Commit new Chart releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot
parent
6e1d90fb03
commit
1d1d396c3d
|
|
@ -2,6 +2,19 @@
|
|||
|
||||
|
||||
|
||||
## [meshcentral-5.0.10](https://github.com/truecharts/charts/compare/meshcentral-5.0.9...meshcentral-5.0.10) (2022-10-27)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
|
||||
### Fix
|
||||
|
||||
- correctly merge custom domain for scale gui ([#4211](https://github.com/truecharts/charts/issues/4211))
|
||||
|
||||
|
||||
|
||||
|
||||
## [meshcentral-5.0.9](https://github.com/truecharts/charts/compare/meshcentral-5.0.8...meshcentral-5.0.9) (2022-10-27)
|
||||
|
||||
### Chore
|
||||
|
|
@ -84,16 +97,3 @@
|
|||
- Auto-update chart README [skip ci]
|
||||
- update helm general non-major ([#4182](https://github.com/truecharts/charts/issues/4182))
|
||||
|
||||
|
||||
|
||||
|
||||
## [meshcentral-5.0.2](https://github.com/truecharts/charts/compare/meshcentral-5.0.1...meshcentral-5.0.2) (2022-10-25)
|
||||
|
||||
### Chore
|
||||
|
||||
- Auto-update chart README [skip ci]
|
||||
|
||||
### Fix
|
||||
|
||||
- use transitioning variable tcdefaultdomain in scale GUI ([#4184](https://github.com/truecharts/charts/issues/4184))
|
||||
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 10.7.8
|
||||
- name: mongodb
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 2.0.42
|
||||
digest: sha256:368ab09d96987d02826b4821e7040b6230712e811bfec896c486195289b5f81d
|
||||
generated: "2022-10-27T13:54:35.334142339Z"
|
||||
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
|||
kubeVersion: ">=1.16.0-0"
|
||||
name: meshcentral
|
||||
appVersion: "1.0.90"
|
||||
version: 5.0.9
|
||||
version: 5.0.10
|
||||
description: MeshCentral is a full computer management web site
|
||||
type: application
|
||||
deprecated: false
|
||||
|
|
@ -18,11 +18,11 @@ sources:
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 10.7.7
|
||||
version: 10.7.8
|
||||
- condition: mongodb.enabled
|
||||
name: mongodb
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 2.0.40
|
||||
version: 2.0.42
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
|
|
@ -22,8 +22,8 @@ Kubernetes: `>=1.16.0-0`
|
|||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://charts.truecharts.org/ | mongodb | 2.0.40 |
|
||||
| https://library-charts.truecharts.org | common | 10.7.7 |
|
||||
| https://charts.truecharts.org/ | mongodb | 2.0.42 |
|
||||
| https://library-charts.truecharts.org | common | 10.7.8 |
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
Binary file not shown.
Binary file not shown.
|
|
@ -6,8 +6,6 @@ image:
|
|||
command:
|
||||
- node
|
||||
- meshcentral/meshcentral
|
||||
- --configfile
|
||||
- /opt/meshcentral/meshcentral-config/config.json
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: false
|
||||
|
|
@ -17,12 +15,6 @@ podSecurityContext:
|
|||
runAsUser: 0
|
||||
runAsGroup: 0
|
||||
|
||||
env:
|
||||
trigger_redeploy:
|
||||
secretKeyRef:
|
||||
name: '{{ include "tc.common.names.fullname" . }}-secret'
|
||||
key: trigger_redeploy
|
||||
|
||||
# - Values with the character _ in-front of them are pruned. Add or remove _ to disable or enable options
|
||||
# - More in-depth info for each options can be found here: https://github.com/Ylianst/MeshCentral/blob/master/meshcentral-config-schema.json
|
||||
# - Check for this chart's specific info in our webpage https://truecharts.org
|
||||
|
|
@ -64,7 +56,7 @@ meshcentral:
|
|||
_StrictTransportSecurity: null
|
||||
# - When enabled, the MeshCentral web site can be embedded within another website's iframe.
|
||||
allowFraming: false
|
||||
# - Options: strict | lax | none
|
||||
# - Options: strict | lax | none | true
|
||||
_cookieIpCheck: lax
|
||||
# - When enabled, allows use of WebRTC to allow direct network traffic between the agent and browser.
|
||||
webRTC: false
|
||||
|
|
@ -93,7 +85,7 @@ meshcentral:
|
|||
# - Enables server-side, websocket per-message deflate compression.
|
||||
wsCompression: true
|
||||
# - Enables agent-side, websocket per-message deflate compression. wscompression must also be true for this to work.
|
||||
_agentWsCompression: true
|
||||
agentWsCompression: true
|
||||
# - Set to 1 to present the server from updating any agent.
|
||||
_noAgentUpdate: 0
|
||||
# - When set to 2, all agents that need to be updated will use the meshcore.js update system. With the default value of 1, the native update system is used.
