feat(plik) add plik (#5528)
* feat(plik) add plik * update tag * Update charts/incubator/plik/Chart.yaml Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com> * plik secret * secretName * UI * integer? * typo * fix config * whoops * don't set defaultMode * Apply suggestions from code review Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Co-authored-by: Stavros kois <s.kois@outlook.com>
This commit is contained in:
parent
a8900e9b64
commit
d74174a634
|
@ -0,0 +1,30 @@
|
||||||
|
# Patterns to ignore when building packages.
|
||||||
|
# This supports shell glob matching, relative path matching, and
|
||||||
|
# negation (prefixed with !). Only one pattern per line.
|
||||||
|
.DS_Store
|
||||||
|
# Common VCS dirs
|
||||||
|
.git/
|
||||||
|
.gitignore
|
||||||
|
.bzr/
|
||||||
|
.bzrignore
|
||||||
|
.hg/
|
||||||
|
.hgignore
|
||||||
|
.svn/
|
||||||
|
# Common backup files
|
||||||
|
*.swp
|
||||||
|
*.bak
|
||||||
|
*.tmp
|
||||||
|
*~
|
||||||
|
# Various IDEs
|
||||||
|
.project
|
||||||
|
.idea/
|
||||||
|
*.tmproj
|
||||||
|
.vscode/
|
||||||
|
# OWNERS file for Kubernetes
|
||||||
|
OWNERS
|
||||||
|
# helm-docs templates
|
||||||
|
*.gotmpl
|
||||||
|
# docs folder
|
||||||
|
/docs
|
||||||
|
# icon
|
||||||
|
icon.png
|
|
@ -0,0 +1 @@
|
||||||
|
# Changelog
|
|
@ -0,0 +1,33 @@
|
||||||
|
apiVersion: v2
|
||||||
|
appVersion: "1.3.6"
|
||||||
|
dependencies:
|
||||||
|
- name: common
|
||||||
|
repository: https://library-charts.truecharts.org
|
||||||
|
version: 11.1.1
|
||||||
|
- condition: postgresql.enabled
|
||||||
|
name: postgresql
|
||||||
|
repository: https://charts.truecharts.org/
|
||||||
|
version: 11.0.16
|
||||||
|
deprecated: false
|
||||||
|
description: A scalable file uploading system with multiple backends.
|
||||||
|
home: https://truecharts.org/docs/charts/stable/plik
|
||||||
|
icon: https://truecharts.org/img/hotlink-ok/chart-icons/plik.png
|
||||||
|
keywords:
|
||||||
|
- plik
|
||||||
|
- files
|
||||||
|
kubeVersion: ">=1.16.0-0"
|
||||||
|
maintainers:
|
||||||
|
- email: info@truecharts.org
|
||||||
|
name: TrueCharts
|
||||||
|
url: https://truecharts.org
|
||||||
|
name: plik
|
||||||
|
sources:
|
||||||
|
- https://github.com/truecharts/charts/tree/master/charts/stable/plik
|
||||||
|
- https://github.com/root-gg/plik
|
||||||
|
type: application
|
||||||
|
version: 0.0.1
|
||||||
|
annotations:
|
||||||
|
truecharts.org/catagories: |
|
||||||
|
- files
|
||||||
|
truecharts.org/SCALE-support: "true"
|
||||||
|
truecharts.org/grade: U
|
|
@ -0,0 +1 @@
|
||||||
|
# plik
|
Binary file not shown.
