feat(vikunja): BREAKING CHANGE - allow custom yaml to some extent and use a config file to provide all available features (#6607)

* feat(vikunja): switch to configfile and restructure

* extent values

* more values

* remove extra's. all is exposed anyway

* pre-commit

* lint

* add service

* fix

* fix

* more quests

* add moer

* bump

* openID

* migration

* port

* whops

---------

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
This commit is contained in:
Stavros Kois
2023-02-28 10:14:10 +02:00
committed by GitHub
parent 62af7f69b3
commit ca0cc83ecb
5 changed files with 1159 additions and 283 deletions

View File

@@ -26,7 +26,7 @@ name: vikunja
sources:
- https://github.com/truecharts/charts/tree/master/charts/stable/vikunja
- https://vikunja.io/docs
version: 6.0.34
version: 7.0.0
annotations:
truecharts.org/catagories: |
- productivity

File diff suppressed because it is too large Load Diff

View File

@@ -1,20 +1,189 @@
{{/* Define the secrets */}}
{{- define "vikunja.secrets" -}}
---
{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) -}}
{{- $secretStorage := printf "%s-storage-secret" (include "tc.common.names.fullname" .) -}}
{{- $jwtSecret := randAlphaNum 32 -}}
{{- with lookup "v1" "Secret" .Release.Namespace $secretStorage -}}
{{- $jwtSecret = index .data "JWT_SECRET" | b64dec -}}
{{- end }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: vikunja-secrets
{{- $vikunjaprevious := lookup "v1" "Secret" .Release.Namespace "vikunja-secrets" }}
{{- $jwt_secret := "" }}
name: {{ $secretStorage }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
data:
{{- if $vikunjaprevious}}
VIKUNJA_SERVICE_JWT_SECRET: {{ index $vikunjaprevious.data "VIKUNJA_SERVICE_JWT_SECRET" }}
{{- else }}
{{- $jwt_secret := randAlphaNum 32 }}
VIKUNJA_SERVICE_JWT_SECRET: {{ $jwt_secret | b64enc }}
{{- end }}
JWT_SECRET: {{ $jwtSecret | b64enc }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ $secretName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
stringData:
config.yml: |
database:
type: postgres
user: {{ .Values.postgresql.postgresqlUsername }}
password: {{ .Values.postgresql.postgresqlPassword | trimAll "\"" }}
host: {{ printf "%v-%v" .Release.Name "postgres" }}
cache:
enabled: true
type: redis
redis:
enabled: true
host: {{ printf "%v-%v:%v" .Release.Name "redis" "6379" }}
password: {{ .Values.redis.redisPassword | trimAll "\""}}
db: 0
keyvalue:
type: redis
service:
interface: ":3456"
JWTSecret: {{ $jwtSecret }}
timezone: {{ .Values.TZ | quote }}
jwtttl: {{ .Values.vikunja.service.jwtttl | int }}
jwtttllong: {{ .Values.vikunja.service.jwtttllong | int }}
frontendurl: {{ .Values.vikunja.service.frontendurl | quote }}
maxitemsperpage: {{ .Values.vikunja.service.maxitemsperpage }}
enablecaldav: {{ .Values.vikunja.service.enablecaldav }}
motd: {{ .Values.vikunja.service.motd | quote }}
enablelinksharing: {{ .Values.vikunja.service.enablelinksharing }}
enableregistration: {{ .Values.vikunja.service.enableregistration }}
enabletaskattachments: {{ .Values.vikunja.service.enabletaskattachments }}
enabletaskcomments: {{ .Values.vikunja.service.enabletaskcomments }}
enabletotp: {{ .Values.vikunja.service.enabletotp }}
enableemailreminders: {{ .Values.vikunja.service.enableemailreminders }}
enableuserdeletion: {{ .Values.vikunja.service.enableuserdeletion }}
maxavatarsize: {{ .Values.vikunja.service.maxavatarsize }}
metrics:
enabled: {{ .Values.metrics.enabled }}
cors:
enabled: {{ .Values.vikunja.cors.enabled }}
{{- with .Values.vikunja.cors.origins }}
origins:
{{- range . }}
- {{ . | quote }}
{{- end }}
{{- else }}
origins: []
{{- end }}
maxage: {{ .Values.vikunja.cors.maxage }}
mailer:
enabled: {{ .Values.vikunja.mailer.enabled }}
host: {{ .Values.vikunja.mailer.host | quote }}
port: {{ .Values.vikunja.mailer.port }}
authtype: {{ .Values.vikunja.mailer.authtype | quote }}
username: {{ .Values.vikunja.mailer.username | quote }}
password: {{ .Values.vikunja.mailer.password | quote }}
skiptlsverify: {{ .Values.vikunja.mailer.skiptlsverify }}
fromemail: {{ .Values.vikunja.mailer.fromemail | quote }}
queuelength: {{ .Values.vikunja.mailer.queuelength }}
queuetimeout: {{ .Values.vikunja.mailer.queuetimeout }}
forcessl: {{ .Values.vikunja.mailer.forcessl }}
log:
enabled: {{ .Values.vikunja.log.enabled }}
path: {{ .Values.vikunja.log.path | quote }}
standard: {{ .Values.vikunja.log.standard | quote }}
level: {{ .Values.vikunja.log.level | quote }}
database: {{ .Values.vikunja.log.database | quote }}}
databaselevel: {{ .Values.vikunja.log.databaselevel | quote }}
http: {{ .Values.vikunja.log.http | quote }}
echo: {{ .Values.vikunja.log.echo | quote }}}
events: {{ .Values.vikunja.log.events | quote }}
eventslevel: {{ .Values.vikunja.log.eventslevel | quote }}
ratelimit:
enabled: {{ .Values.vikunja.ratelimit.enabled }}}
kind: {{ .Values.vikunja.ratelimit.kind | quote }}
period: {{ .Values.vikunja.ratelimit.period }}
limit: {{ .Values.vikunja.ratelimit.limit }}
store: redis
files:
maxsize: {{ .Values.vikunja.files.maxsize }}
avatar:
gravatarexpiration: {{ .Values.vikunja.avatar.gravatarexpiration }}
legal:
imprinturl: {{ .Values.vikunja.legal.imprinturl | quote }}
privacyurl: {{ .Values.vikunja.legal.privacyurl | quote }}
backgrounds:
enabled: {{ .Values.vikunja.backgrounds.enabled }}
providers:
upload:
enabled: {{ .Values.vikunja.backgrounds.providers.upload.enabled }}
unsplash:
enabled: {{ .Values.vikunja.backgrounds.providers.unsplash.enabled }}
accesstoken: {{ .Values.vikunja.backgrounds.providers.unsplash.accesstoken | quote }}
applicationid: {{ .Values.vikunja.backgrounds.providers.unsplash.applicationid | quote }}
migration:
todoist:
enable: {{ .Values.vikunja.migration.todoist.enable }}
clientid: {{ .Values.vikunja.migration.todoist.clientid | quote }}
clientsecret: {{ .Values.vikunja.migration.todoist.clientsecret | quote }}
redirecturl: {{ .Values.vikunja.migration.todoist.redirecturl | quote }}
trello:
enable: {{ .Values.vikunja.migration.trello.enable }}
key: {{ .Values.vikunja.migration.trello.key | quote }}
redirecturl: {{ .Values.vikunja.migration.trello.redirecturl | quote }}
microsofttodo:
enable: {{ .Values.vikunja.migration.microsofttodo.enable }}
clientid: {{ .Values.vikunja.migration.microsofttodo.clientid | quote }}
clientsecret: {{ .Values.vikunja.migration.microsofttodo.clientsecret | quote }}
redirecturl: {{ .Values.vikunja.migration.microsofttodo.redirecturl | quote }}
auth:
local:
enabled: {{ .Values.vikunja.auth.local.enabled }}
openid:
enabled: {{ .Values.vikunja.auth.openid.enabled }}
{{- with .Values.vikunja.auth.openid.redirecturl }}
redirecturl: {{ . | quote }}
{{- end }}
{{- with .Values.vikunja.auth.openid.providers }}
providers:
{{- range . }}
- name: {{ .name | quote }}
authurl: {{ .authurl | quote }}
{{- with .logouturl }}
logouturl: {{ . | quote }}
{{- end }}
clientid: {{ .clientid | quote }}
clientsecret: {{ .clientsecret | quote }}
{{- end }}
{{- end }}
defaultsettings:
avatar_provider: {{ .Values.vikunja.defaultsettings.avatar_provider | quote }}
avatar_file_id: {{ .Values.vikunja.defaultsettings.avatar_file_id }}
email_reminders_enabled: {{ .Values.vikunja.defaultsettings.email_reminders_enabled }}
discoverable_by_name: {{ .Values.vikunja.defaultsettings.discoverable_by_name }}
discoverable_by_email: {{ .Values.vikunja.defaultsettings.discoverable_by_email }}
overdue_tasks_reminders_enabled: {{ .Values.vikunja.defaultsettings.overdue_tasks_reminders_enabled }}
overdue_tasks_reminders_time: {{ .Values.vikunja.defaultsettings.overdue_tasks_reminders_time | quote }}
default_list_id: {{ .Values.vikunja.defaultsettings.default_list_id }}
week_start: {{ .Values.vikunja.defaultsettings.week_start }}
{{- with .Values.vikunja.defaultsettings.language }}
language: {{ . | quote }}
{{- end }}
{{- with .Values.vikunja.defaultsettings.timezone }}
timezone: {{ . | quote }}
{{- end }}
{{- end -}}

View File

@@ -21,88 +21,139 @@ podSecurityContext:
runAsGroup: 0
configmap:
config:
nginx-config:
enabled: true
data:
nginx-config: |-
nginx-config: |
server {
listen 8080;
listen {{ .Values.service.main.ports.main.port }};
location / {
proxy_pass http://localhost:80;
}
location ~* ^/(api|dav|\.well-known)/ {
proxy_pass http://localhost:3456;
client_max_body_size {{ .Values.env.VIKUNJA_FILES_MAXSIZE | upper | trimSuffix "B" }};
client_max_body_size {{ .Values.vikunja.files.maxsize | upper | trimSuffix "B" }};
}
}
env:
VIKUNJA_REDIS_ENABLED: 1
VIKUNJA_CACHE_ENABLED: 1
VIKUNJA_CACHE_TYPE: "redis"
VIKUNJA_DATABASE_TYPE: "postgres"
VIKUNJA_DATABASE_USER: "{{ .Values.postgresql.postgresqlUsername }}"
VIKUNJA_DATABASE_DATABASE: "{{ .Values.postgresql.postgresDatabase }}"
VIKUNJA_SERVICE_TIMEZONE: "{{ .Values.TZ }}"
# User Defined
VIKUNJA_SERVICE_FRONTENDURL: "http://localhost:8080"
VIKUNJA_SERVICE_JWTTTL: 259200
VIKUNJA_SERVICE_JWTTTLLONG: 2592000
VIKUNJA_SERVICE_MAXITEMSPERPAGE: 50
VIKUNJA_FILES_MAXSIZE: "20MB"
VIKUNJA_SERVICE_ENABLECALDAV: true
VIKUNJA_SERVICE_ENABLELINKSHARING: true
VIKUNJA_SERVICE_ENABLEREGISTRATION: true
VIKUNJA_SERVICE_ENABLETASKATTACHMENTS: true
VIKUNJA_SERVICE_ENABLETASKCOMMENTS: true
VIKUNJA_SERVICE_ENABLETOTP: true
VIKUNJA_SERVICE_ENABLEEMAILREMINDERS: true
VIKUNJA_SERVICE_ENABLEUSERDELETION: true
VIKUNJA_BACKGROUNDS_ENABLED: true
VIKUNJA_RATELIMIT_ENABLED: false
VIKUNJA_RATELIMIT_PERIOD: 60
VIKUNJA_RATELIMIT_LIMIT: 100
# VIKUNJA_MAILER_HOST: ""
# VIKUNJA_MAILER_PORT: 587
# VIKUNJA_MAILER_USERNAME: ""
# VIKUNJA_MAILER_PASSWORD: ""
# VIKUNJA_MAILER_FROMEMAIL: ""
# VIKUNJA_MAILER_SKIPTLSVERIFY: false
# VIKUNJA_MAILER_FORCESSL: false
# VIKUNJA_MAILER_QUEUELENGTH: 100
# VIKUNJA_MAILER_QUEUETIMEOUT: 30
VIKUNJA_DATABASE_HOST:
secretKeyRef:
name: dbcreds
key: plainhost
VIKUNJA_DATABASE_PASSWORD:
secretKeyRef:
name: dbcreds
key: postgresql-password
VIKUNJA_REDIS_HOST:
secretKeyRef:
name: rediscreds
key: plainporthost
VIKUNJA_REDIS_PASSWORD:
secretKeyRef:
name: rediscreds
key: redis-password
VIKUNJA_SERVICE_JWT_SECRET:
secretKeyRef:
name: vikunja-secrets
key: VIKUNJA_SERVICE_JWT_SECRET
vikunja:
service:
jwtttl: 259200
jwtttllong: 2592000
motd: Welcome to your new Vikunja instance
frontendurl: http://localhost:10220
maxitemsperpage: 50
enablecaldav: true
enablelinksharing: true
enableregistration: true
enabletaskattachments: true
enabletaskcomments: true
enabletotp: true
enableemailreminders: true
enableuserdeletion: true
maxavatarsize: 1024
cors:
enabled: true
origins: []
maxage: 0
ratelimit:
enabled: false
kind: user
period: 60
limit: 100
files:
maxsize: 20MB
avatar:
gravatarexpiration: 3600
legal:
imprinturl: ""
privacyurl: ""
mailer:
enabled: false
host: ""
port: 587
authtype: plain
username: ""
password: ""
fromemail: ""
skiptlsverify: false
forcessl: true
queuelength: 100
queuetimeout: 30
log:
enabled: true
path: /app/vikunja/logs
standard: stdout
level: INFO
database: "off"
databaselevel: WARNING
http: stdout
echo: "off"
events: stdout
eventslevel: info
defaultsettings:
avatar_provider: initials
avatar_file_id: 0
email_reminders_enabled: false
discoverable_by_name: false
discoverable_by_email: false
overdue_tasks_reminders_enabled: true
overdue_tasks_reminders_time: "9:00"
default_list_id: 0
week_start: 0
language: ""
timezone: ""
backgrounds:
enabled: true
providers:
upload:
enabled: true
unsplash:
enabled: false
accesstoken: ""
applicationid: ""
auth:
local:
enabled: true
openid:
enabled: false
redirecturl: ""
providers:
[]
# - name: ""
# authurl: ""
# logouturl: ""
# clientid: ""
# clientsecret: ""
migration:
todoist:
enable: false
clientid: ""
clientsecret: ""
redirecturl: ""
trello:
enable: false
key: ""
redirecturl: ""
microsofttodo:
enable: false
clientid: ""
clientsecret: ""
redirecturl: ""
service:
main:
ports:
main:
port: 10220
targetPort: 8080
additionalContainers:
frontend:
name: frontend
image: "{{ .Values.frontendImage.repository }}:{{ .Values.frontendImage.tag }}"
ports:
- containerPort: 80
name: http
proxy:
name: proxy
image: "{{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}"
@@ -110,33 +161,65 @@ additionalContainers:
- containerPort: 8080
name: main
volumeMounts:
- name: vikunja-config
mountPath: "/etc/nginx/conf.d/default.conf"
- name: vikunja-nginx
mountPath: /etc/nginx/conf.d/default.conf
subPath: nginx-config
readOnly: true
persistence:
files:
enabled: true
mountPath: "/app/vikunja/files"
mountPath: /app/vikunja/files
vikunja-nginx:
enabled: true
noMount: true
mountPath: /etc/nginx/conf.d/default.conf
subPath: nginx-config
type: configMap
objectName: '{{ template "tc.common.names.fullname" . }}-nginx-config'
vikunja-config:
enabled: "true"
mountPath: "/etc/nginx/conf.d/default.conf"
subPath: "nginx-config"
type: "custom"
volumeSpec:
configMap:
name: '{{ printf "%v-config" (include "tc.common.names.fullname" .) }}'
enabled: true
mountPath: /etc/vikunja
subPath: config.yml
type: secret
objectName: '{{ template "tc.common.names.fullname" . }}-secret'
metrics:
# -- Enable and configure a Prometheus serviceMonitor for the chart under this key.
# @default -- See values.yaml
enabled: true
serviceMonitor:
interval: 1m
scrapeTimeout: 30s
labels: {}
# -- Enable and configure Prometheus Rules for the chart under this key.
# @default -- See values.yaml
prometheusRule:
enabled: false
labels: {}
# -- Configure additionial rules for the chart under this key.
# @default -- See prometheusrules.yaml
rules:
[]
# - alert: UnifiPollerAbsent
# annotations:
# description: Unifi Poller has disappeared from Prometheus service discovery.
# summary: Unifi Poller is down.
# expr: |
# absent(up{job=~".*unifi-poller.*"} == 1)
# for: 5m
# labels:
# severity: critical
postgresql:
enabled: true
existingSecret: "dbcreds"
existingSecret: dbcreds
postgresqlUsername: vikunja
postgresqlDatabase: vikunja
redis:
enabled: true
existingSecret: "rediscreds"
existingSecret: rediscreds
portal:
enabled: true

View File

@@ -274,6 +274,7 @@ words:
- themenamehere
- tlsoptions
- tlsstores
- TOTP
- traefik
- traefikservices
- Traggo
@@ -292,6 +293,7 @@ words:
- valheim
- vaultwarden
- vdev
- vikunja
- vm's
- wakeup
- watchyourlan