truecharts.local
/
catalog
mirror of https://github.com/truecharts/catalog.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Commit new Chart releases for TrueCharts 

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot 2024-03-17 20:47:26 +00:00
parent 951d2b6312
commit ff048ae0ba
11323 changed files with 186321 additions and 120277 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
incubator/atuin/2.3.1/CHANGELOG.md
View File

@ -14,6 +14,19 @@ title: Changelog
- update ignored updates to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19433](https://github.com/truecharts/charts/issues/19433))
- lock file maintenance ignored by renovate ([#19370](https://github.com/truecharts/charts/issues/19370))
- update ignored by renovate (patch) ([#19333](https://github.com/truecharts/charts/issues/19333))
## [atuin-2.3.1](https://github.com/truecharts/charts/compare/atuin-2.1.2...atuin-2.3.1) (2024-03-17)
### Chore
- update ignored updates to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19433](https://github.com/truecharts/charts/issues/19433))
- lock file maintenance ignored by renovate ([#19370](https://github.com/truecharts/charts/issues/19370))
@ -84,16 +97,4 @@ title: Changelog
- lock file maintenance ignored by renovate ([#19370](https://github.com/truecharts/charts/issues/19370))
- update ignored by renovate (patch) ([#19333](https://github.com/truecharts/charts/issues/19333))
## [atuin-2.3.0](https://github.com/truecharts/charts/compare/atuin-2.1.2...atuin-2.3.0) (2024-03-17)
### Chore
- lock file maintenance ignored by renovate ([#19370](https://github.com/truecharts/charts/issues/19370))
- update ignored by renovate (patch) ([#19333](https://github.com/truecharts/charts/issues/19333))
- update ignored by renovate (patch) ([#19333](https://github.com/truecharts/charts/issues/19333))

26
premium/authelia/23.6.0/CHANGELOG.md
View File

@ -1,26 +0,0 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [authelia-23.6.0](https://github.com/truecharts/charts/compare/authelia-23.5.5...authelia-23.6.0) (2024-03-16)
### Chore
- update container image common to v20.1.5[@dc867e0](https://github.com/dc867e0) by renovate ([#19210](https://github.com/truecharts/charts/issues/19210))
## [authelia-23.5.5](https://github.com/truecharts/charts/compare/authelia-23.5.4...authelia-23.5.5) (2024-03-16)
### Chore
- rename `enterprise`- train to `premium`-train

54
premium/authelia/23.6.0/Chart.yaml
View File

@ -1,54 +0,0 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: security
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.12"
truecharts.org/train: premium
apiVersion: v2
appVersion: 4.37.5
dependencies:
- name: common
version: 20.1.5
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
- name: redis
version: 13.0.3
repository: oci://tccr.io/truecharts
condition: redis.enabled
alias: ""
tags: []
import-values: []
deprecated: false
description: Authelia is a Single Sign-On Multi-Factor portal for web apps
home: https://truecharts.org/charts/premium/authelia
icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
keywords:
- authelia
- authentication
- login
- SSO
- Authentication
- Security
- Two-Factor
- U2F
- YubiKey
- Push Notifications
- LDAP
kubeVersion: '>=1.24.0-0'
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: authelia
sources:
- https://github.com/authelia/chartrepo
- https://github.com/authelia/authelia
- https://github.com/truecharts/charts/tree/master/charts/premium/authelia
- https://ghcr.io/authelia/authelia
type: application
version: 23.6.0

BIN
premium/authelia/23.6.0/charts/common-20.1.5.tgz
View File

Binary file not shown.

BIN
premium/authelia/23.6.0/charts/redis-13.0.3.tgz
View File

Binary file not shown.

582
premium/authelia/23.6.0/ix_values.yaml
View File

@ -1,582 +0,0 @@
image:
repository: ghcr.io/authelia/authelia
pullPolicy: IfNotPresent
tag: 4.37.5@sha256:25fc5423238b6f3a1fc967fda3f6a9212846aeb4a720327ef61c8ccff52dbbe2
manifestManager:
enabled: true
workload:
main:
replicas: 2
strategy: RollingUpdate
podSpec:
containers:
main:
command:
- authelia
args:
- --config=/configuration.yaml
envFrom:
- configMapRef:
name: authelia-paths
probes:
liveness:
type: http
path: "/api/health"
readiness:
type: http
path: "/api/health"
startup:
type: http
path: "/api/health"
service:
main:
ports:
main:
port: 9091
targetPort: 9091
persistence:
config:
enabled: true
mountPath: "/config"
cnpg:
main:
enabled: true
user: authelia
database: authelia
# Enabled redis
# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
redis:
enabled: true
domain: example.com
##
## Server Configuration
##
server:
##
## Port sets the configured port for the daemon, service, and the probes.
## Default is 9091 and should not need to be changed.
##
port: 9091
## Buffers usually should be configured to be the same value.
## Explanation at https://www.authelia.com/docs/configuration/server.html
## Read buffer size adjusts the server's max incoming request size in bytes.
## Write buffer size does the same for outgoing responses.
read_buffer_size: 4096
write_buffer_size: 4096
## Set the single level path Authelia listens on.
## Must be alphanumeric chars and should not contain any slashes.
path: ""
log:
## Level of verbosity for logs: info, debug, trace.
level: trace
## Format the logs are written as: json, text.
format: text
## TODO: Statefulness check should check if this is set, and the configMap should enable it.
## File path where the logs will be written. If not set logs are written to stdout.
# file_path: /config/authelia.log
## Default redirection URL
##
## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
## in such a case.
##
## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
## Default is https://www.<domain> (value at the top of the values.yaml).
default_redirection_url: ""
# default_redirection_url: https://example.com
theme: light
##
## TOTP Configuration
##
## Parameters used for TOTP generation
totp:
## The issuer name displayed in the Authenticator application of your choice
## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
## Defaults to <domain>.
issuer: ""
## The period in seconds a one-time password is current for. Changing this will require all users to register
## their TOTP applications again. Warning: before changing period read the docs link below.
period: 30
## The skew controls number of one-time passwords either side of the current one that are valid.
## Warning: before changing skew read the docs link below.
## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
skew: 1
##
## Password Policy Config
##
## Parameters used for Password Policies
password_policy:
## See: https://www.authelia.com/configuration/security/password-policy/
standard:
enabled: false
min_length: 8
max_length: 0
require_uppercase: false
require_lowercase: false
require_number: false
require_special: false
zxcvbn:
## See https://www.authelia.com/configuration/security/password-policy/#zxcvbn for more info
enabled: false
min_score: 3
##
## Duo Push API Configuration
##
## Parameters used to contact the Duo API. Those are generated when you protect an application of type
## "Partner Auth API" in the management panel.
duo_api:
enabled: false
hostname: api-123456789.example.com
integration_key: ABCDEF
plain_api_key: ""
## NTP settings
ntp:
address: "time.cloudflare.com:123"
version: 4
max_desync: 3s
disable_startup_check: false
disable_failure: true
##
## Authentication Backend Provider Configuration
##
## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
##
## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
authentication_backend:
## Disable both the HTML element and the API for reset password functionality
disable_reset_password: false
## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
## See the below documentation for more information.
## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
refresh_interval: 5m
## LDAP backend configuration.
##
## This backend allows Authelia to be scaled to more
## than one instance and therefore is recommended for
## production.
ldap:
## Enable LDAP Backend.
enabled: false
## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
## Acceptable options are as follows:
## - 'activedirectory' - For Microsoft Active Directory.
## - 'custom' - For custom specifications of attributes and filters.
## This currently defaults to 'custom' to maintain existing behaviour.
##
## Depending on the option here certain other values in this section have a default value, notably all of the
## attribute mappings have a default value that this config overrides, you can read more about these default values
## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
implementation: activedirectory
## The url to the ldap server. Format: <scheme>://<address>[:<port>].
## Scheme can be ldap or ldaps in the format (port optional).
url: ldap://openldap.default.svc.cluster.local
## Connection Timeout.
timeout: 5s
## Use StartTLS with the LDAP connection.
start_tls: false
tls:
## Server Name for certificate validation (in case it's not set correctly in the URL).
server_name: ""
## Skip verifying the server certificate (to allow a self-signed certificate).
## In preference to setting this we strongly recommend you add the public portion of the certificate to the
## certificates directory which is defined by the `certificates_directory` option at the top of the config.
skip_verify: false
## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
minimum_version: TLS1.2
## The base dn for every LDAP query.
base_dn: DC=example,DC=com
## The attribute holding the username of the user. This attribute is used to populate the username in the session
## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
username_attribute: "uid"
## An additional dn to define the scope to all users.
additional_users_dn: OU=Users
## The users filter used in search queries to find the user profile based on input filled in login form.
## Various placeholders are available in the user filter:
## - {input} is a placeholder replaced by what the user inputs in the login form.
## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
## versions, so please don't use it.
##
## Recommended settings are as follows:
## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
## - OpenLDAP:
## - (&({username_attribute}={input})(objectClass=person))
## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
##
## To allow sign in both with username and email, one can use a filter like
## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
users_filter: ""
## An additional dn to define the scope of groups.
additional_groups_dn: OU=Groups
## The groups filter used in search queries to find the groups of the user.
## - {input} is a placeholder replaced by what the user inputs in the login form.
## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
## versions, so please don't use it.
## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
## later version, so please don't use it.
##
## If your groups use the `groupOfUniqueNames` structure use this instead:
## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
groups_filter: ""
## The attribute holding the name of the group
group_name_attribute: "cn"
## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
## first one returned by the LDAP server is used.
mail_attribute: "mail"
## The attribute holding the display name of the user. This will be used to greet an authenticated user.
display_name_attribute: "displayname"
## The username of the admin user.
user: CN=admin,DC=example,DC=com
plain_password: ""
##
## File (Authentication Provider)
##
## With this backend, the users database is stored in a file which is updated when users reset their passwords.
## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
## implications it is highly recommended you leave the default values. Before considering changing these settings
## please read the docs page below:
## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
##
## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
##
file:
enabled: true
path: /config/users_database.yml
password:
algorithm: argon2id
iterations: 1
key_length: 32
salt_length: 16
memory: 1024
parallelism: 8
##
## Access Control Configuration
##
## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
##
## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
## to anyone. Otherwise restrictions follow the rules defined.
##
## Note: One can use the wildcard * to match any subdomain.
## It must stand at the beginning of the pattern. (example: *.mydomain.com)
##
## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
##
## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
##
## - 'domain' defines which domain or set of domains the rule applies to.
##
## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
## provided. If provided, the parameter represents either a user or a group. It should be of the form
## 'user:<username>' or 'group:<groupname>'.
##
## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
##
## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
## is optional and matches any resource if not provided.
##
## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
access_control:
## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
## resource if there is no policy to be applied to the user.
default_policy: deny
networks_access_control: []
# networks_access_control:
# - name: private
# networks:
# - 10.0.0.0/8
# - 172.16.0.0/12
# - 192.168.0.0/16
# - name: vpn
# networks:
# - 10.9.0.0/16
rules: []
# rules:
# - domain: public.example.com
# policy: bypass
# - domain: "*.example.com"
# policy: bypass
# methods:
# - OPTIONS
# - domain: secure.example.com
# policy: one_factor
# networks:
# - private
# - vpn
# - 192.168.1.0/24
# - 10.0.0.1
# - domain:
# - secure.example.com
# - private.example.com
# policy: two_factor
# - domain: singlefactor.example.com
# policy: one_factor
# - domain: "mx2.mail.example.com"
# subject: "group:admins"
# policy: deny
# - domain: "*.example.com"
# subject:
# - "group:admins"
# - "group:moderators"
# policy: two_factor
# - domain: dev.example.com
# resources:
# - "^/groups/dev/.*$"
# subject: "group:dev"
# policy: two_factor
# - domain: dev.example.com
# resources:
# - "^/users/john/.*$"
# subject:
# - ["group:dev", "user:john"]
# - "group:admins"
# policy: two_factor
# - domain: "{user}.example.com"
# policy: bypass
##
## Session Provider Configuration
##
## The session cookies identify the user once logged in.
## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
session:
## The name of the session cookie. (default: authelia_session).
name: authelia_session
## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
## Please read https://www.authelia.com/docs/configuration/session.html#same_site
same_site: lax
## The time in seconds before the cookie expires and session is reset.
expiration: 1h
## The inactivity time in seconds before the session is reset.
inactivity: 5m
## The remember me duration.
## Value is in seconds, or duration notation. Value of 0 disables remember me.
## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
## spy or attack. Currently the default is 1M or 1 month.
remember_me_duration: 1M
##
## Redis Provider
##
## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
##
## The redis connection details
redisProvider:
port: 6379
## Optional username to be used with authentication.
# username: authelia
username: ""
## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
database_index: 0
## The maximum number of concurrent active connections to Redis.
maximum_active_connections: 8
## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
minimum_idle_connections: 0
## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
tls:
enabled: false
## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
server_name: ""
## Skip verifying the server certificate (to allow a self-signed certificate).
## In preference to setting this we strongly recommend you add the public portion of the certificate to the
## certificates directory which is defined by the `certificates_directory` option at the top of the config.
skip_verify: false
## Minimum TLS version for the connection.
minimum_version: TLS1.2
## The Redis HA configuration options.
## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
high_availability:
enabled: false
enabledSecret: false
## Sentinel Name / Master Name
sentinel_name: mysentinel
## The additional nodes to pre-seed the redis provider with (for sentinel).
## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
## For high availability to be used you must have either defined; the host above or at least one node below.
nodes: []
# nodes:
# - host: sentinel-0.databases.svc.cluster.local
# port: 26379
# - host: sentinel-1.databases.svc.cluster.local
# port: 26379
## Choose the host with the lowest latency.
route_by_latency: false
## Choose the host randomly.
route_randomly: false
##
## Regulation Configuration
##
## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
## in a short period of time.
regulation:
## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
max_retries: 3
## The time range during which the user can attempt login before being banned. The user is banned if the
## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
find_time: 2m
## The length of time before a banned user can login again. Ban Time accepts duration notation.
## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
ban_time: 5m
##
## Storage Provider Configuration
##
## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
storage:
##
## PostgreSQL (Storage Provider)
##
postgres:
port: 5432
database: authelia
username: authelia
sslmode: disable
timeout: 5s
##
## Notification Provider
##
##
## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
## The available providers are: filesystem, smtp. You must use one and only one of these providers.
notifier:
## You can disable the notifier startup check by setting this to true.
disable_startup_check: false
##
## File System (Notification Provider)
##
## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
##
filesystem:
enabled: true
filename: /config/notification.txt
##
## SMTP (Notification Provider)
##
## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
## [Security] By default Authelia will:
## - force all SMTP connections over TLS including unauthenticated connections
## - use the disable_require_tls boolean value to disable this requirement
## (only works for unauthenticated connections)
## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
## (configure in tls section)
smtp:
enabled: false
enabledSecret: false
host: smtp.mail.svc.cluster.local
port: 25
timeout: 5s
username: test
plain_password: test
sender: admin@example.com
## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
identifier: localhost
## Subject configuration of the emails sent.
## {title} is replaced by the text from the notifier
subject: "[Authelia] {title}"
## This address is used during the startup check to verify the email configuration is correct.
## It's not important what it is except if your email server only allows local delivery.
startup_check_address: test@authelia.com
disable_require_tls: false
disable_html_emails: false
tls:
## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
server_name: ""
## Skip verifying the server certificate (to allow a self-signed certificate).
## In preference to setting this we strongly recommend you add the public portion of the certificate to the
## certificates directory which is defined by the `certificates_directory` option at the top of the config.
skip_verify: false
## Minimum TLS version for either StartTLS or SMTPS.
minimum_version: TLS1.2
identity_providers:
oidc:
## Enables this in the config map. Currently in beta stage.
## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
enabled: false
access_token_lifespan: 1h
authorize_code_lifespan: 1m
id_token_lifespan: 1h
refresh_token_lifespan: 90m
enable_client_debug_messages: false
## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
## security reasons.
minimum_parameter_entropy: 8
clients: []
# clients:
# -
## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
# id: myapp
## The description to show to users when they end up on the consent screen. Defaults to the ID above.
# description: My Application
## The client secret is a shared secret between Authelia and the consumer of this client.
# secret: apple123
## Sets the client to public. This should typically not be set, please see the documentation for usage.
# public: false
## The policy to require for this client; one_factor or two_factor.
# authorization_policy: two_factor
## Configures the consent mode; auto, explicit or implicit
# consent_mode: auto
## Audience this client is allowed to request.
# audience: []
## Scopes this client is allowed to request.
# scopes:
# - openid
# - profile
# - email
# - groups
## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
# redirect_uris:
# - https://oidc.example.com/oauth2/callback
## Grant Types configures which grants this client can obtain.
## It's not recommended to configure this unless you know what you're doing.
# grant_types:
# - refresh_token
# - authorization_code
## Response Types configures which responses this client can be sent.
## It's not recommended to configure this unless you know what you're doing.
# response_types:
# - code
## Response Modes configures which response modes this client supports.
## It's not recommended to configure this unless you know what you're doing.
# response_modes:
# - form_post
# - query
# - fragment
## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
# userinfo_signing_algorithm: none
portal:
open:
enabled: true
ingress:
main:
required: true

0
premium/authelia/23.6.0/.helmignore → premium/authelia/23.8.2/.helmignore
View File

100
premium/authelia/23.8.2/CHANGELOG.md Normal file
View File

@ -0,0 +1,100 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [authelia-23.8.2](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.8.2) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image ghcr.io/authelia/authelia to v4.38.3[@2405f5c](https://github.com/2405f5c) by renovate ([#19415](https://github.com/truecharts/charts/issues/19415))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
- update container image ghcr.io/authelia/authelia to v4.38.2[@a1a2d1b](https://github.com/a1a2d1b) by renovate ([#19338](https://github.com/truecharts/charts/issues/19338))
## [authelia-23.8.1](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.8.1) (2024-03-17)
### Chore
- update container image ghcr.io/authelia/authelia to v4.38.3[@2405f5c](https://github.com/2405f5c) by renovate ([#19415](https://github.com/truecharts/charts/issues/19415))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
- update container image ghcr.io/authelia/authelia to v4.38.2[@a1a2d1b](https://github.com/a1a2d1b) by renovate ([#19338](https://github.com/truecharts/charts/issues/19338))
## [authelia-23.8.1](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.8.1) (2024-03-17)
### Chore
- update container image ghcr.io/authelia/authelia to v4.38.3[@2405f5c](https://github.com/2405f5c) by renovate ([#19415](https://github.com/truecharts/charts/issues/19415))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
- update container image ghcr.io/authelia/authelia to v4.38.2[@a1a2d1b](https://github.com/a1a2d1b) by renovate ([#19338](https://github.com/truecharts/charts/issues/19338))
## [authelia-23.8.1](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.8.1) (2024-03-17)
### Chore
- update container image ghcr.io/authelia/authelia to v4.38.3[@2405f5c](https://github.com/2405f5c) by renovate ([#19415](https://github.com/truecharts/charts/issues/19415))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
- update container image ghcr.io/authelia/authelia to v4.38.2[@a1a2d1b](https://github.com/a1a2d1b) by renovate ([#19338](https://github.com/truecharts/charts/issues/19338))
## [authelia-23.8.1](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.8.1) (2024-03-17)
### Chore
- update container image ghcr.io/authelia/authelia to v4.38.3[@2405f5c](https://github.com/2405f5c) by renovate ([#19415](https://github.com/truecharts/charts/issues/19415))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
- update container image ghcr.io/authelia/authelia to v4.38.2[@a1a2d1b](https://github.com/a1a2d1b) by renovate ([#19338](https://github.com/truecharts/charts/issues/19338))
## [authelia-23.8.1](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.8.1) (2024-03-17)
### Chore
- update container image ghcr.io/authelia/authelia to v4.38.3[@2405f5c](https://github.com/2405f5c) by renovate ([#19415](https://github.com/truecharts/charts/issues/19415))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
- update container image ghcr.io/authelia/authelia to v4.38.2[@a1a2d1b](https://github.com/a1a2d1b) by renovate ([#19338](https://github.com/truecharts/charts/issues/19338))

54
premium/authelia/23.8.2/Chart.yaml Normal file
View File

@ -0,0 +1,54 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: security
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.11"
truecharts.org/train: premium
apiVersion: v2
appVersion: 4.38.3
dependencies:
- name: common
version: 20.2.2
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
- name: redis
version: 13.0.5
repository: oci://tccr.io/truecharts
condition: redis.enabled
alias: ""
tags: []
import-values: []
deprecated: false
description: Authelia is a Single Sign-On Multi-Factor portal for web apps
home: https://truecharts.org/charts/premium/authelia
icon: https://truecharts.org/img/hotlink-ok/chart-icons/authelia.png
keywords:
- authelia
- authentication
- login
- SSO
- Authentication
- Security
- Two-Factor
- U2F
- YubiKey
- Push Notifications
- LDAP
kubeVersion: '>=1.24.0-0'
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: authelia
sources:
- https://github.com/authelia/chartrepo
- https://github.com/authelia/authelia
- https://github.com/truecharts/charts/tree/master/charts/premium/authelia
- https://ghcr.io/authelia/authelia
type: application
version: 23.8.2

0
premium/authelia/23.6.0/LICENSE → premium/authelia/23.8.2/LICENSE
View File

0
premium/authelia/23.6.0/README.md → premium/authelia/23.8.2/README.md
View File

17
premium/authelia/23.8.2/app-changelog.md Normal file
View File

@ -0,0 +1,17 @@
## [authelia-23.8.2](https://github.com/truecharts/charts/compare/authelia-23.6.0...authelia-23.8.2) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image ghcr.io/authelia/authelia to v4.38.3[@2405f5c](https://github.com/2405f5c) by renovate ([#19415](https://github.com/truecharts/charts/issues/19415))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
- update container image ghcr.io/authelia/authelia to v4.38.2[@a1a2d1b](https://github.com/a1a2d1b) by renovate ([#19338](https://github.com/truecharts/charts/issues/19338))

0
premium/authelia/23.6.0/app-readme.md → premium/authelia/23.8.2/app-readme.md
View File

BIN
premium/authelia/23.8.2/charts/common-20.2.2.tgz Normal file
View File

Binary file not shown.

0
stable/anonaddy/20.11.1/charts/redis-13.0.5.tgz → premium/authelia/23.8.2/charts/redis-13.0.5.tgz
View File