|
||||
|
|
@ -209,25 +201,25 @@ meshcentral:
|
|||
_redirects:
|
||||
meshcommander: https://www.meshcommander.com/
|
||||
# - This section described a policy for how many times an IP address is allowed to attempt to login incorrectly. By default it's 10 times in 10 minutes, but this can be changed here.
|
||||
_maxInvalidLogin:
|
||||
maxInvalidLogin:
|
||||
# - Ranges of IP addresses that are not subject to invalid login limitations. For example: 192.168.1.0/24,172.16.0.1
|
||||
exclude: null
|
||||
_exclude: ""
|
||||
# - Time in minutes over which the a maximum number of invalid login attempts is allowed from an IP address.
|
||||
time: 10
|
||||
# - Maximum number of invalid login attempts from an IP address in the time period.
|
||||
count: 10
|
||||
# - Additional time in minute that login attempts will be denied once the invalid login limit is reached.
|
||||
coolofftime: null
|
||||
coolofftime: 30
|
||||
# - This section described a policy for how many times an IP address is allowed to attempt to perform two-factor authentication (2FA) incorrectly. By default it's 10 times in 10 minutes, but this can be changed here.
|
||||
_maxInvalid2fa:
|
||||
maxInvalid2fa:
|
||||
# - Ranges of IP addresses that are not subject to invalid 2FA limitations. For example: 192.168.1.0/24,172.16.0.1
|
||||
exclude: null
|
||||
_exclude: ""
|
||||
# - Time in minutes over which the a maximum number of invalid 2FA attempts is allowed from an IP address.
|
||||
time: 10
|
||||
# - Maximum number of invalid 2FA attempts from an IP address in the time period.
|
||||
count: 10
|
||||
# - Additional time in minute that 2FA attempts will be denied once the invalid login limit is reached.
|
||||
coolofftime: null
|
||||
coolofftime: 30
|
||||
# - When present, this section will enable the Intel AMT provisioning server on the local network. This is used for Intel AMT bare-metal ACM activation.
|
||||
_amtProvisioningServer:
|
||||
# - Port number that provisioning server will listen to.
|
||||
|
|
@ -529,13 +521,13 @@ meshcentral:
|
|||
# - Action taken if one of the lines in meshagent.tag contains ~ServerTags:tag1,tag2,tag3. 0=Ignore, 1=Set, 2=SetIfEmpty, 3=Append.
|
||||
ServerTags: 0
|
||||
# - Enables the geo-location feature and device location map in the user interface, this feature is not being worked on.
|
||||
_geoLocation: false
|
||||
geoLocation: true
|
||||
# - When enabled, activates the built-in web-based VNC client.
|
||||
_novnc: true
|
||||
novnc: true
|
||||
# - When enabled, activates the built-in web-based RDP client.
|
||||
_mstsc: false
|
||||
mstsc: true
|
||||
# - When enabled, activates the built-in web-based SSH client.
|
||||
_ssh: false
|
||||
ssh: true
|
||||
# - Path where to find custom email templates for this domain.
|
||||
_webEmailsPath: null
|
||||
_customUI: null
|
||||
|
|
@ -995,10 +987,8 @@ persistence:
|
|||
readOnly: true
|
||||
defaultMode: "0600"
|
||||
objectName: '{{ include "tc.common.names.fullname" . }}-secret'
|
||||
mountPath: /opt/meshcentral/meshcentral-config
|
||||
items:
|
||||
- key: config.json
|
||||
path: config.json
|
||||
mountPath: /opt/meshcentral/meshcentral-data/config.json
|
||||
subPath: config.json
|
||||
|
||||
portal:
|
||||
enabled: true
|
||||
|
|
@ -235,6 +235,12 @@ questions:
|
|||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: agentWsCompression
|
||||
label: agentWsCompression
|
||||
description: Enables agent-side, websocket per-message deflate compression. wscompression must also be true for this to work.
