Commit new Chart releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
parent
9a53b7c0c6
commit
8d8a3032b6
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,30 @@
|
||||||
|
# Patterns to ignore when building packages.
|
||||||
|
# This supports shell glob matching, relative path matching, and
|
||||||
|
# negation (prefixed with !). Only one pattern per line.
|
||||||
|
.DS_Store
|
||||||
|
# Common VCS dirs
|
||||||
|
.git/
|
||||||
|
.gitignore
|
||||||
|
.bzr/
|
||||||
|
.bzrignore
|
||||||
|
.hg/
|
||||||
|
.hgignore
|
||||||
|
.svn/
|
||||||
|
# Common backup files
|
||||||
|
*.swp
|
||||||
|
*.bak
|
||||||
|
*.tmp
|
||||||
|
*~
|
||||||
|
# Various IDEs
|
||||||
|
.project
|
||||||
|
.idea/
|
||||||
|
*.tmproj
|
||||||
|
.vscode/
|
||||||
|
# OWNERS file for Kubernetes
|
||||||
|
OWNERS
|
||||||
|
# helm-docs templates
|
||||||
|
*.gotmpl
|
||||||
|
# docs folder
|
||||||
|
/docs
|
||||||
|
# icon
|
||||||
|
icon.png
|
|
@ -0,0 +1,100 @@
|
||||||
|
---
|
||||||
|
title: Changelog
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
*for the complete changelog, please refer to the website*
|
||||||
|
|
||||||
|
**Important:**
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.10](https://github.com/truecharts/charts/compare/authentik-19.2.9...authentik-19.2.10) (2024-02-03)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update container image common to v17.2.30[@19ad5ec](https://github.com/19ad5ec) by renovate ([#17804](https://github.com/truecharts/charts/issues/17804))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.9](https://github.com/truecharts/charts/compare/authentik-19.2.5...authentik-19.2.9) (2024-01-29)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update authentik to v2023.10.7[@c483b0a](https://github.com/c483b0a) by renovate (patch) ([#17752](https://github.com/truecharts/charts/issues/17752))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.5](https://github.com/truecharts/charts/compare/authentik-19.2.4...authentik-19.2.5) (2024-01-27)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update helm general non-major by renovate ([#17525](https://github.com/truecharts/charts/issues/17525))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.4](https://github.com/truecharts/charts/compare/authentik-19.2.3...authentik-19.2.4) (2024-01-26)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update container image common to v17.2.29[@d7c41a3](https://github.com/d7c41a3) by renovate ([#17545](https://github.com/truecharts/charts/issues/17545))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.3](https://github.com/truecharts/charts/compare/authentik-19.2.2...authentik-19.2.3) (2024-01-21)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update container image common to v17.2.28[@918b4c5](https://github.com/918b4c5) by renovate ([#17478](https://github.com/truecharts/charts/issues/17478))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.2](https://github.com/truecharts/charts/compare/authentik-19.2.1...authentik-19.2.2) (2024-01-21)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update container image common to v17.2.26[@24c98f7](https://github.com/24c98f7) by renovate ([#17409](https://github.com/truecharts/charts/issues/17409))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.1](https://github.com/truecharts/charts/compare/authentik-19.2.0...authentik-19.2.1) (2024-01-21)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update metadata in chart.yaml ([#17457](https://github.com/truecharts/charts/issues/17457))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.2.0](https://github.com/truecharts/charts/compare/authentik-19.1.13...authentik-19.2.0) (2024-01-14)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update container image ghcr.io/maxmind/geoipupdate to v6.1.0[@cdd36d3](https://github.com/cdd36d3) by renovate ([#17203](https://github.com/truecharts/charts/issues/17203))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.1.13](https://github.com/truecharts/charts/compare/authentik-19.1.9...authentik-19.1.13) (2024-01-13)
|
||||||
|
|
||||||
|
### Chore
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
- update authentik to v2023.10.6[@1a17c68](https://github.com/1a17c68) by renovate (patch) ([#17101](https://github.com/truecharts/charts/issues/17101))
|
||||||
|
|
||||||
|
|
||||||
|
## [authentik-19.1.9](https://github.com/truecharts/charts/compare/authentik-19.1.8...authentik-19.1.9) (2024-01-09)
|
||||||
|
|
||||||
|
### Chore
|
|
@ -0,0 +1,48 @@
|
||||||
|
annotations:
|
||||||
|
max_scale_version: 24.04.0
|
||||||
|
min_scale_version: 23.10.0
|
||||||
|
truecharts.org/SCALE-support: "true"
|
||||||
|
truecharts.org/category: authentication
|
||||||
|
truecharts.org/max_helm_version: "3.14"
|
||||||
|
truecharts.org/min_helm_version: "3.12"
|
||||||
|
truecharts.org/train: stable
|
||||||
|
apiVersion: v2
|
||||||
|
appVersion: 2024.2.0
|
||||||
|
dependencies:
|
||||||
|
- name: common
|
||||||
|
version: 17.4.2
|
||||||
|
repository: oci://tccr.io/truecharts
|
||||||
|
condition: ""
|
||||||
|
alias: ""
|
||||||
|
tags: []
|
||||||
|
import-values: []
|
||||||
|
- name: redis
|
||||||
|
version: 11.2.1
|
||||||
|
repository: oci://tccr.io/truecharts
|
||||||
|
condition: redis.enabled
|
||||||
|
alias: ""
|
||||||
|
tags: []
|
||||||
|
import-values: []
|
||||||
|
deprecated: false
|
||||||
|
description: Authentik is an open-source Identity Provider focused on flexibility and versatility.
|
||||||
|
home: https://truecharts.org/charts/stable/authentik
|
||||||
|
icon: https://truecharts.org/img/hotlink-ok/chart-icons/authentik.png
|
||||||
|
keywords:
|
||||||
|
- authentik
|
||||||
|
kubeVersion: '>=1.24.0-0'
|
||||||
|
maintainers:
|
||||||
|
- name: TrueCharts
|
||||||
|
email: info@truecharts.org
|
||||||
|
url: https://truecharts.org
|
||||||
|
name: authentik
|
||||||
|
sources:
|
||||||
|
- https://goauthentik.io/docs/
|
||||||
|
- https://github.com/goauthentik/authentik
|
||||||
|
- https://github.com/truecharts/charts/tree/master/charts/stable/authentik
|
||||||
|
- https://ghcr.io/goauthentik/proxy
|
||||||
|
- https://ghcr.io/goauthentik/radius
|
||||||
|
- https://ghcr.io/goauthentik/server
|
||||||
|
- https://ghcr.io/maxmind/geoipupdate
|
||||||
|
- https://ghcr.io/goauthentik/ldap
|
||||||
|
type: application
|
||||||
|
version: 23.0.0
|
|
@ -0,0 +1,28 @@
|
||||||
|
---
|
||||||
|
title: README
|
||||||
|
---
|
||||||
|
|
||||||
|
## General Info
|
||||||
|
|
||||||
|
TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
|
||||||
|
However only installations using the TrueNAS SCALE Apps system are supported.
|
||||||
|
|
||||||
|
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/authentik)
|
||||||
|
|
||||||
|
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||||
|
|
||||||
|
## Support
|
||||||
|
|
||||||
|
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
|
||||||
|
- See the [Website](https://truecharts.org)
|
||||||
|
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||||
|
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Sponsor TrueCharts
|
||||||
|
|
||||||
|
TrueCharts can only exist due to the incredible effort of our staff.
|
||||||
|
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||||
|
|
||||||
|
_All Rights Reserved - The TrueCharts Project_
|
|
@ -0,0 +1,8 @@
|
||||||
|
Authentik is an open-source Identity Provider focused on flexibility and versatility.
|
||||||
|
|
||||||
|
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/authentik](https://truecharts.org/charts/stable/authentik)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
TrueCharts can only exist due to the incredible effort of our staff.
|
||||||
|
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,502 @@
|
||||||
|
image:
|
||||||
|
repository: ghcr.io/goauthentik/server
|
||||||
|
tag: 2024.2.0@sha256:fa00120dbc6a96d707bd21844461029cc3454917c41e6f3aeff4210833b74e16
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
geoipImage:
|
||||||
|
repository: ghcr.io/maxmind/geoipupdate
|
||||||
|
tag: v6.1.0@sha256:cdd36d36c2e1d353a990a48e5a36d42ee75089d5d9064d80d36d90c147fd2606
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
ldapImage:
|
||||||
|
repository: ghcr.io/goauthentik/ldap
|
||||||
|
tag: 2024.2.0@sha256:0099d352195be72cba0dc67773d92f293399b86267c55e23e893b26085f2abfc
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
radiusImage:
|
||||||
|
repository: ghcr.io/goauthentik/radius
|
||||||
|
tag: 2024.2.0@sha256:c52ef107d67b130ab6232a3a4120a66c875e5253053be569f33a3d6bcdd84165
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
proxyImage:
|
||||||
|
repository: ghcr.io/goauthentik/proxy
|
||||||
|
tag: 2024.2.0@sha256:8db6b47c61090c8992cb408b7c333edc46b5eac304199f9c688646fe6c1ded6f
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
authentik:
|
||||||
|
credentials:
|
||||||
|
# Only works on initial install
|
||||||
|
email: my-mail@example.com
|
||||||
|
password: my-password
|
||||||
|
# Optional, only set if you want to use it
|
||||||
|
bootstrapToken: ""
|
||||||
|
general:
|
||||||
|
disableUpdateCheck: false
|
||||||
|
disableStartupAnalytics: true
|
||||||
|
allowUserChangeName: true
|
||||||
|
allowUserChangeEmail: true
|
||||||
|
allowUserChangeUsername: true
|
||||||
|
overwriteDefaultBlueprints: false
|
||||||
|
gdprCompliance: true
|
||||||
|
tokenLength: 128
|
||||||
|
impersonation: true
|
||||||
|
avatars:
|
||||||
|
- gravatar
|
||||||
|
- initials
|
||||||
|
footerLinks:
|
||||||
|
- name: Authentik
|
||||||
|
href: https://goauthentik.io
|
||||||
|
email:
|
||||||
|
host: ""
|
||||||
|
port: 587
|
||||||
|
username:
|
||||||
|
password:
|
||||||
|
useTLS: true
|
||||||
|
useSSL: false
|
||||||
|
timeout: 10
|
||||||
|
from: ""
|
||||||
|
ldap:
|
||||||
|
tlsCiphers: "null"
|
||||||
|
taskTimeoutHours: 2
|
||||||
|
logging:
|
||||||
|
# info, debug, warning, error, trace
|
||||||
|
logLevel: info
|
||||||
|
errorReporting:
|
||||||
|
enabled: false
|
||||||
|
sendPII: false
|
||||||
|
environment: customer
|
||||||
|
sentryDSN: ""
|
||||||
|
geoip:
|
||||||
|
enabled: false
|
||||||
|
# Ignored if enabled is true
|
||||||
|
# If enabled is false, and this is true, the
|
||||||
|
# built-in GeoIP database will be wiped
|
||||||
|
wipeBuiltInDb: false
|
||||||
|
editionID: GeoLite2-City
|
||||||
|
frequency: 8
|
||||||
|
accountID: ""
|
||||||
|
licenseKey: ""
|
||||||
|
outposts:
|
||||||
|
proxy:
|
||||||
|
enabled: false
|
||||||
|
token: ""
|
||||||
|
radius:
|
||||||
|
enabled: false
|
||||||
|
token: ""
|
||||||
|
ldap:
|
||||||
|
enabled: false
|
||||||
|
token: ""
|
||||||
|
# ===== DO NOT EDIT BELOW THIS LINE =====
|
||||||
|
workload:
|
||||||
|
# ===== Server =====
|
||||||
|
main:
|
||||||
|
enabled: true
|
||||||
|
type: Deployment
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
main:
|
||||||
|
enabled: true
|
||||||
|
primary: true
|
||||||
|
imageSelector: image
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
# readOnlyRootFilesystem: false
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: server
|
||||||
|
- secretRef:
|
||||||
|
name: server-worker
|
||||||
|
- configMapRef:
|
||||||
|
name: server-worker
|
||||||
|
args:
|
||||||
|
- server
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /lifecycle/ak
|
||||||
|
- healthcheck
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /lifecycle/ak
|
||||||
|
- healthcheck
|
||||||
|
startup:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /lifecycle/ak
|
||||||
|
- healthcheck
|
||||||
|
# ===== Worker =====
|
||||||
|
worker:
|
||||||
|
enabled: true
|
||||||
|
type: Deployment
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
worker:
|
||||||
|
enabled: true
|
||||||
|
primary: true
|
||||||
|
imageSelector: image
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
# readOnlyRootFilesystem: false
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
name: server-worker
|
||||||
|
- configMapRef:
|
||||||
|
name: server-worker
|
||||||
|
args:
|
||||||
|
- worker
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /lifecycle/ak
|
||||||
|
- healthcheck
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /lifecycle/ak
|
||||||
|
- healthcheck
|
||||||
|
startup:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /lifecycle/ak
|
||||||
|
- healthcheck
|
||||||
|
# ===== PROXY =====
|
||||||
|
proxy:
|
||||||
|
enabled: true
|
||||||
|
type: Deployment
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
proxy:
|
||||||
|
enabled: true
|
||||||
|
primary: true
|
||||||
|
imageSelector: proxyImage
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: proxy
|
||||||
|
- secretRef:
|
||||||
|
name: proxy
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /proxy
|
||||||
|
- healthcheck
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /proxy
|
||||||
|
- healthcheck
|
||||||
|
startup:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /proxy
|
||||||
|
- healthcheck
|
||||||
|
# ===== RADIUS =====
|
||||||
|
radius:
|
||||||
|
enabled: true
|
||||||
|
type: Deployment
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
radius:
|
||||||
|
enabled: true
|
||||||
|
primary: true
|
||||||
|
imageSelector: radiusImage
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: radius
|
||||||
|
- secretRef:
|
||||||
|
name: radius
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /radius
|
||||||
|
- healthcheck
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /radius
|
||||||
|
- healthcheck
|
||||||
|
startup:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /radius
|
||||||
|
- healthcheck
|
||||||
|
# ===== LDAP =====
|
||||||
|
ldap:
|
||||||
|
enabled: true
|
||||||
|
type: Deployment
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
ldap:
|
||||||
|
enabled: true
|
||||||
|
primary: true
|
||||||
|
imageSelector: ldapImage
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 1000
|
||||||
|
runAsGroup: 1000
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: ldap
|
||||||
|
- secretRef:
|
||||||
|
name: ldap
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /ldap
|
||||||
|
- healthcheck
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /ldap
|
||||||
|
- healthcheck
|
||||||
|
startup:
|
||||||
|
enabled: true
|
||||||
|
type: exec
|
||||||
|
command:
|
||||||
|
- /ldap
|
||||||
|
- healthcheck
|
||||||
|
# ===== GeoIP Updater =====
|
||||||
|
geoip:
|
||||||
|
enabled: true
|
||||||
|
type: Deployment
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
geoip:
|
||||||
|
enabled: true
|
||||||
|
primary: true
|
||||||
|
imageSelector: geoipImage
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 0
|
||||||
|
runAsGroup: 0
|
||||||
|
capabilities:
|
||||||
|
disableS6Caps: true
|
||||||
|
envFrom:
|
||||||
|
- configMapRef:
|
||||||
|
name: geoip
|
||||||
|
- secretRef:
|
||||||
|
name: geoip
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: false
|
||||||
|
readiness:
|
||||||
|
enabled: false
|
||||||
|
startup:
|
||||||
|
enabled: false
|
||||||
|
service:
|
||||||
|
# Server HTTPS
|
||||||
|
main:
|
||||||
|
ports:
|
||||||
|
main:
|
||||||
|
protocol: https
|
||||||
|
port: 10229
|
||||||
|
# Server HTTP
|
||||||
|
http:
|
||||||
|
enabled: true
|
||||||
|
type: ClusterIP
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
enabled: true
|
||||||
|
protocol: http
|
||||||
|
port: 10230
|
||||||
|
# Proxy
|
||||||
|
proxy:
|
||||||
|
enabled: true
|
||||||
|
targetSelector: proxy
|
||||||
|
ports:
|
||||||
|
http:
|
||||||
|
enabled: true
|
||||||
|
protocol: http
|
||||||
|
port: 10227
|
||||||
|
targetSelector: proxy
|
||||||
|
https:
|
||||||
|
enabled: true
|
||||||
|
protocol: https
|
||||||
|
port: 10228
|
||||||
|
targetSelector: proxy
|
||||||
|
# Radius
|
||||||
|
radius:
|
||||||
|
enabled: true
|
||||||
|
targetSelector: radius
|
||||||
|
ports:
|
||||||
|
radius:
|
||||||
|
enabled: true
|
||||||
|
protocol: udp
|
||||||
|
targetSelector: radius
|
||||||
|
port: 1812
|
||||||
|
# LDAP
|
||||||
|
ldap:
|
||||||
|
enabled: true
|
||||||
|
targetSelector: ldap
|
||||||
|
ports:
|
||||||
|
ldap:
|
||||||
|
enabled: true
|
||||||
|
port: 389
|
||||||
|
targetSelector: ldap
|
||||||
|
# LDAPS
|
||||||
|
ldaps:
|
||||||
|
enabled: true
|
||||||
|
targetSelector: ldap
|
||||||
|
ports:
|
||||||
|
ldaps:
|
||||||
|
enabled: true
|
||||||
|
port: 636
|
||||||
|
targetSelector: ldap
|
||||||
|
# Server Metrics
|
||||||
|
servermetrics:
|
||||||
|
enabled: true
|
||||||
|
type: ClusterIP
|
||||||
|
ports:
|
||||||
|
servermetrics:
|
||||||
|
enabled: true
|
||||||
|
protocol: http
|
||||||
|
port: 10231
|
||||||
|
# Radius Metrics
|
||||||
|
radiusmetrics:
|
||||||
|
enabled: true
|
||||||
|
type: ClusterIP
|
||||||
|
targetSelector: radius
|
||||||
|
ports:
|
||||||
|
radiusmetrics:
|
||||||
|
enabled: true
|
||||||
|
protocol: http
|
||||||
|
port: 10232
|
||||||
|
targetSelector: radius
|
||||||
|
# LDAP Metrics
|
||||||
|
ldapmetrics:
|
||||||
|
enabled: true
|
||||||
|
type: ClusterIP
|
||||||
|
targetSelector: ldap
|
||||||
|
ports:
|
||||||
|
ldapmetrics:
|
||||||
|
enabled: true
|
||||||
|
protocol: http
|
||||||
|
port: 10233
|
||||||
|
targetSelector: ldap
|
||||||
|
# Proxy Metrics
|
||||||
|
proxymetrics:
|
||||||
|
enabled: true
|
||||||
|
type: ClusterIP
|
||||||
|
targetSelector: proxy
|
||||||
|
ports:
|
||||||
|
proxymetrics:
|
||||||
|
enabled: true
|
||||||
|
protocol: http
|
||||||
|
port: 10234
|
||||||
|
targetSelector: proxy
|
||||||
|
persistence:
|
||||||
|
media:
|
||||||
|
enabled: true
|
||||||
|
targetSelector:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
mountPath: /media
|
||||||
|
worker:
|
||||||
|
worker:
|
||||||
|
mountPath: /media
|
||||||
|
templates:
|
||||||
|
enabled: true
|
||||||
|
targetSelector:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
mountPath: /templates
|
||||||
|
worker:
|
||||||
|
worker:
|
||||||
|
mountPath: /templates
|
||||||
|
blueprints:
|
||||||
|
enabled: true
|
||||||
|
targetSelector:
|
||||||
|
worker:
|
||||||
|
worker:
|
||||||
|
# This will automatically change to `/blueprints`
|
||||||
|
# if `overwriteDefaultBlueprints` is set to `true
|
||||||
|
# Otherwise it will respect the value specified here
|
||||||
|
mountPath: /blueprints/custom
|
||||||
|
certs:
|
||||||
|
enabled: true
|
||||||
|
mountPath: /certs
|
||||||
|
targetSelector:
|
||||||
|
worker:
|
||||||
|
worker:
|
||||||
|
mountPath: /certs
|
||||||
|
geoip:
|
||||||
|
enabled: true
|
||||||
|
targetSelector:
|
||||||
|
main:
|
||||||
|
main:
|
||||||
|
mountPath: /geoip
|
||||||
|
worker:
|
||||||
|
worker:
|
||||||
|
mountPath: /geoip
|
||||||
|
geoip:
|
||||||
|
geoip:
|
||||||
|
mountPath: /usr/share/GeoIP
|
||||||
|
cnpg:
|
||||||
|
main:
|
||||||
|
enabled: true
|
||||||
|
user: authentik
|
||||||
|
database: authentik
|
||||||
|
redis:
|
||||||
|
enabled: true
|
||||||
|
portal:
|
||||||
|
open:
|
||||||
|
enabled: true
|
||||||
|
metrics:
|
||||||
|
# FIXME: Metrics do not work yet
|
||||||
|
servermetrics:
|
||||||
|
enabled: true
|
||||||
|
type: servicemonitor
|
||||||
|
endpoints:
|
||||||
|
- port: "{{ .Values.service.servermetrics.ports.servermetrics.port }}"
|
||||||
|
path: /metrics
|
||||||
|
prometheusRule:
|
||||||
|
enabled: false
|
||||||
|
radiusmetrics:
|
||||||
|
enabled: true
|
||||||
|
type: servicemonitor
|
||||||
|
endpoints:
|
||||||
|
- port: "{{ .Values.service.radiusmetrics.ports.radiusmetrics.port }}"
|
||||||
|
path: /metrics
|
||||||
|
prometheusRule:
|
||||||
|
enabled: false
|
||||||
|
ldapmetrics:
|
||||||
|
enabled: true
|
||||||
|
type: servicemonitor
|
||||||
|
endpoints:
|
||||||
|
- port: "{{ .Values.service.ldapmetrics.ports.ldapmetrics.port }}"
|
||||||
|
path: /metrics
|
||||||
|
prometheusRule:
|
||||||
|
enabled: false
|
||||||
|
proxymetrics:
|
||||||
|
enabled: true
|
||||||
|
type: servicemonitor
|
||||||
|
endpoints:
|
||||||
|
- port: "{{ .Values.service.proxymetrics.ports.proxymetrics.port }}"
|
||||||
|
path: /metrics
|
||||||
|
prometheusRule:
|
||||||
|
enabled: false
|
||||||
|
updated: true
|
||||||
|
|
||||||
|
ingress:
|
||||||
|
main:
|
||||||
|
required: true
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,128 @@
|
||||||
|
{{/* Define the configmaps */}}
|
||||||
|
{{- define "authentik.configmaps" -}}
|
||||||
|
|
||||||
|
{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}}
|
||||||
|
{{- $serverHost := printf "https://%v:%v" $fullname .Values.service.main.ports.main.port -}}
|
||||||
|
{{- $host := .Values.chartContext.appUrl }}
|
||||||
|
server:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
AUTHENTIK_LISTEN__HTTPS: {{ printf "0.0.0.0:%v" .Values.service.main.ports.main.port | quote }}
|
||||||
|
AUTHENTIK_LISTEN__HTTP: {{ printf "0.0.0.0:%v" .Values.service.http.ports.http.port | quote }}
|
||||||
|
AUTHENTIK_LISTEN__METRICS: {{ printf "0.0.0.0:%v" .Values.service.servermetrics.ports.servermetrics.port | quote }}
|
||||||
|
|
||||||
|
server-worker:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
{{/* Dependencies */}}
|
||||||
|
AUTHENTIK_POSTGRESQL__NAME: {{ .Values.cnpg.main.database }}
|
||||||
|
AUTHENTIK_POSTGRESQL__USER: {{ .Values.cnpg.main.user }}
|
||||||
|
AUTHENTIK_POSTGRESQL__HOST: {{ .Values.cnpg.main.creds.host }}
|
||||||
|
AUTHENTIK_POSTGRESQL__PORT: "5432"
|
||||||
|
AUTHENTIK_REDIS__HOST: {{ .Values.redis.creds.plain }}
|
||||||
|
AUTHENTIK_REDIS__PORT: "6379"
|
||||||
|
|
||||||
|
{{/* Outposts */}}
|
||||||
|
AUTHENTIK_OUTPOSTS__DISCOVER: "false"
|
||||||
|
|
||||||
|
{{/* GeoIP */}}
|
||||||
|
{{- $geoipPath := (printf "/geoip/%v.mmdb" .Values.authentik.geoip.editionID) -}}
|
||||||
|
{{- if not .Values.authentik.geoip.enabled -}}
|
||||||
|
{{- $geoipPath = "/tmp/non-existent-file" -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if or .Values.authentik.geoip.enabled .Values.authentik.geoip.wipeBuiltInDb }}
|
||||||
|
AUTHENTIK_GEOIP: {{ $geoipPath }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* Mail */}}
|
||||||
|
AUTHENTIK_EMAIL__USE_TLS: {{ .Values.authentik.email.useTLS | quote }}
|
||||||
|
AUTHENTIK_EMAIL__USE_SSL: {{ .Values.authentik.email.useSSL | quote }}
|
||||||
|
{{- with .Values.authentik.email.port }}
|
||||||
|
AUTHENTIK_EMAIL__PORT: {{ . | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with .Values.authentik.email.timeout }}
|
||||||
|
AUTHENTIK_EMAIL__TIMEOUT: {{ . | quote }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* LDAP */}}
|
||||||
|
AUTHENTIK_LDAP__TASK_TIMEOUT_HOURS: {{ .Values.authentik.ldap.taskTimeoutHours | quote }}
|
||||||
|
AUTHENTIK_LDAP__TLS__CIPHERS: {{ .Values.authentik.ldap.tlsCiphers | quote }}
|
||||||
|
|
||||||
|
{{/* Logging */}}
|
||||||
|
AUTHENTIK_LOG_LEVEL: {{ .Values.authentik.logging.logLevel }}
|
||||||
|
|
||||||
|
{{/* Error Reporting */}}
|
||||||
|
AUTHENTIK_ERROR_REPORTING__ENABLED: {{ .Values.authentik.errorReporting.enabled | quote }}
|
||||||
|
AUTHENTIK_ERROR_REPORTING__SEND_PII: {{ .Values.authentik.errorReporting.sendPII | quote }}
|
||||||
|
{{- with .Values.authentik.errorReporting.environment }}
|
||||||
|
AUTHENTIK_ERROR_REPORTING__ENVIRONMENT: {{ . | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with .Values.authentik.errorReporting.sentryDSN }}
|
||||||
|
AUTHENTIK_ERROR_REPORTING__SENTRY_DSN: {{ . | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with .Values.authentik.general.avatars }}
|
||||||
|
AUTHENTIK_AVATARS: {{ join "," . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with .Values.authentik.general.footerLinks }}
|
||||||
|
AUTHENTIK_FOOTER_LINKS: {{ toJson . | squote }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* General */}}
|
||||||
|
AUTHENTIK_DISABLE_UPDATE_CHECK: {{ .Values.authentik.general.disableUpdateCheck | quote }}
|
||||||
|
AUTHENTIK_DISABLE_STARTUP_ANALYTICS: {{ .Values.authentik.general.disableStartupAnalytics | quote }}
|
||||||
|
AUTHENTIK_DEFAULT_USER_CHANGE_NAME: {{ .Values.authentik.general.allowUserChangeName | quote }}
|
||||||
|
AUTHENTIK_DEFAULT_USER_CHANGE_EMAIL: {{ .Values.authentik.general.allowUserChangeEmail | quote }}
|
||||||
|
AUTHENTIK_DEFAULT_USER_CHANGE_USERNAME: {{ .Values.authentik.general.allowUserChangeUsername | quote }}
|
||||||
|
AUTHENTIK_GDPR_COMPLIANCE: {{ .Values.authentik.general.gdprCompliance | quote }}
|
||||||
|
AUTHENTIK_DEFAULT_TOKEN_LENGTH: {{ .Values.authentik.general.tokenLength | quote }}
|
||||||
|
AUTHENTIK_IMPERSONATION: {{ .Values.authentik.general.impersonation | quote }}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.proxy.enabled }}
|
||||||
|
proxy:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
AUTHENTIK_LISTEN__HTTP: {{ printf "0.0.0.0:%v" .Values.service.proxy.ports.http.port | quote }}
|
||||||
|
AUTHENTIK_LISTEN__HTTPS: {{ printf "0.0.0.0:%v" .Values.service.proxy.ports.https.port | quote }}
|
||||||
|
AUTHENTIK_LISTEN__METRICS: {{ printf "0.0.0.0:%v" .Values.service.proxymetrics.ports.proxymetrics.port | quote }}
|
||||||
|
AUTHENTIK_HOST: {{ $serverHost }}
|
||||||
|
AUTHENTIK_INSECURE: "true"
|
||||||
|
# TODO: node ip or ingress host
|
||||||
|
AUTHENTIK_HOST_BROWSER: {{ $host }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.radius.enabled }}
|
||||||
|
radius:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
AUTHENTIK_LISTEN__RADIUS: {{ printf "0.0.0.0:%v" .Values.service.radius.ports.radius.port | quote }}
|
||||||
|
AUTHENTIK_LISTEN__METRICS: {{ printf "0.0.0.0:%v" .Values.service.radiusmetrics.ports.radiusmetrics.port | quote }}
|
||||||
|
AUTHENTIK_HOST: {{ $serverHost }}
|
||||||
|
AUTHENTIK_INSECURE: "true"
|
||||||
|
# TODO: node ip or ingress host
|
||||||
|
AUTHENTIK_HOST_BROWSER: {{ $host }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.ldap.enabled }}
|
||||||
|
ldap:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
AUTHENTIK_LISTEN__LDAP: {{ printf "0.0.0.0:%v" .Values.service.ldap.ports.ldap.port | quote }}
|
||||||
|
AUTHENTIK_LISTEN__LDAPS: {{ printf "0.0.0.0:%v" .Values.service.ldaps.ports.ldaps.port | quote }}
|
||||||
|
AUTHENTIK_LISTEN__METRICS: {{ printf "0.0.0.0:%v" .Values.service.ldapmetrics.ports.ldapmetrics.port | quote }}
|
||||||
|
AUTHENTIK_HOST: {{ $serverHost }}
|
||||||
|
AUTHENTIK_INSECURE: "true"
|
||||||
|
# TODO: node ip or ingress host
|
||||||
|
AUTHENTIK_HOST_BROWSER: {{ $host }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.geoip.enabled }}
|
||||||
|
geoip:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
GEOIPUPDATE_EDITION_IDS: {{ .Values.authentik.geoip.editionID }}
|
||||||
|
GEOIPUPDATE_FREQUENCY: {{ .Values.authentik.geoip.frequency | quote }}
|
||||||
|
GEOIPUPDATE_DB_DIR: {{ .Values.persistence.geoip.targetSelector.geoip.geoip.mountPath | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,74 @@
|
||||||
|
{{/* Define the secrets */}}
|
||||||
|
{{- define "authentik.secrets" -}}
|
||||||
|
|
||||||
|
{{- $fullname := include "tc.v1.common.lib.chart.names.fullname" $ -}}
|
||||||
|
{{- $fetchname := printf "%v-server-worker" $fullname -}}
|
||||||
|
|
||||||
|
{{- $secretKey := randAlphaNum 32 -}}
|
||||||
|
{{- with (lookup "v1" "Secret" .Release.Namespace $fetchname) -}}
|
||||||
|
{{- $secretKey = index .data "AUTHENTIK_SECRET_KEY" | b64dec -}}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
server-worker:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
{{/* Dependencies */}}
|
||||||
|
AUTHENTIK_POSTGRESQL__PASSWORD: {{ .Values.cnpg.main.creds.password | trimAll "\"" }}
|
||||||
|
AUTHENTIK_REDIS__PASSWORD: {{ .Values.redis.creds.redisPassword | trimAll "\"" }}
|
||||||
|
|
||||||
|
{{/* Secret Key */}}
|
||||||
|
AUTHENTIK_SECRET_KEY: {{ $secretKey }}
|
||||||
|
|
||||||
|
{{/* Initial credentials */}}
|
||||||
|
AUTHENTIK_BOOTSTRAP_EMAIL: {{ .Values.authentik.credentials.email | quote }}
|
||||||
|
AUTHENTIK_BOOTSTRAP_PASSWORD: {{ .Values.authentik.credentials.password | quote }}
|
||||||
|
{{- with .Values.authentik.credentials.bootstrapToken }}
|
||||||
|
AUTHENTIK_BOOTSTRAP_TOKEN: {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{/* Mail */}}
|
||||||
|
{{- with .Values.authentik.email.host }}
|
||||||
|
AUTHENTIK_EMAIL__HOST: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with .Values.authentik.email.username }}
|
||||||
|
AUTHENTIK_EMAIL__USERNAME: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with .Values.authentik.email.password }}
|
||||||
|
AUTHENTIK_EMAIL__PASSWORD: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
{{- with .Values.authentik.email.from }}
|
||||||
|
AUTHENTIK_EMAIL__FROM: {{ . }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.geoip.enabled }}
|
||||||
|
geoip:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
GEOIPUPDATE_VERBOSE: "0"
|
||||||
|
GEOIPUPDATE_PRESERVE_FILE_TIMES: "1"
|
||||||
|
GEOIPUPDATE_ACCOUNT_ID: {{ .Values.authentik.geoip.accountID | quote }}
|
||||||
|
GEOIPUPDATE_LICENSE_KEY: {{ .Values.authentik.geoip.licenseKey | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.proxy.enabled }}
|
||||||
|
proxy:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
AUTHENTIK_TOKEN: {{ .Values.authentik.outposts.proxy.token | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.radius.enabled }}
|
||||||
|
radius:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
AUTHENTIK_TOKEN: {{ .Values.authentik.outposts.radius.token | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.ldap.enabled }}
|
||||||
|
ldap:
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
AUTHENTIK_TOKEN: {{ .Values.authentik.outposts.ldap.token | quote }}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,23 @@
|
||||||
|
{{- define "authentik.validation" -}}
|
||||||
|
{{- range $outpost, $values := .Values.authentik.outposts -}}
|
||||||
|
{{- if (kindIs "dict" $values) -}}
|
||||||
|
{{- if and $values.enabled (not $values.token) -}}
|
||||||
|
{{- fail (printf "Authentik - Outpost [%v] is enabled, but [token] was not provided" ($outpost | upper)) -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.geoip.enabled -}}
|
||||||
|
{{- if not .Values.authentik.geoip.accountID -}}
|
||||||
|
{{- fail "Authentik - GeoIP is enabled but [accountID] was not provided" -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if not .Values.authentik.geoip.licenseKey -}}
|
||||||
|
{{- fail "Authentik - GeoIP is enabled but [licenseKey] was not provided" -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if contains " " .Values.authentik.geoip.editionID -}}
|
||||||
|
{{- fail "Authentik - GeoIP is enabled but [editionID] cannot contain spaces" -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,20 @@
|
||||||
|
{{- define "authentik.wait.server" -}}
|
||||||
|
{{- $fullname := (include "tc.v1.common.lib.chart.names.fullname" $) -}}
|
||||||
|
{{- $serverUrl := printf "https://%v:%v/-/health/ready/" $fullname .Values.service.main.ports.main.port }}
|
||||||
|
enabled: true
|
||||||
|
type: init
|
||||||
|
imageSelector: alpineImage
|
||||||
|
command: /bin/sh
|
||||||
|
args:
|
||||||
|
- -c
|
||||||
|
- |
|
||||||
|
echo "Waiting Authentik Server [{{ $serverUrl }}] to be ready..."
|
||||||
|
until wget --no-check-certificate --spider --quiet "{{ $serverUrl }}";
|
||||||
|
do
|
||||||
|
echo "Waiting Authentik Server [{{ $serverUrl }}] to be ready..."
|
||||||
|
sleep 3
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "Authentik [{{ $serverUrl }}] is ready..."
|
||||||
|
echo "Starting Outpost..."
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,97 @@
|
||||||
|
{{/* Make sure all variables are set properly */}}
|
||||||
|
{{- include "tc.v1.common.loader.init" . }}
|
||||||
|
|
||||||
|
{{- include "authentik.validation" $ -}}
|
||||||
|
|
||||||
|
{{/* Render secrets for authentik and friends */}}
|
||||||
|
{{- $secrets := include "authentik.secrets" . | fromYaml -}}
|
||||||
|
{{- if $secrets -}}
|
||||||
|
{{ $secrets := (mustMergeOverwrite .Values.secret $secrets) }}
|
||||||
|
{{- $_ := set .Values "secret" $secrets -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* Render configmaps for authentik and friends */}}
|
||||||
|
{{- $configmaps := include "authentik.configmaps" . | fromYaml -}}
|
||||||
|
{{- if $configmaps -}}
|
||||||
|
{{ $configmaps := (mustMergeOverwrite .Values.configmap $configmaps) }}
|
||||||
|
{{- $_ := set .Values "configmap" $configmaps -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.general.overwriteDefaultBlueprints -}}
|
||||||
|
{{- $_ := set .Values.persistence.blueprints.targetSelector.worker.worker "mountPath" "/blueprints" -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.geoip.enabled -}}
|
||||||
|
{{- $_ := set .Values.workload.geoip "enabled" true -}}
|
||||||
|
{{- else -}}
|
||||||
|
{{- $_ := set .Values.workload.geoip "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.persistence.geoip "enabled" false -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if or .Values.authentik.geoip.enabled .Values.authentik.geoip.wipeBuiltInDb -}}
|
||||||
|
{{- $_ := set .Values.persistence.geoip "enabled" true -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.proxy.enabled -}}
|
||||||
|
{{- $_ := set .Values.workload.proxy "enabled" true -}}
|
||||||
|
{{- if not .Values.workload.proxy.podSpec.initContainers -}}
|
||||||
|
{{- $_ := set .Values.workload.proxy.podSpec "initContainers" dict -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- $_ := set .Values.workload.proxy.podSpec.initContainers "wait-server" (include "authentik.wait.server" . | fromYaml) -}}
|
||||||
|
{{- $_ := set .Values.service.proxy "enabled" true -}}
|
||||||
|
{{- $_ := set .Values.service.proxymetrics "enabled" true -}}
|
||||||
|
{{- $_ := set .Values.metrics.proxymetrics "enabled" true -}}
|
||||||
|
{{- else -}}
|
||||||
|
{{- $_ := set .Values.workload.proxy "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.proxy "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.proxymetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.metrics.proxymetrics "enabled" false -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.radius.enabled -}}
|
||||||
|
{{- $_ := set .Values.workload.radius "enabled" true -}}
|
||||||
|
{{- if not .Values.workload.radius.podSpec.initContainers -}}
|
||||||
|
{{- $_ := set .Values.workload.radius.podSpec "initContainers" dict -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- $_ := set .Values.workload.radius.podSpec.initContainers "wait-server" (include "authentik.wait.server" . | fromYaml) -}}
|
||||||
|
{{- $_ := set .Values.service.radius "enabled" true -}}
|
||||||
|
{{- $_ := set .Values.service.radiusmetrics "enabled" true -}}
|
||||||
|
{{- $_ := set .Values.metrics.radiusmetrics "enabled" true -}}
|
||||||
|
{{- else -}}
|
||||||
|
{{- $_ := set .Values.workload.radius "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.radius "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.radiusmetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.metrics.radiusmetrics "enabled" false -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if .Values.authentik.outposts.ldap.enabled -}}
|
||||||
|
{{- $_ := set .Values.workload.ldap "enabled" true -}}
|
||||||
|
{{- if not .Values.workload.ldap.podSpec.initContainers -}}
|
||||||
|
{{- $_ := set .Values.workload.ldap.podSpec "initContainers" dict -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- $_ := set .Values.workload.ldap.podSpec.initContainers "wait-server" (include "authentik.wait.server" . | fromYaml) -}}
|
||||||
|
{{- $_ := set .Values.service.ldap "enabled" true -}}
|
||||||
|
{{- $_ := set .Values.service.ldaps "enabled" true -}}
|
||||||
|
{{- $_ := set .Values.service.ldapmetrics "enabled" true -}}
|
||||||
|
{{- $_ := set .Values.metrics.ldapmetrics "enabled" true -}}
|
||||||
|
{{- else -}}
|
||||||
|
{{- $_ := set .Values.workload.ldap "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.ldap "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.ldaps "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.ldapmetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.metrics.ldapmetrics "enabled" false -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* FIXME: See values.yaml */}}
|
||||||
|
{{- $_ := set .Values.service.servermetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.proxymetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.radiusmetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.service.ldapmetrics "enabled" false -}}
|
||||||
|
|
||||||
|
{{- $_ := set .Values.metrics.servermetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.metrics.proxymetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.metrics.radiusmetrics "enabled" false -}}
|
||||||
|
{{- $_ := set .Values.metrics.ldapmetrics "enabled" false -}}
|
||||||
|
|
||||||
|
{{/* Render the templates */}}
|
||||||
|
{{ include "tc.v1.common.loader.apply" . }}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,30 @@
|
||||||
|
# Patterns to ignore when building packages.
|
||||||
|
# This supports shell glob matching, relative path matching, and
|
||||||
|
# negation (prefixed with !). Only one pattern per line.
|
||||||
|
.DS_Store
|
||||||
|
# Common VCS dirs
|
||||||
|
.git/
|
||||||
|
.gitignore
|
||||||
|
.bzr/
|
||||||
|
.bzrignore
|
||||||
|
.hg/
|
||||||
|
.hgignore
|
||||||
|
.svn/
|
||||||
|
# Common backup files
|
||||||
|
*.swp
|
||||||
|
*.bak
|
||||||
|
*.tmp
|
||||||
|
*~
|
||||||
|
# Various IDEs
|
||||||
|
.project
|
||||||
|
.idea/
|
||||||
|
*.tmproj
|
||||||
|
.vscode/
|
||||||
|
# OWNERS file for Kubernetes
|
||||||
|
OWNERS
|
||||||
|
# helm-docs templates
|
||||||
|
*.gotmpl
|
||||||
|
# docs folder
|
||||||
|
/docs
|
||||||
|
# icon
|
||||||
|
icon.png
|
|
@ -0,0 +1,38 @@
|
||||||
|
annotations:
|
||||||
|
max_scale_version: 23.10.2
|
||||||
|
min_scale_version: 23.10.0
|
||||||
|
truecharts.org/SCALE-support: "true"
|
||||||
|
truecharts.org/category: metrics
|
||||||
|
truecharts.org/max_helm_version: "3.13"
|
||||||
|
truecharts.org/min_helm_version: "3.12"
|
||||||
|
truecharts.org/train: stable
|
||||||
|
apiVersion: v2
|
||||||
|
appVersion: 1.2.0
|
||||||
|
dependencies:
|
||||||
|
- name: common
|
||||||
|
version: 17.2.22
|
||||||
|
repository: oci://tccr.io/truecharts
|
||||||
|
condition: ""
|
||||||
|
alias: ""
|
||||||
|
tags: []
|
||||||
|
import-values: []
|
||||||
|
deprecated: false
|
||||||
|
description: Prometheus exporter for Nvidia GPU's using nvidia-smi binary to gather metrics.
|
||||||
|
home: https://truecharts.org/charts/stable/nvidia-gpu-exporter
|
||||||
|
icon: https://truecharts.org/img/hotlink-ok/chart-icons/nvidia-gpu-exporter.png
|
||||||
|
keywords:
|
||||||
|
- prometheus
|
||||||
|
- nvidia-gpu-exporter
|
||||||
|
- monitoring
|
||||||
|
kubeVersion: ">=1.24.0-0"
|
||||||
|
maintainers:
|
||||||
|
- name: TrueCharts
|
||||||
|
email: info@truecharts.org
|
||||||
|
url: https://truecharts.org
|
||||||
|
name: nvidia-gpu-exporter
|
||||||
|
sources:
|
||||||
|
- https://github.com/truecharts/charts/tree/master/charts/stable/nvidia-gpu-exporter
|
||||||
|
- https://github.com/utkuozdemir/nvidia_gpu_exporter
|
||||||
|
- https://hub.docker.com/r/utkuozdemir/nvidia_gpu_exporter
|
||||||
|
type: application
|
||||||
|
version: 1.0.0
|
|
@ -0,0 +1 @@
|
||||||
|
# README
|
|
@ -0,0 +1,8 @@
|
||||||
|
Prometheus exporter for Nvidia GPU's using nvidia-smi binary to gather metrics.
|
||||||
|
|
||||||
|
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/nvidia-gpu-exporter](https://truecharts.org/charts/stable/nvidia-gpu-exporter)
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
TrueCharts can only exist due to the incredible effort of our staff.
|
||||||
|
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
Binary file not shown.
|
@ -0,0 +1,89 @@
|
||||||
|
image:
|
||||||
|
repository: utkuozdemir/nvidia_gpu_exporter
|
||||||
|
pullPolicy: IfNotPresent
|
||||||
|
tag: 1.2.0@sha256:cc407f77ab017101ce233a0185875ebc75d2a0911381741b20ad91f695e488c7
|
||||||
|
securityContext:
|
||||||
|
container:
|
||||||
|
privileged: true
|
||||||
|
readOnlyRootFilesystem: false
|
||||||
|
runAsUser: 0
|
||||||
|
runAsGroup: 0
|
||||||
|
service:
|
||||||
|
main:
|
||||||
|
ports:
|
||||||
|
main:
|
||||||
|
protocol: http
|
||||||
|
port: 9835
|
||||||
|
workload:
|
||||||
|
main:
|
||||||
|
type: DaemonSet
|
||||||
|
podSpec:
|
||||||
|
containers:
|
||||||
|
main:
|
||||||
|
args:
|
||||||
|
- --web.listen-address
|
||||||
|
- :{{ .Values.service.main.ports.main.port }}
|
||||||
|
- --web.telemetry-path
|
||||||
|
- "{{ .Values.metricsEndpoint }}"
|
||||||
|
- --nvidia-smi-command
|
||||||
|
- nvidia-smi
|
||||||
|
- --log.level
|
||||||
|
- "{{ .Values.logs.general.level }}"
|
||||||
|
- --log.format
|
||||||
|
- "{{ .Values.logs.general.format }}"
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
path: "{{ .Values.metricsEndpoint }}"
|
||||||
|
port: main
|
||||||
|
readiness:
|
||||||
|
path: "{{ .Values.metricsEndpoint }}"
|
||||||
|
port: main
|
||||||
|
startup:
|
||||||
|
type: tcp
|
||||||
|
port: main
|
||||||
|
persistence:
|
||||||
|
nviaictl:
|
||||||
|
enabled: true
|
||||||
|
type: hostPath
|
||||||
|
hostPath: /dev/nvidiactl
|
||||||
|
mountPath: /dev/nvidiactl
|
||||||
|
readOnly: true
|
||||||
|
nvidia0:
|
||||||
|
enabled: true
|
||||||
|
type: hostPath
|
||||||
|
hostPath: /dev/nvidia0
|
||||||
|
mountPath: /dev/nvidia0
|
||||||
|
readOnly: true
|
||||||
|
nvidiasmi:
|
||||||
|
enabled: true
|
||||||
|
type: hostPath
|
||||||
|
hostPath: /usr/bin/nvidia-smi
|
||||||
|
mountPath: /usr/bin/nvidia-smi
|
||||||
|
readOnly: true
|
||||||
|
libnvidiamlso:
|
||||||
|
enabled: true
|
||||||
|
type: hostPath
|
||||||
|
hostPath: /usr/lib/x86_64-linux-gnu/libnvidia-ml.so
|
||||||
|
mountPath: /usr/lib/x86_64-linux-gnu/libnvidia-ml.so
|
||||||
|
readOnly: true
|
||||||
|
libnvidiamlso1:
|
||||||
|
enabled: true
|
||||||
|
type: hostPath
|
||||||
|
hostPath: /usr/lib/x86_64-linux-gnu/libnvidia-ml.so.1
|
||||||
|
mountPath: /usr/lib/x86_64-linux-gnu/libnvidia-ml.so.1
|
||||||
|
readOnly: true
|
||||||
|
metrics:
|
||||||
|
main:
|
||||||
|
enabled: true
|
||||||
|
type: "servicemonitor"
|
||||||
|
endpoints:
|
||||||
|
- port: main
|
||||||
|
path: "{{ .Values.metricsEndpoint }}"
|
||||||
|
portal:
|
||||||
|
open:
|
||||||
|
enabled: false
|
||||||
|
metricsEndpoint: "/metrics"
|
||||||
|
logs:
|
||||||
|
general:
|
||||||
|
level: info
|
||||||
|
format: logfmt
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1 @@
|
||||||
|
{{- include "tc.v1.common.lib.chart.notes" $ -}}
|
|
@ -0,0 +1,4 @@
|
||||||
|
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/nvidia-gpu-exporter.png
|
||||||
|
categories:
|
||||||
|
- metrics
|
||||||
|
screenshots: []
|
|
@ -1,9 +0,0 @@
|
||||||
|
|
||||||
|
|
||||||
## [ollama-1.0.7](https://github.com/truecharts/charts/compare/ollama-1.0.6...ollama-1.0.7) (2024-02-12)
|
|
||||||
|
|
||||||
### Chore
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
- update container image ollama/ollama to v0.1.24[@bb575e1](https://github.com/bb575e1) by renovate ([#18146](https://github.com/truecharts/charts/issues/18146))
|
|
Binary file not shown.
|
@ -0,0 +1,30 @@
|
||||||
|
# Patterns to ignore when building packages.
|
||||||
|
# This supports shell glob matching, relative path matching, and
|
||||||
|
# negation (prefixed with !). Only one pattern per line.
|
||||||
|
.DS_Store
|
||||||
|
# Common VCS dirs
|
||||||
|
.git/
|
||||||
|
.gitignore
|
||||||
|
.bzr/
|
||||||
|
.bzrignore
|
||||||
|
.hg/
|
||||||
|
.hgignore
|
||||||
|
.svn/
|
||||||
|
# Common backup files
|
||||||
|
*.swp
|
||||||
|
*.bak
|
||||||
|
*.tmp
|
||||||
|
*~
|
||||||
|
# Various IDEs
|
||||||
|
.project
|
||||||
|
.idea/
|
||||||
|
*.tmproj
|
||||||
|
.vscode/
|
||||||
|
# OWNERS file for Kubernetes
|
||||||
|
OWNERS
|
||||||
|
# helm-docs templates
|
||||||
|
*.gotmpl
|
||||||
|
# docs folder
|
||||||
|
/docs
|
||||||
|
# icon
|
||||||
|
icon.png
|
|
@ -2,9 +2,18 @@
|
||||||
title: Changelog
|
title: Changelog
|
||||||
---
|
---
|
||||||
|
|
||||||
**Important:**
|
|
||||||
*for the complete changelog, please refer to the website*
|
*for the complete changelog, please refer to the website*
|
||||||
|
|
||||||
|
**Important:**
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## [ollama-1.0.7](https://github.com/truecharts/charts/compare/ollama-1.0.6...ollama-1.0.7) (2024-02-12)
|
## [ollama-1.0.7](https://github.com/truecharts/charts/compare/ollama-1.0.6...ollama-1.0.7) (2024-02-12)
|
|
@ -7,10 +7,10 @@ annotations:
|
||||||
truecharts.org/min_helm_version: "3.12"
|
truecharts.org/min_helm_version: "3.12"
|
||||||
truecharts.org/train: stable
|
truecharts.org/train: stable
|
||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
appVersion: 0.1.24
|
appVersion: 0.1.25
|
||||||
dependencies:
|
dependencies:
|
||||||
- name: common
|
- name: common
|
||||||
version: 17.2.30
|
version: 17.5.0
|
||||||
repository: https://library-charts.truecharts.org
|
repository: https://library-charts.truecharts.org
|
||||||
condition: ""
|
condition: ""
|
||||||
alias: ""
|
alias: ""
|
||||||
|
@ -23,7 +23,7 @@ icon: https://truecharts.org/img/hotlink-ok/chart-icons/ollama.png
|
||||||
keywords:
|
keywords:
|
||||||
- ollama
|
- ollama
|
||||||
- language-models
|
- language-models
|
||||||
kubeVersion: ">=1.24.0-0"
|
kubeVersion: '>=1.24.0-0'
|
||||||
maintainers:
|
maintainers:
|
||||||
- name: TrueCharts
|
- name: TrueCharts
|
||||||
email: info@truecharts.org
|
email: info@truecharts.org
|
||||||
|
@ -36,4 +36,4 @@ sources:
|
||||||
- https://hub.docker.com/r/ollama/ollama
|
- https://hub.docker.com/r/ollama/ollama
|
||||||
- https://ghcr.io/ollama-webui/ollama-webui
|
- https://ghcr.io/ollama-webui/ollama-webui
|
||||||
type: application
|
type: application
|
||||||
version: 1.0.7
|
version: 1.2.2
|
Binary file not shown.
|
@ -1,7 +1,7 @@
|
||||||
image:
|
image:
|
||||||
repository: ollama/ollama
|
repository: ollama/ollama
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
tag: 0.1.24@sha256:bb575e1ebe018b89b5adb1a654967ae337c05109e942b7b32ce90d6d731bb641
|
tag: 0.1.25@sha256:21824867532d4aaaecac4b0234c7ac6c8bb0144d86407bdd5e4141686c9fd2e4
|
||||||
uiImage:
|
uiImage:
|
||||||
repository: ghcr.io/ollama-webui/ollama-webui
|
repository: ghcr.io/ollama-webui/ollama-webui
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
@ -84,6 +84,10 @@ workload:
|
||||||
port: "{{ .Values.service.main.ports.main.targetPort }}"
|
port: "{{ .Values.service.main.ports.main.targetPort }}"
|
||||||
env:
|
env:
|
||||||
OLLAMA_API_BASE_URL: '{{ printf "http://%v-api:%v/api" (include "tc.v1.common.lib.chart.names.fullname" $) .Values.service.api.ports.api.targetPort }}'
|
OLLAMA_API_BASE_URL: '{{ printf "http://%v-api:%v/api" (include "tc.v1.common.lib.chart.names.fullname" $) .Values.service.api.ports.api.targetPort }}'
|
||||||
|
WEBUI_SECRET_KEY:
|
||||||
|
secretKeyRef:
|
||||||
|
name: ollama-secrets
|
||||||
|
key: WEBUI_SECRET_KEY
|
||||||
|
|
||||||
persistence:
|
persistence:
|
||||||
config:
|
config:
|
78
stable/ollama/1.0.7/questions.yaml → stable/ollama/1.2.2/questions.yaml
Normal file → Executable file
78
stable/ollama/1.0.7/questions.yaml → stable/ollama/1.2.2/questions.yaml
Normal file → Executable file
|
@ -31,6 +31,7 @@ groups:
|
||||||
description: Postgresql
|
description: Postgresql
|
||||||
- name: Documentation
|
- name: Documentation
|
||||||
description: Documentation
|
description: Documentation
|
||||||
|
|
||||||
portals:
|
portals:
|
||||||
open:
|
open:
|
||||||
protocols:
|
protocols:
|
||||||
|
@ -39,6 +40,7 @@ portals:
|
||||||
- "$kubernetes-resource_configmap_tcportal-open_host"
|
- "$kubernetes-resource_configmap_tcportal-open_host"
|
||||||
ports:
|
ports:
|
||||||
- "$kubernetes-resource_configmap_tcportal-open_port"
|
- "$kubernetes-resource_configmap_tcportal-open_port"
|
||||||
|
|
||||||
questions:
|
questions:
|
||||||
- variable: global
|
- variable: global
|
||||||
group: General Settings
|
group: General Settings
|
||||||
|
@ -53,6 +55,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
|
|
||||||
- variable: workload
|
- variable: workload
|
||||||
group: "Workload Settings"
|
group: "Workload Settings"
|
||||||
label: ""
|
label: ""
|
||||||
|
@ -66,6 +69,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: type
|
- variable: type
|
||||||
label: Type (Advanced)
|
label: Type (Advanced)
|
||||||
schema:
|
schema:
|
||||||
|
@ -77,6 +81,7 @@ questions:
|
||||||
- value: DaemonSet
|
- value: DaemonSet
|
||||||
description: DaemonSet
|
description: DaemonSet
|
||||||
|
|
||||||
|
|
||||||
- variable: replicas
|
- variable: replicas
|
||||||
label: Replicas (Advanced)
|
label: Replicas (Advanced)
|
||||||
description: Set the number of Replicas
|
description: Set the number of Replicas
|
||||||
|
@ -84,6 +89,7 @@ questions:
|
||||||
type: int
|
type: int
|
||||||
show_if: [["type", "!=", "DaemonSet"]]
|
show_if: [["type", "!=", "DaemonSet"]]
|
||||||
default: 1
|
default: 1
|
||||||
|
|
||||||
- variable: podSpec
|
- variable: podSpec
|
||||||
label: ""
|
label: ""
|
||||||
schema:
|
schema:
|
||||||
|
@ -96,6 +102,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: main
|
- variable: main
|
||||||
label: Main Container
|
label: Main Container
|
||||||
schema:
|
schema:
|
||||||
|
@ -104,6 +111,7 @@ questions:
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
- variable: envList
|
- variable: envList
|
||||||
label: Extra Environment Variables
|
label: Extra Environment Variables
|
||||||
description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
|
description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
|
||||||
|
@ -135,6 +143,7 @@ questions:
|
||||||
label: Arg
|
label: Arg
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
- variable: advanced
|
- variable: advanced
|
||||||
label: Show Advanced Settings
|
label: Show Advanced Settings
|
||||||
description: Advanced settings are not covered by TrueCharts Support
|
description: Advanced settings are not covered by TrueCharts Support
|
||||||
|
@ -154,6 +163,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
|
|
||||||
- variable: TZ
|
- variable: TZ
|
||||||
label: Timezone
|
label: Timezone
|
||||||
group: "General Settings"
|
group: "General Settings"
|
||||||
|
@ -162,6 +172,7 @@ questions:
|
||||||
default: "Etc/UTC"
|
default: "Etc/UTC"
|
||||||
$ref:
|
$ref:
|
||||||
- "definitions/timezone"
|
- "definitions/timezone"
|
||||||
|
|
||||||
- variable: podOptions
|
- variable: podOptions
|
||||||
group: "General Settings"
|
group: "General Settings"
|
||||||
label: "Global Pod Options (Advanced)"
|
label: "Global Pod Options (Advanced)"
|
||||||
|
@ -280,6 +291,7 @@ questions:
|
||||||
type: string
|
type: string
|
||||||
required: true
|
required: true
|
||||||
default: ""
|
default: ""
|
||||||
|
|
||||||
- variable: service
|
- variable: service
|
||||||
group: Networking and Services
|
group: Networking and Services
|
||||||
label: Configure Service(s)
|
label: Configure Service(s)
|
||||||
|
@ -287,6 +299,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: main
|
- variable: main
|
||||||
label: "Main Service"
|
label: "Main Service"
|
||||||
description: "The Primary service on which the healthcheck runs, often the webUI"
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
||||||
|
@ -294,6 +307,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: enabled
|
- variable: enabled
|
||||||
label: Enable the Service
|
label: Enable the Service
|
||||||
schema:
|
schema:
|
||||||
|
@ -311,6 +325,7 @@ questions:
|
||||||
description: LoadBalancer (Expose Ports)
|
description: LoadBalancer (Expose Ports)
|
||||||
- value: ClusterIP
|
- value: ClusterIP
|
||||||
description: ClusterIP (Do Not Expose Ports)
|
description: ClusterIP (Do Not Expose Ports)
|
||||||
|
|
||||||
- variable: loadBalancerIP
|
- variable: loadBalancerIP
|
||||||
label: LoadBalancer IP
|
label: LoadBalancer IP
|
||||||
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
|
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
|
||||||
|
@ -324,6 +339,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: main
|
- variable: main
|
||||||
label: "Main Service Port Configuration"
|
label: "Main Service Port Configuration"
|
||||||
schema:
|
schema:
|
||||||
|
@ -361,6 +377,7 @@ questions:
|
||||||
description: LoadBalancer (Expose Ports)
|
description: LoadBalancer (Expose Ports)
|
||||||
- value: ClusterIP
|
- value: ClusterIP
|
||||||
description: ClusterIP (Do Not Expose Ports)
|
description: ClusterIP (Do Not Expose Ports)
|
||||||
|
|
||||||
- variable: loadBalancerIP
|
- variable: loadBalancerIP
|
||||||
label: LoadBalancer IP
|
label: LoadBalancer IP
|
||||||
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
|
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
|
||||||
|
@ -374,6 +391,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: api
|
- variable: api
|
||||||
label: API Service Port Configuration
|
label: API Service Port Configuration
|
||||||
schema:
|
schema:
|
||||||
|
@ -395,6 +413,7 @@ questions:
|
||||||
default: false
|
default: false
|
||||||
show_subquestions_if: true
|
show_subquestions_if: true
|
||||||
subquestions:
|
subquestions:
|
||||||
|
|
||||||
- variable: scaleExternalInterface
|
- variable: scaleExternalInterface
|
||||||
description: Add External Interfaces
|
description: Add External Interfaces
|
||||||
label: Add external Interfaces
|
label: Add external Interfaces
|
||||||
|
@ -473,6 +492,7 @@ questions:
|
||||||
type: ipaddr
|
type: ipaddr
|
||||||
cidr: false
|
cidr: false
|
||||||
required: true
|
required: true
|
||||||
|
|
||||||
- variable: serviceList
|
- variable: serviceList
|
||||||
label: Add Manual Custom Services
|
label: Add Manual Custom Services
|
||||||
group: Networking and Services
|
group: Networking and Services
|
||||||
|
@ -607,6 +627,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: int
|
type: int
|
||||||
required: true
|
required: true
|
||||||
|
|
||||||
- variable: persistence
|
- variable: persistence
|
||||||
label: Integrated Persistent Storage
|
label: Integrated Persistent Storage
|
||||||
description: Integrated Persistent Storage
|
description: Integrated Persistent Storage
|
||||||
|
@ -615,6 +636,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: config
|
- variable: config
|
||||||
label: "App Config Storage"
|
label: "App Config Storage"
|
||||||
description: "Stores the Application Configuration."
|
description: "Stores the Application Configuration."
|
||||||
|
@ -888,6 +910,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
default: ""
|
default: ""
|
||||||
|
|
||||||
- variable: data
|
- variable: data
|
||||||
label: "App Data Storage"
|
label: "App Data Storage"
|
||||||
description: "Stores the Application Data."
|
description: "Stores the Application Data."
|
||||||
|
@ -1161,6 +1184,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
default: ""
|
default: ""
|
||||||
|
|
||||||
- variable: persistenceList
|
- variable: persistenceList
|
||||||
label: Additional App Storage
|
label: Additional App Storage
|
||||||
group: Storage and Persistence
|
group: Storage and Persistence
|
||||||
|
@ -1450,6 +1474,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
default: ""
|
default: ""
|
||||||
|
|
||||||
- variable: ingress
|
- variable: ingress
|
||||||
label: ""
|
label: ""
|
||||||
group: Ingress
|
group: Ingress
|
||||||
|
@ -1457,6 +1482,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: main
|
- variable: main
|
||||||
label: "Main Ingress"
|
label: "Main Ingress"
|
||||||
schema:
|
schema:
|
||||||
|
@ -1514,6 +1540,7 @@ questions:
|
||||||
default: Prefix
|
default: Prefix
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
- variable: integrations
|
- variable: integrations
|
||||||
label: Integrations
|
label: Integrations
|
||||||
description: Connect ingress with other charts
|
description: Connect ingress with other charts
|
||||||
|
@ -1738,13 +1765,7 @@ questions:
|
||||||
show_if: [["certificateIssuer", "=", ""]]
|
show_if: [["certificateIssuer", "=", ""]]
|
||||||
type: string
|
type: string
|
||||||
default: ""
|
default: ""
|
||||||
- variable: scaleCert
|
|
||||||
label: 'Use TrueNAS SCALE Certificate (Deprecated)'
|
|
||||||
schema:
|
|
||||||
show_if: [["certificateIssuer", "=", ""]]
|
|
||||||
type: int
|
|
||||||
$ref:
|
|
||||||
- "definitions/certificate"
|
|
||||||
- variable: api
|
- variable: api
|
||||||
label: "API Ingress"
|
label: "API Ingress"
|
||||||
schema:
|
schema:
|
||||||
|
@ -1802,6 +1823,7 @@ questions:
|
||||||
default: Prefix
|
default: Prefix
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
- variable: integrations
|
- variable: integrations
|
||||||
label: Integrations
|
label: Integrations
|
||||||
description: Connect ingress with other charts
|
description: Connect ingress with other charts
|
||||||
|
@ -2026,13 +2048,7 @@ questions:
|
||||||
show_if: [["certificateIssuer", "=", ""]]
|
show_if: [["certificateIssuer", "=", ""]]
|
||||||
type: string
|
type: string
|
||||||
default: ""
|
default: ""
|
||||||
- variable: scaleCert
|
|
||||||
label: 'Use TrueNAS SCALE Certificate (Deprecated)'
|
|
||||||
schema:
|
|
||||||
show_if: [["certificateIssuer", "=", ""]]
|
|
||||||
type: int
|
|
||||||
$ref:
|
|
||||||
- "definitions/certificate"
|
|
||||||
- variable: ingressList
|
- variable: ingressList
|
||||||
label: Add Manual Custom Ingresses
|
label: Add Manual Custom Ingresses
|
||||||
group: Ingress
|
group: Ingress
|
||||||
|
@ -2150,13 +2166,6 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
default: ""
|
default: ""
|
||||||
- variable: scaleCert
|
|
||||||
label: Use TrueNAS SCALE Certificate (Deprecated)
|
|
||||||
schema:
|
|
||||||
show_if: [["certificateIssuer", "=", ""]]
|
|
||||||
type: int
|
|
||||||
$ref:
|
|
||||||
- "definitions/certificate"
|
|
||||||
- variable: clusterCertificate
|
- variable: clusterCertificate
|
||||||
label: 'Cluster Certificate (Advanced)'
|
label: 'Cluster Certificate (Advanced)'
|
||||||
description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
|
description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
|
||||||
|
@ -2282,6 +2291,7 @@ questions:
|
||||||
required: true
|
required: true
|
||||||
default: "default"
|
default: "default"
|
||||||
show_if: [["enabled", "=", true]]
|
show_if: [["enabled", "=", true]]
|
||||||
|
|
||||||
- variable: securityContext
|
- variable: securityContext
|
||||||
group: Security and Permissions
|
group: Security and Permissions
|
||||||
label: Security Context
|
label: Security Context
|
||||||
|
@ -2297,6 +2307,7 @@ questions:
|
||||||
attrs:
|
attrs:
|
||||||
# Settings from questions.yaml get appended here on a per-app basis
|
# Settings from questions.yaml get appended here on a per-app basis
|
||||||
|
|
||||||
|
|
||||||
- variable: runAsUser
|
- variable: runAsUser
|
||||||
label: "runAsUser"
|
label: "runAsUser"
|
||||||
description: "The UserID of the user running the application"
|
description: "The UserID of the user running the application"
|
||||||
|
@ -2323,6 +2334,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
default: "0022"
|
default: "0022"
|
||||||
|
|
||||||
- variable: advanced
|
- variable: advanced
|
||||||
label: Show Advanced Settings
|
label: Show Advanced Settings
|
||||||
description: Advanced settings are not covered by TrueCharts Support
|
description: Advanced settings are not covered by TrueCharts Support
|
||||||
|
@ -2341,6 +2353,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: boolean
|
type: boolean
|
||||||
default: true
|
default: true
|
||||||
|
|
||||||
- variable: pod
|
- variable: pod
|
||||||
label: Pod
|
label: Pod
|
||||||
schema:
|
schema:
|
||||||
|
@ -2368,6 +2381,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: int
|
type: int
|
||||||
# Settings from questions.yaml get appended here on a per-app basis
|
# Settings from questions.yaml get appended here on a per-app basis
|
||||||
|
|
||||||
- variable: fsGroup
|
- variable: fsGroup
|
||||||
label: "fsGroup"
|
label: "fsGroup"
|
||||||
description: "The group that should own ALL storage."
|
description: "The group that should own ALL storage."
|
||||||
|
@ -2402,6 +2416,21 @@ questions:
|
||||||
type: string
|
type: string
|
||||||
default: 8Gi
|
default: 8Gi
|
||||||
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
|
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
|
||||||
|
- variable: 'intel.com/i915'
|
||||||
|
label: Add Intel i915 GPUs
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
default: 0
|
||||||
|
- variable: 'nvidia.com/gpu'
|
||||||
|
label: Add NVIDIA GPUs (Experimental)
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
default: 0
|
||||||
|
- variable: 'amd.com/gpu'
|
||||||
|
label: Add AMD GPUs
|
||||||
|
schema:
|
||||||
|
type: int
|
||||||
|
default: 0
|
||||||
- variable: requests
|
- variable: requests
|
||||||
label: "Minimum Resources Required (request)"
|
label: "Minimum Resources Required (request)"
|
||||||
schema:
|
schema:
|
||||||
|
@ -2494,6 +2523,7 @@ questions:
|
||||||
type: string
|
type: string
|
||||||
default: workaround
|
default: workaround
|
||||||
hidden: true
|
hidden: true
|
||||||
|
|
||||||
# - variable: horizontalPodAutoscaler
|
# - variable: horizontalPodAutoscaler
|
||||||
# group: Advanced
|
# group: Advanced
|
||||||
# label: (Advanced) Horizontal Pod Autoscaler
|
# label: (Advanced) Horizontal Pod Autoscaler
|
||||||
|
@ -2924,6 +2954,7 @@ questions:
|
||||||
description: UDP
|
description: UDP
|
||||||
- value: SCTP
|
- value: SCTP
|
||||||
description: SCTP
|
description: SCTP
|
||||||
|
|
||||||
- variable: addons
|
- variable: addons
|
||||||
group: Addons
|
group: Addons
|
||||||
label: ""
|
label: ""
|
||||||
|
@ -2931,6 +2962,7 @@ questions:
|
||||||
additional_attrs: true
|
additional_attrs: true
|
||||||
type: dict
|
type: dict
|
||||||
attrs:
|
attrs:
|
||||||
|
|
||||||
- variable: codeserver
|
- variable: codeserver
|
||||||
label: Codeserver
|
label: Codeserver
|
||||||
schema:
|
schema:
|
||||||
|
@ -3208,6 +3240,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
required: true
|
required: true
|
||||||
|
|
||||||
- variable: netshoot
|
- variable: netshoot
|
||||||
label: Netshoot
|
label: Netshoot
|
||||||
schema:
|
schema:
|
||||||
|
@ -3244,6 +3277,7 @@ questions:
|
||||||
schema:
|
schema:
|
||||||
type: string
|
type: string
|
||||||
required: true
|
required: true
|
||||||
|
|
||||||
- variable: vpn
|
- variable: vpn
|
||||||
label: VPN
|
label: VPN
|
||||||
schema:
|
schema:
|
||||||
|
@ -3418,6 +3452,7 @@ questions:
|
||||||
type: string
|
type: string
|
||||||
required: true
|
required: true
|
||||||
max_length: 10240
|
max_length: 10240
|
||||||
|
|
||||||
- variable: docs
|
- variable: docs
|
||||||
group: Documentation
|
group: Documentation
|
||||||
label: Please read the documentation at https://truecharts.org
|
label: Please read the documentation at https://truecharts.org
|
||||||
|
@ -3447,3 +3482,4 @@ questions:
|
||||||
type: boolean
|
type: boolean
|
||||||
default: true
|
default: true
|
||||||
hidden: true
|
hidden: true
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
{{- include "tc.v1.common.lib.chart.notes" $ -}}
|
|
@ -0,0 +1,13 @@
|
||||||
|
{{/* Define the secrets */}}
|
||||||
|
{{- define "ollama.secrets" -}}
|
||||||
|
{{- $secretName := (printf "%s-ollama-secrets" (include "tc.v1.common.lib.chart.names.fullname" $)) }}
|
||||||
|
|
||||||
|
{{- $secretKey := randAlphaNum 64 -}}
|
||||||
|
|
||||||
|
{{- with lookup "v1" "Secret" .Release.Namespace $secretName -}}
|
||||||
|
{{- $secretKey = index .data "WEBUI_SECRET_KEY" | b64dec -}}
|
||||||
|
{{- end }}
|
||||||
|
enabled: true
|
||||||
|
data:
|
||||||
|
WEBUI_SECRET_KEY: {{ $secretKey }}
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,11 @@
|
||||||
|
{{/* Make sure all variables are set properly */}}
|
||||||
|
{{- include "tc.v1.common.loader.init" . -}}
|
||||||
|
|
||||||
|
{{/* Render secrets for ollama */}}
|
||||||
|
{{- $secrets := include "ollama.secrets" . | fromYaml -}}
|
||||||
|
{{- if $secrets -}}
|
||||||
|
{{- $_ := set .Values.secret "ollama-secrets" $secrets -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* Render the templates */}}
|
||||||
|
{{- include "tc.v1.common.loader.apply" . -}}
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue