From 5629800c2fdb6e892957f5993320081e325d4630 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Mon, 15 Jul 2024 18:15:48 +0000 Subject: [PATCH] Use the library for vaultwarden (#4) Reviewed-on: https://git.badhouseplants.net/softplayer/softplayer-apps/pulls/4 --- .gitignore | 1 + .woodpecker/.helm-workflow.yml | 1 + charts/mealie/Chart.lock | 6 +- charts/mealie/Chart.yaml | 4 +- .../charts/softplayer-lib-workload-0.2.0.tgz | Bin 5377 -> 0 bytes charts/mealie/templates/install.yaml | 1 - charts/mealie/values.yaml | 12 +- charts/team-fortress-2/Chart.yaml | 2 +- .../charts/softplayer-lib-workload-0.1.8.tgz | Bin 5172 -> 0 bytes charts/vaultwarden/Chart.lock | 6 + charts/vaultwarden/Chart.yaml | 10 +- charts/vaultwarden/templates/NOTES.txt | 22 -- charts/vaultwarden/templates/configmap.yaml | 46 ---- charts/vaultwarden/templates/deployment.yaml | 96 -------- charts/vaultwarden/templates/ingress.yaml | 61 ----- charts/vaultwarden/templates/install.yaml | 6 + charts/vaultwarden/templates/pvc.yaml | 15 -- charts/vaultwarden/templates/secret.yaml | 38 ---- charts/vaultwarden/templates/service.yaml | 15 -- charts/vaultwarden/values.yaml | 208 +++++++++--------- 20 files changed, 143 insertions(+), 407 deletions(-) delete mode 100644 charts/mealie/charts/softplayer-lib-workload-0.2.0.tgz delete mode 100644 charts/team-fortress-2/charts/softplayer-lib-workload-0.1.8.tgz create mode 100644 charts/vaultwarden/Chart.lock delete mode 100644 charts/vaultwarden/templates/NOTES.txt delete mode 100644 charts/vaultwarden/templates/configmap.yaml delete mode 100644 charts/vaultwarden/templates/deployment.yaml delete mode 100644 charts/vaultwarden/templates/ingress.yaml create mode 100644 charts/vaultwarden/templates/install.yaml delete mode 100644 charts/vaultwarden/templates/pvc.yaml delete mode 100644 charts/vaultwarden/templates/secret.yaml delete mode 100644 charts/vaultwarden/templates/service.yaml diff --git a/.gitignore b/.gitignore index c6d1387..1724783 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ bin custom +*.tgz \ No newline at end of file diff --git a/.woodpecker/.helm-workflow.yml b/.woodpecker/.helm-workflow.yml index f8b394f..cde5f42 100644 --- a/.woodpecker/.helm-workflow.yml +++ b/.woodpecker/.helm-workflow.yml @@ -70,6 +70,7 @@ steps: --password $REGISTRY_PASSWORD - | for chart in $(find charts -maxdepth 1 -mindepth 1 -type d); do + helm dependency update $chart helm package $chart -d chart-packages; done - | diff --git a/charts/mealie/Chart.lock b/charts/mealie/Chart.lock index 0254eb0..f119929 100644 --- a/charts/mealie/Chart.lock +++ b/charts/mealie/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: softplayer-lib-workload repository: oci://git.badhouseplants.net/softplayer - version: 0.2.0 -digest: sha256:e6bf909ead48b331a49921e1cf504791fb5ec0a80561d797ae06c7a44ad8a9cd -generated: "2024-07-15T08:45:21.509772+02:00" + version: 0.2.1 +digest: sha256:a3a4a69717a3549841454a0e27a1a9114ea8a03543caf5c0c9a184d5a98f36b4 +generated: "2024-07-15T19:51:29.734002+02:00" diff --git a/charts/mealie/Chart.yaml b/charts/mealie/Chart.yaml index af954f1..36d0c45 100644 --- a/charts/mealie/Chart.yaml +++ b/charts/mealie/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mealie description: A Helm chart for running Mealie type: application -version: 0.1.0 +version: 0.2.0 appVersion: v1.10.2 maintainers: - name: allanger @@ -10,7 +10,7 @@ maintainers: url: https://badhouseplants.net dependencies: - name: softplayer-lib-workload - version: 0.2.0 + version: 0.2.1 repository: oci://git.badhouseplants.net/softplayer annotations: allowed_workload_kinds: "Deployment" diff --git a/charts/mealie/charts/softplayer-lib-workload-0.2.0.tgz b/charts/mealie/charts/softplayer-lib-workload-0.2.0.tgz deleted file mode 100644 index 929b4895114e94533d5fa3b060a882a9e81d4957..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5377 zcmV+c75?fUiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<$bKAIf`9|FlAGx2Y7`@I0Y1jC|Y3pZ!;7u_Tz#Dl3=cSkOn@mmkzeZt-*?tH>8~zU}_m*(OC{EzeJB7{x& z&+#e=5yz~5y~JUHDf4*pNKv2#|HtEr#s5cx@#O4?|A$ET_x)4n-RA^F0q`Z3;yA=} z`7EV+&pGWsJUI9FJqYleL>OH4UX*m9SLC5Id?c$+>3mK;gWGdKw}qoXJUVi0mlPw80p&f+(=fb)-%}KlIT6Q^B$1=`od3eA zZCRd+9>ho)%&?DAhJnQ^41Y^!m`0dmrsg^)I1CsdiXkK`!f_x@JA6qPoXqazI=ub( zNt7kg0$76muIId;1H~amOfQ%p%X1G?OQzlt4!0x>#lcA(n;0NDcs<&NWfdjLOH1bY zN@kh)YU(15`P-~^$nthNa^%y$Zoi$y81pqyjd(w)1yXghah6{0IJkt8h|j_O3+w%b zxmH`M)9rz){;>pd#$F2S(5FqYk8(dXaHvutn&GfJ z5VVxx=IO}NZ&cxrO|++6%=1;(7WqH1CRPDo~+*k^Br=>jXkMLqJ{82C%9E5!YC|zgL+&|03z><$r_{&YD#a_$v!HVwF{0^TVNNLH;1%zSA&6WWul|l! zVL|3jNEG1D;K8sf+vviVf))nE=g>9!NWzv@M(wTeSk+a#V~kHUUlbF>PdvBn{}%Y4 zy?ZnbXv6=r(S?Qo!@=1R{|}N({WKTKsJgZ!Fg_8LuW1cS%z>~RqiK0iCQezD)=em@#>@2Em+6j<|9L= z3!NLt$$~`lj(3R?G$SG51T*i=)q8y~WZr)w25vt7xW68vFj=Bu|Gk=v9MsR3SFSpG z75CmXbsRx7reM{ql7`w)$6EeX`XDtr% zim`u@L^k3ulJ7ooN}@#!876ik^dhgZHND9umk?5!B>p`zr1}c z{{Qm!&x!wj9L>ps^{;WXe%u{UEB;>$ZTWvVI^O>rB-!|{cH6_zx*g$hwB9RLVRkhhrh^ zm+^l*8V`^7e~47o{~78ouh?%%3qai#z=^8Sh10&Nf)iL;(Y_T;lv)@Xm0^xZ2=1n; zK8j@XGYoi@@H;qJ;;?C~U0dy#_1ZVOEs9S!lDN9j*z>S%!Z)mAEseO$ay6N_F4>8Ba}hZ&JrRw~TQJJYa-9awDDz4TQQ9YL ztUa>(66cop3|w{6a77zN@v-Jn06oYjauw%Re*ylSStfLHs$90f(u3$EU2r*~3(Q4* zSMd~pgvLDfaKLDk_>8ahWes7;VnpCmfY2^%mf? zl0_S!$ZV|yOtRMBNEE!*&yr#Z0MqT&id8**Ghb8}uoY9up=%(^?oh}ZS%>c;PVb~< ztLWcoVqySiF1Z*gg}mFM`G^6131eE0HCugO%~N^m+frBl0JU9@n=rauM)BkzUs2?7XUgtZ?qxr zspr5NNpB+^>Yu{{z*^BCSE?9x%BHKjC><#i@k=rAsYx8xUH#>}3d2cr-w}vNs!eSFck& zn3{OeKZPIp64P74FmM%(00n{CD;)WlK|m<>d3XmWWUlqJte>lfm3L1RbI?u!CEtxQ z^A^j|r1h3s>e@w>7c%hhFf}x_@={le9>Yna5IWf`JRDpy>7Rl;&M>oPBZaWfQ(Fiu zj`u$YN%z+MZ(vzhzk=RAlJg3FUScR( z7qZtZC1D`7J0z0)c!|SR9^K~^B+A3qUt<3zlfEQiqR;}&8De;ELp86UQIfF!Ix`0= zOwV_@1@_9fz^>c1jm!`@PBl1Zrgv12BRbXA0$aP zQUK|@C67ZADKUk4Obv9^zOWVdjST9&C1T4~QK53j`Yu{G-wJ1kiULHv2=hLU*7A&@ z1a4*jqzokrdr9~LY>7r^=PX@mjbR}yR1V3NVSO*nT6P_nR0BPBX!Rr8NsOydk=o7J zJ53jTJ&BrE$c$)lZ-bPUw%~yDq$fUN>JHStRnBq^&%2>K+-1(*Q>ErX++Qlc?`i3t zIY)%51AH#jp4%?-Wrpizi&3gH0_&c*iiEXIY(T}VkeE_7ZZ*A7&rF@~OFSx{U}#J% zGG`{Lpu#7twv`&1q1olTXzfDBRA;!~E4^x`WNp^1cB_o3D}CA5&8%{JUAY`+YQtFJ zb*6YM*WRwOX;1T*`nFw0rHw6!Mw$Na#{c!?cN78I`2YCAw*MNPoez%u{}8E04^Ri} z?K*&%!io5kU+Ad|n!;Gz(Asw^2BZd~l`KkkJk3;6@8^&;NSGdQ@LFlzB{NCZel{SD zMf1u~YVNc$oNKcFs;N4zyCRSrKf9Dtcc0=2!8ne%n)GFe$SR|WzWDJ`R(4AY)UAzW z-F)ax*9Jvy?ae`DmCOx##7Z?(->_P;M&54O2d0)Vw$F5{iB@24+bLEmZkU`XYcjyO zZNFS|VJ|Hdpe|SE&<3EhX=g0V;2TAr>LT|Ebdn4Jj zP?y`A??*u-jUz;k$Q|>g@`f_s)C7;RYq)lJGm3{ACD5`cUxj)v0NwrnI=2pUyyTa*1*eeh8Cz{5SY zU;p^*_}@J3SfR{7zKS10ceQHG&hX=VSYLy z!t$jmldE}*!0+ms-^$M$v+F%eptS#|sh$2)blbnC==Ry@|6pW)|4Y#SL6S}X^(MQ|bS%%lOt#OXc^!a0i;09y zy`Ss^mKiu`7II<*!|8hbF3~hfefi$-T*xPz7b)MjstT83$~dO)uk0Ju!mVLTFNX5j zAD|kb$d1@o4(X%K{cJ-?tsh9TutS}-EMMdlVTH2%;!RQA3^XK~(7#{KuHsusyVL*O zFM(R+|B)^KkA~+*`hSqrK>ynf0JDPoJq8@v&3@R;HY(tP?{wC+tVYnbxcKV;cx|Ts#AE5?rq5q@Fr1Jg0^Wo9{`ygq51os0X5oEvu`YU^TBaGTl z{fgoQQ49z;T1X#t8OJGei3ACv-~hb)j8;jArRQ%=Jm}mhl%qvXJqzn0w=g;=EQ;Kp zMOp8?!UD9A9}BFQ{?vAmJD!&vu?yEZ?`O0Cv$LYcu;Rxg$`<*y_fnp15^dAD)$GPl z>01u+B`=$zi6UCN=thj(Xl<1;8KONwj2Yk2S4$#8w%be7bt|qq8=T-RAD-MEtAGmu z4GIR-$Ng;p*#RY6u+%yb^)`^88{7;FCzgV|rKl66StzK`wzD*i{;aS8+&uZBVDmB>7vz!`^)p-l98J4)AKjnOY3F zE^0w`gfg{5PlU6VCezQBcH#e-1O1-;zeeNA{m*E8apeC8NfOxqU54&Jki-FGo1A^0 z8(QgFC9c9FzZ7D%(-41Ue*()dj6@5`9x{4l&;7L+E8!5tm_`50rF0{C%3YkkE)I!l z5+IJ@A8j-G$NqwvlpCH(SEuL=`-NdTh2dZ@$lmCSjj?()&wh{8Z-#w8UL{vFo|6zO zV;yz0`zeh$S>d;8WvbLUi^{&sCKkaeE90;Kz>#e-u(c2Hj!`cS6evW=-4UVrI~f}= zqGl;1iYOehm$N3eVrlF3zRGV~Us19qAzt8j%txWT&6>g-g$z3YzVQ`JweJCqbI0!< zy!qjWich85@eM;VKETqjo6o$LFHKFqz0}12y(JD;WD&&_Ke>-K`>(U{S(*P2&xdD6 z{qI52E4V_OV;V6bNUIHp+a-=vJTJi^6Xf5Z1!i8ZRZSD6f@4b@hOh|ZnF@?0<7iVX zXw6#4=X`0rM^WIsf(S1pC4!TL;yL+@Rmd>-r>+M-M&TXAk*q0(1VWwK6^okbjdVAftOY zryjdaoKtUxZk$t(uf%gq$-+7PU*{G4iYSRw2Jhd#V~&^5_&4lx$0GqoeN~*szd7ET f`Eh{zM{;yb$8=0zbNask00960n;Dic0HOc@k`AN7 diff --git a/charts/mealie/templates/install.yaml b/charts/mealie/templates/install.yaml index 55acfe8..6f903c9 100644 --- a/charts/mealie/templates/install.yaml +++ b/charts/mealie/templates/install.yaml @@ -2,6 +2,5 @@ {{ include "lib.service" . }} {{ include "lib.ingress" . }} {{ include "lib.config.env" . }} -{{ include "lib.config.files" . }} {{ include "lib.pvc" . }} {{ include "lib.raw" . }} diff --git a/charts/mealie/values.yaml b/charts/mealie/values.yaml index c2ea521..9864b19 100644 --- a/charts/mealie/values.yaml +++ b/charts/mealie/values.yaml @@ -66,6 +66,7 @@ storage: - ReadWriteOnce env: environment: + enabled: true sensitive: false data: ALLOW_SIGNUP: true @@ -77,10 +78,11 @@ env: BASE_URL: https://mealie.softplayer.com DB_ENGINE: postgres secrets: + enabled: true sensitive: true data: - POSTGRES_USER: mealie - POSTGRES_PASSWORD: mealie - POSTGRES_SERVER: postgres - POSTGRES_PORT: 5432 - POSTGRES_DB: mealie + POSTGRES_USER: ~ + POSTGRES_PASSWORD: ~ + POSTGRES_SERVER: ~ + POSTGRES_PORT: ~ + POSTGRES_DB: ~ diff --git a/charts/team-fortress-2/Chart.yaml b/charts/team-fortress-2/Chart.yaml index 90e445b..1979195 100644 --- a/charts/team-fortress-2/Chart.yaml +++ b/charts/team-fortress-2/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: team-fortress-2 description: A Helm chart for running a Team Fortress 2 server type: application -version: 0.1.1 +version: 0.1.2 appVersion: "latest" maintainers: - name: allanger diff --git a/charts/team-fortress-2/charts/softplayer-lib-workload-0.1.8.tgz b/charts/team-fortress-2/charts/softplayer-lib-workload-0.1.8.tgz deleted file mode 100644 index 123ec15f962d69de595168a997d0c0b8827170e0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5172 zcmV-46wB)$iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PH<$Z{xO>{j6VcR^wvh>{xy#xiD~noy|;l2e;D(owkdM#UhuM zXq$~JsU+o0n#un51s{?qO0w+4ab|AK4~Z^CU!fnD#<4>)pomCX7+g zzg!~9y*soDzj<;R3*^~Q95=zLgm@*PaQ&^9j05hMGgv;M=AS5%2=pFDFW*8_=84dvXK8+cJ z0(8I^(88P*A`wR)g=g*j0@Spihyh7e@ERG)EM;rc6MiUGFFD7T_NBloTx_1Cv6a+-Dd=y^MIKh+? z%-ku=QONLXQ6Mp2iz)!Fq8$0}Et-*qIN>37r+NJ%<1Uf!x?zua`JXFl8Q39w`d6;Qx3$vH1UJFg_a`@&6F%{=R?ey!(`(C;-01QXGeP zE}x}T?>VRahX?2Wz6SxGlL&*W-iwkh^ol%`h8#R~aQs0u+LcPvG`k&~4!;5RZ-=+a<+_V?cQi^E3?a;P(`TWKP6!BuV6`J?Fo% zYFn1)q6aZj1~crVlwn};3d7&h8Kx2Dn5ntW2@V4Wh++uIif|l=(+*z}1}C#SxejlC z_$bPfXaOw2e%Eu}&w=6)Bc>P3kL9_CsU=hI2!~q|hT`C)j!g`Z9K0TF!?KDJ<)tO_ zd?mBYd^L5E#{6woJ7jq~9XaypU$@`RVvPA3s7Ab>)B>rx**HrtcN|_EGMq1`bs!L^B*V?y3A+Y^XgEbB)!rK9a*{pyIUb zV{re?1^3$B9ev`}Dvs3nSkw4at{UJHhbxaQ`!Z(=_xC^|KTHFAGM?(r&Sf~nK9A}5 zx=GJ~5Iwm!Ns`U);lV*k;@#vp>5;gfAM5Y$YpQ&P-_w|5YqHf=RwzOX9Q0;)s-X;8 zK4Q8izFl7})<-?~mgTbN*sC3Y(qvRuNFldZKWY*&jv^nI$84fd9i-ZXo9Q_s-;dLX z3xbw1+&mpw`i(05Llf;O7xR48wMG6J}$~L<2xuAss@i}yjK9aDdl~H>uJXUqp?ik|}%@@T4@e|K&`@aSL zXYU?O1KRNaY;CpZ0T5-liZ?3%_Y$Jg9XS`|aB{C{Ng|FiM< z?1=w|NH#v|ZT2d=Tp$}ok>ETxuc5OR{47JbtSa}DpF}N|YZd&I@p$!v)-71a-{vDj zrwg4M$jO34^Nx3k5;P+r;RG}9&DDE-Fl63;AqH+f{+a!R5_7dp^Rc(&p9c6uuQr@=Gf|B?S6ByETPX|MzSr@f3@2lj@Io6kE8WoQM_b} zHq0WnMoUEm$Phsb!9P0;^><=$RooPuEsk-`zeTw-W@n53#+oHDulWz%M ziV2HmwT@kr2G1Z4TM>gTsKE~SKPMr6)Gctk{%>UC|73E!|2;@*z<;^d?G!*3JJNu! zm^Ff=N|9FY**O;vpq$>wJm@G9YVaI(Z<(^$K<+A-_3Z**G}pKc^^ zb)&K8VcmppSjSo#ahc_6GI3+PdMgP_XWebWduwh@6SsEE*}U&0BK&fvy{{}+xrv6o zFBh^lqG2DbhK+VdU&&sK%G>b7y)x#rVVio8+aq|TISNz(C^0qNM-}ovVn3yX-{lMD zmDUD6LzEw0d+qI#65T_A;`oM9t{*K100}VYSYaC(5u4p`~z`@R~ zQH%nzzvhJOz|&;A#vY67HSpU)kEQsSm9B6r&HiNO6a=;OYSmBeJoM=^Qkb;WbVSkm zxrm&Xo`}ZgEg0oxxlRLTlzAnFDD4wA)*jh?iF3<)2Ch13xS|cC_*nBOfF9%%xr%eE zzW{&AEE768RW4g#=|OaoF1Q@g1?Hl@t9S}PLSr8Larn3fv)VPrpz3fbjUG$-QY}w* z5)%$GESxlN^>{NRj5cTQ6OPK1dJAw`$)XKVWVTiUCRyumBnn>ZXGyUHfa&&X#j2jZ znJ=mf*ovv-&^3@{cPQkItiyK^r+1=9qkp4`i24m&JeJO`bapm?vwQ#mI=j+jQLT2_&NeLR zRc~U5`6y*6EWv;-Qt zQ&MKmxwU`h5O2<*!ewttgBaT+yNLyg?m9Q!Qsv2xl}jqp8dUB9lbi4po|jdeS_n|O z)FQV5p_R*Ch9HGU1GFo9vw?T@I@N=zi5LA-_>nI$y(J6-SJ4Pi5U9Pvk&hV!gkqnE zcW^@HT2IURxoTK>_e3!V?G#Y*-6%6}u^dfWZ>goOT~vYcB6DhJYUQP_7CnZOMj>>v zS$H_OWYRwcd7NQp%|;4gpQpAESjtuE(7jwjuBlzCMa(xRIoKOHw2q=%%(YabZmOjM zYNq8nFEY{cv384jnicA%Y38e0mTElHBwt#${xziC?tcum!t?S}ti zbh}%CwBY~f;@r0X7!5{8{69#NZlnOxcS|0JBvN7u^Ozdws(oQA?i(4@drQQYt)fEZ zj`dx%ZoU=H4iyE6dJ*P*9IfRULkZkc^wx$Fg}o$v2DU__vvZcNw8pRy7AlA2%CNqZ zW-Yr8Osat%JGA8i93BTt&j#CN`jA zR!B@K8@HNXsAs0m_az>cPcSql7MU{>RZ!s*R@+Jq&Cu-fU9@(gW2!UU@04D(Q?fSe zR=ZWk)Rn&M>t)K~{E43e>HQW!-$}P1goRZtcxMWtGegdc;aKRNt^#vPRx+*$1YU zFt*QhtBF=%ZrdqVDsGsZC~Gpnxoy8(bL9kDIiEp^7DPV80iMESG|;bAAq_p{>#1E} zN3UA0|A#{VKP@Tv-6sHO{nkvZ1%KSeHfX%JS9rfP?fnu`JO9tbwf^-CG5j3 zpP!v3)u36$Z1ei2a&Fh~DPMis1^?AT?_K{lxR}`T|L|gbjQ@R*v`vt}3Z@<71h&Kp zY}5w5NT|R~``?cLQ7ofC$$!t||2-L2{6B~1NB_@*B%A-sZB}r4dU^^Pta3FWoSvRK zmpRItp-UegR0h=GrGdw9lBA`C^!PALhC6lfrX=~Peo&-O@q#c;@1*?llM$o06-{1x zCtfDCR@>WMSs7f_X%6@3cCJIu6kg`Y_c3E1 z;z0TG0~jx+^}gqmGVKJQSjF7b*FF^go?^!HOCSv~*_|jOf0&`eBP?I4GM6D@Ou|wT z_*Y%?SowKlcD-i_l=DxT+UY+-v1mV+4P^H+frD~{PLBe zTjO>`a|Sb0(Q%P^!V^I(I$ba{`GbmD$Hc~i*g73kHEn_aGvxQL#ouR&|2sSz+VQ^z z=jX@xe+Nkw{GXvM1VB-0Z_-~S?vI2ul=5Xv$sh8-=iU58seCdSNpXG}hggO8wJj>2 zA|TN;)N)VOg?v+IrJm`Ov+F(cvjhzhjj~umX3_nPU36%!(2PU@i5B@HZN1F<6E{=& z9e_TIGk{IK zpX>yX87^uTa$*HT=z9Dv(KJeZ`Pi^r%_o}|Dc`rM3YTHZIHvEf>>Jg>taVE(*7DgO zpc7dO$Y(p8XA4syW6P>jzU*r^FC9?eDO;OzpG$ESMzZ*3HFO7CzOxm6P z?|uo?D*umc`F}LLIMV-vqz3w5e7U1h2doS3_ZVRJZfdxRReh5nBwlZyS{`SAGt?}McM5!?@mM34as=&vm8 zjWB9I#Vd*vL@^-XXd!(RWgL&pB?csjf&=jG6Ivx9mY!cV@j!E@AdVI}^(?H1+`{Of zuqbkW7G=Hn3JcIeek`hD`cvCM?s!;s#4B7Uyr0nm%+87$!-^fdC|l&)*6Vq;NwiJp zCbJturEfV%maMFcCW>giq8l-CqqSAaWQg7bF=l*6SuKeS*=sLN*R7apZ*YRNY`AlK ztO70sG$v2g+SVfHwX=uH65O#urEae~=`B{XeAZHi9G$ zAlu~Z`>fDP*D8LskBk&=wbS5#zdwQH7e=CmWDglVvgiIsYM%WbsoxCye!NPq zXgnt&R>nH&X!lbZak9d1)yh<_^izT z#qs~B|2;^01y_i3Od}=)X|>^SyTp--=OQ>{g8Un_z|70Fs%fHBaBPXg5EfxPQ-M)r z994=1tyv5CoG*>{C<>fc5aETSL~xQ&JSU&93K;|c()HlSD7=F>k~PJUK*;kUiLmE* zZ$Dmt?d1C{i2~6@^8`v zq<6P->ap9zIrV1f#yR!)N<7DuES%H-b6&x(h>|#E@c!*P=6DH>f5Sd^JQ85kSH)@k io8zsS9|yR9BuB?|Ovm&kr~eNC0RR7>oyu|moB#kQV>L$r diff --git a/charts/vaultwarden/Chart.lock b/charts/vaultwarden/Chart.lock new file mode 100644 index 0000000..ba38602 --- /dev/null +++ b/charts/vaultwarden/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: softplayer-lib-workload + repository: oci://git.badhouseplants.net/softplayer + version: 0.2.1 +digest: sha256:a3a4a69717a3549841454a0e27a1a9114ea8a03543caf5c0c9a184d5a98f36b4 +generated: "2024-07-15T19:54:46.672967+02:00" diff --git a/charts/vaultwarden/Chart.yaml b/charts/vaultwarden/Chart.yaml index c265afe..4c54ce8 100644 --- a/charts/vaultwarden/Chart.yaml +++ b/charts/vaultwarden/Chart.yaml @@ -2,12 +2,18 @@ apiVersion: v2 name: vaultwarden description: Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs type: application -version: 1.2.0 -appVersion: 1.30.5 +version: 2.0.0 +appVersion: 1.31.0 maintainers: - name: allanger email: allanger@zohomail.com url: https://badhouseplants.net +dependencies: + - name: softplayer-lib-workload + version: 0.2.1 + repository: oci://git.badhouseplants.net/softplayer +annotations: + allowed_workload_kinds: "Deployment" sources: - https://github.com/dani-garcia/vaultwarden/tree/main keywords: diff --git a/charts/vaultwarden/templates/NOTES.txt b/charts/vaultwarden/templates/NOTES.txt deleted file mode 100644 index 4dd323d..0000000 --- a/charts/vaultwarden/templates/NOTES.txt +++ /dev/null @@ -1,22 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "vaultwarden.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "vaultwarden.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "vaultwarden.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "vaultwarden.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT -{{- end }} diff --git a/charts/vaultwarden/templates/configmap.yaml b/charts/vaultwarden/templates/configmap.yaml deleted file mode 100644 index 079aa18..0000000 --- a/charts/vaultwarden/templates/configmap.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - DOMAIN: {{ .Values.vaultwarden.domain | quote }} - {{- if and .Values.vaultwarden.smtp.host .Values.vaultwarden.smtp.from | quote }} - SMTP_HOST: {{ .Values.vaultwarden.smtp.host | quote }} - SMTP_SECURITY: {{ .Values.vaultwarden.smtp.security | quote }} - SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }} - {{- if .Values.vaultwarden.smtp.authMechanism }} - SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }} - {{- end }} - SMTP_FROM: {{ .Values.vaultwarden.smtp.from | quote }} - SMTP_FROM_NAME: {{ default "Vaultwarden" .Values.vaultwarden.smtp.fromName | quote }} - SMTP_DEBUG: {{ .Values.vaultwarden.smtp.debug | quote }} - SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.acceptInvalidHostnames | quote }} - SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.acceptInvalidCerts | quote }} - SMTP_USERNAME: {{ .Values.vaultwarden.smtp.username | quote }} - {{- end }} - {{- if .Values.vaultwarden.websocket.enabled }} - WEBSOCKET_ENABLED: "true" - WEBSOCKET_ADDRESS: {{ .Values.vaultwarden.websocket.address | quote }} - WEBSOCKET_PORT: {{ .Values.vaultwarden.websocket.port | quote }} - {{- end }} - DATA_FOLDER: {{ .Values.vaultwarden.storage.dataDir | quote }} - ROCKET_PORT: {{ .Values.vaultwarden.rocket.port | quote }} - ROCKET_WORKERS: {{ .Values.vaultwarden.rocket.workers | quote }} - SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPassHint | quote }} - SIGNUPS_ALLOWED: {{ .Values.vaultwarden.signupsAllowed | quote }} - INVITATIONS_ALLOWED: {{ .Values.vaultwarden.invitationsAllowed | quote }} - SIGNUPS_DOMAINS_WHITELIST: {{ .Values.vaultwarden.signupDomains | quote }} - SIGNUPS_VERIFY: {{ .Values.vaultwarden.signupsVerify | quote }} - WEB_VAULT_ENABLED: {{ .Values.vaultwarden.webVaultEnabled | quote }} - {{- if .Values.vaultwarden.logging.enabled }} - LOG_FILE: {{ .Values.vaultwarden.logging.logfile | quote }} - LOG_LEVEL: {{ .Values.vaultwarden.logging.loglevel | quote }} - {{- end }} - DB_CONNECTION_RETRIES: {{ .Values.vaultwarden.database.connectionRetries | quote }} - DATABASE_MAX_CONNS: {{ .Values.vaultwarden.database.maxConnections | quote }} - # ------------------------------------------------------------------- - ORG_GROUPS_ENABLED: {{ .Values.vaultwarden.organizations.enabled | quote }} - ORG_EVENTS_ENABLED: {{ .Values.vaultwarden.organizations.orgEvents | quote }} - ORG_CREATION_USERS: {{ .Values.vaultwarden.organizations.crationUsers | quote }} diff --git a/charts/vaultwarden/templates/deployment.yaml b/charts/vaultwarden/templates/deployment.yaml deleted file mode 100644 index 9eca719..0000000 --- a/charts/vaultwarden/templates/deployment.yaml +++ /dev/null @@ -1,96 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -spec: - replicas: 1 - selector: - matchLabels: - {{- include "vaultwarden.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }} - {{- end }} - labels: - {{- include "vaultwarden.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - {{- if .Values.vaultwarden.storage.enabled }} - volumes: - - name: data - persistentVolumeClaim: - claimName: {{ include "vaultwarden.fullname" . }} - {{- end }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: http - containerPort: {{ .Values.service.port }} - protocol: TCP - livenessProbe: - exec: - command: - - sh - - /healthcheck.sh - readinessProbe: - exec: - command: - - sh - - /healthcheck.sh - resources: - {{- toYaml .Values.resources | nindent 12 }} - envFrom: - - configMapRef: - name: {{ include "vaultwarden.fullname" . }} - env: - {{- if or (.Values.vaultwarden.smtp.password.value) (.Values.vaultwarden.smtp.password.existingSecretKey )}} - - name: SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.vaultwarden.smtp.password.existingSecret | default ( printf "%s-smtp" ( include "vaultwarden.fullname" . )) }} - key: {{ default "SMTP_PASSWORD" .Values.vaultwarden.smtp.password.existingSecretKey }} - {{- end }} - - name: ADMIN_TOKEN - valueFrom: - secretKeyRef: - name: {{ .Values.vaultwarden.adminToken.existingSecret | default ( printf "%s-admin-token" ( include "vaultwarden.fullname" . )) }} - key: {{ default "ADMIN_TOKEN" .Values.vaultwarden.adminToken.existingSecretKey }} - {{- if ne "default" .Values.vaultwarden.database.type }} - - name: DATABASE_URL - valueFrom: - secretKeyRef: - name: {{ .Values.vaultwarden.database.existingSecret | default ( printf "%s-db-creds" ( include "vaultwarden.fullname" . )) }} - key: {{ default "DATABASE_URL" .Values.vaultwarden.database.existingSecretKey }} - {{- end }} - {{- if .Values.vaultwarden.storage.enabled }} - volumeMounts: - - mountPath: {{ .Values.vaultwarden.storage.dataDir }} - name: data - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/vaultwarden/templates/ingress.yaml b/charts/vaultwarden/templates/ingress.yaml deleted file mode 100644 index d12ebf3..0000000 --- a/charts/vaultwarden/templates/ingress.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "vaultwarden.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} - pathType: {{ .pathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/vaultwarden/templates/install.yaml b/charts/vaultwarden/templates/install.yaml new file mode 100644 index 0000000..6f903c9 --- /dev/null +++ b/charts/vaultwarden/templates/install.yaml @@ -0,0 +1,6 @@ +{{ include "lib.workload" . }} +{{ include "lib.service" . }} +{{ include "lib.ingress" . }} +{{ include "lib.config.env" . }} +{{ include "lib.pvc" . }} +{{ include "lib.raw" . }} diff --git a/charts/vaultwarden/templates/pvc.yaml b/charts/vaultwarden/templates/pvc.yaml deleted file mode 100644 index f5463e7..0000000 --- a/charts/vaultwarden/templates/pvc.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if .Values.vaultwarden.storage.enabled }} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{ .Values.vaultwarden.storage.size }} - storageClassName: {{ .Values.vaultwarden.storage.class }} -{{- end }} diff --git a/charts/vaultwarden/templates/secret.yaml b/charts/vaultwarden/templates/secret.yaml deleted file mode 100644 index 6b88f00..0000000 --- a/charts/vaultwarden/templates/secret.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if not .Values.vaultwarden.adminToken.existingSecret }} ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "vaultwarden.fullname" . }}-admin-token - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - ADMIN_TOKEN: {{ .Values.vaultwarden.adminToken.value | b64enc | quote }} -{{- end }} - -{{- if not .Values.vaultwarden.database.existingSecret }} ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "vaultwarden.fullname" . }}-db-creds - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - DATABASE_URL: {{ .Values.vaultwarden.database.connectionString | b64enc | quote }} -{{- end }} - -{{- if not .Values.vaultwarden.smtp.password.existingSecret }} ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: {{ include "vaultwarden.fullname" . }}-smtp - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -data: - SMTP_PASSWORD: {{ .Values.vaultwarden.smtp.password.value | b64enc | quote }} -{{- end }} diff --git a/charts/vaultwarden/templates/service.yaml b/charts/vaultwarden/templates/service.yaml deleted file mode 100644 index 1f21b2c..0000000 --- a/charts/vaultwarden/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "vaultwarden.fullname" . }} - labels: - {{- include "vaultwarden.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "vaultwarden.selectorLabels" . | nindent 4 }} diff --git a/charts/vaultwarden/values.yaml b/charts/vaultwarden/values.yaml index 7ed6839..85c3803 100644 --- a/charts/vaultwarden/values.yaml +++ b/charts/vaultwarden/values.yaml @@ -1,106 +1,114 @@ -image: - repository: registry.hub.docker.com/vaultwarden/server - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "" -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" -podAnnotations: {} -podSecurityContext: {} -# fsGroup: 2000 +--- +workload: + kind: Deployment + strategy: + type: RollingUpdate + containers: + mealie: + image: + registry: registry.hub.docker.com + repository: vaultwarden/server + tag: + pullPolicy: Always + ports: + - vaultwarden + mounts: + storage: + data: + path: /app/data/ + # logs: + # path: /app/logs + envFrom: + - environment + - secrets + livenessProbe: + exec: + command: + - sh + - /healthcheck.sh + readinessProbe: + exec: + command: + - sh + - /healthcheck.sh + initialDelaySeconds: 10 + periodSeconds: 10 -securityContext: {} -# capabilities: -# drop: -# - ALL -# readOnlyRootFilesystem: true -# runAsNonRoot: true -# runAsUser: 1000 +ingress: + main: + class: traefik + annotations: + annotation: test + rules: + - hosts: vaultwarden.softplayer.net + http: + paths: + - backend: + service: + name: '{{ include "chart.fullname" $ }}' + port: 8080 + tls: + - hosts: + - vaultwarden.softplayer.net + secretName: vaultwarden.softplayer.net service: type: ClusterIP - port: 8080 -ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local -resources: {} -# We usually recommend not to specify default resources and to leave this as a conscious -# choice for the user. This also increases chances charts run on environments with little -# resources, such as Minikube. If you do want to specify resources, uncomment the following -# lines, adjust them as necessary, and remove the curly braces after 'resources:'. -# limits: -# cpu: 100m -# memory: 128Mi -# requests: -# cpu: 100m -# memory: 128Mi + ports: + vaultwarden: + port: 9000 + targetPort: 9000 + protocol: TCP -nodeSelector: {} -tolerations: [] -affinity: {} -vaultwarden: - smtp: - host: "" - security: "starttls" - port: 25 - from: vaultwarden@badhouseplants.net - fromName: vaultwarden - username: vaultwarden - password: - value: "VerySecurePassword" - existingSecret: "" - existingSecretKey: "" - authMechanism: "Plain" - acceptInvalidHostnames: "false" - acceptInvalidCerts: "false" - debug: false - adminToken: - existingSecret: "" - existingSecretKey: "" - value: "R@ndomToken$tring" - domain: "https://badhouseplants.vaultwarden.com" - websocket: +storage: + data: + storageClassName: default + size: 1G + accessModes: + - ReadWriteOnce + # logs: + # storageClassName: default + # size: 1G + # accessModes: + # - ReadWriteOnce + +# -- Please have a look here: https://github.com/dani-garcia/vaultwarden/blob/main/.env.template +env: + environment: enabled: true - address: "0.0.0.0" - port: 3012 - rocket: - port: "8080" - workers: "10" - webVaultEnabled: "true" - signupsAllowed: true - invitationsAllowed: true - signupDomains: "https://badhouseplants.vaultwarden.com" - signupsVerify: "true" - showPassHint: "false" - database: - connectionString: "data/db.sqlite3" - existingSecret: "" - existingSecretKey: "" - connectionRetries: 15 - maxConnections: 10 - storage: - enabled: false - size: 1Gi - class: default - dataDir: /data - logging: - enabled: false - logfile: "/data/vaultwarden.log" - loglevel: "warn" - organizations: - enabled: false - orgEvents: false # -- ORG_GROUPS_ENABLED - crationUsers: "" # -- ORG_CREATION_USERS + sensitive: false + data: + DOMAIN: vaultwarden.softplayer.net + SMTP_HOST: ~ + SMTP_SECURITY: startls + SMTP_PORT: 587 + SMTP_AUTH_MECHANISM: Plain + SMTP_FROM: vaultwarden@softplayer.net + SMTP_FROM_NAME: Soft Player + SMTP_DEBUG: false + SMTP_ACCEPT_INVALID_HOSTNAMES: false + SMTP_ACCEPT_INVALID_CERTS: false + SMTP_USERNAME: ~ + DATA_FOLDER: /app/data/ + ROCKET_PORT: 8080 + SHOW_PASSWORD_HINT: true + SIGNUPS_ALLOWED: false + INVITATIONS_ALLOWED: true + SIGNUPS_DOMAINS_WHITELIST: "*" + SIGNUPS_VERIFY: true + WEB_VAULT_ENABLED: true + LOG_FILE: /app/logs + LOG_LEVEL: info + DB_CONNECTION_RETRIES: 10 + DATABASE_MAX_CONNS: 10 + ORG_GROUPS_ENABLED: true + ORG_EVENTS_ENABLED: true + ORG_CREATION_USERS: "" + + secrets: + enabled: true + sensitive: true + data: + ADMIN_TOKEN: "R@ndomToken$tring" + DATABASE_URL: ~ + SMTP_PASSWORD: ~