softplayer/softplayer-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Add more charts

Browse Source
This commit is contained in:
Nikolai Rodionov
2024-07-13 22:24:41 +02:00
parent 5132ad1c1b
commit f6320fb990
33 changed files with 1733 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
charts/vaultwarden/templates/NOTES.txt Normal file
View File

@ -0,0 +1,22 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "vaultwarden.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "vaultwarden.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "vaultwarden.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "vaultwarden.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
{{- end }}

62
charts/vaultwarden/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "vaultwarden.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "vaultwarden.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "vaultwarden.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "vaultwarden.labels" -}}
helm.sh/chart: {{ include "vaultwarden.chart" . }}
{{ include "vaultwarden.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "vaultwarden.selectorLabels" -}}
app.kubernetes.io/name: {{ include "vaultwarden.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "vaultwarden.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "vaultwarden.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

46
charts/vaultwarden/templates/configmap.yaml Normal file
View File

@ -0,0 +1,46 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "vaultwarden.fullname" . }}
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
data:
DOMAIN: {{ .Values.vaultwarden.domain | quote }}
{{- if and .Values.vaultwarden.smtp.host .Values.vaultwarden.smtp.from | quote }}
SMTP_HOST: {{ .Values.vaultwarden.smtp.host | quote }}
SMTP_SECURITY: {{ .Values.vaultwarden.smtp.security | quote }}
SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}
{{- if .Values.vaultwarden.smtp.authMechanism }}
SMTP_AUTH_MECHANISM: {{ .Values.vaultwarden.smtp.authMechanism | quote }}
{{- end }}
SMTP_FROM: {{ .Values.vaultwarden.smtp.from | quote }}
SMTP_FROM_NAME: {{ default "Vaultwarden" .Values.vaultwarden.smtp.fromName | quote }}
SMTP_DEBUG: {{ .Values.vaultwarden.smtp.debug | quote }}
SMTP_ACCEPT_INVALID_HOSTNAMES: {{ .Values.vaultwarden.smtp.acceptInvalidHostnames | quote }}
SMTP_ACCEPT_INVALID_CERTS: {{ .Values.vaultwarden.smtp.acceptInvalidCerts | quote }}
SMTP_USERNAME: {{ .Values.vaultwarden.smtp.username | quote }}
{{- end }}
{{- if .Values.vaultwarden.websocket.enabled }}
WEBSOCKET_ENABLED: "true"
WEBSOCKET_ADDRESS: {{ .Values.vaultwarden.websocket.address | quote }}
WEBSOCKET_PORT: {{ .Values.vaultwarden.websocket.port | quote }}
{{- end }}
DATA_FOLDER: {{ .Values.vaultwarden.storage.dataDir | quote }}
ROCKET_PORT: {{ .Values.vaultwarden.rocket.port | quote }}
ROCKET_WORKERS: {{ .Values.vaultwarden.rocket.workers | quote }}
SHOW_PASSWORD_HINT: {{ .Values.vaultwarden.showPassHint | quote }}
SIGNUPS_ALLOWED: {{ .Values.vaultwarden.signupsAllowed | quote }}
INVITATIONS_ALLOWED: {{ .Values.vaultwarden.invitationsAllowed | quote }}
SIGNUPS_DOMAINS_WHITELIST: {{ .Values.vaultwarden.signupDomains | quote }}
SIGNUPS_VERIFY: {{ .Values.vaultwarden.signupsVerify | quote }}
WEB_VAULT_ENABLED: {{ .Values.vaultwarden.webVaultEnabled | quote }}
{{- if .Values.vaultwarden.logging.enabled }}
LOG_FILE: {{ .Values.vaultwarden.logging.logfile | quote }}
LOG_LEVEL: {{ .Values.vaultwarden.logging.loglevel | quote }}
{{- end }}
DB_CONNECTION_RETRIES: {{ .Values.vaultwarden.database.connectionRetries | quote }}
DATABASE_MAX_CONNS: {{ .Values.vaultwarden.database.maxConnections | quote }}
# -------------------------------------------------------------------
ORG_GROUPS_ENABLED: {{ .Values.vaultwarden.organizations.enabled | quote }}
ORG_EVENTS_ENABLED: {{ .Values.vaultwarden.organizations.orgEvents | quote }}
ORG_CREATION_USERS: {{ .Values.vaultwarden.organizations.crationUsers | quote }}

96
charts/vaultwarden/templates/deployment.yaml Normal file
View File

@ -0,0 +1,96 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "vaultwarden.fullname" . }}
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
{{- include "vaultwarden.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
{{- end }}
labels:
{{- include "vaultwarden.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if .Values.vaultwarden.storage.enabled }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "vaultwarden.fullname" . }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.service.port }}
protocol: TCP
livenessProbe:
exec:
command:
- sh
- /healthcheck.sh
readinessProbe:
exec:
command:
- sh
- /healthcheck.sh
resources:
{{- toYaml .Values.resources | nindent 12 }}
envFrom:
- configMapRef:
name: {{ include "vaultwarden.fullname" . }}
env:
{{- if or (.Values.vaultwarden.smtp.password.value) (.Values.vaultwarden.smtp.password.existingSecretKey )}}
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.vaultwarden.smtp.password.existingSecret | default ( printf "%s-smtp" ( include "vaultwarden.fullname" . )) }}
key: {{ default "SMTP_PASSWORD" .Values.vaultwarden.smtp.password.existingSecretKey }}
{{- end }}
- name: ADMIN_TOKEN
valueFrom:
secretKeyRef:
name: {{ .Values.vaultwarden.adminToken.existingSecret | default ( printf "%s-admin-token" ( include "vaultwarden.fullname" . )) }}
key: {{ default "ADMIN_TOKEN" .Values.vaultwarden.adminToken.existingSecretKey }}
{{- if ne "default" .Values.vaultwarden.database.type }}
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: {{ .Values.vaultwarden.database.existingSecret | default ( printf "%s-db-creds" ( include "vaultwarden.fullname" . )) }}
key: {{ default "DATABASE_URL" .Values.vaultwarden.database.existingSecretKey }}
{{- end }}
{{- if .Values.vaultwarden.storage.enabled }}
volumeMounts:
- mountPath: {{ .Values.vaultwarden.storage.dataDir }}
name: data
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

61
charts/vaultwarden/templates/ingress.yaml Normal file
View File

@ -0,0 +1,61 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "vaultwarden.fullname" . -}}
{{- $svcPort := .Values.service.port -}}
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
pathType: {{ .pathType }}
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}
port:
number: {{ $svcPort }}
{{- else }}
serviceName: {{ $fullName }}
servicePort: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

15
charts/vaultwarden/templates/pvc.yaml Normal file
View File

@ -0,0 +1,15 @@
{{- if .Values.vaultwarden.storage.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "vaultwarden.fullname" . }}
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.vaultwarden.storage.size }}
storageClassName: {{ .Values.vaultwarden.storage.class }}
{{- end }}

38
charts/vaultwarden/templates/secret.yaml Normal file
View File

@ -0,0 +1,38 @@
{{- if not .Values.vaultwarden.adminToken.existingSecret }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ include "vaultwarden.fullname" . }}-admin-token
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
data:
ADMIN_TOKEN: {{ .Values.vaultwarden.adminToken.value | b64enc | quote }}
{{- end }}
{{- if not .Values.vaultwarden.database.existingSecret }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ include "vaultwarden.fullname" . }}-db-creds
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
data:
DATABASE_URL: {{ .Values.vaultwarden.database.connectionString | b64enc | quote }}
{{- end }}
{{- if not .Values.vaultwarden.smtp.password.existingSecret }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ include "vaultwarden.fullname" . }}-smtp
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
data:
SMTP_PASSWORD: {{ .Values.vaultwarden.smtp.password.value | b64enc | quote }}
{{- end }}

15
charts/vaultwarden/templates/service.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "vaultwarden.fullname" . }}
labels:
{{- include "vaultwarden.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "vaultwarden.selectorLabels" . | nindent 4 }}