diff --git a/charts/incubator/wbo/.helmignore b/charts/incubator/wbo/.helmignore new file mode 100644 index 00000000000..77ca5567b26 --- /dev/null +++ b/charts/incubator/wbo/.helmignore @@ -0,0 +1,30 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ +# OWNERS file for Kubernetes +OWNERS +# helm-docs templates +*.gotmpl +# docs folder +/docs +# icon +icon.png diff --git a/charts/incubator/wbo/Chart.yaml b/charts/incubator/wbo/Chart.yaml new file mode 100644 index 00000000000..a4c6d87341a --- /dev/null +++ b/charts/incubator/wbo/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +appVersion: "10.6.2" +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 10.5.10 +description: WBO is an online collaborative whiteboard that allows many users to draw simultaneously on a large virtual board. +home: https://truecharts.org/docs/charts/stable/airsonic +icon: https://truecharts.org/img/hotlink-ok/chart-icons/airsonic.png +keywords: + - wbo + - whiteboard +kubeVersion: ">=1.16.0-0" +maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org +name: wbo +sources: + - https://github.com/lovasoa/whitebophir +version: 0.0.1 +annotations: + truecharts.org/catagories: | + - productivity + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/charts/incubator/wbo/README.md b/charts/incubator/wbo/README.md new file mode 100644 index 00000000000..e69de29bb2d diff --git a/charts/incubator/wbo/icon.png b/charts/incubator/wbo/icon.png new file mode 100644 index 00000000000..a8d9a8e257f Binary files /dev/null and b/charts/incubator/wbo/icon.png differ diff --git a/charts/incubator/wbo/questions.yaml b/charts/incubator/wbo/questions.yaml new file mode 100644 index 00000000000..4061f855870 --- /dev/null +++ b/charts/incubator/wbo/questions.yaml @@ -0,0 +1,207 @@ +# Include{groups} +portals: + open: +# Include{portalLink} +questions: +# Include{global} +# Include{controller} +# Include{controllerDeployment} +# Include{replicas} +# Include{replica1} +# Include{strategy} +# Include{recreate} +# Include{controllerExpert} +# Include{controllerExpertExtraArgs} + - variable: wbo + group: Container Configuration + label: WBO Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: auth_secret_key + label: Auth Secret key + description: Secret key for jwt + schema: + type: string + private: true + default: "" + - variable: save_interval + label: Save Interval + description: Number of milliseconds of inactivity after which the board should be saved to a file + schema: + type: int + default: 2000 + - variable: max_save_delay + label: Max Save Delay + description: Periodicity at which the board should be saved when it is being actively used (milliseconds) + schema: + type: int + default: 60000 + - variable: max_item_count + label: Max Item Count + description: Maximal number of items to keep in the board. When there are more items, the oldest ones are deleted + schema: + type: int + default: 32768 + - variable: max_children + label: Max Children + description: Max number of sub-items in an item. This prevents flooding + schema: + type: int + default: 192 + - variable: max_board_size + label: Max Board Size + description: Maximum value for any x or y on the board + schema: + type: int + default: 65536 + - variable: max_emit_count + label: Max Emit Count + description: Maximum messages per user over the given time period before banning them + schema: + type: int + default: 192 + - variable: max_emit_count_period + label: Max Emit Count Period + description: Duration after which the emit count is reset in milliseconds + schema: + type: int + default: 4096 + - variable: auto_finger_whiteout + label: Auto Finger Whiteout + description: Automatically switch to White-out on finger touch after drawing with Pencil using a stylus. Only supported on iPad with Apple Pencil. + schema: + type: boolean + default: true + - variable: blocked_tools + label: Blocked Tools + description: Blocked Tools. A list of tools that should not appear on boards. + schema: + type: list + default: [] + items: + - variable: blockedTool + label: Blocked Tool + schema: + type: string + required: true + default: "" + - variable: blocked_selection_buttons + label: Blocked Selection Buttons + description: Blocked Selection Buttons. A list of selection buttons that should not be available. + schema: + type: list + default: [] + items: + - variable: blockedButton + label: Blocked Button + schema: + type: string + required: true + default: "" +# Include{containerConfig} +# Include{serviceRoot} + - variable: main + label: Main Service + description: The Primary service on which the healthcheck runs, often the webUI + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelectorLoadBalancer} +# Include{serviceSelectorExtras} + - variable: main + label: Main Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 10353 + required: true +# Include{advancedPortHTTP} + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 8080 +# Include{serviceExpertRoot} + default: false +# Include{serviceExpert} +# Include{serviceList} +# Include{persistenceRoot} + - variable: data + label: Data Storage + description: Data Storage + schema: + additional_attrs: true + type: dict + attrs: +# Include{persistenceBasic} +# Include{persistenceAdvanced} +# Include{persistenceList} +# Include{ingressRoot} + - variable: main + label: Main Ingress + schema: + additional_attrs: true + type: dict + attrs: +# Include{ingressDefault} +# Include{ingressTLS} +# Include{ingressTraefik} +# Include{ingressExpert} +# Include{ingressList} +# Include{security} +# Include{securityContextAdvancedRoot} + - variable: privileged + label: Privileged mode + schema: + type: boolean + default: false + - variable: readOnlyRootFilesystem + label: ReadOnly Root Filesystem + schema: + type: boolean + default: true + - variable: allowPrivilegeEscalation + label: Allow Privilege Escalation + schema: + type: boolean + default: false + - variable: runAsNonRoot + label: runAsNonRoot + schema: + type: boolean + default: true +# Include{securityContextAdvanced} +# Include{podSecurityContextRoot} + - variable: runAsUser + label: runAsUser + description: The UserID of the user running the application + schema: + type: int + default: 1000 + - variable: runAsGroup + label: runAsGroup + description: The groupID this App of the user running the application + schema: + type: int + default: 1000 + - variable: fsGroup + label: fsGroup + description: The group that should own ALL storage. + schema: + type: int + default: 568 +# Include{podSecurityContextAdvanced} +# Include{resources} +# Include{advanced} +# Include{addons} +# Include{documentation} diff --git a/charts/incubator/wbo/templates/_configmap.tpl b/charts/incubator/wbo/templates/_configmap.tpl new file mode 100644 index 00000000000..9dc087bdbca --- /dev/null +++ b/charts/incubator/wbo/templates/_configmap.tpl @@ -0,0 +1,47 @@ +{{/* Define the configmap */}} +{{- define "wbo.config" -}} + +{{- $configName := printf "%s-config" (include "tc.common.names.fullname" .) }} + +--- + +{{/* This configmap are loaded on both main authentik container and worker */}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $configName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + PORT: {{ .Values.service.main.ports.main.port | quote }} + {{- if or .Values.wbo.save_interval (eq (int .Values.wbo.save_interval) 0) }} + SAVE_INTERVAL: {{ .Values.wbo.save_interval | quote }} + {{- end }} + {{- if or .Values.wbo.max_save_delay (eq (int .Values.wbo.max_save_delay) 0) }} + MAX_SAVE_DELAY: {{ .Values.wbo.max_save_delay | quote }} + {{- end }} + {{- if or .Values.wbo.max_item_count (eq (int .Values.wbo.max_item_count) 0) }} + MAX_ITEM_COUNT: {{ .Values.wbo.max_item_count | quote }} + {{- end }} + {{- if or .Values.wbo.max_children (eq (int .Values.wbo.max_children) 0) }} + MAX_CHILDREN: {{ .Values.wbo.max_children | quote }} + {{- end }} + {{- if or .Values.wbo.max_board_size (eq (int .Values.wbo.max_board_size) 0) }} + MAX_BOARD_SIZE: {{ .Values.wbo.max_board_size | quote }} + {{- end }} + {{- if or .Values.wbo.max_emit_count (eq (int .Values.wbo.max_emit_count) 0) }} + MAX_EMIT_COUNT: {{ .Values.wbo.max_emit_count | quote }} + {{- end }} + {{- if or .Values.wbo.max_emit_count_period (eq (int .Values.wbo.max_emit_count_period) 0) }} + MAX_EMIT_COUNT_PERIOD: {{ .Values.wbo.max_emit_count_period | quote }} + {{- end }} + {{- with .Values.wbo.auto_finger_whiteout }} + AUTO_FINGER_WHITEOUT: {{ ternary "enabled" "disabled" . }} + {{- end }} + {{- with .Values.wbo.blocked_tools }} + BLOCKED_TOOLS: {{ join "," . }} + {{- end }} + {{- with .Values.wbo.blocked_selection_buttons }} + BLOCKED_SELECTION_BUTTONS: {{ join "," . }} + {{- end }} +{{- end -}} diff --git a/charts/incubator/wbo/templates/_secret.tpl b/charts/incubator/wbo/templates/_secret.tpl new file mode 100644 index 00000000000..bade2ca4722 --- /dev/null +++ b/charts/incubator/wbo/templates/_secret.tpl @@ -0,0 +1,21 @@ +{{/* Define the secret */}} +{{- define "wbo.secret" -}} + +{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }} + +--- + +{{/* This secrets are loaded on both main authentik container and worker */}} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ $secretName }} + labels: + {{- include "tc.common.labels" . | nindent 4 }} +data: + {{- with .Values.wbo.auth_secret_key }} + AUTH_SECRET_KEY: {{ . | b64enc }} + {{- end }} + +{{- end }} diff --git a/charts/incubator/wbo/templates/common.yaml b/charts/incubator/wbo/templates/common.yaml new file mode 100644 index 00000000000..3b7e6ab0bb5 --- /dev/null +++ b/charts/incubator/wbo/templates/common.yaml @@ -0,0 +1,11 @@ +{{/* Make sure all variables are set properly */}} +{{- include "tc.common.loader.init" . }} + +{{/* Render secret */}} +{{- include "wbo.secret" . }} + +{{/* Render config */}} +{{- include "wbo.config" . }} + +{{/* Render the templates */}} +{{ include "tc.common.loader.apply" . }} diff --git a/charts/incubator/wbo/values.yaml b/charts/incubator/wbo/values.yaml new file mode 100644 index 00000000000..b5af2c92e04 --- /dev/null +++ b/charts/incubator/wbo/values.yaml @@ -0,0 +1,42 @@ +image: + repository: tccr.io/truecharts/wbo + tag: v1.19.0@sha256:c86e8f81fc24a861e8c7bbb961a1b3dc1c1f0c60322699f22297d004a1fde737 + pullPolicy: IfNotPresent + +podSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + +wbo: + auth_secret_key: "" + save_interval: 2000 + max_save_delay: 60000 + max_item_count: 32768 + max_children: 192 + max_board_size: 65536 + max_emit_count: 192 + max_emit_count_period: 4096 + auto_finger_whiteout: true + blocked_tools: [] + blocked_selection_buttons: [] + +envFrom: + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-secret' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-config' + +service: + main: + ports: + main: + port: 10354 + protocol: HTTP + +persistence: + data: + enabled: true + mountPath: /opt/app/server-data + +portal: + enabled: true