feat(paperless-ng): move to official image (#1552)

* feat(paperless-ng): move to official image * bump major * hmm * aha * lint * fix tpl and add redis dep * address feedback * enable varrun * test root * use tccr and re-enable varrun * new image + test redis * ... * ofc... * run as root * enable varrun * rofs false * more perms?! * not relevant * disable varrun * remove comments * identation * puid * remove redisDatabase key
2021-12-18 00:05:07 +02:00 · 2021-12-18 00:05:07 +02:00 · d21615d259
parent 43171d2bb3
commit d21615d259
5 changed files with 238 additions and 13 deletions
--- a/charts/stable/paperless-ng/Chart.yaml
+++ b/charts/stable/paperless-ng/Chart.yaml
@ -1,7 +1,7 @@
 apiVersion: v2
 kubeVersion: ">=1.16.0-0"
 name: paperless-ng
-version: 0.0.4
+version: 1.0.0
 appVersion: "1.5.0"
 description: Paperless-ng is an application by Daniel Quinn and contributors that indexes your scanned documents.
 type: application
@ -16,7 +16,14 @@ dependencies:
 - name: common
  repository: https://truecharts.org
  version: 8.9.21
-  # condition:
+- condition: postgresql.enabled
+  name: postgresql
+  repository: https://truecharts.org/
+  version: 6.0.31
+- condition: redis.enabled
+  name: redis
+  repository: https://truecharts.org
+  version: 1.0.36
 maintainers:
 - email: info@truecharts.org
  name: TrueCharts
--- a/charts/stable/paperless-ng/questions.yaml
+++ b/charts/stable/paperless-ng/questions.yaml
@ -74,7 +74,30 @@ questions:
                    - value: "OnDelete"
                      description: "(Legacy) OnDelete: ignore .spec.template changes"
 # Include{controllerExpert}
-
+  - variable: secret
+    group: "Container Configuration"
+    label: "Image Secrets"
+    schema:
+      type: dict
+      attrs:
+        - variable: PAPERLESS_ADMIN_USER
+          label: "PAPERLESS_ADMIN_USER (First Install Only)"
+          schema:
+            type: string
+            required: true
+            default: ""
+        - variable: PAPERLESS_ADMIN_PASSWORD
+          label: "PAPERLESS_ADMIN_PASSWORD (First Install Only)"
+          schema:
+            type: string
+            required: true
+            private: true
+            default: ""
+        - variable: PAPERLESS_ADMIN_MAIL
+          label: "PAPERLESS_ADMIN_MAIL (First Install Only)"
+          schema:
+            type: string
+            default: ""
  - variable: env
    group: "Container Configuration"
    label: "Image Environment"
@ -82,7 +105,13 @@ questions:
      type: dict
      attrs:
 # Include{fixedEnv}
-
+        - variable: PUID
+          label: "PUID"
+          description: "Sets the PUID env var"
+          schema:
+            type: int
+            required: true
+            default: 568
 # Include{containerConfig}

