From d358b18179249ff8322c6d79a78a100044cce404 Mon Sep 17 00:00:00 2001 From: kjeld Schouten-Lebbing Date: Sun, 23 May 2021 00:18:56 +0200 Subject: [PATCH] Common 4.0 App Refactor Part 4 - Ornias --- .../bitwarden/.helmignore | 0 .../bitwarden/CONFIG.md | 0 charts/deprecated/bitwarden/Chart.yaml | 32 + .../bitwarden/README.md | 0 .../bitwarden/SCALE/item.yaml | 0 .../bitwarden/SCALE/ix_values.yaml | 0 .../deprecated/bitwarden/SCALE/questions.yaml | 907 ++++++++++++++++++ .../bitwarden/app-readme.md | 0 .../bitwarden/templates/_specialingress.tpl | 0 .../bitwarden/templates/_validate.tpl | 0 .../bitwarden/templates/common.yaml | 6 - .../bitwarden/templates/configmap.yaml} | 6 +- .../bitwarden/templates/secrets.yaml} | 7 +- charts/deprecated/bitwarden/values.yaml | 177 ++++ charts/deprecated/nzbhydra/Chart.yaml | 2 +- charts/incubator/appdaemon/Chart.yaml | 2 +- charts/incubator/appdaemon/values.yaml | 3 +- charts/incubator/bazarr/Chart.yaml | 2 +- charts/incubator/calibre-web/Chart.yaml | 2 +- charts/incubator/deluge/Chart.yaml | 2 +- charts/incubator/fireflyiii/Chart.yaml | 2 +- charts/incubator/freshrss/Chart.yaml | 2 +- charts/incubator/gaps/Chart.yaml | 2 +- charts/incubator/grocy/Chart.yaml | 2 +- charts/incubator/heimdall/Chart.yaml | 2 +- charts/incubator/lazylibrarian/Chart.yaml | 2 +- charts/incubator/lychee/Chart.yaml | 2 +- charts/incubator/navidrome/Chart.yaml | 2 +- charts/incubator/node-red/Chart.yaml | 2 +- charts/incubator/nzbget/Chart.yaml | 2 +- charts/incubator/organizr/Chart.yaml | 2 +- charts/incubator/podgrab/Chart.yaml | 2 +- charts/incubator/qbittorrent/Chart.yaml | 2 +- charts/incubator/readarr/Chart.yaml | 2 +- charts/incubator/sabnzbd/Chart.yaml | 2 +- charts/incubator/tvheadend/Chart.yaml | 2 +- charts/incubator/unifi/Chart.yaml | 2 +- charts/library/common/Chart.yaml | 2 +- charts/stable/collabora-online/Chart.yaml | 2 +- charts/stable/deepstack-cpu/Chart.yaml | 2 +- charts/stable/emby/Chart.yaml | 2 +- charts/stable/esphome/Chart.yaml | 2 +- charts/stable/handbrake/Chart.yaml | 2 +- charts/stable/home-assistant/Chart.yaml | 2 +- charts/stable/jackett/Chart.yaml | 2 +- charts/stable/jellyfin/Chart.yaml | 2 +- charts/stable/kms/Chart.yaml | 2 +- charts/stable/lidarr/Chart.yaml | 2 +- charts/stable/ombi/Chart.yaml | 2 +- charts/stable/plex/Chart.yaml | 2 +- charts/stable/radarr/Chart.yaml | 2 +- charts/stable/sonarr/Chart.yaml | 2 +- charts/stable/syncthing/Chart.yaml | 2 +- charts/stable/tautulli/Chart.yaml | 2 +- charts/stable/transmission/Chart.yaml | 2 +- charts/stable/truecommand/Chart.yaml | 2 +- charts/stable/vaultwarden/.helmignore | 24 + charts/stable/vaultwarden/CONFIG.md | 8 + .../{bitwarden => vaultwarden}/Chart.yaml | 13 +- charts/stable/vaultwarden/README.md | 56 ++ charts/stable/vaultwarden/SCALE/item.yaml | 3 + .../stable/vaultwarden/SCALE/ix_values.yaml | 54 ++ .../SCALE/questions.yaml | 0 charts/stable/vaultwarden/app-readme.md | 2 + .../vaultwarden/templates/_configmap.tpl | 116 +++ .../stable/vaultwarden/templates/_secrets.tpl | 59 ++ .../vaultwarden/templates/_validate.tpl | 17 + .../stable/vaultwarden/templates/common.yaml | 11 + .../{bitwarden => vaultwarden}/values.yaml | 12 +- charts/stable/zwavejs2mqtt/Chart.yaml | 2 +- 70 files changed, 1526 insertions(+), 71 deletions(-) rename charts/{stable => deprecated}/bitwarden/.helmignore (100%) rename charts/{stable => deprecated}/bitwarden/CONFIG.md (100%) create mode 100644 charts/deprecated/bitwarden/Chart.yaml rename charts/{stable => deprecated}/bitwarden/README.md (100%) rename charts/{stable => deprecated}/bitwarden/SCALE/item.yaml (100%) rename charts/{stable => deprecated}/bitwarden/SCALE/ix_values.yaml (100%) create mode 100644 charts/deprecated/bitwarden/SCALE/questions.yaml rename charts/{stable => deprecated}/bitwarden/app-readme.md (100%) rename charts/{stable => deprecated}/bitwarden/templates/_specialingress.tpl (100%) rename charts/{stable => deprecated}/bitwarden/templates/_validate.tpl (100%) rename charts/{stable => deprecated}/bitwarden/templates/common.yaml (59%) rename charts/{stable/bitwarden/templates/_configmap.tpl => deprecated/bitwarden/templates/configmap.yaml} (98%) rename charts/{stable/bitwarden/templates/_secrets.tpl => deprecated/bitwarden/templates/secrets.yaml} (96%) create mode 100644 charts/deprecated/bitwarden/values.yaml create mode 100644 charts/stable/vaultwarden/.helmignore create mode 100644 charts/stable/vaultwarden/CONFIG.md rename charts/stable/{bitwarden => vaultwarden}/Chart.yaml (81%) create mode 100644 charts/stable/vaultwarden/README.md create mode 100644 charts/stable/vaultwarden/SCALE/item.yaml create mode 100644 charts/stable/vaultwarden/SCALE/ix_values.yaml rename charts/stable/{bitwarden => vaultwarden}/SCALE/questions.yaml (100%) create mode 100644 charts/stable/vaultwarden/app-readme.md create mode 100644 charts/stable/vaultwarden/templates/_configmap.tpl create mode 100644 charts/stable/vaultwarden/templates/_secrets.tpl create mode 100644 charts/stable/vaultwarden/templates/_validate.tpl create mode 100644 charts/stable/vaultwarden/templates/common.yaml rename charts/stable/{bitwarden => vaultwarden}/values.yaml (97%) diff --git a/charts/stable/bitwarden/.helmignore b/charts/deprecated/bitwarden/.helmignore similarity index 100% rename from charts/stable/bitwarden/.helmignore rename to charts/deprecated/bitwarden/.helmignore diff --git a/charts/stable/bitwarden/CONFIG.md b/charts/deprecated/bitwarden/CONFIG.md similarity index 100% rename from charts/stable/bitwarden/CONFIG.md rename to charts/deprecated/bitwarden/CONFIG.md diff --git a/charts/deprecated/bitwarden/Chart.yaml b/charts/deprecated/bitwarden/Chart.yaml new file mode 100644 index 00000000000..6f0ea08195a --- /dev/null +++ b/charts/deprecated/bitwarden/Chart.yaml @@ -0,0 +1,32 @@ +apiVersion: v2 +kubeVersion: ">=1.16.0-0" +name: bitwarden +version: 1.2.7 +upstream_version: 2.1.5 +appVersion: "auto" +description: Unofficial Bitwarden compatible server written in Rust +type: application +deprecated: true +home: https://github.com/truecharts/apps/tree/master/incubator/bitwarden +icon: https://raw.githubusercontent.com/bitwarden/brand/master/icons/256x256.png +keywords: + - bitwarden + - bitwardenrs + - bitwarden_rs + - password + - rust +sources: + - https://github.com/truecharts/apps/tree/master/incubator/bitwarden + - https://github.com/k8s-at-home/charts/tree/master/charts/stable/bitwardenrs + - https://github.com/dani-garcia/bitwarden_rs +dependencies: + - name: common + repository: https://truecharts.org/ + version: 3.5.8 + # condition: + - name: postgresql + version: 10.4.3 + repository: https://charts.bitnami.com/bitnami + condition: postgresql.enabled +maintainers: [] +# annotations: diff --git a/charts/stable/bitwarden/README.md b/charts/deprecated/bitwarden/README.md similarity index 100% rename from charts/stable/bitwarden/README.md rename to charts/deprecated/bitwarden/README.md diff --git a/charts/stable/bitwarden/SCALE/item.yaml b/charts/deprecated/bitwarden/SCALE/item.yaml similarity index 100% rename from charts/stable/bitwarden/SCALE/item.yaml rename to charts/deprecated/bitwarden/SCALE/item.yaml diff --git a/charts/stable/bitwarden/SCALE/ix_values.yaml b/charts/deprecated/bitwarden/SCALE/ix_values.yaml similarity index 100% rename from charts/stable/bitwarden/SCALE/ix_values.yaml rename to charts/deprecated/bitwarden/SCALE/ix_values.yaml diff --git a/charts/deprecated/bitwarden/SCALE/questions.yaml b/charts/deprecated/bitwarden/SCALE/questions.yaml new file mode 100644 index 00000000000..8c1d61d48ea --- /dev/null +++ b/charts/deprecated/bitwarden/SCALE/questions.yaml @@ -0,0 +1,907 @@ +groups: + - name: "Container Image" + description: "Image to be used for container" + - name: "Workload Configuration" + description: "Configure workload