feat(plausible): Add Plausible Analytics (#3055)

* Add Chart.yaml

* Add Plausible secret

* Add initial {questions,values}.yaml

* Insert final newline in common.yaml

* Add SECRET_KEY_BASE to env vars

* Add database env vars

* Move DB secrets to secretEnv

* Add Google Search Integration vars

* Add Mailer/SMTP Setup settings

* Add Postmark mailer options

* Fix tpl error

* Fix secret syntax error

* Fix default values

* Move env/secretEnv to ConfigMap/Secret templates

* Fix variable refs in env tpl

* Fix DATABASE_URL value

* Quote all env var values

* Add init container

* Split initContainer into installContainer/UpgradeContainer

* Add ClickHouse dependency [no ci]

* Set CLICKHOUSE_DATABASE_URL env var [no ci]

* Upgrade chart dependencies

* Change service port

* Upgrade common chart dependency

* Set required value ADMIN_USER_EMAIL

* Set readOnlyRootFilesystem: false

* Set runAsUser/runAsGroup: 1000

* Add probes

* Override container command

* Add LOG_LEVEL env var

* Use common lib 10.3.1

* Upgrade Chart.yaml dependencies

* Upgrade clickhouse dependency

* add icon

* Upgrade chart dependencies

* Upgrade postgres chart dependency

* Read .data instead of .stringData

* Reset log level to warn

* Update charts/incubator/plausible/questions.yaml

* Update charts/incubator/plausible/Chart.yaml

Co-authored-by: Kjeld Schouten-Lebbing <kjeld@schouten-lebbing.nl>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
This commit is contained in:
Michael Schnerring 2022-07-12 17:17:35 +00:00 committed by GitHub
parent 820937fee2
commit b5d381d276
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 634 additions and 0 deletions

View File

@ -0,0 +1,41 @@
apiVersion: v2
appVersion: "1.4.4"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.4.4
- condition: postgresql.enabled
name: postgresql
repository: https://charts.truecharts.org/
version: 8.0.29
- condition: clickhouse.enabled
name: clickhouse
repository: https://charts.truecharts.org/
version: 0.0.4
deprecated: false
description: Plausible is lightweight and open source web analytics. No cookies and fully compliant with GDPR, CCPA and PECR.
home: https://github.com/truecharts/apps/tree/master/charts/incubator/plausible
icon: https://truecharts.org/img/appicons/plausible.png
keywords:
- analytics
- plausible
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: plausible
sources:
- https://plausible.io/
- https://plausible.io/docs/self-hosting
- https://github.com/plausible/analytics
- https://github.com/plausible/hosting
- https://hub.docker.com/r/plausible/analytics
type: application
version: 0.0.1
annotations:
truecharts.org/catagories: |
- analytics
- plausible
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

Binary file not shown.

