end -}} diff --git a/charts/incubator/meshcentral/templates/common.yaml b/charts/incubator/meshcentral/templates/common.yaml index 284f6ce7e1c..a17e923ef88 100644 --- a/charts/incubator/meshcentral/templates/common.yaml +++ b/charts/incubator/meshcentral/templates/common.yaml @@ -1,10 +1 @@ -{{/* Make sure all variables are set properly */}} -{{- include "common.setup" . }} - -{{/* Render configmap for meshcentral */}} -{{- include "meshcentral.configmap" . }} - - - -{{/* Render the templates */}} -{{ include "common.postSetup" . }} +{{- include "common.all" . }} diff --git a/charts/incubator/meshcentral/values.yaml b/charts/incubator/meshcentral/values.yaml index d1c3d8bc0d0..5f16534f7cf 100644 --- a/charts/incubator/meshcentral/values.yaml +++ b/charts/incubator/meshcentral/values.yaml @@ -1,7 +1,7 @@ image: - repository: tccr.io/truecharts/meshcentral + repository: uldiseihenbergs/meshcentral pullPolicy: IfNotPresent - tag: latest@sha256:1c28727b9d2e1d4288c05bfc50a3b789dd293e2b83f44068a504b36e3b0de558 + tag: 1.0.1@sha256:c630bace032988cdab8b660ed120be7a32539afcab2045f9b0d384cf094a692f securityContext: readOnlyRootFilesystem: false @@ -11,40 +11,43 @@ podSecurityContext: runAsUser: 0 runAsGroup: 0 -env: - # your hostname - HOSTNAME: "my.domain.com" - # set to your reverse proxy IP if you want to put meshcentral behind a reverse proxy - REVERSE_PROXY: false - REVERSE_PROXY_TLS_PORT: "" - # set to true if you wish to enable iframe support - IFRAME: false - # set to false if you want disable self-service creation of new accounts besides the first (admin) - ALLOW_NEW_ACCOUNTS: true - # set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution - WEBRTC: false - # set to true to allow plugins - ALLOWPLUGINS: false - # set to true to allow session recording - LOCALSESSIONRECORDING: false - # set to enable or disable minification of json, reduces traffic - MINIFY: true - service: main: ports: main: protocol: "HTTPS" - targetPort: 443 port: 10205 initContainers: init: image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - command: ["/init/meshcentral/init.sh"] volumeMounts: - - name: init - mountPath: "/init/meshcentral" + - name: data + mountPath: "/home/node/meshcentral/meshcentral-data" + env: + - name: svcPort + value: "{{ .Values.service.main.ports.main.port }}" + - name: "mongodbURL" + valueFrom: + secretKeyRef: + name: mongodbcreds + key: url + command: ["/bin/sh", "-c"] + args: + - > + export configfile='/home/node/meshcentral/meshcentral-data/config.json'; + if [ -f $configfile ]; then + echo 'Config File exists, skipping...'; + else + echo 'Creating basic config to $configfile...'; + echo '{' >> $configfile; + echo ' "$schema": "http://info.meshcentral.com/downloads/meshcentral-config-schema.json",' >> $configfile + echo ' "settings": {' >> $configfile; + echo ' "port": '$svcPort',' >> $configfile; + echo ' "mongoDb": "'$mongodbURL'"' >> $configfile; + echo ' }' >> $configfile; + echo '}' >> $configfile; + fi; mongodb: enabled: true @@ -55,17 +58,7 @@ mongodb: persistence: data: enabled: true - mountPath: "/opt/meshcentral/meshcentral-data" - user: + mountPath: "/home/node/meshcentral/meshcentral-data" + files: enabled: true - mountPath: "/opt/meshcentral/meshcentral-files" - init: - enabled: "true" - mountPath: "/init/meshcentral" - noMount: true - readOnly: true - type: "custom" - volumeSpec: - configMap: - name: meshcentral-init - defaultMode: 0777 + mountPath: "/home/node/meshcentral/meshcentral-files"