deployment" + - name: "Configuration" + description: "additional container configuration" + - name: "Networking" + description: "Configure / service for container" + - name: "Storage" + description: "Persist and share data that is separate from the lifecycle of the container" + - name: "Resources and Devices" + description: "Specify resources/devices to be allocated to workload" + - name: "Reverse Proxy Configuration" + description: "Reverse Proxy configuration" + - name: "Advanced" + description: "Advanced Configuration" + - name: "WARNING" + description: "WARNING" +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: true + # Update Policy + - variable: strategyType + group: "Container Image" + label: "Update Strategy" + schema: + type: string + default: "Recreate" + enum: + - value: "RollingUpdate" + description: "Create new pods and then kill old ones" + - value: "Recreate" + description: "Kill existing pods before creating new ones" + # Configure Time Zone + - variable: timezone + group: "Container Image" + label: "Timezone" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" +# Configure Bitwarden: + - variable: bitwardenrs + label: "" + group: "Configuration" + schema: + type: dict + attrs: + - variable: yubico + label: "Yubico OPT authentication" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable Yubico OPT authentication" + description: "Please refer to the manual at: https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: server + label: "Yubico server" + description: "Defaults to YubiCloud" + schema: + type: string + default: "" + - variable: clientId + label: "Yubico ID" + schema: + type: string + default: "" + - variable: secretKey + label: "Yubico Secret Key" + schema: + type: string + default: "" + - variable: admin + label: "Admin Portal" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable Admin Portal" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: disableAdminToken + label: "Make Accessible Without Password/Token" + schema: + type: boolean + default: false + - variable: token + label: "Admin Portal Password/Token" + description: "Will be automatically generated if not defined" + schema: + type: string + default: "" + - variable: icons + label: "Icon Download Settings" + schema: + type: dict + attrs: + - variable: disableDownload + label: "Disable Icon Download" + description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)" + schema: + type: boolean + default: false + - variable: cache + label: "Cache time-to-live" + description: "Cache time-to-live for icons fetched. 0 means no purging" + schema: + type: int + default: 2592000 + - variable: token + label: "Failed Downloads Cache time-to-live" + description: "Cache time-to-live for icons that were not available. 0 means no purging." + schema: + type: int + default: 2592000 + - variable: log + label: "Logging" + schema: + type: dict + attrs: + - variable: level + label: "Log level" + schema: + type: string + default: "info" + required: true + enum: + - value: "trace" + description: "trace" + - value: "debug" + description: "debug" + - value: "info" + description: "info" + - value: "warn" + description: "warn" + - value: "error" + description: "error" + - value: "off" + description: "off" + - variable: file + label: "Log-File Location" + schema: + type: string + default: "" + + - variable: smtp + label: "SMTP Settings (Email)" + schema: + type: dict + attrs: + - variable: enabled + label: "Enable SMTP Support" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: host + label: "SMTP hostname" + schema: + type: string + required: true + default: "" + - variable: from + label: "SMTP sender e-mail address" + schema: + type: string + required: true + default: "" + - variable: fromName + label: "SMTP sender name" + schema: + type: string + required: true + default: "" + - variable: user + label: "SMTP username" + schema: + type: string + required: true + default: "" + - variable: password + label: "SMTP password" + description: "Required is user is specified, ignored if no user provided" + schema: + type: string + default: "" + - variable: ssl + label: "Enable SSL connection" + schema: + type: boolean + default: true + - variable: port + label: "SMTP port" + description: "Usually: 25 without SSL, 587 with SSL" + schema: + type: int + default: 587 + - variable: authMechanism + label: "SMTP Authentication Mechanisms" + description: "Comma-separated options: Plain, Login and Xoauth2" + schema: + type: string + default: "Plain" + - variable: heloName + label: "SMTP HELO - Hostname" + description: "Hostname to be sent for SMTP HELO. Defaults to pod name" + schema: + type: string + default: "" + - variable: port + label: "SMTP timeout" + schema: + type: int + default: 15 + - variable: invalidHostname + label: "Accept Invalid Hostname" + description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!" + schema: + type: boolean + default: false + - variable: invalidCertificate + label: "Accept Invalid Certificate" + description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!" + schema: + type: boolean + default: false + + - variable: allowSignups + label: "Allow Signup" + description: "Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users" + schema: + type: boolean + default: true + - variable: allowInvitation + label: "Always allow Invitation" + description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations" + schema: + type: boolean + default: true + - variable: defaultInviteName + label: "Default Invite Organisation Name" + description: "Default organization name in invitation e-mails that are not coming from a specific organization." + schema: + type: string + default: "" + + - variable: showPasswordHint + label: "Show password hints" + description: "https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display" + schema: + type: boolean + default: true + + - variable: signupwhitelistenable + label: "Enable Signup Whitelist" + description: "allowSignups is ignored if set" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: signupDomains + label: "Signup Whitelist Domains" + schema: + type: list + default: [] + items: + - variable: domain + label: "Domain" + schema: + type: string + default: "" + - variable: verifySignup + label: "Verifiy Signup" + description: "Verify e-mail before login is enabled. SMTP must be enabled" + schema: + type: boolean + default: false + - variable: requireEmail + label: "Block Login if email fails" + description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled" + schema: + type: boolean + default: false + - variable: emailAttempts + label: "Email token reset attempts" + description: "Maximum attempts before an email token is reset and a new email will need to be sent" + schema: + type: int + default: 3 + - variable: emailTokenExpiration + label: "Email token validity in seconds" + schema: + type: int + default: 600 + - variable: enableWebsockets + label: "Enable Websocket Connections" + description: "Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications" + schema: + type: boolean + default: true + hidden: true + - variable: enableWebVault + label: "Enable Webvault" + description: "Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting" + schema: + type: boolean + default: true + - variable: orgCreationUsers + label: "Limit Organisation Creation to (users)" + description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users." + schema: + type: string + default: "all" + - variable: attachmentLimitOrg + label: "Limit Attachment Disk Usage per Organisation" + schema: + type: string + default: "" + - variable: attachmentLimitUser + label: "Limit Attachment Disk Usage per User" + schema: + type: string + default: "" + - variable: hibpApiKey + label: "HaveIBeenPwned API Key" + description: "Can be purchased at