After

Width:  |  Height:  |  Size: 52 KiB

View File

@ -0,0 +1,416 @@
# Include{groups}
portals:
open:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
questions:
- variable: portal
group: "Container Image"
label: "Configure Portal Button"
schema:
type: dict
hidden: true
attrs:
- variable: enabled
label: "Enable"
description: "enable the portal button"
schema:
hidden: true
editable: false
type: boolean
default: true
# Include{global}
- variable: controller
group: "Controller"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: advanced
label: "Show Advanced Controller Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
description: "Please specify type of workload to deploy"
label: "(Advanced) Controller Type"
schema:
type: string
default: "deployment"
required: true
enum:
- value: "deployment"
description: "Deployment"
- value: "statefulset"
description: "Statefulset"
- value: "daemonset"
description: "Daemonset"
- variable: replicas
description: "Number of desired pod replicas"
label: "Desired Replicas"
schema:
type: int
default: 1
required: true
- variable: strategy
description: "Please specify type of workload to deploy"
label: "(Advanced) Update Strategy"
schema:
type: string
default: "Recreate"
required: true
enum:
- value: "Recreate"
description: "Recreate: Kill existing pods before creating new ones"
- value: "RollingUpdate"
description: "RollingUpdate: Create new pods and then kill old ones"
- value: "OnDelete"
description: "(Legacy) OnDelete: ignore .spec.template changes"
# Include{controllerExpert}
- variable: plausible
group: "Container Configuration"
label: "Plausible Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: BASE_URL
label: BASE_URL
description: The hosting URL of the server, used for URL generation. In production systems, this should be your ingress host.
schema:
type: string
default: http://localhost
required: true
- variable: DISABLE_AUTH
label: DISABLE_AUTH
description: Disables authentication completely, no registration, login will be shown.
schema:
type: boolean
default: false
- variable: DISABLE_REGISTRATION
label: DISABLE_REGISTRATION
description: Disables registration of new users, keep your admin credentials handy ;)
schema:
type: boolean
default: false
- variable: ADMIN_USER_NAME
label: ADMIN_USER_NAME
description: Admin user's name (First Install Only)
schema:
type: string
default: admin
required: true
- variable: ADMIN_USER_EMAIL
label: ADMIN_USER_EMAIL
description: The default ("admin") user email (First Install Only)
schema:
type: string
default: admin@example.com
required: true
- variable: ADMIN_USER_PWD
label: ADMIN_USER_PWD
description: The default ("admin") user password (First Install Only)
schema:
type: string
default: ""
required: true
private: true
- variable: CLICKHOUSE_FLUSH_INTERVAL_MS
label: CLICKHOUSE_FLUSH_INTERVAL_MS
description: nterval (in milliseconds) between flushing events and sessions data to Clickhouse. Consult Clickhouse docs before changing it.
schema:
type: int
default: 5000
required: true
- variable: CLICKHOUSE_MAX_BUFFER_SIZE
label: CLICKHOUSE_MAX_BUFFER_SIZE
description: Maximum size of the buffer of events or sessions. Consult Clickhouse docs before changing it.
schema:
type: int
default: 10000
required: true
- variable: MAILER_EMAIL
label: MAILER_EMAIL
description: The email id to use for as from address of all communications from Plausible.
schema:
type: string
default: hello@plausible.local
required: true
- variable: SMTP_HOST_ADDR
label: SMTP_HOST_ADDR
description: The host address of your smtp server.
schema:
type: string
default: localhost
required: true
- variable: SMTP_HOST_PORT
label: SMTP_HOST_PORT
description: The port of your smtp server.
schema:
type: int
default: 25
required: true
- variable: SMTP_USER_NAME
label: SMTP_USER_NAME
description: The username/email in case SMTP auth is enabled.
schema:
type: string
default: ""
- variable: SMTP_USER_PWD
label: SMTP_USER_PWD
description: The password in case SMTP auth is enabled.
schema:
type: string
default: ""
private: true
- variable: SMTP_HOST_SSL_ENABLED
label: SMTP_HOST_SSL_ENABLED
description: If SSL is enabled for SMTP connection
schema:
type: boolean
default: false
- variable: SMTP_RETRIES
label: SMTP_RETRIES
description: Number of retries to make until mailer gives up.
schema:
type: int
default: 2
required: true
- variable: MAILER_ADAPTER
label: MAILER_ADAPTER
description: Mailer Adapter
schema:
type: string
required: true
default: Bamboo.SMTPAdapter
enum:
- value: Bamboo.SMTPAdapter
description: Bamboo.SMTPAdapter
- value: Bamboo.PostmarkAdapter
description: Bamboo.PostmarkAdapter
- variable: POSTMARK_API_KEY
label: POSTMARK_API_KEY
description: Enter your API key.
schema:
type: string
default: ""
private: true
- variable: GOOGLE_CLIENT_ID
label: GOOGLE_CLIENT_ID
description: The Client ID from the Google API Console for your Plausible Analytics project
schema:
type: string
default: ""
- variable: GOOGLE_CLIENT_SECRET
label: GOOGLE_CLIENT_SECRET
description: The Client Secret from the Google API Console for your Plausible Analytics project
schema:
type: string
default: ""
private: true
- variable: LOG_LEVEL
label: LOG_LEVEL
description: Logging Level
schema:
type: string
required: true
default: warn
enum:
- value: debug
description: debug
- value: info
description: info
- value: warn
description: warn
- value: error
description: error
# Include{containerConfig}
- variable: service
group: "Networking and Services"
label: "Configure Service(s)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelector}
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 10277
required: true
- variable: advanced
label: "Show Advanced settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: protocol
label: "Port Type"
schema:
type: string
default: "HTTP"
enum:
- value: HTTP
description: "HTTP"
- value: "HTTPS"
description: "HTTPS"
- value: TCP
description: "TCP"
- value: "UDP"
description: "UDP"
- variable: nodePort
label: "Node Port (Optional)"
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
schema:
type: int
min: 9000
max: 65535
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 8000
- variable: serviceexpert
group: "Networking and Services"
label: "Show Expert Config"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
group: "Networking and Services"
label: "Host-Networking (Complicated)"
schema:
type: boolean
default: false
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceList}
- variable: ingress
label: ""
group: "Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressExpert}
# Include{ingressList}
# Include{security}
- variable: advancedSecurity
label: "Show Advanced Security Settings"
group: "Security and Permissions"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: securityContext
label: "Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
schema:
type: boolean
default: true
# Include{securityContextAdvanced}
- variable: podSecurityContext
group: "Security and Permissions"
label: "Pod Security Context"
schema:
additional_attrs: true
type: dict
attrs:
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 1000
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
schema:
type: int
default: 1000
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}