582
premium/authelia/23.8.2/ix_values.yaml Normal file
View File

@ -0,0 +1,582 @@
image:
repository: ghcr.io/authelia/authelia
pullPolicy: IfNotPresent
tag: 4.38.3@sha256:2405f5c923edb14c2b83d30315ec584f99cabffd79da91d8a990711a3cf1ab6c
manifestManager:
enabled: true
workload:
main:
replicas: 2
strategy: RollingUpdate
podSpec:
containers:
main:
command:
- authelia
args:
- --config=/configuration.yaml
envFrom:
- configMapRef:
name: authelia-paths
probes:
liveness:
type: http
path: "/api/health"
readiness:
type: http
path: "/api/health"
startup:
type: http
path: "/api/health"
service:
main:
ports:
main:
port: 9091
targetPort: 9091
persistence:
config:
enabled: true
mountPath: "/config"
cnpg:
main:
enabled: true
user: authelia
database: authelia
# Enabled redis
# ... for more options see https://github.com/tccr.io/truecharts/charts/tree/master/tccr.io/truecharts/redis
redis:
enabled: true
domain: example.com
##
## Server Configuration
##
server:
##
## Port sets the configured port for the daemon, service, and the probes.
## Default is 9091 and should not need to be changed.
##
port: 9091
## Buffers usually should be configured to be the same value.
## Explanation at https://www.authelia.com/docs/configuration/server.html
## Read buffer size adjusts the server's max incoming request size in bytes.
## Write buffer size does the same for outgoing responses.
read_buffer_size: 4096
write_buffer_size: 4096
## Set the single level path Authelia listens on.
## Must be alphanumeric chars and should not contain any slashes.
path: ""
log:
## Level of verbosity for logs: info, debug, trace.
level: trace
## Format the logs are written as: json, text.
format: text
## TODO: Statefulness check should check if this is set, and the configMap should enable it.
## File path where the logs will be written. If not set logs are written to stdout.
# file_path: /config/authelia.log
## Default redirection URL
##
## If user tries to authenticate without any referer, Authelia does not know where to redirect the user to at the end
## of the authentication process. This parameter allows you to specify the default redirection URL Authelia will use
## in such a case.
##
## Note: this parameter is optional. If not provided, user won't be redirected upon successful authentication.
## Default is https://www.<domain> (value at the top of the values.yaml).
default_redirection_url: ""
# default_redirection_url: https://example.com
theme: light
##
## TOTP Configuration
##
## Parameters used for TOTP generation
totp:
## The issuer name displayed in the Authenticator application of your choice
## See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
## Defaults to <domain>.
issuer: ""
## The period in seconds a one-time password is current for. Changing this will require all users to register
## their TOTP applications again. Warning: before changing period read the docs link below.
period: 30
## The skew controls number of one-time passwords either side of the current one that are valid.
## Warning: before changing skew read the docs link below.
## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
skew: 1
##
## Password Policy Config
##
## Parameters used for Password Policies
password_policy:
## See: https://www.authelia.com/configuration/security/password-policy/
standard:
enabled: false
min_length: 8
max_length: 0
require_uppercase: false
require_lowercase: false
require_number: false
require_special: false
zxcvbn:
## See https://www.authelia.com/configuration/security/password-policy/#zxcvbn for more info
enabled: false
min_score: 3
##
## Duo Push API Configuration
##
## Parameters used to contact the Duo API. Those are generated when you protect an application of type
## "Partner Auth API" in the management panel.
duo_api:
enabled: false
hostname: api-123456789.example.com
integration_key: ABCDEF
plain_api_key: ""
## NTP settings
ntp:
address: "time.cloudflare.com:123"
version: 4
max_desync: 3s
disable_startup_check: false
disable_failure: true
##
## Authentication Backend Provider Configuration
##
## Used for verifying user passwords and retrieve information such as email address and groups users belong to.
##
## The available providers are: `file`, `ldap`. You must use one and only one of these providers.
authentication_backend:
## Disable both the HTML element and the API for reset password functionality
disable_reset_password: false
## The amount of time to wait before we refresh data from the authentication backend. Uses duration notation.
## To disable this feature set it to 'disable', this will slightly reduce security because for Authelia, users will
## always belong to groups they belonged to at the time of login even if they have been removed from them in LDAP.
## To force update on every request you can set this to '0' or 'always', this will increase processor demand.
## See the below documentation for more information.
## Duration Notation docs: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
## Refresh Interval docs: https://www.authelia.com/docs/configuration/authentication/ldap.html#refresh-interval
refresh_interval: 5m
## LDAP backend configuration.
##
## This backend allows Authelia to be scaled to more
## than one instance and therefore is recommended for
## production.
ldap:
## Enable LDAP Backend.
enabled: false
## The LDAP implementation, this affects elements like the attribute utilised for resetting a password.
## Acceptable options are as follows:
## - 'activedirectory' - For Microsoft Active Directory.
## - 'custom' - For custom specifications of attributes and filters.
## This currently defaults to 'custom' to maintain existing behaviour.
##
## Depending on the option here certain other values in this section have a default value, notably all of the
## attribute mappings have a default value that this config overrides, you can read more about these default values
## at https://www.authelia.com/docs/configuration/authentication/ldap.html#defaults
implementation: activedirectory
## The url to the ldap server. Format: <scheme>://<address>[:<port>].
## Scheme can be ldap or ldaps in the format (port optional).
url: ldap://openldap.default.svc.cluster.local
## Connection Timeout.
timeout: 5s
## Use StartTLS with the LDAP connection.
start_tls: false
tls:
## Server Name for certificate validation (in case it's not set correctly in the URL).
server_name: ""
## Skip verifying the server certificate (to allow a self-signed certificate).
## In preference to setting this we strongly recommend you add the public portion of the certificate to the
## certificates directory which is defined by the `certificates_directory` option at the top of the config.
skip_verify: false
## Minimum TLS version for either Secure LDAP or LDAP StartTLS.
minimum_version: TLS1.2
## The base dn for every LDAP query.
base_dn: DC=example,DC=com
## The attribute holding the username of the user. This attribute is used to populate the username in the session
## information. It was introduced due to #561 to handle case insensitive search queries. For you information,
## Microsoft Active Directory usually uses 'sAMAccountName' and OpenLDAP usually uses 'uid'. Beware that this
## attribute holds the unique identifiers for the users binding the user and the configuration stored in database.
## Therefore only single value attributes are allowed and the value must never be changed once attributed to a user
## otherwise it would break the configuration for that user. Technically, non-unique attributes like 'mail' can also
## be used but we don't recommend using them, we instead advise to use the attributes mentioned above
## (sAMAccountName and uid) to follow https://www.ietf.org/rfc/rfc2307.txt.
username_attribute: "uid"
## An additional dn to define the scope to all users.
additional_users_dn: OU=Users
## The users filter used in search queries to find the user profile based on input filled in login form.
## Various placeholders are available in the user filter:
## - {input} is a placeholder replaced by what the user inputs in the login form.
## - {username_attribute} is a mandatory placeholder replaced by what is configured in `username_attribute`.
## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
## versions, so please don't use it.
##
## Recommended settings are as follows:
## - Microsoft Active Directory: (&({username_attribute}={input})(objectCategory=person)(objectClass=user))
## - OpenLDAP:
## - (&({username_attribute}={input})(objectClass=person))
## - (&({username_attribute}={input})(objectClass=inetOrgPerson))
##
## To allow sign in both with username and email, one can use a filter like
## (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))
users_filter: ""
## An additional dn to define the scope of groups.
additional_groups_dn: OU=Groups
## The groups filter used in search queries to find the groups of the user.
## - {input} is a placeholder replaced by what the user inputs in the login form.
## - {username} is a placeholder replace by the username stored in LDAP (based on `username_attribute`).
## - {dn} is a matcher replaced by the user distinguished name, aka, user DN.
## - {username_attribute} is a placeholder replaced by what is configured in `username_attribute`.
## - {mail_attribute} is a placeholder replaced by what is configured in `mail_attribute`.
## - DON'T USE - {0} is an alias for {input} supported for backward compatibility but it will be deprecated in later
## versions, so please don't use it.
## - DON'T USE - {1} is an alias for {username} supported for backward compatibility but it will be deprecated in
## later version, so please don't use it.
##
## If your groups use the `groupOfUniqueNames` structure use this instead:
## (&(uniquemember={dn})(objectclass=groupOfUniqueNames))
groups_filter: ""
## The attribute holding the name of the group
group_name_attribute: "cn"
## The attribute holding the mail address of the user. If multiple email addresses are defined for a user, only the
## first one returned by the LDAP server is used.
mail_attribute: "mail"
## The attribute holding the display name of the user. This will be used to greet an authenticated user.
display_name_attribute: "displayname"
## The username of the admin user.
user: CN=admin,DC=example,DC=com
plain_password: ""
##
## File (Authentication Provider)
##
## With this backend, the users database is stored in a file which is updated when users reset their passwords.
## Therefore, this backend is meant to be used in a dev environment and not in production since it prevents Authelia
## to be scaled to more than one instance. The options under 'password' have sane defaults, and as it has security
## implications it is highly recommended you leave the default values. Before considering changing these settings
## please read the docs page below:
## https://www.authelia.com/docs/configuration/authentication/file.html#password-hash-algorithm-tuning
##
## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
##
file:
enabled: true
path: /config/users_database.yml
password:
algorithm: argon2id
iterations: 1
key_length: 32
salt_length: 16
memory: 1024
parallelism: 8
##
## Access Control Configuration
##
## Access control is a list of rules defining the authorizations applied for one resource to users or group of users.
##
## If 'access_control' is not defined, ACL rules are disabled and the 'bypass' rule is applied, i.e., access is allowed
## to anyone. Otherwise restrictions follow the rules defined.
##
## Note: One can use the wildcard * to match any subdomain.
## It must stand at the beginning of the pattern. (example: *.mydomain.com)
##
## Note: You must put patterns containing wildcards between simple quotes for the YAML to be syntactically correct.
##
## Definition: A 'rule' is an object with the following keys: 'domain', 'subject', 'policy' and 'resources'.
##
## - 'domain' defines which domain or set of domains the rule applies to.
##
## - 'subject' defines the subject to apply authorizations to. This parameter is optional and matching any user if not
## provided. If provided, the parameter represents either a user or a group. It should be of the form
## 'user:<username>' or 'group:<groupname>'.
##
## - 'policy' is the policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'.
##
## - 'resources' is a list of regular expressions that matches a set of resources to apply the policy to. This parameter
## is optional and matches any resource if not provided.
##
## Note: the order of the rules is important. The first policy matching (domain, resource, subject) applies.
access_control:
## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
## resource if there is no policy to be applied to the user.
default_policy: deny
networks_access_control: []
# networks_access_control:
# - name: private
# networks:
# - 10.0.0.0/8
# - 172.16.0.0/12
# - 192.168.0.0/16
# - name: vpn
# networks:
# - 10.9.0.0/16
rules: []
# rules:
# - domain: public.example.com
# policy: bypass
# - domain: "*.example.com"
# policy: bypass
# methods:
# - OPTIONS
# - domain: secure.example.com
# policy: one_factor
# networks:
# - private
# - vpn
# - 192.168.1.0/24
# - 10.0.0.1
# - domain:
# - secure.example.com
# - private.example.com
# policy: two_factor
# - domain: singlefactor.example.com
# policy: one_factor
# - domain: "mx2.mail.example.com"
# subject: "group:admins"
# policy: deny
# - domain: "*.example.com"
# subject:
# - "group:admins"
# - "group:moderators"
# policy: two_factor
# - domain: dev.example.com
# resources:
# - "^/groups/dev/.*$"
# subject: "group:dev"
# policy: two_factor
# - domain: dev.example.com
# resources:
# - "^/users/john/.*$"
# subject:
# - ["group:dev", "user:john"]
# - "group:admins"
# policy: two_factor
# - domain: "{user}.example.com"
# policy: bypass
##
## Session Provider Configuration
##
## The session cookies identify the user once logged in.
## The available providers are: `memory`, `redis`. Memory is the provider unless redis is defined.
session:
## The name of the session cookie. (default: authelia_session).
name: authelia_session
## Sets the Cookie SameSite value. Possible options are none, lax, or strict.
## Please read https://www.authelia.com/docs/configuration/session.html#same_site
same_site: lax
## The time in seconds before the cookie expires and session is reset.
expiration: 1h
## The inactivity time in seconds before the session is reset.
inactivity: 5m
## The remember me duration.
## Value is in seconds, or duration notation. Value of 0 disables remember me.
## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
## Longer periods are considered less secure because a stolen cookie will last longer giving attackers more time to
## spy or attack. Currently the default is 1M or 1 month.
remember_me_duration: 1M
##
## Redis Provider
##
## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
##
## The redis connection details
redisProvider:
port: 6379
## Optional username to be used with authentication.
# username: authelia
username: ""
## This is the Redis DB Index https://redis.io/commands/select (sometimes referred to as database number, DB, etc).
database_index: 0
## The maximum number of concurrent active connections to Redis.
maximum_active_connections: 8
## The target number of idle connections to have open ready for work. Useful when opening connections is slow.
minimum_idle_connections: 0
## The Redis TLS configuration. If defined will require a TLS connection to the Redis instance(s).
tls:
enabled: false
## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
server_name: ""
## Skip verifying the server certificate (to allow a self-signed certificate).
## In preference to setting this we strongly recommend you add the public portion of the certificate to the
## certificates directory which is defined by the `certificates_directory` option at the top of the config.
skip_verify: false
## Minimum TLS version for the connection.
minimum_version: TLS1.2
## The Redis HA configuration options.
## This provides specific options to Redis Sentinel, sentinel_name must be defined (Master Name).
high_availability:
enabled: false
enabledSecret: false
## Sentinel Name / Master Name
sentinel_name: mysentinel
## The additional nodes to pre-seed the redis provider with (for sentinel).
## If the host in the above section is defined, it will be combined with this list to connect to sentinel.
## For high availability to be used you must have either defined; the host above or at least one node below.
nodes: []
# nodes:
# - host: sentinel-0.databases.svc.cluster.local
# port: 26379
# - host: sentinel-1.databases.svc.cluster.local
# port: 26379
## Choose the host with the lowest latency.
route_by_latency: false
## Choose the host randomly.
route_randomly: false
##
## Regulation Configuration
##
## This mechanism prevents attackers from brute forcing the first factor. It bans the user if too many attempts are done
## in a short period of time.
regulation:
## The number of failed login attempts before user is banned. Set it to 0 to disable regulation.
max_retries: 3
## The time range during which the user can attempt login before being banned. The user is banned if the
## authentication failed 'max_retries' times in a 'find_time' seconds window. Find Time accepts duration notation.
## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
find_time: 2m
## The length of time before a banned user can login again. Ban Time accepts duration notation.
## See: https://www.authelia.com/docs/configuration/index.html#duration-notation-format
ban_time: 5m
##
## Storage Provider Configuration
##
## The available providers are: `local`, `mysql`, `postgres`. You must use one and only one of these providers.
storage:
##
## PostgreSQL (Storage Provider)
##
postgres:
port: 5432
database: authelia
username: authelia
sslmode: disable
timeout: 5s
##
## Notification Provider
##
##
## Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration.
## The available providers are: filesystem, smtp. You must use one and only one of these providers.
notifier:
## You can disable the notifier startup check by setting this to true.
disable_startup_check: false
##
## File System (Notification Provider)
##
## Important: Kubernetes (or HA) users must read https://www.authelia.com/docs/features/statelessness.html
##
filesystem:
enabled: true
filename: /config/notification.txt
##
## SMTP (Notification Provider)
##
## Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate.
## [Security] By default Authelia will:
## - force all SMTP connections over TLS including unauthenticated connections
## - use the disable_require_tls boolean value to disable this requirement
## (only works for unauthenticated connections)
## - validate the SMTP server x509 certificate during the TLS handshake against the hosts trusted certificates
## (configure in tls section)
smtp:
enabled: false
enabledSecret: false
host: smtp.mail.svc.cluster.local
port: 25
timeout: 5s
username: test
plain_password: test
sender: admin@example.com
## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
identifier: localhost
## Subject configuration of the emails sent.
## {title} is replaced by the text from the notifier
subject: "[Authelia] {title}"
## This address is used during the startup check to verify the email configuration is correct.
## It's not important what it is except if your email server only allows local delivery.
startup_check_address: test@authelia.com
disable_require_tls: false
disable_html_emails: false
tls:
## Server Name for certificate validation (in case you are using the IP or non-FQDN in the host option).
server_name: ""
## Skip verifying the server certificate (to allow a self-signed certificate).
## In preference to setting this we strongly recommend you add the public portion of the certificate to the
## certificates directory which is defined by the `certificates_directory` option at the top of the config.
skip_verify: false
## Minimum TLS version for either StartTLS or SMTPS.
minimum_version: TLS1.2
identity_providers:
oidc:
## Enables this in the config map. Currently in beta stage.
## See https://www.authelia.com/docs/configuration/identity-providers/oidc.html#roadmap
enabled: false
access_token_lifespan: 1h
authorize_code_lifespan: 1m
id_token_lifespan: 1h
refresh_token_lifespan: 90m
enable_client_debug_messages: false
## SECURITY NOTICE: It's not recommended changing this option, and highly discouraged to have it below 8 for
## security reasons.
minimum_parameter_entropy: 8
clients: []
# clients:
# -
## The ID is the OpenID Connect ClientID which is used to link an application to a configuration.
# id: myapp
## The description to show to users when they end up on the consent screen. Defaults to the ID above.
# description: My Application
## The client secret is a shared secret between Authelia and the consumer of this client.
# secret: apple123
## Sets the client to public. This should typically not be set, please see the documentation for usage.
# public: false
## The policy to require for this client; one_factor or two_factor.
# authorization_policy: two_factor
## Configures the consent mode; auto, explicit or implicit
# consent_mode: auto
## Audience this client is allowed to request.
# audience: []
## Scopes this client is allowed to request.
# scopes:
# - openid
# - profile
# - email
# - groups
## Redirect URI's specifies a list of valid case-sensitive callbacks for this client.
# redirect_uris:
# - https://oidc.example.com/oauth2/callback
## Grant Types configures which grants this client can obtain.
## It's not recommended to configure this unless you know what you're doing.
# grant_types:
# - refresh_token
# - authorization_code
## Response Types configures which responses this client can be sent.
## It's not recommended to configure this unless you know what you're doing.
# response_types:
# - code
## Response Modes configures which response modes this client supports.
## It's not recommended to configure this unless you know what you're doing.
# response_modes:
# - form_post
# - query
# - fragment
## The algorithm used to sign userinfo endpoint responses for this client, either none or RS256.
# userinfo_signing_algorithm: none
portal:
open:
enabled: true
ingress:
main:
required: true

0
premium/authelia/23.6.0/questions.yaml → premium/authelia/23.8.2/questions.yaml
View File

0
premium/authelia/23.6.0/templates/NOTES.txt → premium/authelia/23.8.2/templates/NOTES.txt
View File

0
premium/authelia/23.6.0/templates/_configmap.tpl → premium/authelia/23.8.2/templates/_configmap.tpl
View File

0
premium/authelia/23.6.0/templates/_secrets.tpl → premium/authelia/23.8.2/templates/_secrets.tpl
View File

0
premium/authelia/23.6.0/templates/common.yaml → premium/authelia/23.8.2/templates/common.yaml
View File

0
premium/authelia/23.6.0/values.yaml → premium/authelia/23.8.2/values.yaml
View File

17
premium/blocky/14.3.5/CHANGELOG.md
View File

@ -1,17 +0,0 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [blocky-14.3.5](https://github.com/truecharts/charts/compare/blocky-14.3.4...blocky-14.3.5) (2024-03-16)
### Chore
- rename `enterprise`- train to `premium`-train

47
premium/blocky/14.3.5/Chart.yaml
View File

@ -1,47 +0,0 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: network
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.12"
truecharts.org/train: premium
apiVersion: v2
appVersion: 0.23.0
dependencies:
- name: common
version: 20.0.9
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
- name: redis
version: 13.0.3
repository: oci://tccr.io/truecharts
condition: redis.enabled
alias: ""
tags: []
import-values: []
deprecated: false
description: Blocky is a DNS proxy, DNS enhancer and ad-blocker for the local network written in Go
home: https://truecharts.org/charts/premium/blocky
icon: https://truecharts.org/img/hotlink-ok/chart-icons/blocky.png
keywords:
- dns
- blocky
kubeVersion: '>=1.24.0-0'
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: blocky
sources:
- https://github.com/Mozart409/blocky-frontend
- https://0xerr0r.github.io/blocky/
- https://github.com/0xERR0R/blocky
- https://github.com/truecharts/charts/tree/master/charts/premium/blocky
- https://hub.docker.com/r/spx01/blocky
- https://quay.io/oriedge/k8s_gateway
type: application
version: 14.3.5

BIN
premium/blocky/14.3.5/charts/common-20.0.9.tgz
View File

Binary file not shown.

