diff --git a/stable/gitea/12.0.25/CHANGELOG.md b/stable/gitea/12.0.25/CHANGELOG.md
new file mode 100644
index 0000000000..2ca861cccc
--- /dev/null
+++ b/stable/gitea/12.0.25/CHANGELOG.md
@@ -0,0 +1,99 @@
+**Important:**
+*for the complete changelog, please refer to the website*
+
+
+
+
+## [gitea-12.0.25](https://github.com/truecharts/charts/compare/gitea-12.0.24...gitea-12.0.25) (2023-01-30)
+
+### Chore
+
+- update container image tccr.io/truecharts/gitea to v1.18.3
+
+
+
+
+## [gitea-12.0.24](https://github.com/truecharts/charts/compare/gitea-12.0.23...gitea-12.0.24) (2023-01-24)
+
+### Chore
+
+- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
+
+
+
+
+## [gitea-12.0.23](https://github.com/truecharts/charts/compare/gitea-12.0.22...gitea-12.0.23) (2023-01-23)
+
+### Chore
+
+- update helm general non-major
+
+
+
+
+## [gitea-12.0.22](https://github.com/truecharts/charts/compare/gitea-12.0.21...gitea-12.0.22) (2023-01-20)
+
+### Chore
+
+- update container image tccr.io/truecharts/gitea to v1.18.2
+
+
+
+
+## [gitea-12.0.21](https://github.com/truecharts/charts/compare/gitea-12.0.20...gitea-12.0.21) (2023-01-19)
+
+### Chore
+
+- update container image tccr.io/truecharts/gitea to v1.18.1
+
+
+
+
+## [gitea-12.0.20](https://github.com/truecharts/charts/compare/gitea-12.0.19...gitea-12.0.20) (2023-01-17)
+
+### Chore
+
+- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
+
+
+
+
+## [gitea-12.0.19](https://github.com/truecharts/charts/compare/gitea-12.0.18...gitea-12.0.19) (2023-01-07)
+
+### Chore
+
+- update helm general non-major ([#6121](https://github.com/truecharts/charts/issues/6121))
+
+
+
+
+## [gitea-12.0.18](https://github.com/truecharts/charts/compare/gitea-12.0.17...gitea-12.0.18) (2022-12-30)
+
+### Chore
+
+- update container image tccr.io/truecharts/gitea to v1.18.0
+
+
+
+
+## [gitea-12.0.17](https://github.com/truecharts/charts/compare/gitea-12.0.16...gitea-12.0.17) (2022-12-27)
+
+### Chore
+
+- update helm general non-major ([#5856](https://github.com/truecharts/charts/issues/5856))
+
+
+
+
+## [gitea-12.0.16](https://github.com/truecharts/charts/compare/gitea-12.0.15...gitea-12.0.16) (2022-12-26)
+
+### Chore
+
+- update helm general non-major ([#5839](https://github.com/truecharts/charts/issues/5839))
+
+
+
+
+## [gitea-12.0.15](https://github.com/truecharts/charts/compare/gitea-12.0.14...gitea-12.0.15) (2022-12-25)
+
+### Chore
diff --git a/stable/gitea/12.0.25/Chart.yaml b/stable/gitea/12.0.25/Chart.yaml
new file mode 100644
index 0000000000..102dffeaf0
--- /dev/null
+++ b/stable/gitea/12.0.25/Chart.yaml
@@ -0,0 +1,43 @@
+apiVersion: v2
+appVersion: "1.18.3"
+dependencies:
+ - name: common
+ repository: https://library-charts.truecharts.org
+ version: 11.1.2
+ - condition: postgresql.enabled
+ name: postgresql
+ repository: https://charts.truecharts.org/
+ version: 11.0.22
+ - condition: memcached.enabled
+ name: memcached
+ repository: https://charts.truecharts.org/
+ version: 5.0.24
+deprecated: false
+description: Self hosted GIT repositories
+home: https://truecharts.org/charts/stable/gitea
+icon: https://truecharts.org/img/hotlink-ok/chart-icons/gitea.png
+keywords:
+ - git
+ - issue tracker
+ - code review
+ - wiki
+ - gitea
+ - gogs
+kubeVersion: ">=1.16.0-0"
+maintainers:
+ - email: info@truecharts.org
+ name: TrueCharts
+ url: https://truecharts.org
+name: gitea
+sources:
+ - https://github.com/truecharts/charts/tree/master/charts/stable/gitea
+ - https://gitea.com/gitea/helm-chart
+ - https://github.com/go-gitea/gitea
+ - https://hub.docker.com/r/gitea/gitea/
+type: application
+version: 12.0.25
+annotations:
+ truecharts.org/catagories: |
+ - GIT
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/grade: U
diff --git a/stable/gitea/12.0.25/README.md b/stable/gitea/12.0.25/README.md
new file mode 100644
index 0000000000..701942c352
--- /dev/null
+++ b/stable/gitea/12.0.25/README.md
@@ -0,0 +1,27 @@
+# README
+
+## General Info
+
+TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
+However only installations using the TrueNAS SCALE Apps system are supported.
+
+For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
+
+
+## Support
+
+- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
+- See the [Website](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
+
+---
+
+## Sponsor TrueCharts
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
+
+*All Rights Reserved - The TrueCharts Project*
diff --git a/stable/gitea/12.0.25/app-changelog.md b/stable/gitea/12.0.25/app-changelog.md
new file mode 100644
index 0000000000..a2a3565151
--- /dev/null
+++ b/stable/gitea/12.0.25/app-changelog.md
@@ -0,0 +1,9 @@
+
+
+## [gitea-12.0.25](https://github.com/truecharts/charts/compare/gitea-12.0.24...gitea-12.0.25) (2023-01-30)
+
+### Chore
+
+- update container image tccr.io/truecharts/gitea to v1.18.3
+
+
\ No newline at end of file
diff --git a/stable/gitea/12.0.25/app-readme.md b/stable/gitea/12.0.25/app-readme.md
new file mode 100644
index 0000000000..e8603ada35
--- /dev/null
+++ b/stable/gitea/12.0.25/app-readme.md
@@ -0,0 +1,8 @@
+Self hosted GIT repositories
+
+This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/gitea](https://truecharts.org/charts/stable/gitea)
+
+---
+
+TrueCharts can only exist due to the incredible effort of our staff.
+Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
diff --git a/stable/gitea/12.0.25/charts/common-11.1.2.tgz b/stable/gitea/12.0.25/charts/common-11.1.2.tgz
new file mode 100644
index 0000000000..da62080e8a
Binary files /dev/null and b/stable/gitea/12.0.25/charts/common-11.1.2.tgz differ
diff --git a/stable/gitea/12.0.25/charts/memcached-5.0.24.tgz b/stable/gitea/12.0.25/charts/memcached-5.0.24.tgz
new file mode 100644
index 0000000000..13c1ca7325
Binary files /dev/null and b/stable/gitea/12.0.25/charts/memcached-5.0.24.tgz differ
diff --git a/stable/gitea/12.0.25/charts/postgresql-11.0.22.tgz b/stable/gitea/12.0.25/charts/postgresql-11.0.22.tgz
new file mode 100644
index 0000000000..e871933725
Binary files /dev/null and b/stable/gitea/12.0.25/charts/postgresql-11.0.22.tgz differ
diff --git a/stable/gitea/12.0.25/ix_values.yaml b/stable/gitea/12.0.25/ix_values.yaml
new file mode 100644
index 0000000000..e4a8e41e65
--- /dev/null
+++ b/stable/gitea/12.0.25/ix_values.yaml
@@ -0,0 +1,145 @@
+image:
+ repository: tccr.io/truecharts/gitea
+ tag: 1.18.3@sha256:c62e6af12fea14091c950919c7d8531584360e9d2903e243e49e14445d6dfd97
+ pullPolicy: IfNotPresent
+
+podSecurityContext:
+ runAsUser: 1000
+ runAsGroup: 1000
+ fsGroup: 1000
+
+service:
+ main:
+ ports:
+ main:
+ port: 10037
+ targetPort: 3000
+ ssh:
+ enabled: true
+ ports:
+ ssh:
+ enabled: true
+ port: 2222
+ targetPort: 2222
+
+envFrom:
+ - configMapRef:
+ name: gitea-env
+
+initContainers:
+ 1-init-directories:
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ command: ["/usr/sbin/init_directory_structure.sh"]
+ securityContext:
+ runAsUser: 0
+ runAsNonRoot: false
+ envFrom:
+ - configMapRef:
+ name: gitea-env
+ volumeMounts:
+ - name: init
+ mountPath: "/usr/sbin"
+ - name: temp
+ mountPath: "/tmp"
+ - name: config
+ mountPath: "/etc/gitea/conf"
+ - name: data
+ mountPath: "/data"
+ 2-configure-gitea:
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ command: ["/usr/sbin/configure_gitea.sh"]
+ envFrom:
+ - configMapRef:
+ name: gitea-env
+ volumeMounts:
+ - name: init
+ mountPath: "/usr/sbin"
+ - name: temp
+ mountPath: "/tmp"
+ - name: data
+ mountPath: "/data"
+
+persistence:
+ data:
+ enabled: true
+ mountPath: "/data"
+ temp:
+ enabled: true
+ mountPath: "/tmp"
+ type: emptyDir
+ varlib:
+ enabled: true
+ mountPath: "/var/lib/gitea"
+ type: emptyDir
+
+# Configure commit/action signing prerequisites
+signing:
+ enabled: true
+ gpgHome: /data/git/.gnupg
+
+admin:
+ username: giteaadmin
+ password: r8sA8CPHD9!bt6d
+ email: "gitea@local.domain"
+
+metrics:
+ enabled: false
+ serviceMonitor:
+ enabled: false
+ # additionalLabels:
+ # prometheus-release: prom1
+
+ldap:
+ enabled: false
+ # name:
+ # securityProtocol:
+ # host:
+ # port:
+ # userSearchBase:
+ # userFilter:
+ # adminFilter:
+ # emailAttribute:
+ # bindDn:
+ # bindPassword:
+ # usernameAttribute:
+ # sshPublicKeyAttribute:
+
+oauth:
+ enabled: false
+ # name:
+ # provider:
+ # key:
+ # secret:
+ # autoDiscoverUrl:
+ # useCustomUrls:
+ # customAuthUrl:
+ # customTokenUrl:
+ # customProfileUrl:
+ # customEmailUrl:
+
+config:
+ APP_NAME: "Gitea: Git with a cup of tea"
+ RUN_MODE: dev
+ ALLOWED_HOST_LIST: "127.0.0.1"
+ nodeIP: 127.0.0.1
+
+customConfig:
+ []
+ # - name: test
+ # keys:
+ # - name: testkey
+ # value: testvalue
+
+# Enabled postgres
+postgresql:
+ enabled: true
+ existingSecret: "dbcreds"
+ postgresqlUsername: gitea
+ postgresqlDatabase: gitea
+
+# -- memcached dependency settings
+memcached:
+ enabled: true
+
+portal:
+ enabled: true
diff --git a/stable/gitea/12.0.25/questions.yaml b/stable/gitea/12.0.25/questions.yaml
new file mode 100644
index 0000000000..c392fa75cf
--- /dev/null
+++ b/stable/gitea/12.0.25/questions.yaml
@@ -0,0 +1,2025 @@
+groups:
+ - name: Container Image
+ description: Image to be used for container
+ - name: General Settings
+ description: General Deployment Settings
+ - name: App Configuration
+ description: App Specific Config Options
+ - name: Networking and Services
+ description: Configure Network and Services for Container
+ - name: Storage and Persistence
+ description: Persist and Share Data that is Separate from the Container
+ - name: Ingress
+ description: Ingress Configuration
+ - name: Security and Permissions
+ description: Configure Security Context and Permissions
+ - name: Resources and Devices
+ description: "Specify Resources/Devices to be Allocated to Workload"
+ - name: Middlewares
+ description: Traefik Middlewares
+ - name: Metrics
+ description: Metrics
+ - name: VPN
+ description: VPN
+ - name: Addons
+ description: Addon Configuration
+ - name: Advanced
+ description: Advanced Configuration
+ - name: Documentation
+ description: Documentation
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_portal_protocol"
+ host:
+ - "$kubernetes-resource_configmap_portal_host"
+ ports:
+ - "$kubernetes-resource_configmap_portal_port"
+questions:
+ - variable: global
+ label: Global Settings
+ group: "General Settings"
+ schema:
+ type: dict
+ hidden: true
+ attrs:
+ - variable: isSCALE
+ label: Flag this is SCALE
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: controller
+ group: "General Settings"
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: replicas
+ description: Number of desired pod replicas
+ label: Desired Replicas
+ schema:
+ type: int
+ required: true
+ default: 1
+ - variable: customextraargs
+ group: "General Settings"
+ label: "Extra Args"
+ description: "Do not click this unless you know what you are doing"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: extraArgs
+ label: Extra Args
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: arg
+ label: Arg
+ schema:
+ type: string
+ - variable: TZ
+ label: Timezone
+ group: "General Settings"
+ schema:
+ type: string
+ default: "Etc/UTC"
+ $ref:
+ - "definitions/timezone"
+ - variable: envList
+ label: Extra Environment Variables
+ description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
+ group: "General Settings"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ - variable: admin
+ group: "App Configuration"
+ label: "Admin Credentials"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: username
+ label: "username"
+ schema:
+ type: string
+ valid_chars: '^(?!^admin$).*$'
+ required: true
+ - variable: password
+ label: "password"
+ schema:
+ type: string
+ required: true
+ private: true
+ - variable: email
+ label: "email"
+ schema:
+ type: string
+ required: true
+ - variable: config
+ group: "App Configuration"
+ label: "Admin Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: APP_NAME
+ label: "APP_NAME"
+ schema:
+ type: string
+ default: "Gitea"
+ required: true
+ - variable: RUN_MODE
+ label: "RUN_MODE"
+ schema:
+ type: string
+ default: "prod"
+ enum:
+ - value: "prod"
+ description: "Production"
+ - value: "dev"
+ description: "Development"
+ - value: "test"
+ description: "Testing"
+ - variable: ALLOWED_HOST_LIST
+ label: "ALLOWED_HOST_LIST"
+ schema:
+ type: string
+ default: "127.0.0.1"
+ required: true
+ - variable: nodeIP
+ label: Node IP
+ description: Used to generate configuration, when installed without ingress
+ schema:
+ type: string
+ required: true
+ $ref:
+ - "definitions/nodeIP"
+ - variable: customConfig
+ group: "App Configuration"
+ label: "Custom Configuration parameters"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: catagoryItem
+ label: "Catagory"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Config Catagory Name"
+ schema:
+ type: string
+ required: true
+ - variable: keys
+ label: "Configuration Parameters"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: configItem
+ label: "parameter"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Parameter Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Parameter Value"
+ schema:
+ type: string
+ required: true
+ - variable: service
+ group: Networking and Services
+ label: Configure Service(s)
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service"
+ description: "The Primary service on which the healthcheck runs, often the webUI"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - value: Simple
+ description: Deprecated CHANGE THIS
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service Port Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 10037
+ required: true
+ - variable: ssh
+ label: "SSH Service"
+ description: "The SSH service"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - value: Simple
+ description: Deprecated CHANGE THIS
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ssh
+ label: "SSH Service Port Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 2222
+ required: true
+ - variable: serviceexpert
+ group: Networking and Services
+ label: Show Expert Config
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hostNetwork
+ group: Networking and Services
+ label: Host-Networking (Complicated)
+ schema:
+ type: boolean
+ default: false
+ - variable: externalInterfaces
+ description: Add External Interfaces
+ label: Add external Interfaces
+ group: Networking
+ schema:
+ type: list
+ items:
+ - variable: interfaceConfiguration
+ description: Interface Configuration
+ label: Interface Configuration
+ schema:
+ type: dict
+ $ref:
+ - "normalize/interfaceConfiguration"
+ attrs:
+ - variable: hostInterface
+ description: Please Specify Host Interface
+ label: Host Interface
+ schema:
+ type: string
+ required: true
+ $ref:
+ - "definitions/interface"
+ - variable: ipam
+ description: Define how IP Address will be managed
+ label: IP Address Management
+ schema:
+ type: dict
+ required: true
+ attrs:
+ - variable: type
+ description: Specify type for IPAM
+ label: IPAM Type
+ schema:
+ type: string
+ required: true
+ enum:
+ - value: dhcp
+ description: Use DHCP
+ - value: static
+ description: Use Static IP
+ show_subquestions_if: static
+ subquestions:
+ - variable: staticIPConfigurations
+ label: Static IP Addresses
+ schema:
+ type: list
+ items:
+ - variable: staticIP
+ label: Static IP
+ schema:
+ type: ipaddr
+ cidr: true
+ - variable: staticRoutes
+ label: Static Routes
+ schema:
+ type: list
+ items:
+ - variable: staticRouteConfiguration
+ label: Static Route Configuration
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: destination
+ label: Destination
+ schema:
+ type: ipaddr
+ cidr: true
+ required: true
+ - variable: gateway
+ label: Gateway
+ schema:
+ type: ipaddr
+ cidr: false
+ required: true
+ - variable: serviceList
+ label: Add Manual Custom Services
+ group: Networking and Services
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: serviceListEntry
+ label: Custom Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the service
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: LoadBalancer
+ description: LoadBalancer (Expose Ports)
+ - value: ClusterIP
+ description: ClusterIP (Do Not Expose Ports)
+ - value: Simple
+ description: Deprecated CHANGE THIS
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: advancedsvcset
+ label: Show Advanced Service Settings
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: External IP
+ schema:
+ type: string
+ - variable: ipFamilyPolicy
+ label: IP Family Policy
+ description: Specify the IP Policy
+ schema:
+ type: string
+ default: SingleStack
+ enum:
+ - value: SingleStack
+ description: SingleStack
+ - value: PreferDualStack
+ description: PreferDualStack
+ - value: RequireDualStack
+ description: RequireDualStack
+ - variable: ipFamilies
+ label: IP Families
+ description: (Advanced) The IP Families that should be used
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ipFamily
+ label: IP Family
+ schema:
+ type: string
+ - variable: portsList
+ label: Additional Service Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsListEntry
+ label: Custom ports
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Port
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Port Name
+ schema:
+ type: string
+ default: ""
+ - variable: protocol
+ label: Port Type
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: HTTP
+ description: HTTP
+ - value: HTTPS
+ description: HTTPS
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - variable: targetPort
+ label: Target Port
+ description: This port exposes the container port on the service
+ schema:
+ type: int
+ required: true
+ - variable: port
+ label: Container Port
+ schema:
+ type: int
+ required: true
+ - variable: persistence
+ label: Integrated Persistent Storage
+ description: Integrated Persistent Storage
+ group: Storage and Persistence
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: data
+ label: "App data Storage"
+ description: "Stores the Application Configuration."
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type of Storage
+ description: Sets the persistence type, Anything other than PVC could break rollback!
+ schema:
+ type: string
+ default: pvc
+ enum:
+ - value: pvc
+ description: PVC
+ - value: hostPath
+ description: Host Path
+ - value: emptyDir
+ description: emptyDir
+ - value: nfs
+ description: NFS Share
+ - variable: server
+ label: NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: Path on NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: setPermissions
+ label: Automatic Permissions
+ description: Automatically set permissions on install
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: boolean
+ default: false
+ - variable: readOnly
+ label: Read Only
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Path
+ description: Path inside the container the storage is mounted
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: medium
+ label: EmptyDir Medium
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: Memory
+ description: Memory
+ - variable: size
+ label: Size quotum of Storage (Do NOT REDUCE after installation)
+ description: This value can ONLY be INCREASED after the installation
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: 256Gi
+ - variable: persistenceList
+ label: Additional App Storage
+ group: Storage and Persistence
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: persistenceListEntry
+ label: Custom Storage
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the storage
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Type of Storage
+ description: Sets the persistence type, Anything other than PVC could break rollback!
+ schema:
+ type: string
+ default: hostPath
+ enum:
+ - value: pvc
+ description: PVC
+ - value: hostPath
+ description: Host Path
+ - value: emptyDir
+ description: emptyDir
+ - value: nfs
+ description: NFS Share
+ - variable: server
+ label: NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: Path on NFS Server
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: setPermissions
+ label: Automatic Permissions
+ description: Automatically set permissions on install
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: boolean
+ default: false
+ - variable: readOnly
+ label: Read Only
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Path
+ description: Path inside the container the storage is mounted
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: mountPath
+ label: Mount Path
+ description: Path inside the container the storage is mounted
+ schema:
+ type: string
+ default: ""
+ required: true
+ valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
+ - variable: medium
+ label: EmptyDir Medium
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: Memory
+ description: Memory
+ - variable: size
+ label: Size Quotum of Storage
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: 256Gi
+ - variable: ingress
+ label: ""
+ group: Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: clusterIssuer
+ label: clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
+ schema:
+ type: string
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ show_if: [["clusterIssuer", "=", ""]]
+ default: []
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: clusterIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: Use TrueNAS SCALE Certificate (Deprecated)
+ schema:
+ show_if: [["clusterIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: secretName
+ label: Use Custom Secret (Advanced)
+ schema:
+ show_if: [["clusterIssuer", "=", ""]]
+ type: string
+ default: ""
+ - variable: entrypoint
+ label: (Advanced) Traefik Entrypoint
+ description: Entrypoint used by Traefik when using Traefik as Ingress Provider
+ schema:
+ type: string
+ default: websecure
+ required: true
+ - variable: ingressClassName
+ label: (Advanced/Optional) IngressClass Name
+ schema:
+ type: string
+ default: ""
+ - variable: middlewares
+ label: Traefik Middlewares
+ description: Add previously created Traefik Middlewares to this Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: ingressList
+ label: Add Manual Custom Ingresses
+ group: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressListEntry
+ label: Custom Ingress
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable Ingress
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ - variable: ingressClassName
+ label: IngressClass Name
+ schema:
+ type: string
+ default: ""
+ - variable: hosts
+ label: Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: HostName
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: Paths
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: Path
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: Path Type
+ schema:
+ type: string
+ required: true
+ default: Prefix
+ - variable: service
+ label: Linked Service
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Service Name
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: Service Port
+ schema:
+ type: int
+ - variable: clusterIssuer
+ label: clusterIssuer
+ description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
+ schema:
+ type: string
+ default: ""
+ - variable: tls
+ label: TLS-Settings
+ schema:
+ type: list
+ default: []
+ show_if: [["clusterIssuer", "=", ""]]
+ items:
+ - variable: tlsEntry
+ label: Host
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: Certificate Hosts
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: Host
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: clusterIssuer
+ label: Use Cert-Manager clusterIssuer
+ description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
+ schema:
+ type: string
+ default: ""
+ - variable: scaleCert
+ label: Use TrueNAS SCALE Certificate (Deprecated)
+ schema:
+ show_if: [["clusterIssuer", "=", ""]]
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: secretName
+ label: Use Custom Secret (Advanced)
+ schema:
+ type: string
+ show_if: [["clusterIssuer", "=", ""]]
+ default: ""
+ - variable: entrypoint
+ label: Traefik Entrypoint
+ description: Entrypoint used by Traefik when using Traefik as Ingress Provider
+ schema:
+ type: string
+ default: websecure
+ required: true
+ - variable: middlewares
+ label: Traefik Middlewares
+ description: Add previously created Traefik Middlewares to this Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: security
+ label: Container Security Settings
+ group: Security and Permissions
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: editsecurity
+ label: Change PUID / UMASK values
+ description: By enabling this you override default set values.
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: PUID
+ label: Process User ID - PUID
+ description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
+ schema:
+ type: int
+ default: 568
+ - variable: UMASK
+ label: UMASK
+ description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
+ schema:
+ type: string
+ default: "002"
+ - variable: advancedSecurity
+ label: Show Advanced Security Settings
+ group: Security and Permissions
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: securityContext
+ label: Security Context
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: privileged
+ label: "Privileged mode"
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnlyRootFilesystem
+ label: "ReadOnly Root Filesystem"
+ schema:
+ type: boolean
+ default: true
+ - variable: allowPrivilegeEscalation
+ label: "Allow Privilege Escalation"
+ schema:
+ type: boolean
+ default: false
+ - variable: runAsNonRoot
+ label: "runAsNonRoot"
+ schema:
+ type: boolean
+ default: true
+ - variable: podSecurityContext
+ group: Security and Permissions
+ label: Pod Security Context
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: runAsUser
+ label: "runAsUser"
+ description: "The UserID of the user running the application"
+ schema:
+ type: int
+ default: 1000
+ - variable: runAsGroup
+ label: "runAsGroup"
+ description: "The groupID this App of the user running the application"
+ schema:
+ type: int
+ default: 1000
+ - variable: fsGroup
+ label: "fsGroup"
+ description: "The group that should own ALL storage."
+ schema:
+ type: int
+ default: 1000
+ - variable: fsGroupChangePolicy
+ label: "When should we take ownership?"
+ schema:
+ type: string
+ default: OnRootMismatch
+ enum:
+ - value: OnRootMismatch
+ description: OnRootMismatch
+ - value: Always
+ description: Always
+ - variable: supplementalGroups
+ label: Supplemental Groups
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: supplementalGroupsEntry
+ label: Supplemental Group
+ schema:
+ type: int
+ - variable: resources
+ group: Resources and Devices
+ label: "Resource Limits"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: limits
+ label: Advanced Limit Resource Consumption
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
+ schema:
+ type: string
+ default: 4000m
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: RAM
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
+ schema:
+ type: string
+ default: 8Gi
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: requests
+ label: "Minimum Resources Required (request)"
+ schema:
+ additional_attrs: true
+ type: dict
+ hidden: true
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
+ schema:
+ type: string
+ default: 10m
+ hidden: true
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "RAM"
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
+ schema:
+ type: string
+ default: 50Mi
+ hidden: true
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: deviceList
+ label: Mount USB Devices
+ group: Resources and Devices
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: deviceListEntry
+ label: Device
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable the Storage
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: (Advanced) Type of Storage
+ description: Sets the persistence type
+ schema:
+ type: string
+ default: hostPath
+ hidden: true
+ - variable: readOnly
+ label: readOnly
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: Host Device Path
+ description: Path to the device on the host system
+ schema:
+ type: path
+ - variable: mountPath
+ label: Container Device Path
+ description: Path inside the container the device is mounted
+ schema:
+ type: string
+ default: "/dev/ttyACM0"
+ # Specify GPU configuration
+ - variable: scaleGPU
+ label: GPU Configuration
+ group: Resources and Devices
+ schema:
+ type: dict
+ $ref:
+ - "definitions/gpuConfiguration"
+ attrs: []
+# - variable: horizontalPodAutoscaler
+# group: Advanced
+# label: (Advanced) Horizontal Pod Autoscaler
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: hpaEntry
+# label: HPA Entry
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: name
+# label: Name
+# schema:
+# type: string
+# required: true
+# default: ""
+# - variable: enabled
+# label: Enabled
+# schema:
+# type: boolean
+# default: false
+# show_subquestions_if: true
+# subquestions:
+# - variable: target
+# label: Target
+# description: Deployment name, Defaults to Main Deployment
+# schema:
+# type: string
+# default: ""
+# - variable: minReplicas
+# label: Minimum Replicas
+# schema:
+# type: int
+# default: 1
+# - variable: maxReplicas
+# label: Maximum Replicas
+# schema:
+# type: int
+# default: 5
+# - variable: targetCPUUtilizationPercentage
+# label: Target CPU Utilization Percentage
+# schema:
+# type: int
+# default: 80
+# - variable: targetMemoryUtilizationPercentage
+# label: Target Memory Utilization Percentage
+# schema:
+# type: int
+# default: 80
+ - variable: networkPolicy
+ group: Advanced
+ label: (Advanced) Network Policy
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: netPolicyEntry
+ label: Network Policy Entry
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ default: ""
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: policyType
+ label: Policy Type
+ schema:
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: Default
+ - value: ingress
+ description: Ingress
+ - value: egress
+ description: Egress
+ - value: ingress-egress
+ description: Ingress and Egress
+ - variable: egress
+ label: Egress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: egressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: to
+ label: To
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: toEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: ingress
+ label: Ingress
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: from
+ label: From
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: fromEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: ipBlock
+ label: IP Block
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cidr
+ label: CIDR
+ schema:
+ type: string
+ default: ""
+ - variable: except
+ label: Except
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: exceptint
+ label: ""
+ schema:
+ type: string
+ - variable: namespaceSelector
+ label: Namespace Selector
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: podSelector
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: matchExpressions
+ label: Match Expressions
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: expressionEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: key
+ label: Key
+ schema:
+ type: string
+ - variable: operator
+ label: Operator
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: In
+ description: In
+ - value: NotIn
+ description: NotIn
+ - value: Exists
+ description: Exists
+ - value: DoesNotExist
+ description: DoesNotExist
+ - variable: values
+ label: Values
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: value
+ label: ""
+ schema:
+ type: string
+ - variable: ports
+ label: Ports
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsEntry
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ - variable: endPort
+ label: End Port
+ schema:
+ type: int
+ - variable: protocol
+ label: Protocol
+ schema:
+ type: string
+ default: TCP
+ enum:
+ - value: TCP
+ description: TCP
+ - value: UDP
+ description: UDP
+ - value: SCTP
+ description: SCTP
+ - variable: addons
+ group: Addons
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: Codeserver
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: git
+ label: Git Settings
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: deployKey
+ description: Raw SSH Private Key
+ label: Deploy Key
+ schema:
+ type: string
+ - variable: deployKeyBase64
+ description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
+ label: Deploy Key Base64
+ schema:
+ type: string
+ - variable: service
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Service Type
+ description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: LoadBalancer
+ enum:
+ - value: NodePort
+ description: Deprecated CHANGE THIS
+ - value: ClusterIP
+ description: ClusterIP
+ - value: LoadBalancer
+ description: LoadBalancer
+ - variable: loadBalancerIP
+ label: LoadBalancer IP
+ description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: advancedsvcset
+ label: Show Advanced Service Settings
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: External IP
+ schema:
+ type: string
+ - variable: ipFamilyPolicy
+ label: IP Family Policy
+ description: Specify the IP Policy
+ schema:
+ type: string
+ default: SingleStack
+ enum:
+ - value: SingleStack
+ description: SingleStack
+ - value: PreferDualStack
+ description: PreferDualStack
+ - value: RequireDualStack
+ description: RequireDualStack
+ - variable: ipFamilies
+ label: IP Families
+ description: (Advanced) The IP Families that should be used
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ipFamily
+ label: IP Family
+ schema:
+ type: string
+ - variable: ports
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: Port
+ schema:
+ type: int
+ default: 36107
+ - variable: nodePort
+ description: Leave Empty to Disable
+ label: nodePort DEPRECATED
+ schema:
+ type: int
+ default: 36107
+ - variable: envList
+ label: Codeserver Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: vpn
+ label: VPN
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ default: disabled
+ enum:
+ - value: disabled
+ description: disabled
+ - value: openvpn
+ description: OpenVPN
+ - value: wireguard
+ description: Wireguard
+ - value: tailscale
+ description: Tailscale
+ - variable: openvpn
+ label: OpenVPN Settings
+ schema:
+ type: dict
+ show_if: [["type", "=", "openvpn"]]
+ attrs:
+ - variable: username
+ label: Authentication Username (Optional)
+ description: Authentication Username, Optional
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: Authentication Password
+ description: Authentication Credentials
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: tailscale
+ label: Tailscale Settings
+ schema:
+ type: dict
+ show_if: [["type", "=", "tailscale"]]
+ attrs:
+ - variable: authkey
+ label: Authentication Key
+ description: Provide an auth key to automatically authenticate the node as your user account.
+ schema:
+ type: string
+ private: true
+ default: ""
+ - variable: auth_once
+ label: Auth Once
+ description: Only attempt to log in if not already logged in.
+ schema:
+ type: boolean
+ default: true
+ - variable: accept_dns
+ label: Accept DNS
+ description: Accept DNS configuration from the admin console.
+ schema:
+ type: boolean
+ default: false
+ - variable: userspace
+ label: Userspace
+ description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
+ schema:
+ type: boolean
+ default: false
+ - variable: routes
+ label: Routes
+ description: Expose physical subnet routes to your entire Tailscale network.
+ schema:
+ type: string
+ default: ""
+ - variable: dest_ip
+ label: Destination IP
+ description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
+ schema:
+ type: string
+ default: ""
+ - variable: sock5_server
+ label: Sock5 Server
+ description: The address on which to listen for SOCKS5 proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: outbound_http_proxy_listen
+ label: Outbound HTTP Proxy Listen
+ description: The address on which to listen for HTTP proxying into the tailscale net.
+ schema:
+ type: string
+ default: ""
+ - variable: extra_args
+ label: Extra Args
+ description: Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: daemon_extra_args
+ label: Tailscale Daemon Extra Args
+ description: Tailscale Daemon Extra Args
+ schema:
+ type: string
+ default: ""
+ - variable: killSwitch
+ label: Enable Killswitch
+ schema:
+ type: boolean
+ show_if: [["type", "!=", "disabled"]]
+ default: true
+ - variable: excludedNetworks_IPv4
+ label: Killswitch Excluded IPv4 networks
+ description: List of Killswitch Excluded IPv4 Addresses
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv4
+ label: IPv4 Network
+ schema:
+ type: string
+ required: true
+ - variable: excludedNetworks_IPv6
+ label: Killswitch Excluded IPv6 networks
+ description: "List of Killswitch Excluded IPv6 Addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv6
+ label: IPv6 Network
+ schema:
+ type: string
+ required: true
+ - variable: configFile
+ label: VPN Config File Location
+ schema:
+ type: dict
+ show_if: [["type", "!=", "disabled"]]
+ attrs:
+ - variable: enabled
+ label: Enabled
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ default: hostPath
+ hidden: true
+ - variable: hostPathType
+ label: hostPathType
+ schema:
+ type: string
+ default: File
+ hidden: true
+ - variable: noMount
+ label: noMount
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: hostPath
+ label: Full Path to File
+ description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
+ schema:
+ type: string
+ default: ""
+ - variable: envList
+ label: VPN Environment Variables
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: Environment Variable
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: Name
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: Value
+ schema:
+ type: string
+ required: true
+ - variable: docs
+ group: Documentation
+ label: Please read the documentation at https://truecharts.org
+ description: Please read the documentation at
+
https://truecharts.org
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDocs
+ label: I have checked the documentation
+ schema:
+ type: boolean
+ default: true
+ - variable: donateNag
+ group: Documentation
+ label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
+ description: Please consider supporting TrueCharts, see
+
https://truecharts.org/sponsor
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: confirmDonate
+ label: I have considered donating
+ schema:
+ type: boolean
+ default: true
+ hidden: true
diff --git a/stable/gitea/12.0.25/templates/_configmap.tpl b/stable/gitea/12.0.25/templates/_configmap.tpl
new file mode 100644
index 0000000000..b306a6046a
--- /dev/null
+++ b/stable/gitea/12.0.25/templates/_configmap.tpl
@@ -0,0 +1,20 @@
+{{/* Define the configmap */}}
+{{- define "gitea.configmap" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: gitea-env
+data:
+ GITEA_APP_INI: "/data/gitea/conf/app.ini"
+ GITEA_CUSTOM: "/data/gitea"
+ GITEA_WORK_DIR: "/data"
+ GITEA_TEMP: "/tmp/gitea"
+ GITEA_ADMIN_USERNAME: {{ .Values.admin.username }}
+ GITEA_ADMIN_PASSWORD: {{ .Values.admin.password }}
+ SSH_PORT: {{ .Values.service.ssh.ports.ssh.port | quote }}
+ SSH_LISTEN_PORT: {{ .Values.service.ssh.ports.ssh.targetPort | quote }}
+ TMPDIR: "/tmp/gitea"
+ GNUPGHOME: "/data/git/.gnupg"
+
+{{- end -}}
diff --git a/stable/gitea/12.0.25/templates/_secrets.tpl b/stable/gitea/12.0.25/templates/_secrets.tpl
new file mode 100644
index 0000000000..335581abe7
--- /dev/null
+++ b/stable/gitea/12.0.25/templates/_secrets.tpl
@@ -0,0 +1,246 @@
+{{/* Define the secrets */}}
+{{- define "gitea.secrets" -}}
+
+---
+{{ $DOMAIN := .Values.config.nodeIP | quote -}}
+{{ $URL := (printf "http://%s/" .Values.config.nodeIP) }}
+
+{{- if and (.Values.ingress.main.enabled) (gt (len .Values.ingress.main.hosts) 0) -}}
+ {{- $DOMAIN = (index .Values.ingress.main.hosts 0).host -}}
+ {{- $URL = (printf "https://%s/" (index .Values.ingress.main.hosts 0).host) -}}
+{{- end -}}
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "tc.common.names.fullname" . }}
+ labels:
+ {{- include "tc.common.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+ app.ini: |-
+ APP_NAME = {{ .Values.config.APP_NAME }}
+ RUN_MODE = {{ .Values.config.RUN_MODE }}
+
+ [cache]
+ ADAPTER = memcache
+ ENABLED = true
+ HOST = {{ printf "%v-%v:%v" .Release.Name "memcached" "11211" }}
+ {{- range $catindex, $catvalue := .Values.customConfig }}
+ {{- if eq $catvalue.name "cache" }}
+ {{- range $index, $value := $catvalue.keys }}
+ {{ $value.name }} = {{ $value.value }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+
+ [database]
+ DB_TYPE = postgres
+ HOST = {{ printf "%v-%v:%v" .Release.Name "postgresql" "5432" }}
+ NAME = {{ .Values.postgresql.postgresqlDatabase }}
+ PASSWD = {{ .Values.postgresql.postgresqlPassword }}
+ USER = {{ .Values.postgresql.postgresqlUsername }}
+ {{- range $catindex, $catvalue := .Values.customConfig }}
+ {{- if eq $catvalue.name "database" }}
+ {{- range $index, $value := $catvalue.keys }}
+ {{ $value.name }} = {{ $value.value }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+
+ [metrics]
+ ENABLED = {{ .Values.metrics.enabled }}
+ {{- range $catindex, $catvalue := .Values.customConfig }}
+ {{- if eq $catvalue.name "metrics" }}
+ {{- range $index, $value := $catvalue.keys }}
+ {{ $value.name }} = {{ $value.value }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+
+ [repository]
+ ROOT = /data/git/gitea-repositories
+ {{- range $catindex, $catvalue := .Values.customConfig }}
+ {{- if eq $catvalue.name "repository" }}
+ {{- range $index, $value := $catvalue.keys }}
+ {{ $value.name }} = {{ $value.value }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+
+
+ [security]
+ INSTALL_LOCK = true
+ {{- range $catindex, $catvalue := .Values.customConfig }}
+ {{- if eq $catvalue.name "security" }}
+ {{- range $index, $value := $catvalue.keys }}
+ {{ $value.name }} = {{ $value.value }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+
+ [webhook]
+ ALLOWED_HOST_LIST = {{ .Values.config.ALLOWED_HOST_LIST }}
+
+ [server]
+ APP_DATA_PATH = /data
+ DOMAIN = {{ $DOMAIN }}
+ ENABLE_PPROF = false
+ HTTP_PORT = {{ .Values.service.main.ports.main.targetPort }}
+ PROTOCOL = http
+ ROOT_URL = {{ $URL }}
+ SSH_DOMAIN = {{ $DOMAIN }}
+ SSH_LISTEN_PORT = {{ .Values.service.ssh.ports.ssh.targetPort }}
+ SSH_PORT = {{ .Values.service.ssh.ports.ssh.port }}
+ START_SSH_SERVER = true
+ {{- range $catindex, $catvalue := .Values.customConfig }}
+ {{- if eq $catvalue.name "server" }}
+ {{- range $index, $value := $catvalue.keys }}
+ {{ $value.name }} = {{ $value.value }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+
+ {{- range $catindex, $catvalue := .Values.customConfig }}
+ {{- if not ( or ( eq $catvalue.name "server" ) ( eq $catvalue.name "server" ) ( eq $catvalue.name "security" ) ( eq $catvalue.name "repository" ) ( eq $catvalue.name "metrics" ) ( eq $catvalue.name "database" ) ( eq $catvalue.name "cache" ) ) }}
+ [{{ $catvalue.name }}]
+ {{- range $index, $value := $catvalue.keys }}
+ {{ $value.name }} = {{ $value.value }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "tc.common.names.fullname" . }}-init
+ labels:
+ {{- include "tc.common.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+ init_directory_structure.sh: |-
+ #!/usr/bin/env bash
+
+ set -euo pipefail
+
+ {{- if .Values.initPreScript }}
+ # BEGIN: initPreScript
+ {{- with .Values.initPreScript -}}
+ {{ . | nindent 4}}
+ {{- end -}}
+ # END: initPreScript
+ {{- end }}
+
+ set -x
+
+ mkdir -p /data/git/.ssh
+ chmod -R 700 /data/git/.ssh
+ [ ! -d /data/gitea ] && mkdir -p /data/gitea/conf
+
+ # prepare temp directory structure
+ mkdir -p "${GITEA_TEMP}"
+ chown -Rf {{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} "${GITEA_TEMP}"
+ chmod ug+rwx "${GITEA_TEMP}"
+
+ # Copy config file to writable volume
+ cp /etc/gitea/conf/app.ini /data/gitea/conf/app.ini
+ chown -Rf {{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} "/data"
+ chmod a+rwx /data/gitea/conf/app.ini
+
+ # Patch dockercontainer for dynamic users
+ chown -Rf {{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} "/var/lib/gitea"
+
+ configure_gitea.sh: |-
+ #!/usr/bin/env bash
+
+ set -euo pipefail
+
+
+ # Connection retry inspired by https://gist.github.com/dublx/e99ea94858c07d2ca6de
+ function test_db_connection() {
+ local RETRY=0
+ local MAX=30
+
+ echo 'Wait for database to become avialable...'
+ until [ "${RETRY}" -ge "${MAX}" ]; do
+ nc -vz -w2 {{ printf "%v-%v" .Release.Name "postgresql" }} 5432 && break
+ RETRY=$[${RETRY}+1]
+ echo "...not ready yet (${RETRY}/${MAX})"
+ done
+
+ if [ "${RETRY}" -ge "${MAX}" ]; then
+ echo "Database not reachable after '${MAX}' attempts!"
+ exit 1
+ fi
+ }
+
+ test_db_connection
+
+
+ echo '==== BEGIN GITEA MIGRATION ===='
+
+ gitea migrate
+
+ echo '==== BEGIN GITEA CONFIGURATION ===='
+
+ {{- if or .Values.admin.existingSecret (and .Values.admin.username .Values.admin.password) }}
+ function configure_admin_user() {
+ local ACCOUNT_ID=$(gitea admin user list --admin | grep -e "\s\+${GITEA_ADMIN_USERNAME}\|{{ .Values.admin.email }}\s\+" | awk -F " " "{printf \$1}")
+ if [[ -z "${ACCOUNT_ID}" ]]; then
+ echo "No admin user '${GITEA_ADMIN_USERNAME}' found, neither email '{{ .Values.admin.email }}' is assigned to an admin. Creating now..."
+ gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.admin.email | quote }} --must-change-password=false
+ echo '...created.'
+ else
+ echo "Admin account '${GITEA_ADMIN_USERNAME}' or email {{ .Values.admin.email }} already exist. Running update to sync password..."
+ gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}"
+ echo '...password sync done.'
+ fi
+ }
+
+ configure_admin_user
+ {{- end }}
+
+ {{- if .Values.ldap.enabled }}
+ function configure_ldap() {
+ local LDAP_NAME={{ (printf "%s" .Values.ldap.name) | squote }}
+ local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}")
+
+ if [[ -z "${GITEA_AUTH_ID}" ]]; then
+ echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..."
+ gitea admin auth add-ldap {{- include "gitea.ldap_settings" . | indent 1 }}
+ echo '...installed.'
+ else
+ echo "Existing ldap configuration with name '${LDAP_NAME}': '${GITEA_AUTH_ID}'. Running update to sync settings..."
+ gitea admin auth update-ldap --id "${GITEA_AUTH_ID}" {{- include "gitea.ldap_settings" . | indent 1 }}
+ echo '...sync settings done.'
+ fi
+ }
+
+ configure_ldap
+ {{- end }}
+
+ {{- if .Values.oauth.enabled }}
+ function configure_oauth() {
+ local OAUTH_NAME={{ (printf "%s" .Values.oauth.name) | squote }}
+ local AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " " "{print \$1}")
+
+ if [[ -z "${AUTH_ID}" ]]; then
+ echo "No oauth configuration found with name '${OAUTH_NAME}'. Installing it now..."
+ gitea admin auth add-oauth {{- include "gitea.oauth_settings" . | indent 1 }}
+ echo '...installed.'
+ else
+ echo "Existing oauth configuration with name '${OAUTH_NAME}': '${AUTH_ID}'. Running update to sync settings..."
+ gitea admin auth update-oauth --id "${AUTH_ID}" {{- include "gitea.oauth_settings" . | indent 1 }}
+ echo '...sync settings done.'
+ fi
+ }
+
+ configure_oauth
+ {{- end }}
+
+ echo '==== END GITEA CONFIGURATION ===='
+
+
+{{- end -}}
diff --git a/stable/gitea/12.0.25/templates/common.yaml b/stable/gitea/12.0.25/templates/common.yaml
new file mode 100644
index 0000000000..eb5106bfa7
--- /dev/null
+++ b/stable/gitea/12.0.25/templates/common.yaml
@@ -0,0 +1,38 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.common.loader.init" . }}
+
+{{/* Render secrets for gitea */}}
+{{- include "gitea.secrets" . }}
+
+{{/* Render configmap for gitea */}}
+{{- include "gitea.configmap" . }}
+
+{{/* Append the general secret volumes to the volumes */}}
+{{- define "gitea.initvolume" -}}
+enabled: "true"
+mountPath: "/secrets/ini"
+readOnly: true
+type: "custom"
+volumeSpec:
+ secret:
+ secretName: {{ include "tc.common.names.fullname" . }}-init
+ defaultMode: 0777
+{{- end -}}
+
+{{/* Append the general secret volumes to the volumes */}}
+{{- define "gitea.configvolume" -}}
+enabled: "true"
+mountPath: "/secrets/config"
+readOnly: true
+type: "custom"
+volumeSpec:
+ secret:
+ secretName: {{ include "tc.common.names.fullname" . }}
+{{- end -}}
+
+{{- $_ := set .Values.persistence "init" (include "gitea.initvolume" . | fromYaml) -}}
+{{- $_ := set .Values.persistence "config" (include "gitea.configvolume" . | fromYaml) -}}
+
+
+{{/* Render the templates */}}
+{{ include "tc.common.loader.apply" . }}
diff --git a/stable/gitea/12.0.25/values.yaml b/stable/gitea/12.0.25/values.yaml
new file mode 100644
index 0000000000..e69de29bb2