After Width: | Height: | Size: 11 KiB |
|
@ -0,0 +1,608 @@
|
||||||
|
# Include{groups}
|
||||||
|
portals:
|
||||||
|
open:
|
||||||
|
# Include{portalLink}
|
||||||
|
questions:
|
||||||
|
# Include{global}
|
||||||
|
# Include{controller}
|
||||||
|
# Include{replicas}
|
||||||
|
# Include{replica1}
|
||||||
|
# Include{controllerExpertExtraArgs}
|
||||||
|
- variable: plik
|
||||||
|
group: App Configuration
|
||||||
|
label: Plik Configuration
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: general
|
||||||
|
label: General
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: debug
|
||||||
|
label: Debug
|
||||||
|
description: Enable debug mode
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
- variable: debug_requests
|
||||||
|
label: Debug Requests
|
||||||
|
description: Log HTTP request and responses
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
- variable: log_level
|
||||||
|
label: Log Level
|
||||||
|
description: Log Level
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: INFO
|
||||||
|
enum:
|
||||||
|
- value: INFO
|
||||||
|
description: Info
|
||||||
|
- value: DEBUG
|
||||||
|
description: Debug
|
||||||
|
- value: WARNING
|
||||||
|
description: Warning
|
||||||
|
- value: CRITICAL
|
||||||
|
description: Critical
|
||||||
|
- variable: abuse_contact
|
||||||
|
label: Abuse Contact
|
||||||
|
description: Abuse contact to be displayed in the footer of the webapp (email address)
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
default: ""
|
||||||
|
- variable: network
|
||||||
|
label: Network
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: download_domain
|
||||||
|
label: Download Domain
|
||||||
|
description: Enforce download domain (eg https://dl.plik.root.gg). Necessary for quick upload to work.
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: download_domain_alias
|
||||||
|
label: Download Domain Alias
|
||||||
|
description: Set download domain aliases
|
||||||
|
schema:
|
||||||
|
type: list
|
||||||
|
show_if: [["download_domain", "!=", ""]]
|
||||||
|
default: []
|
||||||
|
items:
|
||||||
|
- variable: alias
|
||||||
|
label: Alias Entry
|
||||||
|
description:
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: enhanced_web_security
|
||||||
|
label: Enhanced Web Security
|
||||||
|
description: Enable additional security headers (X-Content-Type-Options, X-XSS-Protection, X-Frame-Options, Content-Security-Policy, Secure Cookies, ...)
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
- variable: session_timeout
|
||||||
|
label: Session Timeout
|
||||||
|
description: Web UI authentication session timeout
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: 365d
|
||||||
|
- variable: source_ip_header
|
||||||
|
label: Source IP Header
|
||||||
|
description: If behind reverse proxy (eg X-FORWARDED-FOR)
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
default: ""
|
||||||
|
- variable: upload_whitelist
|
||||||
|
label: Upload Whitelist
|
||||||
|
description: Restrict upload ans user creation to one or more IP range (CIDR notation, /32 can be omitted)
|
||||||
|
schema:
|
||||||
|
type: list
|
||||||
|
default: []
|
||||||
|
items:
|
||||||
|
- variable: ip
|
||||||
|
label: IP Entry
|
||||||
|
description:
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: files
|
||||||
|
label: Files
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: max_file_size
|
||||||
|
label: Max File Size
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: 10GB
|
||||||
|
- variable: max_files_per_upload
|
||||||
|
label: Max Files Per Upload
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
required: true
|
||||||
|
default: 1000
|
||||||
|
- variable: default_ttl
|
||||||
|
label: Default TTL
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: 30d
|
||||||
|
- variable: max_ttl
|
||||||
|
label: Max TTL
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: 30d
|
||||||
|
- variable: data_backend
|
||||||
|
label: Data Backend
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: file
|
||||||
|
enum:
|
||||||
|
- value: file
|
||||||
|
description: File
|
||||||
|
- value: s3
|
||||||
|
description: S3
|
||||||
|
- value: gcs
|
||||||
|
description: Google Cloud Storage
|
||||||
|
- value: swift
|
||||||
|
description: Swift
|
||||||
|
- variable: gcs
|
||||||
|
label: Google Cloud Storage
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
show_if: [["data_backend", "=", "gcs"]]
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: bucket
|
||||||
|
label: Bucket
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: folder
|
||||||
|
label: Folder
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: s3
|
||||||
|
label: S3
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
show_if: [["data_backend", "=", "s3"]]
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: bucket
|
||||||
|
label: Bucket
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: endpoint
|
||||||
|
label: Endpoint
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: access_key_id
|
||||||
|
label: Access Key ID
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
private: true
|
||||||
|
default: ""
|
||||||
|
- variable: secret_access_key
|
||||||
|
label: Secret Access Key
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
private: true
|
||||||
|
default: ""
|
||||||
|
- variable: location
|
||||||
|
label: Location
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: prefix
|
||||||
|
label: Prefix
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: use_ssl
|
||||||
|
label: Use SSL
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: true
|
||||||
|
- variable: part_size
|
||||||
|
label: Part Size
|
||||||
|
description: Chunk size when file size is not known. Multiply by 10000 to get the max upload file size.