View File

@ -0,0 +1,56 @@
{{/* Plausible environment variables */}}
{{- define "plausible.env" -}}
{{- $configName := printf "%s-env-config" (include "tc.common.names.fullname" .) }}
{{- $secretName := printf "%s-env-secret" (include "tc.common.names.fullname" .) }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $configName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
data:
BASE_URL: {{ .Values.plausible.BASE_URL | quote }}
DISABLE_AUTH: {{ .Values.plausible.DISABLE_AUTH | quote }}
DISABLE_REGISTRATION: {{ .Values.plausible.DISABLE_REGISTRATION | quote }}
CLICKHOUSE_FLUSH_INTERVAL_MS: {{ .Values.plausible.CLICKHOUSE_FLUSH_INTERVAL_MS | quote }}
CLICKHOUSE_MAX_BUFFER_SIZE: {{ .Values.plausible.CLICKHOUSE_MAX_BUFFER_SIZE | quote }}
SMTP_HOST_ADDR: {{ .Values.plausible.SMTP_HOST_ADDR | quote }}
SMTP_HOST_PORT: {{ .Values.plausible.SMTP_HOST_PORT | quote }}
SMTP_HOST_SSL_ENABLED: {{ .Values.plausible.SMTP_HOST_SSL_ENABLED | quote }}
SMTP_RETRIES: {{ .Values.plausible.SMTP_RETRIES | quote }}
MAILER_ADAPTER: {{ .Values.plausible.MAILER_ADAPTER | quote }}
LOG_LEVEL: {{ .Values.plausible.LOG_LEVEL | quote }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
stringData:
{{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }}
SECRET_KEY_BASE: {{ index .data "SECRET_KEY_BASE" | b64dec }}
{{- else }}
{{- /* The plain value of SECRET_KEY_BASE is also base64 encoded */}}
SECRET_KEY_BASE: {{ randAlphaNum 65 | b64enc }}
{{- end }}
ADMIN_USER_NAME: {{ .Values.plausible.ADMIN_USER_NAME | quote }}
ADMIN_USER_EMAIL: {{ .Values.plausible.ADMIN_USER_EMAIL | quote }}
ADMIN_USER_PWD: {{ .Values.plausible.ADMIN_USER_PWD | quote }}
DATABASE_URL: {{ get .Values.postgresql.url "complete-noql" }}
CLICKHOUSE_DATABASE_URL: {{ .Values.clickhouse.url.complete }}
MAILER_EMAIL: {{ .Values.plausible.MAILER_EMAIL | quote }}
SMTP_USER_NAME: {{ .Values.plausible.SMTP_USER_NAME | quote }}
SMTP_USER_PWD: {{ .Values.plausible.SMTP_USER_PWD | quote }}
POSTMARK_API_KEY: {{ .Values.plausible.POSTMARK_API_KEY | quote }}
GOOGLE_CLIENT_ID: {{ .Values.plausible.GOOGLE_CLIENT_ID | quote }}
GOOGLE_CLIENT_SECRET: {{ .Values.plausible.GOOGLE_CLIENT_SECRET | quote }}
{{- end }}

