truecharts.local
/
catalog
mirror of https://github.com/truecharts/catalog.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Commit new Chart releases for TrueCharts 

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot 2023-05-28 09:41:23 +00:00
parent 669a56f0e9
commit 5cdd21f6fe
36 changed files with 6011 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
enterprise/clusterissuer/1.0.0/CHANGELOG.md Normal file
View File

@ -0,0 +1,13 @@
**Important:**
*for the complete changelog, please refer to the website*
## [clusterissuer-1.0.0]clusterissuer-1.0.0 (2023-05-28)
### Chore
- rename metallb to metallb-config and cert-manager to clusterissuer ([#9202](https://github.com/truecharts/charts/issues/9202))

29
enterprise/clusterissuer/1.0.0/Chart.yaml Normal file
View File

@ -0,0 +1,29 @@
apiVersion: v2
appVersion: "latest"
deprecated: false
description: Certificate management for Kubernetes
home: https://truecharts.org/charts/enterprise/cert-manager
icon: https://truecharts.org/img/hotlink-ok/chart-icons/cert-manager.png
keywords:
- cert-manager
- certificates
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 12.10.4
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: clusterissuer
sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/cert-manager
- https://cert-manager.io/
type: application
version: 1.0.0
annotations:
truecharts.org/catagories: |
- core
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

106
enterprise/clusterissuer/1.0.0/LICENSE Normal file
View File

@ -0,0 +1,106 @@
Business Source License 1.1
Parameters
Licensor: The TrueCharts Project, it's owner and it's contributors
Licensed Work: The TrueCharts "Cert-Manager" Helm Chart
Additional Use Grant: You may use the licensed work in production, as long
as it is directly sourced from a TrueCharts provided
official repository, catalog or source. You may also make private
modification to the directly sourced licenced work,
when used in production.
The following cases are, due to their nature, also
defined as 'production use' and explicitly prohibited:
- Bundling, including or displaying the licensed work
with(in) another work intended for production use,
with the apparent intend of facilitating and/or
promoting production use by third parties in
violation of this license.
Change Date: 2050-01-01
Change License: 3-clause BSD license
For information about alternative licensing arrangements for the Software,
please contact: legal@truecharts.org
Notice
The Business Source License (this document, or the “License”) is not an Open
Source license. However, the Licensed Work will eventually be made available
under an Open Source License, as stated in this License.
License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
“Business Source License” is a trademark of MariaDB Corporation Ab.
-----------------------------------------------------------------------------
Business Source License 1.1
Terms
The Licensor hereby grants you the right to copy, modify, create derivative
works, redistribute, and make non-production use of the Licensed Work. The
Licensor may make an Additional Use Grant, above, permitting limited
production use.
Effective on the Change Date, or the fourth anniversary of the first publicly
available distribution of a specific version of the Licensed Work under this
License, whichever comes first, the Licensor hereby grants you rights under
the terms of the Change License, and the rights granted in the paragraph
above terminate.
If your use of the Licensed Work does not comply with the requirements
currently in effect as described in this License, you must purchase a
commercial license from the Licensor, its affiliated entities, or authorized
resellers, or you must refrain from using the Licensed Work.
All copies of the original and modified Licensed Work, and derivative works
of the Licensed Work, are subject to this License. This License applies
separately for each version of the Licensed Work and the Change Date may vary
for each version of the Licensed Work released by Licensor.
You must conspicuously display this License on each original or modified copy
of the Licensed Work. If you receive the Licensed Work in original or
modified form from a third party, the terms and conditions set forth in this
License apply to your use of that work.
Any use of the Licensed Work in violation of this License will automatically
terminate your rights under this License for the current and all other
versions of the Licensed Work.
This License does not grant you any right in any trademark or logo of
Licensor or its affiliates (provided that you may use a trademark or logo of
Licensor as expressly required by this License).
TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
TITLE.
MariaDB hereby grants you permission to use this Licenses text to license
your works, and to refer to it using the trademark “Business Source License”,
as long as you comply with the Covenants of Licensor below.
Covenants of Licensor
In consideration of the right to use this Licenses text and the “Business
Source License” name and trademark, Licensor covenants to MariaDB, and to all
other recipients of the licensed work to be provided by Licensor:
1. To specify as the Change License the GPL Version 2.0 or any later version,
or a license that is compatible with GPL Version 2.0 or a later version,
where “compatible” means that software provided under the Change License can
be included in a program with software provided under GPL Version 2.0 or a
later version. Licensor may specify additional Change Licenses without
limitation.
2. To either: (a) specify an additional grant of rights to use that does not
impose any additional restriction on the right granted in this License, as
the Additional Use Grant; or (b) insert the text “None”.
3. To specify a Change Date.
4. Not to modify this License in any other way.

