Commit new Chart releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
parent
6a0a1f5c5d
commit
492818df01
|
@ -0,0 +1,13 @@
|
||||||
|
**Important:**
|
||||||
|
*for the complete changelog, please refer to the website*
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## [guacamole-9.0.0]guacamole-9.0.0 (2023-07-24)
|
||||||
|
|
||||||
|
### Feat
|
||||||
|
|
||||||
|
- BREAKING CHANGES migrate new common ([#10771](https://github.com/truecharts/charts/issues/10771))
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
apiVersion: v2
|
||||||
|
appVersion: "1.5.1"
|
||||||
|
dependencies:
|
||||||
|
- name: common
|
||||||
|
repository: https://library-charts.truecharts.org
|
||||||
|
version: 13.2.0
|
||||||
|
description: Apache Guacamole is a clientless remote desktop gateway.
|
||||||
|
home: https://truecharts.org/charts/stable/guacamole
|
||||||
|
icon: https://truecharts.org/img/hotlink-ok/chart-icons/guacamole.png
|
||||||
|
keywords:
|
||||||
|
- guacamole
|
||||||
|
- remote
|
||||||
|
kubeVersion: ">=1.16.0-0"
|
||||||
|
maintainers:
|
||||||
|
- email: info@truecharts.org
|
||||||
|
name: TrueCharts
|
||||||
|
url: https://truecharts.org
|
||||||
|
name: guacamole
|
||||||
|
sources:
|
||||||
|
- https://github.com/truecharts/charts/tree/master/charts/stable/guacamole
|
||||||
|
- https://github.com/apache/guacamole-client
|
||||||
|
type: application
|
||||||
|
version: 9.0.0
|
||||||
|
annotations:
|
||||||
|
truecharts.org/catagories: |
|
||||||
|
- utilities
|
||||||
|
truecharts.org/SCALE-support: "true"
|
||||||
|
truecharts.org/grade: U
|
|
@ -0,0 +1,27 @@
|
||||||
|
# README
|
||||||
|
|
||||||
|
## General Info
|
||||||
|
|
||||||
|
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
||||||
|
However only installations using the TrueNAS SCALE Apps system are supported.
|
||||||
|
|
||||||
|
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/incubator/)
|
||||||
|
|
||||||
|
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||||
|
|
||||||
|
|
||||||
|
## Support
|
||||||
|
|
||||||
|
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
|
||||||
|
- See the [Website](https://truecharts.org)
|
||||||
|
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||||
|
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Sponsor TrueCharts
|
||||||
|
|
||||||
|
TrueCharts can only exist due to the incredible effort of our staff.
|
||||||
|
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||||
|
|
||||||
|
*All Rights Reserved - The TrueCharts Project*
|
|
@ -0,0 +1,9 @@
|
||||||
|
|
||||||
|
|
||||||
|
## [guacamole-9.0.0]guacamole-9.0.0 (2023-07-24)
|
||||||
|
|
||||||
|
### Feat
|
||||||
|
|
||||||
|
- BREAKING CHANGES migrate new common ([#10771](https://github.com/truecharts/charts/issues/10771))
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
Apache Guacamole is a clientless remote desktop gateway.
|
||||||
|
|
||||||
|
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/guacamole](https://truecharts.org/charts/stable/guacamole)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
TrueCharts can only exist due to the incredible effort of our staff.
|
||||||
|
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
Binary file not shown.