View File

@ -0,0 +1,8 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{/* Plausible environment variables */}}
{{- include "plausible.env" . }}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}

View File

@ -0,0 +1,113 @@
image:
repository: plausible/analytics
pullPolicy: IfNotPresent
tag: v1.4.4@sha256:20204bfc253cfab31e1f6c41c321c8a1437bd4a585a3f13393b5e0449b6d8698
# Plausible self-hosting documentation
# https://plausible.io/docs/self-hosting
plausible:
# Server
BASE_URL: http://localhost
DISABLE_AUTH: false
DISABLE_REGISTRATION: false
# Default User
ADMIN_USER_NAME: admin
ADMIN_USER_EMAIL: admin@example.com
ADMIN_USER_PWD: P@ssw0rd
# Database
CLICKHOUSE_FLUSH_INTERVAL_MS: 5000
CLICKHOUSE_MAX_BUFFER_SIZE: 10000
# Mailer/SMTP Setup
MAILER_EMAIL: hello@plausible.local
SMTP_HOST_ADDR: localhost
SMTP_HOST_PORT: 25
SMTP_USER_NAME: ""
SMTP_USER_PWD: ""
SMTP_HOST_SSL_ENABLED: false
SMTP_RETRIES: 2
MAILER_ADAPTER: Bamboo.SMTPAdapter
POSTMARK_API_KEY: ""
# Google Search Integration
GOOGLE_CLIENT_ID: ""
GOOGLE_CLIENT_SECRET: ""
# Logging
LOG_LEVEL: warn
securityContext:
readOnlyRootFilesystem: false
podSecurityContext:
runAsUser: 1000
runAsGroup: 1000
envFrom:
- configMapRef:
name: '{{ include "tc.common.names.fullname" . }}-env-config'
- secretRef:
name: '{{ include "tc.common.names.fullname" . }}-env-secret'
installContainers:
plausible-install:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
envFrom:
- configMapRef:
name: '{{ include "tc.common.names.fullname" . }}-env-config'
- secretRef:
name: '{{ include "tc.common.names.fullname" . }}-env-secret'
command: [sh]
args:
- -c
- >-
/entrypoint.sh db createdb &&
/entrypoint.sh db migrate &&
/entrypoint.sh db init-admin
upgradeContainers:
plausible-upgrade:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
envFrom:
- configMapRef:
name: '{{ include "tc.common.names.fullname" . }}-env-config'
- secretRef:
name: '{{ include "tc.common.names.fullname" . }}-env-secret'
command: [sh]
args:
- -c
- /entrypoint.sh db migrate
service:
main:
ports:
main:
targetPort: 8000
protocol: HTTP
port: 10277
probes:
liveness:
type: HTTP
path: /api/health
readiness:
type: HTTP
path: /api/health
startup:
type: HTTP
path: /api/health
postgresql:
enabled: true
existingSecret: dbcreds
postgresqlUsername: plausible
postgresqlDatabase: plausible
clickhouse:
enabled: true
existingSecret: clickhousecreds
clickhouseUsername: plausible
clickhouseDatabase: plausible