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
required: true
|
||||||
|
default: 16000000
|
||||||
|
- variable: sse
|
||||||
|
label: SSE
|
||||||
|
description: SSE-C - Server-Side-Encryption with customer provided keys (Managed by Plik) / S3 - Server-Side-Encryption using S3 storage encryption (Managed by S3 Backend)
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
default: ""
|
||||||
|
enum:
|
||||||
|
- value: ""
|
||||||
|
description: None
|
||||||
|
- value: SSE-C
|
||||||
|
description: SSE-C
|
||||||
|
- value: S3
|
||||||
|
description: S3
|
||||||
|
- variable: swift
|
||||||
|
label: Swift
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
show_if: [["data_backend", "=", "swift"]]
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: container
|
||||||
|
label: Container
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: auth_url
|
||||||
|
label: Auth URL
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: https://auth.swiftauthapi.xxx/v2.0/
|
||||||
|
- variable: username
|
||||||
|
label: Username
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: api_key
|
||||||
|
label: API Key
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
private: true
|
||||||
|
default: ""
|
||||||
|
- variable: domain
|
||||||
|
label: Domain
|
||||||
|
description: Name of the domain (v3 auth only)
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
default: ""
|
||||||
|
- variable: tenant
|
||||||
|
description: Name of the tenant (v2 auth only)
|
||||||
|
label: Tenant
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
default: ""
|
||||||
|
- variable: features
|
||||||
|
label: Features
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: authentication
|
||||||
|
label: Authentication
|
||||||
|
description: disabled -> no authentication / forced -> no anonymous upload / default -> enabled
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: disabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: one_shot
|
||||||
|
label: One Shot
|
||||||
|
description: Upload with files that are automatically deleted after the first download
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: removable
|
||||||
|
label: Removable
|
||||||
|
description: Upload with files that anybody can delete
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: stream
|
||||||
|
label: Stream
|
||||||
|
description: Upload with files that are not stored on the server
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: password
|
||||||
|
label: Password
|
||||||
|
description: Upload that are protected by HTTP basic auth login/password
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: comments
|
||||||
|
label: Comments
|
||||||
|
description: Upload with markdown comments / forced -> default
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: set_ttl
|
||||||
|
label: Set TTL
|
||||||
|
description: When disabled upload TTL is always set to DefaultTTL
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: extend_ttl
|
||||||
|
label: Extend TTL
|
||||||
|
description: Extend upload expiration date by TTL each time it is accessed
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: disabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: clients
|
||||||
|
label: Clients
|
||||||
|
description: Display the clients download button in the web UI
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: github
|
||||||
|
label: Github
|
||||||
|
description: Display the source code link in the web UI
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: enabled
|
||||||
|
enum:
|
||||||
|
- value: disabled
|
||||||
|
description: Disabled - Feature is always off
|
||||||
|
- value: enabled
|
||||||
|
description: Enabled - Feature is opt-in
|
||||||
|
- value: default
|
||||||
|
description: Default - Feature is opt-out
|
||||||
|
- value: forced
|
||||||
|
description: Forced - Feature is always on
|
||||||
|
- variable: third_party
