From c02e33f9f67b5834947ba64a6db3ed40a408d5e5 Mon Sep 17 00:00:00 2001 From: Jonathan Ervine Date: Thu, 27 Aug 2020 16:45:01 +0800 Subject: [PATCH] Bumpbed nzbhydra to 2.26.0 --- jellyfin/Chart.yaml | 4 +- jellyfin/values.yaml | 2 +- nzbhydra/Chart.yaml | 4 +- nzbhydra/~? | Bin 6735 -> 0 bytes plex/Chart.yaml | 14 ++ plex/README.md | 59 +++++ plex/templates/NOTES.txt | 19 ++ plex/templates/_helpers.tpl | 16 ++ plex/templates/deployment.yaml | 233 ++++++++++++++++++++ plex/templates/ingress.yaml | 31 +++ plex/templates/rbac.yaml | 54 +++++ plex/templates/service.yaml | 59 +++++ plex/templates/volumes.yaml | 66 ++++++ plex/values.yaml | 150 +++++++++++++ watcher/templates/statefulset.yaml | 5 + wekan/.helmignore | 22 ++ wekan/Chart.yaml | 13 ++ wekan/OWNERS | 4 + wekan/README.md | 65 ++++++ wekan/charts/.gitkeep | 1 + wekan/requirements.lock | 6 + wekan/requirements.yaml | 5 + wekan/templates/NOTES.txt | 19 ++ wekan/templates/_helpers.tpl | 82 +++++++ wekan/templates/deployment.yaml | 64 ++++++ wekan/templates/hpa.yaml | 18 ++ wekan/templates/ingress.yaml | 40 ++++ wekan/templates/route.yaml | 23 ++ wekan/templates/secrets.yaml | 14 ++ wekan/templates/service.yaml | 25 +++ wekan/templates/serviceaccount.yaml | 16 ++ wekan/templates/tests/test-cloudserver.yaml | 27 +++ wekan/values.yaml | 117 ++++++++++ 33 files changed, 1272 insertions(+), 5 deletions(-) delete mode 100644 nzbhydra/~? create mode 100644 plex/Chart.yaml create mode 100644 plex/README.md create mode 100644 plex/templates/NOTES.txt create mode 100644 plex/templates/_helpers.tpl create mode 100644 plex/templates/deployment.yaml create mode 100644 plex/templates/ingress.yaml create mode 100644 plex/templates/rbac.yaml create mode 100644 plex/templates/service.yaml create mode 100644 plex/templates/volumes.yaml create mode 100644 plex/values.yaml create mode 100644 wekan/.helmignore create mode 100644 wekan/Chart.yaml create mode 100644 wekan/OWNERS create mode 100644 wekan/README.md create mode 100644 wekan/charts/.gitkeep create mode 100644 wekan/requirements.lock create mode 100644 wekan/requirements.yaml create mode 100644 wekan/templates/NOTES.txt create mode 100644 wekan/templates/_helpers.tpl create mode 100644 wekan/templates/deployment.yaml create mode 100644 wekan/templates/hpa.yaml create mode 100644 wekan/templates/ingress.yaml create mode 100644 wekan/templates/route.yaml create mode 100644 wekan/templates/secrets.yaml create mode 100644 wekan/templates/service.yaml create mode 100644 wekan/templates/serviceaccount.yaml create mode 100644 wekan/templates/tests/test-cloudserver.yaml create mode 100644 wekan/values.yaml diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index c370415..6a0ca83 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -14,10 +14,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 0.1.2 +version: 0.1.3 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 10.6.2-amd64 +appVersion: 10.6.3-amd64 icon: https://git.ervine.org/jonny/charts/raw/branch/master/jellyfin/jellyfin.png diff --git a/jellyfin/values.yaml b/jellyfin/values.yaml index fd2cf83..4bd5c69 100644 --- a/jellyfin/values.yaml +++ b/jellyfin/values.yaml @@ -6,7 +6,7 @@ replicaCount: 1 image: repository: harbor.ervine.dev/public/x86_64/jellyfin - pullPolicy: IfNotPresent + pullPolicy: Always imagePullSecrets: [] nameOverride: "" diff --git a/nzbhydra/Chart.yaml b/nzbhydra/Chart.yaml index 824d4bf..62281c5 100644 --- a/nzbhydra/Chart.yaml +++ b/nzbhydra/Chart.yaml @@ -14,10 +14,10 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 0.1.5 +version: 0.1.6 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: v2.25.0 +appVersion: v2.26.0 icon: https://git.ervine.org/jonny/x86_64-alpine-nzbhydra/raw/branch/master/hydra.png diff --git a/nzbhydra/~? b/nzbhydra/~? deleted file mode 100644 index 4d3786ccbe1df06dd690e0cdca91c8cb49ed2908..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6735 zcmV-V8nERbiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PK5tTocz8KW=D)eXeyEF98)OnIvpt)ViP|AUk3!xJ;6pFfy5m zGZP>n;8txdTG6@|S5(}6Zip*Vts8Y0_qEolRn%&gR+jueGn0f6g8EvY{@(A$`2!}C zd(S=h+_LJYKJ)P_chJN->BY)!=sTnj{j5#Mj%K`!A75tp7{AJUz|N+}~-nk^;dxIiv{4Kw5w)*cR~&qorkHu^M9#NF`zfL`X_49!nC0UYzXb zJKEPHa(mmm?vb&&qA0KgmUU+O9KwX%ONPpP!d{@(|oDiuaxj9vy( z(*z2VP+@AB005dHDO3&pag?S*c>`3@A_a~?f)T|-N(1StR#8|AlmV$E028QmIL;bu zSR$k-ObKN`C=_5CR1I0KS{;sulQ^c(%RqlT3DvVqD5xcAj3Ft#48)_9oTN;!p@fNI ztxk?(3L|cadE5}2HmxVmI$Ve2QBXlahL(ZYkphfRQ;??F5mAC584f0BZiWCr0+r)X zDFZ4Lr=b9Vc#>wgwj%CP#$%fZCZifH4iTJGptt}40JJC*&kq0qgY!={=1P!C7zJ^t zU`UE(%68|G6UP!ULLEtx8iAHnMnQ#+!Wg|jNiZ;(;e?|g2WtMLj$mX!Dxe@u>L>-| zq@& zNqnVN`0wrQ<5P$K?}MZW2!IS=;-O_s1%^cq1#&%$0R%><*{^8`6r@Ij5=vSoNKF+1 zOa+h_K4>rkE@H%1ke0@^pin{$feVYOK-Q;5YYuqXwg6PMMmUt^-?EWpYAQRBi*;WH zXWP)JsQ?n}crvj#HI*NV;|tQ#Qd0p^#hq^^uztj8$nsZ^1cPD(4TPbj5{8o$BQ%R^ z#507&Ii4R(W&sd{h7BAvIy@{gx{r%%f=&(<3=Y(g0U{BLaI_XxK)?zS32}(h5D7KE zO-lnJ5{#uuf}L$2VJbpvp#ovK(y@|}2w@Z=O$dym(<~>9P~bWx1VWS1A|`h$N=nON*%6hr1>)>SQP zA4;Oi0Vs|V3P`<9^#A}Co@5}90UA^f7&HL_6sTYl&|rj)fi#ztu-n;^B?t@$3<=~A zpou7kv%3`Gx$*P`sRIg>07)pLi069q^8}>I(hR!)$IDD7Du5{IZ5FS4)#61Bii`>L zx3PX4x3?MgEye>PkqPpFFf~<}nrgH_SBy}?WMEop+(L~e^8*q$&cG1P%6NMcrrB8k zs+q`GS*@0pn{2I?XpSh}!W6^9296HxA2P^FUs_W6w%Z*CLR70o63p2wf{|jjV;`Hk ztkR=L&2AV$GpxS)SP#dlsaDI@ld30zF-1nd|xKZzx5erShPNAHwu#DAmXA+CiK zjWF7GQwn%f{O2RFj{khTyzAn>_d=WWlwMhE zyI@eV7A2INcVrQT^^NQ^mo6g$V>=O0LKQ~T#7a@s*QgF>0KylXIaoB|yJa>F#t!TEVnMk znA_Ca;H`AddTP@L7fyazpSNFD3pvfI;JH+Hm1bG1z5R~`)KVD1sDQ95E$T`Ot+?^y z{wEu)w&!Xa&|+m-gE7{p*;VCM*SJ;qRyZn$`0G}fYbLC9K9=g{pN;i|eHy>57-_?x5%*O(3&{Lz!crZ>!GSDg~tjR@#5~vy~MRL8YTJ#jfhoZoy+Drw& zH!IG1o+6t<@D;N+1fn+jnF3K+jlj>g+{XQDjqt{>8=!ni&lq&Rc2<@pz|h+8sd_Vn zFB5VN*_9+ju}=gc1@A@UE&?CSgo`ja9KY&Ei{H9&ee)V#qI04PF~#;*pAbB;R zOhHq8MKktRA-T#srJ)JSRvF+*J zbg=NxydUqEOt%Vb92!*B{<-5anGwIWCj6`Ikby@+2Bp-H3Aenzz~MPXGNgjUWgyx= z-1v^4Fn{Tch1se*9korWX3}akxevYAHmG*{H)eb900!P<|6ZQf^aFgAZ%ys%XsutE--{b~h`|A+GN_f59!pFtU@(&03GNB6*_LC1kKh;F@?I8WL9F0klD=8M(E7# zax4)Nkfy^aQVy#R7|$@;0LWMuJ@_h#*!r!lfhmY8vHv1>i+k5qWMl2kEnl>6KJ@6BkmwRWxgj+ewNMC~k~M$702VwCa9Jg|i? zmKWWtCTxBEy{6`D8>qC@cm3Uz-2^|4ugIe}-LP?k~Fw38-Lq|3AqD-jx6QO00hW z=_!%=de_DO?}Kcn_2Hz_M#wLGi?CW`wQYodJEymCxFs}QEr}<|1fdLYW6?Se63zL7 zb=YU}a!G2)SO&l{AlK1)Ihkw@7r7rd$Utm&wrO`0l%kZHmH`mk{VitynoG_cKMJy& zjWGpnp)e6r9~czP_K&d2#nc2z!FN5z8|(j`HGcmo^{qSqe=p<=!cm5S6hQ-q1pNAg zqM? z1eBb`Wys~E{qMS@Pt-F>A6 z?g*Wv6}TgEG(q5wutBkVy1*I4pcF>xXb?DX5G_Eo6gd_u7y*JQAu8tEQRG+wl1M8^ zB^3V;1v+N?H$8|Xh!pWe7$Z&itN+|Ww5oDhs5ZBl}icKT0`klR5@WSoa zh&}gaJ*FE?}P`o-+KE}Cr* zN*4bWAdLFuC+(2RU%zZ^=)FYLGVs+jFQM+=z^&{-UU0jqw<{lSs^~HmEz8LF>J)P- zFI_TzYun0(w>Ji#ji6S2UG7#+j4COt7$i7$zt?xu1&)Q|?`L_euV^|owg3IDYvh4m znopM&-ppFn{QKhit(E}4v$Nkc zT6!A$rJk$EW#P|G&Ox2`eC!voZ$ZQ_yLe@9# zQvYUYe9-FnHL9Kp=fe2CU)^fotGk2$KzX;;#RCxGf)+j7Y@ITr;k^ovE?ynl=ATK* zKO=5iayrZLZsuaSN5uLjH!_~OE)9x4u64Ao=G}-?0)vM2OXUv z#jTFH9p1GvWt?mNVF%5ZbK?7#g#Qv3AbINIo>kOtBh%7wbjz&P;3SpvyJSZ}<{K{UYk2&rA9qFTbq~cJf*TDT+=2<(P84eT@e$1`pZk_k*~kLp?ui#?U{+ap{i@* zbJvwK$B4&oC8N=Lf6cmUzw_I{aF2Q%e&lw&LoL5PJY8Gweow`cHcesAK2Q4MTgpxb ze`)A&F0;jqbs6KIz5EedCjLY7d%nFP>4%E`4u+(p(wBLEX0(OP4+NiIrvAKi?X8PF zHjmjWX?MVF>7t7Qr#4tn@(Llj>ruVM{hpre`EjFL_Kos>xVuW@^wCn`wH|8(X9`Co zIP6_5IW*!nZ3Yp)0!7%t3LD%Y^sy~^Y={TyL-IP0X?ukE}8G2)HpM1kpk1mQ0?T1GA zZ&o)Cg)W071NQcxIuO;y6^|Mr{)W8^<4Sgy$*9f z4*H4OG-paqi}-qqhMwKOTR5zP-`Gv%2=&!R)94j<7M7G8{zx8q)4tjMltsn8r{4H0 zq}!9ivCl$B@6{(Um!ui&JDP4b=ToCuF2ySW6C34BFM&Egz7(3QuXO}78 zKC*XsgwSQj3LY&m6b}(PCnSt08PntOq2oFEg)yBL_ckP#KYH=ay#1b8*O*;iPXp&Q zQV;X)7=ETl=Vmh9uCsT<53jopzjFWKvJ)rQV0TUiMa-EJAFyY2u%Yv?==tuQn=WmL zHn*RAAN$kW`y1KtCJtFevh*^?ervz#IOAsgmL4shWgl($c>Zq<4?3rGxPU$n=(s_% ztN83~Lt3^|QTV!k>YZ~0`6mrm9j;d1ym9jJ1;d^>TjO4KIheh=h3k3A@}?i>JFXlo z`n{=h^0l2!u4g>jmw&WL*an^VS8_Z@pLd(O^+`#}tXor_={7vtIBHHd)+FwS%Rk7! ze)1x|!~O-ySx5d|py-07EDG!PNB!~}(-#!FJb%=%_x5q!W=)^ACE4Lm=kA%IuHEdN zHr}6D+EMmf-ag;nKS^3=O1s&I&mFR5-W8_7l5pkM^@T0kg{(b%=+@>X5sjK1aaf;u z??~?IjpN#62A8@%o!Jd^{#hoRJCSyajt%h1jyjx~G5b^JT+h!!PJZrGqPo5bPgy&A zQS6P-!_gXF-~6nTGgcuP*LFS&XxwAzg+^3Ab3T2?goP{P!VVa|c#$5H z{>`F0Wj+p?bF`w~1=R(7fv~SeReX}z5*_#H;KN5ZEkdvUbklFi?%mhvtb%D`AXOaR zUuJkX*>J`%uXES4(c11ScMlkH@j%2vr{D%Y4`T~+h~eAYMc>+6Fw=hBkmdW_n=}rO zy+LH3T9+euPF#0bKeJKhxosEjI+SNQ%-Fa3klj}NW-Ly-IYctmm3gd^WSU3=L> ziw(GX`jD~+Hga#axv9!gBRu-BfvErTL080%7bazf3On~Q1ay4*#G`ZN=!J@1J93sK zloz0WO)i!f>|4Cikkt0>qM@VUy%XuZ5WJ#z?U(DmS#-p?RrbZmj2TA@rZy3r>v`Ni zOLchHGsBZH&6_5sF5g1BI4h2?S-qzIomrpQIqqG#`w-Q5(Rv!6`6}+H*YVuK%Ta0v zd&PO>>4B3{+U`Al^hD0sJe}%x<};T`&bb{oH$9*8n}=f82DhW~%m$Tf`h7oY+VRif z<^6WKz58!Mljd&jotu*9`{|Bz9v8Q!?;ZC0*`JeUZw;C9jZ^z4jKc9E9R7`BlPV=K zs_5CD8)oI4$(?s!w@O_Saov9NtJcqU31HZZnZaEfufI7QCe~A)eA?ky#{qK#GNw)o z>9YB2)j4so-L;4@FShkc+t*>^TISIAq}^ec&-|ARoDt+Idi?v;;^H%mi$J~pO5%=r zA75u4J_@*VIx>I>^*}s`V+H;x*n|giz=VuS^ zJ&M$?Uv}s8n7L&;kHCnDH^2BgXvFn3MBi!z5cr&gU7w(*#>b6U=dlOJCi zDf5!-*?n#c7XGk*LV~t$%GO@Tf2|ljFms=$Xr;b9{N@AMYfM-2JkkTZisFqmqM53pZaj?3wISR?zp_%^QaOb0TkE za48!4XYAt=dHd|2XY_cv^mdch^M%6>=3gX(WT7QrJ+S}5CnP0^>76=kPHF6h^7IzI zZBy4Si;G&~wxRHs*h{@dofkz0j_f)4!ih_Bn{7{2=Q#xiyj&)~*kb9@C){rVmID+bu7?%%?;Ngd;R&rsQtliFsWIG@+$-Kh86xM z@Qxcbc=5eY=Fd<6{_L8>?^9;{^4mIH)YL`iuEhjB`0YaQszW~WcL^`umR%hddhck& z+N{$3(3E_Sz=DxifBak+cz@}TeTh#}hRJ^2KUV+ahEt7-qQ+}3q)i^< zU(zS(#r{IE&&a`{k9J%0=^@eoHiQGJBlKZ66TLt}Rmv>uxxRqm0vo1lsN0yDxv2Q+;IZbR^^8C@I#wRv6 z@9@*6TjPTI-YLM!%WjU6m1k(WU8?k1KTCnf7)l4$zxbn}41HL33iZ2m^ZF}8QiSZ_ ztE?fixO9U(q1(IzFDGX{==HCi<_3vUu#}i)_C=U$t{Dv&R*B#R>kCwnU&LnPtIF1aN8y3!S>E~I^At%|KnIg zVoU8`l16T`evV+b#(O zZ9VMP^~pQE*7du)@MGtGCuT_(cuEs*d)+-Zx}VT_(aAF@*LI}*(CUe!HhZ@?(^1v3 z`ycgN-J4QzD#tF=FLuJMyxbNad46}m^~eE-B}>zL7Y|sG)NFb%_T*n-PRk?ph2QMUTs?3dgZvh diff --git a/plex/Chart.yaml b/plex/Chart.yaml new file mode 100644 index 0000000..eda7928 --- /dev/null +++ b/plex/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +appVersion: 1.19.5.3112-b23ab3896-ls113 +description: Plex Media Server +name: plex +version: 0.1 +keywords: + - plex +home: https://plex.tv/ +icon: https://www.plex.tv/wp-content/uploads/2018/01/pmp-icon-1.png +sources: + - https://github.com/munnerz/kube-plex + - https://harbor.ervine.dev/public/x86_64/plex +maintainers: + - name: Jonny diff --git a/plex/README.md b/plex/README.md new file mode 100644 index 0000000..5146953 --- /dev/null +++ b/plex/README.md @@ -0,0 +1,59 @@ +# Plex Media Server helm chart + +## Configuration + +The following tables lists the configurable parameters of the Plex chart and their default values. + +| Parameter | Description | Default | +|----------------------------|-------------------------------------|---------------------------------------------------------| +| `image.repository` | Image repository | `plexinc/pms-docker` | +| `image.tag` | Image tag. Possible values listed [here](https://hub.docker.com/r/plexinc/pms-docker/tags/).| `1.10.1.4602-f54242b6b`| +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `kubePlex.enabled` | Enable KubPlex transcoder | `true` | +| `kubePlex.image.repository` | Image repository | `quay.io/munnerz/kube-plex` | +| `kubePlex.image.tag` | Image tag. | `latest`| +| `kubePlex.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `claimToken` | Plex Claim Token to authenticate your acount | `` | +| `timezone` | Timezone plex instance should run as, e.g. 'America/New_York' | `Europe/London` | +| `service.type` | Kubernetes service type for the plex GUI/API | `ClusterIP` | +| `service.port` | Kubernetes port where the plex GUI/API is exposed| `32400` | +| `service.annotations` | Service annotations for the Plex GUI | `{}` | +| `service.labels` | Custom labels | `{}` | +| `service.loadBalancerIP` | Load balancer IP for the Plex GUI; set `service.type` to `LoadBalancer` to use this. | `{}` | +| `service.loadBalancerSourceRanges` | List of IP CIDRs allowed access to load balancer (if supported) | None +| `ingress.enabled` | Enables Ingress | `false` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.labels` | Custom labels | `{}` +| `ingress.path` | Ingress path | `/` | +| `ingress.hosts` | Ingress accepted hostnames | `chart-example.local` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `rbac.create` | Create RBAC roles? | `true` | +| `nodeSelector` | Node labels for pod assignment | `beta.kubernetes.io/arch: amd64` | +| `persistence.transcode.enabled` | Use persistent volume for transcoding | `false` | +| `persistence.transcode.size` | Size of persistent volume claim | `20Gi` | +| `persistence.transcode.claimName`| Use an existing PVC to persist data | `nil` | +| `persistence.transcode.subPath` | SubPath to use for existing Claim | `nil` | +| `persistence.transcode.storageClass` | Type of persistent volume claim | `-` | +| `persistence.transcode.accessMode` | Persistent volume access mode | `ReadWriteMany` | +| `persistence.data.size` | Size of persistent volume claim | `40Gi` | +| `persistence.data.claimName`| Use an existing PVC to persist data | `nil` | +| `persistence.data.subPath` | SubPath to use for existing Claim | `nil` | +| `persistence.data.storageClass` | Type of persistent volume claim | `-` | +| `persistence.data.accessMode` | Persistent volume access mode | `ReadWriteMany` | +| `persistence.extraData` | Extra data mounts. Should be an array of items matching persistence.data entries | `[]` | +| `persistence.config.size` | Size of persistent volume claim | `20Gi` | +| `persistence.config.claimName`| Use an existing PVC to persist data | `nil` | +| `persistence.config.subPath` | SubPath to use for existing Claim | `nil` | +| `persistence.config.storageClass` | Type of persistent volume claim | `-` | +| `persistence.config.accessMode` | Persistent volume access mode | `ReadWriteMany` | +| `resources` | CPU/Memory resource requests/limits | `{}` | +| `proxy.enable` | use to enable PMS proxy environmental variable | `{false}` | +| `proxy.http` | HTTP_PROXY value 'http://proxy.lan:8080' | `{}` | +| `proxy.https` | HTTPS_PROXY value 'http://proxy.lan:8080' | `{}` | +| `proxy.noproxy` | NO_PROXY value 'localhost,127.0.0.1,10.96.0.0/12,10.244.0.0/12' | `{}` | +| `tolerations` | Pod tolerations | `[]` | +| `affinity` | Pod affinity configuration | `{}` | +| `podAnnotations` | Key-value pairs to add as pod annotations | `{}` | +| `deploymentAnnotations` | Key-value pairs to add as deployment annotations | `{}` | + +Read through the [values.yaml](values.yaml) file. It has several commented out suggested values. diff --git a/plex/templates/NOTES.txt b/plex/templates/NOTES.txt new file mode 100644 index 0000000..ccfecb7 --- /dev/null +++ b/plex/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.externalPort }} +{{- end }} diff --git a/plex/templates/_helpers.tpl b/plex/templates/_helpers.tpl new file mode 100644 index 0000000..f0d83d2 --- /dev/null +++ b/plex/templates/_helpers.tpl @@ -0,0 +1,16 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/plex/templates/deployment.yaml b/plex/templates/deployment.yaml new file mode 100644 index 0000000..d1d27d0 --- /dev/null +++ b/plex/templates/deployment.yaml @@ -0,0 +1,233 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + {{- if .Values.deploymentAnnotations }} + annotations: + {{- range $key, $value := .Values.deploymentAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + replicas: 1 + revisionHistoryLimit: 3 + strategy: + type: Recreate + selector: + matchLabels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "name" . }} + release: {{ .Release.Name }} + {{- if .Values.podAnnotations }} + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + spec: + serviceAccountName: {{ if .Values.rbac.create }}{{ template "fullname" . }}{{ else }}{{ .Values.rbac.serviceAccountName | quote }}{{ end }} + hostname: "{{ template "fullname" . }}" +{{- if .Values.kubePlex.enabled }} + initContainers: + - name: kube-plex-install + image: "{{ .Values.kubePlex.image.repository }}:{{ .Values.kubePlex.image.tag }}" + imagePullPolicy: {{ .Values.kubePlex.image.pullPolicy }} + command: + - cp + - /kube-plex + - /shared/kube-plex + volumeMounts: + - name: shared + mountPath: /shared +{{- end }} + containers: + - name: plex + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} +{{- if .Values.kubePlex.enabled }} + # We replace the PMS binary with a postStart hook to save having to + # modify the default image entrypoint. + lifecycle: + postStart: + exec: + command: + - bash + - -c + - | + #!/bin/bash + set -e + mv '/usr/lib/plexmediaserver/Plex Transcoder' '/usr/lib/plexmediaserver/Plex Transcoder.orig' + cp /shared/kube-plex '/usr/lib/plexmediaserver/Plex Transcoder' +{{- end }} + readinessProbe: + httpGet: + path: /identity + port: 32400 + initialDelaySeconds: 15 + timeoutSeconds: 5 + livenessProbe: + httpGet: + path: /identity + port: 32400 + initialDelaySeconds: 10 + timeoutSeconds: 10 + ports: + - name: pms + containerPort: 32400 + - name: http + containerPort: 32400 + - name: https + containerPort: 32443 + - name: dlna + containerPort: 1900 + protocol: UDP + - name: pht + containerPort: 3005 + - name: bonjour + containerPort: 5353 + protocol: UDP + - name: roku + containerPort: 8324 + - name: gdm410 + containerPort: 32410 + protocol: UDP + - name: gdm412 + containerPort: 32412 + protocol: UDP + - name: gdm413 + containerPort: 32413 + protocol: UDP + - name: gdm414 + containerPort: 32414 + protocol: UDP + - name: plexdlna + containerPort: 32469 + env: + - name: TZ + value: "{{ .Values.timezone }}" + # TODO: move this to a secret? + - name: PLEX_CLAIM + value: "{{ .Values.claimToken }}" + # kube-plex env vars + - name: PMS_INTERNAL_ADDRESS + value: http://{{ template "fullname" . }}:32400 + - name: PMS_IMAGE + value: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + - name: KUBE_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: TRANSCODE_PVC +{{- if .Values.persistence.transcode.claimName }} + value: "{{ .Values.persistence.transcode.claimName }}" +{{- else }} + value: "{{ template "fullname" . }}-transcode" +{{- end }} + - name: DATA_PVC +{{- if .Values.persistence.data.claimName }} + value: "{{ .Values.persistence.data.claimName }}" +{{- else }} + value: "{{ template "fullname" . }}-data" +{{- end }} + - name: CONFIG_PVC +{{- if .Values.persistence.config.claimName }} + value: "{{ .Values.persistence.config.claimName }}" +{{- else }} + value: "{{ template "fullname" . }}-config" +{{- end }} +{{- if .Values.proxy.enable }} + {{- if .Values.proxy.http }} + - name: "HTTP_PROXY" + value: "{{.Values.proxy.http}}" + {{- end }} + {{- if .Values.proxy.https }} + - name: "HTTPS_PROXY" + value: "{{.Values.proxy.https}}" + {{- end }} + {{- if .Values.proxy.noproxy }} + - name: "NO_PROXY" + value: "{{.Values.proxy.noproxy}}" + {{- end }} +{{- end }} + volumeMounts: + - name: data + mountPath: /plex-library + {{- if .Values.persistence.data.subPath }} + subPath: {{ .Values.persistence.data.subPath }} + {{ end }} + - name: config + mountPath: /config + {{- if .Values.persistence.config.subPath }} + subPath: {{ .Values.persistence.config.subPath }} + {{ end }} + - name: transcode + mountPath: /transcode + {{- if .Values.persistence.transcode.subPath }} + subPath: {{ .Values.persistence.transcode.subPath }} + {{ end }} + {{- range .Values.persistence.extraData }} + - mountPath: "/data-{{ .name }}" + name: "extradata-{{ .name }}" + {{- end }} + - name: shared + mountPath: /shared + resources: +{{ toYaml .Values.resources | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + volumes: + - name: data + persistentVolumeClaim: +{{- if .Values.persistence.data.claimName }} + claimName: "{{ .Values.persistence.data.claimName }}" +{{- else }} + claimName: "{{ template "fullname" . }}-data" +{{- end }} + - name: config + persistentVolumeClaim: +{{- if .Values.persistence.config.claimName }} + claimName: "{{ .Values.persistence.config.claimName }}" +{{- else }} + claimName: "{{ template "fullname" . }}-config" +{{- end }} + - name: transcode +{{- if .Values.persistence.transcode.enabled }} + persistentVolumeClaim: +{{- if .Values.persistence.transcode.claimName }} + claimName: "{{ .Values.persistence.transcode.claimName }}" +{{- else }} + claimName: "{{ template "fullname" . }}-transcode" +{{- end }} +{{- else }} + emptyDir: {} +{{- end }} +{{- range .Values.persistence.extraData }} + - name: "extradata-{{ .name }}" + persistentVolumeClaim: +{{- if .claimName }} + claimName: "{{ .claimName }}" +{{- else }} + claimName: "extradata-{{ .name }}" +{{- end }} +{{- end }} + - name: shared + emptyDir: {} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} diff --git a/plex/templates/ingress.yaml b/plex/templates/ingress.yaml new file mode 100644 index 0000000..167f70b --- /dev/null +++ b/plex/templates/ingress.yaml @@ -0,0 +1,31 @@ +{{- if .Values.ingress.enabled -}} +{{- $serviceName := include "fullname" . -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + {{- range $key, $value := .Values.ingress.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + rules: + {{- range $host := .Values.ingress.hosts }} + - host: {{ $host }} + http: + paths: + - path: / + backend: + serviceName: {{ $serviceName }} + servicePort: pms + {{- end -}} + {{- if .Values.ingress.tls }} + tls: +{{ toYaml .Values.ingress.tls | indent 4 }} + {{- end -}} +{{- end -}} diff --git a/plex/templates/rbac.yaml b/plex/templates/rbac.yaml new file mode 100644 index 0000000..a327770 --- /dev/null +++ b/plex/templates/rbac.yaml @@ -0,0 +1,54 @@ +{{- if .Values.rbac.create -}} +{{- if .Values.kubePlex.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: +- apiGroups: + - "" + resources: + - pods + - pods/attach + - pods/exec + - pods/portforward + - pods/proxy + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "fullname" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "fullname" . }} +{{- end }} diff --git a/plex/templates/service.yaml b/plex/templates/service.yaml new file mode 100644 index 0000000..f850d58 --- /dev/null +++ b/plex/templates/service.yaml @@ -0,0 +1,59 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} +{{- with .Values.service.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }} + type: ClusterIP + {{- if .Values.service.clusterIP }} + clusterIP: {{ .Values.service.clusterIP }} + {{end}} +{{- else if eq .Values.service.type "LoadBalancer" }} + type: {{ .Values.service.type }} + {{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }} + {{- end -}} +{{- else }} + type: {{ .Values.service.type }} +{{- end }} +{{- if .Values.service.externalIPs }} + externalIPs: +{{ toYaml .Values.service.externalIPs | indent 4 }} +{{- end }} + {{- if .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} + {{- end }} + ports: + - name: pms + port: {{ .Values.service.port }} + protocol: TCP + targetPort: pms +{{ if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{.Values.service.nodePort}} +{{ end }} + - name: http + port: 80 + targetPort: pms + - name: https + port: 443 + targetPort: 32443 + selector: + app: {{ template "name" . }} + release: {{ .Release.Name }} + diff --git a/plex/templates/volumes.yaml b/plex/templates/volumes.yaml new file mode 100644 index 0000000..6b50414 --- /dev/null +++ b/plex/templates/volumes.yaml @@ -0,0 +1,66 @@ +{{- if and (not .Values.persistence.transcode.claimName) .Values.persistence.transcode.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "fullname" . }}-transcode + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: transcode +spec: + accessModes: + - {{ .Values.persistence.config.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.transcode.size | quote }} +{{- if .Values.persistence.transcode.storageClass }} + storageClassName: {{ .Values.persistence.transcode.storageClass | quote }} +{{- end }} +--- +{{- end }} +{{- if not .Values.persistence.config.claimName }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "fullname" . }}-config + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: config +spec: + accessModes: + - {{ .Values.persistence.config.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.config.size | quote }} +{{- if .Values.persistence.config.storageClass }} + storageClassName: {{ .Values.persistence.config.storageClass | quote }} +{{- end }} +--- +{{- end }} +{{- if not .Values.persistence.data.claimName }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ template "fullname" . }}-data + labels: + app: {{ template "name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + component: data +spec: + accessModes: + - {{ .Values.persistence.data.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.data.size | quote }} +{{- if .Values.persistence.data.storageClass }} + storageClassName: {{ .Values.persistence.data.storageClass | quote }} +{{- end }} +--- +{{- end }} diff --git a/plex/values.yaml b/plex/values.yaml new file mode 100644 index 0000000..0ea0639 --- /dev/null +++ b/plex/values.yaml @@ -0,0 +1,150 @@ +# Default values for kube-plex. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +image: + repository: harbor.ervine.dev/public/x86_64/plex + tag: 1.19.5.3112-b23ab3896-ls113 + pullPolicy: Always + +kubePlex: + enabled: true + image: + repository: harbor.ervine.dev/public/x86_64/alpine/kube-plex + tag: v2.0 + pullPolicy: Always + +# Override this with the plex claim token from plex.tv/claim +claimToken: "claim-asw8g3A3AT3xDrjfmzsk" + +# Set the timezone of the plex server +timezone: Asia/Hong_Kong + +service: + type: LoadBalancer + port: 32400 + ## Specify the nodePort value for the LoadBalancer and NodePort service types. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + # nodePort: + ## Provide any additional annotations which may be required. This can be used to + ## set the LoadBalancer service type to internal only. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + annotations: {} + labels: {} + ## Use loadBalancerIP to request a specific static IP, + ## otherwise leave blank + ## + loadBalancerIP: 192.168.11.17 + # loadBalancerSourceRanges: [] + ## Set the externalTrafficPolicy in the Service to either Cluster or Local + # externalTrafficPolicy: Local + +ingress: + enabled: true + # Used to create an Ingress record. + hosts: + - plex.ervine.dev + annotations: + kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + tls: + # Secrets must be manually created in the namespace. + - secretName: plex-dev-tls + hosts: + - plex.ervine.dev + +rbac: + create: true + # Specify create: false and serviceAccountName to manually manage the service + # account for this deployment + ## serviceAccountName: "" + +nodeSelector: + beta.kubernetes.io/arch: amd64 + location: livingRoom + +persistence: + transcode: + enabled: true + # Optionally specify claimName to manually override the PVC to be used for + # the transcode directory. If claimName is specified, storageClass and size + # are ignored. + ##claimName: "plex-kube-plex-transcode" + # Optionally specify a storage class to be used for the transcode directory. + # If not specified and claimName is not specified, the default storage + # class will be used. + storageClass: "nfs-client-hermes" + # subPath: some-subpath + # The requested size of the volume to be used when creating a + # PersistentVolumeClaim. + size: 20Gi + # Access mode for this volume + accessMode: ReadWriteMany + data: + # Optionally specify claimName to manually override the PVC to be used for + # the data directory. If claimName is specified, storageClass and size are + # ignored. + ##claimName: "plex-media-pvc" + # Optionally specify a storage class to be used for the data directory. + # If not specified and claimName is not specified, the default storage + # class will be used. + storageClass: "nfs-client-hermes" + # subPath: some-subpath + # The requested size of the volume to be used when creating a + # PersistentVolumeClaim. + size: 40Gi + # Access mode for this volume + accessMode: ReadWriteMany + extraData: [] + # Optionally specifify additional Data mounts. These will be mounted as + # /data-${name}. This should be in the same format as the above 'data', + # with the additional field 'name' + # - claimName: "special-tv" + # name: 'foo' + + config: + # Optionally specify claimName to manually override the PVC to be used for + # the config directory. If claimName is specified, storageClass and size + # are ignored. + ##claimName: "plex-config-pvc" + # Optionally specify a storage class to be used for the config directory. + # If not specified and claimName is not specified, the default storage + # class will be used. + # subPath: some-subpath + storageClass: "nfs-client-hermes" + # The requested size of the volume to be used when creating a + # PersistentVolumeClaim. + size: 20Gi + # Access mode for this volume + accessMode: ReadWriteMany + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +podAnnotations: {} + +deploymentAnnotations: {} + +proxy: + # This allows to set a proxy environment variable, which PMS uses to fetch the token and assets like movie cover + enable: false + # http: "http://proxy:8080" + # https: "https://proxy:8080" + # noproxy: "localhost,127.0.0.1,10.96.0.0/12,10.244.0.0/12" + + +# allows setting which taints kubeplex tolerates +tolerations: [] + +# allows specifying node affinity +affinity: {} diff --git a/watcher/templates/statefulset.yaml b/watcher/templates/statefulset.yaml index b4b9567..fd63f13 100644 --- a/watcher/templates/statefulset.yaml +++ b/watcher/templates/statefulset.yaml @@ -63,6 +63,11 @@ spec: - name: {{ .Chart.Name }}-sidecar image: harbor.ervine.dev/public/x86_64/alpine/db-sidecar:v3.12.0 imagePullPolicy: Always + env: + - name: LIVE_DB + value: /app-remote-config/watcher.sqlite + - name: BACKUP_DB + value: /app-remote-config/watcher.backup.sqlite securityContext: privileged: true lifecycle: diff --git a/wekan/.helmignore b/wekan/.helmignore new file mode 100644 index 0000000..7c04072 --- /dev/null +++ b/wekan/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +OWNERS diff --git a/wekan/Chart.yaml b/wekan/Chart.yaml new file mode 100644 index 0000000..ffd164b --- /dev/null +++ b/wekan/Chart.yaml @@ -0,0 +1,13 @@ +name: wekan +version: 1.0.0 +appVersion: 2.x.x +kubeVersion: "^1.8.0-0" +description: Open Source kanban +home: https://wekan.github.io/ +icon: https://wekan.github.io/wekan-logo.svg +sources: + - https://github.com/wekan/wekan +maintainers: + - name: technotaff + email: github@randall.cc +engine: gotpl diff --git a/wekan/OWNERS b/wekan/OWNERS new file mode 100644 index 0000000..08f7d5d --- /dev/null +++ b/wekan/OWNERS @@ -0,0 +1,4 @@ +approvers: +- technotaff +reviewers: +- technotaff diff --git a/wekan/README.md b/wekan/README.md new file mode 100644 index 0000000..38cb5fe --- /dev/null +++ b/wekan/README.md @@ -0,0 +1,65 @@ +# Helm Chart for Wekan + +## Features + +o Uses a MongoDB replica set by default - this allows fault-tolerant + and scalable MongoDB deployment (or just set the replicas to 1 for + a single server install) + +o Optional Horizontal Pod Autoscaler (HPA), so that your Wekan pods + will scale automatically with increased CPU load. + +## The configurable values (values.yaml) + +Scaling Wekan: + +```yaml +## Configuration for wekan component +## + +replicaCount: 1 +``` +**replicaCount** Will set the initial number of replicas for the Wekan pod (and container) + +```yaml +## Configure an horizontal pod autoscaler +## +autoscaling: + enabled: true + config: + minReplicas: 1 + maxReplicas: 16 + ## Note: when setting this, a `resources.request.cpu` is required. You + ## likely want to set it to `1` or some lower value. + ## + targetCPUUtilizationPercentage: 80 +``` +This section (if *enabled* is set to **true**) will enable the Kubernetes Horizontal Pod Autoscaler (HPA). + +**minReplicas:** this is the minimum number of pods to scale down to (We recommend setting this to the same value as **replicaCount**). + +**maxReplicas:** this is the maximum number of pods to scale up to. + +**targetCPUUtilizationPercentage:** This is the CPU at which the HPA will scale-out the number of Wekan pods. + +```yaml +mongodb-replicaset: + enabled: true + replicas: 3 + replicaSetName: rs0 + securityContext: + runAsUser: 1000 + fsGroup: 1000 + runAsNonRoot: true +``` + +This section controls the scale of the MongoDB redundant Replica Set. + +**replicas:** This is the number of MongoDB instances to include in the set. You can set this to 1 for a single server - this will still allow you to scale-up later with a helm upgrade. + +### Install OCP route +If you use this chart to deploy Wekan on an OCP cluster, you can create route instead of ingress with following command: + +``` bash +$ helm template --set route.enabled=true,ingress.enabled=false values.yaml . | oc apply -f- +``` diff --git a/wekan/charts/.gitkeep b/wekan/charts/.gitkeep new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/wekan/charts/.gitkeep @@ -0,0 +1 @@ + diff --git a/wekan/requirements.lock b/wekan/requirements.lock new file mode 100644 index 0000000..51ca8c5 --- /dev/null +++ b/wekan/requirements.lock @@ -0,0 +1,6 @@ +dependencies: +- name: mongodb-replicaset + repository: https://kubernetes-charts.storage.googleapis.com/ + version: 3.11.6 +digest: sha256:38ec1febccdc6f32a3e0c49b2a8e6f308669ad127700847549d609ef0c3948ed +generated: "2020-08-25T12:35:16.3866668+08:00" diff --git a/wekan/requirements.yaml b/wekan/requirements.yaml new file mode 100644 index 0000000..d19fc63 --- /dev/null +++ b/wekan/requirements.yaml @@ -0,0 +1,5 @@ +dependencies: +- name: mongodb-replicaset + version: 3.11.x + repository: "https://kubernetes-charts.storage.googleapis.com/" + condition: mongodb-replicaset.enabled diff --git a/wekan/templates/NOTES.txt b/wekan/templates/NOTES.txt new file mode 100644 index 0000000..8aa2e27 --- /dev/null +++ b/wekan/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "wekan.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "wekan.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "wekan.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "wekan.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:8080 +{{- end }} diff --git a/wekan/templates/_helpers.tpl b/wekan/templates/_helpers.tpl new file mode 100644 index 0000000..7f33330 --- /dev/null +++ b/wekan/templates/_helpers.tpl @@ -0,0 +1,82 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "wekan.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "wekan.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified name for the wekan data app. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wekan.localdata.fullname" -}} +{{- if .Values.localdata.fullnameOverride -}} +{{- .Values.localdata.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- printf "%s-localdata" .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s-localdata" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "wekan.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use for the api component +*/}} +{{- define "wekan.serviceAccountName" -}} +{{- if .Values.serviceAccounts.create -}} + {{ default (include "wekan.fullname" .) .Values.serviceAccounts.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.name }} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified mongodb-replicaset name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "wekan.mongodb-replicaset.fullname" -}} +{{- $name := default "mongodb-replicaset" (index .Values "mongodb-replicaset" "nameOverride") -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the MongoDB URL. If MongoDB is installed as part of this chart, use k8s service discovery, +else use user-provided URL. +*/}} +{{- define "mongodb-replicaset.url" -}} +{{- if (index .Values "mongodb-replicaset" "enabled") -}} +{{- $count := (int (index .Values "mongodb-replicaset" "replicas")) -}} +{{- $release := .Release.Name -}} +mongodb://{{ $release }}-mongodb-replicaset:27017/admin?replicaSet={{ index .Values "mongodb-replicaset" "replicaSetName" }} +{{- else -}} +{{- index .Values "mongodb-replicaset" "url" -}} +{{- end -}} +{{- end -}} diff --git a/wekan/templates/deployment.yaml b/wekan/templates/deployment.yaml new file mode 100644 index 0000000..68dbf75 --- /dev/null +++ b/wekan/templates/deployment.yaml @@ -0,0 +1,64 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "wekan.fullname" . }} + labels: + app: {{ template "wekan.name" . }} + chart: {{ template "wekan.chart" . }} + component: wekan + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "wekan.name" . }} + component: wekan + release: {{ .Release.Name }} + template: + metadata: + annotations: + labels: + app: {{ template "wekan.name" . }} + component: wekan + release: {{ .Release.Name }} + spec: + serviceAccountName: {{ template "wekan.serviceAccountName" . }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + terminationMessagePolicy: FallbackToLogsOnError + ports: + - name: http + containerPort: 8080 + env: + - name: ROOT_URL + value: {{ .Values.root_url | default "https://wekan.local" | quote }} + - name: MONGO_URL + value: "{{ template "mongodb-replicaset.url" . }}" + {{- range $key := .Values.env }} + {{- if .value }} + - name: {{ .name }} + value: {{ .value | quote }} + {{- end }} + {{- end }} + livenessProbe: + httpGet: + path: / + port: 8080 + initialDelaySeconds: 60 + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} +{{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} diff --git a/wekan/templates/hpa.yaml b/wekan/templates/hpa.yaml new file mode 100644 index 0000000..5c8017c --- /dev/null +++ b/wekan/templates/hpa.yaml @@ -0,0 +1,18 @@ +{{- if .Values.autoscaling.enabled -}} +apiVersion: autoscaling/v1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "wekan.fullname" . }} + labels: + app: {{ template "wekan.name" . }} + chart: {{ template "wekan.chart" . }} + component: wekan + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "wekan.fullname" . }} +{{ toYaml .Values.autoscaling.config | indent 2 }} +{{- end -}} diff --git a/wekan/templates/ingress.yaml b/wekan/templates/ingress.yaml new file mode 100644 index 0000000..dd85ef5 --- /dev/null +++ b/wekan/templates/ingress.yaml @@ -0,0 +1,40 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "wekan.fullname" . -}} +{{- $servicePort := .Values.service.port -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app: {{ template "wekan.name" . }} + chart: {{ template "wekan.chart" . }} + component: wekan + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: 80 + {{- end }} +{{- end }} diff --git a/wekan/templates/route.yaml b/wekan/templates/route.yaml new file mode 100644 index 0000000..9a55591 --- /dev/null +++ b/wekan/templates/route.yaml @@ -0,0 +1,23 @@ +{{- if .Values.route.enabled -}} +{{- $fullName := include "wekan.fullname" . -}} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + annotations: + haproxy.router.openshift.io/timeout: 4m + openshift.io/host.generated: "true" + labels: + app: {{ template "wekan.name" . }} + service: {{ template "wekan.name" . }} + name: {{ template "wekan.name" . }} +spec: + port: + targetPort: http + tls: + termination: edge + to: + kind: Service + name: {{ template "wekan.name" . }} + weight: 100 + wildcardPolicy: None + {{- end }} \ No newline at end of file diff --git a/wekan/templates/secrets.yaml b/wekan/templates/secrets.yaml new file mode 100644 index 0000000..79ae3d4 --- /dev/null +++ b/wekan/templates/secrets.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "wekan.fullname" . }} + labels: + app: {{ template "wekan.name" . }} + chart: {{ template "wekan.chart" . }} + component: wekan + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +type: Opaque +data: + accessKey: {{ .Values.credentials.accessKey | b64enc }} + secretKey: {{ .Values.credentials.secretKey | b64enc }} diff --git a/wekan/templates/service.yaml b/wekan/templates/service.yaml new file mode 100644 index 0000000..6099fae --- /dev/null +++ b/wekan/templates/service.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: + {{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} + {{- end }} + name: {{ template "wekan.fullname" . }} + labels: + app: {{ template "wekan.name" . }} + chart: {{ template "wekan.chart" . }} + component: wekan + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + app: {{ template "wekan.name" . }} + component: wekan + release: {{ .Release.Name }} diff --git a/wekan/templates/serviceaccount.yaml b/wekan/templates/serviceaccount.yaml new file mode 100644 index 0000000..543e58d --- /dev/null +++ b/wekan/templates/serviceaccount.yaml @@ -0,0 +1,16 @@ +{{- if .Values.serviceAccounts.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: +{{- if .Values.serviceAccounts.annotations }} + annotations: +{{ .Values.serviceAccounts.annotations | indent 4}} +{{- end }} + labels: + app: {{ template "wekan.name" . }} + chart: {{ template "wekan.chart" . }} + component: wekan + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + name: {{ template "wekan.serviceAccountName" . }} +{{- end }} diff --git a/wekan/templates/tests/test-cloudserver.yaml b/wekan/templates/tests/test-cloudserver.yaml new file mode 100644 index 0000000..a1db728 --- /dev/null +++ b/wekan/templates/tests/test-cloudserver.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Pod +metadata: + name: {{ template "wekan.fullname" . }}-test + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: {{ template "wekan.fullname" . }}-test + imagePullPolicy: IfNotPresent + image: "docker.io/mesosphere/aws-cli:1.14.5" + command: + - sh + - -c + - aws s3 --endpoint-url=http://{{ include "wekan.fullname" . }} --region=us-east-1 ls + env: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: {{ template "wekan.fullname" . }} + key: accessKey + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ template "wekan.fullname" . }} + key: secretKey + restartPolicy: Never diff --git a/wekan/values.yaml b/wekan/values.yaml new file mode 100644 index 0000000..2c72ead --- /dev/null +++ b/wekan/values.yaml @@ -0,0 +1,117 @@ +# ------------------------------------------------------------------------------ +# Wekan: +# ------------------------------------------------------------------------------ + +## Define serviceAccount names to create or use. Defaults to component's fully +## qualified name. +## +serviceAccounts: + create: true + name: "" + annotations: "" + +## Wekan image configuration +## +image: + repository: quay.io/wekan/wekan + tag: latest + pullPolicy: IfNotPresent + +## Configuration for wekan component +## + +replicaCount: 1 + +## Specify wekan credentials +## +credentials: + accessKey: access-key + secretKey: secret-key + +## Specify additional environmental variables for the Deployment +## +env: + - name: "" + value: "" + +service: + type: ClusterIP + port: 80 + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "8000" + prometheus.io/path: "/_/monitoring/metrics" + +## Comma-separated string of allowed virtual hosts for external access. +## This should match the ingress hosts +## +endpoint: wekan.wekan,kan.k8s.ipa.champion,kan.ervine.cloud + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: /* + # This must match 'endpoint', unless your client supports different + # hostnames. + hosts: [ wekan.local ] + # - wekan.local + tls: [] + # - secretName: wekan-example-tls + # hosts: + # - wekan-example.local + +route: + enabled: false + +resources: + requests: + memory: 128Mi + cpu: 300m + limits: + memory: 1Gi + cpu: 500m + +## Node labels for pod assignment +## ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: + location: bedRoom + +## Tolerations for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## Affinity for pod assignment +## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## +affinity: {} + +## Configure an horizontal pod autoscaler +## +autoscaling: + enabled: true + config: + minReplicas: 1 + maxReplicas: 4 + ## Note: when setting this, a `resources.request.cpu` is required. You + ## likely want to set it to `1` or some lower value. + ## + targetCPUUtilizationPercentage: 80 + +# ------------------------------------------------------------------------------ +# MongoDB: +# ------------------------------------------------------------------------------ + +mongodb-replicaset: + enabled: true + replicas: 1 + replicaSetName: rs0 + securityContext: + runAsUser: 1000 + fsGroup: 1000 + runAsNonRoot: true + #image: + # tag: 3.2.21