  - variable: service
@ -178,7 +207,7 @@ questions:
      attrs:
        - variable: config
          label: "App Config Storage"
-          description: "Stores the Application Configuration."
+          description: "This is where paperless stores all its data (search index, classification model, etc)"
          schema:
            type: dict
            attrs:
@ -232,9 +261,65 @@ questions:
                    - value: "Memory"
                      description: "Memory"
 # Include{persistenceAdvanced}
-        - variable: data
+        - variable: static
+          label: "App Static Storage"
+          description: "This is where all static files created using “collectstatic” manager command are stored."
+          schema:
+            type: dict
+            attrs:
+              - variable: enabled
+                label: "Enable the storage"
+                schema:
+                  type: boolean
+                  default: true
+                  hidden: true
+              - variable: type
+                label: "Type of Storage"
+                description: "Sets the persistence type, Anything other than PVC could break rollback!"
+                schema:
+                  type: string
+                  default: "simplePVC"
+                  enum:
+                    - value: "simplePVC"
+                      description: "PVC (simple)"
+                    - value: "simpleHP"
+                      description: "HostPath (simple)"
+                    - value: "emptyDir"
+                      description: "emptyDir"
+                    - value: "pvc"
+                      description: "pvc"
+                    - value: "hostPath"
+                      description: "hostPath"
+# Include{persistenceBasic}
+              - variable: hostPath
+                label: "hostPath"
+                description: "Path inside the container the storage is mounted"
+                schema:
+                  show_if: [["type", "=", "hostPath"]]
+                  type: hostpath
+              - variable: mountPath
+                label: "mountPath"
+                description: "Path inside the container the storage is mounted"
+                schema:
+                  type: string
+                  default: "/static"
+                  hidden: true
+                  valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
+              - variable: medium
+                label: "EmptyDir Medium"
+                schema:
+                  show_if: [["type", "=", "emptyDir"]]
+                  type: string
+                  default: ""
+                  enum:
+                    - value: ""
+                      description: "Default"
+                    - value: "Memory"
+                      description: "Memory"
+# Include{persistenceAdvanced}
+        - variable: consume
          label: "App Data Storage"
-          description: "Stores the Data."
+          description: "This where your documents should go to be consumed."
          schema:
            type: dict
            attrs:
@ -273,7 +358,63 @@ questions:
                description: "Path inside the container the storage is mounted"
                schema:
                  type: string
-                  default: "/data"
+                  default: "/consume"
+                  hidden: true
+                  valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
+              - variable: medium
+                label: "EmptyDir Medium"
+                schema:
+                  show_if: [["type", "=", "emptyDir"]]
+                  type: string
+                  default: ""
+                  enum:
+                    - value: ""
+                      description: "Default"
+                    - value: "Memory"
+                      description: "Memory"
+# Include{persistenceAdvanced}
+        - variable: media
+          label: "App Media Storage"
+          description: "This is where your documents and thumbnails are stored."
+          schema:
+            type: dict
+            attrs:
+              - variable: enabled
+                label: "Enable the storage"
+                schema:
+                  type: boolean
+                  default: true
+                  hidden: true
+              - variable: type
+                label: "Type of Storage"
+                description: "Sets the persistence type, Anything other than PVC could break rollback!"
+                schema:
+                  type: string
+                  default: "simpleHP"
+                  enum:
+                    - value: "simplePVC"
+                      description: "PVC (simple)"
+                    - value: "simpleHP"
+                      description: "HostPath (simple)"
+                    - value: "emptyDir"
+                      description: "emptyDir"
+                    - value: "pvc"
+                      description: "pvc"
+                    - value: "hostPath"
+                      description: "hostPath"
+# Include{persistenceBasic}
+              - variable: hostPath
+                label: "hostPath"
+                description: "Path inside the container the storage is mounted"
+                schema:
+                  show_if: [["type", "=", "hostPath"]]
+                  type: hostpath
+              - variable: mountPath
+                label: "mountPath"
+                description: "Path inside the container the storage is mounted"
+                schema:
+                  type: string
+                  default: "/media"
                  hidden: true
                  valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
              - variable: medium
--- a/charts/stable/paperless-ng/templates/_sercrets.tpl
+++ b/charts/stable/paperless-ng/templates/_sercrets.tpl
@ -0,0 +1,20 @@
+{{/* Define the secrets */}}
+{{- define "paperlessng.secrets" -}}
+---
+
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: paperlessng-secrets
+{{- $paperlessprevious := lookup "v1" "Secret" .Release.Namespace "paperlessng-secrets" }}
+{{- $secret_key := "" }}
+data:
+  {{- if $paperlessprevious}}
+  PAPERLESS_SECRET_KEY: {{ index $paperlessprevious.data "PAPERLESS_SECRET_KEY" }}
+  {{- else }}
+  {{- $secret_key := randAlphaNum 32 }}
+  PAPERLESS_SECRET_KEY: {{ $secret_key | b64enc | quote }}
+  {{- end }}
+
+{{- end -}}
--- a/charts/stable/paperless-ng/templates/common.yaml
+++ b/charts/stable/paperless-ng/templates/common.yaml
@ -1 +1,8 @@
-{{ include "common.all" . }}
+{{/* Make sure all variables are set properly */}}
+{{ include "common.setup" . }}
+
+{{/* Render secrets for paperlessng */}}
+{{- include "paperlessng.secrets" . }}
+
+{{/* Render the templates */}}
+{{ include "common.postSetup" . }}
--- a/charts/stable/paperless-ng/values.yaml
+++ b/charts/stable/paperless-ng/values.yaml
@ -1,7 +1,7 @@
 image:
  repository: tccr.io/truecharts/paperless-ng
  pullPolicy: IfNotPresent
-  tag: v1.5.0
+  tag: v1.5.0@sha256:aef66d1bd436e237d0f6eb87dc5c0efe437b9ebcb4f20383dc36c165308df755

 securityContext:
  runAsNonRoot: false
@ -11,8 +11,43 @@ podSecurityContext:
  runAsUser: 0
  runAsGroup: 0

+secret:
+  PAPERLESS_ADMIN_USER: "admin"
+  PAPERLESS_ADMIN_PASSWORD: "admin"
+  PAPERLESS_ADMIN_MAIL: "admin@admin.com"
+
 env:
  PUID: 568
+  PAPERLESS_DATA_DIR: "/config/"
+  PAPERLESS_STATICDIR: "/static/"
+  PAPERLESS_CONSUMPTION_DIR: "/consume/"
+  PAPERLESS_MEDIA_ROOT: "/media/"
+
+envTpl:
+  USERMAP_UID: "{{ .Values.env.PUID }}"
+  USERMAP_GID: "{{ .Values.env.PGID }}"
+  PAPERLESS_TIME_ZONE: "{{ .Values.env.TZ }}"
+  PAPERLESS_DBNAME: "{{ .Values.postgresql.postgresqlDatabase }}"
+  PAPERLESS_DBUSER: "{{ .Values.postgresql.postgresqlUsername }}"
+  PAPERLESS_DBPORT: "5432"
+
+envValueFrom:
+  PAPERLESS_DBPASS:
+    secretKeyRef:
+      name: dbcreds
+      key: postgresql-password
+  PAPERLESS_DBHOST:
+    secretKeyRef:
+      name: dbcreds
+      key: plainhost
+  PAPERLESS_SECRET_KEY:
+    secretKeyRef:
+      name: paperlessng-secrets
+      key: PAPERLESS_SECRET_KEY
+  PAPERLESS_REDIS:
+    secretKeyRef:
+      name: rediscreds
+      key: url

 service:
  main:
@ -25,8 +60,23 @@ persistence:
  config:
    enabled: true
    mountPath: "/config"
-  data:
+  consume:
    enabled: true
-    mountPath: "/data"
-  varrun:
+    mountPath: "/consume"
+  static:
    enabled: true
+    mountPath: "/static"
+  media:
+    enabled: true
+    mountPath: "/media"
+
+redis:
+  enabled: true
+  existingSecret: "rediscreds"
+  redisUsername: paperless-ng
+
+postgresql:
+  enabled: true
+  existingSecret: "dbcreds"
+  postgresqlUsername: paperless-ng
+  postgresqlDatabase: paperless-ng