27
enterprise/clusterissuer/1.0.0/README.md Normal file
View File

@ -0,0 +1,27 @@
# README
## General Info
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
However only installations using the TrueNAS SCALE Apps system are supported.
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
*All Rights Reserved - The TrueCharts Project*

9
enterprise/clusterissuer/1.0.0/app-changelog.md Normal file
View File

@ -0,0 +1,9 @@
## [clusterissuer-1.0.0]clusterissuer-1.0.0 (2023-05-28)
### Chore
- rename metallb to metallb-config and cert-manager to clusterissuer ([#9202](https://github.com/truecharts/charts/issues/9202))

8
enterprise/clusterissuer/1.0.0/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
Certificate management for Kubernetes
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/clusterissuer](https://truecharts.org/charts/enterprise/clusterissuer)
---
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!

BIN
enterprise/clusterissuer/1.0.0/charts/common-12.10.4.tgz Normal file
View File

Binary file not shown.

4422
enterprise/clusterissuer/1.0.0/crds/cert-manager.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

80
enterprise/clusterissuer/1.0.0/ix_values.yaml Normal file
View File

@ -0,0 +1,80 @@
image:
repository: tccr.io/truecharts/scratch
tag: latest@sha256:9dd0f68d32ace452a3a75273bd8e3a074d0a14e4d38683389c73887432832fc3
pullPolicy: IfNotPresent
manifestManager:
enabled: true
workload:
main:
enabled: false
podSpec:
containers:
main:
enabled: false
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
service:
main:
enabled: false
ports:
main:
enabled: false
port: 9999
portal:
open:
enabled: false
clusterIssuer:
selfSigned:
enabled: true
name: "selfsigned"
CA: []
# - name: myca
# selfSigned: true
# selfSignedCommonName: "my-selfsigned-ca"
# # Used to manually define a CA-crt not used when selfSigned is enabled
# crt: ""
# key: ""
# # TODO: Add option to use SCALE CA certs
ACME: []
# - name: letsencrypt
# # Used for both logging in to the DNS provider AND ACME registration
# email: ""
# server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
# # Used primarily for the SCALE GUI
# customServer: 'https://acme-staging-v02.api.letsencrypt.org/directory'
# email: ""
# # Options: HTTP01, cloudflare, route53
# type: ""
# # for cloudflare
# cfapikey: ""
# cfapitoken: ""
# # for route53
# region: ""
# accessKeyID: ""
# route53SecretAccessKey: ""
# # optional for route53
# role: ""
# # for akamai
# serviceConsumerDomain: ""
# akclientToken: ""
# akclientSecret: ""
# akaccessToken: ""
# # for digitalocean
# doaccessToken: ""
# # for rfc2136
# nameserver: ""
# tsigKeyName: ""
# tsigAlgorithm: ""
# rfctsigSecret: ""
customMetrics:
enabled: true