|
||||||
|
label: Third Party
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: google_api_client_id
|
||||||
|
label: Google API Client ID
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
private: true
|
||||||
|
default: ""
|
||||||
|
- variable: google_api_secret
|
||||||
|
label: Google API Secret
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
private: true
|
||||||
|
default: ""
|
||||||
|
- variable: google_valid_domains
|
||||||
|
label: Google Valid Domains
|
||||||
|
description: List of acceptable email domains for users
|
||||||
|
schema:
|
||||||
|
type: list
|
||||||
|
default: []
|
||||||
|
items:
|
||||||
|
- variable: domain
|
||||||
|
label: Domain Entry
|
||||||
|
description:
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
required: true
|
||||||
|
default: ""
|
||||||
|
- variable: ovh_api_key
|
||||||
|
label: OVH API Key
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
private: true
|
||||||
|
default: ""
|
||||||
|
- variable: ovh_api_secret
|
||||||
|
label: OVH API Secret
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
private: true
|
||||||
|
default: ""
|
||||||
|
- variable: ovh_api_endpoint
|
||||||
|
label: OVH API Secret
|
||||||
|
schema:
|
||||||
|
type: string
|
||||||
|
default: https://eu.api.ovh.com/1.0
|
||||||
|
# Include{containerConfig}
|
||||||
|
# Include{serviceRoot}
|
||||||
|
- variable: main
|
||||||
|
label: Main Service
|
||||||
|
description: The Primary service on which the healthcheck runs, often the webUI
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
# Include{serviceSelectorLoadBalancer}
|
||||||
|
# Include{serviceSelectorExtras}
|
||||||
|
- variable: main
|
||||||
|
label: Main Service Port Configuration
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
- variable: port
|
||||||
|
label: Port
|
||||||
|
description: This port exposes the container port on the service
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
default: 10599
|
||||||
|
required: true
|
||||||
|
# Include{serviceExpertRoot}
|
||||||
|
default: false
|
||||||
|
# Include{serviceExpert}
|
||||||
|
# Include{serviceList}
|
||||||
|
# Include{persistenceRoot}
|
||||||
|
- variable: data
|
||||||
|
label: App Data Storage
|
||||||
|
description: Stores the Application Data.
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
# Include{persistenceBasic}
|
||||||
|
# Include{persistenceList}
|
||||||
|
# Include{ingressRoot}
|
||||||
|
- variable: main
|
||||||
|
label: Main Ingress
|
||||||
|
schema:
|
||||||
|
additional_attrs: true
|
||||||
|
type: dict
|
||||||
|
attrs:
|
||||||
|
# Include{ingressDefault}
|
||||||
|
# Include{ingressTLS}
|
||||||
|
# Include{ingressTraefik}
|
||||||
|
# Include{ingressList}
|
||||||
|
# Include{security}
|
||||||
|
# Include{securityContextAdvancedRoot}
|
||||||
|
- variable: privileged
|
||||||
|
label: Privileged mode
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
- variable: readOnlyRootFilesystem
|
||||||
|
label: ReadOnly Root Filesystem
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
- variable: allowPrivilegeEscalation
|
||||||
|
label: Allow Privilege Escalation
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: false
|
||||||
|
- variable: runAsNonRoot
|
||||||
|
label: runAsNonRoot
|
||||||
|
schema:
|
||||||
|
type: boolean
|
||||||
|
default: true
|
||||||
|
# Include{podSecurityContextRoot}
|
||||||
|
- variable: runAsUser
|
||||||
|
label: runAsUser
|
||||||
|
description: The UserID of the user running the application
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
default: 568
|
||||||
|
- variable: runAsGroup
|
||||||
|
label: runAsGroup
|
||||||
|
description: The groupID this App of the user running the application
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
default: 568
|
||||||
|
- variable: fsGroup
|
||||||
|
label: fsGroup
|
||||||
|
description: The group that should own ALL storage.