|
@ -0,0 +1,263 @@
|
||||||
|
image:
|
||||||
|
repository: tccr.io/truecharts/guacamole-client
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
tag: 1.5.2@sha256:d705e385677c11624381df0c3779616edac98fdc8e508374257327516bde061b
|
||||||
|
guacdImage:
|
||||||
|
repository: tccr.io/truecharts/guacamole-server
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
tag: v1.5.2@sha256:f7f62adecb244a91c974ac0bab7376335304145789fb43baeff75c1e2c88c630
|
||||||
|
|
||||||
|
guacamole:
|
||||||
|
ldap:
|
||||||
|
LDAP_HOSTNAME: ""
|
||||||
|
LDAP_USER_BASE_DN: ""
|
||||||
|
LDAP_PORT: 389
|
||||||
|
LDAP_ENCRYPTION_METHOD: none
|
||||||
|
LDAP_MAX_SEARCH_RESULTS: 1000
|
||||||
|
LDAP_SEARCH_BIND_DN: ""
|
||||||
|
LDAP_USER_ATTRIBUTES: ""
|
||||||
|
LDAP_SEARCH_BIND_PASSWORD: ""
|
||||||
|
LDAP_USERNAME_ATTRIBUTE: uid
|
||||||
|
LDAP_MEMBER_ATTRIBUTE: member
|
||||||
|
LDAP_USER_SEARCH_FILTER: "(objectClass=*)"
|
||||||
|
LDAP_CONFIG_BASE_DN: ""
|
||||||
|
LDAP_GROUP_BASE_DN: ""
|
||||||
|
LDAP_GROUP_SEARCH_FILTER: "(objectClass=*)"
|
||||||
|
LDAP_MEMBER_ATTRIBUTE_TYPE: dn
|
||||||
|
LDAP_GROUP_NAME_ATTRIBUTE: cn
|
||||||
|
LDAP_DEREFERENCE_ALIASES: never
|
||||||
|
LDAP_FOLLOW_REFERRALS: false
|
||||||
|
LDAP_MAX_REFERRAL_HOPS: 5
|
||||||
|
LDAP_OPERATION_TIMEOUT: 30
|
||||||
|
header:
|
||||||
|
HEADER_ENABLED: false
|
||||||
|
HTTP_AUTH_HEADER: REMOTE_USER
|
||||||
|
saml:
|
||||||
|
SAML_IDP_METADATA_URL: ""
|
||||||
|
SAML_IDP_URL: ""
|
||||||
|
SAML_ENTITY_ID: ""
|
||||||
|
SAML_CALLBACK_URL: ""
|
||||||
|
SAML_STRICT: true
|
||||||
|
SAML_DEBUG: false
|
||||||
|
SAML_COMPRESS_REQUEST: true
|
||||||
|
SAML_COMPRESS_RESPONSE: true
|
||||||
|
SAML_GROUP_ATTRIBUTE: groups
|
||||||
|
proxy:
|
||||||
|
REMOTE_IP_VALVE_ENABLED: false
|
||||||
|
PROXY_ALLOWED_IPS_REGEX: ""
|
||||||
|
PROXY_IP_HEADER: ""
|
||||||
|
PROXY_PROTOCOL_HEADER: ""
|
||||||
|
PROXY_BY_HEADER: ""
|
||||||
|
general:
|
||||||
|
EXTENSION_PRIORITY: ""
|
||||||
|
totp:
|
||||||
|
TOTP_ENABLED: true
|
||||||
|
TOTP_ISSUER: Apache Guacamole
|
||||||
|
TOTP_DIGITS: 6
|
||||||
|
TOTP_PERIOD: 30
|
||||||
|
TOTP_MODE: sha1
|
||||||
|
duo:
|
||||||
|
DUO_API_HOSTNAME: ""
|
||||||
|
DUO_INTEGRATION_KEY: ""
|
||||||
|
DUO_SECRET_KEY: ""
|
||||||
|
DUO_APPLICATION_KEY: ""
|
||||||
|
api:
|
||||||
|
API_SESSION_TIMEOUT: 60
|
||||||
|
radius:
|
||||||
|
RADIUS_SHARED_SECRET: ""
|
||||||
|
RADIUS_AUTH_PROTOCOL: eap-tls
|
||||||
|
RADIUS_HOSTNAME: ""
|
||||||
|
RADIUS_AUTH_PORT: 1812
|
||||||
|
RADIUS_KEY_FILE: ""
|
||||||
|
RADIUS_KEY_TYPE: pkcs12
|
||||||
|
RADIUS_KEY_PASSWORD: ""
|
||||||
|
RADIUS_CA_FILE: ""
|
||||||
|
RADIUS_CA_TYPE: pem
|
||||||
|
RADIUS_CA_PASSWORD: ""
|
||||||
|
RADIUS_TRUST_ALL: false
|
||||||
|
RADIUS_RETRIES: 5
|
||||||
|
RADIUS_TIMEOUT: 60
|
||||||
|
RADIUS_EAP_TTLS_INNER_PROTOCOL: eap-tls
|
||||||
|
RADIUS_NAS_IP: ""
|
||||||
|
openid:
|
||||||
|
OPENID_AUTHORIZATION_ENDPOINT: ""
|
||||||
|
OPENID_JWKS_ENDPOINT: ""
|
||||||
|
OPENID_ISSUER: ""
|
||||||
|
OPENID_CLIENT_ID: ""
|
||||||
|
OPENID_REDIRECT_URI: ""
|
||||||
|
OPENID_USERNAME_CLAIM_TYPE: email
|
||||||
|
OPENID_GROUPS_CLAIM_TYPE: groups
|
||||||
|
OPENID_SCOPE: openid email profile
|
||||||
|
OPENID_ALLOWED_CLOCK_SKEW: 30
|
||||||
|
OPENID_MAX_TOKEN_VALIDITY: 300
|
||||||
|
OPENID_MAX_NONCE_VALIDITY: 300
|
||||||
|
cas:
|
||||||
|
CAS_AUTHORIZATION_ENDPOINT: ""
|
||||||
|
CAS_REDIRECT_URI: ""
|
||||||
|
CAS_CLEARPASS_KEY: ""
|
||||||
|
CAS_GROUP_ATTRIBUTE: ""
|
||||||
|
CAS_GROUP_FORMAT: plain
|
||||||
|
CAS_GROUP_LDAP_BASE_DN: ""
|
||||||
|
CAS_GROUP_LDAP_ATTRIBUTE: ""
|
||||||
|
json:
|
||||||
|
JSON_SECRET_KEY: ""
|
||||||
|
JSON_TRUSTED_NETWORKS: ""
|
||||||
|
|
||||||
|
workload:
|
||||||
|
main:
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
main:
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1001
|
||||||
|
runAsGroup: 1001
|
||||||
|
readOnlyRootFilesystem: false
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: guacamole-config
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
type: http
|
||||||
|
port: "{{ .Values.service.main.ports.main.targetPort }}"
|
||||||
|
path: /guacamole
|
||||||
|
readiness:
|
||||||
|
type: http
|
||||||
|