327
enterprise/clusterissuer/1.0.0/questions.yaml Normal file
View File

@ -0,0 +1,327 @@
groups:
- name: Container Image
description: Image to be used for container
- name: General Settings
description: General Deployment Settings
- name: Workload Settings
description: Workload Settings
- name: App Configuration
description: App Specific Config Options
- name: Networking and Services
description: Configure Network and Services for Container
- name: Storage and Persistence
description: Persist and Share Data that is Separate from the Container
- name: Ingress
description: Ingress Configuration
- name: Security and Permissions
description: Configure Security Context and Permissions
- name: Resources and Devices
description: "Specify Resources/Devices to be Allocated to Workload"
- name: Middlewares
description: Traefik Middlewares
- name: Metrics
description: Metrics
- name: Addons
description: Addon Configuration
- name: Advanced
description: Advanced Configuration
- name: Postgresql
description: Postgresql
- name: Documentation
description: Documentation
questions:
- variable: global
group: General Settings
label: "Global Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: stopAll
label: Stop All
description: "Stops All Running pods and hibernates cnpg"
schema:
type: boolean
default: false
- variable: clusterIssuer
group: App Configuration
label: Cluster Certificate Issuer
schema:
additional_attrs: true
type: dict
attrs:
- variable: ACME
label: 'ACME Issuer'
schema:
type: list
default: []
items:
- variable: ACMEEntry
label: 'ACME Issuer Entry'
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: "Name to give the issuer"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: ""
- variable: type
label: Type or DNS-Provider
description: DNS Provider
schema:
type: string
default: cloudflare
enum:
- value: cloudflare
description: Cloudflare
- value: route53
description: Route53
- value: akamai
description: Akamai
- value: digitalocean
description: Digitalocean
- value: rfc2136
description: rfc2136 (Advanced)
- value: HTTP01
description: HTTP01 (Experimental)
- variable: server
label: Server
description: "Server for ACME, for example: letsencrypt"
schema:
type: string
show_if: [["type", "!=", "HTTP01"]]
default: 'Letsencrypt-Production'
enum:
- value: 'https://acme-v02.api.letsencrypt.org/directory'
description: Letsencrypt-Production
- value: 'https://acme-staging-v02.api.letsencrypt.org/directory'
description: Letsencrypt-Staging
- value: 'https://api.buypass.no/acme-v02/directory'
description: BuyPass-Production
- value: 'https://api.test4.buypass.no/acme-v02/directory'
description: BuyPass-Staging
- value: custom
description: Custom
- variable: customServer
label: Custom ACME Server (Advanced)
description: "This can be used to enter your own custom ACME server"
schema:
type: string
show_if: [["server", "=", "custom"]]
default: 'https://acme-staging-v02.api.letsencrypt.org/directory'
- variable: email
label: Email
description: "Email adress to use for certificate issuing must match your DNS provider email when required"
schema:
type: string
required: true
show_if: [["type", "!=", "HTTP01"]]
default: "something@example.com"
- variable: cfapikey
label: CloudFlare API key
description: "CloudFlare API Key"
schema:
show_if: [["type", "=", "cloudflare"]]
type: string
default: ""
- variable: cfapitoken
label: CloudFlare API Token
description: "CloudFlare API Token"
schema:
show_if: [["type", "=", "cloudflare"]]
type: string
default: ""
- variable: region
label: Route53 Region
description: "Route 53 Region"
schema:
show_if: [["type", "=", "route53"]]
type: string
required: true
default: "us-west-1"
- variable: accessKeyID
label: Route53 accessKeyID
description: "Route53 accessKeyID"
schema:
show_if: [["type", "=", "route53"]]
type: string
required: true
default: ""
- variable: route53SecretAccessKey
label: Route53 Secret Access Key
description: "Route53 Secret Access Key"
schema:
show_if: [["type", "=", "route53"]]
type: string
required: true
default: ""
- variable: role
label: Route53 Role (optional)
description: "Route53 Role"
schema:
show_if: [["type", "=", "route53"]]
type: string
default: ""
- variable: serviceConsumerDomain
label: Akamai Service Consumer Domain
description: "Akamai Service Consumer Domain"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: akclientToken
label: Akamai Client Token
description: "Client Token"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: akclientSecret
label: Akamai Client Secret
description: "Akamai Client Secret"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: akaccessToken
label: Akamai Access Token
description: "Akamai Access Token"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: doaccessToken
label: Digitalocean Access Token
description: "Digitalocean Access Token"
schema:
show_if: [["type", "=", "digitalocean"]]
type: string
required: true
default: ""
- variable: nameserver
label: rfc2136 Namesever
description: "rfc2136 Namesever"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: tsigKeyName
label: rfc2136 tsig Key Name
description: "rfc2136 tsig Key Name"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: tsigAlgorithm
label: rfc2136 tsig Algorithm
description: "rfc2136 tsig Algorithm"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: rfctsigSecret
label: rfc2136 sig Secret
description: "rfc2136 sig Secret"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: CA
label: Certificate Authority Issuer
schema:
type: list
default: []
items:
- variable: CAEntry
label: 'CA Issuer Entry'
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: "Name to give the issuer"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: ""
- variable: selfSigned
label: selfSigned
description: "Create Self Signed CA cert"
schema:
type: boolean
default: true
- variable: selfSignedCommonName
label: selfSigned CommonName
description: "Common name for selfSigned Certiticate Authority"
schema:
type: string
required: true
show_if: [["selfSigned", "=", "true"]]
default: "my-selfsigned-ca"
- variable: crt
label: "Custom CA cert (experimental)"
description: "certificate for Certiticate Authority"
schema:
type: string
required: true
show_if: [["selfSigned", "=", "false"]]
default: ""
- variable: key
label: "Custom CA key (experimental)"
description: "key Certiticate Authority"
schema:
type: string
required: true
show_if: [["selfSigned", "=", "false"]]
default: ""
- variable: selfSigned
label: 'SelfSigned Issuer'
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
description: "Enable self-signed issuer"
schema:
type: boolean
default: true
- variable: name
label: Name
description: "Name to give the issuer"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: "selfsigned"
- variable: customMetrics
group: Metrics
label: Prometheus Metrics
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
description: Enable Prometheus Metrics
schema:
type: boolean
default: true

1
enterprise/clusterissuer/1.0.0/templates/NOTES.txt Normal file
View File

@ -0,0 +1 @@
{{- include "tc.v1.common.lib.chart.notes" $ -}}

26
enterprise/clusterissuer/1.0.0/templates/_metrics.tpl Normal file
View File

@ -0,0 +1,26 @@
{{- define "certmanager.metrics" -}}
{{- if .Values.customMetrics.enabled }}
---
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: cert-manager
namespace: cert-manager
labels:
app: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
spec:
jobLabel: app.kubernetes.io/name
selector:
matchLabels:
app: cert-manager
app.kubernetes.io/name: cert-manager
app.kubernetes.io/instance: cert-manager
app.kubernetes.io/component: "controller"
podMetricsEndpoints:
- port: http
honorLabels: true
{{- end }}
{{- end -}}