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
default: 568
|
||||||
|
# Include{podSecurityContextAdvanced}
|
||||||
|
# Include{resources}
|
||||||
|
# Include{advanced}
|
||||||
|
# Include{addons}
|
||||||
|
# Include{codeserver}
|
||||||
|
# Include{vpn}
|
||||||
|
# Include{documentation}
|
|
@ -0,0 +1,113 @@
|
||||||
|
{{- define "plik.secret" -}}
|
||||||
|
|
||||||
|
{{- $secretName := printf "%s-plik-secret" (include "tc.common.names.fullname" .) }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
type: Opaque
|
||||||
|
metadata:
|
||||||
|
name: {{ $secretName }}
|
||||||
|
labels:
|
||||||
|
{{- include "tc.common.labels" . | nindent 4 }}
|
||||||
|
stringData:
|
||||||
|
plikd.cfg: |
|
||||||
|
ListenPort = {{ .Values.service.main.ports.main.port }}
|
||||||
|
ListenAddress = "0.0.0.0"
|
||||||
|
Path = ""
|
||||||
|
SslEnabled = false
|
||||||
|
SslCert = "plik.crt"
|
||||||
|
SslKey = "plik.key"
|
||||||
|
NoWebInterface = false
|
||||||
|
WebappDirectory = "../webapp/dist"
|
||||||
|
ClientsDirectory = "../clients"
|
||||||
|
ChangelogDirectory = "../changelog"
|
||||||
|
Debug = {{ .Values.plik.general.debug }}
|
||||||
|
DebugRequests = {{ .Values.plik.general.debug_requests }}
|
||||||
|
LogLevel = {{ .Values.plik.general.log_level | quote }}
|
||||||
|
AbuseContact = {{ .Values.plik.general.abuse_contact | quote }}
|
||||||
|
DownloadDomain = {{ .Values.plik.network.download_domain | quote }}
|
||||||
|
{{- with .Values.plik.network.download_domain_alias }}
|
||||||
|
DownloadDomainAlias = [
|
||||||
|
{{- range $alias := initial . }}
|
||||||
|
{{- $alias | quote | nindent 6 }},
|
||||||
|
{{- end -}}
|
||||||
|
{{- last . | quote | nindent 6 }}
|
||||||
|
]
|
||||||
|
{{- else }}
|
||||||
|
DownloadDomainAlias = []
|
||||||
|
{{- end }}
|
||||||
|
EnhancedWebSecurity = {{ .Values.plik.network.enhanced_web_security }}
|
||||||
|
SessionTimeout = {{ .Values.plik.network.session_timeout | quote }}
|
||||||
|
SourceIpHeader = {{ .Values.plik.network.source_ip_header | quote }}
|
||||||
|
{{- with .Values.plik.network.upload_whitelist }}
|
||||||
|
UploadWhitelist = [
|
||||||
|
{{- range $ip := initial . }}
|
||||||
|
{{- $ip | quote | nindent 6 }},
|
||||||
|
{{- end -}}
|
||||||
|
{{- last . | quote | nindent 6 }}
|
||||||
|
]
|
||||||
|
{{- else }}
|
||||||
|
UploadWhitelist = []
|
||||||
|
{{- end }}
|
||||||
|
MaxFileSizeStr = {{ .Values.plik.files.max_file_size | quote }}
|
||||||
|
MaxFilePerUpload = {{ .Values.plik.files.max_files_per_upload }}
|
||||||
|
DefaultTTLStr = {{ .Values.plik.files.default_ttl | quote }}
|
||||||
|
MaxTTLStr = {{ .Values.plik.files.max_ttl | quote }}
|
||||||
|
|
||||||
|
FeatureAuthentication = {{ .Values.plik.features.authentication | quote }}
|
||||||
|
FeatureOneShot = {{ .Values.plik.features.one_shot | quote }}
|
||||||
|
FeatureRemovable = {{ .Values.plik.features.removable | quote }}
|
||||||
|
FeatureStream = {{ .Values.plik.features.stream | quote }}
|
||||||
|