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowFraming
|
||||
label: allowFraming
|
||||
description: When enabled, the MeshCentral web site can be embedded within another website's iframe.
|
||||
|
|
@ -253,6 +259,18 @@ questions:
|
|||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: agentLogDump
|
||||
label: agentLogDump
|
||||
description: Automatically downloads all agent error logs into meshcentral-data/agenterrorlogs.txt.
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: agentCoreDump
|
||||
label: agentCoreDump
|
||||
description: Automatically activates and transfers any agent crash dump files to the server in meshcentral-data/coredumps.
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: browserPing
|
||||
label: browserPing
|
||||
description: When specified, sends data to the browser at x seconds interval and expects a response from the browser.
|
||||
|
|
@ -283,17 +301,66 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: -99
|
||||
- variable: plugins
|
||||
label: Section <plugins>
|
||||
- variable: maxInvalidLogin
|
||||
label: Section <maxInvalidLogin>
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: enabled
|
||||
label: enabled
|
||||
- variable: time
|
||||
label: time
|
||||
description: Time in minutes over which the a maximum number of invalid login attempts is allowed from an IP address.
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
type: int
|
||||
default: 10
|
||||
- variable: count
|
||||
label: count
|
||||
description: Maximum number of invalid login attempts from an IP address in the time period.
|
||||
schema:
|
||||
type: int
|
||||
default: 10
|
||||
- variable: coolofftime
|
||||
label: coolofftime
|
||||
description: Additional time in minute that login attempts will be denied once the invalid login limit is reached.
|
||||
schema:
|
||||
type: int
|
||||
default: 30
|
||||
- variable: exclude
|
||||
label: exclude
|
||||
description: Ranges of IP addresses that are not subject to invalid login limitations. For example 192.168.1.0/24,172.16.0.1
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: maxInvalid2fa
|
||||
label: Section <maxInvalid2fa>
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: time
|
||||
label: time
|
||||
description: Time in minutes over which the a maximum number of invalid 2FA attempts is allowed from an IP address.
|
||||
schema:
|
||||
type: int
|
||||
default: 10
|
||||
- variable: count
|
||||
label: count
|
||||
description: Maximum number of invalid 2FA attempts from an IP address in the time period.
|
||||
schema:
|
||||
type: int
|
||||
default: 10
|
||||
- variable: coolofftime
|
||||
label: coolofftime
|
||||
description: Additional time in minute that 2FA attempts will be denied once the invalid login limit is reached.
|
||||
schema:
|
||||
type: int
|
||||
default: 30
|
||||
- variable: exclude
|
||||
label: exclude
|
||||
description: Ranges of IP addresses that are not subject to invalid 2FA limitations. For example 192.168.1.0/24,172.16.0.1
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: autobackup
|
||||
label: Section <autobackup>
|
||||
schema:
|
||||
|
|
@ -376,6 +443,17 @@ questions:
|
|||
type: string
|
||||
required: true
|
||||
default: ""
|
||||
- variable: plugins
|
||||
label: Section <plugins>
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: enabled
|
||||
label: enabled
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: domains
|
||||
label: Section <domains>
|
||||
schema:
|
||||
|
|
@ -428,6 +506,30 @@ questions:
|
|||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: mstsc
|
||||
label: mstsc
|
||||
description: When enabled, activates the built-in web-based RDP client.
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: ssh
|
||||
label: ssh
|
||||
description: When enabled, activates the built-in web-based SSH client.
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: novnc
|
||||
label: novnc
|
||||
description: When enabled, activates the built-in web-based VNC client.
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: geoLocation
|
||||
label: geoLocation
|
||||
description: Enables the geo-location feature and device location map in the user interface, this feature is not being worked on.