https://haveibeenpwned.com/API/Key" + schema: + type: string + default: "" + # Configure Enviroment Variables + - variable: environmentVariables + label: "Image environment" + group: "Configuration" + schema: + type: list + default: [] + items: + - variable: environmentVariable + label: "Environment Variable" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + # Enable Host Networking + - variable: hostNetwork + group: "Networking" + label: "Enable Host Networking" + schema: + type: boolean + default: false + hidden: true + - variable: services + group: "Networking" + label: "Configure Service" + schema: + type: dict + hidden: true + attrs: + - variable: main + label: "Main service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Service type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System" + schema: + type: string + default: "ClusterIP" + hidden: true + enum: + - value: "ClusterIP" + description: "ClusterIP" + - variable: port + label: "Port configuration" + schema: + type: dict + attrs: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + hidden: true + enum: + - value: HTTP + description: "HTTP" + - variable: port + label: "container port" + schema: + type: int + default: 8080 + editable: false + hidden: true + - variable: targetport + label: "Internal Service port" + description: "When connecting internally to this App, you'll need this port" + schema: + type: int + default: 8080 + editable: false + hidden: true + - variable: nodePort + label: "(optional) host nodePort to expose to" + description: "only get used when nodePort is selected" + schema: + type: int + min: 9000 + max: 65535 + default: 36000 + required: true + hidden: true + - variable: ws + label: "Websocket service" + description: "Websocket Service" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Service type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System" + schema: + type: string + default: "ClusterIP" + hidden: true + enum: + - value: "ClusterIP" + description: "ClusterIP" + - variable: port + label: "Port configuration" + schema: + type: dict + attrs: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + hidden: true + enum: + - value: HTTP + description: "HTTP" + - variable: port + label: "container port" + schema: + type: int + default: 3012 + editable: false + hidden: true + - variable: targetport + label: "Internal Service port" + description: "When connecting internally to this App, you'll need this port" + schema: + type: int + default: 3012 + editable: false + hidden: true + - variable: nodePort + label: "(optional) host nodePort to expose to" + description: "only get used when nodePort is selected" + schema: + type: int + min: 9000 + max: 65535 + default: 36001 + required: true + hidden: true + +## TrueCharts Specific + - variable: persistence + label: "Integrated Persistent Storage" + description: "Websocket Service" + group: "Storage" + schema: + type: dict + attrs: + - variable: data + label: "App Config Storage" + description: "Stores the Application Configuration." + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + hidden: true + - variable: storageClass + label: "Type of Storage" + description: " Warning: Anything other than Internal will break rollback!" + schema: + type: string + default: "" + enum: + - value: "" + description: "Internal" + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "/data" + hidden: true + - variable: emptyDir + label: "Mount a ramdisk instead of actual storage" + schema: + type: boolean + default: false + hidden: true + - variable: accessMode + label: "Access Mode (Advanced)" + description: "Allow or disallow multiple PVC's writhing to the same PVC" + schema: + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: size + label: "Size quotum of storage" + schema: + type: string + default: "100Gi" + - variable: db + label: "Database Storage" + description: "Stores the Application database." + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + hidden: true + - variable: nameOverride + label: "Override PVC Name (advanced)" + description: "Forces a certain name for the PVC" + schema: + type: string + default: "db" + hidden: true + - variable: storageClass + label: "Type of Storage" + description: " Warning: Anything other than Internal will break rollback!" + schema: + type: string + default: "" + enum: + - value: "" + description: "Internal" + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "" + hidden: true + - variable: emptyDir + label: "Mount a ramdisk instead of actual storage" + schema: + type: boolean + default: false + hidden: true + - variable: accessMode + label: "Access Mode (Advanced)" + description: "Allow or disallow multiple PVC's writhing to the same PVC" + schema: + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: size + label: "Size quotum of storage" + schema: + type: string + default: "100Gi" + - variable: dbbackup + label: "Database Backup Storage" + description: "Stores the Application database backups." + schema: + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + hidden: true + - variable: storageClass + label: "Type of Storage" + description: " Warning: Anything other than Internal will break rollback!" + schema: + type: string + default: "" + enum: + - value: "" + description: "Internal" + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "" + hidden: true + - variable: emptyDir + label: "Mount a ramdisk instead of actual storage" + schema: + type: boolean + default: false + hidden: true + - variable: accessMode + label: "Access Mode (Advanced)" + description: "Allow or disallow multiple PVC's writhing to the same PVC" + schema: + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: size + label: "Size quotum of storage" + schema: + type: string + default: "100Gi" + - variable: customStorage + label: "Custom app storage" + group: "Storage" + schema: + type: list + default: [] + items: + - variable: volumeMount + label: "Custom Storage" + schema: + type: dict + attrs: + - variable: enabled + label: "Enabled" + schema: + type: boolean + default: true + required: true + hidden: true + editable: false + - variable: setPermissions + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + type: boolean + default: true + hidden: false + - variable: readOnly + label: "Mount as ReadOnly" + description: "prevent any write from being done to the mounted volume" + schema: + type: boolean + default: false + hidden: false + - variable: emptyDir + label: "emptyDir" + schema: + type: boolean + default: false + hidden: true + editable: false + - variable: mountPath + label: "Mount Path" + description: "Path to mount inside the pod" + schema: + type: path + required: true + default: "" + editable: true + - variable: hostPath + label: "Host Path" + schema: + type: hostpath + required: true + - variable: ingress + label: "" + group: "Reverse Proxy Configuration" + schema: + type: dict + attrs: + - variable: main + label: "WebUI" + schema: + type: dict + attrs: + - variable: certType + label: "Select Reverse-Proxy Type" + schema: + type: string + default: "disabled" + enum: + - value: "disabled" + description: "Disabled" + - value: "" + description: "No Encryption/TLS/Certificates" + - value: "selfsigned" + description: "Self-Signed Certificate" + - value: "ixcert" + description: "TrueNAS SCALE Certificate" + - variable: type + label: "Reverse Proxy Type" + schema: + type: string + default: "HTTP" + hidden: true + editable: false + required: true + - variable: serviceName + label: "Service name to proxy to" + schema: + hidden: true + editable: false + type: string + default: "" + - variable: entrypoint + label: "Select Entrypoint" + schema: + show_if: [["certType", "!=", "disabled"]] + type: string + default: "websecure" + required: true + enum: + - value: "websecure" + description: "Websecure: HTTPS/TLS port 443" + - variable: hosts + label: "Hosts" + schema: + show_if: [["certType", "!