Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code

feat(plik) add plik (#5528) 

* feat(plik) add plik

* update tag

* Update charts/incubator/plik/Chart.yaml

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

* plik secret

* secretName

* UI

* integer?

* typo

* fix config

* whoops

* don't set defaultMode

* Apply suggestions from code review

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros kois <s.kois@outlook.com>
This commit is contained in:
Xstar97 2022-12-26 15:44:39 -05:00 committed by GitHub
parent a8900e9b64
commit d74174a634
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 889 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
charts/incubator/plik/.helmignore Normal file
View File

@ -0,0 +1,30 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# OWNERS file for Kubernetes
OWNERS
# helm-docs templates
*.gotmpl
# docs folder
/docs
# icon
icon.png

1
charts/incubator/plik/CHANGELOG.md Normal file
View File

@ -0,0 +1 @@
# Changelog

33
charts/incubator/plik/Chart.yaml Normal file
View File

@ -0,0 +1,33 @@
apiVersion: v2
appVersion: "1.3.6"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 11.1.1
- condition: postgresql.enabled
name: postgresql
repository: https://charts.truecharts.org/
version: 11.0.16
deprecated: false
description: A scalable file uploading system with multiple backends.
home: https://truecharts.org/docs/charts/stable/plik
icon: https://truecharts.org/img/hotlink-ok/chart-icons/plik.png
keywords:
- plik
- files
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: plik
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/plik
- https://github.com/root-gg/plik
type: application
version: 0.0.1
annotations:
truecharts.org/catagories: |
- files
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

1
charts/incubator/plik/README.md Normal file
View File

@ -0,0 +1 @@
# plik

BIN
charts/incubator/plik/icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 11 KiB

608
charts/incubator/plik/questions.yaml Normal file
View File

@ -0,0 +1,608 @@
# Include{groups}
portals:
open:
# Include{portalLink}
questions:
# Include{global}
# Include{controller}
# Include{replicas}
# Include{replica1}
# Include{controllerExpertExtraArgs}
- variable: plik
group: App Configuration
label: Plik Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: general
label: General
schema:
additional_attrs: true
type: dict
attrs:
- variable: debug
label: Debug
description: Enable debug mode
schema:
type: boolean
default: false
- variable: debug_requests
label: Debug Requests
description: Log HTTP request and responses
schema:
type: boolean
default: false
- variable: log_level
label: Log Level
description: Log Level
schema:
type: string
required: true
default: INFO
enum:
- value: INFO
description: Info
- value: DEBUG
description: Debug
- value: WARNING
description: Warning
- value: CRITICAL
description: Critical
- variable: abuse_contact
label: Abuse Contact
description: Abuse contact to be displayed in the footer of the webapp (email address)
schema:
type: string
default: ""
- variable: network
label: Network
schema:
additional_attrs: true
type: dict
attrs:
- variable: download_domain
label: Download Domain
description: Enforce download domain (eg https://dl.plik.root.gg). Necessary for quick upload to work.
schema:
type: string
required: true
default: ""
- variable: download_domain_alias
label: Download Domain Alias
description: Set download domain aliases
schema:
type: list
show_if: [["download_domain", "!=", ""]]
default: []
items:
- variable: alias
label: Alias Entry
description:
schema:
type: string
required: true
default: ""
- variable: enhanced_web_security
label: Enhanced Web Security
description: Enable additional security headers (X-Content-Type-Options, X-XSS-Protection, X-Frame-Options, Content-Security-Policy, Secure Cookies, ...)
schema:
type: boolean
default: false
- variable: session_timeout
label: Session Timeout
description: Web UI authentication session timeout
schema:
type: string
required: true
default: 365d
- variable: source_ip_header
label: Source IP Header
description: If behind reverse proxy (eg X-FORWARDED-FOR)
schema:
type: string
default: ""
- variable: upload_whitelist
label: Upload Whitelist
description: Restrict upload ans user creation to one or more IP range (CIDR notation, /32 can be omitted)
schema:
type: list
default: []
items:
- variable: ip
label: IP Entry
description:
schema:
type: string
required: true
default: ""
- variable: files
label: Files
schema:
additional_attrs: true
type: dict
attrs:
- variable: max_file_size
label: Max File Size
schema:
type: string
required: true
default: 10GB
- variable: max_files_per_upload
label: Max Files Per Upload
schema:
type: int
required: true
default: 1000
- variable: default_ttl
label: Default TTL
schema:
type: string
required: true
default: 30d
- variable: max_ttl
label: Max TTL
schema:
type: string
required: true
default: 30d
- variable: data_backend
label: Data Backend
schema:
type: string
required: true
default: file
enum:
- value: file
description: File
- value: s3
description: S3
- value: gcs
description: Google Cloud Storage
- value: swift
description: Swift
- variable: gcs
label: Google Cloud Storage
schema:
additional_attrs: true
show_if: [["data_backend", "=", "gcs"]]
type: dict
attrs:
- variable: bucket
label: Bucket
schema:
type: string
required: true
default: ""
- variable: folder
label: Folder
schema:
type: string
required: true
default: ""
- variable: s3
label: S3
schema:
additional_attrs: true
show_if: [["data_backend", "=", "s3"]]
type: dict
attrs:
- variable: bucket
label: Bucket
schema:
type: string
required: true
default: ""
- variable: endpoint
label: Endpoint
schema:
type: string
required: true
default: ""
- variable: access_key_id
label: Access Key ID
schema:
type: string
required: true
private: true
default: ""
- variable: secret_access_key
label: Secret Access Key
schema:
type: string
required: true
private: true
default: ""
- variable: location
label: Location
schema:
type: string
required: true
default: ""
- variable: prefix
label: Prefix
schema:
type: string
required: true
default: ""
- variable: use_ssl
label: Use SSL
schema:
type: boolean
default: true
- variable: part_size
label: Part Size
description: Chunk size when file size is not known. Multiply by 10000 to get the max upload file size.
schema:
type: int
required: true
default: 16000000
- variable: sse
label: SSE
description: SSE-C - Server-Side-Encryption with customer provided keys (Managed by Plik) / S3 - Server-Side-Encryption using S3 storage encryption (Managed by S3 Backend)
schema:
type: string
default: ""
enum:
- value: ""
description: None
- value: SSE-C
description: SSE-C
- value: S3
description: S3
- variable: swift
label: Swift
schema:
additional_attrs: true
show_if: [["data_backend", "=", "swift"]]
type: dict
attrs:
- variable: container
label: Container
schema:
type: string
required: true
default: ""
- variable: auth_url
label: Auth URL
schema:
type: string
required: true
default: https://auth.swiftauthapi.xxx/v2.0/
- variable: username
label: Username
schema:
type: string
required: true
default: ""
- variable: api_key
label: API Key
schema:
type: string
required: true
private: true
default: ""
- variable: domain
label: Domain
description: Name of the domain (v3 auth only)
schema:
type: string
default: ""
- variable: tenant
description: Name of the tenant (v2 auth only)
label: Tenant
schema:
type: string
default: ""
- variable: features
label: Features
schema:
additional_attrs: true
type: dict
attrs:
- variable: authentication
label: Authentication
description: disabled -> no authentication / forced -> no anonymous upload / default -> enabled
schema:
type: string
required: true
default: disabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: one_shot
label: One Shot
description: Upload with files that are automatically deleted after the first download
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: removable
label: Removable
description: Upload with files that anybody can delete
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: stream
label: Stream
description: Upload with files that are not stored on the server
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: password
label: Password
description: Upload that are protected by HTTP basic auth login/password
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: comments
label: Comments
description: Upload with markdown comments / forced -> default
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: set_ttl
label: Set TTL
description: When disabled upload TTL is always set to DefaultTTL
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: extend_ttl
label: Extend TTL
description: Extend upload expiration date by TTL each time it is accessed
schema:
type: string
required: true
default: disabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: clients
label: Clients
description: Display the clients download button in the web UI
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: github
label: Github
description: Display the source code link in the web UI
schema:
type: string
required: true
default: enabled
enum:
- value: disabled
description: Disabled - Feature is always off
- value: enabled
description: Enabled - Feature is opt-in
- value: default
description: Default - Feature is opt-out
- value: forced
description: Forced - Feature is always on
- variable: third_party
label: Third Party
schema:
additional_attrs: true
type: dict
attrs:
- variable: google_api_client_id
label: Google API Client ID
schema:
type: string
private: true
default: ""
- variable: google_api_secret
label: Google API Secret
schema:
type: string
private: true
default: ""
- variable: google_valid_domains
label: Google Valid Domains
description: List of acceptable email domains for users
schema:
type: list
default: []
items:
- variable: domain
label: Domain Entry
description:
schema:
type: string
required: true
default: ""
- variable: ovh_api_key
label: OVH API Key
schema:
type: string
private: true
default: ""
- variable: ovh_api_secret
label: OVH API Secret
schema:
type: string
private: true
default: ""
- variable: ovh_api_endpoint
label: OVH API Secret
schema:
type: string
default: https://eu.api.ovh.com/1.0
# Include{containerConfig}
# Include{serviceRoot}
- variable: main
label: Main Service
description: The Primary service on which the healthcheck runs, often the webUI
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelectorLoadBalancer}
# Include{serviceSelectorExtras}
- variable: main
label: Main Service Port Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
description: This port exposes the container port on the service
schema:
type: int
default: 10599
required: true
# Include{serviceExpertRoot}
default: false
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceRoot}
- variable: data
label: App Data Storage
description: Stores the Application Data.
schema:
additional_attrs: true
type: dict
attrs:
# Include{persistenceBasic}
# Include{persistenceList}
# Include{ingressRoot}
- variable: main
label: Main Ingress
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressList}
# Include{security}
# Include{securityContextAdvancedRoot}
- variable: privileged
label: Privileged mode
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: ReadOnly Root Filesystem
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: Allow Privilege Escalation
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: runAsNonRoot
schema:
type: boolean
default: true
# Include{podSecurityContextRoot}
- variable: runAsUser
label: runAsUser
description: The UserID of the user running the application
schema:
type: int
default: 568
- variable: runAsGroup
label: runAsGroup
description: The groupID this App of the user running the application
schema:
type: int
default: 568
- variable: fsGroup
label: fsGroup
description: The group that should own ALL storage.
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}
# Include{codeserver}
# Include{vpn}
# Include{documentation}

113
charts/incubator/plik/templates/_config.tpl Normal file
View File

@ -0,0 +1,113 @@
{{- define "plik.secret" -}}
{{- $secretName := printf "%s-plik-secret" (include "tc.common.names.fullname" .) }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ $secretName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
stringData:
plikd.cfg: |
ListenPort = {{ .Values.service.main.ports.main.port }}
ListenAddress = "0.0.0.0"
Path = ""
SslEnabled = false
SslCert = "plik.crt"
SslKey = "plik.key"
NoWebInterface = false
WebappDirectory = "../webapp/dist"
ClientsDirectory = "../clients"
ChangelogDirectory = "../changelog"
Debug = {{ .Values.plik.general.debug }}
DebugRequests = {{ .Values.plik.general.debug_requests }}
LogLevel = {{ .Values.plik.general.log_level | quote }}
AbuseContact = {{ .Values.plik.general.abuse_contact | quote }}
DownloadDomain = {{ .Values.plik.network.download_domain | quote }}
{{- with .Values.plik.network.download_domain_alias }}
DownloadDomainAlias = [
{{- range $alias := initial . }}
{{- $alias | quote | nindent 6 }},
{{- end -}}
{{- last . | quote | nindent 6 }}
]
{{- else }}
DownloadDomainAlias = []
{{- end }}
EnhancedWebSecurity = {{ .Values.plik.network.enhanced_web_security }}
SessionTimeout = {{ .Values.plik.network.session_timeout | quote }}
SourceIpHeader = {{ .Values.plik.network.source_ip_header | quote }}
{{- with .Values.plik.network.upload_whitelist }}
UploadWhitelist = [
{{- range $ip := initial . }}
{{- $ip | quote | nindent 6 }},
{{- end -}}
{{- last . | quote | nindent 6 }}
]
{{- else }}
UploadWhitelist = []
{{- end }}
MaxFileSizeStr = {{ .Values.plik.files.max_file_size | quote }}
MaxFilePerUpload = {{ .Values.plik.files.max_files_per_upload }}
DefaultTTLStr = {{ .Values.plik.files.default_ttl | quote }}
MaxTTLStr = {{ .Values.plik.files.max_ttl | quote }}
FeatureAuthentication = {{ .Values.plik.features.authentication | quote }}
FeatureOneShot = {{ .Values.plik.features.one_shot | quote }}
FeatureRemovable = {{ .Values.plik.features.removable | quote }}
FeatureStream = {{ .Values.plik.features.stream | quote }}
FeaturePassword = {{ .Values.plik.features.password | quote }}
FeatureComments = {{ .Values.plik.features.comments | quote }}
FeatureSetTTL = {{ .Values.plik.features.set_ttl | quote }}
FeatureExtendTTL = {{ .Values.plik.features.extend_ttl | quote }}
FeatureClients = {{ .Values.plik.features.clients | quote }}
FeatureGithub = {{ .Values.plik.features.github | quote }}
GoogleApiClientID = {{ .Values.plik.third_party.google_api_client_id | quote }}
GoogleApiSecret = {{ .Values.plik.third_party.google_api_secret | quote }}
{{- with .Values.plik.third_party.google_valid_domains }}
GoogleValidDomains = [
{{- range $domain := initial . }}
{{- $domain | quote | nindent 6 }},
{{- end -}}
{{- last . | quote | nindent 6 }}
]
{{- else }}
GoogleValidDomains = []
{{- end }}
OvhApiKey = {{ .Values.plik.third_party.ovh_api_key | quote }}
OvhApiSecret = {{ .Values.plik.third_party.ovh_api_secret | quote }}
OvhApiEndpoint = {{ .Values.plik.third_party.ovh_api_endpoint | quote }}
{{- $backend := .Values.plik.files.data_backend }}
DataBackend = {{ $backend | quote }}
[MetadataBackendConfig]
Driver = "postgres"
ConnectionString = {{ .Values.postgresql.url.complete | trimAll "\"" | quote }}
Debug = {{ .Values.plik.general.debug }}
[DataBackendConfig]
{{- if eq $backend "file" }}
Directory = {{ .Values.persistence.data.mountPath | quote }}
{{- else if eq $backend "gcs" }}
Bucket = {{ .Values.plik.files.gcs.bucket | quote }}
Folder = {{ .Values.plik.files.gcs.folder | quote }}
{{- else if eq $backend "s3" }}
Endpoint = {{ .Values.plik.files.s3.endpoint | quote }}
AccessKeyID = {{ .Values.plik.files.s3.access_key_id | quote }}
SecretAccessKey = {{ .Values.plik.files.s3.secret_access_key | quote }}
Bucket = {{ .Values.plik.files.s3.bucket | quote }}
Location = {{ .Values.plik.files.s3.location | quote }}
Prefix = {{ .Values.plik.files.s3.prefix | quote }}
UseSSL = {{ .Values.plik.files.s3.use_ssl }}
PartSize = {{ .Values.plik.files.s3.part_size | int }}
SSE = {{ .Values.plik.files.s3.sse | quote }}
{{- else if eq $backend "swift" }}
Container = {{ .Values.plik.files.swift.container | quote }}
AuthUrl = {{ .Values.plik.files.swift.auth_url | quote }}
UserName = {{ .Values.plik.files.swift.username | quote }}
ApiKey = {{ .Values.plik.files.swift.api_key | quote }}
Domain = {{ .Values.plik.files.swift.domain | quote }}
Tenant = {{ .Values.plik.files.swift.tenant | quote }}
{{- end -}}
{{- end -}}

7
charts/incubator/plik/templates/common.yaml Normal file
View File

@ -0,0 +1,7 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{/* Render config */}}
{{- include "plik.secret" . }}
{{ include "tc.common.loader.apply" . }}

96
charts/incubator/plik/values.yaml Normal file
View File

@ -0,0 +1,96 @@
image:
repository: tccr.io/truecharts/plik
pullPolicy: IfNotPresent
tag: 1.3.6@sha256:f9c31219bfb0793c3b9ce4ec304cd52c4dfef106ae452ab0f6a57a0a0b575fbd
# securityContext:
# readOnlyRootFilesystem: false
plik:
general:
debug: false
debug_requests: false
log_level: INFO
abuse_contact: ""
network:
download_domain: "something"
download_domain_alias: []
enhanced_web_security: false
session_timeout: 365d
source_ip_header: ""
upload_whitelist: []
files:
max_file_size: 10GB
max_files_per_upload: 1000
default_ttl: 30d
max_ttl: 30d
# file | gcs | s3 | swift
data_backend: file
gcs:
bucket: ""
folder: ""
s3:
bucket: ""
endpoint: ""
access_key_id: ""
secret_access_key: ""
location: ""
prefix: ""
use_ssl: true
part_size: 16000000
sse: ""
swift:
container: ""
auth_url: https://auth.swiftauthapi.xxx/v2.0/
username: ""
api_key: ""
domain: ""
tenant: ""
features:
authentication: disabled
one_shot: enabled
removable: enabled
stream: enabled
password: enabled
comments: enabled
set_ttl: enabled
extend_ttl: disabled
clients: enabled
github: enabled
third_party:
google_api_client_id: ""
google_api_secret: ""
google_valid_domains: []
ovh_api_key: ""
ovh_api_secret: ""
ovh_api_endpoint: https://eu.api.ovh.com/1.0
service:
main:
ports:
main:
protocol: HTTP
port: 10599
persistence:
data:
enabled: true
mountPath: /data
plikd-config:
enabled: true
mountPath: /home/plik/server/plikd.cfg
subPath: plikd.cfg
type: custom
readOnly: true
volumeSpec:
secret:
secretName: '{{ include "tc.common.names.fullname" . }}-plik-secret'
postgresql:
enabled: true
existingSecret: dbcreds
postgresqlUsername: plik
postgresqlDatabase: plik
portal:
enabled: true