port: "{{ .Values.service.main.ports.main.targetPort }}"
|
||||||
|
path: /guacamole
|
||||||
|
startup:
|
||||||
|
type: tcp
|
||||||
|
port: "{{ .Values.service.main.ports.main.targetPort }}"
|
||||||
|
# zz is used to ensure that the initContainers are run after db-waits
|
||||||
|
initContainers:
|
||||||
|
1-create-seed:
|
||||||
|
enabled: true
|
||||||
|
type: install
|
||||||
|
imageSelector: image
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1001
|
||||||
|
runAsGroup: 1001
|
||||||
|
readOnlyRootFilesystem: false
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: guacamole-config
|
||||||
|
command:
|
||||||
|
- /bin/sh
|
||||||
|
args:
|
||||||
|
- -c
|
||||||
|
- /tc-scripts/create-seed.sh
|
||||||
|
2-apply-seed:
|
||||||
|
enabled: true
|
||||||
|
type: install
|
||||||
|
imageSelector: postgresClientImage
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1001
|
||||||
|
runAsGroup: 1001
|
||||||
|
readOnlyRootFilesystem: false
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: guacamole-config
|
||||||
|
command:
|
||||||
|
- /bin/sh
|
||||||
|
args:
|
||||||
|
- -c
|
||||||
|
- /tc-scripts/apply-seed.sh
|
||||||
|
|
||||||
|
guacd:
|
||||||
|
enabled: true
|
||||||
|
type: Deployment
|
||||||
|
strategy: RollingUpdate
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
guacd:
|
||||||
|
enabled: true
|
||||||
|
primary: true
|
||||||
|
imageSelector: guacdImage
|
||||||
|
command:
|
||||||
|
- /opt/guacamole/sbin/guacd
|
||||||
|
args:
|
||||||
|
# Listen Address
|
||||||
|
- -b
|
||||||
|
- "0.0.0.0"
|
||||||
|
# Listen Port
|
||||||
|
- -l
|
||||||
|
- "{{ .Values.service.guacd.ports.guacd.port }}"
|
||||||
|
# Log Level
|
||||||
|
- -L
|
||||||
|
- info
|
||||||
|
# Foreground
|
||||||
|
- -f
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
readOnlyRootFilesystem: false
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
type: tcp
|
||||||
|
port: "{{ .Values.service.guacd.ports.guacd.port }}"
|
||||||
|
readiness:
|
||||||
|
type: tcp
|
||||||
|
port: "{{ .Values.service.guacd.ports.guacd.port }}"
|
||||||
|
startup:
|
||||||
|
type: tcp
|
||||||
|
port: "{{ .Values.service.guacd.ports.guacd.port }}"
|
||||||
|
|
||||||
|
service:
|
||||||
|
main:
|
||||||
|
ports:
|
||||||
|
main:
|
||||||
|
port: 10123
|
||||||
|
targetPort: 8080
|
||||||
|
guacd:
|
||||||
|
enabled: true
|
||||||
|
targetSelector: guacd
|
||||||
|
ports:
|
||||||
|
guacd:
|
||||||
|
enabled: true
|
||||||
|
targetSelector: guacd
|
||||||
|
port: 10124
|
||||||
|
|
||||||
|
persistence:
|
||||||
|
recordings:
|
||||||
|
enabled: true
|
||||||
|
# Check how this works and
|
||||||
|
# which containers need it mounted
|
||||||
|
targetSelector:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
mountPath: /var/lib/guacamole/recordings
|
||||||
|
readOnly: true
|
||||||
|
guacd:
|
||||||
|
guacd:
|
||||||
|
mountPath: /var/lib/guacamole/recordings
|
||||||
|
tc-init:
|
||||||
|
enabled: true
|
||||||
|
type: emptyDir
|
||||||
|
targetSelector:
|
||||||
|
main:
|
||||||
|
1-create-seed:
|
||||||
|
mountPath: /tc-init
|
||||||
|
2-apply-seed:
|
||||||
|
mountPath: /tc-init
|
||||||
|
db-seed:
|
||||||
|
enabled: true
|
||||||
|
type: configmap
|
||||||
|
objectName: db-init
|
||||||
|
defaultMode: "0770"
|
||||||
|
targetSelector:
|
||||||
|
main:
|
||||||
|
1-create-seed:
|
||||||
|
mountPath: /tc-scripts/create-seed.sh
|
||||||
|
subPath: create-seed.sh
|
||||||
|
2-apply-seed:
|
||||||
|
mountPath: /tc-scripts/apply-seed.sh
|
||||||
|
subPath: apply-seed.sh
|
||||||
|
|
||||||
|
cnpg:
|
||||||
|
main:
|
||||||
|
enabled: true
|
||||||
|
user: guacamole
|
||||||
|
database: guacamole
|
||||||
|
|
||||||
|
portal:
|
||||||
|
open:
|
||||||
|
enabled: true
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,193 @@
|
||||||
|
{{/* Define the configmap */}}
|
||||||
|
{{- define "guacamole.configmap" -}}
|
||||||
|
{{/* https://github.com/apache/guacamole-client/blob/master/guacamole-docker/bin/start.sh */}}
|
||||||
|
{{/* https://guacamole.apache.org/doc/gug/guacamole-docker.html */}}
|
||||||
|
{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ }}
|
||||||
|
guacamole-config:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
RECORDING_SEARCH_PATH: /var/lib/guacamole/recordings
|
||||||
|
{{/* GuacD */}}
|
||||||
|
GUACD_HOSTNAME: {{ printf "%v-guacd" $fullname }}
|
||||||
|
GUACD_PORT: {{ .Values.service.guacd.ports.guacd.port | quote }}
|
||||||
|
{{/* Database */}}
|
||||||
|
POSTGRESQL_PORT: "5432"
|
||||||
|
POSTGRESQL_DATABASE: {{ .Values.cnpg.main.database }}
|
||||||
|
POSTGRESQL_USER: {{ .Values.cnpg.main.user }}
|
||||||
|
POSTGRESQL_HOSTNAME: {{ .Values.cnpg.main.creds.host }}
|
||||||
|
POSTGRESQL_PASSWORD: {{ .Values.cnpg.main.creds.password | trimAll "\"" }}
|
||||||
|
{{/* LDAP */}}
|
||||||
|
{{- if (get .Values.guacamole "ldap").LDAP_HOSTNAME }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_HOSTNAME" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_PORT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_ENCRYPTION_METHOD" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_USER_BASE_DN" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_USER_SEARCH_FILTER" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_GROUP_BASE_DN" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_GROUP_SEARCH_FILTER" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_GROUP_NAME_ATTRIBUTE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_MEMBER_ATTRIBUTE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_MEMBER_ATTRIBUTE_TYPE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_SEARCH_BIND_DN" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_SEARCH_BIND_PASSWORD" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_USERNAME_ATTRIBUTE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_USER_ATTRIBUTES" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_CONFIG_BASE_DN" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_DEREFERENCE_ALIASES" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_FOLLOW_REFERRALS" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_MAX_REFERRAL_HOPS" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_MAX_SEARCH_RESULTS" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "ldap" "key" "LDAP_OPERATION_TIMEOUT" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* Header */}}
|
||||||
|
{{- if (get .Values.guacamole "header").HEADER_ENABLED }}
|
||||||
|
{{ include "guac.env" (dict "ob" "header" "key" "HEADER_ENABLED" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "header" "key" "HTTP_AUTH_HEADER" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* SAML */}}
|
||||||
|
{{- if or
|
||||||
|
(and ((get .Values.guacamole "saml").SAML_ENTITY_ID) ((get .Values.guacamole "saml").SAML_CALLBACK_URL))
|
||||||
|
((get .Values.guacamole "saml").SAML_IDP_METADATA_URL) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_IDP_METADATA_URL" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_IDP_URL" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_ENTITY_ID" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_CALLBACK_URL" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_STRICT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_DEBUG" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_COMPRESS_REQUEST" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_COMPRESS_RESPONSE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "saml" "key" "SAML_GROUP_ATTRIBUTE" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* Proxy */}}
|
||||||
|
{{- if (get .Values.guacamole "proxy").REMOTE_IP_VALVE_ENABLED }}
|
||||||
|
{{ include "guac.env" (dict "ob" "proxy" "key" "REMOTE_IP_VALVE_ENABLED" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "proxy" "key" "PROXY_ALLOWED_IPS_REGEX" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "proxy" "key" "PROXY_IP_HEADER" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "proxy" "key" "PROXY_PROTOCOL_HEADER" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "proxy" "key" "PROXY_BY_HEADER" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* General */}}
|
||||||
|
{{ include "guac.env" (dict "ob" "general" "key" "EXTENSION_PRIORITY" "rootCtx" $) }}
|
||||||
|
{{/* TOTP */}}
|
||||||
|
{{- if (get .Values.guacamole "totp").TOTP_ENABLED }}
|
||||||
|
