truecharts.local
/
catalog
mirror of https://github.com/truecharts/catalog.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Commit new Chart releases for TrueCharts 

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot 2022-09-23 00:35:56 +00:00
parent fccc0eaf92
commit b82f0b0bb6
17 changed files with 4183 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
incubator/blocky/0.0.1/CHANGELOG.md Normal file
View File

@ -0,0 +1,11 @@
# Changelog
## [blocky-0.0.1]blocky-0.0.1 (2022-09-22)
### Feat
- add blocky ([#3735](https://github.com/truecharts/charts/issues/3735))

9
incubator/blocky/0.0.1/Chart.lock Normal file
View File

@ -0,0 +1,9 @@
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.5.7
- name: redis
repository: https://charts.truecharts.org
version: 3.0.67
digest: sha256:4cf9731678aced1ef480c08befa018ca96eb3be1789d55b2695b486492b04569
generated: "2022-09-23T00:34:04.104686927Z"

34
incubator/blocky/0.0.1/Chart.yaml Normal file
View File

@ -0,0 +1,34 @@
apiVersion: v2
appVersion: "elopment"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.5.7
- condition: redis.enabled
name: redis
repository: https://charts.truecharts.org
version: 3.0.67
description: Blocky is a DNS proxy and ad-blocker for the local network written in Go
home: https://truecharts.org/docs/charts/incubator/blocky
icon: https://truecharts.org/img/hotlink-ok/chart-icons/blocky.png
keywords:
- dns
- blocky
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: blocky
sources:
- https://github.com/truecharts/charts/tree/master/charts/incubator/blocky
- https://0xerr0r.github.io/blocky/
- https://github.com/0xERR0R/blocky
- https://github.com/Mozart409/blocky-frontend
- https://hub.docker.com/r/spx01/blocky
version: 0.0.1
annotations:
truecharts.org/catagories: |
- network
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

110
incubator/blocky/0.0.1/README.md Normal file
View File

@ -0,0 +1,110 @@
# blocky
Blocky is a DNS proxy and ad-blocker for the local network written in Go
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
This readme is just an automatically generated general guide on installing our Helm Charts and Apps.
For more information, please click here: [blocky](https://truecharts.org/docs/charts/incubator/blocky)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Source Code
* <https://github.com/truecharts/charts/tree/master/charts/incubator/blocky>
* <https://0xerr0r.github.io/blocky/>
* <https://github.com/0xERR0R/blocky>
* <https://github.com/Mozart409/blocky-frontend>
* <https://hub.docker.com/r/spx01/blocky>
## Requirements
Kubernetes: `>=1.16.0-0`
## Dependencies
| Repository | Name | Version |
|------------|------|---------|
| https://charts.truecharts.org | redis | 3.0.67 |
| https://library-charts.truecharts.org | common | 10.5.7 |
## Installing the Chart
### TrueNAS SCALE
To install this Chart on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Installing-an-App).
### Helm
To install the chart with the release name `blocky`
```console
helm repo add TrueCharts https://charts.truecharts.org
helm repo update
helm install blocky TrueCharts/blocky
```
## Uninstall
### TrueNAS SCALE
**Upgrading, Rolling Back and Uninstalling the Chart**
To upgrade, rollback or delete this Chart from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/docs/manual/SCALE%20Apps/Upgrade-rollback-delete-an-App).
### Helm
To uninstall the `blocky` deployment
```console
helm uninstall blocky
```
## Configuration
### Helm
#### Available Settings
Read through the values.yaml file. It has several commented out suggested values.
Other values may be used from the [values.yaml](https://github.com/truecharts/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
#### Configure using the command line
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
```console
helm install blocky \
--set env.TZ="America/New York" \
TrueCharts/blocky
```
#### Configure using a yaml file
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
```console
helm install blocky TrueCharts/blocky -f values.yaml
```
#### Connecting to other charts
If you need to connect this Chart to other Charts on TrueNAS SCALE, please refer to our [Linking Charts Internally](https://truecharts.org/docs/manual/SCALE%20Apps/linking-apps) quick-start guide.
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/docs/manual/SCALE%20Apps/Important-MUST-READ).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
---
All Rights Reserved - The TrueCharts Project

8
incubator/blocky/0.0.1/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
Blocky is a DNS proxy and ad-blocker for the local network written in Go
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/docs/charts/incubator/blocky](https://truecharts.org/docs/charts/incubator/blocky)
---
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/docs/about/sponsor) or contributing back to the project any way you can!

BIN
incubator/blocky/0.0.1/charts/common-10.5.7.tgz Normal file
View File

Binary file not shown.

BIN
incubator/blocky/0.0.1/charts/redis-3.0.67.tgz Normal file
View File

Binary file not shown.

7
incubator/blocky/0.0.1/ci/k8sgateway-values.yaml Normal file
View File

@ -0,0 +1,7 @@
k8sgateway:
enabled: true
# -- list of processed domains
domains:
- domain: something.com
dnsChallenge:
enabled: false

0
incubator/blocky/0.0.1/ci/standalone-values.yaml Normal file
View File

338
incubator/blocky/0.0.1/ix_values.yaml Normal file
View File

@ -0,0 +1,338 @@
image:
repository: spx01/blocky
tag: development@sha256:c55e676e89cee31edeee687d70f7ed957b727d61b5611e213809f7a0399fe4ef
# repository: tccr.io/truecharts/blocky
# tag: v0.19@sha256:77a474542f12f480deca33ff0a6375846918b86988c13f858620839d8818ca84
pullPolicy: IfNotPresent
WebUIImage:
repository: tccr.io/truecharts/blocky-frontend
tag: v0.0.3@sha256:81058f20520dcdb80c9883b6f21b338446fefc333e3ca8bd7d17336a24a5d842
pullPolicy: IfNotPresent
k8sgatewayImage:
repository: tccr.io/truecharts/k8s_gateway
pullPolicy: IfNotPresent
tag: 0.3.2@sha256:594fd6990eb2e0af1df7df8ba76cb3ca66232f46c5df5ebf786a45dd19777ae5
controller:
# -- Set additional annotations on the deployment/statefulset/daemonset
# -- Number of desired pods
replicas: 2
# -- Set the controller upgrade strategy
# For Deployments, valid values are Recreate (default) and RollingUpdate.
# For StatefulSets, valid values are OnDelete and RollingUpdate (default).
# DaemonSets ignore this.
strategy: RollingUpdate
# -- Blocky Config File content
blockyConfig: {}
# upstream:
# default:
# - 1.1.1.1
env:
BLOCKY_CONFIG_FILE: "/app/config/"
blocky:
enableWebUI: true
enablePrometheus: true
probes:
liveness:
enabled:
custom: true
spec:
exec:
command:
- /app/blocky
- healthcheck
readiness:
custom: true
spec:
exec:
command:
- /app/blocky
- healthcheck
startup:
custom: true
spec:
exec:
command:
- /app/blocky
- healthcheck
service:
main:
ports:
main:
port: 10315
protocol: HTTP
targetPort: 80
dns-tcp:
enabled: true
ports:
dns-tcp:
enabled: true
port: 53
targetPort: 53
dns-udp:
enabled: true
ports:
dns-udp:
enabled: true
port: 53
protocol: UDP
targetPort: 53
dot:
enabled: true
ports:
dot:
enabled: true
port: 853
protocol: TCP
targetPort: 853
http:
enabled: true
ports:
http:
enabled: true
port: 4000
protocol: HTTP
targetPort: 4000
https:
enabled: true
ports:
https:
enabled: true
port: 4443
protocol: HTTPS
targetPort: 4443
k8sgateway:
enabled: true
ports:
k8sgateway:
enabled: true
port: 5353
protocol: UDP
targetPort: 5353
## TODO Add support for SCALE certificates and certificates secrets here
certFile: ""
keyFile: ""
logLevel: info
logFormat: text
logTimestamp: true
logPrivacy: false
dohUserAgent: ""
minTlsServeVersion: 1.2
# -- set the default DNS upstream servers
# Primarily designed for inclusion in the TrueNAS SCALE GUI
defaultUpstreams:
- 1.1.1.1
- 1.0.0.1
- 8.8.8.8
- 8.8.4.4
- 9.9.9.9
- 149.112.112.112
- 208.67.222.222
- 208.67.220.220
- 8.26.56.26
- 8.20.247.20
- 185.228.168.9
- 185.228.169.9
- 76.76.19.19
- 76.223.122.150
- 76.76.2.0
- 76.76.10.0
# -- set additional upstreams
# Primarily designed for inclusion in the TrueNAS SCALE GUI
upstreams:
# - name: group2
# dnsservers:
# - 1.1.1.1
# -- set bootstrap dns (not needed)
# Ensures bootstrap encryption and ensure it doesn't use k8s dns
bootstrapDns:
# -- Upstream
upstream: ""
# -- IP's linked to upstream DoT/DoH DNS name
ips: []
# -- Return empty answer for these queries
filtering:
# -- Ensures filtering by query type
queryTypes: []
# -- Set manual custom DNS resolution
customDNS:
customTTL: 1h
filterUnmappedTypes: true
rewrite: []
# - in: something.com
# out: somethingelse.com
mapping: []
# - domain: something.com
# dnsserver: 192.168.178.1
# -- Setup client-name lookup
clientLookup:
# -- upstream used for client-name lookup
upstream: ""
singleNameOrder: []
clients:
# - domain: laptop
# ips: []
# -- Setup caching
caching:
minTime: 5m
maxTime: 30m
maxItemsCount: 0
prefetching: false
prefetchExpires: 2h
prefetchThreshold: 5
prefetchMaxItemsCount: 0
cacheTimeNegative: 30m
# -- set conditional settings
# Primarily designed for inclusion in the TrueNAS SCALE GUI
conditional:
rewrite: []
# - in: something.com
# out: somethingelse.com
mapping: []
# - domain: something.com
# dnsserver: 192.168.178.1
# -- set blocking settings using Lists
# Primarily designed for inclusion in the TrueNAS SCALE GUI
blocking:
# -- Sets the blocktype
blockType: nxDomain
# -- Sets the block ttl
blockTTL: 6h
# -- Sets the block refreshPeriod
refreshPeriod: 4h
# -- Sets the block download timeout
downloadTimeout: 60s
# -- Sets the block download attempt count
downloadAttempts: 3
# -- Sets the block download cooldown
downloadCooldown: 2s
# -- Set to fail start of lists cannot be downloaded
failStartOnListError: false
# -- Sets how many list-groups can be processed at the same time
processingConcurrency: 4
# -- Add blocky whitelists
whitelist: []
# - name: ads
# lists:
# - https://someurl.com/list.txt
# - /somefile.txt
# -- Blocky blacklists
blacklist: []
# - name: ads
# lists:
# - https://someurl.com/list.txt
# - /somefile.txt
# -- Blocky clientGroupsBlock
clientGroupsBlock: []
# - name: default
# groups:
# - ads
# -- configure using hostsfile for lookups
# Allows for using the hosts configured in kubernetes and such
hostsFile:
enabled: false
filePath: /etc/hosts
hostsTTL: 60m
refreshPeriod: 30m
## TODO: add this with postgresql support as well
# queryLog:
# type: csv
# target: /logs
# logRetentionDays: 0
# creationAttempts: 3
# CreationCooldown: 2
portal:
enabled: true
serviceAccount:
main:
# -- Specifies whether a service account should be created
enabled: true
# -- Create a ClusterRole and ClusterRoleBinding
# @default -- See below
rbac:
main:
# -- Enables or disables the ClusterRole and ClusterRoleBinding
enabled: true
# -- Set Rules on the ClusterRole
rules:
- apiGroups:
- ""
resources:
- services
- namespaces
verbs:
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
verbs:
- list
- watch
k8sgateway:
enabled: true
# -- TTL for non-apex responses (in seconds)
ttl: 300
# -- Limit what kind of resources to watch, e.g. watchedResources: ["Ingress"]
watchedResources: []
# -- Service name of a secondary DNS server (should be `serviceName.namespace`)
secondary: ""
# -- Override the default `serviceName.namespace` domain apex
apex: ""
# -- list of processed domains
domains: []
# -- Delegated domain
# - domain: "example.com"
# # -- Optional configuration option for DNS01 challenge that will redirect all acme
# # challenge requests to external cloud domain (e.g. managed by cert-manager)
# # See: https://cert-manager.io/docs/configuration/acme/dns01/
# dnsChallenge:
# enabled: false
# domain: dns01.clouddns.com
forward:
enabled: false
primary: tls://1.1.1.1
secondary: tls://1.0.0.1
options:
- name: tls_servername
value: cloudflare-dns.com
unbound:
enabled: false
redis:
enabled: true
existingSecret: "rediscreds"

3269
incubator/blocky/0.0.1/questions.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

200
incubator/blocky/0.0.1/templates/_blockyConfig.tpl Normal file
View File

@ -0,0 +1,200 @@
{{/* Define the config */}}
{{- define "blocky.configmap" -}}
{{- $configName := printf "%s-config" (include "tc.common.names.fullname" .) }}
{{- $config := merge ( include "blocky.config" . | fromYaml ) ( .Values.blockyConfig ) }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $configName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
data:
tc-config.yaml: |
{{ $config | toYaml | indent 6 }}
{{- end -}}
{{- define "blocky.config" -}}
redis:
address: {{ printf "%v-%v" .Release.Name "redis" }}:6379
password: {{ .Values.redis.redisPassword | trimAll "\"" }}
database: 0
required: true
connectionAttempts: 10
connectionCooldown: 3s
{{- if .Values.blocky.enablePrometheus }}
prometheus:
enable: true
path: /metrics
{{- end }}
upstream:
default:
{{- .Values.defaultUpstreams | toYaml | nindent 8 }}
{{- if .Values.certFile }}
certFile: {{ .Values.certFile }}
{{- end }}
{{- if .Values.keyFile }}
keyFile: {{ .Values.keyFile }}
{{- end }}
{{- if .Values.logLevel }}
logLevel: {{ .Values.logLevel }}
{{- end }}
{{- if .Values.logTimestamp }}
logTimestamp: {{ .Values.logTimestamp }}
{{- end }}
{{- if .Values.logPrivacy }}
logPrivacy: {{ .Values.logPrivacy }}
{{- end }}
{{- if .Values.dohUserAgent }}
dohUserAgent: {{ .Values.dohUserAgent }}
{{- end }}
{{- if .Values.minTlsServeVersion }}
minTlsServeVersion: {{ .Values.minTlsServeVersion }}
{{- end }}
caching:
{{ toYaml .Values.caching | indent 2 }}
{{- if .Values.hostsFile.enabled }}
{{ $hostsfile := omit .Values.hostsFile "enabled" }}
hostsFile:
{{ toYaml $hostsfile | indent 2 }}
{{- end }}
{{- range $id, $value := .Values.upstreams }}
{{ $value.name }}:
{{- $value.dnsservers | toYaml | nindent 8 }}
{{- end }}
{{- if or .Values.bootstrapDns.upstream .Values.bootstrapDns.ips }}
bootstrapDns:
{{- if .Values.bootstrapDns.upstream }}
upstream: {{ .Values.bootstrapDns.upstream }}
{{- end }}
{{- if .Values.bootstrapDns.ips }}
ips:
{{- range $id, $value := .Values.bootstrapDns.ips }}
- {{ $value }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.filtering.filtering }}
filtering:
{{- if .Values.filtering.ips }}
queryTypes:
{{- range $id, $value := .Values.filtering.ips }}
- {{ $value }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.customDNS.filterUnmappedTypes .Values.customDNS.customTTL .Values.customDNS.rewrite .Values.customDNS.mapping }}
customDNS:
{{- if .Values.customDNS.upstream }}
upstream: {{ .Values.customDNS.upstream }}
{{- end }}
{{- if .Values.customDNS.customTTL }}
customTTL: {{ .Values.customDNS.customTTL }}
{{- end }}
{{- if .Values.customDNS.rewrite }}
rewrite:
{{- range $id, $value := .Values.customDNS.rewrite }}
{{ $value.in }}: {{ $value.out }}
{{- end }}
{{- end }}
{{- if .Values.customDNS.mapping }}
mapping:
{{- range $id, $value := .Values.customDNS.mapping }}
{{ $value.domain }}: {{ $value.dnsserver }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.clientLookup.upstream .Values.clientLookup.ips }}
clientLookup:
{{- if .Values.clientLookup.upstream }}
upstream: {{ .Values.clientLookup.upstream }}
{{- end }}
{{- if .Values.clientLookup.ips }}
singleNameOrder:
{{- range $id, $value := .Values.clientLookup.ips }}
- {{ $value }}
{{- end }}
{{- end }}
{{- if .Values.clientLookup.clients }}
clients:
{{- range $id, $value := .Values.clientLookup.clients }}
{{ $value.domain }}:
{{- range $id, $value := .ips }}
- {{ $value }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.conditional.rewrite .Values.conditional.mapping ( and .Values.k8sgateway.enabled .Values.k8sgateway.domains ) }}
conditional:
{{- if .Values.conditional.rewrite }}
rewrite:
{{- range $id, $value := .Values.conditional.rewrite }}
{{ $value.in }}: {{ $value.out }}
{{- end }}
{{- end }}
{{- if or .Values.conditional.mapping ( and .Values.k8sgateway.enabled .Values.k8sgateway.domains ) }}
mapping:
{{- if and .Values.k8sgateway.enabled .Values.k8sgateway.domains }}
{{- range $id, $value := .Values.k8sgateway.domains }}
{{ .domain }}: 127.0.0.1:{{ $.Values.service.k8sgateway.ports.k8sgateway.targetPort }}
{{- end }}
{{- end }}
{{- range $id, $value := .Values.conditional.mapping }}
{{ $value.domain }}: {{ $value.dnsserver }}
{{- end }}
{{- end }}
{{- end }}
blocking:
blockType: {{ .Values.blocking.blockType }}
blockTTL: {{ .Values.blocking.blockTTL }}
refreshPeriod: {{ .Values.blocking.refreshPeriod }}
downloadTimeout: {{ .Values.blocking.downloadTimeout }}
downloadAttempts: {{ .Values.blocking.downloadAttempts }}
downloadCooldown: {{ .Values.blocking.downloadCooldown }}
failStartOnListError: {{ .Values.blocking.failStartOnListError }}
processingConcurrency: {{ .Values.blocking.processingConcurrency }}
{{- if .Values.blocking.whitelist }}
whiteLists:
{{- range $id, $value := .Values.blocking.whitelist }}
{{ $value.name }}:
{{- $value.lists | toYaml | nindent 10 }}
{{- end }}
{{- end }}
{{- if .Values.blocking.blacklist }}
blackLists:
{{- range $id, $value := .Values.blocking.blacklist }}
{{ $value.name }}:
{{- $value.lists | toYaml | nindent 10 }}
{{- end }}
{{- end }}
{{- if .Values.blocking.clientGroupsBlock }}
clientGroupsBlock:
{{- range $id, $value := .Values.blocking.clientGroupsBlock }}
{{ $value.name }}:
{{- $value.groups | toYaml | nindent 10 }}
{{- end }}
{{- end }}
{{- end -}}

107
incubator/blocky/0.0.1/templates/_k8sgateway.tpl Normal file
View File

@ -0,0 +1,107 @@
{{- define "k8sgateway.container" -}}
image: {{ .Values.k8sgatewayImage.repository }}:{{ .Values.k8sgatewayImage.tag }}
imagePullPolicy: {{ .Values.k8sgatewayImage.pullPolicy }}
securityContext:
runAsUser: 0
runAsGroup: 0
readOnlyRootFilesystem: true
runAsNonRoot: false
args: ["-conf", "/etc/coredns/Corefile"]
ports:
- containerPort: {{ .Values.service.k8sgateway.ports.k8sgateway.targetPort }}
name: main
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
readinessProbe:
httpGet:
path: /ready
port: 8181
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
startupProbe:
httpGet:
path: /ready
port: 8181
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
{{- end -}}
{{/*
Create the matchable regex from domain
*/}}
{{- define "k8sgateway.configmap.regex" -}}
{{- if .Values.k8sgateway.domain }}
{{- .Values.k8sgateway.domain | replace "." "[.]" -}}
{{- else -}}
{{ "unset" }}
{{- end }}
{{- end -}}
{{/* Define the configmap */}}
{{- define "k8sgateway.configmap" -}}
{{- $values := .Values.k8sgateway }}
{{- $fqdn := ( include "tc.common.names.fqdn" . ) }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "tc.common.names.fullname" . }}-corefile
labels:
{{- include "tc.common.labels" . | nindent 4 }}
data:
Corefile: |-
.:{{ .Values.service.k8sgateway.ports.k8sgateway.targetPort }} {
errors
log
health {
lameduck 5s
}
ready
{{- range .Values.k8sgateway.domains }}
{{- if .dnsChallenge.enabled }}
template IN ANY {{ required "Delegated domain ('domain') is mandatory " .domain }} {
match "_acme-challenge[.](.*)[.]{{ include "k8sgateway.configmap.regex" . }}"
answer "{{ "{{" }} .Name {{ "}}" }} 5 IN CNAME {{ "{{" }} index .Match 1 {{ "}}" }}.{{ required "DNS01 challenge domain is mandatory " $values.dnsChallenge.domain }}"
fallthrough
}
{{- end }}
k8s_gateway "{{ required "Delegated domain ('domain') is mandatory " .domain }}" {
apex {{ $values.apex | default $fqdn }}
ttl {{ $values.ttl }}
{{- if $values.secondary }}
secondary {{ $values.secondary }}
{{- end }}
{{- if $values.watchedResources }}
resources {{ join " " $values.watchedResources }}
{{- end }}
fallthrough
}
{{- end }}
prometheus 0.0.0.0:9153
{{- if .Values.k8sgateway.forward.enabled }}
forward . {{ .Values.k8sgateway.forward.primary }} {{ .Values.k8sgateway.forward.secondary }} {
{{- range .Values.k8sgateway.forward.options }}
{{ .name }} {{ .value }}
{{- end }}
}
{{- else }}
forward . 1.1.1.1
{{- end }}
loop
reload
loadbalance
}
{{- end -}}