BIN
premium/blocky/14.3.5/charts/redis-13.0.3.tgz
View File

Binary file not shown.

0
premium/blocky/14.3.5/.helmignore → premium/blocky/14.5.1/.helmignore
View File

99
premium/blocky/14.5.1/CHANGELOG.md Normal file
View File

@ -0,0 +1,99 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [blocky-14.5.1](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [blocky-14.5.0](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [blocky-14.5.0](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [blocky-14.5.0](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [blocky-14.5.0](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [blocky-14.5.0](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [blocky-14.5.0](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [blocky-14.5.0](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))

47
premium/blocky/14.5.1/Chart.yaml Normal file
View File

@ -0,0 +1,47 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: network
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.11"
truecharts.org/train: premium
apiVersion: v2
appVersion: 0.23.0
dependencies:
- name: common
version: 20.2.2
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
- name: redis
version: 13.0.5
repository: oci://tccr.io/truecharts
condition: redis.enabled
alias: ""
tags: []
import-values: []
deprecated: false
description: Blocky is a DNS proxy, DNS enhancer and ad-blocker for the local network written in Go
home: https://truecharts.org/charts/premium/blocky
icon: https://truecharts.org/img/hotlink-ok/chart-icons/blocky.png
keywords:
- dns
- blocky
kubeVersion: ">=1.24.0-0"
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: blocky
sources:
- https://github.com/Mozart409/blocky-frontend
- https://0xerr0r.github.io/blocky/
- https://github.com/0xERR0R/blocky
- https://github.com/truecharts/charts/tree/master/charts/premium/blocky
- https://quay.io/oriedge/k8s_gateway
- https://hub.docker.com/r/spx01/blocky
type: application
version: 14.5.1

0
premium/blocky/14.3.5/LICENSE → premium/blocky/14.5.1/LICENSE
View File

0
premium/blocky/14.3.5/README.md → premium/blocky/14.5.1/README.md
View File

13
premium/blocky/14.5.1/app-changelog.md Normal file
View File

@ -0,0 +1,13 @@
## [blocky-14.5.1](https://github.com/truecharts/charts/compare/blocky-14.4.0...blocky-14.5.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))

0
premium/blocky/14.3.5/app-readme.md → premium/blocky/14.5.1/app-readme.md
View File

BIN
premium/blocky/14.5.1/charts/common-20.2.2.tgz Normal file
View File

Binary file not shown.

0
stable/ctfd/4.12.1/charts/redis-13.0.5.tgz → premium/blocky/14.5.1/charts/redis-13.0.5.tgz
View File

0
premium/blocky/14.3.5/dashboard.json → premium/blocky/14.5.1/dashboard.json
View File

0
premium/blocky/14.3.5/dashboardpsql.json → premium/blocky/14.5.1/dashboardpsql.json
View File

0
premium/blocky/14.3.5/ix_values.yaml → premium/blocky/14.5.1/ix_values.yaml
View File

0
premium/blocky/14.3.5/questions.yaml → premium/blocky/14.5.1/questions.yaml
View File

0
premium/blocky/14.3.5/templates/NOTES.txt → premium/blocky/14.5.1/templates/NOTES.txt
View File

0
premium/blocky/14.3.5/templates/_blockyConfig.tpl → premium/blocky/14.5.1/templates/_blockyConfig.tpl
View File

0
premium/blocky/14.3.5/templates/_k8sgateway.tpl → premium/blocky/14.5.1/templates/_k8sgateway.tpl
View File

0
premium/blocky/14.3.5/templates/common.yaml → premium/blocky/14.5.1/templates/common.yaml
View File

0
premium/blocky/14.3.5/values.yaml → premium/blocky/14.5.1/values.yaml
View File

0
premium/nextcloud/29.6.0/.helmignore → premium/clusterissuer/7.7.1/.helmignore
View File

100
premium/clusterissuer/7.7.1/CHANGELOG.md Normal file
View File

@ -0,0 +1,100 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [clusterissuer-7.7.1](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [clusterissuer-7.7.0](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))

37
premium/clusterissuer/7.7.1/Chart.yaml Normal file
View File

@ -0,0 +1,37 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: core
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.11"
truecharts.org/train: premium
apiVersion: v2
appVersion: latest
dependencies:
- name: common
version: 20.2.2
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
deprecated: false
description: Certificate management for Kubernetes
home: https://truecharts.org/charts/premium/clusterissuer
icon: https://truecharts.org/img/hotlink-ok/chart-icons/clusterissuer.png
keywords:
- cert-manager
- certificates
kubeVersion: ">=1.24.0-0"
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: clusterissuer
sources:
- https://cert-manager.io/
- https://github.com/truecharts/charts/tree/master/charts/premium/clusterissuer
- https://hub.docker.com/_/hello-world
type: application
version: 7.7.1

28
premium/clusterissuer/7.7.1/README.md Normal file
View File

@ -0,0 +1,28 @@
---
title: README
---
## General Info
TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
However only installations using the TrueNAS SCALE Apps system are supported.
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/premium/clusterissuer)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
_All Rights Reserved - The TrueCharts Project_

11
premium/clusterissuer/7.7.1/app-changelog.md Normal file
View File

@ -0,0 +1,11 @@
## [clusterissuer-7.7.1](https://github.com/truecharts/charts/compare/clusterissuer-7.6.0...clusterissuer-7.7.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))

8
premium/clusterissuer/7.7.1/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
Certificate management for Kubernetes
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/premium/clusterissuer](https://truecharts.org/charts/premium/clusterissuer)
---
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!

BIN
premium/clusterissuer/7.7.1/charts/common-20.2.2.tgz Normal file
View File

Binary file not shown.

104
premium/clusterissuer/7.7.1/ix_values.yaml Normal file
View File

@ -0,0 +1,104 @@
image:
repository: hello-world
tag: latest@sha256:d000bc569937abbe195e20322a0bde6b2922d805332fd6d8a68b19f524b7d21d
pullPolicy: IfNotPresent
manifestManager:
enabled: true
workload:
main:
enabled: false
podSpec:
containers:
main:
enabled: false
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
service:
main:
enabled: false
ports:
main:
enabled: false
port: 9999
portal:
open:
enabled: false
operator:
verify:
additionalOperators:
- cert-manager
enabled: true
failOnError: false
clusterIssuer:
selfSigned:
enabled: true
name: "selfsigned"
CA: []
# - name: myca
# selfSigned: true
# selfSignedCommonName: "my-selfsigned-ca"
# # Used to manually define a CA-crt not used when selfSigned is enabled
# crt: ""
# key: ""
# # TODO: Add option to use SCALE CA certs
ACME: []
# - name: letsencrypt
# # Used for both logging in to the DNS provider AND ACME registration
# email: ""
# server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
# # Used primarily for the SCALE GUI
# customServer: 'https://acme-staging-v02.api.letsencrypt.org/directory'
# email: ""
# # Options: HTTP01, cloudflare, route53, akamai, digitalocean, rfc2136, acmedns
# type: ""
# # for cloudflare
# cfapikey: ""
# cfapitoken: ""
# # for route53
# region: ""
# accessKeyID: ""
# route53SecretAccessKey: ""
# # optional for route53
# role: ""
# # for akamai
# serviceConsumerDomain: ""
# akclientToken: ""
# akclientSecret: ""
# akaccessToken: ""
# # for digitalocean
# doaccessToken: ""
# # for rfc2136
# nameserver: ""
# tsigKeyName: ""
# tsigAlgorithm: ""
# rfctsigSecret: ""
# # for acmedns
# name: sd
# acmednsHost: asdf
# # Pick one of the bellow acmednsConfig
# acmednsConfigJson:
# acmednsConfig:
# - domain: ""
# username: ""
# password: ""
# fulldomain: ""
# subdomain: ""
# allowFrom: []
clusterCertificates:
# Namespaces in which the certificates must be available
# Accepts comma-separated regex expressions
# replicationNamespaces: 'ix-.*'
certificates: []
# - name: mycert
# enabled: true
# certificateIssuer: selfsigned
# hosts:
# - my.domain.com
# - '*.my.domain.com'

446
premium/clusterissuer/7.7.1/questions.yaml Executable file
View File

@ -0,0 +1,446 @@
groups:
- name: Container Image
description: Image to be used for container
- name: General Settings
description: General Deployment Settings
- name: Workload Settings
description: Workload Settings
- name: App Configuration
description: App Specific Config Options
- name: Networking and Services
description: Configure Network and Services for Container
- name: Storage and Persistence
description: Persist and Share Data that is Separate from the Container
- name: Ingress
description: Ingress Configuration
- name: Security and Permissions
description: Configure Security Context and Permissions
- name: Resources and Devices
description: "Specify Resources/Devices to be Allocated to Workload"
- name: Middlewares
description: Traefik Middlewares
- name: Metrics
description: Metrics
- name: Addons
description: Addon Configuration
- name: Backup Configuration
description: Configure Velero Backup Schedule
- name: Advanced
description: Advanced Configuration
- name: Postgresql
description: Postgresql
- name: Documentation
description: Documentation
questions:
- variable: global
group: General Settings
label: "Global Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: stopAll
label: Stop All
description: "Stops All Running pods and hibernates cnpg"
schema:
type: boolean
default: false
- variable: clusterIssuer
group: App Configuration
label: Cluster Certificate Issuer
schema:
additional_attrs: true
type: dict
attrs:
- variable: ACME
label: 'ACME Issuer'
schema:
type: list
default: []
items:
- variable: ACMEEntry
label: 'ACME Issuer Entry'
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: "Name to give the issuer"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: ""
- variable: type
label: Type or DNS-Provider
description: DNS Provider
schema:
type: string
default: cloudflare
enum:
- value: cloudflare
description: Cloudflare
- value: route53
description: Route53
- value: akamai
description: Akamai
- value: digitalocean
description: Digitalocean
- value: rfc2136
description: rfc2136 (Advanced)
- value: HTTP01
description: HTTP01 (Experimental)
- value: acmedns
description: ACME DNS (Advanced)
- variable: server
label: Server
description: "Server for ACME, for example: letsencrypt"
schema:
type: string
default: 'Letsencrypt-Production'
enum:
- value: 'https://acme-v02.api.letsencrypt.org/directory'
description: Letsencrypt-Production
- value: 'https://acme-staging-v02.api.letsencrypt.org/directory'
description: Letsencrypt-Staging
- value: 'https://api.buypass.no/acme-v02/directory'
description: BuyPass-Production
- value: 'https://api.test4.buypass.no/acme-v02/directory'
description: BuyPass-Staging
- value: custom
description: Custom
- variable: customServer
label: Custom ACME Server (Advanced)
description: "This can be used to enter your own custom ACME server"
schema:
type: string
show_if: [["server", "=", "custom"]]
default: 'https://acme-staging-v02.api.letsencrypt.org/directory'
- variable: caBundle
label: Trusted CABundle for private ACME server
description: "Trusted CABundle for private ACME server, encoded in base64"
schema:
type: string
show_if: [["server", "=", "custom"]]
- variable: email
label: Email
description: "Email adress to use for certificate issuing must match your DNS provider email when required"
schema:
type: string
required: true
default: "something@example.com"
- variable: cfapikey
label: CloudFlare API key
description: "CloudFlare API Key"
schema:
show_if: [["type", "=", "cloudflare"]]
type: string
default: ""
- variable: cfapitoken
label: CloudFlare API Token
description: "CloudFlare API Token"
schema:
show_if: [["type", "=", "cloudflare"]]
type: string
default: ""
- variable: region
label: Route53 Region
description: "Route 53 Region"
schema:
show_if: [["type", "=", "route53"]]
type: string
required: true
default: "us-west-1"
- variable: accessKeyID
label: Route53 accessKeyID
description: "Route53 accessKeyID"
schema:
show_if: [["type", "=", "route53"]]
type: string
required: true
default: ""
- variable: route53SecretAccessKey
label: Route53 Secret Access Key
description: "Route53 Secret Access Key"
schema:
show_if: [["type", "=", "route53"]]
type: string
required: true
default: ""
- variable: role
label: Route53 Role (optional)
description: "Route53 Role"
schema:
show_if: [["type", "=", "route53"]]
type: string
default: ""
- variable: serviceConsumerDomain
label: Akamai Service Consumer Domain
description: "Akamai Service Consumer Domain"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: akclientToken
label: Akamai Client Token
description: "Client Token"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: akclientSecret
label: Akamai Client Secret
description: "Akamai Client Secret"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: akaccessToken
label: Akamai Access Token
description: "Akamai Access Token"
schema:
show_if: [["type", "=", "akamai"]]
type: string
required: true
default: ""
- variable: doaccessToken
label: Digitalocean Access Token
description: "Digitalocean Access Token"
schema:
show_if: [["type", "=", "digitalocean"]]
type: string
required: true
default: ""
- variable: nameserver
label: rfc2136 Namesever
description: "rfc2136 Namesever"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: tsigKeyName
label: rfc2136 tsig Key Name
description: "rfc2136 tsig Key Name"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: tsigAlgorithm
label: rfc2136 tsig Algorithm
description: "rfc2136 tsig Algorithm"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: rfctsigSecret
label: rfc2136 sig Secret
description: "rfc2136 sig Secret"
schema:
show_if: [["type", "=", "rfc2136"]]
type: string
required: true
default: ""
- variable: acmednsHost
label: ACME DNS host
description: "ACME DNS API server address"
schema:
show_if: [["type", "=", "acmedns"]]
type: string
required: true
default: "https://auth.acme-dns.io"
- variable: acmednsConfig
label: ACME DNS config
description: "ACME DNS per-domain auth configuration"
schema:
show_if: [["type", "=", "acmedns"]]
type: list
default: []
items:
- variable: acmednsEntry
label: 'ACME DNS entry'
schema:
type: dict
attrs:
- variable: domain
label: Domain
schema:
type: string
required: true
- variable: username
label: Username
schema:
type: string
required: true
- variable: password
label: Password
schema:
type: string
required: true
- variable: fulldomain
label: Full domain
schema:
type: string
required: true
- variable: subdomain
label: Subdomain
schema:
type: string
required: true
- variable: allowFrom
label: Allow from
schema:
type: list
default: []
items:
- variable: cidr
label: CIDR
schema:
type: ipaddr
cidr: true
required: true
- variable: CA
label: Certificate Authority Issuer
schema:
type: list
default: []
items:
- variable: CAEntry
label: 'CA Issuer Entry'
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: "Name to give the issuer"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: ""
- variable: selfSigned
label: selfSigned
description: "Create Self Signed CA cert"
schema:
type: boolean
default: true
- variable: selfSignedCommonName
label: selfSigned CommonName
description: "Common name for selfSigned Certiticate Authority"
schema:
type: string
required: true
show_if: [["selfSigned", "=", true]]
default: "my-selfsigned-ca"
- variable: crt
label: "Custom CA cert (experimental)"
description: "certificate for Certiticate Authority"
schema:
type: string
required: true
max_length: 10240
show_if: [["selfSigned", "=", false]]
default: ""
- variable: key
label: "Custom CA key (experimental)"
description: "key Certiticate Authority"
schema:
type: string
required: true
max_length: 10240
show_if: [["selfSigned", "=", false]]
default: ""
- variable: selfSigned
label: 'SelfSigned Issuer'
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
description: "Enable self-signed issuer"
schema:
type: boolean
default: true
- variable: name
label: Name
description: "Name to give the issuer"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: "selfsigned"
- variable: clusterCertificates
group: App Configuration
label: Cluster Wide Certificates (Advanced)
description: "Creates certificates for use within the entire cluster. Can be used to create wildcard certificates."
schema:
additional_attrs: true
type: dict
attrs:
- variable: certificates
label: Cluster Certificates
schema:
type: list
default: []
items:
- variable: CertEntry
label: 'Certificate Entry'
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: true
- variable: name
label: Certificate Name
schema:
type: string
required: true
default: ""
- variable: certificateIssuer
label: Cert-Manager clusterIssuer
description: "One of the Cert-Manager clusterIssuers defined above"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: "selfsigned"
- variable: hosts
label: Certificate Hosts
description: "NOTE: Creation of wildcard certificates with an ACME issuer requires a DNSO1 solver to be set up."
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: customMetrics
group: Metrics
label: Prometheus Metrics
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
description: Enable Prometheus Metrics
schema:
type: boolean
default: true

0
premium/nextcloud/29.6.0/templates/NOTES.txt → premium/clusterissuer/7.7.1/templates/NOTES.txt
View File

128
premium/clusterissuer/7.7.1/templates/clusterissuer/_ACME.tpl Normal file
View File

@ -0,0 +1,128 @@
{{- define "certmanager.clusterissuer.acme" -}}
{{- $operator := index $.Values.operator "cert-manager" -}}
{{- $namespace := $operator.namespace | default "cert-manager" -}}
{{- $rfctsigSecret := .rfctsigSecret | default "" -}}
{{/* https://cert-manager.io/docs/configuration/acme/dns01/rfc2136/#troubleshooting */}}
{{- if $rfctsigSecret -}} {{/* If we try to decode and fail, go on and encode it. */}}
{{- if (contains "illegal base64" (b64dec $rfctsigSecret)) -}}
{{- $rfctsigSecret = b64enc $rfctsigSecret -}}
{{- end -}}
{{- end -}}
{{- range .Values.clusterIssuer.ACME }}
{{- if or (not .name) (not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name)) -}}
{{- fail "ACME - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
{{- end -}}
{{- $validTypes := list "HTTP01" "cloudflare" "route53" "digitalocean" "akamai" "rfc2136" "acmedns" -}}
{{- if not (mustHas .type $validTypes) -}}
{{- fail (printf "Expected ACME type to be one of [%s], but got [%s]" (join ", " $validTypes) .type) -}}
{{- end -}}
{{- $issuerSecretName := printf "%s-clusterissuer-secret" .name }}
{{- $acmednsDict := dict -}}
{{- if and (eq .type "acmedns") (not .acmednsConfigJson) }}
{{- range .acmednsConfig }}
{{/* Transform to a dict with domain as a key, also remove domain from the dict */}}
{{- $_ := set $acmednsDict .domain (omit . "domain") -}}
{{- end }}
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .name }}
spec:
acme:
email: {{ .email }}
server: {{ if eq .server "custom" }}{{ .customServer }}{{ else }}{{ .server }}{{ end }}
{{- if .caBundle }}
caBundle: {{ .caBundle }}
{{- end }}
privateKeySecretRef:
name: {{ .name }}-acme-clusterissuer-account-key
solvers:
{{- if eq .type "HTTP01" }}
- http01:
ingress: {}
{{- else }}
- dns01:
{{- if eq .type "cloudflare" }}
cloudflare:
email: {{ .email }}
{{- if .cfapitoken }}
apiTokenSecretRef:
name: {{ $issuerSecretName }}
key: cf-api-token
{{- else if .cfapikey }}
apiKeySecretRef:
name: {{ $issuerSecretName }}
key: cf-api-key
{{- else -}}
{{- fail "A cloudflare API key or token is required" -}}
{{- end -}}
{{- else if eq .type "route53" }}
route53:
region: {{ .region }}
accessKeyID: {{ .accessKeyID }}
{{- if .role }}
role: {{ .role }}
{{- end }}
secretAccessKeySecretRef:
name: {{ $issuerSecretName }}
key: route53-secret-access-key
{{- else if eq .type "akamai" }}
akamai:
serviceConsumerDomain: {{ .serviceConsumerDomain }}
clientTokenSecretRef:
name: {{ $issuerSecretName }}
key: akclientToken
clientSecretSecretRef:
name: {{ $issuerSecretName }}
key: akclientSecret
accessTokenSecretRef:
name: {{ $issuerSecretName }}
key: akaccessToken
{{- else if eq .type "digitalocean" }}
digitalocean:
tokenSecretRef:
name: {{ $issuerSecretName }}
key: doaccessToken
{{- else if eq .type "rfc2136" }}
rfc2136:
nameserver: {{ .nameserver }}
tsigKeyName: {{ .tsigKeyName }}
tsigAlgorithm: {{ .tsigAlgorithm }}
tsigSecretSecretRef:
name: {{ $issuerSecretName }}
key: rfctsigSecret
{{- else if eq .type "acmedns" }}
acmeDNS:
host: {{ .acmednsHost }}
accountSecretRef:
name: {{ $issuerSecretName }}
key: acmednsJson
{{- end -}}
{{- end }}
---
apiVersion: v1
kind: Secret
metadata:
namespace: {{ $namespace }}
name: {{ $issuerSecretName }}
type: Opaque
stringData:
cf-api-token: {{ .cfapitoken | default "" }}
cf-api-key: {{ .cfapikey | default "" }}
route53-secret-access-key: {{ .route53SecretAccessKey | default "" }}
akclientToken: {{ .akclientToken | default "" }}
akclientSecret: {{ .akclientSecret | default "" }}
akaccessToken: {{ .akaccessToken | default "" }}
doaccessToken: {{ .doaccessToken | default "" }}
rfctsigSecret: {{ $rfctsigSecret }}
{{- if .acmednsConfigJson }}
acmednsJson: {{ .acmednsConfigJson }}
{{- else if $acmednsDict }}
acmednsJson: {{ toJson $acmednsDict | quote }}
{{- end -}}
{{- end -}}
{{- end -}}

54
premium/clusterissuer/7.7.1/templates/clusterissuer/_CA.tpl Normal file
View File

@ -0,0 +1,54 @@
{{- define "certmanager.clusterissuer.ca" -}}
{{- $operator := index $.Values.operator "cert-manager" -}}
{{- $namespace := $operator.namespace | default "cert-manager" -}}
{{- range .Values.clusterIssuer.CA }}
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name) -}}
{{- fail "CA - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
{{- end -}}
{{- if .selfSigned }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .name }}-selfsigned-ca-issuer
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .name }}-selfsigned-ca
namespace: {{ $namespace }}
spec:
isCA: true
commonName: {{ .selfSignedCommonName }}
secretName: {{ .name }}-ca
privateKey:
algorithm: ECDSA
size: 256
issuerRef:
name: {{ .name }}-selfsigned-ca-issuer
kind: ClusterIssuer
group: cert-manager.io
{{- else }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}-ca
namespace: {{ $namespace }}
data:
tls.crt: {{ .crt | replace " CERTIFICATE" "_CERTIFICATE" | replace " " "\n" | replace "_CERTIFICATE" " CERTIFICATE" | b64enc }}
tls.key: {{ .key | replace " PRIVATE KEY" "_PRIVATE_KEY" | replace " " "\n" | replace "_PRIVATE_KEY" " PRIVATE KEY" | b64enc }}
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .name }}
spec:
ca:
secretName: {{ .name }}-ca
{{- end }}
{{- end -}}

34
premium/clusterissuer/7.7.1/templates/clusterissuer/_clusterCertificates.tpl Normal file
View File

@ -0,0 +1,34 @@
{{- define "certmanager.clusterissuer.clusterCertificates" -}}
{{- if .Values.clusterCertificates -}}
{{- $secretTemplates := dict -}}
{{- $certNamespace := (include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $ "objectData" dict "caller" "ClusterCertificates")) -}}
{{- $replicationNamespaces := ".*" -}}
{{- if .Values.clusterCertificates.replicationNamespaces -}}
{{- $replicationNamespaces = .Values.clusterCertificates.replicationNamespaces -}}
{{- else if .Values.ixChartContext -}}
{{- $replicationNamespaces = "ix-.*" -}}
{{- end -}}
{{- $reflectorAnnotations := (dict
"reflector.v1.k8s.emberstack.com/reflection-allowed" "true"
"reflector.v1.k8s.emberstack.com/reflection-auto-enabled" "true"
"reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces" (printf "%v,%v" $certNamespace $replicationNamespaces)
"reflector.v1.k8s.emberstack.com/reflection-auto-namespaces" $replicationNamespaces ) -}}
{{- $certAnnotations := (mustMerge ($reflectorAnnotations) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
{{- $_ := set $secretTemplates "annotations" $certAnnotations -}}
{{- if not $.Values.certificate -}}
{{- $_ := set $.Values "certificate" dict -}}
{{- end -}}
{{- range .Values.clusterCertificates.certificates -}}
{{- $_ := set $.Values.certificate .name (dict
"enabled" .enabled
"hosts" .hosts
"certificateIssuer" .certificateIssuer
"certificateSecretTemplate" $secretTemplates
) -}}
{{- end -}}
{{- end -}}
{{- end -}}

14
premium/clusterissuer/7.7.1/templates/clusterissuer/_selfSigned.tpl Normal file
View File

@ -0,0 +1,14 @@
{{- define "certmanager.clusterissuer.selfsigned" -}}
{{- if .Values.clusterIssuer.selfSigned.enabled -}}
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .Values.clusterIssuer.selfSigned.name) -}}
{{- fail "Self Singed Issuer - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: {{ .Values.clusterIssuer.selfSigned.name }}
spec:
selfSigned: {}
{{- end }}
{{- end -}}

16
premium/clusterissuer/7.7.1/templates/common.yaml Normal file
View File

@ -0,0 +1,16 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.v1.common.loader.init" . }}
{{/*
Generate certificate data and set them to $.Values.ceritificate
Let common handle the creation of the objects
*/}}
{{- include "certmanager.clusterissuer.clusterCertificates" . }}
{{/* Render the templates */}}
{{ include "tc.v1.common.loader.apply" . }}
{{/* Generate the cluster issuers */}}
{{- include "certmanager.clusterissuer.acme" . }}
{{- include "certmanager.clusterissuer.selfsigned" . }}
{{- include "certmanager.clusterissuer.ca" . }}

0
premium/nextcloud/29.6.0/values.yaml → premium/clusterissuer/7.7.1/values.yaml
View File

0
premium/traefik/26.8.1/.helmignore → premium/grafana/14.8.1/.helmignore
View File

100
premium/grafana/14.8.1/CHANGELOG.md Normal file
View File

@ -0,0 +1,100 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [grafana-14.8.1](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [grafana-14.8.0](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))

41
premium/grafana/14.8.1/Chart.yaml Normal file
View File

@ -0,0 +1,41 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: metrics
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.11"
truecharts.org/train: premium
apiVersion: v2
appVersion: 10.4.0
dependencies:
- name: common
version: 20.2.2
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
deprecated: false
description: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
home: https://truecharts.org/charts/premium/grafana
icon: https://truecharts.org/img/hotlink-ok/chart-icons/grafana.png
keywords:
- analytics
- monitoring
- metrics
- logs
kubeVersion: ">=1.24.0-0"
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: grafana
sources:
- https://grafana.com/
- https://github.com/bitnami/bitnami-docker-grafana
- https://github.com/truecharts/charts/tree/master/charts/premium/grafana
- https://quay.io/kiwigrid/k8s-sidecar
- https://hub.docker.com/r/grafana/grafana
type: application
version: 14.8.1

28
premium/grafana/14.8.1/README.md Normal file
View File

@ -0,0 +1,28 @@
---
title: README
---
## General Info
TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
However only installations using the TrueNAS SCALE Apps system are supported.
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/premium/grafana)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
_All Rights Reserved - The TrueCharts Project_

11
premium/grafana/14.8.1/app-changelog.md Normal file
View File

@ -0,0 +1,11 @@
## [grafana-14.8.1](https://github.com/truecharts/charts/compare/grafana-14.7.0...grafana-14.8.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))

8
premium/grafana/14.8.1/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/premium/grafana](https://truecharts.org/charts/premium/grafana)
---
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!

BIN
premium/grafana/14.8.1/charts/common-20.2.2.tgz Normal file
View File

Binary file not shown.

346
premium/grafana/14.8.1/ix_values.yaml Normal file
View File

@ -0,0 +1,346 @@
image:
repository: grafana/grafana
pullPolicy: IfNotPresent
tag: 10.4.0@sha256:f9811e4e687ffecf1a43adb9b64096c50bc0d7a782f8608530f478b6542de7d5
sidecarImage:
repository: quay.io/kiwigrid/k8s-sidecar
tag: 1.26.1@sha256:b8d5067137fec093cf48670dc3a1dbb38f9e734f3a6683015c2e89a45db5fd16
securityContext:
container:
readOnlyRootFilesystem: false
service:
main:
ports:
main:
protocol: http
targetPort: 3000
port: 3000
workload:
main:
replicas: 2
strategy: RollingUpdate
podSpec:
containers:
main:
env:
GF_SECURITY_ADMIN_USER: "admin"
GF_SECURITY_ADMIN_PASSWORD: "testpassword"
GF_INSTALL_PLUGINS: ""
GF_AUTH_LDAP_ENABLED: "false"
GF_AUTH_LDAP_ALLOW_SIGN_UP: "false"
GF_SERVER_HTTP_PORT: 3000
GF_DATABASE_TYPE: postgres
GF_DATABASE_NAME: "{{ .Values.cnpg.main.user }}"
GF_DATABASE_USER: "{{ .Values.cnpg.main.database }}"
GF_DATABASE_SSL_MODE: disable
GF_DATABASE_HOST:
secretKeyRef:
name: cnpg-main-urls
key: host
GF_DATABASE_PASSWORD:
secretKeyRef:
name: cnpg-main-user
key: password
probes:
liveness:
path: "/api/health"
readiness:
path: "/api/health"
startup:
path: "/api/health"
dashboards:
enabled: true
imageSelector: sidecarImage
env:
IGNORE_ALREADY_PROCESSED: false
METHOD: WATCH
LABEL: grafana_dashboard
LABEL_VALUE: "1"
LOG_LEVEL: info
FOLDER: /tmp/dashboards
RESOURCE: both
NAMESPACE: "ALL"
UNIQUE_FILENAMES: false
# NAMESPACE: null
# FOLDER_ANNOTATION: null
# script: null
# WATCH_SERVER_TIMEOUT: 3600
# WATCH_CLIENT_TIMEOUT: 3600
SKIP_TLS_VERIFY: false
REQ_USERNAME: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_USER }}"
REQ_PASSWORD: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_PASSWORD }}"
REQ_URL: "http://localhost:3000/api/admin/provisioning/dashboards/reload"
REQ_METHOD: POST
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
datasources:
enabled: true
imageSelector: sidecarImage
env:
IGNORE_ALREADY_PROCESSED: false
METHOD: WATCH
LABEL: grafana_datasources
LABEL_VALUE: "1"
LOG_LEVEL: info
FOLDER: /etc/grafana/provisioning/datasources
RESOURCE: both
NAMESPACE: "ALL"
UNIQUE_FILENAMES: false
# NAMESPACE: null
# FOLDER_ANNOTATION: null
# script: null
# WATCH_SERVER_TIMEOUT: 3600
# WATCH_CLIENT_TIMEOUT: 3600
SKIP_TLS_VERIFY: false
REQ_USERNAME: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_USER }}"
REQ_PASSWORD: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_PASSWORD }}"
REQ_URL: "http://localhost:3000/api/admin/provisioning/datasources/reload"
REQ_METHOD: POST
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
alerts:
enabled: true
imageSelector: sidecarImage
env:
IGNORE_ALREADY_PROCESSED: false
METHOD: WATCH
LABEL: grafana_alerts
LABEL_VALUE: "1"
LOG_LEVEL: info
FOLDER: /etc/grafana/provisioning/alerts
RESOURCE: both
NAMESPACE: "ALL"
UNIQUE_FILENAMES: false
# NAMESPACE: null
# FOLDER_ANNOTATION: null
# script: null
# WATCH_SERVER_TIMEOUT: 3600
# WATCH_CLIENT_TIMEOUT: 3600
SKIP_TLS_VERIFY: false
REQ_USERNAME: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_USER }}"
REQ_PASSWORD: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_PASSWORD }}"
REQ_URL: "http://localhost:3000/api/admin/provisioning/alerts/reload"
REQ_METHOD: POST
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
plugins:
enabled: true
imageSelector: sidecarImage
env:
IGNORE_ALREADY_PROCESSED: false
METHOD: WATCH
LABEL: grafana_plugins
LABEL_VALUE: "1"
LOG_LEVEL: info
FOLDER: /etc/grafana/provisioning/plugins
RESOURCE: both
NAMESPACE: "ALL"
UNIQUE_FILENAMES: false
# NAMESPACE: null
# FOLDER_ANNOTATION: null
# script: null
# WATCH_SERVER_TIMEOUT: 3600
# WATCH_CLIENT_TIMEOUT: 3600
SKIP_TLS_VERIFY: false
REQ_USERNAME: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_USER }}"
REQ_PASSWORD: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_PASSWORD }}"
REQ_URL: "http://localhost:3000/api/admin/provisioning/plugins/reload"
REQ_METHOD: POST
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
notifiers:
enabled: true
imageSelector: sidecarImage
env:
IGNORE_ALREADY_PROCESSED: false
METHOD: WATCH
LABEL: grafana_notifiers
LABEL_VALUE: "1"
LOG_LEVEL: info
FOLDER: /etc/grafana/provisioning/notifiers
RESOURCE: both
NAMESPACE: "ALL"
UNIQUE_FILENAMES: false
# NAMESPACE: null
# FOLDER_ANNOTATION: null
# script: null
# WATCH_SERVER_TIMEOUT: 3600
# WATCH_CLIENT_TIMEOUT: 3600
SKIP_TLS_VERIFY: false
REQ_USERNAME: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_USER }}"
REQ_PASSWORD: "{{ .Values.workload.main.podSpec.containers.main.env.GF_SECURITY_ADMIN_PASSWORD }}"
REQ_URL: "http://localhost:3000/api/admin/provisioning/notifiers/reload"
REQ_METHOD: POST
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
configmap:
dashboard-provider:
enabled: true
data:
provider.yaml: |-
apiVersion: 1
providers:
- name: sidecarProvider
orgId: 1
folder: ''
type: file
disableDeletion: false
allowUiUpdates: false
updateIntervalSeconds: 30
options:
foldersFromFilesStructure: false
path: /tmp/dashboards
config:
enabled: true
data:
grafana.ini: |-
paths:
data: /var/lib/grafana/
logs: /var/log/grafana
plugins: /var/lib/grafana/plugins
provisioning: /etc/grafana/provisioning
analytics:
check_for_updates: true
log:
mode: console
grafana_net:
url: https://grafana.net
server:
domain: "{{ if (and .Values.ingress.main.enabled .Values.ingress.main.hosts) }}{{ .Values.ingress.main.hosts | first }}{{ else }}''{{ end }}"
ldap.toml: |-
# nope
persistence:
config:
enabled: true
type: configmap
objectName: config
mountPath: /etc/grafana/grafana.ini
subPath: grafana.ini
ldap:
enabled: true
type: configmap
objectName: config
mountPath: /etc/grafana/ldap.toml
subPath: ldap.toml
data:
enabled: true
mountPath: "/var/lib/grafana"
grafana-tmp:
enabled: true
type: emptyDir
mountPath: /app/tmp
targetSelectAll: true
sc-dashboard-volume:
enabled: true
type: emptyDir
mountPath: /tmp/dashboards
targetSelectAll: true
sc-dashboard-config:
enabled: true
type: configmap
objectName: dashboard-provider
mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml
subPath: provider.yaml
sc-datasource-volume:
enabled: true
type: emptyDir
mountPath: /etc/grafana/provisioning/datasources
targetSelectAll: true
sc-alerts-volume:
enabled: true
type: emptyDir
mountPath: /etc/grafana/provisioning/alerts
targetSelectAll: true
sc-plugins-volume:
enabled: true
type: emptyDir
mountPath: /etc/grafana/provisioning/plugins
targetSelectAll: true
sc-notifiers-volume:
enabled: true
type: emptyDir
mountPath: /etc/grafana/provisioning/notifiers
targetSelectAll: true
metrics:
main:
# -- Enable and configure a Prometheus serviceMonitor for the chart under this key.
# @default -- See values.yaml
enabled: true
type: "servicemonitor"
endpoints:
- port: main
path: /metrics
# -- Enable and configure Prometheus Rules for the chart under this key.
# @default -- See values.yaml
prometheusRule:
enabled: false
labels: {}
# -- Configure additionial rules for the chart under this key.
# @default -- See prometheusrules.yaml
rules: []
# - alert: UnifiPollerAbsent
# annotations:
# description: Unifi Poller has disappeared from Prometheus service discovery.
# summary: Unifi Poller is down.
# expr: |
# absent(up{job=~".*unifi-poller.*"} == 1)
# for: 5m
# labels:
# severity: critical
portal:
open:
enabled: true
# -- Whether Role Based Access Control objects like roles and rolebindings should be created
rbac:
main:
enabled: true
primary: true
clusterWide: true
rules:
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get", "watch", "list"]
serviceAccount:
main:
enabled: true
primary: true
podOptions:
automountServiceAccountToken: true
cnpg:
main:
enabled: true
user: grafana
database: grafana

2916
premium/grafana/14.8.1/questions.yaml Executable file
View File

File diff suppressed because it is too large Load Diff

0
premium/traefik/26.8.1/templates/NOTES.txt → premium/grafana/14.8.1/templates/NOTES.txt
View File

0
stable/adguard-home/9.5.1/templates/common.yaml → premium/grafana/14.8.1/templates/common.yaml
View File

0
premium/traefik/26.8.1/values.yaml → premium/grafana/14.8.1/values.yaml
View File

0
stable/acestream/6.5.1/.helmignore → premium/metallb-config/6.7.1/.helmignore
View File

100
premium/metallb-config/6.7.1/CHANGELOG.md Normal file
View File

@ -0,0 +1,100 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [metallb-config-6.7.1](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
## [metallb-config-6.7.0](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))

38
premium/metallb-config/6.7.1/Chart.yaml Normal file
View File

@ -0,0 +1,38 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: core
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.11"
truecharts.org/train: premium
apiVersion: v2
appVersion: latest
dependencies:
- name: common
version: 20.2.2
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
deprecated: false
description: A network load-balancer implementation for Kubernetes using standard routing protocols
home: https://truecharts.org/charts/premium/metallb-config
icon: https://truecharts.org/img/hotlink-ok/chart-icons/metallb-config.png
keywords:
- metallb
- loadbalancer
kubeVersion: ">=1.24.0-0"
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: metallb-config
sources:
- https://metallb.universe.tf
- https://github.com/metallb/metallb
- https://github.com/truecharts/charts/tree/master/charts/premium/metallb-config
- https://hub.docker.com/_/hello-world
type: application
version: 6.7.1

28
premium/metallb-config/6.7.1/README.md Normal file
View File

@ -0,0 +1,28 @@
---
title: README
---
## General Info
TrueCharts can be installed as both _normal_ Helm Charts or as Apps on TrueNAS SCALE.
However only installations using the TrueNAS SCALE Apps system are supported.
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/premium/metallb-config)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
_All Rights Reserved - The TrueCharts Project_

11
premium/metallb-config/6.7.1/app-changelog.md Normal file
View File

@ -0,0 +1,11 @@
## [metallb-config-6.7.1](https://github.com/truecharts/charts/compare/metallb-config-6.6.0...metallb-config-6.7.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))

8
premium/metallb-config/6.7.1/app-readme.md Normal file
View File

@ -0,0 +1,8 @@
A network load-balancer implementation for Kubernetes using standard routing protocols
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/premium/metallb-config](https://truecharts.org/charts/premium/metallb-config)
---
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!

BIN
premium/metallb-config/6.7.1/charts/common-20.2.2.tgz Normal file
View File

Binary file not shown.

73
premium/metallb-config/6.7.1/ix_values.yaml Normal file
View File

@ -0,0 +1,73 @@
image:
repository: hello-world
tag: latest@sha256:d000bc569937abbe195e20322a0bde6b2922d805332fd6d8a68b19f524b7d21d
pullPolicy: IfNotPresent
manifestManager:
enabled: false
workload:
main:
enabled: false
podSpec:
containers:
main:
enabled: false
probes:
liveness:
enabled: false
readiness:
enabled: false
startup:
enabled: false
service:
main:
enabled: false
ports:
main:
enabled: false
port: 9999
operator:
verify:
enabled: true
additionalOperators: ["metallb"]
portal:
open:
enabled: false
ipAddressPools: []
# - name: example
# autoAssign: true
# avoidBuggyIPs: true
# addresses:
# - 192.168.1.1-192.168.1.100
L2Advertisements: []
# - name: l2adv
# addressPools:
# - pool1
# nodeSelectors:
# - nodeA
BGPAdvertisements: []
# - name: bgpadv
# addressPools:
# - pool1
# aggregationLength: 24
# localpref: 100
# communities:
# - 1234:1
# peers:
# - peer1
Communities: []
# - name: community1
# value: 1234:1
Peers: []
# - name: peer1
# myASN: 1234
# password: pass
# routerID: 1234
# bfdProfile: profile
# ebgpMultiHop: false
# holdTime: 10
# keepaliveTime: 10
# peerAddress: 172.30.0.2
# peerPort: 179
# sourceAddress: 172.30.0.3
# nodeSelectors:
# - nodeA

368
premium/metallb-config/6.7.1/questions.yaml Executable file
View File

@ -0,0 +1,368 @@
groups:
- name: Container Image
description: Image to be used for container
- name: General Settings
description: General Deployment Settings
- name: Workload Settings
description: Workload Settings
- name: App Configuration
description: App Specific Config Options
- name: Networking and Services
description: Configure Network and Services for Container
- name: Storage and Persistence
description: Persist and Share Data that is Separate from the Container
- name: Ingress
description: Ingress Configuration
- name: Security and Permissions
description: Configure Security Context and Permissions
- name: Resources and Devices
description: "Specify Resources/Devices to be Allocated to Workload"
- name: Middlewares
description: Traefik Middlewares
- name: Metrics
description: Metrics
- name: Addons
description: Addon Configuration
- name: Backup Configuration
description: Configure Velero Backup Schedule
- name: Advanced
description: Advanced Configuration
- name: Postgresql
description: Postgresql
- name: Documentation
description: Documentation
questions:
- variable: global
group: General Settings
label: "Global Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: stopAll
label: Stop All
description: "Stops All Running pods and hibernates cnpg"
schema:
type: boolean
default: false
- variable: ipAddressPools
group: App Configuration
label: IP Address Pools Object
schema:
type: list
default: []
items:
- variable: ipAddressPoolsEntry
label: IP Address Pool Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: Name of the IP address pool
schema:
type: string
required: true
default: ""
- variable: autoAssign
label: Auto Assign
description: AutoAssign flag used to prevent MetallB from automatic
allocation for a pool.
schema:
type: boolean
default: true
- variable: avoidBuggyIPs
label: Avoid Buggy IPs
description: AvoidBuggyIPs prevents addresses ending with .0 and .255
to be used by a pool.
schema:
type: boolean
default: false
- variable: addresses
label: Addresses Pools
description: A list of IP address ranges over which MetalLB has authority.
You can list multiple ranges in a single pool, they will all share
the same settings. Each range can be either a CIDR prefix, or an
explicit start-end range of IPs.
schema:
type: list
default: []
items:
- variable: addressPoolEntry
label: Address Pool Entry
schema:
type: string
default: ""
required: true
- variable: L2Advertisements
group: App Configuration
label: L2 Advertisements
description: L2Advertisement allows to advertise the LoadBalancer IPs provided
by the selected pools via L2.
schema:
type: list
default: []
items:
- variable: L2AdvertisementEntry
label: L2 Advertisement Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: Name of the L2 Advertisement
schema:
type: string
required: true
default: ""
- variable: addressPools
label: Address Pools
description: The list of IPAddressPools to advertise via this advertisement,
selected by name.
schema:
type: list
default: []
items:
- variable: addressPoolEntry
label: Address Pool Entry
schema:
type: string
default: ""
required: true
- variable: nodeSelectors
label: Node Selectors
description: NodeSelectors allows to limit the nodes to announce as
next hops for the LoadBalancer IP. When empty, all the nodes having are
announced as next hops.
schema:
type: list
default: []
items:
- variable: nodeSelectorEntry
label: Node Selector Entry
schema:
type: string
default: ""
required: true
- variable: Communities
group: App Configuration
label: Communities
description: Community is a collection of aliases for communities. Users can
define named aliases to be used in the BGPPeer CRD.
schema:
type: list
default: []
items:
- variable: CommunityEntry
label: Community Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: The name of the alias for the community.
schema:
type: string
required: true
default: ""
- variable: value
label: Value
description: The BGP community value corresponding to the given name.
schema:
type: string
required: true
default: ""
- variable: Peers
group: App Configuration
label: Peers
description: BGPPeer is the Schema for the peers API.
schema:
type: list
default: []
items:
- variable: PeerEntry
label: Peer Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: The name of the peer.
schema:
type: string
required: true
default: ""
- variable: bfdProfile
label: BFD Profile
description: The name of the BFD Profile to be used for the BFD session
associated to the BGP session. If not set, the BFD session won't
be set up.
schema:
type: string
default: ""
- variable: ebgpMultiHop
label: EBGP MultiHop
description: TTo set if the BGPPeer is multi-hops away. Needed for
FRR mode only.
schema:
type: boolean
default: false
- variable: holdTime
label: Hold Time
description: Requested BGP hold time, per RFC4271.
schema:
type: int
- variable: keepaliveTime
label: Keep Alive Time
description: Requested BGP keep alive time, per RFC4271.
schema:
type: int
- variable: myASN
label: My ASN
description: AS number to use for the local end of the session.
schema:
type: int
- variable: password
label: Password
description: Authentication password for routers enforcing TCP MD5
authenticated sessions
schema:
type: string
private: true
default: ""
- variable: peerASN
label: Peer ASN
description: AS number to expect from the remote end of the session.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: peerAddress
label: Peer Address
description: Address to dial when establishing the session.
schema:
type: string
default: ""
- variable: peerPort
label: Peer Port
description: Port to dial when establishing the session.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: routerID
label: Router ID
description: BGP router ID to advertise to the peer
schema:
type: string
default: ""
- variable: sourceAddress
label: Source Address
description: Source address to use when establishing the session.
schema:
type: string
default: ""
- variable: nodeSelectors
label: Node Selectors
description: Only connect to this peer on nodes that match one of
these selectors.
schema:
type: list
default: []
items:
- variable: nodeSelectorEntry
label: Node Selector Entry
schema:
type: string
default: ""
required: true
- variable: BGPAdvertisements
group: App Configuration
label: BGP Advertisements
description: BGPAdvertisement allows to advertise the IPs coming from the
selected IPAddressPools via BGP.
schema:
type: list
default: []
items:
- variable: BGPAdvertisementEntry
label: BGP Advertisement Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: Name of the BGP Advertisement
schema:
type: string
required: true
default: ""
- variable: addressPools
label: Address Pools
description: The list of IPAddressPools to advertise via this advertisement,
selected by name.
schema:
type: list
default: []
items:
- variable: addressPoolEntry
label: Address Pool Entry
schema:
type: string
default: ""
required: true
- variable: aggregationLength
label: Aggregation Length
description: The aggregation-length advertisement option lets you
"roll up" the /32s into a larger prefix. Defaults to 32. Works for
IPv4 addresses.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: localpref
label: Local Pref
description: The BGP LOCAL_PREF attribute which is used by BGP best
path algorithm, Path with higher localpref is preferred over one
with lower localpref.
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: communities
label: Communities
description: The BGP communities to be associated with the announcement.
Each item can be a community of the form 1234:1234 or the name of
an alias defined in the Community CRD.
schema:
type: list
default: []
items:
- variable: communityEntry
label: Community Entry
schema:
type: string
default: ""
required: true
- variable: peers
label: Peers
description: Peers limits the BGPpeer to advertise the ips of the
selected pools to. When empty, the loadbalancer IP is announced
to all the BGPPeers configured.
schema:
type: list
default: []
items:
- variable: peerEntry
label: Peer Entry
schema:
type: string
default: ""
required: true

0
stable/actualserver/10.6.1/templates/NOTES.txt → premium/metallb-config/6.7.1/templates/NOTES.txt
View File

33
premium/metallb-config/6.7.1/templates/_bgpadvertisement.tpl Normal file
View File

@ -0,0 +1,33 @@
{{- define "metallb.bgpadv" -}}
{{- range .Values.BGPAdvertisements }}
---
apiVersion: metallb.io/v1beta1
kind: BGPAdvertisement
metadata:
name: {{ .name }}
namespace: {{ $.Values.operatorNamespace }}
spec:
ipAddressPools:
{{- range .addressPools }}
- {{ . }}
{{- end }}
{{- with .aggregationLength }}
aggregationLength: {{ . | int }}
{{- end }}
{{- with .localpref }}
localpref: {{ . | int }}
{{- end }}
{{- if .communities }}
communities:
{{- range .communities }}
- {{ . }}
{{- end }}
{{- end }}
{{- if .peers }}
peers:
{{- range .peers }}
- {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

16
premium/metallb-config/6.7.1/templates/_community.tpl Normal file
View File

@ -0,0 +1,16 @@
{{- define "metallb.comm" -}}
{{- if .Values.Communities }}
---
apiVersion: metallb.io/v1beta1
kind: Community
metadata:
name: communities
namespace: {{ $.Values.operatorNamespace }}
spec:
communities:
{{- range .Values.Communities }}
- name: {{ .name }}
value: {{ .value }}
{{- end }}
{{- end }}
{{- end -}}

17
premium/metallb-config/6.7.1/templates/_ipaddresspool.tpl Normal file
View File

@ -0,0 +1,17 @@
{{- define "metallb.pool" -}}
{{- range .Values.ipAddressPools }}
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: {{ .name }}
namespace: {{ $.Values.operatorNamespace }}
spec:
addresses:
{{- range .addresses }}
- {{ . }}
{{- end }}
autoAssign: {{ .autoAssign | default true }}
avoidBuggyIPs: {{ .avoidBuggyIPs | default false }}
{{- end }}
{{- end -}}

22
premium/metallb-config/6.7.1/templates/_l2advertisement.tpl Normal file
View File

@ -0,0 +1,22 @@
{{- define "metallb.l2adv" -}}
{{- range .Values.L2Advertisements }}
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: {{ .name }}
namespace: {{ $.Values.operatorNamespace }}
spec:
ipAddressPools:
{{- range .addressPools }}
- {{ . }}
{{- end }}
{{- if .nodeSelectors }}
{{- range .nodeSelectors }}
nodeSelectors:
- matchLabels:
kubernetes.io/hostname: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

51
premium/metallb-config/6.7.1/templates/_peers.tpl Normal file
View File

@ -0,0 +1,51 @@
{{- define "metallb.peers" -}}
{{- range .Values.Peers }}
---
apiVersion: metallb.io/v1beta2
kind: BGPPeer
metadata:
name: {{ .name }}
namespace: {{ $.Values.operatorNamespace }}
spec:
{{- with .password }}
password: {{ . }}
{{- end }}
{{- with .routerID }}
routerID: {{ . }}
{{- end }}
{{- with .bfdProfile }}
bfdProfile: {{ . }}
{{- end }}
{{- with .ebgpMultiHop }}
ebgpMultiHop: {{ . }}
{{- end }}
{{- with .holdTime }}
holdTime: {{ . }}
{{- end }}
{{- with .keepaliveTime }}
keepaliveTime: {{ . }}
{{- end }}
{{- with .myASN }}
myASN: {{ . }}
{{- end }}
{{- with .peerASN }}
peerASN: {{ . | int }}
{{- end }}
{{- with .peerAddress }}
peerAddress: {{ . }}
{{- end }}
{{- with .peerPort }}
peerPort: {{ . | int }}
{{- end }}
{{- with .sourceAddress }}
sourceAddress: {{ . }}
{{- end }}
{{- if .nodeSelectors }}
nodeSelectors:
{{- range .nodeSelectors }}
- matchLabels:
kubernetes.io/hostname: {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

21
premium/metallb-config/6.7.1/templates/common.yaml Normal file
View File

@ -0,0 +1,21 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.v1.common.loader.init" . }}
{{- $operatorNamespace := "metallb-system" -}}
{{- if .Values.operator.metallb -}}
{{ $operatorNamespace = ( $.Values.operator.metallb.namespace | default "metallb-system") }}
{{- end -}}
{{- $_ := set $.Values "operatorNamespace" $operatorNamespace -}}
{{/* Render the templates */}}
{{ include "tc.v1.common.loader.apply" . }}
{{- include "metallb.l2adv" . }}
{{- include "metallb.peers" . }}
{{- include "metallb.bgpadv" . }}
{{- include "metallb.comm" . }}
{{- include "metallb.pool" . }}

0
stable/acestream/6.5.1/values.yaml → premium/metallb-config/6.7.1/values.yaml
View File

26
premium/nextcloud/29.6.0/CHANGELOG.md
View File

@ -1,26 +0,0 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [nextcloud-29.6.0](https://github.com/truecharts/charts/compare/nextcloud-29.5.6...nextcloud-29.6.0) (2024-03-16)
### Chore
- update container image common to v20.1.5[@dc867e0](https://github.com/dc867e0) by renovate ([#19210](https://github.com/truecharts/charts/issues/19210))
## [nextcloud-29.5.6](https://github.com/truecharts/charts/compare/nextcloud-29.5.5...nextcloud-29.5.6) (2024-03-16)
### Chore
- rename `enterprise`- train to `premium`-train

53
premium/nextcloud/29.6.0/Chart.yaml
View File

@ -1,53 +0,0 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: cloud
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.12"
truecharts.org/train: premium
apiVersion: v2
appVersion: 28.0.3
dependencies:
- name: common
version: 20.1.5
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
- name: redis
version: 13.0.3
repository: oci://tccr.io/truecharts
condition: redis.enabled
alias: ""
tags: []
import-values: []
deprecated: false
description: A private cloud server that puts the control and security of your own data back into your hands.
home: https://truecharts.org/charts/premium/nextcloud
icon: https://truecharts.org/img/hotlink-ok/chart-icons/nextcloud.png
keywords:
- nextcloud
- storage
- http
- web
- php
kubeVersion: '>=1.24.0-0'
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: nextcloud
sources:
- https://github.com/nextcloud/docker
- https://github.com/nextcloud/helm
- https://github.com/truecharts/charts/tree/master/charts/premium/nextcloud
- https://hub.docker.com/r/clamav/clamav
- https://github.com/truecharts/containers/tree/master/apps/nextcloud-push-notify
- https://hub.docker.com/r/collabora/code
- https://github.com/truecharts/containers/tree/master/apps/nextcloud-imaginary
- https://hub.docker.com/r/nginxinc/nginx-unprivileged
- https://github.com/truecharts/containers/tree/master/apps/nextcloud-fpm
type: application
version: 29.6.0

BIN
premium/nextcloud/29.6.0/charts/common-20.1.5.tgz
View File

Binary file not shown.

BIN
premium/nextcloud/29.6.0/charts/redis-13.0.3.tgz
View File

Binary file not shown.

516
premium/nextcloud/29.6.0/ix_values.yaml
View File

@ -1,516 +0,0 @@
image:
repository: tccr.io/tccr/nextcloud-fpm
pullPolicy: IfNotPresent
tag: v28.0.3@sha256:77b7353be48b28d1bc1dcfa8bed1e0f3c989f6223647f9c99b07db0e8ab78c8d
nginxImage:
repository: nginxinc/nginx-unprivileged
pullPolicy: IfNotPresent
tag: 1.25.4@sha256:060d468f78f016c7cfd49a548ed5d3456891cba1b54767b4ed48907981266f06
imaginaryImage:
repository: tccr.io/tccr/nextcloud-imaginary
pullPolicy: IfNotPresent
tag: v20230401@sha256:6be7b4432a536d6004b94edea7dd3573f0cc061328b729ed8043236a0784f98c
hpbImage:
repository: tccr.io/tccr/nextcloud-push-notify
pullPolicy: IfNotPresent
tag: v0.6.9@sha256:1950fd07cc1292551b16c7080514c24d8c22ce7947e06cbb12fd968d13970373
clamavImage:
repository: clamav/clamav
pullPolicy: IfNotPresent
tag: 1.3.0@sha256:57555703249b4c57d760753bf3655871d3c51958bd5bd4a0dac6eb73c1c36516
collaboraImage:
repository: collabora/code
pullPolicy: IfNotPresent
tag: 23.05.9.4.1@sha256:18768e665a817a06d17a608bcb0744dd0275e72d805644cad5ad1923f7d623b5
nextcloud:
# Initial Credentials
credentials:
initialAdminUser: admin
initialAdminPassword: adminpass
# General settings
general:
# Custom Nextcloud Scripts
run_optimize: true
default_phone_region: GR
# IP used for exposing nextcloud,
# often the loadbalancer IP
accessIP: ""
# Allows Nextcloud to connect to unsecure (http) endpoints
force_enable_allow_local_remote_servers: false
# File settings
files:
shared_folder_name: Shared
max_chunk_size: 10485760
# Expiration settings
expirations:
activity_expire_days: 90
trash_retention_obligation: auto
versions_retention_obligation: auto
# Previews settings
previews:
enabled: true
# It will also deploy the container
imaginary: true
cron: true
schedule: "*/30 * * * *"
max_x: 2048
max_y: 2048
max_memory: 1024
max_file_size_image: 50
# Setting for Imaginary
max_allowed_resolution: 18.0
jpeg_quality: 60
square_sizes: 32 256
width_sizes: 256 384
height_sizes: 256
# Casings are important
# https://github.com/nextcloud/server/blob/master/config/config.sample.php#L1269
# Only the last part of the provider is needed
providers:
- PNG
- JPEG
# Logging settings
logging:
log_level: 2
log_file: /var/www/html/data/logs/nextcloud.log
log_audit_file: /var/www/html/data/logs/audit.log
log_date_format: d/m/Y H:i:s
# ClamAV settings
clamav:
# It will also deploy the container
# Note that this runs as root
enabled: false
stream_max_length: 26214400
file_max_size: -1
infected_action: only_log
# Notify Push settings
notify_push:
# It will also deploy the container
enabled: true
# Collabora settings
collabora:
# It will also deploy the container
enabled: false
# default|compact|tabbed
interface_mode: default
username: admin
password: changeme
dictionaries:
- de_DE
- en_GB
- en_US
- el_GR
- es_ES
- fr_FR
- pt_BR
- pt_PT
- it
- nl
- ru
onlyoffice:
# It will not deploy the container
# Only add the OnlyOffice settings
enabled: false
url: ""
internal_url: ""
verify_ssl: true
jwt: ""
jwt_header: Authorization
# PHP settings
php:
memory_limit: 1G
upload_limit: 10G
pm_max_children: 180
pm_start_servers: 18
pm_min_spare_servers: 12
pm_max_spare_servers: 30
opcache:
interned_strings_buffer: 32
max_accelerated_files: 10000
memory_consumption: 128
revalidate_freq: 60
jit_buffer_size: 128
# Do NOT edit below this line
workload:
# Nextcloud php-fpm
main:
type: Deployment
podSpec:
containers:
main:
enabled: true
primary: true
envFrom:
- configMapRef:
name: nextcloud-config
probes:
liveness:
enabled: true
type: exec
command: /healthcheck.sh
readiness:
enabled: true
type: exec
command: /healthcheck.sh
startup:
enabled: true
type: tcp
port: "{{ .Values.service.nextcloud.ports.nextcloud.targetPort }}"
nginx:
enabled: true
type: Deployment
strategy: RollingUpdate
replicas: 1
podSpec:
containers:
nginx:
enabled: true
primary: true
imageSelector: nginxImage
probes:
readiness:
enabled: true
path: /robots.txt
port: "{{ .Values.service.main.ports.main.port }}"
httpHeaders:
Host: kube.internal.healthcheck
liveness:
enabled: true
path: /robots.txt
port: "{{ .Values.service.main.ports.main.port }}"
httpHeaders:
Host: kube.internal.healthcheck
startup:
enabled: true
type: tcp
port: "{{ .Values.service.main.ports.main.port }}"
notify:
enabled: true
type: Deployment
strategy: RollingUpdate
replicas: 1
podSpec:
containers:
notify:
primary: true
enabled: true
imageSelector: hpbImage
envFrom:
- configMapRef:
name: hpb-config
probes:
readiness:
enabled: true
path: /push/test/cookie
port: 7867
httpHeaders:
Host: kube.internal.healthcheck
liveness:
enabled: true
path: /push/test/cookie
port: 7867
httpHeaders:
Host: kube.internal.healthcheck
startup:
enabled: true
type: tcp
port: 7867
imaginary:
enabled: true
type: Deployment
strategy: RollingUpdate
replicas: 1
podSpec:
containers:
imaginary:
primary: true
enabled: true
imageSelector: imaginaryImage
command: imaginary
args:
- -p
- "{{ .Values.service.imaginary.ports.imaginary.port }}"
- -concurrency
- "10"
- -max-allowed-resolution
- "{{ .Values.nextcloud.previews.max_allowed_resolution }}"
- -enable-url-source
- -return-size
probes:
readiness:
enabled: true
path: /health
port: "{{ .Values.service.imaginary.ports.imaginary.port }}"
liveness:
enabled: true
path: /health
port: "{{ .Values.service.imaginary.ports.imaginary.port }}"
startup:
enabled: true
type: tcp
port: "{{ .Values.service.imaginary.ports.imaginary.port }}"
clamav:
enabled: true
type: Deployment
strategy: RollingUpdate
replicas: 1
podSpec:
containers:
clamav:
primary: true
enabled: true
imageSelector: clamavImage
# FIXME: https://github.com/Cisco-Talos/clamav/issues/478
securityContext:
runAsUser: 0
runAsGroup: 0
runAsNonRoot: false
readOnlyRootFilesystem: false
envFrom:
- configMapRef:
name: clamav-config
probes:
readiness:
enabled: true
type: exec
command: clamdcheck.sh
liveness:
enabled: true
type: exec
command: clamdcheck.sh
startup:
enabled: true
type: tcp
port: "{{ .Values.service.clamav.ports.clamav.targetPort }}"
collabora:
enabled: true
type: Deployment
strategy: RollingUpdate
replicas: 1
podSpec:
containers:
collabora:
primary: true
enabled: true
imageSelector: collaboraImage
securityContext:
runAsUser: 100
runAsGroup: 102
readOnlyRootFilesystem: false
allowPrivilegeEscalation: true
capabilities:
add:
- CHOWN
- FOWNER
- SYS_CHROOT
- MKNOD
envFrom:
- configMapRef:
name: collabora-config
probes:
readiness:
enabled: true
type: http
path: /collabora/
port: "{{ .Values.service.collabora.ports.collabora.targetPort }}"
liveness:
enabled: true
type: http
path: /collabora/
port: "{{ .Values.service.collabora.ports.collabora.targetPort }}"
startup:
enabled: true
type: tcp
port: "{{ .Values.service.collabora.ports.collabora.targetPort }}"
cronjobs:
# Don't change names, it's used in the persistence
- name: nextcloud-cron
enabled: true
schedule: "*/5 * * * *"
cmd:
- echo "Running [php -f /var/www/html/cron.php] ..."
- php -f /var/www/html/cron.php
- echo "Finished [php -f /var/www/html/cron.php]"
- name: preview-cron
enabled: "{{ .Values.nextcloud.previews.cron }}"
schedule: "{{ .Values.nextcloud.previews.schedule }}"
cmd:
- echo "Running [occ preview:pre-generate] ..."
- occ preview:pre-generate
- echo "Finished [occ preview:pre-generate]"
service:
# Main service links to ingress easier
# That's why the nginx is swapped with nextcloud
main:
targetSelector: nginx
ports:
main:
targetSelector: nginx
port: 8080
nextcloud:
enabled: true
targetSelector: main
ports:
nextcloud:
enabled: true
targetSelector: main
port: 9000
targetPort: 9000
notify:
enabled: true
targetSelector: notify
ports:
notify:
enabled: true
primary: true
port: 7867
targetPort: 7867
targetSelector: notify
metrics:
enabled: true
port: 7868
targetSelector: notify
imaginary:
enabled: true
targetSelector: imaginary
ports:
imaginary:
enabled: true
port: 9090
targetSelector: imaginary
clamav:
enabled: true
targetSelector: clamav
ports:
clamav:
enabled: true
port: 3310
targetPort: 3310
targetSelector: clamav
collabora:
enabled: true
targetSelector: collabora
ports:
collabora:
enabled: true
port: 9980
targetPort: 9980
targetSelector: collabora
persistence:
php-tune:
enabled: true
type: configmap
objectName: php-tune
targetSelector:
main:
main:
mountPath: /usr/local/etc/php-fpm.d/zz-tune.conf
subPath: zz-tune.conf
readOnly: true
redis-session:
enabled: true
type: configmap
objectName: redis-session
targetSelector:
main:
main:
mountPath: /usr/local/etc/php/conf.d/redis-session.ini
subPath: redis-session.ini
readOnly: true
opcache-recommended:
enabled: true
type: configmap
objectName: opcache
targetSelector:
main:
main:
mountPath: /usr/local/etc/php/conf.d/opcache-recommended.ini
subPath: opcache-recommended.ini
readOnly: true
nginx:
enabled: true
type: configmap
objectName: nginx-config
targetSelector:
nginx:
nginx:
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
readOnly: true
nginx-temp:
enabled: true
type: emptyDir
targetSelector:
nginx:
nginx:
mountPath: /tmp/nginx
html:
enabled: true
targetSelector:
main:
main:
mountPath: /var/www/html
nextcloud-cron:
nextcloud-cron:
mountPath: /var/www/html
preview-cron:
preview-cron:
mountPath: /var/www/html
nginx:
nginx:
mountPath: /var/www/html
readOnly: true
config:
enabled: true
targetSelector:
main:
main:
mountPath: /var/www/html/config
nextcloud-cron:
nextcloud-cron:
mountPath: /var/www/html/config
preview-cron:
preview-cron:
mountPath: /var/www/html/config
notify:
notify:
mountPath: /var/www/html/config
readOnly: true
nginx:
nginx:
mountPath: /var/www/html/config
readOnly: true
data:
enabled: true
targetSelector:
main:
main:
mountPath: /var/www/html/data
init-perms:
mountPath: /var/www/html/data
nextcloud-cron:
nextcloud-cron:
mountPath: /var/www/html/data
preview-cron:
preview-cron:
mountPath: /var/www/html/data
nginx:
nginx:
mountPath: /var/www/html/data
readOnly: true
cnpg:
main:
enabled: true
user: nextcloud
database: nextcloud
redis:
enabled: true
username: default
portal:
open:
enabled: true
updated: true
ingress:
main:
required: true

0
stable/actualserver/10.6.1/.helmignore → premium/nextcloud/29.7.1/.helmignore
View File

99
premium/nextcloud/29.7.1/CHANGELOG.md Normal file
View File

@ -0,0 +1,99 @@
---
title: Changelog
---
*for the complete changelog, please refer to the website*
**Important:**
## [nextcloud-29.7.1](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [nextcloud-29.7.0](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [nextcloud-29.7.0](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [nextcloud-29.7.0](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [nextcloud-29.7.0](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [nextcloud-29.7.0](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))
## [nextcloud-29.7.0](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.0) (2024-03-17)
### Chore
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))

53
premium/nextcloud/29.7.1/Chart.yaml Normal file
View File

@ -0,0 +1,53 @@
annotations:
max_scale_version: 24.04.0
min_scale_version: 23.10.0
truecharts.org/SCALE-support: "true"
truecharts.org/category: cloud
truecharts.org/max_helm_version: "3.14"
truecharts.org/min_helm_version: "3.11"
truecharts.org/train: premium
apiVersion: v2
appVersion: 28.0.3
dependencies:
- name: common
version: 20.2.2
repository: oci://tccr.io/truecharts
condition: ""
alias: ""
tags: []
import-values: []
- name: redis
version: 13.0.5
repository: oci://tccr.io/truecharts
condition: redis.enabled
alias: ""
tags: []
import-values: []
deprecated: false
description: A private cloud server that puts the control and security of your own data back into your hands.
home: https://truecharts.org/charts/premium/nextcloud
icon: https://truecharts.org/img/hotlink-ok/chart-icons/nextcloud.png
keywords:
- nextcloud
- storage
- http
- web
- php
kubeVersion: ">=1.24.0-0"
maintainers:
- name: TrueCharts
email: info@truecharts.org
url: https://truecharts.org
name: nextcloud
sources:
- https://github.com/nextcloud/docker
- https://github.com/nextcloud/helm
- https://github.com/truecharts/charts/tree/master/charts/premium/nextcloud
- https://github.com/truecharts/containers/tree/master/apps/nextcloud-imaginary
- https://github.com/truecharts/containers/tree/master/apps/nextcloud-push-notify
- https://hub.docker.com/r/collabora/code
- https://github.com/truecharts/containers/tree/master/apps/nextcloud-fpm
- https://hub.docker.com/r/clamav/clamav
- https://hub.docker.com/r/nginxinc/nginx-unprivileged
type: application
version: 29.7.1

0
premium/nextcloud/29.6.0/LICENSE → premium/nextcloud/29.7.1/LICENSE
View File

0
premium/nextcloud/29.6.0/README.md → premium/nextcloud/29.7.1/README.md
View File

15
premium/nextcloud/29.7.1/app-changelog.md Normal file
View File

@ -0,0 +1,15 @@
## [nextcloud-29.7.1](https://github.com/truecharts/charts/compare/nextcloud-29.6.0...nextcloud-29.7.1) (2024-03-17)
### Chore
- update container image common to v20.2.2[@f7d0b92](https://github.com/f7d0b92) by renovate ([#19432](https://github.com/truecharts/charts/issues/19432))
- update container image common to v20.2.0[@91ade87](https://github.com/91ade87) by renovate ([#19361](https://github.com/truecharts/charts/issues/19361))
- update container image tccr.io/tccr/nextcloud-fpm to v28.0.3[@4e4a3ae](https://github.com/4e4a3ae) by renovate ([#19288](https://github.com/truecharts/charts/issues/19288))
- update container image redis to v13.0.5[@01c1933](https://github.com/01c1933) by renovate ([#19324](https://github.com/truecharts/charts/issues/19324))

Some files were not shown because too many files have changed in this diff Show More