FeaturePassword = {{ .Values.plik.features.password | quote }}
|
||||||
|
FeatureComments = {{ .Values.plik.features.comments | quote }}
|
||||||
|
FeatureSetTTL = {{ .Values.plik.features.set_ttl | quote }}
|
||||||
|
FeatureExtendTTL = {{ .Values.plik.features.extend_ttl | quote }}
|
||||||
|
FeatureClients = {{ .Values.plik.features.clients | quote }}
|
||||||
|
FeatureGithub = {{ .Values.plik.features.github | quote }}
|
||||||
|
GoogleApiClientID = {{ .Values.plik.third_party.google_api_client_id | quote }}
|
||||||
|
GoogleApiSecret = {{ .Values.plik.third_party.google_api_secret | quote }}
|
||||||
|
{{- with .Values.plik.third_party.google_valid_domains }}
|
||||||
|
GoogleValidDomains = [
|
||||||
|
{{- range $domain := initial . }}
|
||||||
|
{{- $domain | quote | nindent 6 }},
|
||||||
|
{{- end -}}
|
||||||
|
{{- last . | quote | nindent 6 }}
|
||||||
|
]
|
||||||
|
{{- else }}
|
||||||
|
GoogleValidDomains = []
|
||||||
|
{{- end }}
|
||||||
|
OvhApiKey = {{ .Values.plik.third_party.ovh_api_key | quote }}
|
||||||
|
OvhApiSecret = {{ .Values.plik.third_party.ovh_api_secret | quote }}
|
||||||
|
OvhApiEndpoint = {{ .Values.plik.third_party.ovh_api_endpoint | quote }}
|
||||||
|
|
||||||
|
{{- $backend := .Values.plik.files.data_backend }}
|
||||||
|
DataBackend = {{ $backend | quote }}
|
||||||
|
[MetadataBackendConfig]
|
||||||
|
Driver = "postgres"
|
||||||
|
ConnectionString = {{ .Values.postgresql.url.complete | trimAll "\"" | quote }}
|
||||||
|
Debug = {{ .Values.plik.general.debug }}
|
||||||
|
[DataBackendConfig]
|
||||||
|
{{- if eq $backend "file" }}
|
||||||
|
Directory = {{ .Values.persistence.data.mountPath | quote }}
|
||||||
|
{{- else if eq $backend "gcs" }}
|
||||||
|
Bucket = {{ .Values.plik.files.gcs.bucket | quote }}
|
||||||
|
Folder = {{ .Values.plik.files.gcs.folder | quote }}
|
||||||
|
{{- else if eq $backend "s3" }}
|
||||||
|
Endpoint = {{ .Values.plik.files.s3.endpoint | quote }}
|
||||||
|
AccessKeyID = {{ .Values.plik.files.s3.access_key_id | quote }}
|
||||||
|
SecretAccessKey = {{ .Values.plik.files.s3.secret_access_key | quote }}
|
||||||
|
Bucket = {{ .Values.plik.files.s3.bucket | quote }}
|
||||||
|
Location = {{ .Values.plik.files.s3.location | quote }}
|
||||||
|
Prefix = {{ .Values.plik.files.s3.prefix | quote }}
|
||||||
|
UseSSL = {{ .Values.plik.files.s3.use_ssl }}
|
||||||
|
PartSize = {{ .Values.plik.files.s3.part_size | int }}
|
||||||
|
SSE = {{ .Values.plik.files.s3.sse | quote }}
|
||||||
|
{{- else if eq $backend "swift" }}
|
||||||
|
Container = {{ .Values.plik.files.swift.container | quote }}
|
||||||
|
AuthUrl = {{ .Values.plik.files.swift.auth_url | quote }}
|
||||||
|
UserName = {{ .Values.plik.files.swift.username | quote }}
|
||||||
|
ApiKey = {{ .Values.plik.files.swift.api_key | quote }}
|
||||||
|
Domain = {{ .Values.plik.files.swift.domain | quote }}
|
||||||
|
Tenant = {{ .Values.plik.files.swift.tenant | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,7 @@
|
||||||
|