36
incubator/blocky/0.0.1/templates/_webui.tpl Normal file
View File

@ -0,0 +1,36 @@
{{- define "blocky.frontend" -}}
image: {{ .Values.WebUIImage.repository }}:{{ .Values.WebUIImage.tag }}
imagePullPolicy: {{ .Values.WebUIImage.pullPolicy }}
securityContext:
runAsUser: 568
runAsGroup: 568
readOnlyRootFilesystem: true
runAsNonRoot: true
ports:
- containerPort: {{ .Values.service.main.ports.main.targetPort }}
name: main
readinessProbe:
httpGet:
path: /
port: {{ .Values.service.main.ports.main.targetPort }}
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
livenessProbe:
httpGet:
path: /
port: {{ .Values.service.main.ports.main.targetPort }}
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
startupProbe:
httpGet:
path: /
port: {{ .Values.service.main.ports.main.targetPort }}
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
{{- end -}}

50
incubator/blocky/0.0.1/templates/common.yaml Normal file
View File

@ -0,0 +1,50 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{ include "blocky.configmap" . }}
{{/* Always mount the configmap, with the basic config, plus the 'blockyConfig' */}}
{{- define "blocky.configmap.mount" -}}
enabled: true
type: custom
mountPath: /app/config/tc-config.yaml
subPath: tc-config.yaml
readOnly: true
volumeSpec:
configMap:
name: '{{ printf "%s-config" (include "tc.common.names.fullname" .) }}'
{{- end -}}
{{/* Append the general configMap volume to the volumes */}}
{{- define "k8sgateway.configvolume" -}}
enabled: "true"
mountPath: "/etc/coredns"
readOnly: true
type: "custom"
volumeSpec:
configMap:
name: {{ include "tc.common.names.fullname" . }}-corefile
items:
- key: Corefile
path: Corefile
{{- end -}}
{{- $_ := set .Values.persistence "tc-config" (include "blocky.configmap.mount" . | fromYaml) -}}
{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
{{- $_ := set .Values.podAnnotations "prometheus.io/port" (.Values.service.main.ports.main.targetPort | quote) -}}
{{- if .Values.blocky.enableWebUI -}}
{{- $_ := set .Values.additionalContainers "frontend" (include "blocky.frontend" . | fromYaml) -}}
{{- end -}}
{{- if and .Values.k8sgateway.enabled .Values.k8sgateway.domains -}}
{{- include "k8sgateway.configmap" . }}
{{- $_ := set .Values.persistence "config-volume" (include "k8sgateway.configvolume" . | fromYaml) -}}
{{- $_ := set .Values.additionalContainers "k8sgateway" (include "k8sgateway.container" . | fromYaml) -}}
{{- end -}}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}

0
incubator/blocky/0.0.1/values.yaml Normal file
View File

4
incubator/blocky/item.yaml Normal file
View File

@ -0,0 +1,4 @@
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/blocky.png
categories:
- network