{{ include "guac.env" (dict "ob" "totp" "key" "TOTP_ENABLED" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "totp" "key" "TOTP_ISSUER" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "totp" "key" "TOTP_DIGITS" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "totp" "key" "TOTP_PERIOD" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "totp" "key" "TOTP_MODE" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* DUO */}}
|
||||||
|
{{- if (get .Values.guacamole "duo").DUO_API_HOSTNAME }}
|
||||||
|
{{ include "guac.env" (dict "ob" "duo" "key" "DUO_API_HOSTNAME" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "duo" "key" "DUO_INTEGRATION_KEY" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "duo" "key" "DUO_SECRET_KEY" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "duo" "key" "DUO_APPLICATION_KEY" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* API */}}
|
||||||
|
{{ include "guac.env" (dict "ob" "api" "key" "API_SESSION_TIMEOUT" "rootCtx" $) }}
|
||||||
|
{{/* RADIUS */}}
|
||||||
|
{{- if (get .Values.guacamole "radius").SHARED_SECRET }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_HOSTNAME" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_AUTH_PORT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_SHARED_SECRET" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_AUTH_PROTOCOL" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_KEY_TYPE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_KEY_TYPE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_KEY_PASSWORD" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_CA_FILE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_CA_TYPE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_CA_PASSWORD" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_TRUST_ALL" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_RETRIES" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_TIMEOUT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_EAP_TTLS_INNER_PROTOCOL" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "radius" "key" "RADIUS_NAS_IP" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* OPENID */}}
|
||||||
|
{{- if (get .Values.guacamole "openid").OPENID_AUTHORIZATION_ENDPOINT }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_AUTHORIZATION_ENDPOINT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_JWKS_ENDPOINT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_ISSUER" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_CLIENT_ID" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_REDIRECT_URI" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_USERNAME_CLAIM_TYPE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_GROUPS_CLAIM_TYPE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_SCOPE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_ALLOWED_CLOCK_SKEW" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_MAX_TOKEN_VALIDITY" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "openid" "key" "OPENID_MAX_NONCE_VALIDITY" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* CAS */}}
|
||||||
|
{{- if (get .Values.guacamole "cas").CAS_AUTHORIZATION_ENDPOINT }}
|
||||||
|
{{ include "guac.env" (dict "ob" "cas" "key" "CAS_AUTHORIZATION_ENDPOINT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "cas" "key" "CAS_REDIRECT_URI" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "cas" "key" "CAS_CLEARPASS_KEY" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "cas" "key" "CAS_GROUP_ATTRIBUTE" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "cas" "key" "CAS_GROUP_FORMAT" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "cas" "key" "CAS_GROUP_LDAP_BASE_DN" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "cas" "key" "CAS_GROUP_LDAP_ATTRIBUTE" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
{{/* JSON */}}
|
||||||
|
{{- if (get .Values.guacamole "json").JSON_SECRET_KEY }}
|
||||||
|
{{ include "guac.env" (dict "ob" "json" "key" "JSON_SECRET_KEY" "rootCtx" $) }}
|
||||||
|
{{ include "guac.env" (dict "ob" "json" "key" "JSON_TRUSTED_NETWORKS" "rootCtx" $) }}
|
||||||
|
{{- end }}
|
||||||
|
db-init:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
{{- $filename := "/tc-init/initdb.sql" }}
|
||||||
|
create-seed.sh: |
|
||||||
|
echo "Creating [{{ $filename }}] file..."
|
||||||
|
/opt/guacamole/bin/initdb.sh --postgresql > {{ $filename }}
|
||||||
|
if [ -f {{ $filename }} ]; then
|
||||||
|
echo "File [{{ $filename }}] created successfully!"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
echo "File [{{ $filename }}] failed to create."
|
||||||
|
exit 1
|
||||||
|
apply-seed.sh: |
|
||||||
|
export PGPASSWORD="$POSTGRESQL_PASSWORD"
|
||||||
|
until
|
||||||
|
pg_isready --username="$POSTGRESQL_USER" --host="$POSTGRESQL_HOSTNAME" --port="$POSTGRESQL_PORT"
|
||||||
|
do
|
||||||
|
echo "Waiting for PostgreSQL to start..."
|
||||||
|
sleep 2
|
||||||
|
done
|
||||||
|
psql --host="$POSTGRESQL_HOSTNAME" --port="$POSTGRESQL_PORT" \
|
||||||
|
--username="$POSTGRESQL_USER" --dbname="$POSTGRESQL_DATABASE" \
|
||||||
|
--no-password --command='SELECT * FROM public.guacamole_user' \
|
||||||
|
--output=/dev/null --quiet
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
echo "Database already initialized."
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
if [ ! -f {{ $filename }} ]; then
|
||||||
|
echo "File [{{ $filename }}] does not exist."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "Initializing database from [{{ $filename }}] file..."
|
||||||
|
psql --host="$POSTGRESQL_HOSTNAME" --port="$POSTGRESQL_PORT" \
|
||||||
|
--username="$POSTGRESQL_USER" --dbname="$POSTGRESQL_DATABASE" \
|
||||||
|
--no-password --quiet --output=/dev/null --file={{ $filename }}
|
||||||
|
if [ $? -eq 0 ]; then
|
||||||
|
echo "Database initialized successfully!"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
echo "Database failed to initialize."
|
||||||
|
exit 1
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- define "guac.env" -}}
|
||||||
|
{{- $key := .key -}}
|
||||||
|
{{- $ob := .ob -}}
|
||||||
|
{{- $rootCtx := .rootCtx -}}
|
||||||
|
{{- $object := (get $rootCtx.Values.guacamole $ob) -}}
|
||||||
|
|
||||||
|
{{- if $object -}}
|
||||||
|
{{- if hasKey $object $key -}}
|
||||||
|
{{- if not (kindIs "invalid" $key) -}}
|
||||||
|
{{- printf "%v: %v" $key (get $object $key | quote) -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,10 @@
|
||||||
|
{{/* Make sure all variables are set properly */}}
|
||||||
|
{{ include "tc.v1.common.loader.init" . }}
|
||||||
|
|
||||||
|
{{- $configmap := (include "guacamole.configmap" $ | fromYaml) -}}
|
||||||
|
{{- if $configmap -}}
|
||||||
|
{{- $_ := mustMergeOverwrite .Values.configmap $configmap -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* Render the templates */}}
|
||||||
|
{{ include "tc.v1.common.loader.apply" . }}
|
|
@ -0,0 +1,5 @@
|
||||||
|
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/guacamole.png
|
||||||
|
categories:
|
||||||
|
- utilities
|
||||||
|
|
||||||
|
screenshots: []
|
Loading…
Reference in New Issue