Cloned2Preserve
/
TrueChartsClone
mirror of https://github.com/truecharts/charts.git
1
0
Fork 0
Code
2,945 Commits 44 Branches 102,072 Tags 1.2 GiB
Commit Graph

20 Commits

Author SHA1 Message Date
Kjeld Schouten-Lebbing 834479f0db
security(Apps): Improve Snyk hardening advisory (#1208) 
* Harden postgresql by removing the migration initcontainer

* Harden initcontainers

* Harden serviceaccounts and RBAC

* hmm

* fix
 2021-10-20 13:45:00 +02:00
Kjeld Schouten-Lebbing acf510ea13
(feat) Standardise and Harden default app securitycontext (#1028) 
* Apply security hardened defaults to values.yaml for all apps

* Add default common securityContext to all apps

* Adjust securityContext defaults in questions.yaml, according to values.yaml

* Add default common podSecurityContext to all apps

* Clean whitespace

* Clean more whitespace

* Adjust podSecurityContext defaults in questions.yaml, according to values.yaml

* fix pgadmin

Co-authored-by: Stavros kois <s.kois@outlook.com>
 2021-09-26 20:05:21 +02:00
renovate[bot] d976ce2065
chore(deps): update non-major (#1013) 
* chore(deps): update non-major

* Commit bumped App Version

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: TrueCharts-Bot <bot@truecharts.org>
 2021-09-21 10:41:09 +02:00
renovate[bot] 3e67e1c977
chore(deps): update non-major (#962) 
Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-09-11 13:04:47 +02:00
Kjeld Schouten-Lebbing a8670a1482
feat: pin all container references to digests (#963) 2021-09-11 13:00:39 +02:00
Kjeld Schouten-Lebbing 0090c9e1b6
chore: move most remaining Apps to GHCR mirror (#959) 
* chore: move most remaining Apps to GHCR mirror

* remove apps that are official on dockerhub

* add thelounge

* move collarbora to mirror

* move piware to mirror
 2021-09-11 12:03:46 +02:00
Kjeld Schouten-Lebbing bbd570a6f8
chore: move more dockerhub containers to GHCR mirror (#958) 
* chore: move dockerhub containers to mirror GHCR registry

* part 2
 2021-09-10 22:07:55 +02:00
Stavros Kois a7b3ce0e23
fix: make sure podSecurityContext is included in both SCALE and Helm installs (#956) 
* remove strategy

* move runAsNonRoot to securityContext

* Add podSecurityContext and securityContext to values pt1

* Add podSecurityContext and securityContext to values pt2

* Add podSecurityContext and securityContext to values pt3

* Add podSecurityContext and securityContext to values pt4

* Add podSecurityContext and securityContext to values pt5

* fix empty lines

* Remove secCont from NC - values

* fixPermissions for some apps

* on apps with perm prob, set fsGroup to 0 also
 2021-09-10 20:10:04 +02:00
kjeld Schouten-Lebbing d5e3034ce9
fix: use fixed version for traefik container for consistency 2021-09-08 16:29:25 +02:00
Kjeld Schouten-Lebbing f39c7e968f
feat: Add IPWhitelist, redirectRegex and (internal) nextcloud middlewares (#929) 
* feat: Add IPWhitelist and redirectRegex middlewares to traefik

* fix: add nextcloud middlewares

* fix nextcloud cronjob
 2021-09-08 15:38:31 +02:00
kjeld Schouten-Lebbing 829d7d25a1
move jdownloader and new traefik to Stable 2021-09-04 00:55:57 +02:00
kjeld Schouten-Lebbing 3216e88e00
Enable publishedService on Traefik by default 2021-09-02 18:25:21 +02:00
kjeld Schouten-Lebbing fe242b8d03
apply traefik emergency fix 2021-09-01 02:08:59 +02:00
renovate[bot] 2b75d18ee4
chore(deps): update container image traefik to v2.5 (#873) 
* chore(deps): update container image traefik to v2.5

* Commit bumped App Version

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: TrueCharts-Bot <bot@truecharts.org>
 2021-08-31 22:05:58 +02:00
kjeld Schouten-Lebbing b277ab3171
Fix traefik not auto-updating 2021-08-31 19:45:33 +02:00
Kjeld Schouten-Lebbing 224efec466
Traefik fixes (#659) 
* fix chain middleware for traefik

* try adding portal button fix to dynamically fetch traefik port

* try hook quote

* correctly quote namespace name

* common version bump
 2021-07-05 18:13:44 +02:00
Kjeld Schouten-Lebbing 6b739c25ac
Add more middlewares to traefik and move nextcloud to stable (#658) 
* Add more middlewares to traefik and move nextcloud to stable

* oops
 2021-07-05 10:36:05 +02:00
Kjeld Schouten-Lebbing 373c834d35
Add traefik middleware support (#601) 
* add basic middleware chain to traefik

* Try some idea's for common ingress middleware support

* create middleware namespace as pre-install hook

* rename namespace file

* Add additional list with middlewares and tune the output a bit

* Add basic auth middleware spawner

* add forwardAuth support

* polish middleware names and add config examples

* initial go at traefik middleware GUI elements

* fix labels

* more missing labels
 2021-06-30 12:56:17 +02:00
Kjeld Schouten-Lebbing 111680d41b
Traefik rework (#546) 
* first part

* port most relevant settings

* Don't include common or old crap

* Try moving persistence to common

* Initial work on Traefik SCALE UI

* some cleanup and consistency patches. Also:
Enable metrics, because that's just container-side metrics and doesn't require prometheus CRD's

* super basic portal

* don't use portal as a template

* whoops

* whoops 2.0
 2021-06-10 14:49:42 +02:00
Kjeld Schouten-Lebbing ffc823bccc
Restructure repo to be a little cleaner (#445) 2021-05-09 18:11:00 +02:00