96
enterprise/clusterissuer/1.0.0/templates/clusterissuer/_ACME.tpl Normal file
View File

@ -0,0 +1,96 @@
{{- define "certmanager.clusterissuer.acme" -}}
{{- range .Values.clusterIssuer.ACME }}
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name) -}}
{{- fail "ACME - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
{{- end -}}
{{- $validTypes := list "HTTP01" "cloudflare" "route53" "digitalocean" "akamai" "rfc2136" -}}
{{- if not (mustHas .type $validTypes) -}}
{{- fail (printf "Expected ACME type to be one of [%s], but got [%s]" (join ", " $validTypes) .type) -}}
{{- end -}}
{{- $issuerSecretName := printf "%s-clusterissuer-secret" .name }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .name }}
spec:
acme:
email: {{ .email }}
server: {{ if eq .server "custom" }}{{ .customServer }}{{ else }}{{ .server }}{{ end }}
privateKeySecretRef:
name: {{ .name }}-acme-clusterissuer-account-key
solvers:
{{- if eq .type "HTTP01" }}
- http01:
ingress:
{{- else }}
- dns01:
{{- if eq .type "cloudflare" }}
cloudflare:
email: {{ .email }}
{{- if .cfapitoken }}
apiTokenSecretRef:
name: {{ $issuerSecretName }}
key: cf-api-token
{{- else if .cfapikey }}
apiKeySecretRef:
name: {{ $issuerSecretName }}
key: cf-api-key
{{- else -}}
{{- fail "A cloudflare API key or token is required" -}}
{{- end -}}
{{- else if eq .type "route53" }}
route53:
region: {{ .region }}
accessKeyID: {{ .accessKeyID }}
{{- if .role }}
role: {{ .role }}
{{- end }}
secretAccessKeySecretRef:
name: {{ $issuerSecretName }}
key: route53-secret-access-key
{{- else if eq .type "akamai" }}
akamai:
serviceConsumerDomain: {{ .serviceConsumerDomain }}
clientTokenSecretRef:
name: {{ $issuerSecretName }}
key: akclientToken
clientSecretSecretRef:
name: {{ $issuerSecretName }}
key: akclientSecret
accessTokenSecretRef:
name: {{ $issuerSecretName }}
key: akaccessToken
{{- else if eq .type "digitalocean" }}
digitalocean:
tokenSecretRef:
name: {{ $issuerSecretName }}
key: doaccessToken
{{- else if eq .type "rfc2136" }}
rfc2136:
nameserver: {{ .nameserver }}
tsigKeyName: {{ .tsigKeyName }}
tsigAlgorithm: {{ .tsigAlgorithm }}
tsigSecretSecretRef:
name: {{ $issuerSecretName }}
key: rfctsigSecret
{{- end -}}
{{- end }}
---
apiVersion: v1
kind: Secret
metadata:
namespace: cert-manager
name: {{ $issuerSecretName }}
type: Opaque
stringData:
cf-api-token: {{ .cfapitoken | default "" }}
cf-api-key: {{ .cfapikey | default "" }}
route53-secret-access-key: {{ .route53SecretAccessKey | default "" }}
akclientToken: {{ .akclientToken | default "" }}
akclientSecret: {{ .akclientSecret | default "" }}
akaccessToken: {{ .akaccessToken | default "" }}
doaccessToken: {{ .doaccessToken | default "" }}
rfctsigSecret: {{ .rfctsigSecret | default "" }}
{{- end }}
{{- end -}}

51
enterprise/clusterissuer/1.0.0/templates/clusterissuer/_CA.tpl Normal file
View File

@ -0,0 +1,51 @@
{{- define "certmanager.clusterissuer.ca" -}}
{{- range .Values.clusterIssuer.CA }}
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name) -}}
{{- fail "CA - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
{{- end -}}
{{- if .selfSigned }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .name }}-selfsigned-ca-issuer
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .name }}-selfsigned-ca
namespace: cert-manager
spec:
isCA: true
commonName: {{ .selfSignedCommonName }}
secretName: {{ .name }}-ca
privateKey:
algorithm: ECDSA
size: 256
issuerRef:
name: selfsigned-ca-issuer
kind: ClusterIssuer
group: cert-manager.io
{{- else }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}-ca
namespace: cert-manager
data:
tls.crt: {{ .crt | b64enc }}
tls.key: {{ .key | b64enc }}
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .name }}
spec:
ca:
secretName: {{ .name }}-ca
{{- end }}
{{- end -}}

14
enterprise/clusterissuer/1.0.0/templates/clusterissuer/_selfSigned.tpl Normal file
View File