{{/* Make sure all variables are set properly */}}
|
||||||
|
{{- include "tc.common.loader.init" . }}
|
||||||
|
|
||||||
|
{{/* Render config */}}
|
||||||
|
{{- include "plik.secret" . }}
|
||||||
|
|
||||||
|
{{ include "tc.common.loader.apply" . }}
|
|
@ -0,0 +1,96 @@
|
||||||
|
image:
|
||||||
|
repository: tccr.io/truecharts/plik
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
tag: 1.3.6@sha256:f9c31219bfb0793c3b9ce4ec304cd52c4dfef106ae452ab0f6a57a0a0b575fbd
|
||||||
|
|
||||||
|
# securityContext:
|
||||||
|
# readOnlyRootFilesystem: false
|
||||||
|
|
||||||
|
plik:
|
||||||
|
general:
|
||||||
|
debug: false
|
||||||
|
debug_requests: false
|
||||||
|
log_level: INFO
|
||||||
|
abuse_contact: ""
|
||||||
|
network:
|
||||||
|
download_domain: "something"
|
||||||
|
download_domain_alias: []
|
||||||
|
enhanced_web_security: false
|
||||||
|
session_timeout: 365d
|
||||||
|
source_ip_header: ""
|
||||||
|
upload_whitelist: []
|
||||||
|
files:
|
||||||
|
max_file_size: 10GB
|
||||||
|
max_files_per_upload: 1000
|
||||||
|
default_ttl: 30d
|
||||||
|
max_ttl: 30d
|
||||||
|
# file | gcs | s3 | swift
|
||||||
|
data_backend: file
|
||||||
|
gcs:
|
||||||
|
bucket: ""
|
||||||
|
folder: ""
|
||||||
|
s3:
|
||||||
|
bucket: ""
|
||||||
|
endpoint: ""
|
||||||
|
access_key_id: ""
|
||||||
|
secret_access_key: ""
|
||||||
|
location: ""
|
||||||
|
prefix: ""
|
||||||
|
use_ssl: true
|
||||||
|
part_size: 16000000
|
||||||
|
sse: ""
|
||||||
|
swift:
|
||||||
|
container: ""
|
||||||
|
auth_url: https://auth.swiftauthapi.xxx/v2.0/
|
||||||
|
username: ""
|
||||||
|
api_key: ""
|
||||||
|
domain: ""
|
||||||
|
tenant: ""
|
||||||
|
features:
|
||||||
|
authentication: disabled
|
||||||
|
one_shot: enabled
|
||||||
|
removable: enabled
|
||||||
|
stream: enabled
|
||||||
|
password: enabled
|
||||||
|
comments: enabled
|
||||||
|
set_ttl: enabled
|
||||||
|
extend_ttl: disabled
|
||||||
|
clients: enabled
|
||||||
|
github: enabled
|
||||||
|
third_party:
|
||||||
|
google_api_client_id: ""
|
||||||
|
google_api_secret: ""
|
||||||
|
google_valid_domains: []
|
||||||
|
ovh_api_key: ""
|
||||||
|
ovh_api_secret: ""
|
||||||
|
ovh_api_endpoint: https://eu.api.ovh.com/1.0
|
||||||
|
|
||||||
|
service:
|
||||||
|
main:
|
||||||
|
ports:
|
||||||
|
main:
|
||||||
|
protocol: HTTP
|
||||||
|
port: 10599
|
||||||
|
|
||||||
|
persistence:
|
||||||
|
data:
|
||||||
|
enabled: true
|
||||||
|
mountPath: /data
|
||||||
|
plikd-config:
|
||||||
|
enabled: true
|
||||||
|
mountPath: /home/plik/server/plikd.cfg
|
||||||
|
subPath: plikd.cfg
|
||||||
|
type: custom
|
||||||
|
readOnly: true
|
||||||
|
volumeSpec:
|
||||||
|
secret:
|
||||||
|
secretName: '{{ include "tc.common.names.fullname" . }}-plik-secret'
|
||||||
|
|
||||||
|
postgresql:
|
||||||
|
enabled: true
|
||||||
|
existingSecret: dbcreds
|
||||||
|
postgresqlUsername: plik
|
||||||
|
postgresqlDatabase: plik
|
||||||
|
|
||||||
|
portal:
|
||||||
|
enabled: true
|
Loading…
Reference in New Issue