=", "disabled"]] + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: dict + attrs: + - variable: host + label: "Domain Name" + required: true + schema: + type: string + - variable: path + label: "path" + schema: + type: string + required: true + hidden: true + default: "/" + - variable: certificate + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + show_if: [["certType", "=", "ixcert"]] + $ref: + - "definitions/certificate" + - variable: authForwardURL + label: "Forward Authentication URL" + schema: + show_if: [["certType", "!=", "disabled"]] + type: string + default: "" + + - variable: UMASK + group: "Advanced" + label: "UMASK" + description: "Sets the UMASK env var for LinuxServer.io (compatible) containers" + schema: + type: string + default: "002" + # Enable privileged + - variable: securityContext + group: "Advanced" + label: "Security Context" + schema: + type: dict + attrs: + - variable: privileged + label: "Enable privileged mode for Common-Chart based charts" + schema: + type: boolean + default: false + # Set Pod Security Policy + - variable: podSecurityContext + group: "Advanced" + label: "Pod Security Context" + schema: + type: dict + attrs: + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: true + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 568 + - variable: runAsGroup + label: "runAsGroup" + description: The groupID this App of the user running the application" + schema: + type: int + default: 568 + - variable: supplementalGroups + label: "supplementalGroups" + description: "Additional groups this App needs access to" + schema: + type: list + default: [] + items: + - variable: Group + label: "Group" + schema: + type: int + default: 568 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: "OnRootMismatch" + enum: + - value: "OnRootMismatch" + description: "OnRootMismatch" + - value: "Always" + description: "Always" diff --git a/charts/stable/bitwarden/app-readme.md b/charts/deprecated/bitwarden/app-readme.md similarity index 100% rename from charts/stable/bitwarden/app-readme.md rename to charts/deprecated/bitwarden/app-readme.md diff --git a/charts/stable/bitwarden/templates/_specialingress.tpl b/charts/deprecated/bitwarden/templates/_specialingress.tpl similarity index 100% rename from charts/stable/bitwarden/templates/_specialingress.tpl rename to charts/deprecated/bitwarden/templates/_specialingress.tpl diff --git a/charts/stable/bitwarden/templates/_validate.tpl b/charts/deprecated/bitwarden/templates/_validate.tpl similarity index 100% rename from charts/stable/bitwarden/templates/_validate.tpl rename to charts/deprecated/bitwarden/templates/_validate.tpl diff --git a/charts/stable/bitwarden/templates/common.yaml b/charts/deprecated/bitwarden/templates/common.yaml similarity index 59% rename from charts/stable/bitwarden/templates/common.yaml rename to charts/deprecated/bitwarden/templates/common.yaml index 9e84d7a7b58..c83beb6c7ae 100644 --- a/charts/stable/bitwarden/templates/common.yaml +++ b/charts/deprecated/bitwarden/templates/common.yaml @@ -4,11 +4,5 @@ {{/* Render the templates */}} {{ include "common.all" . }} -{{/* Render configmap for bitwarden */}} -{{- include "bitwarden.configmap" . }} - -{{/* Render secrets for bitwarden */}} -{{- include "bitwarden.secrets" . }} - {{/* Render special ingress for bitwarden */}} {{- include "bitwarden.ingress" . }} diff --git a/charts/stable/bitwarden/templates/_configmap.tpl b/charts/deprecated/bitwarden/templates/configmap.yaml similarity index 98% rename from charts/stable/bitwarden/templates/_configmap.tpl rename to charts/deprecated/bitwarden/templates/configmap.yaml index f41708c8a5b..074f8237e6a 100644 --- a/charts/stable/bitwarden/templates/_configmap.tpl +++ b/charts/deprecated/bitwarden/templates/configmap.yaml @@ -1,10 +1,9 @@ -{{/* Define the configmap */}} -{{- define "bitwarden.configmap" -}} ---- apiVersion: v1 kind: ConfigMap metadata: name: bitwardenconfig + labels: + {{- include "common.labels" . | nindent 4 }} data: ROCKET_PORT: "8080" SIGNUPS_ALLOWED: {{ .Values.bitwardenrs.allowSignups | quote }} @@ -113,4 +112,3 @@ data: {{- else }} ENABLE_DB_WAL: "false" {{- end }} -{{- end -}} diff --git a/charts/stable/bitwarden/templates/_secrets.tpl b/charts/deprecated/bitwarden/templates/secrets.yaml similarity index 96% rename from charts/stable/bitwarden/templates/_secrets.tpl rename to charts/deprecated/bitwarden/templates/secrets.yaml index 63c49240e83..e8e0dcc3e0b 100644 --- a/charts/stable/bitwarden/templates/_secrets.tpl +++ b/charts/deprecated/bitwarden/templates/secrets.yaml @@ -1,6 +1,3 @@ -{{/* Define the secrets */}} -{{- define "bitwarden.secrets" -}} - {{- $adminToken := "" }} {{- if eq .Values.bitwardenrs.admin.enabled true }} {{- $adminToken = .Values.bitwardenrs.admin.token | default (randAlphaNum 48) | b64enc | quote }} @@ -15,12 +12,13 @@ {{- if eq .Values.bitwardenrs.yubico.enabled true }} {{- $yubicoClientId = required "Yubico Client ID required" .Values.bitwardenrs.yubico.clientId | toString | b64enc | quote }} {{- end -}} ---- apiVersion: v1 kind: Secret metadata: name: bitwardensecret + labels: + {{- include "common.labels" . | nindent 4 }} data: {{- if ne $adminToken "" }} ADMIN_TOKEN: {{ $adminToken }} @@ -56,4 +54,3 @@ data: {{- end }} url: {{ ( printf "%v%v:%v@%v-%v:%v/%v" "postgresql://" .Values.postgresql.postgresqlUsername $dbPass .Release.Name "postgresql" "5432" .Values.postgresql.postgresqlDatabase ) | b64enc | quote }} type: Opaque -{{- end -}} diff --git a/charts/deprecated/bitwarden/values.yaml b/charts/deprecated/bitwarden/values.yaml new file mode 100644 index 00000000000..eb0fa46b6c4 --- /dev/null +++ b/charts/deprecated/bitwarden/values.yaml @@ -0,0 +1,177 @@ +# Default values for Bitwarden. + +image: + repository: bitwardenrs/server + pullPolicy: IfNotPresent + tag: 1.21.0 + +strategy: + type: Recreate + +services: + main: + port: + port: 8080 + ws: + port: + port: 3012 + +env: {} + +envTpl: + DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}" + +envFrom: + - configMapRef: + name: bitwardenconfig + - secretRef: + name: bitwardensecret + +envValueFrom: + DATABASE_URL: + secretKeyRef: + name: dbcreds + key: url + +database: + # Database type, must be one of: 'sqlite', 'mysql' or 'postgresql'. + type: postgresql + # Enable DB Write-Ahead-Log for SQLite, disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled + wal: true + ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port). + # url: "" + ## Set the size of the database connection pool. + # maxConnections: 10 + ## Connection retries during startup, 0 for infinite. 1 second between retries. + # retries: 15 + +# Set Bitwarden_rs application variables +bitwardenrs: + # Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users + allowSignups: true + ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set. + # signupDomains: + # - domain.tld + # Verify e-mail before login is enabled. SMTP must be enabled. + verifySignup: false + # When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled. + requireEmail: false + ## Maximum attempts before an email token is reset and a new email will need to be sent. + # emailAttempts: 3 + ## Email token validity in seconds. + # emailTokenExpiration: 600 + # Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations + allowInvitation: true + # Show password hints: https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display + ## Default organization name in invitation e-mails that are not coming from a specific organization. + # defaultInviteName: "" + showPasswordHint: true + # Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications + # Redirect HTTP path "/notifications/hub" to port 3012. Ingress/IngressRoute controllers are automatically configured. + enableWebsockets: true + # Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting + enableWebVault: true + # Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users. + orgCreationUsers: all + ## Limit attachment disk usage per organization. + # attachmentLimitOrg: + ## Limit attachment disk usage per user. + # attachmentLimitUser: + ## HaveIBeenPwned API Key. Can be purchased at https://haveibeenpwned.com/API/Key. + # hibpApiKey: + + admin: + # Enable admin portal. + enabled: false + # Disabling the admin token will make the admin portal accessible to anyone, use carefully: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-admin-token + disableAdminToken: false + ## Token for admin login, will be generated if not defined. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-admin-page + # token: + + # Enable SMTP. https://github.com/dani-garcia/bitwarden_rs/wiki/SMTP-configuration + smtp: + enabled: false + # SMTP hostname, required if SMTP is enabled. + host: "" + # SMTP sender e-mail address, required if SMTP is enabled. + from: "" + ## SMTP sender name, defaults to 'Bitwarden_RS'. + # fromName: "" + ## Enable SSL connection. + # ssl: true + ## SMTP port. Defaults to 25 without SSL, 587 with SSL. + # port: 587 + ## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'. + # authMechanism: Plain + ## Hostname to be sent for SMTP HELO. Defaults to pod name. + # heloName: "" + ## SMTP timeout. + # timeout: 15 + ## Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks! + # invalidHostname: false + ## Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks! + # invalidCertificate: false + ## SMTP username. + # user: "" + ## SMTP password. Required is user is specified, ignored if no user provided. + # password: "" + + ## Enable Yubico OPT authentication. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication + yubico: + enabled: false + ## Yubico server. Defaults to YubiCloud. + # server: + ## Yubico ID and Secret Key. + # clientId: + # secretKey: + + ## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging + log: + # Log to file. + file: "" + # Log level. Options are "trace", "debug", "info", "warn", "error" or "off". + level: "trace" + ## Log timestamp format. See https://docs.rs/chrono/0.4.15/chrono/format/strftime/index.html. Defaults to time in milliseconds. + # timeFormat: "" + + icons: + # Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache). TTL will default to zero. + disableDownload: false + ## Cache time-to-live for icons fetched. 0 means no purging. + # cache: 2592000 + ## Cache time-to-live for icons that were not available. 0 means no purging. + # cacheFailed: 259200 + +persistence: + data: + enabled: true + mountPath: "/data" + emptyDir: true + accessMode: ReadWriteOnce + size: 1Gi + storageClass: "" + db: + nameOverride: "db" + enabled: true + emptyDir: true + accessMode: ReadWriteOnce + size: 1Gi + storageClass: "" + dbbackup: + enabled: true + emptyDir: true + accessMode: ReadWriteOnce + size: 1Gi + storageClass: "" + + +# Enabled postgres +# ... for more options see https://github.com/bitnami/charts/tree/master/bitnami/postgresql +postgresql: + enabled: true + postgresqlUsername: bitwarden + postgresqlDatabase: bitwarden + existingSecret: dbcreds + persistence: + enabled: false + existingClaim: db diff --git a/charts/deprecated/nzbhydra/Chart.yaml b/charts/deprecated/nzbhydra/Chart.yaml index 841e9fa964e..9fbf8342b9a 100644 --- a/charts/deprecated/nzbhydra/Chart.yaml +++ b/charts/deprecated/nzbhydra/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: [] # annotations: diff --git a/charts/incubator/appdaemon/Chart.yaml b/charts/incubator/appdaemon/Chart.yaml index 7254c1bf332..3d895b7c1d6 100644 --- a/charts/incubator/appdaemon/Chart.yaml +++ b/charts/incubator/appdaemon/Chart.yaml @@ -16,7 +16,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 maintainers: - name: TrueCharts email: info@truecharts.org diff --git a/charts/incubator/appdaemon/values.yaml b/charts/incubator/appdaemon/values.yaml index 5b7d9738b8e..a89ba905d2b 100644 --- a/charts/incubator/appdaemon/values.yaml +++ b/charts/incubator/appdaemon/values.yaml @@ -13,9 +13,8 @@ podSecurityContext: runAsGroup: 568 fsGroup: 568 -timezone: "America/Chicago" - env: + TZ: "America/Chicago" LATITUDE: 46 LONGITUDE: -94 ELEVATION: 1217 diff --git a/charts/incubator/bazarr/Chart.yaml b/charts/incubator/bazarr/Chart.yaml index bda4f6d83ca..bfc5a517267 100644 --- a/charts/incubator/bazarr/Chart.yaml +++ b/charts/incubator/bazarr/Chart.yaml @@ -24,7 +24,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/calibre-web/Chart.yaml b/charts/incubator/calibre-web/Chart.yaml index dec6cf53b21..26a5d2d86f0 100644 --- a/charts/incubator/calibre-web/Chart.yaml +++ b/charts/incubator/calibre-web/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/deluge/Chart.yaml b/charts/incubator/deluge/Chart.yaml index f7e89bdb546..9a8f96f61d3 100644 --- a/charts/incubator/deluge/Chart.yaml +++ b/charts/incubator/deluge/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/fireflyiii/Chart.yaml b/charts/incubator/fireflyiii/Chart.yaml index 443c8bdb9e5..bc4f4b52064 100644 --- a/charts/incubator/fireflyiii/Chart.yaml +++ b/charts/incubator/fireflyiii/Chart.yaml @@ -16,7 +16,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 - name: postgresql version: 10.4.3 repository: https://charts.bitnami.com/bitnami diff --git a/charts/incubator/freshrss/Chart.yaml b/charts/incubator/freshrss/Chart.yaml index 3b4afe40c2a..01007b2496c 100644 --- a/charts/incubator/freshrss/Chart.yaml +++ b/charts/incubator/freshrss/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/gaps/Chart.yaml b/charts/incubator/gaps/Chart.yaml index 873f2391296..27d13f4d75e 100644 --- a/charts/incubator/gaps/Chart.yaml +++ b/charts/incubator/gaps/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/grocy/Chart.yaml b/charts/incubator/grocy/Chart.yaml index f7095368175..ad35e5532bb 100644 --- a/charts/incubator/grocy/Chart.yaml +++ b/charts/incubator/grocy/Chart.yaml @@ -18,7 +18,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/heimdall/Chart.yaml b/charts/incubator/heimdall/Chart.yaml index 75be911696e..6a5ff6cca82 100644 --- a/charts/incubator/heimdall/Chart.yaml +++ b/charts/incubator/heimdall/Chart.yaml @@ -17,7 +17,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/lazylibrarian/Chart.yaml b/charts/incubator/lazylibrarian/Chart.yaml index 0d9e1d67c84..f3e8b8abab9 100644 --- a/charts/incubator/lazylibrarian/Chart.yaml +++ b/charts/incubator/lazylibrarian/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/lychee/Chart.yaml b/charts/incubator/lychee/Chart.yaml index 2074dbf88b7..45e88e54835 100644 --- a/charts/incubator/lychee/Chart.yaml +++ b/charts/incubator/lychee/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/navidrome/Chart.yaml b/charts/incubator/navidrome/Chart.yaml index 5ffc8ef0487..60671209765 100644 --- a/charts/incubator/navidrome/Chart.yaml +++ b/charts/incubator/navidrome/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/node-red/Chart.yaml b/charts/incubator/node-red/Chart.yaml index 13783327756..559dd6d65db 100644 --- a/charts/incubator/node-red/Chart.yaml +++ b/charts/incubator/node-red/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/nzbget/Chart.yaml b/charts/incubator/nzbget/Chart.yaml index d46b3f98f46..75a848570cd 100644 --- a/charts/incubator/nzbget/Chart.yaml +++ b/charts/incubator/nzbget/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/organizr/Chart.yaml b/charts/incubator/organizr/Chart.yaml index 2e3cc7b9e55..814e44c74f8 100644 --- a/charts/incubator/organizr/Chart.yaml +++ b/charts/incubator/organizr/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/podgrab/Chart.yaml b/charts/incubator/podgrab/Chart.yaml index ae2183a978d..0bcc74cba8c 100644 --- a/charts/incubator/podgrab/Chart.yaml +++ b/charts/incubator/podgrab/Chart.yaml @@ -17,7 +17,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 maintainers: - name: TrueCharts email: info@truecharts.org diff --git a/charts/incubator/qbittorrent/Chart.yaml b/charts/incubator/qbittorrent/Chart.yaml index b6be5d8468a..93e62d692b8 100644 --- a/charts/incubator/qbittorrent/Chart.yaml +++ b/charts/incubator/qbittorrent/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/readarr/Chart.yaml b/charts/incubator/readarr/Chart.yaml index ea50d4c127e..ee77201245e 100644 --- a/charts/incubator/readarr/Chart.yaml +++ b/charts/incubator/readarr/Chart.yaml @@ -23,7 +23,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/sabnzbd/Chart.yaml b/charts/incubator/sabnzbd/Chart.yaml index 0d766e7c00e..95502aad866 100644 --- a/charts/incubator/sabnzbd/Chart.yaml +++ b/charts/incubator/sabnzbd/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/tvheadend/Chart.yaml b/charts/incubator/tvheadend/Chart.yaml index b3eb53abae1..12c0c959a43 100644 --- a/charts/incubator/tvheadend/Chart.yaml +++ b/charts/incubator/tvheadend/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/incubator/unifi/Chart.yaml b/charts/incubator/unifi/Chart.yaml index b00f32187cc..6ffb172e5ae 100644 --- a/charts/incubator/unifi/Chart.yaml +++ b/charts/incubator/unifi/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/library/common/Chart.yaml b/charts/library/common/Chart.yaml index 7191e8ad6f6..803d3d2284b 100644 --- a/charts/library/common/Chart.yaml +++ b/charts/library/common/Chart.yaml @@ -19,4 +19,4 @@ name: common sources: - https://github.com/truecharts/apps/tree/master/library/common type: library -version: 4.1.5 +version: 4.1.6 diff --git a/charts/stable/collabora-online/Chart.yaml b/charts/stable/collabora-online/Chart.yaml index 5a3d739f8c9..454a824bf5d 100644 --- a/charts/stable/collabora-online/Chart.yaml +++ b/charts/stable/collabora-online/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/deepstack-cpu/Chart.yaml b/charts/stable/deepstack-cpu/Chart.yaml index d0e37f6c530..d0cbd1fd1ae 100644 --- a/charts/stable/deepstack-cpu/Chart.yaml +++ b/charts/stable/deepstack-cpu/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/emby/Chart.yaml b/charts/stable/emby/Chart.yaml index 83eca634e8e..2b4d454e2cb 100644 --- a/charts/stable/emby/Chart.yaml +++ b/charts/stable/emby/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/esphome/Chart.yaml b/charts/stable/esphome/Chart.yaml index 411b108a109..da1548d274b 100644 --- a/charts/stable/esphome/Chart.yaml +++ b/charts/stable/esphome/Chart.yaml @@ -19,7 +19,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/handbrake/Chart.yaml b/charts/stable/handbrake/Chart.yaml index dd430287af1..cd7a895db5e 100644 --- a/charts/stable/handbrake/Chart.yaml +++ b/charts/stable/handbrake/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/home-assistant/Chart.yaml b/charts/stable/home-assistant/Chart.yaml index 8b4c6422262..ebf23a53a54 100644 --- a/charts/stable/home-assistant/Chart.yaml +++ b/charts/stable/home-assistant/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: # ## postgresql is currently not ported to SCALE yet. # - name: postgresql diff --git a/charts/stable/jackett/Chart.yaml b/charts/stable/jackett/Chart.yaml index c8edd69f09f..7bd4b93e724 100644 --- a/charts/stable/jackett/Chart.yaml +++ b/charts/stable/jackett/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/jellyfin/Chart.yaml b/charts/stable/jellyfin/Chart.yaml index 355c5317c26..d81f52347ef 100644 --- a/charts/stable/jellyfin/Chart.yaml +++ b/charts/stable/jellyfin/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/kms/Chart.yaml b/charts/stable/kms/Chart.yaml index 83c998b62ea..2adfbb6a94b 100644 --- a/charts/stable/kms/Chart.yaml +++ b/charts/stable/kms/Chart.yaml @@ -17,7 +17,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/lidarr/Chart.yaml b/charts/stable/lidarr/Chart.yaml index 3b70a19aa2a..0fc6daaab9c 100644 --- a/charts/stable/lidarr/Chart.yaml +++ b/charts/stable/lidarr/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/ombi/Chart.yaml b/charts/stable/ombi/Chart.yaml index a3acb5becbb..bfcfa055520 100644 --- a/charts/stable/ombi/Chart.yaml +++ b/charts/stable/ombi/Chart.yaml @@ -24,7 +24,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/plex/Chart.yaml b/charts/stable/plex/Chart.yaml index 76afd99e6d3..d0ed5861e49 100644 --- a/charts/stable/plex/Chart.yaml +++ b/charts/stable/plex/Chart.yaml @@ -17,7 +17,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/radarr/Chart.yaml b/charts/stable/radarr/Chart.yaml index c73b592f19d..f02b34ccee4 100644 --- a/charts/stable/radarr/Chart.yaml +++ b/charts/stable/radarr/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/sonarr/Chart.yaml b/charts/stable/sonarr/Chart.yaml index 7bc4269bac9..566a0a4fb59 100644 --- a/charts/stable/sonarr/Chart.yaml +++ b/charts/stable/sonarr/Chart.yaml @@ -21,7 +21,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/syncthing/Chart.yaml b/charts/stable/syncthing/Chart.yaml index fddaa071d07..109d6bb15f5 100644 --- a/charts/stable/syncthing/Chart.yaml +++ b/charts/stable/syncthing/Chart.yaml @@ -18,7 +18,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/tautulli/Chart.yaml b/charts/stable/tautulli/Chart.yaml index 04f89b081f1..841ead7dab6 100644 --- a/charts/stable/tautulli/Chart.yaml +++ b/charts/stable/tautulli/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/transmission/Chart.yaml b/charts/stable/transmission/Chart.yaml index cdb5e8bf7ac..b3d1e86eda7 100644 --- a/charts/stable/transmission/Chart.yaml +++ b/charts/stable/transmission/Chart.yaml @@ -20,7 +20,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/truecommand/Chart.yaml b/charts/stable/truecommand/Chart.yaml index 1092666fbd6..5859c88a4a3 100644 --- a/charts/stable/truecommand/Chart.yaml +++ b/charts/stable/truecommand/Chart.yaml @@ -17,7 +17,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts diff --git a/charts/stable/vaultwarden/.helmignore b/charts/stable/vaultwarden/.helmignore new file mode 100644 index 00000000000..e559de0a012 --- /dev/null +++ b/charts/stable/vaultwarden/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# OWNERS file for Kubernetes +OWNERS diff --git a/charts/stable/vaultwarden/CONFIG.md b/charts/stable/vaultwarden/CONFIG.md new file mode 100644 index 00000000000..6d760c18421 --- /dev/null +++ b/charts/stable/vaultwarden/CONFIG.md @@ -0,0 +1,8 @@ +# Configuration Options + +##### Connecting to other apps +If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Together" guide: +https://truecharts.org/manual/linking/ + +##### Available config options +In the future this page is going to contain an automated list of options available in the installation/edit UI. diff --git a/charts/stable/bitwarden/Chart.yaml b/charts/stable/vaultwarden/Chart.yaml similarity index 81% rename from charts/stable/bitwarden/Chart.yaml rename to charts/stable/vaultwarden/Chart.yaml index 3351476b348..8c79097ad87 100644 --- a/charts/stable/bitwarden/Chart.yaml +++ b/charts/stable/vaultwarden/Chart.yaml @@ -1,28 +1,29 @@ apiVersion: v2 kubeVersion: ">=1.16.0-0" -name: bitwarden -version: 2.0.0 -upstream_version: 2.1.5 +name: vaultwarden +version: 1.0.0 +# upstream_version: appVersion: "auto" description: Unofficial Bitwarden compatible server written in Rust type: application deprecated: false -home: https://github.com/truecharts/apps/tree/master/incubator/bitwarden +home: https://github.com/truecharts/apps/tree/master/stable/vaultwarden icon: https://raw.githubusercontent.com/bitwarden/brand/master/icons/256x256.png keywords: - bitwarden - bitwardenrs - bitwarden_rs + - vaultwarden - password - rust sources: - https://github.com/truecharts/apps/tree/master/incubator/bitwarden - https://github.com/k8s-at-home/charts/tree/master/charts/stable/bitwardenrs - - https://github.com/dani-garcia/bitwarden_rs + - https://github.com/dani-garcia/vaultwarden dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: - name: postgresql version: 10.4.3 diff --git a/charts/stable/vaultwarden/README.md b/charts/stable/vaultwarden/README.md new file mode 100644 index 00000000000..f3497af5baf --- /dev/null +++ b/charts/stable/vaultwarden/README.md @@ -0,0 +1,56 @@ +# Introduction + +![Version: 1.2.5](https://img.shields.io/badge/Version-1.2.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: auto](https://img.shields.io/badge/AppVersion-auto-informational?style=flat-square) + +Unofficial Vaultwarden compatible server written in Rust + +TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation. +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)** + +## Source Code + +* +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.bitnami.com/bitnami | postgresql | 10.4.2 | +| https://truecharts.org/ | common | 3.5.5 | + +## Installing the Chart + +To install the chart with the release name `Vaultwarden` + +- Open TrueNAS SCALE +- Go to Apps +- Click "Install" for this specific Apps +- Fill out the configuration form + +## Uninstalling the Chart + +To uninstall the `Vaultwarden` deployment + +- Open TrueNAS SCALE +- Go to Apps +- Go to "Installed Apps" +- Expand the menu in the top-right corner of this App +- Click "Remove" for this specific Apps + +The command removes all the Kubernetes components associated with the chart **including storage volumes** _(Except hostPath Storage)_ and deletes the release. + +## Support + +- See the [Wiki](https://truecharts.org) +- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) +- Ask a [question](https://github.com/truecharts/apps/discussions) + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0) +All Rights Reserved - The TrueCharts Project diff --git a/charts/stable/vaultwarden/SCALE/item.yaml b/charts/stable/vaultwarden/SCALE/item.yaml new file mode 100644 index 00000000000..12bd3f41af9 --- /dev/null +++ b/charts/stable/vaultwarden/SCALE/item.yaml @@ -0,0 +1,3 @@ +categories: + - security +icon_url: https://raw.githubusercontent.com/bitwarden/brand/master/icons/256x256.png diff --git a/charts/stable/vaultwarden/SCALE/ix_values.yaml b/charts/stable/vaultwarden/SCALE/ix_values.yaml new file mode 100644 index 00000000000..5054d940525 --- /dev/null +++ b/charts/stable/vaultwarden/SCALE/ix_values.yaml @@ -0,0 +1,54 @@ +## +# This file contains Values.yaml content that gets added to the output of questions.yaml +# It's ONLY meant for content that the user is NOT expected to change. +# Example: Everything under "image" is not included in questions.yaml but is included here. +## + +image: + repository: bitwardenrs/server + pullPolicy: IfNotPresent + tag: 1.21.0 + +envTpl: + DOMAIN: "https://{{ if .Values.ingress }}{{ if .Values.ingress.main.enabled }}{{ ( index .Values.ingress.main.hosts 0 ).host }}{{ else }}placeholder.com{{ end }}{{ else }}placeholder.com{{ end }}" + +envFrom: + - configMapRef: + name: bitwardenconfig + - secretRef: + name: bitwardensecret + + +envValueFrom: + DATABASE_URL: + secretKeyRef: + name: dbcreds + key: url + +database: + # Database type, must be one of: 'sqlite', 'mysql' or 'postgresql'. + type: postgresql + # Enable DB Write-Ahead-Log for SQLite, disabled for other databases. https://github.com/dani-garcia/bitwarden_rs/wiki/Running-without-WAL-enabled + wal: false + ## URL for external databases (mysql://user:pass@host:port or postgresql://user:pass@host:port). + # url: "" + ## Set the size of the database connection pool. + # maxConnections: 10 + ## Connection retries during startup, 0 for infinite. 1 second between retries. + retries: 30 + +# Enabled postgres +# ... for more options see https://github.com/bitnami/charts/tree/master/bitnami/postgresql +postgresql: + enabled: true + postgresqlUsername: homeassistant + postgresqlDatabase: homeassistant + existingSecret: dbcreds + persistence: + enabled: true + existingClaim: db + +## +# Most other defaults are set in questions.yaml +# For other options please refer to the wiki, default_values.yaml or the common library chart +## diff --git a/charts/stable/bitwarden/SCALE/questions.yaml b/charts/stable/vaultwarden/SCALE/questions.yaml similarity index 100% rename from charts/stable/bitwarden/SCALE/questions.yaml rename to charts/stable/vaultwarden/SCALE/questions.yaml diff --git a/charts/stable/vaultwarden/app-readme.md b/charts/stable/vaultwarden/app-readme.md new file mode 100644 index 00000000000..91d64cfa99e --- /dev/null +++ b/charts/stable/vaultwarden/app-readme.md @@ -0,0 +1,2 @@ +Unofficial Bitwarden compatible server written in Rust +This App is supplied by TrueCharts, for more information please visit https://truecharts.org diff --git a/charts/stable/vaultwarden/templates/_configmap.tpl b/charts/stable/vaultwarden/templates/_configmap.tpl new file mode 100644 index 00000000000..8809925abdf --- /dev/null +++ b/charts/stable/vaultwarden/templates/_configmap.tpl @@ -0,0 +1,116 @@ +{{/* Define the configmap */}} +{{- define "vaultwarden.configmap" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: vaultwardenconfig +data: + ROCKET_PORT: "8080" + SIGNUPS_ALLOWED: {{ .Values.vaultwarden.allowSignups | quote }} + {{- if .Values.vaultwarden.signupDomains }} + SIGNUPS_DOMAINS_WHITELIST: {{ join "," .Values.vaultwarden.signupDomains | quote }} + {{- end }} + {{- if and (eq .Values.vaultwarden.verifySignup true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Signup verification requires SMTP to be enabled" nil}}{{end}} + SIGNUPS_VERIFY: {{ .Values.vaultwarden.verifySignup | quote }} + {{- if and (eq .Values.vaultwarden.requireEmail true) (eq .Values.vaultwarden.smtp.enabled false) }}{{ required "Requiring emails for login depends on SMTP" nil}}{{end}} + REQUIRE_DEVICE_EMAIL: {{ .Values.vaultwarden.requireEmail | quote }} + {{- if .Values.vaultwarden.emailAttempts }} + EMAIL_ATTEMPTS_LIMIT: {{ .Values.vaultwarden.emailAttempts | quote }} + {{- end }} + {{- if .Values.vaultwarden.emailTokenExpiration }} + EMAIL_EXPIRATION_TIME: {{ .Values.vaultwarden.emailTokenExpiration | quote }} + {{- end }} + INVITATIONS_ALLOWED: {{ .Values.vaultwarden.allowInvitation | quote }} + {{- if .Values.vaultwarden.defaultInviteName }} + INVITATION_ORG_NAME: {{ .Values.vaultwarden.defaultInviteName | quote }} + {{- end }} + SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPasswordHint | quote }} + WEBSOCKET_ENABLED: {{ .Values.vaultwarden.enableWebsockets | quote }} + WEB_VAULT_ENABLED: {{ .Values.vaultwarden.enableWebVault | quote }} + ORG_CREATION_USERS: {{ .Values.vaultwarden.orgCreationUsers | quote }} + {{- if .Values.vaultwarden.attachmentLimitOrg }} + ORG_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitOrg | quote }} + {{- end }} + {{- if .Values.vaultwarden.attachmentLimitUser }} + USER_ATTACHMENT_LIMIT: {{ .Values.vaultwarden.attachmentLimitUser | quote }} + {{- end }} + {{- if .Values.vaultwarden.hibpApiKey }} + HIBP_API_KEY: {{ .Values.vaultwarden.hibpApiKey | quote }} + {{- end }} + {{- include "vaultwarden.dbTypeValid" . }} + {{- if .Values.database.retries }} + DB_CONNECTION_RETRIES: {{ .Values.database.retries | quote }} + {{- end }} + {{- if .Values.database.maxConnections }} + DATABASE_MAX_CONNS: {{ .Values.database.maxConnections | quote }} + {{- end }} + {{- if eq .Values.vaultwarden.smtp.enabled true }} + SMTP_HOST: {{ required "SMTP host is required to enable SMTP" .Values.vaultwarden.smtp.host | quote }} + SMTP_FROM: {{ required "SMTP sender address ('from') is required to enable SMTP" .Values.vaultwarden.smtp.from | quote }} + {{- if .Values.vaultwarden.smtp.fromName }} + SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.ssl }} + SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.port }} + SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.authMechanism }} + SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.heloName }} + HELO_NAME: {{ .Values.vaultwarden.smtp.heloName | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.timeout }} + SMTP_TIMEOUT: {{ .Values.vaultwarden.smtp.timeout | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.invalidHostname }} + SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.invalidHostname | quote }} + {{- end }} + {{- if .Values.vaultwarden.smtp.invalidCertificate }} + SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.invalidCertificate | quote }} + {{- end }} + {{- end }} + {{- if .Values.vaultwarden.log.file }} + LOG_FILE: {{ .Values.vaultwarden.log.file | quote }} + {{- end }} + {{- if or .Values.vaultwarden.log.level .Values.vaultwarden.log.timeFormat }} + EXTENDED_LOGGING: "true" + {{- end }} + {{- if .Values.vaultwarden.log.level }} + {{- include "vaultwarden.logLevelValid" . }} + LOG_LEVEL: {{ .Values.vaultwarden.log.level | quote }} + {{- end }} + {{- if .Values.vaultwarden.log.timeFormat }} + LOG_TIMESTAMP_FORMAT: {{ .Values.vaultwarden.log.timeFormat | quote }} + {{- end }} + {{- if .Values.vaultwarden.icons.disableDownload }} + DISABLE_ICON_DOWNLOAD: {{ .Values.vaultwarden.icons.disableDownload | quote }} + {{- if and (not .Values.vaultwarden.icons.cache) (eq .Values.vaultwarden.icons.disableDownload "true") }} + ICON_CACHE_TTL: "0" + {{- end }} + {{- end }} + {{- if .Values.vaultwarden.icons.cache }} + ICON_CACHE_TTL: {{ .Values.vaultwarden.icons.cache | quote }} + {{- end }} + {{- if .Values.vaultwarden.icons.cacheFailed }} + ICON_CACHE_NEGTTL: {{ .Values.vaultwarden.icons.cacheFailed | quote }} + {{- end }} + {{- if eq .Values.vaultwarden.admin.enabled true }} + {{- if eq .Values.vaultwarden.admin.disableAdminToken true }} + DISABLE_ADMIN_TOKEN: "true" + {{- end }} + {{- end }} + {{- if eq .Values.vaultwarden.yubico.enabled true }} + {{- if .Values.vaultwarden.yubico.server }} + YUBICO_SERVER: {{ .Values.vaultwarden.yubico.server | quote }} + {{- end }} + {{- end }} + {{- if eq .Values.database.type "sqlite" }} + ENABLE_DB_WAL: {{ .Values.database.wal | quote }} + {{- else }} + ENABLE_DB_WAL: "false" + {{- end }} +{{- end -}} diff --git a/charts/stable/vaultwarden/templates/_secrets.tpl b/charts/stable/vaultwarden/templates/_secrets.tpl new file mode 100644 index 00000000000..ac57e81471d --- /dev/null +++ b/charts/stable/vaultwarden/templates/_secrets.tpl @@ -0,0 +1,59 @@ +{{/* Define the secrets */}} +{{- define "vaultwarden.secrets" -}} + +{{- $adminToken := "" }} +{{- if eq .Values.vaultwarden.admin.enabled true }} +{{- $adminToken = .Values.vaultwarden.admin.token | default (randAlphaNum 48) | b64enc | quote }} +{{- end -}} + +{{- $smtpUser := "" }} +{{- if and (eq .Values.vaultwarden.smtp.enabled true ) (.Values.vaultwarden.smtp.user) }} +{{- $smtpUser = .Values.vaultwarden.smtp.user | b64enc | quote }} +{{- end -}} + +{{- $yubicoClientId := "" }} +{{- if eq .Values.vaultwarden.yubico.enabled true }} +{{- $yubicoClientId = required "Yubico Client ID required" .Values.vaultwarden.yubico.clientId | toString | b64enc | quote }} +{{- end -}} +--- + +apiVersion: v1 +kind: Secret +metadata: + name: vaultwardensecret +data: + {{- if ne $adminToken "" }} + ADMIN_TOKEN: {{ $adminToken }} + {{- end }} + {{- if ne $smtpUser "" }} + SMTP_USERNAME: {{ $smtpUser }} + SMTP_PASSWORD: {{ required "Must specify SMTP password" .Values.vaultwarden.smtp.password | b64enc | quote }} + {{- end }} + {{- if ne $yubicoClientId "" }} + YUBICO_CLIENT_ID: {{ $yubicoClientId }} + YUBICO_SECRET_KEY: {{ required "Yubico Secret Key required" .Values.vaultwarden.yubico.secretKey | b64enc | quote }} + {{- end }} + +--- + +apiVersion: v1 +kind: Secret +metadata: + labels: + {{- include "common.labels" . | nindent 4 }} + name: dbcreds +{{- $previous := lookup "v1" "Secret" .Release.Namespace "dbcreds" }} +{{- $dbPass := "" }} +data: +{{- if $previous }} + {{- $dbPass = ( index $previous.data "postgresql-password" ) | b64dec }} + postgresql-password: {{ ( index $previous.data "postgresql-password" ) }} + postgresql-postgres-password: {{ ( index $previous.data "postgresql-postgres-password" ) }} +{{- else }} + {{- $dbPass = randAlphaNum 50 }} + postgresql-password: {{ $dbPass | b64enc | quote }} + postgresql-postgres-password: {{ randAlphaNum 50 | b64enc | quote }} +{{- end }} + url: {{ ( printf "%v%v:%v@%v:%v/%v" "postgresql://" .Values.postgresql.postgresqlUsername $dbPass "postgresql" "5432" .Values.postgresql.postgresqlDatabase ) | b64enc | quote }} +type: Opaque +{{- end -}} diff --git a/charts/stable/vaultwarden/templates/_validate.tpl b/charts/stable/vaultwarden/templates/_validate.tpl new file mode 100644 index 00000000000..e4832c2f6e5 --- /dev/null +++ b/charts/stable/vaultwarden/templates/_validate.tpl @@ -0,0 +1,17 @@ +{{/* +Ensure valid DB type is select, defaults to SQLite +*/}} +{{- define "vaultwarden.dbTypeValid" -}} +{{- if not (or (eq .Values.database.type "postgresql") (eq .Values.database.type "mysql") (eq .Values.database.type "sqlite")) }} +{{- required "Invalid database type" nil }} +{{- end -}} +{{- end -}} + +{{/* +Ensure log type is valid +*/}} +{{- define "vaultwarden.logLevelValid" -}} +{{- if not (or (eq .Values.vaultwarden.log.level "trace") (eq .Values.vaultwarden.log.level "debug") (eq .Values.vaultwarden.log.level "info") (eq .Values.vaultwarden.log.level "warn") (eq .Values.vaultwarden.log.level "error") (eq .Values.vaultwarden.log.level "off")) }} +{{- required "Invalid log level" nil }} +{{- end }} +{{- end }} diff --git a/charts/stable/vaultwarden/templates/common.yaml b/charts/stable/vaultwarden/templates/common.yaml new file mode 100644 index 00000000000..74f04d2d8c2 --- /dev/null +++ b/charts/stable/vaultwarden/templates/common.yaml @@ -0,0 +1,11 @@ +{{/* Make sure all variables are set properly */}} +{{- include "common.values.setup" . }} + +{{/* Render the templates */}} +{{ include "common.all" . }} + +{{/* Render configmap for vaultwarden */}} +{{- include "vaultwarden.configmap" . }} + +{{/* Render secrets for vaultwarden */}} +{{- include "vaultwarden.secrets" . }} diff --git a/charts/stable/bitwarden/values.yaml b/charts/stable/vaultwarden/values.yaml similarity index 97% rename from charts/stable/bitwarden/values.yaml rename to charts/stable/vaultwarden/values.yaml index 9d937510ad9..5f43e6f7b69 100644 --- a/charts/stable/bitwarden/values.yaml +++ b/charts/stable/vaultwarden/values.yaml @@ -1,7 +1,7 @@ # Default values for Bitwarden. image: - repository: bitwardenrs/server + repository: vaultwarden/server pullPolicy: IfNotPresent tag: 1.21.0 @@ -26,9 +26,9 @@ envTpl: envFrom: - configMapRef: - name: bitwardenconfig + name: vaultwardenconfig - secretRef: - name: bitwardensecret + name: vaultwardensecret envValueFrom: DATABASE_URL: @@ -49,7 +49,7 @@ database: # retries: 15 # Set Bitwarden_rs application variables -bitwardenrs: +vaultwarden: # Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users allowSignups: true ## Whitelist domains allowed to sign-up. 'allowSignups' is ignored if set. @@ -175,8 +175,8 @@ persistence: # ... for more options see https://github.com/bitnami/charts/tree/master/bitnami/postgresql postgresql: enabled: true - postgresqlUsername: homeassistant - postgresqlDatabase: homeassistant + postgresqlUsername: vaultwarden + postgresqlDatabase: vaultwarden existingSecret: dbcreds persistence: enabled: false diff --git a/charts/stable/zwavejs2mqtt/Chart.yaml b/charts/stable/zwavejs2mqtt/Chart.yaml index 527a262be9a..6f0927c0eef 100644 --- a/charts/stable/zwavejs2mqtt/Chart.yaml +++ b/charts/stable/zwavejs2mqtt/Chart.yaml @@ -22,7 +22,7 @@ sources: dependencies: - name: common repository: https://truecharts.org/ - version: 4.1.2 + version: 4.1.5 # condition: maintainers: - name: TrueCharts