@ -0,0 +1,14 @@
{{- define "certmanager.clusterissuer.selfsigned" -}}
{{- if .Values.clusterIssuer.selfSigned.enabled -}}
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .Values.clusterIssuer.selfSigned.name) -}}
{{- fail "Self Singed Issuer - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .Values.clusterIssuer.selfSigned.name }}
spec:
selfSigned: {}
{{- end }}
{{- end -}}

10
enterprise/clusterissuer/1.0.0/templates/common.yaml Normal file
View File

@ -0,0 +1,10 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.v1.common.loader.init" . }}
{{/* Render the templates */}}
{{ include "tc.v1.common.loader.apply" . }}
{{- include "certmanager.clusterissuer.acme" . }}
{{- include "certmanager.clusterissuer.selfsigned" . }}
{{- include "certmanager.clusterissuer.ca" . }}
{{- include "certmanager.metrics" . }}

0
enterprise/clusterissuer/1.0.0/values.yaml Normal file
View File

4
enterprise/clusterissuer/item.yaml Normal file
View File

@ -0,0 +1,4 @@
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/cert-manager.png
categories:
- core

13
enterprise/metallb-config/1.0.0/CHANGELOG.md Normal file
View File

@ -0,0 +1,13 @@
**Important:**
*for the complete changelog, please refer to the website*
## [metallb-config-1.0.0]metallb-config-1.0.0 (2023-05-28)
### Chore
- rename metallb to metallb-config and cert-manager to clusterissuer ([#9202](https://github.com/truecharts/charts/issues/9202))

30
enterprise/metallb-config/1.0.0/Chart.yaml Normal file
View File

@ -0,0 +1,30 @@
apiVersion: v2
appVersion: "latest"
deprecated: false
description: A network load-balancer implementation for Kubernetes using standard routing protocols
home: https://truecharts.org/charts/enterprise/metallb
icon: https://truecharts.org/img/hotlink-ok/chart-icons/metallb.png
keywords:
- metallb
- loadbalancer
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 12.10.4
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: metallb-config
sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/metallb
- https://github.com/metallb/metallb
- https://metallb.universe.tf
type: application
version: 1.0.0
annotations:
truecharts.org/catagories: |
- core
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

106
enterprise/metallb-config/1.0.0/LICENSE Normal file
View File

@ -0,0 +1,106 @@
Business Source License 1.1
Parameters
Licensor: The TrueCharts Project, it's owner and it's contributors
Licensed Work: The TrueCharts "MetalLB" Helm Chart
Additional Use Grant: You may use the licensed work in production, as long
as it is directly sourced from a TrueCharts provided
official repository, catalog or source. You may also make private
modification to the directly sourced licenced work,
when used in production.
The following cases are, due to their nature, also
defined as 'production use' and explicitly prohibited:
- Bundling, including or displaying the licensed work
with(in) another work intended for production use,
with the apparent intend of facilitating and/or
promoting production use by third parties in
violation of this license.
Change Date: 2050-01-01
Change License: 3-clause BSD license
For information about alternative licensing arrangements for the Software,
please contact: legal@truecharts.org
Notice
The Business Source License (this document, or the “License”) is not an Open
Source license. However, the Licensed Work will eventually be made available
under an Open Source License, as stated in this License.
License text copyright (c) 2017 MariaDB Corporation Ab, All Rights Reserved.
“Business Source License” is a trademark of MariaDB Corporation Ab.
-----------------------------------------------------------------------------
Business Source License 1.1
Terms
The Licensor hereby grants you the right to copy, modify, create derivative
works, redistribute, and make non-production use of the Licensed Work. The
Licensor may make an Additional Use Grant, above, permitting limited
production use.
Effective on the Change Date, or the fourth anniversary of the first publicly
available distribution of a specific version of the Licensed Work under this
License, whichever comes first, the Licensor hereby grants you rights under
the terms of the Change License, and the rights granted in the paragraph
above terminate.
If your use of the Licensed Work does not comply with the requirements
currently in effect as described in this License, you must purchase a
commercial license from the Licensor, its affiliated entities, or authorized
resellers, or you must refrain from using the Licensed Work.
All copies of the original and modified Licensed Work, and derivative works
of the Licensed Work, are subject to this License. This License applies
separately for each version of the Licensed Work and the Change Date may vary
for each version of the Licensed Work released by Licensor.
You must conspicuously display this License on each original or modified copy
of the Licensed Work. If you receive the Licensed Work in original or
modified form from a third party, the terms and conditions set forth in this
License apply to your use of that work.
Any use of the Licensed Work in violation of this License will automatically
terminate your rights under this License for the current and all other
versions of the Licensed Work.
This License does not grant you any right in any trademark or logo of
Licensor or its affiliates (provided that you may use a trademark or logo of
Licensor as expressly required by this License).
TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON
AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS,
EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND
TITLE.
MariaDB hereby grants you permission to use this Licenses text to license
your works, and to refer to it using the trademark “Business Source License”,
as long as you comply with the Covenants of Licensor below.
Covenants of Licensor
In consideration of the right to use this Licenses text and the “Business
Source License” name and trademark, Licensor covenants to MariaDB, and to all
other recipients of the licensed work to be provided by Licensor:
1. To specify as the Change License the GPL Version 2.0 or any later version,
or a license that is compatible with GPL Version 2.0 or a later version,
where “compatible” means that software provided under the Change License can
be included in a program with software provided under GPL Version 2.0 or a
later version. Licensor may specify additional Change Licenses without
limitation.
2. To either: (a) specify an additional grant of rights to use that does not
impose any additional restriction on the right granted in this License, as
the Additional Use Grant; or (b) insert the text “None”.
3. To specify a Change Date.
4. Not to modify this License in any other way.

27
enterprise/metallb-config/1.0.0/README.md Normal file
View File

@ -0,0 +1,27 @@
# README
## General Info
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
However only installations using the TrueNAS SCALE Apps system are supported.
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
*All Rights Reserved - The TrueCharts Project*

9
enterprise/metallb-config/1.0.0/app-changelog.md Normal file
View File

@ -0,0 +1,9 @@
## [metallb-config-1.0.0]metallb-config-1.0.0 (2023-05-28)
### Chore
- rename metallb to metallb-config and cert-manager to clusterissuer ([#9202](https://github.com/truecharts/charts/issues/9202))

8
enterprise/metallb-config/1.0.0/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
A network load-balancer implementation for Kubernetes using standard routing protocols
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/metallb-config](https://truecharts.org/charts/enterprise/metallb-config)
---
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!

BIN
enterprise/metallb-config/1.0.0/charts/common-12.10.4.tgz Normal file
View File

Binary file not shown.

72
enterprise/metallb-config/1.0.0/ix_values.yaml Normal file
View File

@ -0,0 +1,72 @@
image:
repository: tccr.io/truecharts/scratch
tag: latest@sha256:9dd0f68d32ace452a3a75273bd8e3a074d0a14e4d38683389c73887432832fc3
pullPolicy: IfNotPresent
manifestManager:
enabled: true
workload:
main:
enabled: false
podSpec:
containers:
main:
enabled: false
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
service:
main:
enabled: false
ports:
main:
enabled: false
port: 9999
portal:
open:
enabled: false
ipAddressPools: []
# - name: example
# autoAssign: true
# avoidBuggyIPs: true
# addresses:
# - 192.168.1.1-192.168.1.100
L2Advertisements: []
# - name: l2adv
# addressPools:
# - pool1
# nodeSelectors:
# - nodeA
BGPAdvertisements: []
# - name: bgpadv
# addressPools:
# - pool1
# aggregationLength: 24
# localpref: 100
# communities:
# - 1234:1
# peers:
# - peer1
Communities: []
# - name: community1
# value: 1234:1
Peers: []
# - name: peer1
# myASN: 1234
# password: pass
# routerID: 1234
# bfdProfile: profile
# ebgpMultiHop: false
# holdTime: 10
# keepaliveTime: 10
# peerAddress: 172.30.0.2
# peerPort: 179
# sourceAddress: 172.30.0.3
# nodeSelectors:
# - nodeA

364
enterprise/metallb-config/1.0.0/questions.yaml Normal file
View File

@ -0,0 +1,364 @@
groups:
- name: Container Image
description: Image to be used for container
- name: General Settings
description: General Deployment Settings
- name: Workload Settings
description: Workload Settings
- name: App Configuration
description: App Specific Config Options
- name: Networking and Services
description: Configure Network and Services for Container
- name: Storage and Persistence
description: Persist and Share Data that is Separate from the Container
- name: Ingress
description: Ingress Configuration
- name: Security and Permissions
description: Configure Security Context and Permissions
- name: Resources and Devices
description: "Specify Resources/Devices to be Allocated to Workload"
- name: Middlewares
description: Traefik Middlewares
- name: Metrics
description: Metrics
- name: Addons
description: Addon Configuration
- name: Advanced
description: Advanced Configuration
- name: Postgresql
description: Postgresql
- name: Documentation
description: Documentation
questions:
- variable: global
group: General Settings
label: "Global Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: stopAll
label: Stop All
description: "Stops All Running pods and hibernates cnpg"
schema:
type: boolean
default: false
- variable: ipAddressPools
group: App Configuration
label: IP Address Pools Object
schema:
type: list
default: []
items:
- variable: ipAddressPoolsEntry
label: IP Address Pool Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: Name of the IP address pool
schema:
type: string
required: true
default: ""
- variable: autoAssign
label: Auto Assign
description: AutoAssign flag used to prevent MetallB from automatic
allocation for a pool.
schema:
type: boolean
default: true
- variable: avoidBuggyIPs
label: Avoid Buggy IPs
description: AvoidBuggyIPs prevents addresses ending with .0 and .255
to be used by a pool.
schema:
type: boolean
default: false
- variable: addresses
label: Addresses Pools
description: A list of IP address ranges over which MetalLB has authority.
You can list multiple ranges in a single pool, they will all share
the same settings. Each range can be either a CIDR prefix, or an
explicit start-end range of IPs.
schema:
type: list
default: []
items:
- variable: addressPoolEntry
label: Address Pool Entry
schema:
type: string
default: ""
required: true
- variable: L2Advertisements
group: App Configuration
label: L2 Advertisements
description: L2Advertisement allows to advertise the LoadBalancer IPs provided
by the selected pools via L2.
schema:
type: list
default: []
items:
- variable: L2AdvertisementEntry
label: L2 Advertisement Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: Name of the L2 Advertisement
schema:
type: string
required: true
default: ""
- variable: addressPools
label: Address Pools
description: The list of IPAddressPools to advertise via this advertisement,
selected by name.
schema:
type: list
default: []
items:
- variable: addressPoolEntry
label: Address Pool Entry
schema:
type: string
default: ""
required: true
- variable: nodeSelectors
label: Node Selectors
description: NodeSelectors allows to limit the nodes to announce as
next hops for the LoadBalancer IP. When empty, all the nodes having are
announced as next hops.
schema:
type: list
default: []
items:
- variable: nodeSelectorEntry
label: Node Selector Entry
schema:
type: string
default: ""
required: true
- variable: Communities
group: App Configuration
label: Communities
description: Community is a collection of aliases for communities. Users can
define named aliases to be used in the BGPPeer CRD.
schema:
type: list
default: []
items:
- variable: CommunityEntry
label: Community Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: The name of the alias for the community.
schema:
type: string
required: true
default: ""
- variable: value
label: Value
description: The BGP community value corresponding to the given name.
schema:
type: string
required: true
default: ""
- variable: Peers
group: App Configuration
label: Peers
description: BGPPeer is the Schema for the peers API.
schema:
type: list
default: []
items:
- variable: PeerEntry
label: Peer Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: The name of the peer.
schema:
type: string
required: true
default: ""
- variable: bfdProfile
label: BFD Profile
description: The name of the BFD Profile to be used for the BFD session
associated to the BGP session. If not set, the BFD session won't
be set up.
schema:
type: string
default: ""
- variable: ebgpMultiHop
label: EBGP MultiHop
description: TTo set if the BGPPeer is multi-hops away. Needed for
FRR mode only.
schema:
type: boolean
default: false
- variable: holdTime
label: Hold Time
description: Requested BGP hold time, per RFC4271.
schema:
type: int
- variable: keepaliveTime
label: Keep Alive Time
description: Requested BGP keep alive time, per RFC4271.
schema:
type: int
- variable: myASN
label: My ASN
description: AS number to use for the local end of the session.
schema:
type: int
- variable: password
label: Password
description: Authentication password for routers enforcing TCP MD5
authenticated sessions
schema:
type: string
private: true
default: ""
- variable: peerASN
label: Peer ASN
description: AS number to expect from the remote end of the session.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: peerAddress
label: Peer Address
description: Address to dial when establishing the session.
schema:
type: string
default: ""
- variable: peerPort
label: Peer Port
description: Port to dial when establishing the session.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: routerID
label: Router ID
description: BGP router ID to advertise to the peer
schema:
type: string
default: ""
- variable: sourceAddress
label: Source Address
description: Source address to use when establishing the session.
schema:
type: string
default: ""
- variable: nodeSelectors
label: Node Selectors
description: Only connect to this peer on nodes that match one of
these selectors.
schema:
type: list
default: []
items:
- variable: nodeSelectorEntry
label: Node Selector Entry
schema:
type: string
default: ""
required: true
- variable: BGPAdvertisements
group: App Configuration
label: BGP Advertisements
description: BGPAdvertisement allows to advertise the IPs coming from the
selected IPAddressPools via BGP.
schema:
type: list
default: []
items:
- variable: BGPAdvertisementEntry
label: BGP Advertisement Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: Name of the BGP Advertisement
schema:
type: string
required: true
default: ""
- variable: addressPools
label: Address Pools
description: The list of IPAddressPools to advertise via this advertisement,
selected by name.
schema:
type: list
default: []
items:
- variable: addressPoolEntry
label: Address Pool Entry
schema:
type: string
default: ""
required: true
- variable: aggregationLength
label: Aggregation Length
description: The aggregation-length advertisement option lets you
"roll up" the /32s into a larger prefix. Defaults to 32. Works for
IPv4 addresses.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: localpref
label: Local Pref
description: The BGP LOCAL_PREF attribute which is used by BGP best
path algorithm, Path with higher localpref is preferred over one
with lower localpref.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: communities
label: Communities
description: The BGP communities to be associated with the announcement.
Each item can be a community of the form 1234:1234 or the name of
an alias defined in the Community CRD.
schema:
type: list
default: []
items:
- variable: communityEntry
label: Community Entry
schema:
type: string
default: ""
required: true
- variable: peers
label: Peers
description: Peers limits the BGPpeer to advertise the ips of the
selected pools to. When empty, the loadbalancer IP is announced
to all the BGPPeers configured.
schema:
type: list
default: []
items:
- variable: peerEntry
label: Peer Entry
schema:
type: string
default: ""
required: true

1
enterprise/metallb-config/1.0.0/templates/NOTES.txt Normal file
View File

@ -0,0 +1 @@
{{- include "tc.v1.common.lib.chart.notes" $ -}}

33
enterprise/metallb-config/1.0.0/templates/_bgpadvertisement.tpl Normal file
View File

@ -0,0 +1,33 @@
{{- define "metallb.bgpadv" -}}
{{- range .Values.BGPAdvertisements }}
---
apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: {{ .name }}
namespace: metallb-system
spec:
ipAddressPools:
{{- range .addressPools }}
- {{ . }}
{{- end }}
{{- with .aggregationLength }}
aggregationLength: {{ . | int }}
{{- end }}
{{- with .localpref }}
localpref: {{ . | int }}
{{- end }}
{{- if .communities }}
communities:
{{- range .communities }}
- {{ . }}
{{- end }}
{{- end }}
{{- if .peers }}
peers:
{{- range .peers }}
- {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

16
enterprise/metallb-config/1.0.0/templates/_community.tpl Normal file
View File

@ -0,0 +1,16 @@
{{- define "metallb.comm" -}}
{{- if .Values.Communities }}
---
apiVersion: metallb.io/v1beta1
kind: Community
metadata:
name: communities
namespace: metallb-system
spec:
communities:
{{- range .Values.Communities }}
- name: {{ .name }}
value: {{ .value }}
{{- end }}
{{- end }}
{{- end -}}

17
enterprise/metallb-config/1.0.0/templates/_ipaddresspool.tpl Normal file
View File

@ -0,0 +1,17 @@
{{- define "metallb.pool" -}}
{{- range .Values.ipAddressPools }}
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: {{ .name }}
namespace: metallb-system
spec:
addresses:
{{- range .addresses }}
- {{ . }}
{{- end }}
autoAssign: {{ .autoAssign | default true }}
avoidBuggyIPs: {{ .avoidBuggyIPs | default false }}
{{- end }}
{{- end -}}

22
enterprise/metallb-config/1.0.0/templates/_l2advertisement.tpl Normal file
View File

@ -0,0 +1,22 @@
{{- define "metallb.l2adv" -}}
{{- range .Values.L2Advertisements }}
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: {{ .name }}
namespace: metallb-system
spec:
ipAddressPools:
{{- range .addressPools }}
- {{ . }}
{{- end }}
{{- if .nodeSelectors }}
{{- range .nodeSelectors }}
nodeSelectors:
- matchLabels:
kubernetes.io/hostname: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

51
enterprise/metallb-config/1.0.0/templates/_peers.tpl Normal file
View File

@ -0,0 +1,51 @@
{{- define "metallb.peers" -}}
{{- range .Values.Peers }}
---
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: {{ .name }}
namespace: metallb-system
spec:
{{- with .password }}
password: {{ . }}
{{- end }}
{{- with .routerID }}
routerID: {{ . }}
{{- end }}
{{- with .bfdProfile }}
bfdProfile: {{ . }}
{{- end }}
{{- with .ebgpMultiHop }}
ebgpMultiHop: {{ . }}
{{- end }}
{{- with .holdTime }}
holdTime: {{ . }}
{{- end }}
{{- with .keepaliveTime }}
keepaliveTime: {{ . }}
{{- end }}
{{- with .myASN }}
myASN: {{ . }}
{{- end }}
{{- with .peerASN }}
peerASN: {{ . | int }}
{{- end }}
{{- with .peerAddress }}
peerAddress: {{ . }}
{{- end }}
{{- with .peerPort }}
peerPort: {{ . | int }}
{{- end }}
{{- with .sourceAddress }}
sourceAddress: {{ . }}
{{- end }}
{{- if .nodeSelectors }}
nodeSelectors:
{{- range .nodeSelectors }}
- matchLabels:
kubernetes.io/hostname: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

15
enterprise/metallb-config/1.0.0/templates/common.yaml Normal file
View File

@ -0,0 +1,15 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.v1.common.loader.init" . }}
{{/* Render the templates */}}
{{ include "tc.v1.common.loader.apply" . }}
{{- include "metallb.l2adv" . }}
{{- include "metallb.peers" . }}
{{- include "metallb.bgpadv" . }}
{{- include "metallb.comm" . }}
{{- include "metallb.pool" . }}

0
enterprise/metallb-config/1.0.0/values.yaml Normal file
View File

4
enterprise/metallb-config/item.yaml Normal file
View File

@ -0,0 +1,4 @@
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/metallb.png
categories:
- core