acf510ea13
(feat) Standardise and Harden default app securitycontext ( #1028 )
...
* Apply security hardened defaults to values.yaml for all apps
* Add default common securityContext to all apps
* Adjust securityContext defaults in questions.yaml, according to values.yaml
* Add default common podSecurityContext to all apps
* Clean whitespace
* Clean more whitespace
* Adjust podSecurityContext defaults in questions.yaml, according to values.yaml
* fix pgadmin
Co-authored-by: Stavros kois <s.kois@outlook.com>
2021-09-26 20:05:21 +02:00
77590fe974
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-21 11:06:21 +00:00
1908bcc165
chore(deps): update helm chart postgresql to v2.2.5 ( #1017 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-21 13:00:16 +02:00
8b6cc5af01
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-21 10:18:09 +00:00
d6b521c186
chore(deps): update non-major deps helm releases ( #1014 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-21 11:59:23 +02:00
2c4bff1441
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-21 09:06:41 +00:00
a52bc98bdf
chore(deps): update non-major ( #1015 )
...
* chore(deps): update non-major
* Commit bumped App Version
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-21 10:55:30 +02:00
87e3219b6f
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-21 08:50:15 +00:00
d976ce2065
chore(deps): update non-major ( #1013 )
...
* chore(deps): update non-major
* Commit bumped App Version
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-21 10:41:09 +02:00
2ecefa844d
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-14 20:45:30 +00:00
f2cf03eda3
chore(deps): update non-major ( #987 )
...
* chore(deps): update non-major
* Commit bumped App Version
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-14 22:38:56 +02:00
f5e83ce488
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-14 18:19:34 +00:00
742137951f
fix: fix authelia being broken
2021-09-14 20:15:48 +02:00
740f0b361d
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-14 15:55:49 +00:00
725aa5c6b6
fix: ensure oidc keys get generated on existing authelia installations
2021-09-14 17:52:28 +02:00
499db20bca
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-13 19:09:56 +00:00
e64d26aef8
fix: use correct authelia tag on SCALE installs
2021-09-13 21:06:48 +02:00
e9944183a2
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-13 17:07:54 +00:00
2349bb4d40
feat: add new GUI and VPN support to all Apps ( #977 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-13 18:49:14 +02:00
2c5919d42f
chore(deps): update non-major
2021-09-13 14:12:56 +02:00
642cf20b7b
feat: Add VPN addon and move some config to includes ( #973 )
...
* add addon include to all apps
* move groups to include
* move controller to includes
* move container config to include
* move serviceList to include
* move persistence list to includes
* move ingressList to includes
* fix appdaemon digest
* move deviceList to includes and add to deconz
Fixes #967 related to #966
2021-09-13 12:58:34 +02:00
238e2bc0c6
chore: Use bitnami instead of stock postgresql container ( #960 )
...
* chore: Setup all apps to use bitnami instead of stock postgresql container
* Actually don't bump major as there is no breaking change (as people using it will default to the migration initscript)
2021-09-11 20:58:37 +02:00
1f4828c19b
chore(deps): update non-major
...
(cherry picked from commit b66e04fe8f
2021-09-11 13:56:20 +02:00
ced7d182c2
fix some dockertags being wrong
2021-09-11 13:52:00 +02:00
a8670a1482
feat: pin all container references to digests ( #963 )
2021-09-11 13:00:39 +02:00
a7b3ce0e23
fix: make sure podSecurityContext is included in both SCALE and Helm installs ( #956 )
...
* remove strategy
* move runAsNonRoot to securityContext
* Add podSecurityContext and securityContext to values pt1
* Add podSecurityContext and securityContext to values pt2
* Add podSecurityContext and securityContext to values pt3
* Add podSecurityContext and securityContext to values pt4
* Add podSecurityContext and securityContext to values pt5
* fix empty lines
* Remove secCont from NC - values
* fixPermissions for some apps
* on apps with perm prob, set fsGroup to 0 also
2021-09-10 20:10:04 +02:00
00e9bd819f
refactor: change image layout to enable renovate updates of sidecarts ( #955 )
...
* some cleanup for common (+6 squashed commit)
Squashed commit:
[43a501de8] bump sogo
[62c009b63] some tryouts
[6840fafdb] try to fix rendering of new format
[003d3c81b] move seperate apps to new format and fix mistake in common
[752ae2c68] more work on the image refactor
[edfc28533] refactor common images
* sogo scale differently
* slight release build fix
* fix issues with release script and multiple tags
2021-09-10 16:57:08 +02:00
df3bdb11cc
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-10 13:46:52 +00:00
d144cb38d8
fix: update common to ensure initcontainer can always be run as root
2021-09-10 15:43:02 +02:00
9bb6f4af88
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-10 13:37:54 +00:00
982297ec17
fix: move runAsNonRoot to container securityContext to allow root sidecarts ( #954 )
...
* fix: move runAsNonRoot to container securityContext to prevent sidecarts from being affected
* also bump some versions...
* also override some of the problematic settings in common.yaml
* whoops
2021-09-10 15:26:10 +02:00
ea9f4e7a6b
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-09 20:22:19 +00:00
7fb7ec972d
chore: update Apps containing initcontainers -not breaking on SCALE- ( #952 )
...
* chore: update Apps containing initcontainers -not breaking on SCALE-
* correct versioning a bit
2021-09-09 22:18:30 +02:00
7998db2234
feat: Add regex validation to resources CPU and RAM for all apps ( #935 )
...
* Adds RAM resource regex validation
* Adds CPU resource regex validation
2021-09-09 01:08:11 +02:00
7bd2776e94
feat: Pre-commit and tag-appversion syncing ( #926 )
...
* add pre-commit to release container
* use pip install --no-cache-dir
* whoopsies
* lint fixes
* add some verbosity during pre-commit build process
* add more pre-commit checks
* repo pre-commit cleanup
* add pre-commit to release scripting
* try showing some more pre-commit dockerbuild verbosity
* some tweaks and polish to release scripting.
Also adds syncing primary tag and appversion
2021-09-08 12:11:42 +02:00
c64575483b
remove Chart.lock files
2021-09-08 10:15:11 +02:00
b6723fa961
Commit released Helm Chart and docs for TrueCharts
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-08 03:33:40 +00:00
62b7d2eb8e
Daily Housekeeping
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-08 03:12:08 +00:00
ee5a5c495d
chore(deps): update non-major deps helm releases ( #907 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-07 10:01:47 +02:00
e4bd1d8d77
Daily Housekeeping
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-07 03:11:33 +00:00
07d11e2970
bumps
2021-09-06 23:02:32 +02:00
34bd8e2d2e
Add BETA OIDC support to Authelia ( #904 )
...
* some initial work on adding oidc to authelia
* finish openidc gui
2021-09-06 23:00:42 +02:00
c327fb2c49
Daily Housekeeping
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-05 03:12:01 +00:00
5e975976ca
chore(deps): update non-major deps helm releases ( #895 )
...
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-09-04 13:04:53 +02:00
e3d505a0b0
bump common and authelia due to issues.
2021-09-02 12:58:07 +02:00
6831d56ee4
remove externalInterfaces + add RBAC and networkPolicy support ( #882 )
...
* remove externalInterfaces + add RBAC and networkPolicy support
* mistaken double end
* cleanup values a bit
* fix a small mistake
* That was the wrong mistake
2021-09-02 12:52:34 +02:00
4aa6ef527a
Daily Housekeeping
...
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
2021-09-02 03:11:28 +00:00
542aaf9403
fix authelia rule deny label
2021-09-01 19:24:48 +02:00
457cdd81c0
bump
2021-09-01 18:59:30 +02:00
a608dbb31c
Fix mistake in authelia
2021-09-01 18:53:41 +02:00
3b6d315edb
Make domains in autheliarules a list and add db-wait-initcontainer to vaultwarden and fireflyiii
2021-09-01 18:38:03 +02:00
ca698ffee5
also run initcontainer on SCALE for authelia
2021-09-01 18:08:17 +02:00
83342af6ae
wait for postgresql to start before starting authelia
2021-09-01 17:42:27 +02:00
a94089cf05
Fix authelia ldap and smtp secrets
2021-09-01 17:14:17 +02:00
08b3b50ada
move authelia to stable
2021-09-01 10:52:24 +02:00
Kjeld Schouten-Lebbing