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: nightMode
|
||||
label: nightMode
|
||||
description: 0 = User selects day/night mode, 1 = Always night mode, 2 = Always day mode
|
||||
|
|
@ -446,6 +548,30 @@ questions:
|
|||
max: 2
|
||||
requited: true
|
||||
default: 2
|
||||
- variable: deviceMeshRouterLinks
|
||||
label: Section <deviceMeshRouterLinks>
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: rdp
|
||||
label: rdp
|
||||
description: Display a RDP link in the device tab when supported
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: ssh
|
||||
label: ssh
|
||||
description: Display a SSH link in the device tab when supported
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: scp
|
||||
label: scp
|
||||
description: Display a SCP link in the device tab when supported
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: agentCustomization
|
||||
label: Section <agentCustomization>
|
||||
schema:
|
||||
|
|
@ -2,6 +2,8 @@
|
|||
{{- define "meshcentral.secret" -}}
|
||||
|
||||
{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }}
|
||||
{{- $secretStorageName := printf "%s-storage-secret" (include "tc.common.names.fullname" .) }}
|
||||
|
||||
{{- $config := .Values.meshcentral }}
|
||||
|
||||
{{- $isScale := false }}
|
||||
|
|
@ -12,7 +14,7 @@
|
|||
{{- end }}
|
||||
|
||||
{{- $sessionKey := "" }}
|
||||
{{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }}
|
||||
{{- with (lookup "v1" "Secret" .Release.Namespace $secretStorageName) }}
|
||||
{{- $sessionKey = (index .data "session_key") }}
|
||||
{{- else }}
|
||||
{{- $sessionKey = randAlphaNum 32 }}
|
||||
|
|
@ -43,10 +45,25 @@
|
|||
{{- end }}
|
||||
|
||||
{{- if $isScale }}
|
||||
{{- $config = (include "prune.keys.scale" $config) }}
|
||||
{{- $config = (include "mergeAndrenameDefaultDomain" $config) }}
|
||||
{{- $config = (include "prune.keys.scale" (fromYaml $config)) }}
|
||||
{{- else }}
|
||||
{{- $config = (include "prune.keys" $config) }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
metadata:
|
||||
name: {{ $secretStorageName }}
|
||||
labels:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
data:
|
||||
{{/* Store session_key to reuse */}}
|
||||
session_key: {{ $sessionKey | b64enc }}
|
||||
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
|
|
@ -57,9 +74,6 @@ metadata:
|
|||
labels:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
data:
|
||||
{{/* Store session_key to reuse */}}
|
||||
session_key: {{ $sessionKey | b64enc }}
|
||||
trigger_redeploy: {{ randAlpha 5 | b64enc }}
|
||||
{{/* The actual config */}}
|
||||
config.json: |
|
||||
{{- toPrettyJson (fromYaml $config) | b64enc | nindent 4 }}
|
||||
|
|
@ -85,17 +99,8 @@ data:
|
|||
{{/* Prunes int and float equal to -99 */}}
|
||||
{{/* Prunes empty strings (Does not prune empty strings in lists) */}}
|
||||
{{/* Prunes keys that start with _ */}}
|
||||
{{/* Renames tcdefaultdomain variable to "" as this is the key used by MeshCentral */}}
|
||||
{{/* but SCALE GUI does not handle it well */}}
|
||||
{{- define "prune.keys.scale" }}
|
||||
{{- $values := . }}
|
||||
{{- if (hasKey $values "domains") }}
|
||||
{{- if (hasKey $values.domains "tcdefaultdomain") }}
|
||||
{{- $defaultDomain := $values.domains.tcdefaultdomain }}
|
||||
{{- $_ := set $values.domains "" $defaultDomain }}
|
||||
{{- $_ := unset $values.domains "tcdefaultdomain" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range $k, $v := $values }}
|
||||
{{- if eq (kindOf $v) "string" }}
|
||||
{{- if not $v }}
|
||||
|
|
@ -122,3 +127,14 @@ data:
|
|||
{{- end }}
|
||||
{{- toYaml $values }}
|
||||
{{- end }}
|
||||
|
||||
{{/* Renames tcdefaultdomain variable to "" as this is the key used by MeshCentral */}}
|
||||
{{/* but SCALE GUI does not handle it well */}}
|
||||
{{- define "mergeAndrenameDefaultDomain" }}
|
||||
{{- $values := . }}
|
||||
{{- $defaultDomain := index $values.domains "" }}
|
||||
{{- $computedDomain := mergeOverwrite $defaultDomain $values.domains.tcdefaultdomain }}
|
||||
{{- $_ := set $values.domains "" $computedDomain }}
|
||||
{{- $_ := unset $values.domains "tcdefaultdomain" }}
|
||||
{{- toYaml $values }}
|
||||
{{- end }}
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 10.7.7
|
||||
- name: mongodb
|
||||
repository: https://charts.truecharts.org/
|
||||
version: 2.0.40
|
||||
digest: sha256:d4f7a8e0a0b71397241720094b69aaafad84c580c21f86c83d521e03affddb20
|
||||
generated: "2022-10-27T08:06:13.936954863Z"
|
||||
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue