diff --git a/incubator/plex-meta-manager/0.0.5/README.md b/incubator/plex-meta-manager/0.0.5/README.md deleted file mode 100644 index babbf185038..00000000000 --- a/incubator/plex-meta-manager/0.0.5/README.md +++ /dev/null @@ -1,44 +0,0 @@ -# plex-meta-manager - -Python script to update metadata and automatically build collections. - -TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation. -**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)** - -## Source Code - -* -* -* - -## Requirements - -Kubernetes: `>=1.16.0-0` - -## Dependencies - -| Repository | Name | Version | -|------------|------|---------| -| https://library-charts.truecharts.org | common | 10.4.4 | - -## Installing the Chart - -To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/02-Installing-an-App/). - -## Upgrading, Rolling Back and Uninstalling the Chart - -To upgrade, rollback or delete this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/04-Upgrade-rollback-delete-an-App/). - -##### Connecting to other apps -If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our [Linking Apps Internally](https://truecharts.org/manual/Quick-Start%20Guides/06-linking-apps/) quick-start guide. - -## Support - -- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first. -- See the [Wiki](https://truecharts.org) -- Check our [Discord](https://discord.gg/tVsPTHWTtr) -- Open a [issue](https://github.com/truecharts/apps/issues/new/choose) - ---- - -All Rights Reserved - The TrueCharts Project diff --git a/incubator/plex-meta-manager/0.0.5/ix_values.yaml b/incubator/plex-meta-manager/0.0.5/ix_values.yaml deleted file mode 100644 index da7e17399a2..00000000000 --- a/incubator/plex-meta-manager/0.0.5/ix_values.yaml +++ /dev/null @@ -1,40 +0,0 @@ -image: - repository: linuxserver/plex-meta-manager - pullPolicy: IfNotPresent - tag: v1.17.1@sha256:af30bf9e2a48a2d359e097854becde159befc6e4dfd33b6b1d1c529fed565537 - -securityContext: - readOnlyRootFilesystem: false - runAsNonRoot: false - -podSecurityContext: - runAsUser: 0 - runAsGroup: 0 - -env: - PMM_CONFIG: "/config/config.yaml" - PMM_TIME: "03:00" - PMM_RUN: true - PMM_TEST: false - PMM_NO_MISSING: false - -service: - main: - ports: - main: - port: 10281 - targetPort: 10281 - protocol: HTTP - -probes: - liveness: - enabled: false - readiness: - enabled: false - startup: - enabled: false - -persistence: - config: - enabled: true - mountPath: "/config" diff --git a/incubator/plex-meta-manager/0.0.5/CHANGELOG.md b/incubator/plex-meta-manager/0.0.6/CHANGELOG.md similarity index 74% rename from incubator/plex-meta-manager/0.0.5/CHANGELOG.md rename to incubator/plex-meta-manager/0.0.6/CHANGELOG.md index 29687687469..94ca12d033f 100644 --- a/incubator/plex-meta-manager/0.0.5/CHANGELOG.md +++ b/incubator/plex-meta-manager/0.0.6/CHANGELOG.md @@ -1,6 +1,14 @@ # Changelog +## [plex-meta-manager-0.0.6](https://github.com/truecharts/apps/compare/plex-meta-manager-0.0.5...plex-meta-manager-0.0.6) (2022-07-18) + +### Fix + +- Change upstream image, update env, add docs ([#3206](https://github.com/truecharts/apps/issues/3206)) + + + ## [plex-meta-manager-0.0.5](https://github.com/truecharts/apps/compare/plex-meta-manager-0.0.4...plex-meta-manager-0.0.5) (2022-07-15) diff --git a/incubator/plex-meta-manager/0.0.5/Chart.lock b/incubator/plex-meta-manager/0.0.6/Chart.lock similarity index 80% rename from incubator/plex-meta-manager/0.0.5/Chart.lock rename to incubator/plex-meta-manager/0.0.6/Chart.lock index 4b277470cbe..96d6cbd5ec0 100644 --- a/incubator/plex-meta-manager/0.0.5/Chart.lock +++ b/incubator/plex-meta-manager/0.0.6/Chart.lock @@ -3,4 +3,4 @@ dependencies: repository: https://library-charts.truecharts.org version: 10.4.4 digest: sha256:e76f58e980866194e06f0e9135c981662f0b1132d3c5848dbf344c48ab657396 -generated: "2022-07-15T09:26:51.364484811Z" +generated: "2022-07-18T21:09:15.065495503Z" diff --git a/incubator/plex-meta-manager/0.0.5/Chart.yaml b/incubator/plex-meta-manager/0.0.6/Chart.yaml similarity index 83% rename from incubator/plex-meta-manager/0.0.5/Chart.yaml rename to incubator/plex-meta-manager/0.0.6/Chart.yaml index 2c998a92ee1..b329eee36b7 100644 --- a/incubator/plex-meta-manager/0.0.5/Chart.yaml +++ b/incubator/plex-meta-manager/0.0.6/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 kubeVersion: ">=1.16.0-0" name: plex-meta-manager -version: 0.0.5 +version: 0.0.6 appVersion: "1.17.1" description: Python script to update metadata and automatically build collections. type: application @@ -11,8 +11,7 @@ icon: https://truecharts.org/img/chart-icons/plex-meta-manager.png keywords: - plex-meta-manager sources: - - https://hub.docker.com/r/linuxserver/plex-meta-manager - - https://github.com/linuxserver/docker-plex-meta-manager + - https://hub.docker.com/r/meisnate12/Plex-Meta-Manager - https://github.com/meisnate12/Plex-Meta-Manager dependencies: - name: common @@ -24,6 +23,6 @@ maintainers: url: https://truecharts.org annotations: truecharts.org/catagories: | - - incubator + - media truecharts.org/SCALE-support: "true" truecharts.org/grade: U diff --git a/incubator/plex-meta-manager/0.0.6/README.md b/incubator/plex-meta-manager/0.0.6/README.md new file mode 100644 index 00000000000..ff42fd7934b --- /dev/null +++ b/incubator/plex-meta-manager/0.0.6/README.md @@ -0,0 +1,58 @@ +# plex-meta-manager + +![Version: 0.0.6](https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.17.1](https://img.shields.io/badge/AppVersion-1.17.1-informational?style=flat-square) + +Python script to update metadata and automatically build collections. + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| TrueCharts | info@truecharts.org | https://truecharts.org | + +## Source Code + +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +| Repository | Name | Version | +|------------|------|---------| +| https://library-charts.truecharts.org | common | 10.4.4 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| env.PMM_CONFIG | string | `"/config/config.yml"` | | +| env.PMM_NO_COUNTDOWN | bool | `true` | | +| env.PMM_RUN | bool | `true` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"tccr.io/truecharts/plex-meta-manager"` | | +| image.tag | string | `"v1.17.1@sha256:138b60cdde3cd08ae25a78c44d8a03da715538d76dc137318dc3fdde19ba4bcd"` | | +| initContainers.1-create-init-config-file.args[0] | string | `"echo \"Creating config.yml file...\"\nif [ -f /config/config.yml ]; then\n echo \"Config file exists!, Skipping...\"\nelse\n echo \"Config file is missing, getting a new one!\"\n curl -fLvo /config/config.yml https://raw.githubusercontent.com/meisnate12/Plex-Meta-Manager/master/config/config.yml.template || ( echo \"Downloading config file, FAILED...\" && exit 1 )\nfi"` | | +| initContainers.1-create-init-config-file.command[0] | string | `"/bin/sh"` | | +| initContainers.1-create-init-config-file.command[1] | string | `"-c"` | | +| initContainers.1-create-init-config-file.image | string | `"{{ .Values.alpineImage.repository }}:{{ .Values.alpineImage.tag }}"` | | +| initContainers.1-create-init-config-file.volumeMounts[0].mountPath | string | `"/config"` | | +| initContainers.1-create-init-config-file.volumeMounts[0].name | string | `"config"` | | +| persistence.config.enabled | bool | `true` | | +| persistence.config.mountPath | string | `"/config"` | | +| podSecurityContext.runAsGroup | int | `0` | | +| podSecurityContext.runAsUser | int | `0` | | +| probes.liveness.enabled | bool | `false` | | +| probes.readiness.enabled | bool | `false` | | +| probes.startup.enabled | bool | `false` | | +| securityContext.readOnlyRootFilesystem | bool | `false` | | +| securityContext.runAsNonRoot | bool | `false` | | +| service.main.ports.main.port | int | `10281` | | +| service.main.ports.main.protocol | string | `"HTTP"` | | +| service.main.ports.main.targetPort | int | `10281` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1) diff --git a/incubator/plex-meta-manager/0.0.5/app-readme.md b/incubator/plex-meta-manager/0.0.6/app-readme.md similarity index 100% rename from incubator/plex-meta-manager/0.0.5/app-readme.md rename to incubator/plex-meta-manager/0.0.6/app-readme.md diff --git a/incubator/plex-meta-manager/0.0.5/charts/common-10.4.4.tgz b/incubator/plex-meta-manager/0.0.6/charts/common-10.4.4.tgz similarity index 100% rename from incubator/plex-meta-manager/0.0.5/charts/common-10.4.4.tgz rename to incubator/plex-meta-manager/0.0.6/charts/common-10.4.4.tgz diff --git a/incubator/plex-meta-manager/0.0.6/ix_values.yaml b/incubator/plex-meta-manager/0.0.6/ix_values.yaml new file mode 100644 index 00000000000..89a45ce85b6 --- /dev/null +++ b/incubator/plex-meta-manager/0.0.6/ix_values.yaml @@ -0,0 +1,56 @@ +image: + repository: tccr.io/truecharts/plex-meta-manager + pullPolicy: IfNotPresent + tag: v1.17.1@sha256:138b60cdde3cd08ae25a78c44d8a03da715538d76dc137318dc3fdde19ba4bcd + +securityContext: + readOnlyRootFilesystem: false + runAsNonRoot: false + +podSecurityContext: + runAsUser: 0 + runAsGroup: 0 + +env: + PMM_CONFIG: "/config/config.yml" + # PMM_TIME: "" + PMM_RUN: true + PMM_NO_COUNTDOWN: true + +service: + main: + ports: + main: + port: 10281 + targetPort: 10281 + protocol: HTTP + +probes: + liveness: + enabled: false + readiness: + enabled: false + startup: + enabled: false + +persistence: + config: + enabled: true + mountPath: "/config" + +initContainers: + 1-create-init-config-file: + image: "{{ .Values.alpineImage.repository }}:{{ .Values.alpineImage.tag }}" + volumeMounts: + - name: config + mountPath: "/config" + command: ["/bin/sh", "-c"] + args: + - |- + echo "Creating config.yml file..." + if [ -f /config/config.yml ]; then + echo "Config file exists!, Skipping..." + else + echo "Config file is missing, getting a new one!" + curl -fLvo /config/config.yml https://raw.githubusercontent.com/meisnate12/Plex-Meta-Manager/master/config/config.yml.template || ( echo "Downloading config file, FAILED..." && exit 1 ) + fi diff --git a/incubator/plex-meta-manager/0.0.5/questions.yaml b/incubator/plex-meta-manager/0.0.6/questions.yaml similarity index 98% rename from incubator/plex-meta-manager/0.0.5/questions.yaml rename to incubator/plex-meta-manager/0.0.6/questions.yaml index 1ff5d12f359..c65a34c3752 100644 --- a/incubator/plex-meta-manager/0.0.5/questions.yaml +++ b/incubator/plex-meta-manager/0.0.6/questions.yaml @@ -40,7 +40,6 @@ questions: type: boolean default: true hidden: true - - variable: controller group: "Controller" label: "" @@ -154,44 +153,26 @@ questions: additional_attrs: true type: dict attrs: - - variable: PMM_CONFIG - label: "PMM CONFIG" - description: "Specify a internal config.yaml" - schema: - type: string - default: "/config/config.yaml" - variable: PMM_RUN label: "PMM RUN" - description: "Set to false to run with a scheduler." + description: "Perform a run immediately, bypassing the time to run flag." schema: type: boolean default: true - - variable: customtime - label: "Set PMM Time" - schema: - show_if: [["PMM_RUN", "=", false]] - type: boolean - default: false - show_subquestions_if: true + show_subquestions_if: false subquestions: - variable: PMM_TIME label: "PMM TIME" - description: "Comma-separated list of times to update each day. Format: HH:MM" + description: "Specify the time of day that Plex Meta Manager will run. Format: HH:MM" schema: type: string default: "" - - variable: PMM_TEST - label: "PMM TEST" - description: "Set to True to run in debug mode with only collections that have test: true" - schema: - type: boolean - default: false - - variable: PMM_NO_MISSING - label: "PMM NO MISSING" - description: "Set to True to run without any of the missing movie/show functions." - schema: - type: boolean - default: false + - variable: PMM_NO_COUNTDOWN + label: "PMM NO COUNTDOWN" + description: "Run without displaying a countdown to the next scheduled run." + schema: + type: boolean + default: true - variable: TZ label: "Timezone" group: "Container Configuration" diff --git a/incubator/plex-meta-manager/0.0.5/templates/common.yaml b/incubator/plex-meta-manager/0.0.6/templates/common.yaml similarity index 100% rename from incubator/plex-meta-manager/0.0.5/templates/common.yaml rename to incubator/plex-meta-manager/0.0.6/templates/common.yaml diff --git a/incubator/plex-meta-manager/0.0.5/values.yaml b/incubator/plex-meta-manager/0.0.6/values.yaml similarity index 100% rename from incubator/plex-meta-manager/0.0.5/values.yaml rename to incubator/plex-meta-manager/0.0.6/values.yaml diff --git a/incubator/plex-meta-manager/item.yaml b/incubator/plex-meta-manager/item.yaml index ecf56a9e465..4882793d79c 100644 --- a/incubator/plex-meta-manager/item.yaml +++ b/incubator/plex-meta-manager/item.yaml @@ -1,4 +1,4 @@ icon_url: https://truecharts.org/img/chart-icons/plex-meta-manager.png categories: -- incubator +- media diff --git a/stable/node-red/11.0.19/CHANGELOG.md b/stable/node-red/11.0.19/CHANGELOG.md new file mode 100644 index 00000000000..8a06764fbba --- /dev/null +++ b/stable/node-red/11.0.19/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog + + +## [node-red-11.0.19](https://github.com/truecharts/apps/compare/node-red-11.0.18...node-red-11.0.19) (2022-07-18) + +### Chore + +- update container image tccr.io/truecharts/node-red to v3.0.0 ([#3187](https://github.com/truecharts/apps/issues/3187)) + + + +## [node-red-11.0.18](https://github.com/truecharts/apps/compare/node-red-11.0.17...node-red-11.0.18) (2022-07-14) + +### Fix + +- regenerate catalog and update template + + + +## [node-red-11.0.17](https://github.com/truecharts/apps/compare/node-red-11.0.15...node-red-11.0.17) (2022-07-14) + +### Fix + +- bump to ensure .helmignore is present on all Charts + + + +## [node-red-11.0.15](https://github.com/truecharts/apps/compare/node-red-11.0.13...node-red-11.0.15) (2022-07-12) + +### Chore + +- update icons ([#3156](https://github.com/truecharts/apps/issues/3156)) +- bump to cleanup old docs and use correct icon urls + + + +## [node-red-11.0.13](https://github.com/truecharts/apps/compare/node-red-11.0.12...node-red-11.0.13) (2022-07-12) + +### Chore + +- bump to regenerate documentation + + + + +### [node-red-11.0.12](https://github.com/truecharts/apps/compare/node-red-11.0.11...node-red-11.0.12) (2022-07-12) + +#### Chore + +* update helm general non-major helm releases ([#3147](https://github.com/truecharts/apps/issues/3147)) + + + + +### [node-red-11.0.11](https://github.com/truecharts/apps/compare/node-red-11.0.10...node-red-11.0.11) (2022-07-11) + +#### Chore + +* move icons into the apps folder ([#3139](https://github.com/truecharts/apps/issues/3139)) + + + + +### [node-red-11.0.10](https://github.com/truecharts/apps/compare/node-red-11.0.9...node-red-11.0.10) (2022-07-09) + +#### Chore + +* update helm general non-major helm releases ([#3113](https://github.com/truecharts/apps/issues/3113)) + + + + +### [node-red-11.0.9](https://github.com/truecharts/apps/compare/node-red-11.0.8...node-red-11.0.9) (2022-07-04) + +#### Chore + +* update helm general non-major helm releases ([#3066](https://github.com/truecharts/apps/issues/3066)) + + + + +### [node-red-11.0.8](https://github.com/truecharts/apps/compare/node-red-11.0.7...node-red-11.0.8) (2022-06-25) + +#### Chore + +* update helm general non-major helm releases ([#2977](https://github.com/truecharts/apps/issues/2977)) + + + + +### [node-red-11.0.7](https://github.com/truecharts/apps/compare/node-red-11.0.6...node-red-11.0.7) (2022-06-22) + +#### Chore + +* update helm general non-major helm releases ([#2948](https://github.com/truecharts/apps/issues/2948)) + + + + diff --git a/stable/node-red/11.0.19/Chart.lock b/stable/node-red/11.0.19/Chart.lock new file mode 100644 index 00000000000..641bc842bc1 --- /dev/null +++ b/stable/node-red/11.0.19/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.4.4 +digest: sha256:e76f58e980866194e06f0e9135c981662f0b1132d3c5848dbf344c48ab657396 +generated: "2022-07-18T21:09:15.154227333Z" diff --git a/stable/node-red/11.0.19/Chart.yaml b/stable/node-red/11.0.19/Chart.yaml new file mode 100644 index 00000000000..5cba51fed44 --- /dev/null +++ b/stable/node-red/11.0.19/Chart.yaml @@ -0,0 +1,28 @@ +apiVersion: v2 +appVersion: "3.0.0" +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.4.4 +deprecated: false +description: Node-RED is low-code programming for event-driven applications +home: https://github.com/truecharts/apps/tree/master/charts/stable/node-red +icon: https://truecharts.org/img/chart-icons/node-red.png +keywords: +- node-red +- nodered +kubeVersion: '>=1.16.0-0' +maintainers: +- email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: node-red +sources: +- https://github.com/node-red/node-red-docker +type: application +version: 11.0.19 +annotations: + truecharts.org/catagories: | + - tools + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/stable/node-red/11.0.19/README.md b/stable/node-red/11.0.19/README.md new file mode 100644 index 00000000000..eaa7d8e1ecc --- /dev/null +++ b/stable/node-red/11.0.19/README.md @@ -0,0 +1,41 @@ +# node-red + +![Version: 11.0.19](https://img.shields.io/badge/Version-11.0.19-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.0.0](https://img.shields.io/badge/AppVersion-3.0.0-informational?style=flat-square) + +Node-RED is low-code programming for event-driven applications + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| TrueCharts | info@truecharts.org | https://truecharts.org | + +## Source Code + +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +| Repository | Name | Version | +|------------|------|---------| +| https://library-charts.truecharts.org | common | 10.4.4 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| env.TZ | string | `"{{ .Values.TZ }}"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"tccr.io/truecharts/node-red"` | | +| image.tag | string | `"v3.0.0@sha256:c1e4e4d7069b1add7907dd6653914318aaa7b78bde190dd58eb1a0f0a04afc30"` | | +| persistence.data.enabled | bool | `true` | | +| persistence.data.mountPath | string | `"/data"` | | +| service.main.ports.main.port | int | `1880` | | +| service.main.ports.main.targetPort | int | `1880` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1) diff --git a/stable/node-red/11.0.19/app-readme.md b/stable/node-red/11.0.19/app-readme.md new file mode 100644 index 00000000000..ebc1d274935 --- /dev/null +++ b/stable/node-red/11.0.19/app-readme.md @@ -0,0 +1,3 @@ +Node-RED is low-code programming for event-driven applications + +This App is supplied by TrueCharts, for more information please visit https://truecharts.org diff --git a/stable/node-red/11.0.19/charts/common-10.4.4.tgz b/stable/node-red/11.0.19/charts/common-10.4.4.tgz new file mode 100644 index 00000000000..8604b47288a Binary files /dev/null and b/stable/node-red/11.0.19/charts/common-10.4.4.tgz differ diff --git a/stable/node-red/11.0.19/ix_values.yaml b/stable/node-red/11.0.19/ix_values.yaml new file mode 100644 index 00000000000..f9cbf11da35 --- /dev/null +++ b/stable/node-red/11.0.19/ix_values.yaml @@ -0,0 +1,23 @@ +image: + repository: tccr.io/truecharts/node-red + pullPolicy: IfNotPresent + tag: v3.0.0@sha256:c1e4e4d7069b1add7907dd6653914318aaa7b78bde190dd58eb1a0f0a04afc30 + +env: + TZ: "{{ .Values.TZ }}" +# NODE_OPTIONS: +# NODE_RED_ENABLE_PROJECTS: +# NODE_RED_ENABLE_SAFE_MODE: +# FLOWS: + +service: + main: + ports: + main: + port: 1880 + targetPort: 1880 + +persistence: + data: + enabled: true + mountPath: "/data" diff --git a/stable/node-red/11.0.19/questions.yaml b/stable/node-red/11.0.19/questions.yaml new file mode 100644 index 00000000000..86aeae1fb57 --- /dev/null +++ b/stable/node-red/11.0.19/questions.yaml @@ -0,0 +1,2431 @@ +groups: + - name: "Container Image" + description: "Image to be used for container" + - name: "Controller" + description: "Configure workload deployment" + - name: "Container Configuration" + description: "additional container configuration" + - name: "App Configuration" + description: "App specific config options" + - name: "Networking and Services" + description: "Configure Network and Services for container" + - name: "Storage and Persistence" + description: "Persist and share data that is separate from the container" + - name: "Ingress" + description: "Ingress Configuration" + - name: "Security and Permissions" + description: "Configure security context and permissions" + - name: "Resources and Devices" + description: "Specify resources/devices to be allocated to workload" + - name: "Middlewares" + description: "Traefik Middlewares" + - name: "Metrics" + description: "Metrics" + - name: "Addons" + description: "Addon Configuration" + - name: "Advanced" + description: "Advanced Configuration" +portals: + open: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: true + - variable: global + label: "global settings" + group: "Controller" + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: "flag this is SCALE" + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: "Controller" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: "Show Advanced Controller Settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: "Please specify type of workload to deploy" + label: "(Advanced) Controller Type" + schema: + type: string + default: "deployment" + required: true + enum: + - value: "deployment" + description: "Deployment" + - value: "statefulset" + description: "Statefulset" + - value: "daemonset" + description: "Daemonset" + - variable: replicas + description: "Number of desired pod replicas" + label: "Desired Replicas" + schema: + type: int + default: 1 + required: true + - variable: strategy + description: "Please specify type of workload to deploy" + label: "(Advanced) Update Strategy" + schema: + type: string + default: "Recreate" + required: true + enum: + - value: "Recreate" + description: "Recreate: Kill existing pods before creating new ones" + - value: "RollingUpdate" + description: "RollingUpdate: Create new pods and then kill old ones" + - value: "OnDelete" + description: "(Legacy) OnDelete: ignore .spec.template changes" + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: "Extra Args" + schema: + type: list + default: [] + items: + - variable: arg + label: "arg" + schema: + type: string + - variable: labelsList + label: "Controller Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: " Controller Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: TZ + label: "Timezone" + group: "Container Configuration" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + + - variable: envList + label: "Image environment" + group: "Container Configuration" + schema: + type: list + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: expertpodconf + group: "Container Configuration" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: tty + label: "Enable TTY" + description: "Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled." + group: "Workload Details" + schema: + type: boolean + default: false + - variable: stdin + label: "Enable STDIN" + description: "Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled." + group: "Workload Details" + schema: + type: boolean + default: false + - variable: termination + group: "Container Configuration" + label: "Termination settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: gracePeriodSeconds + label: "Grace Period Seconds" + schema: + type: int + default: 10 + - variable: podLabelsList + group: "Container Configuration" + label: "Pod Labels" + schema: + type: list + default: [] + items: + - variable: podLabelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: podAnnotationsList + group: "Container Configuration" + label: "Pod Annotations" + schema: + type: list + default: [] + items: + - variable: podAnnotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: service + group: "Networking and Services" + label: "Configure Service(s)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "ClusterIP" + description: "ClusterIP" + - value: "NodePort" + description: "NodePort (Advanced)" + - value: "LoadBalancer" + description: "LoadBalancer (Advanced)" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ipFamilyPolicy + label: "IP Family Policy" + description: "(Advanced) Specify the ip policy" + schema: + show_if: [["type", "!=", "Simple"]] + type: string + default: "SingleStack" + enum: + - value: "SingleStack" + description: "SingleStack" + - value: "PreferDualStack" + description: "PreferDualStack" + - value: "RequireDualStack" + description: "RequireDualStack" + - variable: ipFamilies + label: "(advanced) IP families" + description: "(advanced) The ip families that should be used" + schema: + show_if: [["type", "!=", "Simple"]] + type: list + default: [] + items: + - variable: ipFamily + label: "IP family" + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service Port Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + default: 1880 + required: true + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 1880 + + - variable: serviceexpert + group: "Networking and Services" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostNetwork + group: "Networking and Services" + label: "Host-Networking (Complicated)" + schema: + type: boolean + default: false + + - variable: externalInterfaces + description: "Add External Interfaces" + label: "Add external Interfaces" + group: "Networking" + schema: + type: list + items: + - variable: interfaceConfiguration + description: "Interface Configuration" + label: "Interface Configuration" + schema: + type: dict + $ref: + - "normalize/interfaceConfiguration" + attrs: + - variable: hostInterface + description: "Please specify host interface" + label: "Host Interface" + schema: + type: string + required: true + $ref: + - "definitions/interface" + - variable: ipam + description: "Define how IP Address will be managed" + label: "IP Address Management" + schema: + type: dict + required: true + attrs: + - variable: type + description: "Specify type for IPAM" + label: "IPAM Type" + schema: + type: string + required: true + enum: + - value: "dhcp" + description: "Use DHCP" + - value: "static" + description: "Use static IP" + show_subquestions_if: "static" + subquestions: + - variable: staticIPConfigurations + label: "Static IP Addresses" + schema: + type: list + items: + - variable: staticIP + label: "Static IP" + schema: + type: ipaddr + cidr: true + - variable: staticRoutes + label: "Static Routes" + schema: + type: list + items: + - variable: staticRouteConfiguration + label: "Static Route Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: destination + label: "Destination" + schema: + type: ipaddr + cidr: true + required: true + - variable: gateway + label: "Gateway" + schema: + type: ipaddr + cidr: false + required: true + + - variable: dnsPolicy + group: "Networking and Services" + label: "dnsPolicy" + schema: + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "ClusterFirst" + description: "ClusterFirst" + - value: "ClusterFirstWithHostNet" + description: "ClusterFirstWithHostNet" + - value: "None" + description: "None" + + - variable: dnsConfig + label: "DNS Configuration" + group: "Networking and Services" + description: "Specify custom DNS configuration which will be applied to the pod" + schema: + additional_attrs: true + type: dict + attrs: + - variable: nameservers + label: "Nameservers" + schema: + default: [] + type: list + items: + - variable: nameserver + label: "Nameserver" + schema: + type: string + - variable: options + label: "options" + schema: + default: [] + type: list + items: + - variable: option + label: "Option Entry" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: searches + label: "Searches" + schema: + default: [] + type: list + items: + - variable: search + label: "Search Entry" + schema: + type: string + + - variable: serviceList + label: "Add Manual Custom Services" + group: "Networking and Services" + schema: + type: list + default: [] + items: + - variable: serviceListEntry + label: "Custom Service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name" + schema: + type: string + default: "" + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "NodePort" + description: "NodePort" + - value: "ClusterIP" + description: "ClusterIP" + - value: "LoadBalancer" + description: "LoadBalancer" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: portsList + label: "Additional Service Ports" + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: "Custom ports" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the port" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Port Name" + schema: + type: string + default: "" + - variable: protocol + label: "Port Type" + schema: + type: string + default: "TCP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: targetPort + label: "Target Port" + description: "This port exposes the container port on the service" + schema: + type: int + required: true + - variable: port + label: "Container Port" + schema: + type: int + required: true + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort" + schema: + type: int + min: 9000 + max: 65535 + + - variable: persistence + label: "Integrated Persistent Storage" + description: "Integrated Persistent Storage" + group: "Storage and Persistence" + schema: + additional_attrs: true + type: dict + attrs: + - variable: data + label: "App Config Storage" + description: "Stores the Application Configuration." + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Type of Storage" + description: "Sets the persistence type, Anything other than PVC could break rollback!" + schema: + type: string + default: "simplePVC" + enum: + - value: "simplePVC" + description: "PVC (simple)" + - value: "simpleHP" + description: "HostPath (simple)" + - value: "emptyDir" + description: "emptyDir" + - value: "pvc" + description: "pvc" + - value: "hostPath" + description: "hostPath" + - value: "nfs" + description: "NFS Share" + - variable: server + label: "NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: "Path on NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: true + - variable: setPermissions + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPathSimple + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: medium + label: "EmptyDir Medium" + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "Memory" + description: "Memory" + - variable: size + label: "Size quotum of storage" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "999Gi" + - variable: hostPathType + label: "(Advanced) hostPath Type" + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "DirectoryOrCreate" + description: "DirectoryOrCreate" + - value: "Directory" + description: "Directory" + - value: "FileOrCreate" + description: "FileOrCreate" + - value: "File" + description: "File" + - value: "Socket" + description: "Socket" + - value: "CharDevice" + description: "CharDevice" + - value: "BlockDevice" + description: "BlockDevice" + - variable: storageClass + label: "(Advanced) storageClass" + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "SCALE-ZFS" + - variable: accessMode + label: "(Advanced) Access Mode" + description: "Allow or disallow multiple PVC's writhing to the same PV" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: advanced + label: "Show Advanced Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: persistenceList + label: "Additional app storage" + group: "Storage and Persistence" + schema: + type: list + default: [] + items: + - variable: persistenceListEntry + label: "Custom Storage" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name (optional)" + description: "Not required, please set to config when mounting /config or temp when mounting /tmp" + schema: + type: string + - variable: type + label: "Type of Storage" + description: "Sets the persistence type, Anything other than PVC could break rollback!" + schema: + type: string + default: "simpleHP" + enum: + - value: "simplePVC" + description: "PVC (simple)" + - value: "simpleHP" + description: "HostPath (simple)" + - value: "emptyDir" + description: "emptyDir" + - value: "pvc" + description: "pvc" + - value: "hostPath" + description: "hostPath" + - value: "nfs" + description: "NFS Share" + - variable: server + label: "NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: path + label: "Path on NFS server" + schema: + show_if: [["type", "=", "nfs"]] + type: string + default: "" + - variable: setPermissionsSimple + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "simpleHP"]] + type: boolean + default: true + - variable: setPermissions + label: "Automatic Permissions" + description: "Automatically set permissions on install" + schema: + show_if: [["type", "=", "hostPath"]] + type: boolean + default: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPathSimple + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "simpleHP"]] + type: hostpath + - variable: hostPath + label: "hostPath" + description: "Path inside the container the storage is mounted" + schema: + show_if: [["type", "=", "hostPath"]] + type: hostpath + - variable: mountPath + label: "mountPath" + description: "Path inside the container the storage is mounted" + schema: + type: string + default: "" + required: true + valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$' + - variable: medium + label: "EmptyDir Medium" + schema: + show_if: [["type", "=", "emptyDir"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "Memory" + description: "Memory" + - variable: size + label: "Size quotum of storage" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "999Gi" + - variable: hostPathType + label: "(Advanced) hostPath Type" + schema: + show_if: [["type", "=", "hostPath"]] + type: string + default: "" + enum: + - value: "" + description: "Default" + - value: "DirectoryOrCreate" + description: "DirectoryOrCreate" + - value: "Directory" + description: "Directory" + - value: "FileOrCreate" + description: "FileOrCreate" + - value: "File" + description: "File" + - value: "Socket" + description: "Socket" + - value: "CharDevice" + description: "CharDevice" + - value: "BlockDevice" + description: "BlockDevice" + - variable: storageClass + label: "(Advanced) storageClass" + description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "SCALE-ZFS" + - variable: accessMode + label: "(Advanced) Access Mode" + description: "Allow or disallow multiple PVC's writhing to the same PV" + schema: + show_if: [["type", "=", "pvc"]] + type: string + default: "ReadWriteOnce" + enum: + - value: "ReadWriteOnce" + description: "ReadWriteOnce" + - value: "ReadOnlyMany" + description: "ReadOnlyMany" + - value: "ReadWriteMany" + description: "ReadWriteMany" + - variable: advanced + label: "Show Advanced Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: ingress + label: "" + group: "Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + + - variable: entrypoint + label: "(Advanced) Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enableFixedMiddlewares + description: "These middlewares enforce a number of best practices." + label: "Enable Default Middlewares" + schema: + type: boolean + default: true + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: ingressList + label: "Add Manual Custom Ingresses" + group: "Ingress" + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: "Custom Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name" + schema: + type: string + default: "" + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + - variable: service + label: "Linked Service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Service Name" + schema: + type: string + default: "" + - variable: port + label: "Service Port" + schema: + type: int + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: "Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + + - variable: security + label: "Container Security Settings" + group: "Security and Permissions" + schema: + type: dict + additional_attrs: true + attrs: + - variable: editsecurity + label: "Change PUID / UMASK values" + description: "By enabling this you override default set values." + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: PUID + label: "Process User ID - PUID" + description: "When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps" + schema: + type: int + default: 568 + - variable: UMASK + label: "UMASK" + description: "When supported by the container, this sets the UMASK for tha App. Not supported by all Apps" + schema: + type: string + default: "002" + + - variable: advancedSecurity + label: "Show Advanced Security Settings" + group: "Security and Permissions" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: "Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: true + - variable: capabilities + label: "Capabilities" + schema: + additional_attrs: true + type: dict + attrs: + - variable: drop + label: "Drop Capability" + schema: + type: list + default: [] + items: + - variable: dropEntry + label: "" + schema: + type: string + - variable: add + label: "Add Capability" + schema: + type: list + default: [] + items: + - variable: addEntry + label: "" + schema: + type: string + + - variable: podSecurityContext + group: "Security and Permissions" + label: "Pod Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 568 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 568 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: "OnRootMismatch" + enum: + - value: "OnRootMismatch" + description: "OnRootMismatch" + - value: "Always" + description: "Always" + - variable: supplementalGroups + label: "supplemental Groups" + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: "supplemental Group" + schema: + type: int + + + - variable: advancedresources + label: "Set Custom Resource Limits/Requests (Advanced)" + group: "Resources and Devices" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: resources + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: "Advanced Limit Resource Consumption" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: "CPU" + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "4000m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "8Gi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: "CPU" + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "10m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "50Mi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + + - variable: deviceList + label: "Mount USB devices" + group: "Resources and Devices" + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: "Device" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + - variable: type + label: "(Advanced) Type of Storage" + description: "Sets the persistence type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPath + label: "Host Device Path" + description: "Path to the device on the host system" + schema: + type: path + - variable: mountPath + label: "Container Device Path" + description: "Path inside the container the device is mounted" + schema: + type: string + default: "/dev/ttyACM0" + + # Specify GPU configuration + - variable: scaleGPU + label: "GPU Configuration" + group: "Resources and Devices" + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + +# - variable: autoscaling +# group: "Advanced" +# label: "(Advanced) Horizontal Pod Autoscaler" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: "enabled" +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: "Target" +# description: "deployment name, defaults to main deployment" +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: "Minimum Replicas" +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: "Maximum Replicas" +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: "Target CPU Utilization Percentage" +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: "Target Memory Utilization Percentage" +# schema: +# type: int +# default: 80 +# - variable: networkPolicy +# group: "Advanced" +# label: "(Advanced) Network Policy" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: "enabled" +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: policyType +# label: "Policy Type" +# schema: +# type: string +# default: "" +# enum: +# - value: "" +# description: "Default" +# - value: "ingress" +# description: "Ingress" +# - value: "egress" +# description: "Egress" +# - value: "ingress-egress" +# description: "Ingress and Egress" +# - variable: egress +# label: "Egress" +# schema: +# type: list +# default: [] +# items: +# - variable: egressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: to +# label: "To" +# schema: +# type: list +# default: [] +# items: +# - variable: toEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: "ipBlock" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: "cidr" +# schema: +# type: string +# default: "" +# - variable: except +# label: "except" +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: "namespaceSelector" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: "Ports" +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: "port" +# schema: +# type: int +# - variable: endPort +# label: "port" +# schema: +# type: int +# - variable: protocol +# label: "Protocol" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "TCP" +# description: "TCP" +# - value: "UDP" +# description: "UDP" +# - value: "SCTP" +# description: "SCTP" +# - variable: ingress +# label: "Ingress" +# schema: +# type: list +# default: [] +# items: +# - variable: ingressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: from +# label: "From" +# schema: +# type: list +# default: [] +# items: +# - variable: fromEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: "ipBlock" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: "cidr" +# schema: +# type: string +# default: "" +# - variable: except +# label: "except" +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: "namespaceSelector" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: "Ports" +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: "port" +# schema: +# type: int +# - variable: endPort +# label: "port" +# schema: +# type: int +# - variable: protocol +# label: "Protocol" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "TCP" +# description: "TCP" +# - value: "UDP" +# description: "UDP" +# - value: "SCTP" +# description: "SCTP" + + + - variable: addons + group: "Addons" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: vpn + label: "VPN" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Type" + schema: + type: string + default: "disabled" + enum: + - value: "disabled" + description: "disabled" + - value: "openvpn" + description: "OpenVPN" + - value: "wireguard" + description: "Wireguard" + - variable: openvpn + label: "OpenVPN Settings" + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: "authentication username" + description: "authentication username, optional" + schema: + type: string + default: "" + - variable: password + label: "authentication password" + description: "authentication credentials" + schema: + type: string + default: "" + required: true + - variable: killSwitch + label: "Enable killswitch" + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: "Killswitch Excluded IPv4 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: "IPv4 Network" + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: "Killswitch Excluded IPv6 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: "IPv6 Network" + schema: + type: string + required: true + + - variable: configFile + label: "VPN Config File Location" + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: hostPathType + label: "hostPathType" + schema: + type: string + default: "File" + hidden: true + - variable: noMount + label: "noMount" + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: "Full path to file" + description: "path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + required: true + - variable: envList + label: "VPN environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + - variable: codeserver + label: "Codeserver" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: "Git Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: deployKey + description: "Raw SSH private key" + label: "deployKey" + schema: + type: string + - variable: deployKeyBase64 + description: "Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence" + label: "deployKeyBase64" + schema: + type: string + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "NodePort" + enum: + - value: "NodePort" + description: "NodePort" + - value: "ClusterIP" + description: "ClusterIP" + - value: "LoadBalancer" + description: "LoadBalancer" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: nodePort + description: "leave empty to disable" + label: "nodePort" + schema: + type: int + default: 36107 + - variable: envList + label: "Codeserver environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + - variable: promtail + label: "Promtail" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: loki + label: "Loki URL" + schema: + type: string + required: true + - variable: logs + label: "Log Paths" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: path + label: "Path" + schema: + type: string + required: true + - variable: args + label: "Promtail ecommand line arguments" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: arg + label: "Arg" + schema: + type: string + required: true + - variable: envList + label: "Promtail environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + + + - variable: netshoot + label: "Netshoot" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: "Netshoot environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true diff --git a/stable/node-red/11.0.19/templates/common.yaml b/stable/node-red/11.0.19/templates/common.yaml new file mode 100644 index 00000000000..c1a366e1cf0 --- /dev/null +++ b/stable/node-red/11.0.19/templates/common.yaml @@ -0,0 +1 @@ +{{ include "tc.common.loader.all" . }} diff --git a/stable/node-red/11.0.19/values.yaml b/stable/node-red/11.0.19/values.yaml new file mode 100644 index 00000000000..e69de29bb2d diff --git a/stable/traefik/12.0.23/CHANGELOG.md b/stable/traefik/12.0.23/CHANGELOG.md new file mode 100644 index 00000000000..644cfed951f --- /dev/null +++ b/stable/traefik/12.0.23/CHANGELOG.md @@ -0,0 +1,99 @@ +# Changelog + + +## [traefik-12.0.23](https://github.com/truecharts/apps/compare/traefik-12.0.22...traefik-12.0.23) (2022-07-18) + +### Fix + +- don't set xrobots header on default middleware ([#3211](https://github.com/truecharts/apps/issues/3211)) + + + +## [traefik-12.0.22](https://github.com/truecharts/apps/compare/traefik-12.0.20...traefik-12.0.22) (2022-07-14) + +### Fix + +- regenerate catalog and update template +- don't set xrobots header by default ([#3183](https://github.com/truecharts/apps/issues/3183)) + + + +## [traefik-12.0.20](https://github.com/truecharts/apps/compare/traefik-12.0.18...traefik-12.0.20) (2022-07-14) + +### Fix + +- bump to ensure .helmignore is present on all Charts +- disable HTTP probes temporarily ([#3173](https://github.com/truecharts/apps/issues/3173)) + + + +## [traefik-12.0.18](https://github.com/truecharts/apps/compare/traefik-12.0.17...traefik-12.0.18) (2022-07-13) + + + +## [traefik-12.0.17](https://github.com/truecharts/apps/compare/traefik-12.0.15...traefik-12.0.17) (2022-07-12) + +### Chore + +- update icons ([#3156](https://github.com/truecharts/apps/issues/3156)) +- bump to cleanup old docs and use correct icon urls + + + +## [traefik-12.0.15](https://github.com/truecharts/apps/compare/traefik-12.0.14...traefik-12.0.15) (2022-07-12) + +### Chore + +- bump to regenerate documentation + + + + +### [traccar-7.0.13](https://github.com/truecharts/apps/compare/traccar-7.0.12...traccar-7.0.13) (2022-07-12) + +#### Chore + +* update helm general non-major helm releases ([#3147](https://github.com/truecharts/apps/issues/3147)) + + + + +### [traccar-7.0.12](https://github.com/truecharts/apps/compare/traccar-7.0.11...traccar-7.0.12) (2022-07-11) + +#### Chore + +* move icons into the apps folder ([#3139](https://github.com/truecharts/apps/issues/3139)) + + + + +### [traccar-7.0.11](https://github.com/truecharts/apps/compare/traccar-7.0.10...traccar-7.0.11) (2022-07-11) + +#### Chore + +* update docker general non-major ([#3128](https://github.com/truecharts/apps/issues/3128)) + + + + +### [traccar-7.0.10](https://github.com/truecharts/apps/compare/traccar-7.0.9...traccar-7.0.10) (2022-07-09) + +#### Chore + +* update helm general non-major helm releases ([#3113](https://github.com/truecharts/apps/issues/3113)) + + + + +### [traccar-7.0.9](https://github.com/truecharts/apps/compare/traccar-7.0.8...traccar-7.0.9) (2022-07-05) + +#### Chore + +* update helm general non-major helm releases ([#3075](https://github.com/truecharts/apps/issues/3075)) + + + + +### [traccar-7.0.8](https://github.com/truecharts/apps/compare/traccar-7.0.7...traccar-7.0.8) (2022-07-04) + +#### Chore diff --git a/stable/traefik/12.0.23/Chart.lock b/stable/traefik/12.0.23/Chart.lock new file mode 100644 index 00000000000..435a96b4841 --- /dev/null +++ b/stable/traefik/12.0.23/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.4.4 +digest: sha256:e76f58e980866194e06f0e9135c981662f0b1132d3c5848dbf344c48ab657396 +generated: "2022-07-18T21:09:15.130794784Z" diff --git a/stable/traefik/12.0.23/Chart.yaml b/stable/traefik/12.0.23/Chart.yaml new file mode 100644 index 00000000000..7993ec2b055 --- /dev/null +++ b/stable/traefik/12.0.23/Chart.yaml @@ -0,0 +1,30 @@ +apiVersion: v2 +appVersion: "2.8.1" +dependencies: +- name: common + repository: https://library-charts.truecharts.org + version: 10.4.4 +deprecated: false +description: Traefik is a flexible reverse proxy and Ingress Provider. +home: https://github.com/truecharts/apps/tree/master/charts/core/traefik +icon: https://truecharts.org/img/chart-icons/traefik.png +keywords: +- traefik +- ingress +kubeVersion: '>=1.16.0-0' +maintainers: +- email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: traefik +sources: +- https://github.com/traefik/traefik +- https://github.com/traefik/traefik-helm-chart +- https://traefik.io/ +type: application +version: 12.0.23 +annotations: + truecharts.org/catagories: | + - network + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/stable/traefik/12.0.23/README.md b/stable/traefik/12.0.23/README.md new file mode 100644 index 00000000000..f3cc5cf5545 --- /dev/null +++ b/stable/traefik/12.0.23/README.md @@ -0,0 +1,106 @@ +# traefik + +![Version: 12.0.23](https://img.shields.io/badge/Version-12.0.23-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.8.1](https://img.shields.io/badge/AppVersion-2.8.1-informational?style=flat-square) + +Traefik is a flexible reverse proxy and Ingress Provider. + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| TrueCharts | info@truecharts.org | https://truecharts.org | + +## Source Code + +* +* +* + +## Requirements + +Kubernetes: `>=1.16.0-0` + +| Repository | Name | Version | +|------------|------|---------| +| https://library-charts.truecharts.org | common | 10.4.4 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| additionalArguments | list | `["--metrics.prometheus","--ping","--serverstransport.insecureskipverify=true","--providers.kubernetesingress.allowexternalnameservices=true"]` | Additional arguments to be passed at Traefik's binary All available options available on https://docs.traefik.io/reference/static-configuration/cli/ | +| globalArguments[0] | string | `"--global.checknewversion"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"tccr.io/truecharts/traefik"` | | +| image.tag | string | `"v2.8.1@sha256:808661df0066e25faf5d776e6d787d6771d093ca4a485bdb05bd359559a5e1a9"` | | +| ingressClass | object | `{"enabled":false,"fallbackApiVersion":"","isDefaultClass":false}` | Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x | +| ingressRoute | object | `{"dashboard":{"annotations":{},"enabled":true,"labels":{}}}` | Create an IngressRoute for the dashboard | +| logs | object | `{"access":{"enabled":false,"fields":{"general":{"defaultmode":"keep","names":{}},"headers":{"defaultmode":"drop","names":{}}},"filters":{},"format":"common"},"general":{"format":"common","level":"ERROR"}}` | Logs https://docs.traefik.io/observability/logs/ | +| logs.access.fields | object | `{"general":{"defaultmode":"keep","names":{}},"headers":{"defaultmode":"drop","names":{}}}` | retryattempts: true minduration: 10ms Fields https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers | +| logs.access.filters | object | `{}` | This option represents the number of log lines Traefik will keep in memory before writing them to the selected output. In some cases, this option can greatly help performances. bufferingSize: 100 Filtering https://docs.traefik.io/observability/access-logs/#filtering | +| logs.access.format | string | `"common"` | Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format | +| logs.general.format | string | `"common"` | Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format | +| metrics.prometheus | object | `{"entryPoint":"metrics"}` | address: 127.0.0.1:8125 influxdb: address: localhost:8089 protocol: udp | +| middlewares | object | `{"basicAuth":[],"chain":[],"forwardAuth":[],"ipWhiteList":[],"rateLimit":[],"redirectRegex":[],"redirectScheme":[],"stripPrefixRegex":[]}` | SCALE Middleware Handlers | +| middlewares.chain | list | `[]` | address: https://auth.example.com/ authResponseHeaders: - X-Secret - X-Auth-User authRequestHeaders: - "Accept" - "X-CustomHeader" authResponseHeadersRegex: "^X-" trustForwardHeader: true | +| middlewares.forwardAuth | list | `[]` | users: - username: testuser password: testpassword | +| middlewares.ipWhiteList | list | `[]` | regex: [] | +| middlewares.rateLimit | list | `[]` | scheme: https permanent: true | +| middlewares.redirectRegex | list | `[]` | average: 300 burst: 200 | +| middlewares.redirectScheme | list | `[]` | middlewares: - name: compress | +| middlewares.stripPrefixRegex | list | `[]` | regex: putregexhere replacement: repslacementurlhere permanent: false | +| pilot | object | `{"enabled":false,"token":""}` | Activate Pilot integration | +| podAnnotations."prometheus.io/path" | string | `"/metrics"` | | +| podAnnotations."prometheus.io/port" | string | `"9180"` | | +| podAnnotations."prometheus.io/scrape" | string | `"true"` | | +| portalhook.enabled | bool | `true` | | +| providers | object | `{"kubernetesCRD":{"enabled":true,"namespaces":[]},"kubernetesIngress":{"enabled":true,"namespaces":[],"publishedService":{"enabled":true}}}` | Configure providers | +| providers.kubernetesIngress.publishedService | object | `{"enabled":true}` | IP used for Kubernetes Ingress endpoints | +| rbac.main.enabled | bool | `true` | | +| rbac.main.rules[0].apiGroups[0] | string | `""` | | +| rbac.main.rules[0].resources[0] | string | `"services"` | | +| rbac.main.rules[0].resources[1] | string | `"endpoints"` | | +| rbac.main.rules[0].resources[2] | string | `"secrets"` | | +| rbac.main.rules[0].verbs[0] | string | `"get"` | | +| rbac.main.rules[0].verbs[1] | string | `"list"` | | +| rbac.main.rules[0].verbs[2] | string | `"watch"` | | +| rbac.main.rules[1].apiGroups[0] | string | `"extensions"` | | +| rbac.main.rules[1].apiGroups[1] | string | `"networking.k8s.io"` | | +| rbac.main.rules[1].resources[0] | string | `"ingresses"` | | +| rbac.main.rules[1].resources[1] | string | `"ingressclasses"` | | +| rbac.main.rules[1].verbs[0] | string | `"get"` | | +| rbac.main.rules[1].verbs[1] | string | `"list"` | | +| rbac.main.rules[1].verbs[2] | string | `"watch"` | | +| rbac.main.rules[2].apiGroups[0] | string | `"extensions"` | | +| rbac.main.rules[2].apiGroups[1] | string | `"networking.k8s.io"` | | +| rbac.main.rules[2].resources[0] | string | `"ingresses/status"` | | +| rbac.main.rules[2].verbs[0] | string | `"update"` | | +| rbac.main.rules[3].apiGroups[0] | string | `"traefik.containo.us"` | | +| rbac.main.rules[3].resources[0] | string | `"ingressroutes"` | | +| rbac.main.rules[3].resources[1] | string | `"ingressroutetcps"` | | +| rbac.main.rules[3].resources[2] | string | `"ingressrouteudps"` | | +| rbac.main.rules[3].resources[3] | string | `"middlewares"` | | +| rbac.main.rules[3].resources[4] | string | `"middlewaretcps"` | | +| rbac.main.rules[3].resources[5] | string | `"tlsoptions"` | | +| rbac.main.rules[3].resources[6] | string | `"tlsstores"` | | +| rbac.main.rules[3].resources[7] | string | `"traefikservices"` | | +| rbac.main.rules[3].resources[8] | string | `"serverstransports"` | | +| rbac.main.rules[3].verbs[0] | string | `"get"` | | +| rbac.main.rules[3].verbs[1] | string | `"list"` | | +| rbac.main.rules[3].verbs[2] | string | `"watch"` | | +| service | object | `{"main":{"ports":{"main":{"forwardedHeaders":{"enabled":false},"port":9000,"protocol":"HTTP","targetPort":9000}},"type":"LoadBalancer"},"metrics":{"enabled":true,"ports":{"metrics":{"enabled":true,"forwardedHeaders":{"enabled":false},"port":9180,"protocol":"HTTP","targetPort":9180}},"type":"ClusterIP"},"tcp":{"enabled":true,"ports":{"web":{"enabled":true,"forwardedHeaders":{"enabled":false,"insecureMode":false,"trustedIPs":[]},"port":9080,"protocol":"HTTP","redirectTo":"websecure"},"websecure":{"enabled":true,"forwardedHeaders":{"enabled":false,"insecureMode":false,"trustedIPs":[]},"port":9443,"protocol":"HTTPS"}},"type":"LoadBalancer"},"udp":{"enabled":false}}` | Options for the main traefik service, where the entrypoints traffic comes from from. | +| service.main.ports.main.forwardedHeaders | object | `{"enabled":false}` | Forwarded Headers should never be enabled on Main entrypoint | +| service.metrics.ports.metrics.forwardedHeaders | object | `{"enabled":false}` | Forwarded Headers should never be enabled on Metrics entrypoint | +| service.tcp.ports.web.forwardedHeaders | object | `{"enabled":false,"insecureMode":false,"trustedIPs":[]}` | Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support | +| service.tcp.ports.web.forwardedHeaders.insecureMode | bool | `false` | Trust all forwarded headers | +| service.tcp.ports.web.forwardedHeaders.trustedIPs | list | `[]` | List of trusted IP and CIDR references | +| service.tcp.ports.websecure.forwardedHeaders | object | `{"enabled":false,"insecureMode":false,"trustedIPs":[]}` | Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support | +| service.tcp.ports.websecure.forwardedHeaders.insecureMode | bool | `false` | Trust all forwarded headers | +| service.tcp.ports.websecure.forwardedHeaders.trustedIPs | list | `[]` | List of trusted IP and CIDR references | +| serviceAccount | object | `{"main":{"create":true}}` | The service account the pods will use to interact with the Kubernetes API | +| tlsOptions | object | `{"default":{"cipherSuites":["TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384","TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305","TLS_AES_128_GCM_SHA256","TLS_AES_256_GCM_SHA384","TLS_CHACHA20_POLY1305_SHA256"],"curvePreferences":["CurveP521","CurveP384"],"minVersion":"VersionTLS12","sniStrict":false}}` | TLS Options to be created as TLSOption CRDs https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options Example: | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1) diff --git a/stable/traefik/12.0.23/app-readme.md b/stable/traefik/12.0.23/app-readme.md new file mode 100644 index 00000000000..0fa481e7ac5 --- /dev/null +++ b/stable/traefik/12.0.23/app-readme.md @@ -0,0 +1,3 @@ +Traefik is a flexible reverse proxy and Ingress Provider. + +This App is supplied by TrueCharts, for more information please visit https://truecharts.org diff --git a/stable/traefik/12.0.23/charts/common-10.4.4.tgz b/stable/traefik/12.0.23/charts/common-10.4.4.tgz new file mode 100644 index 00000000000..8604b47288a Binary files /dev/null and b/stable/traefik/12.0.23/charts/common-10.4.4.tgz differ diff --git a/stable/traefik/12.0.23/crds/ingressroute.yaml b/stable/traefik/12.0.23/crds/ingressroute.yaml new file mode 100644 index 00000000000..3391ba532a4 --- /dev/null +++ b/stable/traefik/12.0.23/crds/ingressroute.yaml @@ -0,0 +1,198 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: ingressroutes.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRoute + listKind: IngressRouteList + plural: ingressroutes + singular: ingressroute + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRoute is an Ingress CRD specification. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteSpec is a specification for a IngressRouteSpec + resource. + properties: + entryPoints: + items: + type: string + type: array + routes: + items: + description: Route contains the set of routes. + properties: + kind: + enum: + - Rule + type: string + match: + type: string + middlewares: + items: + description: MiddlewareRef is a ref to the Middleware resources. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array + priority: + type: integer + services: + items: + description: Service defines an upstream to proxy traffic. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: Name is a reference to a Kubernetes Service + object (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The + differentiation between the two is specified in the + Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding holds configuration for + the forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: Cookie holds the sticky configuration + based on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: Weight should only be specified when Name + references a TraefikService object (and to be precise, + one that embeds a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + required: + - kind + - match + type: object + type: array + tls: + description: "TLS contains the TLS certificates configuration of the + routes. To enable Let's Encrypt, use an empty TLS struct, e.g. in + YAML: \n \t tls: {} # inline format \n \t tls: \t secretName: + # block format" + properties: + certResolver: + type: string + domains: + items: + description: Domain holds a domain name with SANs. + properties: + main: + type: string + sans: + items: + type: string + type: array + type: object + type: array + options: + description: Options is a reference to a TLSOption, that specifies + the parameters of the TLS connection. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: Store is a reference to a TLSStore, that specifies + the parameters of the TLS store. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/ingressroutetcp.yaml b/stable/traefik/12.0.23/crds/ingressroutetcp.yaml new file mode 100644 index 00000000000..67e099b47da --- /dev/null +++ b/stable/traefik/12.0.23/crds/ingressroutetcp.yaml @@ -0,0 +1,160 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: ingressroutetcps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRouteTCP + listKind: IngressRouteTCPList + plural: ingressroutetcps + singular: ingressroutetcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteTCP is an Ingress CRD specification. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteTCPSpec is a specification for a IngressRouteTCPSpec + resource. + properties: + entryPoints: + items: + type: string + type: array + routes: + items: + description: RouteTCP contains the set of routes. + properties: + match: + type: string + middlewares: + description: Middlewares contains references to MiddlewareTCP + resources. + items: + description: ObjectReference is a generic reference to a Traefik + resource. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array + services: + items: + description: ServiceTCP defines an upstream to proxy traffic. + properties: + name: + type: string + namespace: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + proxyProtocol: + description: ProxyProtocol holds the ProxyProtocol configuration. + properties: + version: + type: integer + type: object + terminationDelay: + type: integer + weight: + type: integer + required: + - name + - port + type: object + type: array + required: + - match + type: object + type: array + tls: + description: "TLSTCP contains the TLS certificates configuration of + the routes. To enable Let's Encrypt, use an empty TLS struct, e.g. + in YAML: \n \t tls: {} # inline format \n \t tls: \t secretName: + # block format" + properties: + certResolver: + type: string + domains: + items: + description: Domain holds a domain name with SANs. + properties: + main: + type: string + sans: + items: + type: string + type: array + type: object + type: array + options: + description: Options is a reference to a TLSOption, that specifies + the parameters of the TLS connection. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + passthrough: + type: boolean + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + store: + description: Store is a reference to a TLSStore, that specifies + the parameters of the TLS store. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: object + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/ingressrouteudp.yaml b/stable/traefik/12.0.23/crds/ingressrouteudp.yaml new file mode 100644 index 00000000000..910acd6c270 --- /dev/null +++ b/stable/traefik/12.0.23/crds/ingressrouteudp.yaml @@ -0,0 +1,84 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: ingressrouteudps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: IngressRouteUDP + listKind: IngressRouteUDPList + plural: ingressrouteudps + singular: ingressrouteudp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: IngressRouteUDP is an Ingress CRD specification. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IngressRouteUDPSpec is a specification for a IngressRouteUDPSpec + resource. + properties: + entryPoints: + items: + type: string + type: array + routes: + items: + description: RouteUDP contains the set of routes. + properties: + services: + items: + description: ServiceUDP defines an upstream to proxy traffic. + properties: + name: + type: string + namespace: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + weight: + type: integer + required: + - name + - port + type: object + type: array + type: object + type: array + required: + - routes + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/middlewares.yaml b/stable/traefik/12.0.23/crds/middlewares.yaml new file mode 100644 index 00000000000..1770587a327 --- /dev/null +++ b/stable/traefik/12.0.23/crds/middlewares.yaml @@ -0,0 +1,563 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: middlewares.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: Middleware + listKind: MiddlewareList + plural: middlewares + singular: middleware + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Middleware is a specification for a Middleware resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MiddlewareSpec holds the Middleware configuration. + properties: + addPrefix: + description: AddPrefix holds the AddPrefix configuration. + properties: + prefix: + type: string + type: object + basicAuth: + description: BasicAuth holds the HTTP basic authentication configuration. + properties: + headerField: + type: string + realm: + type: string + removeHeader: + type: boolean + secret: + type: string + type: object + buffering: + description: Buffering holds the request/response buffering configuration. + properties: + maxRequestBodyBytes: + format: int64 + type: integer + maxResponseBodyBytes: + format: int64 + type: integer + memRequestBodyBytes: + format: int64 + type: integer + memResponseBodyBytes: + format: int64 + type: integer + retryExpression: + type: string + type: object + chain: + description: Chain holds a chain of middlewares. + properties: + middlewares: + items: + description: MiddlewareRef is a ref to the Middleware resources. + properties: + name: + type: string + namespace: + type: string + required: + - name + type: object + type: array + type: object + circuitBreaker: + description: CircuitBreaker holds the circuit breaker configuration. + properties: + expression: + type: string + type: object + compress: + description: Compress holds the compress configuration. + properties: + excludedContentTypes: + items: + type: string + type: array + type: object + contentType: + description: ContentType middleware - or rather its unique `autoDetect` + option - specifies whether to let the `Content-Type` header, if + it has not been set by the backend, be automatically set to a value + derived from the contents of the response. As a proxy, the default + behavior should be to leave the header alone, regardless of what + the backend did with it. However, the historic default was to always + auto-detect and set the header if it was nil, and it is going to + be kept that way in order to support users currently relying on + it. This middleware exists to enable the correct behavior until + at least the default one can be changed in a future version. + properties: + autoDetect: + type: boolean + type: object + digestAuth: + description: DigestAuth holds the Digest HTTP authentication configuration. + properties: + headerField: + type: string + realm: + type: string + removeHeader: + type: boolean + secret: + type: string + type: object + errors: + description: ErrorPage holds the custom error page configuration. + properties: + query: + type: string + service: + description: Service defines an upstream to proxy traffic. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: Name is a reference to a Kubernetes Service object + (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding holds configuration for the + forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: Cookie holds the sticky configuration based + on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + status: + items: + type: string + type: array + type: object + forwardAuth: + description: ForwardAuth holds the http forward authentication configuration. + properties: + address: + type: string + authRequestHeaders: + items: + type: string + type: array + authResponseHeaders: + items: + type: string + type: array + authResponseHeadersRegex: + type: string + tls: + description: ClientTLS holds TLS specific configurations as client. + properties: + caOptional: + type: boolean + caSecret: + type: string + certSecret: + type: string + insecureSkipVerify: + type: boolean + type: object + trustForwardHeader: + type: boolean + type: object + headers: + description: Headers holds the custom header configuration. + properties: + accessControlAllowCredentials: + description: AccessControlAllowCredentials is only valid if true. + false is ignored. + type: boolean + accessControlAllowHeaders: + description: AccessControlAllowHeaders must be used in response + to a preflight request with Access-Control-Request-Headers set. + items: + type: string + type: array + accessControlAllowMethods: + description: AccessControlAllowMethods must be used in response + to a preflight request with Access-Control-Request-Method set. + items: + type: string + type: array + accessControlAllowOriginList: + description: AccessControlAllowOriginList is a list of allowable + origins. Can also be a wildcard origin "*". + items: + type: string + type: array + accessControlAllowOriginListRegex: + description: AccessControlAllowOriginListRegex is a list of allowable + origins written following the Regular Expression syntax (https://golang.org/pkg/regexp/). + items: + type: string + type: array + accessControlExposeHeaders: + description: AccessControlExposeHeaders sets valid headers for + the response. + items: + type: string + type: array + accessControlMaxAge: + description: AccessControlMaxAge sets the time that a preflight + request may be cached. + format: int64 + type: integer + addVaryHeader: + description: AddVaryHeader controls if the Vary header is automatically + added/updated when the AccessControlAllowOriginList is set. + type: boolean + allowedHosts: + items: + type: string + type: array + browserXssFilter: + type: boolean + contentSecurityPolicy: + type: string + contentTypeNosniff: + type: boolean + customBrowserXSSValue: + type: string + customFrameOptionsValue: + type: string + customRequestHeaders: + additionalProperties: + type: string + type: object + customResponseHeaders: + additionalProperties: + type: string + type: object + featurePolicy: + type: string + forceSTSHeader: + type: boolean + frameDeny: + type: boolean + hostsProxyHeaders: + items: + type: string + type: array + isDevelopment: + type: boolean + publicKey: + type: string + referrerPolicy: + type: string + sslForceHost: + description: 'Deprecated: use RedirectRegex instead.' + type: boolean + sslHost: + description: 'Deprecated: use RedirectRegex instead.' + type: string + sslProxyHeaders: + additionalProperties: + type: string + type: object + sslRedirect: + description: 'Deprecated: use EntryPoint redirection or RedirectScheme + instead.' + type: boolean + sslTemporaryRedirect: + description: 'Deprecated: use EntryPoint redirection or RedirectScheme + instead.' + type: boolean + stsIncludeSubdomains: + type: boolean + stsPreload: + type: boolean + stsSeconds: + format: int64 + type: integer + type: object + inFlightReq: + description: InFlightReq limits the number of requests being processed + and served concurrently. + properties: + amount: + format: int64 + type: integer + sourceCriterion: + description: SourceCriterion defines what criterion is used to + group requests as originating from a common source. If none + are set, the default is to use the request's remote address + field. All fields are mutually exclusive. + properties: + ipStrategy: + description: IPStrategy holds the ip strategy configuration. + properties: + depth: + type: integer + excludedIPs: + items: + type: string + type: array + type: object + requestHeaderName: + type: string + requestHost: + type: boolean + type: object + type: object + ipWhiteList: + description: IPWhiteList holds the ip white list configuration. + properties: + ipStrategy: + description: IPStrategy holds the ip strategy configuration. + properties: + depth: + type: integer + excludedIPs: + items: + type: string + type: array + type: object + sourceRange: + items: + type: string + type: array + type: object + passTLSClientCert: + description: PassTLSClientCert holds the TLS client cert headers configuration. + properties: + info: + description: TLSClientCertificateInfo holds the client TLS certificate + info configuration. + properties: + issuer: + description: TLSCLientCertificateDNInfo holds the client TLS + certificate distinguished name info configuration. cf https://tools.ietf.org/html/rfc3739 + properties: + commonName: + type: boolean + country: + type: boolean + domainComponent: + type: boolean + locality: + type: boolean + organization: + type: boolean + province: + type: boolean + serialNumber: + type: boolean + type: object + notAfter: + type: boolean + notBefore: + type: boolean + sans: + type: boolean + serialNumber: + type: boolean + subject: + description: TLSCLientCertificateDNInfo holds the client TLS + certificate distinguished name info configuration. cf https://tools.ietf.org/html/rfc3739 + properties: + commonName: + type: boolean + country: + type: boolean + domainComponent: + type: boolean + locality: + type: boolean + organization: + type: boolean + province: + type: boolean + serialNumber: + type: boolean + type: object + type: object + pem: + type: boolean + type: object + plugin: + additionalProperties: + x-kubernetes-preserve-unknown-fields: true + type: object + rateLimit: + description: RateLimit holds the rate limiting configuration for a + given router. + properties: + average: + format: int64 + type: integer + burst: + format: int64 + type: integer + period: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + sourceCriterion: + description: SourceCriterion defines what criterion is used to + group requests as originating from a common source. If none + are set, the default is to use the request's remote address + field. All fields are mutually exclusive. + properties: + ipStrategy: + description: IPStrategy holds the ip strategy configuration. + properties: + depth: + type: integer + excludedIPs: + items: + type: string + type: array + type: object + requestHeaderName: + type: string + requestHost: + type: boolean + type: object + type: object + redirectRegex: + description: RedirectRegex holds the redirection configuration. + properties: + permanent: + type: boolean + regex: + type: string + replacement: + type: string + type: object + redirectScheme: + description: RedirectScheme holds the scheme redirection configuration. + properties: + permanent: + type: boolean + port: + type: string + scheme: + type: string + type: object + replacePath: + description: ReplacePath holds the ReplacePath configuration. + properties: + path: + type: string + type: object + replacePathRegex: + description: ReplacePathRegex holds the ReplacePathRegex configuration. + properties: + regex: + type: string + replacement: + type: string + type: object + retry: + description: Retry holds the retry configuration. + properties: + attempts: + type: integer + initialInterval: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + stripPrefix: + description: StripPrefix holds the StripPrefix configuration. + properties: + forceSlash: + type: boolean + prefixes: + items: + type: string + type: array + type: object + stripPrefixRegex: + description: StripPrefixRegex holds the StripPrefixRegex configuration. + properties: + regex: + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/middlewarestcp.yaml b/stable/traefik/12.0.23/crds/middlewarestcp.yaml new file mode 100644 index 00000000000..f0d1d5640bd --- /dev/null +++ b/stable/traefik/12.0.23/crds/middlewarestcp.yaml @@ -0,0 +1,59 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: middlewaretcps.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: MiddlewareTCP + listKind: MiddlewareTCPList + plural: middlewaretcps + singular: middlewaretcp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: MiddlewareTCP is a specification for a MiddlewareTCP resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: MiddlewareTCPSpec holds the MiddlewareTCP configuration. + properties: + ipWhiteList: + description: TCPIPWhiteList holds the TCP ip white list configuration. + properties: + sourceRange: + items: + type: string + type: array + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/serverstransports.yaml b/stable/traefik/12.0.23/crds/serverstransports.yaml new file mode 100644 index 00000000000..78241697d1a --- /dev/null +++ b/stable/traefik/12.0.23/crds/serverstransports.yaml @@ -0,0 +1,101 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: serverstransports.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: ServersTransport + listKind: ServersTransportList + plural: serverstransports + singular: serverstransport + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ServersTransport is a specification for a ServersTransport resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServersTransportSpec options to configure communication between + Traefik and the servers. + properties: + certificatesSecrets: + description: Certificates for mTLS. + items: + type: string + type: array + disableHTTP2: + description: Disable HTTP/2 for connections with backend servers. + type: boolean + forwardingTimeouts: + description: Timeouts for requests forwarded to the backend servers. + properties: + dialTimeout: + anyOf: + - type: integer + - type: string + description: The amount of time to wait until a connection to + a backend server can be established. If zero, no timeout exists. + x-kubernetes-int-or-string: true + idleConnTimeout: + anyOf: + - type: integer + - type: string + description: The maximum period for which an idle HTTP keep-alive + connection will remain open before closing itself. + x-kubernetes-int-or-string: true + responseHeaderTimeout: + anyOf: + - type: integer + - type: string + description: The amount of time to wait for a server's response + headers after fully writing the request (including its body, + if any). If zero, no timeout exists. + x-kubernetes-int-or-string: true + type: object + insecureSkipVerify: + description: Disable SSL certificate verification. + type: boolean + maxIdleConnsPerHost: + description: If non-zero, controls the maximum idle (keep-alive) to + keep per-host. If zero, DefaultMaxIdleConnsPerHost is used. + type: integer + rootCAsSecrets: + description: Add cert file for self-signed certificate. + items: + type: string + type: array + serverName: + description: ServerName used to contact the server. + type: string + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/tlsoptions.yaml b/stable/traefik/12.0.23/crds/tlsoptions.yaml new file mode 100644 index 00000000000..c901ac2df5e --- /dev/null +++ b/stable/traefik/12.0.23/crds/tlsoptions.yaml @@ -0,0 +1,87 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: tlsoptions.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TLSOption + listKind: TLSOptionList + plural: tlsoptions + singular: tlsoption + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: TLSOption is a specification for a TLSOption resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TLSOptionSpec configures TLS for an entry point. + properties: + cipherSuites: + items: + type: string + type: array + clientAuth: + description: ClientAuth defines the parameters of the client authentication + part of the TLS connection, if any. + properties: + clientAuthType: + description: ClientAuthType defines the client authentication + type to apply. + enum: + - NoClientCert + - RequestClientCert + - VerifyClientCertIfGiven + - RequireAndVerifyClientCert + type: string + secretNames: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + items: + type: string + type: array + type: object + curvePreferences: + items: + type: string + type: array + maxVersion: + type: string + minVersion: + type: string + preferServerCipherSuites: + type: boolean + sniStrict: + type: boolean + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/tlsstores.yaml b/stable/traefik/12.0.23/crds/tlsstores.yaml new file mode 100644 index 00000000000..7bb6193b026 --- /dev/null +++ b/stable/traefik/12.0.23/crds/tlsstores.yaml @@ -0,0 +1,64 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: tlsstores.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TLSStore + listKind: TLSStoreList + plural: tlsstores + singular: tlsstore + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: TLSStore is a specification for a TLSStore resource. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TLSStoreSpec configures a TLSStore resource. + properties: + defaultCertificate: + description: DefaultCertificate holds a secret name for the TLSOption + resource. + properties: + secretName: + description: SecretName is the name of the referenced Kubernetes + Secret to specify the certificate details. + type: string + required: + - secretName + type: object + required: + - defaultCertificate + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/crds/traefikservices.yaml b/stable/traefik/12.0.23/crds/traefikservices.yaml new file mode 100644 index 00000000000..1d98c25d68d --- /dev/null +++ b/stable/traefik/12.0.23/crds/traefikservices.yaml @@ -0,0 +1,270 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + "helm.sh/resource-policy": keep + "helm.sh/hook": pre-install,pre-upgrade,pre-rollback + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: traefikservices.traefik.containo.us +spec: + group: traefik.containo.us + names: + kind: TraefikService + listKind: TraefikServiceList + plural: traefikservices + singular: traefikservice + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: TraefikService is the specification for a service (that an IngressRoute + refers to) that is usually not a terminal service (i.e. not a pod of servers), + as opposed to a Kubernetes Service. That is to say, it usually refers to + other (children) services, which themselves can be TraefikServices or Services. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceSpec defines whether a TraefikService is a load-balancer + of services or a mirroring service. + properties: + mirroring: + description: Mirroring defines a mirroring service, which is composed + of a main load-balancer, and a list of mirrors. + properties: + kind: + enum: + - Service + - TraefikService + type: string + maxBodySize: + format: int64 + type: integer + mirrors: + items: + description: MirrorService defines one of the mirrors of a Mirroring + service. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: Name is a reference to a Kubernetes Service + object (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + percent: + type: integer + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding holds configuration for + the forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: Cookie holds the sticky configuration based + on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + name: + description: Name is a reference to a Kubernetes Service object + (for a load-balancer of servers), or to a TraefikService object + (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding holds configuration for the forward + of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: Cookie holds the sticky configuration based on + cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + weighted: + description: WeightedRoundRobin defines a load-balancer of services. + properties: + services: + items: + description: Service defines an upstream to proxy traffic. + properties: + kind: + enum: + - Service + - TraefikService + type: string + name: + description: Name is a reference to a Kubernetes Service + object (for a load-balancer of servers), or to a TraefikService + object (service load-balancer, mirroring, etc). The differentiation + between the two is specified in the Kind field. + type: string + namespace: + type: string + passHostHeader: + type: boolean + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + responseForwarding: + description: ResponseForwarding holds configuration for + the forward of the response. + properties: + flushInterval: + type: string + type: object + scheme: + type: string + serversTransport: + type: string + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: Cookie holds the sticky configuration based + on cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + strategy: + type: string + weight: + description: Weight should only be specified when Name references + a TraefikService object (and to be precise, one that embeds + a Weighted Round Robin). + type: integer + required: + - name + type: object + type: array + sticky: + description: Sticky holds the sticky configuration. + properties: + cookie: + description: Cookie holds the sticky configuration based on + cookie. + properties: + httpOnly: + type: boolean + name: + type: string + sameSite: + type: string + secure: + type: boolean + type: object + type: object + type: object + type: object + required: + - metadata + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/stable/traefik/12.0.23/ix_values.yaml b/stable/traefik/12.0.23/ix_values.yaml new file mode 100644 index 00000000000..7e71c004238 --- /dev/null +++ b/stable/traefik/12.0.23/ix_values.yaml @@ -0,0 +1,338 @@ +image: + repository: tccr.io/truecharts/traefik + # defaults to appVersion + tag: v2.8.1@sha256:808661df0066e25faf5d776e6d787d6771d093ca4a485bdb05bd359559a5e1a9 + pullPolicy: IfNotPresent + +# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x +ingressClass: + # true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12 + enabled: false + isDefaultClass: false + # Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1" + fallbackApiVersion: "" + +# -- Activate Pilot integration +pilot: + enabled: false + token: "" + # Toggle Pilot Dashboard + # dashboard: false + +# -- Create an IngressRoute for the dashboard +ingressRoute: + dashboard: + enabled: true + # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) + annotations: {} + # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) + labels: {} + +podAnnotations: + prometheus.io/scrape: "true" + prometheus.io/path: "/metrics" + prometheus.io/port: "9180" + +# +# -- Configure providers +providers: + kubernetesCRD: + enabled: true + namespaces: [] + # - "default" + kubernetesIngress: + enabled: true + # labelSelector: environment=production,method=traefik + namespaces: [] + # - "default" + # IP used for Kubernetes Ingress endpoints + publishedService: + enabled: true + # Published Kubernetes Service to copy status from. Format: namespace/servicename + # By default this Traefik service + # pathOverride: "" + +# -- Logs +# https://docs.traefik.io/observability/logs/ +logs: + # Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on). + general: + # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. + level: ERROR + # -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format + format: common + access: + # To enable access logs + enabled: false + # To write the logs in an asynchronous fashion, specify a bufferingSize option. + # This option represents the number of log lines Traefik will keep in memory before writing + # them to the selected output. In some cases, this option can greatly help performances. + # bufferingSize: 100 + # Filtering https://docs.traefik.io/observability/access-logs/#filtering + filters: {} + # statuscodes: "200,300-302" + # retryattempts: true + # minduration: 10ms + # Fields + # https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers + fields: + general: + defaultmode: keep + names: {} + # Examples: + # ClientUsername: drop + headers: + defaultmode: drop + names: {} + # Examples: + # User-Agent: redact + # Authorization: drop + # Content-Type: keep + # -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format + format: common + +metrics: + # datadog: + # address: 127.0.0.1:8125 + # influxdb: + # address: localhost:8089 + # protocol: udp + prometheus: + entryPoint: metrics + # statsd: + # address: localhost:8125 + +globalArguments: + - "--global.checknewversion" + +## +# -- Additional arguments to be passed at Traefik's binary +# All available options available on https://docs.traefik.io/reference/static-configuration/cli/ +## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"` +additionalArguments: + - "--metrics.prometheus" + - "--ping" + - "--serverstransport.insecureskipverify=true" + - "--providers.kubernetesingress.allowexternalnameservices=true" + +# -- TLS Options to be created as TLSOption CRDs +# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options +# Example: +tlsOptions: + default: + sniStrict: false + minVersion: VersionTLS12 + curvePreferences: + - CurveP521 + - CurveP384 + cipherSuites: + - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 + - TLS_AES_128_GCM_SHA256 + - TLS_AES_256_GCM_SHA384 + - TLS_CHACHA20_POLY1305_SHA256 + +# -- Options for the main traefik service, where the entrypoints traffic comes from +# from. +service: + main: + type: LoadBalancer + ports: + main: + port: 9000 + targetPort: 9000 + protocol: HTTP + # -- Forwarded Headers should never be enabled on Main entrypoint + forwardedHeaders: + enabled: false + tcp: + enabled: true + type: LoadBalancer + ports: + web: + enabled: true + port: 9080 + protocol: HTTP + redirectTo: websecure + # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support + forwardedHeaders: + enabled: false + # -- List of trusted IP and CIDR references + trustedIPs: [] + # -- Trust all forwarded headers + insecureMode: false + # Options: Empty, 0 (ingore), or positive int + # redirectPort: + websecure: + enabled: true + port: 9443 + protocol: HTTPS + # -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support + forwardedHeaders: + enabled: false + # -- List of trusted IP and CIDR references + trustedIPs: [] + # -- Trust all forwarded headers + insecureMode: false +# tcpexample: +# enabled: true +# targetPort: 9443 +# protocol: TCP +# tls: +# enabled: false +# # this is the name of a TLSOption definition +# options: "" +# certResolver: "" +# domains: [] +# # - main: example.com +# # sans: +# # - foo.example.com +# # - bar.example.com + metrics: + enabled: true + type: ClusterIP + ports: + metrics: + enabled: true + port: 9180 + targetPort: 9180 + protocol: HTTP + # -- Forwarded Headers should never be enabled on Metrics entrypoint + forwardedHeaders: + enabled: false + udp: + enabled: false + +# probes: +# # -- Liveness probe configuration +# # @default -- See below +# liveness: +# # -- sets the probe type when not using a custom probe +# # @default -- "TCP" +# type: HTTP +# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used +# # @default -- "/" +# path: "/ping" + +# # -- Redainess probe configuration +# # @default -- See below +# readiness: +# # -- sets the probe type when not using a custom probe +# # @default -- "TCP" +# type: HTTP +# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used +# # @default -- "/" +# path: "/ping" + +# # -- Startup probe configuration +# # @default -- See below +# startup: +# # -- sets the probe type when not using a custom probe +# # @default -- "TCP" +# type: HTTP +# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used +# # @default -- "/" +# path: "/ping" + +# -- Whether Role Based Access Control objects like roles and rolebindings should be created +rbac: + main: + enabled: true + rules: + - apiGroups: + - "" + resources: + - services + - endpoints + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - traefik.containo.us + resources: + - ingressroutes + - ingressroutetcps + - ingressrouteudps + - middlewares + - middlewaretcps + - tlsoptions + - tlsstores + - traefikservices + - serverstransports + verbs: + - get + - list + - watch + +# -- The service account the pods will use to interact with the Kubernetes API +serviceAccount: + main: + create: true + +# -- SCALE Middleware Handlers +middlewares: + basicAuth: [] + # - name: basicauthexample + # users: + # - username: testuser + # password: testpassword + forwardAuth: [] + # - name: forwardAuthexample + # address: https://auth.example.com/ + # authResponseHeaders: + # - X-Secret + # - X-Auth-User + # authRequestHeaders: + # - "Accept" + # - "X-CustomHeader" + # authResponseHeadersRegex: "^X-" + # trustForwardHeader: true + chain: [] + # - name: chainname + # middlewares: + # - name: compress + redirectScheme: [] + # - name: redirectSchemeName + # scheme: https + # permanent: true + rateLimit: [] + # - name: rateLimitName + # average: 300 + # burst: 200 + redirectRegex: [] + # - name: redirectRegexName + # regex: putregexhere + # replacement: repslacementurlhere + # permanent: false + stripPrefixRegex: [] + # - name: stripPrefixRegexName + # regex: [] + ipWhiteList: [] + # - name: ipWhiteListName + # sourceRange: [] + # ipStrategy: + # depth: 2 + # excludedIPs: [] + +portalhook: + enabled: true diff --git a/stable/traefik/12.0.23/questions.yaml b/stable/traefik/12.0.23/questions.yaml new file mode 100644 index 00000000000..153180ff18b --- /dev/null +++ b/stable/traefik/12.0.23/questions.yaml @@ -0,0 +1,2614 @@ +groups: + - name: "Container Image" + description: "Image to be used for container" + - name: "Controller" + description: "Configure workload deployment" + - name: "Container Configuration" + description: "additional container configuration" + - name: "App Configuration" + description: "App specific config options" + - name: "Networking and Services" + description: "Configure Network and Services for container" + - name: "Storage and Persistence" + description: "Persist and share data that is separate from the container" + - name: "Ingress" + description: "Ingress Configuration" + - name: "Security and Permissions" + description: "Configure security context and permissions" + - name: "Resources and Devices" + description: "Specify resources/devices to be allocated to workload" + - name: "Middlewares" + description: "Traefik Middlewares" + - name: "Metrics" + description: "Metrics" + - name: "Addons" + description: "Addon Configuration" + - name: "Advanced" + description: "Advanced Configuration" +portals: + open: + protocols: + - "http" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "/dashboard/" +questions: + - variable: portal + group: "Container Image" + label: "Configure Portal Button" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enable" + description: "enable the portal button" + schema: + hidden: true + editable: false + type: boolean + default: true + - variable: global + label: "global settings" + group: "Controller" + schema: + type: dict + hidden: true + attrs: + - variable: isSCALE + label: "flag this is SCALE" + schema: + type: boolean + default: true + hidden: true + - variable: controller + group: "Controller" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: "Show Advanced Controller Settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: type + description: "Please specify type of workload to deploy" + label: "(Advanced) Controller Type" + schema: + type: string + default: "deployment" + required: true + enum: + - value: "deployment" + description: "Deployment" + - value: "statefulset" + description: "Statefulset" + - value: "daemonset" + description: "Daemonset" + - variable: replicas + description: "Number of desired pod replicas" + label: "Desired Replicas" + schema: + type: int + default: 1 + required: true + - variable: strategy + description: "Please specify type of workload to deploy" + label: "(Advanced) Update Strategy" + schema: + type: string + default: "RollingUpdate" + required: true + enum: + - value: "Recreate" + description: "Recreate: Kill existing pods before creating new ones" + - value: "RollingUpdate" + description: "RollingUpdate: Create new pods and then kill old ones" + - value: "OnDelete" + description: "(Legacy) OnDelete: ignore .spec.template changes" + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: extraArgs + label: "Extra Args" + schema: + type: list + default: [] + items: + - variable: arg + label: "arg" + schema: + type: string + - variable: labelsList + label: "Controller Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: " Controller Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: TZ + label: "Timezone" + group: "Container Configuration" + schema: + type: string + default: "Etc/UTC" + $ref: + - "definitions/timezone" + + - variable: envList + label: "Image environment" + group: "Container Configuration" + schema: + type: list + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: expertpodconf + group: "Container Configuration" + label: "Show Expert Config" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: tty + label: "Enable TTY" + description: "Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled." + group: "Workload Details" + schema: + type: boolean + default: false + - variable: stdin + label: "Enable STDIN" + description: "Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled." + group: "Workload Details" + schema: + type: boolean + default: false + - variable: termination + group: "Container Configuration" + label: "Termination settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: gracePeriodSeconds + label: "Grace Period Seconds" + schema: + type: int + default: 10 + - variable: podLabelsList + group: "Container Configuration" + label: "Pod Labels" + schema: + type: list + default: [] + items: + - variable: podLabelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: podAnnotationsList + group: "Container Configuration" + label: "Pod Annotations" + schema: + type: list + default: [] + items: + - variable: podAnnotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: pilot + label: "Traefik Pilot" + group: "App Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: token + label: "token" + schema: + type: string + default: "" + - variable: dashboard + label: "Pilot Dashboard" + schema: + type: boolean + default: false + + - variable: ingressClass + label: "ingressClass" + group: "App Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + description: "When enabled, ingressClass will match the entered name of this app" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: isDefaultClass + label: "isDefaultClass" + schema: + type: boolean + default: false + + - variable: logs + label: "Logs" + group: "App Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: general + label: "General Logs" + schema: + additional_attrs: true + type: dict + attrs: + - variable: level + label: "Log Level" + schema: + type: string + default: "ERROR" + enum: + - value: "INFO" + description: "Info" + - value: "WARN" + description: "Warnings" + - value: "ERROR" + description: "Errors" + - value: "FATAL" + description: "Fatal Errors" + - value: "PANIC" + description: "Panics" + - value: "DEBUG" + description: "Debug" + - variable: format + label: "General Log format" + schema: + type: string + default: "common" + enum: + - value: "common" + description: "Common Log Format" + - value: "json" + description: "JSON" + - variable: access + label: "Access Logs" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enabledFilters + label: "Enable Filters" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: filters + label: "Filters" + schema: + additional_attrs: true + type: dict + attrs: + - variable: statuscodes + label: "Status codes" + schema: + type: string + default: "200,300-302" + - variable: retryattempts + label: "retryattempts" + schema: + type: boolean + default: true + - variable: minduration + label: "minduration" + schema: + type: string + default: "10ms" + - variable: fields + label: "Fields" + schema: + additional_attrs: true + type: dict + attrs: + - variable: general + label: "General" + schema: + additional_attrs: true + type: dict + attrs: + - variable: defaultmode + label: "Default Mode" + schema: + type: string + default: "keep" + enum: + - value: "keep" + description: "Keep" + - value: "drop" + description: "Drop" + - variable: headers + label: "Headers" + schema: + additional_attrs: true + type: dict + attrs: + - variable: defaultmode + label: "Default Mode" + schema: + type: string + default: "drop" + enum: + - value: "keep" + description: "Keep" + - value: "drop" + description: "Drop" + - variable: format + label: "Access Log format" + schema: + type: string + default: "common" + enum: + - value: "common" + description: "Common Log Format" + - value: "json" + description: "JSON" + - variable: middlewares + label: "" + group: "Middlewares" + schema: + additional_attrs: true + type: dict + attrs: + - variable: basicAuth + label: "basicAuth" + schema: + type: list + default: [] + items: + - variable: basicAuthEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + - variable: users + label: "Users" + schema: + type: list + default: [] + items: + - variable: usersEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: username + label: "Username" + schema: + type: string + required: true + default: "" + - variable: password + label: "Password" + schema: + type: string + required: true + default: "" + + - variable: forwardAuth + label: "forwardAuth" + schema: + type: list + default: [] + items: + - variable: basicAuthEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + - variable: address + label: "Address" + schema: + type: string + required: true + default: "" + - variable: trustForwardHeader + label: "trustForwardHeader" + schema: + type: boolean + default: false + - variable: authResponseHeadersRegex + label: "authResponseHeadersRegex" + schema: + type: string + default: "" + - variable: authResponseHeaders + label: "authResponseHeaders" + schema: + type: list + default: [] + items: + - variable: authResponseHeadersEntry + label: "" + schema: + type: string + default: "" + - variable: authRequestHeaders + label: "authRequestHeaders" + schema: + type: list + default: [] + items: + - variable: authRequestHeadersEntry + label: "" + schema: + type: string + default: "" + - variable: chain + label: "chain" + schema: + type: list + default: [] + items: + - variable: chainEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: middlewares + label: "Middlewares to Chain" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + + - variable: redirectScheme + label: "redirectScheme" + schema: + type: list + default: [] + items: + - variable: redirectSchemeEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: scheme + label: "Scheme" + schema: + type: string + required: true + default: "https" + enum: + - value: "https" + description: "https" + - value: "http" + description: "http" + - variable: permanent + label: "Permanent" + schema: + type: boolean + default: false + + - variable: rateLimit + label: "rateLimit" + schema: + type: list + default: [] + items: + - variable: rateLimitEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: average + label: "Average" + schema: + type: int + required: true + default: 300 + - variable: burst + label: "Burst" + schema: + type: int + required: true + default: 200 + - variable: redirectRegex + label: "redirectRegex" + schema: + type: list + default: [] + items: + - variable: redirectRegexEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: regex + label: "Regex" + schema: + type: string + required: true + default: "" + - variable: replacement + label: "Replacement" + schema: + type: string + required: true + default: "" + - variable: permanent + label: "Permanent" + schema: + type: boolean + default: false + - variable: stripPrefixRegex + label: "stripPrefixRegex" + schema: + type: list + default: [] + items: + - variable: stripPrefixRegexEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: regex + label: "Regex" + schema: + type: list + default: [] + items: + - variable: regexEntry + label: "Regex" + schema: + type: string + required: true + default: "" + + - variable: ipWhiteList + label: "ipWhiteList" + schema: + type: list + default: [] + items: + - variable: ipWhiteListEntry + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + default: "" + - variable: sourceRange + label: "Source Range" + schema: + type: list + default: [] + items: + - variable: sourceRangeEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: ipStrategy + label: "IP Strategy" + schema: + additional_attrs: true + type: dict + attrs: + - variable: depth + label: "Depth" + schema: + type: int + required: true + - variable: excludedIPs + label: "Excluded IPs" + schema: + type: list + default: [] + items: + - variable: excludedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + + - variable: service + group: "Networking and Services" + label: "Configure Service Entrypoint" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Service" + description: "The Primary service on which the healthcheck runs, often the webUI" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "ClusterIP" + description: "ClusterIP" + - value: "NodePort" + description: "NodePort (Advanced)" + - value: "LoadBalancer" + description: "LoadBalancer (Advanced)" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ipFamilyPolicy + label: "IP Family Policy" + description: "(Advanced) Specify the ip policy" + schema: + show_if: [["type", "!=", "Simple"]] + type: string + default: "SingleStack" + enum: + - value: "SingleStack" + description: "SingleStack" + - value: "PreferDualStack" + description: "PreferDualStack" + - value: "RequireDualStack" + description: "RequireDualStack" + - variable: ipFamilies + label: "(advanced) IP families" + description: "(advanced) The ip families that should be used" + schema: + show_if: [["type", "!=", "Simple"]] + type: list + default: [] + items: + - variable: ipFamily + label: "IP family" + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Entrypoint Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + default: 9000 + + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 9000 + required: true + - variable: tcp + label: "TCP Service" + description: "The tcp Entrypoint service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the service" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "Simple" + enum: + - value: "Simple" + description: "Simple" + - value: "ClusterIP" + description: "ClusterIP" + - value: "NodePort" + description: "NodePort (Advanced)" + - value: "LoadBalancer" + description: "LoadBalancer (Advanced)" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ipFamilyPolicy + label: "IP Family Policy" + description: "(Advanced) Specify the ip policy" + schema: + show_if: [["type", "!=", "Simple"]] + type: string + default: "SingleStack" + enum: + - value: "SingleStack" + description: "SingleStack" + - value: "PreferDualStack" + description: "PreferDualStack" + - value: "RequireDualStack" + description: "RequireDualStack" + - variable: ipFamilies + label: "(advanced) IP families" + description: "(advanced) The ip families that should be used" + schema: + show_if: [["type", "!=", "Simple"]] + type: list + default: [] + items: + - variable: ipFamily + label: "IP family" + schema: + type: string + - variable: ports + label: "Service's Port(s) Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: web + label: "web Entrypoint Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 9080 + required: true + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + default: "websecure" + - variable: forwardedHeaders + label: "Accept Forwarded Headers" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: "Trusted IPs" + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: string + required: true + default: "" + - variable: insecureMode + label: "Insecure Mode" + schema: + type: boolean + default: false + - variable: websecure + label: "websecure Entrypoints Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: "Entrypoints Port" + schema: + type: int + default: 9443 + required: true + - variable: advanced + label: "Show Advanced settings" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: protocol + label: "Port Type" + schema: + type: string + default: "HTTPS" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - value: "UDP" + description: "UDP" + - variable: nodePort + label: "Node Port (Optional)" + description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" + schema: + type: int + min: 9000 + max: 65535 + - variable: targetPort + label: "Target Port" + description: "The internal(!) port on the container the Application runs on" + schema: + type: int + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + - variable: forwardedHeaders + label: "Accept Forwarded Headers" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: "Trusted IPs" + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: ipaddr + required: true + default: "" + - variable: insecureMode + label: "Insecure Mode" + schema: + type: boolean + default: false + - variable: tls + label: "websecure Entrypoints Configuration" + schema: + type: dict + hidden: true + attrs: + - variable: enabled + label: "Enabled" + schema: + type: boolean + default: true + hidden: true + - variable: portsList + label: "Additional TCP Entrypoints" + schema: + type: list + default: [] + items: + - variable: portsListEntry + label: "Custom Entrypoints" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the port" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Entrypoints Name" + schema: + type: string + default: "" + - variable: protocol + label: "Entrypoints Type" + schema: + type: string + default: "TCP" + enum: + - value: HTTP + description: "HTTP" + - value: "HTTPS" + description: "HTTPS" + - value: TCP + description: "TCP" + - variable: port + label: "Port" + description: "This port exposes the container port on the service" + schema: + type: int + required: true + - variable: tls + label: "websecure Entrypoints Configuration" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enabled" + schema: + type: boolean + default: true + - variable: redirectPort + label: "Redirect to Port" + schema: + type: int + - variable: redirectTo + label: "Redirect to Entrypoint" + schema: + type: string + - variable: forwardedHeaders + label: "Accept Forwarded Headers" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: trustedIPs + label: "Trusted IPs" + schema: + type: list + default: [] + items: + - variable: trustedIPsEntry + label: "" + schema: + type: ipaddr + required: true + default: "" + - variable: insecureMode + label: "Insecure Mode" + schema: + type: boolean + default: false + - variable: ingress + label: "" + group: "Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: main + label: "Main Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + + - variable: entrypoint + label: "(Advanced) Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + + - variable: expert + label: "Show Expert Configuration Options" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: enableFixedMiddlewares + description: "These middlewares enforce a number of best practices." + label: "Enable Default Middlewares" + schema: + type: boolean + default: true + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: ingressList + label: "Add Manual Custom Ingresses" + group: "Ingress" + schema: + type: list + default: [] + items: + - variable: ingressListEntry + label: "Custom Ingress" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable Ingress" + schema: + type: boolean + default: true + hidden: true + - variable: name + label: "Name" + schema: + type: string + default: "" + - variable: ingressClassName + label: "IngressClass Name" + schema: + type: string + default: "" + - variable: labelsList + label: "Labels" + schema: + type: list + default: [] + items: + - variable: labelItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: annotationsList + label: "Annotations" + schema: + type: list + default: [] + items: + - variable: annotationItem + label: "Label" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + - variable: hosts + label: "Hosts" + schema: + type: list + default: [] + items: + - variable: hostEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: host + label: "HostName" + schema: + type: string + default: "" + required: true + - variable: paths + label: "Paths" + schema: + type: list + default: [] + items: + - variable: pathEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: path + label: "path" + schema: + type: string + required: true + default: "/" + - variable: pathType + label: "pathType" + schema: + type: string + required: true + default: "Prefix" + - variable: service + label: "Linked Service" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Service Name" + schema: + type: string + default: "" + - variable: port + label: "Service Port" + schema: + type: int + - variable: tls + label: "TLS-Settings" + schema: + type: list + default: [] + items: + - variable: tlsEntry + label: "Host" + schema: + additional_attrs: true + type: dict + attrs: + - variable: hosts + label: "Certificate Hosts" + schema: + type: list + default: [] + items: + - variable: host + label: "Host" + schema: + type: string + default: "" + required: true + - variable: scaleCert + label: "Select TrueNAS SCALE Certificate" + schema: + type: int + $ref: + - "definitions/certificate" + - variable: entrypoint + label: "Traefik Entrypoint" + description: "Entrypoint used by Traefik when using Traefik as Ingress Provider" + schema: + type: string + default: "websecure" + required: true + - variable: middlewares + label: "Traefik Middlewares" + description: "Add previously created Traefik Middlewares to this Ingress" + schema: + type: list + default: [] + items: + - variable: name + label: "Name" + schema: + type: string + default: "" + required: true + + - variable: security + label: "Container Security Settings" + group: "Security and Permissions" + schema: + type: dict + additional_attrs: true + attrs: + - variable: editsecurity + label: "Change PUID / UMASK values" + description: "By enabling this you override default set values." + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: PUID + label: "Process User ID - PUID" + description: "When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps" + schema: + type: int + default: 568 + - variable: UMASK + label: "UMASK" + description: "When supported by the container, this sets the UMASK for tha App. Not supported by all Apps" + schema: + type: string + default: "002" + + - variable: advancedSecurity + label: "Show Advanced Security Settings" + group: "Security and Permissions" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: securityContext + label: "Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: privileged + label: "Privileged mode" + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: "ReadOnly Root Filesystem" + schema: + type: boolean + default: true + - variable: allowPrivilegeEscalation + label: "Allow Privilege Escalation" + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: "runAsNonRoot" + schema: + type: boolean + default: true + - variable: capabilities + label: "Capabilities" + schema: + additional_attrs: true + type: dict + attrs: + - variable: drop + label: "Drop Capability" + schema: + type: list + default: [] + items: + - variable: dropEntry + label: "" + schema: + type: string + - variable: add + label: "Add Capability" + schema: + type: list + default: [] + items: + - variable: addEntry + label: "" + schema: + type: string + + - variable: podSecurityContext + group: "Security and Permissions" + label: "Pod Security Context" + schema: + additional_attrs: true + type: dict + attrs: + - variable: runAsUser + label: "runAsUser" + description: "The UserID of the user running the application" + schema: + type: int + default: 568 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 568 + - variable: fsGroup + label: "fsGroup" + description: "The group that should own ALL storage." + schema: + type: int + default: 568 + - variable: fsGroupChangePolicy + label: "When should we take ownership?" + schema: + type: string + default: "OnRootMismatch" + enum: + - value: "OnRootMismatch" + description: "OnRootMismatch" + - value: "Always" + description: "Always" + - variable: supplementalGroups + label: "supplemental Groups" + schema: + type: list + default: [] + items: + - variable: supplementalGroupsEntry + label: "supplemental Group" + schema: + type: int + + + - variable: advancedresources + label: "Set Custom Resource Limits/Requests (Advanced)" + group: "Resources and Devices" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: resources + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: limits + label: "Advanced Limit Resource Consumption" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: "CPU" + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "4000m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "8Gi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + - variable: requests + label: "Minimum Resources Required (request)" + schema: + additional_attrs: true + type: dict + attrs: + - variable: cpu + label: "CPU" + description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "10m" + valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$' + - variable: memory + label: "RAM" + description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/" + schema: + type: string + default: "50Mi" + valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$' + + - variable: deviceList + label: "Mount USB devices" + group: "Resources and Devices" + schema: + type: list + default: [] + items: + - variable: deviceListEntry + label: "Device" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "Enable the storage" + schema: + type: boolean + default: true + - variable: type + label: "(Advanced) Type of Storage" + description: "Sets the persistence type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: readOnly + label: "readOnly" + schema: + type: boolean + default: false + - variable: hostPath + label: "Host Device Path" + description: "Path to the device on the host system" + schema: + type: path + - variable: mountPath + label: "Container Device Path" + description: "Path inside the container the device is mounted" + schema: + type: string + default: "/dev/ttyACM0" + + # Specify GPU configuration + - variable: scaleGPU + label: "GPU Configuration" + group: "Resources and Devices" + schema: + type: dict + $ref: + - "definitions/gpuConfiguration" + attrs: [] + +# - variable: autoscaling +# group: "Advanced" +# label: "(Advanced) Horizontal Pod Autoscaler" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: "enabled" +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: target +# label: "Target" +# description: "deployment name, defaults to main deployment" +# schema: +# type: string +# default: "" +# - variable: minReplicas +# label: "Minimum Replicas" +# schema: +# type: int +# default: 1 +# - variable: maxReplicas +# label: "Maximum Replicas" +# schema: +# type: int +# default: 5 +# - variable: targetCPUUtilizationPercentage +# label: "Target CPU Utilization Percentage" +# schema: +# type: int +# default: 80 +# - variable: targetMemoryUtilizationPercentage +# label: "Target Memory Utilization Percentage" +# schema: +# type: int +# default: 80 +# - variable: networkPolicy +# group: "Advanced" +# label: "(Advanced) Network Policy" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: enabled +# label: "enabled" +# schema: +# type: boolean +# default: false +# show_subquestions_if: true +# subquestions: +# - variable: policyType +# label: "Policy Type" +# schema: +# type: string +# default: "" +# enum: +# - value: "" +# description: "Default" +# - value: "ingress" +# description: "Ingress" +# - value: "egress" +# description: "Egress" +# - value: "ingress-egress" +# description: "Ingress and Egress" +# - variable: egress +# label: "Egress" +# schema: +# type: list +# default: [] +# items: +# - variable: egressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: to +# label: "To" +# schema: +# type: list +# default: [] +# items: +# - variable: toEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: "ipBlock" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: "cidr" +# schema: +# type: string +# default: "" +# - variable: except +# label: "except" +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: "namespaceSelector" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: "Ports" +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: "port" +# schema: +# type: int +# - variable: endPort +# label: "port" +# schema: +# type: int +# - variable: protocol +# label: "Protocol" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "TCP" +# description: "TCP" +# - value: "UDP" +# description: "UDP" +# - value: "SCTP" +# description: "SCTP" +# - variable: ingress +# label: "Ingress" +# schema: +# type: list +# default: [] +# items: +# - variable: ingressEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: from +# label: "From" +# schema: +# type: list +# default: [] +# items: +# - variable: fromEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: ipBlock +# label: "ipBlock" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: cidr +# label: "cidr" +# schema: +# type: string +# default: "" +# - variable: except +# label: "except" +# schema: +# type: list +# default: [] +# items: +# - variable: exceptint +# label: "" +# schema: +# type: string +# - variable: namespaceSelector +# label: "namespaceSelector" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: podSelector +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: matchExpressions +# label: "matchExpressions" +# schema: +# type: list +# default: [] +# items: +# - variable: expressionEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: key +# label: "Key" +# schema: +# type: string +# - variable: operator +# label: "operator" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "In" +# description: "In" +# - value: "NotIn" +# description: "NotIn" +# - value: "Exists " +# description: "Exists " +# - value: "DoesNotExist " +# description: "DoesNotExist " +# - variable: values +# label: "values" +# schema: +# type: list +# default: [] +# items: +# - variable: value +# label: "" +# schema: +# type: string +# - variable: ports +# label: "Ports" +# schema: +# type: list +# default: [] +# items: +# - variable: portsEntry +# label: "" +# schema: +# additional_attrs: true +# type: dict +# attrs: +# - variable: port +# label: "port" +# schema: +# type: int +# - variable: endPort +# label: "port" +# schema: +# type: int +# - variable: protocol +# label: "Protocol" +# schema: +# type: string +# default: "TCP" +# enum: +# - value: "TCP" +# description: "TCP" +# - value: "UDP" +# description: "UDP" +# - value: "SCTP" +# description: "SCTP" + + + - variable: addons + group: "Addons" + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: vpn + label: "VPN" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Type" + schema: + type: string + default: "disabled" + enum: + - value: "disabled" + description: "disabled" + - value: "openvpn" + description: "OpenVPN" + - value: "wireguard" + description: "Wireguard" + - variable: openvpn + label: "OpenVPN Settings" + schema: + type: dict + show_if: [["type", "=", "openvpn"]] + attrs: + - variable: username + label: "authentication username" + description: "authentication username, optional" + schema: + type: string + default: "" + - variable: password + label: "authentication password" + description: "authentication credentials" + schema: + type: string + default: "" + required: true + - variable: killSwitch + label: "Enable killswitch" + schema: + type: boolean + show_if: [["type", "!=", "disabled"]] + default: true + - variable: excludedNetworks_IPv4 + label: "Killswitch Excluded IPv4 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv4 + label: "IPv4 Network" + schema: + type: string + required: true + - variable: excludedNetworks_IPv6 + label: "Killswitch Excluded IPv6 networks" + description: "list of killswitch excluded ipv4 addresses" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: networkv6 + label: "IPv6 Network" + schema: + type: string + required: true + + - variable: configFile + label: "VPN Config File Location" + schema: + type: dict + show_if: [["type", "!=", "disabled"]] + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: true + hidden: true + - variable: type + label: "type" + schema: + type: string + default: "hostPath" + hidden: true + - variable: hostPathType + label: "hostPathType" + schema: + type: string + default: "File" + hidden: true + - variable: noMount + label: "noMount" + schema: + type: boolean + default: true + hidden: true + - variable: hostPath + label: "Full path to file" + description: "path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn" + schema: + type: string + default: "" + required: true + - variable: envList + label: "VPN environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + - variable: codeserver + label: "Codeserver" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: git + label: "Git Settings" + schema: + additional_attrs: true + type: dict + attrs: + - variable: deployKey + description: "Raw SSH private key" + label: "deployKey" + schema: + type: string + - variable: deployKeyBase64 + description: "Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence" + label: "deployKeyBase64" + schema: + type: string + - variable: service + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: type + label: "Service Type" + description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer" + schema: + type: string + default: "NodePort" + enum: + - value: "NodePort" + description: "NodePort" + - value: "ClusterIP" + description: "ClusterIP" + - value: "LoadBalancer" + description: "LoadBalancer" + - variable: loadBalancerIP + label: "LoadBalancer IP" + description: "LoadBalancerIP" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: string + default: "" + - variable: externalIPs + label: "External IP's" + description: "External IP's" + schema: + show_if: [["type", "=", "LoadBalancer"]] + type: list + default: [] + items: + - variable: externalIP + label: "External IP" + schema: + type: string + - variable: ports + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: codeserver + label: "" + schema: + additional_attrs: true + type: dict + attrs: + - variable: nodePort + description: "leave empty to disable" + label: "nodePort" + schema: + type: int + default: 36107 + - variable: envList + label: "Codeserver environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + - variable: promtail + label: "Promtail" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: loki + label: "Loki URL" + schema: + type: string + required: true + - variable: logs + label: "Log Paths" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: path + label: "Path" + schema: + type: string + required: true + - variable: args + label: "Promtail ecommand line arguments" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: arg + label: "Arg" + schema: + type: string + required: true + - variable: envList + label: "Promtail environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true + + + + + - variable: netshoot + label: "Netshoot" + schema: + additional_attrs: true + type: dict + attrs: + - variable: enabled + label: "enabled" + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: envList + label: "Netshoot environment Variables" + schema: + type: list + show_if: [["type", "!=", "disabled"]] + default: [] + items: + - variable: envItem + label: "Environment Variable" + schema: + additional_attrs: true + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + required: true + - variable: value + label: "Value" + schema: + type: string + required: true diff --git a/stable/traefik/12.0.23/templates/_args.tpl b/stable/traefik/12.0.23/templates/_args.tpl new file mode 100644 index 00000000000..a395c6505bb --- /dev/null +++ b/stable/traefik/12.0.23/templates/_args.tpl @@ -0,0 +1,155 @@ +{{/* Define the args */}} +{{- define "traefik.args" -}} +args: + {{/* merge all ports */}} + {{- $ports := dict }} + {{- range $.Values.service }} + {{- range $name, $value := .ports }} + {{- $_ := set $ports $name $value }} + {{- end }} + {{- end }} + {{/* start of actual arguments */}} + {{- with .Values.globalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} + {{- range $name, $config := $ports }} + {{- if $config }} + {{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }} + {{- $_ := set $config "protocol" "TCP" }} + {{- end }} + - "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}" + {{- end }} + {{- end }} + - "--api.dashboard=true" + - "--ping=true" + {{- if .Values.metrics }} + {{- if .Values.metrics.datadog }} + - "--metrics.datadog=true" + - "--metrics.datadog.address={{ .Values.metrics.datadog.address }}" + {{- end }} + {{- if .Values.metrics.influxdb }} + - "--metrics.influxdb=true" + - "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}" + - "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}" + {{- end }} + {{- if .Values.metrics.prometheus }} + - "--metrics.prometheus=true" + - "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}" + {{- end }} + {{- if .Values.metrics.statsd }} + - "--metrics.statsd=true" + - "--metrics.statsd.address={{ .Values.metrics.statsd.address }}" + {{- end }} + {{- end }} + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress" + {{- if .Values.providers.kubernetesIngress.publishedService.enabled }} + - "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.labelSelector }} + - "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}" + {{- end }} + {{- end }} + {{- if and .Values.rbac.enabled .Values.rbac.namespaced }} + {{- if .Values.providers.kubernetesCRD.enabled }} + - "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}" + {{- end }} + {{- if .Values.providers.kubernetesIngress.enabled }} + - "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}" + {{- end }} + {{- end }} + {{- if .Values.ingressClass.enabled }} + - "--providers.kubernetesingress.ingressclass={{ .Release.Name }}" + {{- end }} + {{- range $entrypoint, $config := $ports }} + {{/* add args for forwardedHeaders support */}} + {{- if $config.forwardedHeaders.enabled }} + {{- if not ( empty $config.forwardedHeaders.trustedIPs ) }} + - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}" + {{- end }} + {{- if $config.forwardedHeaders.insecureMode }} + - "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure" + {{- end }} + {{- end }} + {{/* end forwardedHeaders configuration */}} + {{- if $config.redirectTo }} + {{- $toPort := index $ports $config.redirectTo }} + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}" + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" + {{- else if $config.redirectPort }} + {{ if gt $config.redirectPort 0.0 }} + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}" + - "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https" + {{- end }} + {{- end }} + {{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }} + {{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }} + - "--entrypoints.{{ $entrypoint }}.http.tls=true" + {{- if $config.tls.options }} + - "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}" + {{- end }} + {{- if $config.tls.certResolver }} + - "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}" + {{- end }} + {{- if $config.tls.domains }} + {{- range $index, $domain := $config.tls.domains }} + {{- if $domain.main }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}" + {{- end }} + {{- if $domain.sans }} + - "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}" + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- with .Values.logs }} + - "--log.format={{ .general.format }}" + {{- if ne .general.level "ERROR" }} + - "--log.level={{ .general.level | upper }}" + {{- end }} + {{- if .access.enabled }} + - "--accesslog=true" + - "--accesslog.format={{ .access.format }}" + {{- if .access.bufferingsize }} + - "--accesslog.bufferingsize={{ .access.bufferingsize }}" + {{- end }} + {{- if .access.filters }} + {{- if .access.filters.statuscodes }} + - "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}" + {{- end }} + {{- if .access.filters.retryattempts }} + - "--accesslog.filters.retryattempts" + {{- end }} + {{- if .access.filters.minduration }} + - "--accesslog.filters.minduration={{ .access.filters.minduration }}" + {{- end }} + {{- end }} + - "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.general.names }} + - "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + - "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}" + {{- range $fieldname, $fieldaction := .access.fields.headers.names }} + - "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}" + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.pilot.enabled }} + - "--pilot.token={{ .Values.pilot.token }}" + {{- end }} + {{- if hasKey .Values.pilot "dashboard" }} + - "--pilot.dashboard={{ .Values.pilot.dashboard }}" + {{- end }} + {{- with .Values.additionalArguments }} + {{- range . }} + - {{ . | quote }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/stable/traefik/12.0.23/templates/_helpers.tpl b/stable/traefik/12.0.23/templates/_helpers.tpl new file mode 100644 index 00000000000..ab55e4e7ec6 --- /dev/null +++ b/stable/traefik/12.0.23/templates/_helpers.tpl @@ -0,0 +1,22 @@ +{{/* +Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice. +By convention this will simply use the / to match the name of the +service generated. +Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride` +*/}} +{{- define "providers.kubernetesIngress.publishedServicePath" -}} +{{- $fullName := include "tc.common.names.fullname" . -}} +{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}} +{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }} +{{- print $servicePath | trimSuffix "-" -}} +{{- end -}} + +{{/* +Construct a comma-separated list of whitelisted namespaces +*/}} +{{- define "providers.kubernetesIngress.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }} +{{- end -}} +{{- define "providers.kubernetesCRD.namespaces" -}} +{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }} +{{- end -}} diff --git a/stable/traefik/12.0.23/templates/_ingressclass.tpl b/stable/traefik/12.0.23/templates/_ingressclass.tpl new file mode 100644 index 00000000000..909e249d6a5 --- /dev/null +++ b/stable/traefik/12.0.23/templates/_ingressclass.tpl @@ -0,0 +1,24 @@ +{{/* Define the ingressClass */}} +{{- define "traefik.ingressClass" -}} +--- +{{ if .Values.ingressClass.enabled }} + {{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }} +apiVersion: networking.k8s.io/v1 + {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }} +apiVersion: networking.k8s.io/v1beta1 + {{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }} +apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }} + {{- else }} + {{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }} + {{- end }} +kind: IngressClass +metadata: + annotations: + ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} + name: {{ .Release.Name }} +spec: + controller: traefik.io/ingress-controller +{{- end }} +{{- end }} diff --git a/stable/traefik/12.0.23/templates/_ingressroute.tpl b/stable/traefik/12.0.23/templates/_ingressroute.tpl new file mode 100644 index 00000000000..7f012c92350 --- /dev/null +++ b/stable/traefik/12.0.23/templates/_ingressroute.tpl @@ -0,0 +1,25 @@ +{{/* Define the ingressRoute */}} +{{- define "traefik.ingressRoute" -}} +{{ if .Values.ingressRoute.dashboard.enabled }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: {{ include "tc.common.names.fullname" . }}-dashboard + annotations: + {{- with .Values.ingressRoute.dashboard.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +spec: + entryPoints: + - main + routes: + - match: PathPrefix(`/dashboard`) || PathPrefix(`/api`) + kind: Rule + services: + - name: api@internal + kind: TraefikService +{{ end }} +{{- end -}} diff --git a/stable/traefik/12.0.23/templates/_portalhook.tpl b/stable/traefik/12.0.23/templates/_portalhook.tpl new file mode 100644 index 00000000000..e3586c5d4e9 --- /dev/null +++ b/stable/traefik/12.0.23/templates/_portalhook.tpl @@ -0,0 +1,26 @@ +{{/* Define the portalHook */}} +{{- define "traefik.portalhook" -}} +{{- if .Values.portalhook.enabled }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: portalhook + namespace: {{ $namespace }} +data: + {{- $ports := dict }} + {{- range $.Values.service }} + {{- range $name, $value := .ports }} + {{- $_ := set $ports $name $value }} + {{- end }} + {{- end }} + {{- range $name, $value := $ports }} + {{ $name }}: {{ $value.port | quote }} + {{- end }} +{{- end }} +{{- end -}} diff --git a/stable/traefik/12.0.23/templates/_tlsoptions.tpl b/stable/traefik/12.0.23/templates/_tlsoptions.tpl new file mode 100644 index 00000000000..3e5aad3bee9 --- /dev/null +++ b/stable/traefik/12.0.23/templates/_tlsoptions.tpl @@ -0,0 +1,12 @@ +{{/* Define the tlsOptions */}} +{{- define "traefik.tlsOptions" -}} +{{- range $name, $config := .Values.tlsOptions }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: TLSOption +metadata: + name: {{ $name }} +spec: + {{- toYaml $config | nindent 2 }} +{{- end }} +{{- end -}} diff --git a/stable/traefik/12.0.23/templates/common.yaml b/stable/traefik/12.0.23/templates/common.yaml new file mode 100644 index 00000000000..d078b251c20 --- /dev/null +++ b/stable/traefik/12.0.23/templates/common.yaml @@ -0,0 +1,24 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{- if .Values.metrics }} +{{- if .Values.metrics.prometheus }} +{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "9180" -}} +{{- end }} +{{- end }} + +{{- $newArgs := (include "traefik.args" . | fromYaml) }} +{{- $_ := set .Values "newArgs" $newArgs -}} +{{- $mergedargs := concat .Values.args .Values.newArgs.args }} +{{- $_ := set .Values "args" $mergedargs -}} + +{{- include "traefik.portalhook" . }} +{{- include "traefik.tlsOptions" . }} +{{- include "traefik.ingressRoute" . }} +{{- include "traefik.ingressClass" . }} + + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/stable/traefik/12.0.23/templates/middlewares/basic-middleware.yaml b/stable/traefik/12.0.23/templates/middlewares/basic-middleware.yaml new file mode 100644 index 00000000000..de5be0af830 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/basic-middleware.yaml @@ -0,0 +1,64 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: compress + namespace: {{ $namespace }} +spec: + compress: {} +--- +# Here, an average of 300 requests per second is allowed. +# In addition, a burst of 200 requests is allowed. +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: basic-ratelimit + namespace: {{ $namespace }} +spec: + rateLimit: + average: 600 + burst: 400 +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: basic-secure-headers + namespace: {{ $namespace }} +spec: + headers: + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + accessControlMaxAge: 100 + sslRedirect: true + stsSeconds: 63072000 + # stsIncludeSubdomains: false + # stsPreload: false + forceSTSHeader: true + contentTypeNosniff: true + browserXssFilter: true + sslForceHost: true + referrerPolicy: same-origin + customRequestHeaders: + X-Forwarded-Proto: "https" + customResponseHeaders: + server: '' +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: chain-basic + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: basic-ratelimit + - name: basic-secure-headers + - name: compress diff --git a/stable/traefik/12.0.23/templates/middlewares/basicauth.yaml b/stable/traefik/12.0.23/templates/middlewares/basicauth.yaml new file mode 100644 index 00000000000..ccb541742f0 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/basicauth.yaml @@ -0,0 +1,34 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.basicAuth }} +--- +{{- $users := list }} +{{ range $index, $userdata := $middlewareData.users }} + {{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }} +{{ end }} + +apiVersion: v1 +kind: Secret +metadata: + name: {{printf "%v-%v" $middlewareData.name "secret" }} + namespace: {{ $namespace }} +type: Opaque +stringData: + users: | + {{- range $index, $user := $users }} + {{ printf "%s" $user }} + {{- end }} +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + basicAuth: + secret: {{printf "%v-%v" $middlewareData.name "secret" }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/chain.yaml b/stable/traefik/12.0.23/templates/middlewares/chain.yaml new file mode 100644 index 00000000000..f87994f7956 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/chain.yaml @@ -0,0 +1,21 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.chain }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + chain: + middlewares: + {{ range $index, $middleware := .middlewares }} + - name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }} + {{ end }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/forwardauth.yaml b/stable/traefik/12.0.23/templates/middlewares/forwardauth.yaml new file mode 100644 index 00000000000..7a3e32fdbf7 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/forwardauth.yaml @@ -0,0 +1,30 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + forwardAuth: + address: {{ $middlewareData.address }} + {{- with $middlewareData.authResponseHeaders }} + authResponseHeaders: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with $middlewareData.authRequestHeaders }} + authRequestHeaders: + {{- toYaml . | nindent 4 }} + {{- end }} + {{- if $middlewareData.authResponseHeadersRegex }} + authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }} + {{- end }} + {{- if $middlewareData.trustForwardHeader }} + trustForwardHeader: true + {{- end }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/ipwhitelist.yaml b/stable/traefik/12.0.23/templates/middlewares/ipwhitelist.yaml new file mode 100644 index 00000000000..1179245017e --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/ipwhitelist.yaml @@ -0,0 +1,33 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + ipWhiteList: + sourceRange: + {{- range $middlewareData.sourceRange }} + - {{ . }} + {{- end }} + {{- if $middlewareData.ipStrategy }} + ipStrategy: + {{- if $middlewareData.ipStrategy.depth }} + depth: {{ $middlewareData.ipStrategy.depth }} + {{- end }} + {{- if $middlewareData.ipStrategy.excludedIPs }} + excludedIPs: + {{- range $middlewareData.ipStrategy.excludedIPs }} + - {{ . }} + {{- end }} + {{- end }} + {{- end }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/ratelimit.yaml b/stable/traefik/12.0.23/templates/middlewares/ratelimit.yaml new file mode 100644 index 00000000000..144b9d8bf38 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/ratelimit.yaml @@ -0,0 +1,19 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.rateLimit }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + rateLimit: + average: {{ $middlewareData.average }} + burst: {{ $middlewareData.burst }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/redirectScheme.yaml b/stable/traefik/12.0.23/templates/middlewares/redirectScheme.yaml new file mode 100644 index 00000000000..f2413f84e19 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/redirectScheme.yaml @@ -0,0 +1,19 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + redirectScheme: + scheme: {{ $middlewareData.scheme }} + permanent: {{ $middlewareData.permanent }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/redirectregex.yaml b/stable/traefik/12.0.23/templates/middlewares/redirectregex.yaml new file mode 100644 index 00000000000..46e3e724dd6 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/redirectregex.yaml @@ -0,0 +1,20 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }} + +--- +# Declaring the user list +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + redirectRegex: + regex: {{ $middlewareData.regex | quote }} + replacement: {{ $middlewareData.replacement | quote }} + permanent: {{ $middlewareData.permanent }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/stripPrefixRegex.yaml b/stable/traefik/12.0.23/templates/middlewares/stripPrefixRegex.yaml new file mode 100644 index 00000000000..007c166ff39 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/stripPrefixRegex.yaml @@ -0,0 +1,20 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} + +{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: {{ $middlewareData.name }} + namespace: {{ $namespace }} +spec: + stripPrefixRegex: + regex: + {{- range $middlewareData.regex }} + - {{ . | quote }} + {{- end }} +{{ end }} diff --git a/stable/traefik/12.0.23/templates/middlewares/tc-chains.yaml b/stable/traefik/12.0.23/templates/middlewares/tc-chains.yaml new file mode 100644 index 00000000000..409766daa89 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/tc-chains.yaml @@ -0,0 +1,29 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-opencors-chain + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: basic-ratelimit + - name: tc-opencors-headers + - name: compress +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-closedcors-chain + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: basic-ratelimit + - name: tc-closedcors-headers + - name: compress diff --git a/stable/traefik/12.0.23/templates/middlewares/tc-headers.yaml b/stable/traefik/12.0.23/templates/middlewares/tc-headers.yaml new file mode 100644 index 00000000000..a0462f1fd73 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/tc-headers.yaml @@ -0,0 +1,62 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-opencors-headers + namespace: {{ $namespace }} +spec: + headers: + accessControlAllowHeaders: + - '*' + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + - POST + accessControlAllowOriginList: + - '*' + accessControlMaxAge: 100 + browserXssFilter: true + contentTypeNosniff: true + customRequestHeaders: + X-Forwarded-Proto: https + customResponseHeaders: + server: "" + forceSTSHeader: true + referrerPolicy: same-origin + sslForceHost: true + sslRedirect: true + stsSeconds: 63072000 +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-closedcors-headers + namespace: {{ $namespace }} +spec: + headers: + accessControlAllowMethods: + - GET + - OPTIONS + - HEAD + - PUT + accessControlMaxAge: 100 + sslRedirect: true + stsSeconds: 63072000 + # stsIncludeSubdomains: false + # stsPreload: false + forceSTSHeader: true + contentTypeNosniff: true + browserXssFilter: true + sslForceHost: true + referrerPolicy: same-origin + customRequestHeaders: + X-Forwarded-Proto: "https" + customResponseHeaders: + server: '' diff --git a/stable/traefik/12.0.23/templates/middlewares/tc-nextcloud.yaml b/stable/traefik/12.0.23/templates/middlewares/tc-nextcloud.yaml new file mode 100644 index 00000000000..6a3019d56c5 --- /dev/null +++ b/stable/traefik/12.0.23/templates/middlewares/tc-nextcloud.yaml @@ -0,0 +1,25 @@ +{{- $values := .Values }} +{{- $namespace := ( printf "ix-%s" .Release.Name ) }} +{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }} +{{- $namespace = "default" }} +{{- end }} +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-nextcloud-redirectregex-dav + namespace: {{ $namespace }} +spec: + redirectRegex: + regex: "https://(.*)/.well-known/(card|cal)dav" + replacement: "https://${1}/remote.php/dav/" +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: tc-nextcloud-chain + namespace: {{ $namespace }} +spec: + chain: + middlewares: + - name: tc-nextcloud-redirectregex-dav diff --git a/stable/traefik/12.0.23/values.yaml b/stable/traefik/12.0.23/values.yaml new file mode 100644 index 00000000000..e69de29bb2d