Compare commits

..

1 Commits

Author SHA1 Message Date
Kjeld Schouten
c21e8fb9d8 bump everything to common 14.0.1 (will need to fix inherently failing CI) 2023-07-31 17:21:45 +02:00
1772 changed files with 9024 additions and 19440 deletions

View File

@@ -1910,204 +1910,6 @@
"contributions": [
"code"
]
},
{
"login": "cedstrom",
"name": "cedstrom",
"avatar_url": "https://avatars.githubusercontent.com/u/6175957?v=4",
"profile": "https://github.com/cedstrom",
"contributions": [
"code"
]
},
{
"login": "v3DJG6GL",
"name": "v3DJG6GL",
"avatar_url": "https://avatars.githubusercontent.com/u/72495210?v=4",
"profile": "https://github.com/v3DJG6GL",
"contributions": [
"bug"
]
},
{
"login": "polarstack",
"name": "polarstack",
"avatar_url": "https://avatars.githubusercontent.com/u/42521003?v=4",
"profile": "https://github.com/polarstack",
"contributions": [
"code"
]
},
{
"login": "K1Hyve",
"name": "Keyvan",
"avatar_url": "https://avatars.githubusercontent.com/u/53298451?v=4",
"profile": "https://github.com/K1Hyve",
"contributions": [
"code"
]
},
{
"login": "MickaelFontes",
"name": "MickaelFontes",
"avatar_url": "https://avatars.githubusercontent.com/u/81414455?v=4",
"profile": "https://github.com/MickaelFontes",
"contributions": [
"code"
]
},
{
"login": "blastik",
"name": "David CM",
"avatar_url": "https://avatars.githubusercontent.com/u/3662083?v=4",
"profile": "https://github.com/blastik",
"contributions": [
"code"
]
},
{
"login": "aamirazad",
"name": "Aamir Azad",
"avatar_url": "https://avatars.githubusercontent.com/u/82281117?v=4",
"profile": "http://tigertutoringtool.aamira.me",
"contributions": [
"doc"
]
},
{
"login": "jordan-woyak",
"name": "Jordan Woyak",
"avatar_url": "https://avatars.githubusercontent.com/u/1768214?v=4",
"profile": "https://github.com/jordan-woyak",
"contributions": [
"code"
]
},
{
"login": "simon-hofmann",
"name": "Simon Hofman",
"avatar_url": "https://avatars.githubusercontent.com/u/23562420?v=4",
"profile": "https://github.com/simon-hofmann",
"contributions": [
"code"
]
},
{
"login": "notyouraveragegamer",
"name": "notyouraveragegamer",
"avatar_url": "https://avatars.githubusercontent.com/u/104248676?v=4",
"profile": "https://github.com/NotYourAverageGamer",
"contributions": [
"doc"
]
},
{
"login": "varac",
"name": "Varac",
"avatar_url": "https://avatars.githubusercontent.com/u/488213?v=4",
"profile": "https://www.varac.net",
"contributions": [
"code"
]
},
{
"login": "tuxpizza",
"name": "tuxsudo",
"avatar_url": "https://avatars.githubusercontent.com/u/84710786?v=4",
"profile": "https://tux.pizza",
"contributions": [
"code"
]
},
{
"login": "TylerRudie",
"name": "TylerRudie",
"avatar_url": "https://avatars.githubusercontent.com/u/2695916?v=4",
"profile": "https://github.com/TylerRudie",
"contributions": [
"doc"
]
},
{
"login": "qnb59bny5x",
"name": "qnb59bny5x",
"avatar_url": "https://avatars.githubusercontent.com/u/108427982?v=4",
"profile": "https://github.com/qnb59bny5x",
"contributions": [
"code"
]
},
{
"login": "drndos",
"name": "Filip Bednárik",
"avatar_url": "https://avatars.githubusercontent.com/u/5576134?v=4",
"profile": "https://blog.drndos.sk",
"contributions": [
"bug"
]
},
{
"login": "sshcherbinin",
"name": "Serhii Shcherbinin",
"avatar_url": "https://avatars.githubusercontent.com/u/92396963?v=4",
"profile": "https://github.com/sshcherbinin",
"contributions": [
"code"
]
},
{
"login": "qraynaud",
"name": "Quentin Raynaud",
"avatar_url": "https://avatars.githubusercontent.com/u/65991?v=4",
"profile": "https://github.com/qraynaud",
"contributions": [
"bug"
]
},
{
"login": "thegcat",
"name": "Felix Schäfer",
"avatar_url": "https://avatars.githubusercontent.com/u/22835?v=4",
"profile": "http://fachschaften.org",
"contributions": [
"doc"
]
},
{
"login": "jndeverteuil",
"name": "Julien Nicolas de Verteuil",
"avatar_url": "https://avatars.githubusercontent.com/u/6644855?v=4",
"profile": "https://github.com/jndeverteuil",
"contributions": [
"code"
]
},
{
"login": "gabrieldonadel",
"name": "Gabriel Donadel Dall'Agnol",
"avatar_url": "https://avatars.githubusercontent.com/u/11707729?v=4",
"profile": "https://github.com/gabrieldonadel",
"contributions": [
"doc"
]
},
{
"login": "jon-stumpf",
"name": "Jon S. Stumpf",
"avatar_url": "https://avatars.githubusercontent.com/u/7144996?v=4",
"profile": "https://github.com/jon-stumpf",
"contributions": [
"doc"
]
},
{
"login": "Tanguille",
"name": "Tanguille",
"avatar_url": "https://avatars.githubusercontent.com/u/91473554?v=4",
"profile": "https://github.com/Tanguille",
"contributions": [
"doc"
]
}
],
"contributorsPerLine": 7,

34
.github/README.md vendored
View File

@@ -48,7 +48,7 @@ For big changes we do have a roadmap, every spot on the roadmap is synced to a T
**Restructure of the Project - TrueNAS SCALE "Bluefin" 22.xx ALPHA 1**
_The current project is hitting internal performance issues, for this reason we need to rework the structure and split some parts of the project into separate repositories._
_The current project is hitting internal performance issues, for this reason we need to rework the structure and split some parts of the project into seperate repositories._
<br />
@@ -60,7 +60,7 @@ _The shared Common (chart) basis, used by all our Charts, needs some significant
**Increased test coverage - TrueNAS SCALE "Bluefin" 22.xx BETA 1**
_With most parts of our project somewhat cleaned up, we need to work on increasing the coverage of our test system. Our unit tests should cover all features and we should also take upgrades into account when testing Chart changes_
_With most parts of our project somewhat cleaned up, we need to work on increasing the coverage of our test system. Our unittests should cover all features and we should also take upgrades into account when testing Chart changes_
<br />
@@ -124,7 +124,7 @@ A lot of our work is based on the great effort of others. We would love to exten
## Contributors ✨
<!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
[![All Contributors](https://img.shields.io/badge/all_contributors-226-orange.svg?style=for-the-badge)](#contributors)
[![All Contributors](https://img.shields.io/badge/all_contributors-204-orange.svg?style=for-the-badge)](#contributors)
<!-- ALL-CONTRIBUTORS-BADGE:END -->
Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):
@@ -399,34 +399,6 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
</tr>
<tr>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/Shrinks99"><img src="https://avatars.githubusercontent.com/u/5672810?v=4?s=100" width="100px;" alt="Henry Wilkinson"/><br /><sub><b>Henry Wilkinson</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=Shrinks99" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/cedstrom"><img src="https://avatars.githubusercontent.com/u/6175957?v=4?s=100" width="100px;" alt="cedstrom"/><br /><sub><b>cedstrom</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=cedstrom" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/v3DJG6GL"><img src="https://avatars.githubusercontent.com/u/72495210?v=4?s=100" width="100px;" alt="v3DJG6GL"/><br /><sub><b>v3DJG6GL</b></sub></a><br /><a href="https://github.com/truecharts/charts/issues?q=author%3Av3DJG6GL" title="Bug reports">🐛</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/polarstack"><img src="https://avatars.githubusercontent.com/u/42521003?v=4?s=100" width="100px;" alt="polarstack"/><br /><sub><b>polarstack</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=polarstack" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/K1Hyve"><img src="https://avatars.githubusercontent.com/u/53298451?v=4?s=100" width="100px;" alt="Keyvan"/><br /><sub><b>Keyvan</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=K1Hyve" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/MickaelFontes"><img src="https://avatars.githubusercontent.com/u/81414455?v=4?s=100" width="100px;" alt="MickaelFontes"/><br /><sub><b>MickaelFontes</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=MickaelFontes" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/blastik"><img src="https://avatars.githubusercontent.com/u/3662083?v=4?s=100" width="100px;" alt="David CM"/><br /><sub><b>David CM</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=blastik" title="Code">💻</a></td>
</tr>
<tr>
<td align="center" valign="top" width="14.28%"><a href="http://tigertutoringtool.aamira.me"><img src="https://avatars.githubusercontent.com/u/82281117?v=4?s=100" width="100px;" alt="Aamir Azad"/><br /><sub><b>Aamir Azad</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=aamirazad" title="Documentation">📖</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/jordan-woyak"><img src="https://avatars.githubusercontent.com/u/1768214?v=4?s=100" width="100px;" alt="Jordan Woyak"/><br /><sub><b>Jordan Woyak</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=jordan-woyak" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/simon-hofmann"><img src="https://avatars.githubusercontent.com/u/23562420?v=4?s=100" width="100px;" alt="Simon Hofman"/><br /><sub><b>Simon Hofman</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=simon-hofmann" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/NotYourAverageGamer"><img src="https://avatars.githubusercontent.com/u/104248676?v=4?s=100" width="100px;" alt="notyouraveragegamer"/><br /><sub><b>notyouraveragegamer</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=notyouraveragegamer" title="Documentation">📖</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://www.varac.net"><img src="https://avatars.githubusercontent.com/u/488213?v=4?s=100" width="100px;" alt="Varac"/><br /><sub><b>Varac</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=varac" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://tux.pizza"><img src="https://avatars.githubusercontent.com/u/84710786?v=4?s=100" width="100px;" alt="tuxsudo"/><br /><sub><b>tuxsudo</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=tuxpizza" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/TylerRudie"><img src="https://avatars.githubusercontent.com/u/2695916?v=4?s=100" width="100px;" alt="TylerRudie"/><br /><sub><b>TylerRudie</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=TylerRudie" title="Documentation">📖</a></td>
</tr>
<tr>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/qnb59bny5x"><img src="https://avatars.githubusercontent.com/u/108427982?v=4?s=100" width="100px;" alt="qnb59bny5x"/><br /><sub><b>qnb59bny5x</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=qnb59bny5x" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://blog.drndos.sk"><img src="https://avatars.githubusercontent.com/u/5576134?v=4?s=100" width="100px;" alt="Filip Bednárik"/><br /><sub><b>Filip Bednárik</b></sub></a><br /><a href="https://github.com/truecharts/charts/issues?q=author%3Adrndos" title="Bug reports">🐛</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/sshcherbinin"><img src="https://avatars.githubusercontent.com/u/92396963?v=4?s=100" width="100px;" alt="Serhii Shcherbinin"/><br /><sub><b>Serhii Shcherbinin</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=sshcherbinin" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/qraynaud"><img src="https://avatars.githubusercontent.com/u/65991?v=4?s=100" width="100px;" alt="Quentin Raynaud"/><br /><sub><b>Quentin Raynaud</b></sub></a><br /><a href="https://github.com/truecharts/charts/issues?q=author%3Aqraynaud" title="Bug reports">🐛</a></td>
<td align="center" valign="top" width="14.28%"><a href="http://fachschaften.org"><img src="https://avatars.githubusercontent.com/u/22835?v=4?s=100" width="100px;" alt="Felix Schäfer"/><br /><sub><b>Felix Schäfer</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=thegcat" title="Documentation">📖</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/jndeverteuil"><img src="https://avatars.githubusercontent.com/u/6644855?v=4?s=100" width="100px;" alt="Julien Nicolas de Verteuil"/><br /><sub><b>Julien Nicolas de Verteuil</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=jndeverteuil" title="Code">💻</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/gabrieldonadel"><img src="https://avatars.githubusercontent.com/u/11707729?v=4?s=100" width="100px;" alt="Gabriel Donadel Dall'Agnol"/><br /><sub><b>Gabriel Donadel Dall'Agnol</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=gabrieldonadel" title="Documentation">📖</a></td>
</tr>
<tr>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/jon-stumpf"><img src="https://avatars.githubusercontent.com/u/7144996?v=4?s=100" width="100px;" alt="Jon S. Stumpf"/><br /><sub><b>Jon S. Stumpf</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=jon-stumpf" title="Documentation">📖</a></td>
<td align="center" valign="top" width="14.28%"><a href="https://github.com/Tanguille"><img src="https://avatars.githubusercontent.com/u/91473554?v=4?s=100" width="100px;" alt="Tanguille"/><br /><sub><b>Tanguille</b></sub></a><br /><a href="https://github.com/truecharts/charts/commits?author=Tanguille" title="Documentation">📖</a></td>
</tr>
</tbody>
</table>

35
.github/SUPPORT.md vendored
View File

@@ -12,40 +12,15 @@ This document highlights which versions of TrueCharts (or rather branches), supp
We also document which versions of TrueNAS will receive TrueCharts updates and for which versions we are accepting bug reports.
### Supported Versions of TrueNAS SCALE
### Supported Versions
| TrueNAS version | Branch | Supported with updates | Accepting Support tickets | Accepting Bug Reports | Notes |
| ---------------- | -------- | ---------------------- | ------------------------- | --------------------- | -------------------------------------------------------------------------------------------------------------- |
| 22.12.4.1 or prior| `master` | :x: | :x: | :x: | Update to 23.10.X Supported Version [TrueNAS SCALE](https://www.truenas.com/docs/scale/23.10/) |
| 22.12.4.2 | `master` | :white_check_mark: | :white_check_mark: | :x: | Stable Release as of 2023-10-13 Recommended to update to 23.10.x [TrueNAS SCALE](https://www.truenas.com/docs/scale/23.10/) |
| 23.10.0 | `master` | :white_check_mark: | :white_check_mark: | :white_check_mark: | Stable Release as of 2023-10-24 |
| 23.10.0.1 | `master` | :white_check_mark: | :white_check_mark: | :white_check_mark: | Stable Release as of 2023-10-31 |
| 22.02.4 or prior | `master` | :x: | :x: | :x: | Advised to update to 22.12.2 release of [TrueNAS SCALE](https://www.truenas.com/docs/scale/scalereleasenotes/) |
| 22.12.0 | `master` | :white_check_mark: | :white_check_mark: | :white_check_mark: | Stable Release as of 2022-12-13 |
| 22.12.1 | `master` | :white_check_mark: | :white_check_mark: | :white_check_mark: | Stable Release as of 2023-02-21 |
| 22.12.2 | `master` | :white_check_mark: | :white_check_mark: | :white_check_mark: | Stable Release as of 2023-04-11 |
| Nightly | `master` | :white_check_mark: | :x: | :white_check_mark: | Please only submit bug reports during codefreeze |
| 23.10.1 | `master` | :white_check_mark: | :x: | :x: | To Be Released |
## TrueCharts on Talos-OS
Support for Talos-OS with either Rancher or FluxCD are in early alpha.
### Supported Versions of Talos-OS
| Talos-OS version | Branch | Supported with updates | Accepting Support tickets | Accepting Bug Reports | Notes |
| ---------------- | -------- | ---------------------- | ------------------------- | --------------------- | -------------------------------------------------------------------------------------------------------------- |
| 1.5 | `master` | :white_check_mark: | :x: | :x: | |
| 1.6 | `master` | :white_check_mark: | :x: | :x: | |
### Supported Versions of FluxCD
| FluxCD version | Branch | Supported with updates | Accepting Support tickets | Accepting Bug Reports | Notes |
| ---------------- | -------- | ---------------------- | ------------------------- | --------------------- | -------------------------------------------------------------------------------------------------------------- |
| 1.2.1 or prior | `master` | :white_check_mark: | :x: | :x: | |
### Rancher Versions of Rancher
| TrueNAS version | Branch | Supported with updates | Accepting Support tickets | Accepting Bug Reports | Notes |
| ---------------- | -------- | ---------------------- | ------------------------- | --------------------- | -------------------------------------------------------------------------------------------------------------- |
| v2.7.9 or prior | `master` | :white_check_mark: | :x: | :x: | |
:::warning Support Guidelines

View File

@@ -50,6 +50,7 @@ runs:
# Set output to changed charts
echo "Changed charts: ${CHARTS[*]}"
printf "::set-output name=addedOrModified::%s\n" "${CHARTS[*]}"
- name: Collect bumped charts after last tag
id: filter-bumped-charts

View File

@@ -12,26 +12,21 @@ chart-dirs:
excluded-charts:
- charts/dependency/subchart
- charts/incubator/twingate-connector
- charts/incubator/docassemble
- charts/incubator/eco
- charts/incubator/midarr
- charts/incubator/orbital-sync
- charts/incubator/plex-meta-manager
- charts/incubator/telepush
- charts/incubator/tauticord
- charts/library/common
- charts/stable/alertmanager-bot
- charts/stable/alertmanager-bot
- charts/stable/alertmanager-discord
- charts/stable/amcrest2mqtt
- charts/stable/arksurvivalevolved
- charts/stable/tauticord
- charts/stable/discordgsm
- charts/stable/facebox
- charts/stable/foundryvtt
- charts/stable/heimdall
- charts/stable/mc-router
- charts/stable/multus
- charts/stable/local-ai
- charts/stable/orbital-sync
- charts/stable/plex-meta-manager
- charts/stable/pod-gateway

View File

@@ -20,12 +20,6 @@
"fileMatch": ["charts/.+/Chart\\.yaml$"]
},
"packageRules": [
// Bundle Github Actions
{
"matchManagers": ["github-actions"],
"groupName": "Github-Actions",
"automerge": true
},
// Setup datasources for dep updates
{
"datasources": ["helm"],

View File

@@ -74,8 +74,7 @@ patch_apps() {
cat ${target}/Chart.yaml | grep "icon" >> catalog/${train}/${chartname}/item.yaml
sed -i "s|^icon:|icon_url:|g" catalog/${train}/${chartname}/item.yaml
echo "categories:" >> catalog/${train}/${chartname}/item.yaml
category=$(cat ${target}/Chart.yaml | yq '.annotations."truecharts.org/category"' -r)
echo "- $category" >> catalog/${train}/${chartname}/item.yaml
cat ${target}/Chart.yaml | yq '.annotations."truecharts.org/catagories"' -r >> catalog/${train}/${chartname}/item.yaml
# Generate screenshots
screenshots=""

View File

@@ -147,18 +147,17 @@ function lint_chart(){
echo "👣 Helm Lint - [$chart_path]"
helm_lint "$chart_path"
# FIXME: Comment out for now as it requires deps installed in linting.
# if [[ ! $(ls $chart_path/ci/*values.yaml) ]]; then
# echo "👣 Helm Template - [$chart_path]"
# helm_template "$chart_path"
# fi
if [[ ! $(ls $chart_path/ci/*values.yaml) ]]; then
echo "👣 Helm Template - [$chart_path]"
helm_template "$chart_path"
fi
# for values in $chart_path/ci/*values.yaml; do
# if [ -f "${values}" ]; then
# echo "👣 Helm Template - [$values]"
# helm_template "$chart_path" "$values"
# fi
# done
for values in $chart_path/ci/*values.yaml; do
if [ -f "${values}" ]; then
echo "👣 Helm Template - [$values]"
helm_template "$chart_path" "$values"
fi
done
echo "👣 Chart Version - [$chart_path] against [$target_branch]"
check_version "$chart_path" "$target_branch"

View File

@@ -0,0 +1,53 @@
#! /bin/bash
trainsPath="./charts"
traefikTrain="enterprise"
get_latest_release() {
# Get latest release from GitHub api, NOTE: Remove the header when running locally (or add a valid token)
curl --silent \
--header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
--url "https://api.github.com/repos/$1/releases/latest" |
# Get tag line
grep '"tag_name":' |
# Pluck JSON value
sed -E 's/.*"([^"]+)".*/\1/'
}
set_key_to_version() {
key="$1"
version="$2"
traefikValuesFile="$trainsPath/$traefikTrain/traefik/values.yaml"
echo "Setting $key to $version..."
sed -i "s/${key}: .*/${key}: ${version}/" $traefikValuesFile
content=$(grep "$key:" "$traefikValuesFile" | sed "s/\s*${key}:\s*//" )
echo "New content of $key in values.yaml: $content"
echo ""
}
update_plugin() {
repo="$1"
key="$2"
pluginName="$3"
version=$(get_latest_release "$repo")
if [ -z "$version" ]
then
echo "Got empty version, skipping..."
else
echo "Fetched $pluginName plugin version: $version"
set_key_to_version "$key" "$version"
fi;
}
# Example
# update_plugin "repo" "key_holding_version_in_values.yaml" "plugin_name_used_for_verbose_printing_only"
# Real IP
update_plugin "soulbalz/traefik-real-ip" "realIPVersion" "RealIP"
# Theme Park
update_plugin "packruler/traefik-themepark" "themeParkVersion" "ThemePark"
# GeoBlock
update_plugin "PascalMinder/geoblock" "geoBlockVersion" "GeoBlock"

View File

@@ -17,7 +17,7 @@ jobs:
container:
image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
name: Checkout
with:
fetch-depth: 100

View File

@@ -22,13 +22,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout [master]
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: master
- name: Checkout [commit]
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
@@ -47,11 +47,6 @@ jobs:
run: |
pip3 install --no-cache-dir pre-commit yamale yamllint
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
with:
version: latest
- name: Prep Helm
run: |
helm repo add truecharts https://charts.truecharts.org
@@ -113,7 +108,7 @@ jobs:
- name: Create/Update comment
if: steps.list-changed.outputs.detected == 'true'
continue-on-error: true
uses: thollander/actions-comment-pull-request@1d3973dc4b8e1399c0620d3f2b1aa5e795465308 # v2
uses: thollander/actions-comment-pull-request@dadb7667129e23f12ca3925c90dc5cd7121ab57e # v2
with:
filePath: /tmp/lint_result.txt
comment_tag: lint_results

View File

@@ -17,13 +17,13 @@ jobs:
image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
token: ${{ secrets.BOT_TOKEN }}
fetch-depth: 1
- name: Checkout Helm-Staging
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
repository: truecharts/helm-staging
@@ -93,7 +93,7 @@ jobs:
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
token: ${{ secrets.BOT_TOKEN }}
fetch-depth: 0
@@ -125,7 +125,7 @@ jobs:
find . -name '*.sh' | xargs chmod +x
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
if: |
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
with:
@@ -206,10 +206,6 @@ jobs:
echo "" >> website/docs/charts/${train}/${chart}/index.md
cat charts/${train}/${chart}/Chart.yaml | yq .description -r >> website/docs/charts/${train}/${chart}/index.md
echo "" >> website/docs/charts/${train}/${chart}/index.md
echo "## Chart Sources" >> website/docs/charts/${train}/${chart}/index.md
echo "" >> website/docs/charts/${train}/${chart}/index.md
cat charts/${train}/${chart}/Chart.yaml | go-yq .sources -r >> website/docs/charts/${train}/${chart}/index.md
echo "" >> website/docs/charts/${train}/${chart}/index.md
echo "## Available Documentation" >> website/docs/charts/${train}/${chart}/index.md
echo "" >> website/docs/charts/${train}/${chart}/index.md
@@ -244,7 +240,7 @@ jobs:
git push
- name: Checkout Catalog
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
if: |
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
with:
@@ -307,7 +303,7 @@ jobs:
GPG_PASSPHRASE: "${{ secrets.GPG_PASSPHRASE }}"
- name: Run chart-releaser for dependency apps
uses: helm/chart-releaser-action@a917fd15b20e8b64b94d9158ad54cd6345335584 # v1.6.0
uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0
if: |
steps.collect-changes.outputs.changesDetectedAfterTag == 'true'
with:

View File

@@ -50,7 +50,7 @@ jobs:
detected6: ${{ steps.list-changed.outputs.detected6 }}
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
@@ -115,27 +115,29 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3
with:
version: latest
setup-tools: |
helmv3
helm: "3.9.4"
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4
with:
python-version: "3.11"
- name: Set up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
- name: Create k3d cluster
uses: nolar/setup-k3d-k3s@v1
with:
version: latest
version: v1.24
# Flags found here https://github.com/k3d-io/k3d
k3d-args: --k3s-arg --disable=metrics-server@server:*
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -144,31 +146,18 @@ jobs:
run: |
kubectl taint --all=true nodes node.cloudprovider.kubernetes.io/uninitialized- || true
- name: Prep Helm
run: |
helm repo add truecharts https://charts.truecharts.org
helm repo add truecharts-deps https://deps.truecharts.org
helm repo add truecharts-library https://library-charts.truecharts.org
helm repo add jetstack https://charts.jetstack.io
helm repo update
- name: Add Dependencies
run: |
if [[ "${{ matrix.chart }}" == "charts/operators/metallb-config" ]]; then
helm install metallb truecharts/metallb --namespace metallb --create-namespace --wait
fi
## TODO: Move to our Helm Charts
## TODO: Only add when required
if [[ "${{ matrix.chart }}" == "charts/enterprise/clusterissuer" ]]; then
helm install cert-manager truecharts/cert-manager --namespace cert-manager --create-namespace --wait
if [[ "${{ matrix.chart }}" == "charts/operators/metallb-config" ]]; then
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml --server-side --force-conflicts || echo "error fetching metallb manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/cloudnative-pg" ]]; then
helm install cloudnative-pg truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.20/releases/cnpg-1.20.0.yaml --server-side --force-conflicts || echo "error fetching cnpg manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/prometheus-operator" ]]; then
helm install prometheus-operator truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
fi
if [[ "${{ matrix.chart }}" != "charts/enterprise/traefik" ]]; then
helm install traefik truecharts/traefik --namespace traefik --create-namespace --wait
kubectl apply -f https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.66.0/bundle.yaml --server-side --force-conflicts || echo "error fetching prometheus operator manifest"
fi
- name: Run chart-testing (install)
@@ -186,27 +175,29 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3
with:
version: latest
setup-tools: |
helmv3
helm: "3.9.4"
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4
with:
python-version: "3.11"
- name: Set up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
- name: Create k3d cluster
uses: nolar/setup-k3d-k3s@v1
with:
version: latest
version: v1.24
# Flags found here https://github.com/k3d-io/k3d
k3d-args: --k3s-arg --disable=metrics-server@server:*
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -218,20 +209,13 @@ jobs:
- name: Add Dependencies
run: |
if [[ "${{ matrix.chart }}" == "charts/operators/metallb-config" ]]; then
helm install metallb truecharts/metallb --namespace metallb --create-namespace --wait
fi
## TODO: Only add when required
if [[ "${{ matrix.chart }}" == "charts/enterprise/clusterissuer" ]]; then
helm install cert-manager truecharts/cert-manager --namespace cert-manager --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml --server-side --force-conflicts || echo "error fetching metallb manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/cloudnative-pg" ]]; then
helm install cloudnative-pg truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.17/releases/cnpg-1.17.5.yaml --server-side --force-conflicts || echo "error fetching cnpg manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/prometheus-operator" ]]; then
helm install prometheus-operator truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
fi
if [[ "${{ matrix.chart }}" != "charts/enterprise/traefik" ]]; then
helm install traefik truecharts/traefik --namespace traefik --create-namespace --wait
kubectl apply -f https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.66.0/bundle.yaml --server-side --force-conflicts || echo "error fetching prometheus operator manifest"
fi
- name: Run chart-testing (install)
@@ -249,27 +233,29 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3
with:
version: latest
setup-tools: |
helmv3
helm: "3.9.4"
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4
with:
python-version: "3.11"
- name: Set up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
- name: Create k3d cluster
uses: nolar/setup-k3d-k3s@v1
with:
version: latest
version: v1.24
# Flags found here https://github.com/k3d-io/k3d
k3d-args: --k3s-arg --disable=metrics-server@server:*
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -281,20 +267,13 @@ jobs:
- name: Add Dependencies
run: |
if [[ "${{ matrix.chart }}" == "charts/operators/metallb-config" ]]; then
helm install metallb truecharts/metallb --namespace metallb --create-namespace --wait
fi
## TODO: Only add when required
if [[ "${{ matrix.chart }}" == "charts/enterprise/clusterissuer" ]]; then
helm install cert-manager truecharts/cert-manager --namespace cert-manager --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml --server-side --force-conflicts || echo "error fetching metallb manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/cloudnative-pg" ]]; then
helm install cloudnative-pg truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.17/releases/cnpg-1.17.5.yaml --server-side --force-conflicts || echo "error fetching cnpg manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/prometheus-operator" ]]; then
helm install prometheus-operator truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
fi
if [[ "${{ matrix.chart }}" != "charts/enterprise/traefik" ]]; then
helm install traefik truecharts/traefik --namespace traefik --create-namespace --wait
kubectl apply -f https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.66.0/bundle.yaml --server-side --force-conflicts || echo "error fetching prometheus operator manifest"
fi
- name: Run chart-testing (install)
@@ -312,27 +291,29 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3
with:
version: latest
setup-tools: |
helmv3
helm: "3.9.4"
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4
with:
python-version: "3.11"
- name: Set up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
- name: Create k3d cluster
uses: nolar/setup-k3d-k3s@v1
with:
version: latest
version: v1.24
# Flags found here https://github.com/k3d-io/k3d
k3d-args: --k3s-arg --disable=metrics-server@server:*
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -344,20 +325,13 @@ jobs:
- name: Add Dependencies
run: |
if [[ "${{ matrix.chart }}" == "charts/operators/metallb-config" ]]; then
helm install metallb truecharts/metallb --namespace metallb --create-namespace --wait
fi
## TODO: Only add when required
if [[ "${{ matrix.chart }}" == "charts/enterprise/clusterissuer" ]]; then
helm install cert-manager truecharts/cert-manager --namespace cert-manager --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml --server-side --force-conflicts || echo "error fetching metallb manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/cloudnative-pg" ]]; then
helm install cloudnative-pg truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.17/releases/cnpg-1.17.5.yaml --server-side --force-conflicts || echo "error fetching cnpg manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/prometheus-operator" ]]; then
helm install prometheus-operator truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
fi
if [[ "${{ matrix.chart }}" != "charts/enterprise/traefik" ]]; then
helm install traefik truecharts/traefik --namespace traefik --create-namespace --wait
kubectl apply -f https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.66.0/bundle.yaml --server-side --force-conflicts || echo "error fetching prometheus operator manifest"
fi
- name: Run chart-testing (install)
@@ -375,27 +349,29 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3
with:
version: latest
setup-tools: |
helmv3
helm: "3.9.4"
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4
with:
python-version: "3.11"
- name: Set up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
- name: Create k3d cluster
uses: nolar/setup-k3d-k3s@v1
with:
version: latest
version: v1.24
# Flags found here https://github.com/k3d-io/k3d
k3d-args: --k3s-arg --disable=metrics-server@server:*
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -407,20 +383,13 @@ jobs:
- name: Add Dependencies
run: |
if [[ "${{ matrix.chart }}" == "charts/operators/metallb-config" ]]; then
helm install metallb truecharts/metallb --namespace metallb --create-namespace --wait
fi
## TODO: Only add when required
if [[ "${{ matrix.chart }}" == "charts/enterprise/clusterissuer" ]]; then
helm install cert-manager truecharts/cert-manager --namespace cert-manager --create-namespace --wait
kubectl apply -f --server-side --force-conflicts https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml
fi
if [[ "${{ matrix.chart }}" != "charts/operators/cloudnative-pg" ]]; then
helm install cloudnative-pg truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
kubectl apply -f --server-side --force-conflicts https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.17/releases/cnpg-1.17.5.yaml
fi
if [[ "${{ matrix.chart }}" != "charts/operators/prometheus-operator" ]]; then
helm install prometheus-operator truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
fi
if [[ "${{ matrix.chart }}" != "charts/enterprise/traefik" ]]; then
helm install traefik truecharts/traefik --namespace traefik --create-namespace --wait
kubectl apply -f --server-side --force-conflicts --server-side --force-conflicts https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.66.0/bundle.yaml
fi
- name: Run chart-testing (install)
@@ -438,27 +407,29 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
ref: ${{ inputs.checkoutCommit }}
- name: Install Helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3
- name: Install Kubernetes tools
uses: yokawasa/action-setup-kube-tools@af4ebb1af1efd30c5bd84a2e9773355ad6362a33 # v0.9.3
with:
version: latest
setup-tools: |
helmv3
helm: "3.9.4"
- uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4
- uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4
with:
python-version: "3.11"
- name: Set up chart-testing
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
uses: helm/chart-testing-action@e8788873172cb653a90ca2e819d79d65a66d4e76 # v2.4.0
- name: Create k3d cluster
uses: nolar/setup-k3d-k3s@v1
with:
version: latest
version: v1.24
# Flags found here https://github.com/k3d-io/k3d
k3d-args: --k3s-arg --disable=metrics-server@server:*
github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -470,20 +441,13 @@ jobs:
- name: Add Dependencies
run: |
if [[ "${{ matrix.chart }}" == "charts/operators/metallb-config" ]]; then
helm install metallb truecharts/metallb --namespace metallb --create-namespace --wait
fi
## TODO: Only add when required
if [[ "${{ matrix.chart }}" == "charts/enterprise/clusterissuer" ]]; then
helm install cert-manager truecharts/cert-manager --namespace cert-manager --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml --server-side --force-conflicts || echo "error fetching metallb manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/cloudnative-pg" ]]; then
helm install cloudnative-pg truecharts/cloudnative-pg --namespace cloudnative-pg --create-namespace --wait
kubectl apply -f https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/release-1.17/releases/cnpg-1.17.5.yaml --server-side --force-conflicts || echo "error fetching cnpg manifest"
fi
if [[ "${{ matrix.chart }}" != "charts/operators/prometheus-operator" ]]; then
helm install prometheus-operator truecharts/prometheus-operator --namespace prometheus-operator --create-namespace --wait
fi
if [[ "${{ matrix.chart }}" != "charts/enterprise/traefik" ]]; then
helm install traefik truecharts/traefik --namespace traefik --create-namespace --wait
kubectl apply -f https://github.com/prometheus-operator/prometheus-operator/releases/download/v0.66.0/bundle.yaml --server-side --force-conflicts || echo "error fetching prometheus operator manifest"
fi
- name: Run chart-testing (install)

View File

@@ -20,7 +20,7 @@ jobs:
image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
token: ${{ secrets.BOT_TOKEN }}
fetch-depth: 1
@@ -55,7 +55,7 @@ jobs:
done
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
repository: truecharts/website
path: website
@@ -248,7 +248,7 @@ jobs:
helm repo update
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
token: ${{ secrets.BOT_TOKEN }}
fetch-depth: 1
@@ -257,7 +257,7 @@ jobs:
run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: Checkout website
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 1
repository: truecharts/website
@@ -377,12 +377,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
token: ${{ secrets.BOT_TOKEN }}
fetch-depth: 1
- uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4
- uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3
with:
node-version: 18

View File

@@ -17,7 +17,7 @@ jobs:
addedOrModifiedCharts: ${{ steps.collect-changes.outputs.addedOrModifiedCharts }}
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
- name: Collect changes
id: collect-changes
@@ -57,7 +57,7 @@ jobs:
head-commit-message: ${{ steps.get_head_commit_message.outputs.headCommitMsg }}
steps:
- name: Get repo
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: verbose head git commit message

View File

@@ -9,7 +9,7 @@ jobs:
name: "prune old releases"
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 0
- uses: actions/delete-package-versions@0d39a63126868f5eefaa47169615edd3c0f61e20 # v4

View File

@@ -10,16 +10,16 @@ on:
jobs:
renovate-bump:
name: Get changed Apps
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
container:
image: ghcr.io/truecharts/devcontainer:3.1.10@sha256:c239addf725eb5cedf79517f8089fdafdc32b5270d1893ee87ae6e511b9bcae3
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
name: Checkout
with:
fetch-depth: 0
token: ${{ secrets.BOT_TOKEN }}
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
name: Checkout
with:
fetch-depth: 0
@@ -43,7 +43,6 @@ jobs:
- 'charts/core/**'
- 'charts/enterprise/**'
- 'charts/games/**'
- 'charts/operators/**'
- name: Filter filter-output
run: echo '${{ toJson(steps.filter.outputs) }}' > changes.json

View File

@@ -8,11 +8,11 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
token: ${{ secrets.BOT_TOKEN }}
- name: Self-hosted Renovate
uses: renovatebot/github-action@5c6c06aa0e3d7a6a9b6cba05c078c51631b5f11a # v39.1.1
uses: renovatebot/github-action@23a02fe7be9e93f857a953cc8162e57d2c8401ef # v39.0.1
with:
configurationFile: .github/renovate-config.js
token: ${{ secrets.BOT_TOKEN }}

View File

@@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
token: ${{ secrets.BOT_TOKEN }}

View File

@@ -8,7 +8,7 @@ on:
jobs:
stale:
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
steps:
- name: Check for stale issues and PRs
uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "23.10.1.19"
appVersion: "23.7.1.247"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: ClickHouse is a column-oriented database management system (DBMS) for online analytical processing of queries (OLAP).
home: https://truecharts.org/charts/dependency/clickhouse
@@ -22,8 +22,9 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/dependency/clickhouse
- https://clickhouse.com/
type: application
version: 7.0.22
version: 7.0.0
annotations:
truecharts.org/category: database
truecharts.org/catagories: |
- database
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/clickhouse
pullPolicy: IfNotPresent
tag: v23.10.1.1976@sha256:70a2209917d2dcfe33b09e60dda9012c4f6638e9335b3afefac2cb89ba0c670c
tag: v23.7.1.2470@sha256:fbec51f0c6b09733fe4601bba2584dc750f0a8a5077702b86163744bd6f4573f
workload:
main:

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "2.10.0"
appVersion: "2.9.2"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: kube-state-metrics is a simple service that listens to the Kubernetes API server and generates metrics about the state of the objects.
home: https://truecharts.org/charts/dependency/kube-state-metrics
@@ -21,8 +21,9 @@ name: kube-state-metrics
sources:
- https://github.com/truecharts/charts/tree/master/charts/dependency/kube-state-metrics
type: application
version: 3.0.35
version: 3.0.0
annotations:
truecharts.org/category: metrics
truecharts.org/catagories: |
- metrics
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/kube-state-metrics
pullPolicy: IfNotPresent
tag: v2.10.0@sha256:5dd17a0a28532d6dfba742e1ba39f894e653cd5ca13c313e21120ee4f9d81024
tag: v2.9.2@sha256:f97c4f80c68ea1fb7852ac7f0dd5a06e680d61c4c0b43b6f9feca282bd5958f4
service:
main:

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "11.1.2"
appVersion: "11.0.2"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Fast, reliable, scalable, and easy to use open-source relational database system.
home: https://truecharts.org/charts/dependency/mariadb
@@ -25,8 +25,9 @@ sources:
- https://github.com/prometheus/mysqld_exporter
- https://mariadb.org
type: application
version: 9.0.38
version: 9.0.0
annotations:
truecharts.org/category: database
truecharts.org/catagories: |
- database
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/mariadb
pullPolicy: IfNotPresent
tag: v11.1.2@sha256:3ec39631c2e7c4a3564ccf0726a19078fd056601ee7a66761d62344b585e9289
tag: v11.0.2@sha256:01c12c8ab605cf1a613f87ea781d34a1311cfa18aa61babcc76d0be61c5cb1f1
workload:
main:

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "1.6.22"
appVersion: "1.6.21"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Memcached is a memory-backed database caching solution
home: https://truecharts.org/charts/dependency/memcached
@@ -23,8 +23,10 @@ sources:
- https://github.com/bitnami/bitnami-docker-memcached
- http://memcached.org/
type: application
version: 8.0.39
version: 8.0.0
annotations:
truecharts.org/category: database
truecharts.org/catagories: |
- database
- cache
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/memcached
pullPolicy: IfNotPresent
tag: v1.6.22@sha256:1d021040b76aceb199a879ff295f836a007ec64cabdba1482c511fd245b3b7ec
tag: v1.6.21@sha256:a4405d38745d617d73119228f0043b72f80007af25735743e1c3ac86da75d4ac
service:
main:

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "7.0.2"
appVersion: "6.0.8"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Fast, reliable, scalable, and easy to use open-source no-sql database system.
home: https://truecharts.org/charts/dependency/mongodb
@@ -23,8 +23,9 @@ sources:
- https://github.com/bitnami/bitnami-docker-mongodb
- https://www.mongodb.com
type: application
version: 8.0.36
version: 8.0.0
annotations:
truecharts.org/category: database
truecharts.org/catagories: |
- database
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/mongodb
pullPolicy: IfNotPresent
tag: v7.0.2@sha256:2ecf33de2273eb9da76e778d5cad92e55ccbb8ade8e2e0a997e7f40afc058631
tag: v6.0.8@sha256:7435fdeb21aa12486de9efdce9d72e1ed1c4ed1d5f4af9b3e37b3e8eb31576be
workload:
main:

View File

@@ -3,7 +3,7 @@ appVersion: "1.6.1"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Prometheus exporter for hardware and OS metrics exposed by UNIX kernels, with pluggable metric collectors.
home: https://truecharts.org/charts/dependency/node-exporter
@@ -21,8 +21,9 @@ name: node-exporter
sources:
- https://github.com/truecharts/charts/tree/master/charts/dependency/node-exporter
type: application
version: 3.0.37
version: 3.0.0
annotations:
truecharts.org/category: metrics
truecharts.org/catagories: |
- metrics
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/node-exporter
pullPolicy: IfNotPresent
tag: v1.6.1@sha256:c150064746d1155d557663650603ea428eacd22c40da62f2ec3078b4c2ade1ba
tag: v1.6.1@sha256:6c481c3c3ddf83b604f207f7a27b3dbd469035c4e4783fc100e478bf05f9a9c5
service:
main:

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "7.2.3"
appVersion: "7.0.12"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Open source, advanced key-value store.
home: https://truecharts.org/charts/dependency/redis
@@ -23,8 +23,10 @@ sources:
- https://github.com/bitnami/bitnami-docker-redis
- http://redis.io/
type: application
version: 8.0.42
version: 8.0.0
annotations:
truecharts.org/category: database
truecharts.org/catagories: |
- database
- cache
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/redis
pullPolicy: IfNotPresent
tag: v7.2.3@sha256:9d51d05196beb255805741dbd3d843154de9a816f9f6a65e0fa0c8d43f48aa45
tag: v7.0.12@sha256:4a7b38a055a1183d226d8e2eb8bb1a55d2ef4ba217a74fd9c1562513c51e5064
workload:
main:

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "9.4.0"
appVersion: "9.3.0"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Apache Solr
home: https://truecharts.org/charts/dependency/solr
@@ -22,8 +22,9 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/dependency/solr
- https://github.com/apache/solr
type: application
version: 6.0.39
version: 6.0.0
annotations:
truecharts.org/category: search
truecharts.org/catagories: |
- search
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/solr
pullPolicy: IfNotPresent
tag: v9.4.0@sha256:4f2620c0115b8d36471f3247fc319dce25404db1d361ce0195e9ce8dfbf5143f
tag: v9.3.0@sha256:e4780b9d70fe771d1a6aa477fba5b3be92ddd8d858a685f334616f027f58772a
workload:
main:

View File

@@ -3,11 +3,11 @@ appVersion: "4.37.5"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
- condition: redis.enabled
name: redis
repository: https://deps.truecharts.org
version: 8.0.42
version: 7.0.6
deprecated: false
description: Authelia is a Single Sign-On Multi-Factor portal for web apps
home: https://truecharts.org/charts/enterprise/authelia
@@ -35,8 +35,9 @@ sources:
- https://github.com/authelia/chartrepo
- https://github.com/authelia/authelia
type: application
version: 19.0.7
version: 18.0.0
annotations:
truecharts.org/category: security
truecharts.org/catagories: |
- security
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -30,8 +30,8 @@ LLDAP is a `Stable` train chart and therefore isn't supported at the same level
### App Configuration
- Domain: `mydomain.com` - Your domain without https://
- Default Redirection URL: `https://auth.mydomain.com` - Can be anything, but we'll stick to auth.mydomain.com. As well, this will be the ingress URL for `Authelia`
- Domain: `mydomain.com` <- Your domain without https://
- Default Redirection URL: `https://auth.mydomain.com` <- Can be anything, but we'll stick to auth.mydomain.com. As well, this will be the ingress URL for `Authelia`
### LDAP Backend Configuration
@@ -54,7 +54,7 @@ LLDAP is a `Stable` train chart and therefore isn't supported at the same level
- Group name Attribute:`cn`
- Mail Attribute:`mail`
- Display Name Attribute:`displayName`
- Admin User: `uid=Steven,ou=people,dc=mydomain,dc=com` - Notice the uid=Steven, most of the time people use admin and a generated password
- Admin User: `uid=Steven,ou=people,dc=mydomain,dc=com` <- Notice the uid=Steven, most of the time people use admin and a generated password
- Password: `RANDOMPASSWORD`
#### SMTP Configuration
@@ -103,7 +103,6 @@ The last step is adding the `forwardauth` along with the standard `ingress` sett
- In this example we use the same name as above, or `auth`. Click `Add` to the `Traefik Middlewares` section, and enter your `forwardauth` name.
![TraefikForwardAuthMiddleware](img/TraefikForwardAuthMiddleware.png)
### References
The origin material for this guide is available on the [LLDAP Github](https://github.com/lldap/lldap). While further information on Authelia can be found on their [Github](https://github.com/authelia/authelia) and [website](https://www.authelia.com/).

View File

@@ -98,95 +98,6 @@ questions:
schema:
type: int
default: 1
- variable: password_policy
group: "App Configuration"
label: "Password Policy Configuration"
description: "Authelia allows administrators to configure an enforced password policy."
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: standard
label: Standard
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
- variable: min_length
label: "Minimum Password Length"
description: "Minimum Password Length"
schema:
type: int
required: true
show_if: [["enabled", "=", true]]
default: 8
- variable: max_length
label: "Max Passsword Length"
description: "Max Password Length"
schema:
type: int
required: true
show_if: [["enabled", "=", true]]
default: 0
- variable: require_uppercase
label: "Require Upppercase"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
required: true
- variable: require_lowercase
label: "Require Lowercase"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
required: true
- variable: require_number
label: "Require Numbers"
description: "Require Numbers in the password"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
required: true
- variable: require_special
label: "Require Special Characters"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
- variable: zxcvbn
label: zxcvbn
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
required: true
- variable: min_score
label: "Min Score"
schema:
type: int
required: true
show_if: [["enabled", "=", true]]
default: 3
- variable: duo_api
group: "App Configuration"
label: "DUO API Configuration"

View File

@@ -62,20 +62,6 @@ data:
issuer: {{ .Values.totp.issuer | default .Values.domain }}
period: {{ .Values.totp.period | default 30 }}
skew: {{ .Values.totp.skew | default 1 }}
{{- if .Values.password_policy.enabled }}
password_policy:
standard:
enabled: {{ .Values.password_policy.standard.enabled | default false }}
min_length: {{ .Values.password_policy.standard.min_length | default 8 }}
max_length: {{ .Values.password_policy.standard.max_length | default 0 }}
require_uppercase: {{ .Values.password_policy.standard.require_uppercase | default false }}
require_lowercase: {{ .Values.password_policy.standard.require_lowercase | default false }}
require_number: {{ .Values.password_policy.standard.require_number | default false }}
require_special: {{ .Values.password_policy.standard.require_special | default false }}
zxcvbn:
enabled: {{ .Values.password_policy.zxcvbn.enabled | default false }}
min_score: {{ .Values.password_policy.zxcvbn.min_score | default 3 }}
{{- end -}}
{{- if .Values.duo_api.enabled }}
duo_api:
hostname: {{ .Values.duo_api.hostname }}
@@ -219,10 +205,10 @@ data:
{{- with $notifier.smtp.username }}
username: {{ . }}
{{- end }}
sender: {{ $notifier.smtp.sender | quote }}
identifier: {{ $notifier.smtp.identifier | quote }}
sender: {{ $notifier.smtp.sender }}
identifier: {{ $notifier.smtp.identifier }}
subject: {{ $notifier.smtp.subject | quote }}
startup_check_address: {{ $notifier.smtp.startup_check_address | quote }}
startup_check_address: {{ $notifier.smtp.startup_check_address }}
disable_require_tls: {{ $notifier.smtp.disable_require_tls }}
disable_html_emails: {{ $notifier.smtp.disable_html_emails }}
tls:

View File

@@ -117,25 +117,6 @@ totp:
## See: https://www.authelia.com/docs/configuration/one-time-password.html#period-and-skew to read the documentation.
skew: 1
##
## Password Policy Config
##
## Parameters used for Password Policies
password_policy:
## See: https://www.authelia.com/configuration/security/password-policy/
standard:
enabled: false
min_length: 8
max_length: 0
require_uppercase: false
require_lowercase: false
require_number: false
require_special: false
zxcvbn:
## See https://www.authelia.com/configuration/security/password-policy/#zxcvbn for more info
enabled: false
min_score: 3
##
## Duo Push API Configuration
##

View File

@@ -1,13 +1,13 @@
apiVersion: v2
appVersion: "0.22.0"
appVersion: "0.21.0"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
- condition: redis.enabled
name: redis
repository: https://deps.truecharts.org
version: 8.0.42
version: 7.0.6
description: Blocky is a DNS proxy, DNS enhancer and ad-blocker for the local network written in Go
home: https://truecharts.org/charts/enterprise/blocky
icon: https://truecharts.org/img/hotlink-ok/chart-icons/blocky.png
@@ -25,8 +25,9 @@ sources:
- https://0xerr0r.github.io/blocky/
- https://github.com/0xERR0R/blocky
- https://github.com/Mozart409/blocky-frontend
version: 9.0.5
version: 8.0.0
annotations:
truecharts.org/category: network
truecharts.org/catagories: |
- network
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,29 +1,12 @@
# Blocky Setup Guide
This will guide you through the basic setup of Blocky which is the preferred DNS solution for TrueCharts. This guide will cover basic setup options which will get you up and running and is not all inclusive. Configuring your devices to use Blocky is out of scope of this guide.
This will guide you through the basic setup of Blocky which is the preferred DNS solution for TrueCharts. This guide will cover basic setup options which will get you up and running and is not all inclusive.
## Upstream DNS
Blocky has the following DNS entries configured by default. They can be overridden to your personal preferences or left as default. Here are some common ones:
Blocky has multiple DNS entries configured by default these can be overridden to your personal preferences or left as default.
- 1.1.1.1
- 1.0.0.1
- 8.8.8.8
- 8.8.4.4
- 9.9.9.9
- 149.112.112.112
- 208.67.222.222
- 208.67.220.220
- 8.26.56.26
- 8.20.247.20
- 185.228.168.9
- 185.228.169.9
- 76.76.19.19
- 76.223.122.150
- 76.76.2.0
- 76.76.10.0
Blocky supports 3 methods for upstream DNS. You can use any combination of the below.
Blocky supports 3 methods for upstream DNS.
- UDP - Basic DNS
- DoT - DNS over TLS
@@ -54,9 +37,9 @@ While UDP provides no security for DNS both DoT and DoH will encrypt DNS request
## Bootstrap DNS
If you entered a non-IP address (meaning you used a domain name) for DoT or DoH, then you need to ensure that a bootstrap DNS provider
is configured to resolve the DoT or DoH address. This provider can be any UDP upstream DNS.
In the below example I am using Google DNS.
For DNS providers that do not use an IP address for DoT or DoH a bootstrap DNS provider
is needed to resolve the DoT or DoH address. This provider can be any UDP upstream DNS.
In the below example I am using Google DNS.
![blocky-bootstrap-google](./img/blocky-bootstrap-google.png)
@@ -76,17 +59,10 @@ certain blocklists if you find legitimate traffic being blocked.
1. Pick a Group Name for your blocklists.
2. Add List entries for each blocklist by URL.
![blocky-blacklist](./img/blocky-blacklist.png)
![blocky-blacklist](./img/blocky-blacklist.png)
3. Add a Clients Group Block and set Client Group Name to `default`
4. Under Groups Entry enter the Group name you used above.
![blocky-blacklist-group](./img/blocky-blacklist-group.png)
## Networking
If you want to use Blocky on your local network to take advantage of the filtering above, or the k8s-gateway below, you
need to setup a static ip address and leave the default setting DNS TCP Service and DNS UDP Service as LoadBalancer.
You need to configure the devices on your network to use the static IP address configured above. This can be done per device or by changing the DHCP or DNS settings on your router.
![blocky-blacklist-group](./img/blocky-blacklist-group.png)
## k8s-Gateway Configuration
@@ -99,3 +75,4 @@ is to add your root domain in the Domain name block.
## Prometheus/Grafana
TBD

View File

@@ -1,6 +1,6 @@
image:
repository: tccr.io/truecharts/blocky
tag: v0.22.0@sha256:385055de8ad0b9074d2057d054768d649b8289c5dd566367e0b6289ba5d661a4
tag: v0.21.0@sha256:ed72f8a64307b7b734174589ac631726dd642cc8202c3bdf2eeb1de4adedbe0a
pullPolicy: IfNotPresent
k8sgatewayImage:

View File

@@ -10,7 +10,7 @@ keywords:
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
@@ -21,8 +21,9 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/clusterissuer
- https://cert-manager.io/
type: application
version: 4.2.7
version: 4.0.0
annotations:
truecharts.org/category: core
truecharts.org/catagories: |
- core
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,42 +0,0 @@
# Cluster Certificates Setup Guide
This guide will walk you through setting up and using `cluster certificates`.
:::note
Since this is an advanced feature, it is not covered by Truecharts support.
:::
## Prerequisites
- Ensure you have completed the [clusterissuer Setup Guide](how-to)
- Install the `kubernetes-reflector` app from the `enterprise` train
## Creating a cluster certificate
In the clusterissuer app settings create a new "Cluster-Wide certificate". As with a [single domain certificate](how-to#configure-ingress-using-clusterissuer), input a cert-manager issuer (for example an ACME issuer you configured previously), a list of hosts for which the certificate is valid (you can use wildcards), and a name you will use to reference it.
:::note
In order for an ACME issuer to issue a wildcard certificate, you need to have a DNS01 challenge solver configured.
:::
![clusterissuer6](img/clusterissuer6.png)
After creating the cluster certificate, verify it is working by checking the `Application Events` created in the `clusterissuer` app (see [how to verify a single app certificate is working](how-to#verifying-clusterissuer-is-working) for more information).
## Using a cluster certificate
After you have verified the certificate was created successfully, edit the settings of the app you wish to use it for and go to the _Ingress_ section.
If you have previously used a single domain certificate from clusterissuer, remove the specified issuer name. Then, click on _Show Advanced Settings_ and add a _TLS_ entry. Enter the name of your cluster certificate, and the certificate host(s) which it will be used for. These are usually the same as your app host(s), unless you wish to use more than one certificate. Save the chart.
:::note
In order for your cluster certificate to show up as valid, the certificate hosts it is used for must match the ones specified when creating it in the clusterissuer app settings. For example, in this case we configure the certificate host `jellyfin.example.com`, which matches the configured wildcard certificate host (`*.example.com`).
:::
![clusterissuer7](img/clusterissuer7.png)

View File

@@ -8,20 +8,13 @@ This guide will walk you through setting up `clusterissuer`, certificate managem
- [Traefik](https://truecharts.org/charts/enterprise/traefik/) is installed from enterprise train
- [Cert-Mananger](https://truecharts.org/charts/operators/cert-manager/) and [Prometheus-Operator](https://truecharts.org/charts/operators/prometheus-operator/) are installed from the operators train
:::warning DNS
As part of the DNS verification process cert-manager will connect to authoritative nameservers to validate the DNS ACME entry. Any firewall or router rules blocking or modifying DNS traffic will cause this process to fail and prevent the issuance of certificates. Ensure no firewall or router rules are in place blocking or modifying DNS traffic to assigned authoritative nameservers. Below is an example of cloudflare assigned authoritative nameservers (these nameservers are unique to each user).
![cloudflare-nameservers](./img/cloudflare-nameservers.png)
:::
## Set Scale Nameservers
It is important to configure Scale with reliable nameserver to avoid issues handling DNS-01 challenges. Under Network -> Global Configuration-> Nameservers, we recommend setting 1.1.1.1/1.0.0.1 or 8.8.8.8/8.8.4.4.
It is important to configure Scale with reliable nameserver to avoid issues handling DNS-01 challenges. Under Network -> Global Configuration-> Nameservers, we recommend setting 1.1.1.1, 9.9.9.9 or 8.8.8.8.
![clusterissuer scale nameservers](img/scale-network-nameserver.png)
## Install clusterissuer App
:::note
@@ -44,7 +37,7 @@ Login to Cloudflare dashboard and go to the [Cloudflare API Tokens](https://dash
![clusterissuer app card](img/cf-apitokens-template.png)
The recommended `API Token` permissions are below:
The recommended `API Token` permissions are below:
![clusterissuer app card](img/cf-apitokens-perms.png)
#### Cloudflare ACME Issuer Settings

Binary file not shown.

Before

Width:  |  Height:  |  Size: 35 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 22 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 41 KiB

View File

@@ -47,8 +47,6 @@ questions:
description: rfc2136 (Advanced)
- value: HTTP01
description: HTTP01 (Experimental)
- value: acmedns
description: ACME DNS (Advanced)
- variable: server
label: Server
description: "Server for ACME, for example: letsencrypt"
@@ -197,64 +195,7 @@ questions:
type: string
required: true
default: ""
- variable: acmednsHost
label: ACME DNS host
description: "ACME DNS API server address"
schema:
show_if: [["type", "=", "acmedns"]]
type: string
required: true
default: "https://auth.acme-dns.io"
- variable: acmednsConfig
label: ACME DNS config
description: "ACME DNS per-domain auth configuration"
schema:
show_if: [["type", "=", "acmedns"]]
type: list
default: []
items:
- variable: acmednsEntry
label: 'ACME DNS entry'
schema:
type: dict
attrs:
- variable: domain
label: Domain
schema:
type: string
required: true
- variable: username
label: Username
schema:
type: string
required: true
- variable: password
label: Password
schema:
type: string
required: true
- variable: fulldomain
label: Full domain
schema:
type: string
required: true
- variable: subdomain
label: Subdomain
schema:
type: string
required: true
- variable: allowFrom
label: Allow from
schema:
type: list
default: []
items:
- variable: cidr
label: CIDR
schema:
type: ipaddr
cidr: true
required: true
- variable: CA
label: Certificate Authority Issuer
schema:
@@ -329,59 +270,6 @@ questions:
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: "selfsigned"
- variable: clusterCertificates
group: App Configuration
label: Cluster Wide Certificates (Advanced)
description: "Creates certificates for use within the entire cluster. Can be used to create wildcard certificates."
schema:
additional_attrs: true
type: dict
attrs:
- variable: certificates
label: Cluster Certificates
schema:
type: list
default: []
items:
- variable: CertEntry
label: 'Certificate Entry'
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: true
- variable: name
label: Certificate Name
schema:
type: string
required: true
default: ""
- variable: certificateIssuer
label: Cert-Manager clusterIssuer
description: "One of the Cert-Manager clusterIssuers defined above"
schema:
type: string
required: true
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
default: "selfsigned"
- variable: hosts
label: Certificate Hosts
description: "NOTE: Creation of wildcard certificates with an ACME issuer requires a DNSO1 solver to be set up."
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: customMetrics
group: Metrics
label: Prometheus Metrics

View File

@@ -1,31 +1,15 @@
{{- define "certmanager.clusterissuer.acme" -}}
{{- $operator := index $.Values.operator "cert-manager" -}}
{{- $namespace := $operator.namespace | default "cert-manager" -}}
{{- $rfctsigSecret := .rfctsigSecret | default "" -}}
{{/* https://cert-manager.io/docs/configuration/acme/dns01/rfc2136/#troubleshooting */}}
{{- if $rfctsigSecret -}} {{/* If we try to decode and fail, go on and encode it. */}}
{{- if (contains "illegal base64" (b64dec $rfctsigSecret)) -}}
{{- $rfctsigSecret = b64enc $rfctsigSecret -}}
{{- end -}}
{{- end -}}
{{- range .Values.clusterIssuer.ACME }}
{{- if or (not .name) (not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name)) -}}
{{- if not (mustRegexMatch "^[a-z]+(-?[a-z]){0,63}-?[a-z]+$" .name) -}}
{{- fail "ACME - Expected name to be all lowercase with hyphens, but not start or end with a hyphen" -}}
{{- end -}}
{{- $validTypes := list "HTTP01" "cloudflare" "route53" "digitalocean" "akamai" "rfc2136" "acmedns" -}}
{{- $validTypes := list "HTTP01" "cloudflare" "route53" "digitalocean" "akamai" "rfc2136" -}}
{{- if not (mustHas .type $validTypes) -}}
{{- fail (printf "Expected ACME type to be one of [%s], but got [%s]" (join ", " $validTypes) .type) -}}
{{- end -}}
{{- $issuerSecretName := printf "%s-clusterissuer-secret" .name }}
{{- $acmednsDict := dict -}}
{{- if and (eq .type "acmedns") (not .acmednsConfigJson) }}
{{- range .acmednsConfig }}
{{/* Transform to a dict with domain as a key, also remove domain from the dict */}}
{{- $_ := set $acmednsDict .domain (omit . "domain") -}}
{{- end }}
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
@@ -40,7 +24,7 @@ spec:
solvers:
{{- if eq .type "HTTP01" }}
- http01:
ingress: {}
ingress:
{{- else }}
- dns01:
{{- if eq .type "cloudflare" }}
@@ -92,12 +76,6 @@ spec:
tsigSecretSecretRef:
name: {{ $issuerSecretName }}
key: rfctsigSecret
{{- else if eq .type "acmedns" }}
acmeDNS:
host: {{ .acmednsHost }}
accountSecretRef:
name: {{ $issuerSecretName }}
key: acmednsJson
{{- end -}}
{{- end }}
---
@@ -115,11 +93,6 @@ stringData:
akclientSecret: {{ .akclientSecret | default "" }}
akaccessToken: {{ .akaccessToken | default "" }}
doaccessToken: {{ .doaccessToken | default "" }}
rfctsigSecret: {{ $rfctsigSecret }}
{{- if .acmednsConfigJson }}
acmednsJson: {{ .acmednsConfigJson }}
{{- else if $acmednsDict }}
acmednsJson: {{ toJson $acmednsDict }}
{{- end -}}
{{- end -}}
rfctsigSecret: {{ .rfctsigSecret | default "" }}
{{- end }}
{{- end -}}

View File

@@ -1,36 +0,0 @@
{{- define "certmanager.clusterissuer.clusterCertificates" -}}
{{- if .Values.clusterCertificates -}}
{{- $certs := dict -}}
{{- $secretTemplates := dict -}}
{{- $certNamespace := (include "tc.v1.common.lib.metadata.namespace" (dict "rootCtx" $ "objectData" $certs "caller" "ClusterCertificates")) -}}
{{- $replicationNamespaces := ".*" -}}
{{- if .Values.clusterCertificates.replicationNamespaces -}}
{{- $replicationNamespaces = .Values.clusterCertificates.replicationNamespaces -}}
{{- else if .Values.ixChartContext -}}
{{- $replicationNamespaces = "ix-.*" -}}
{{- end -}}
{{- $reflectorAnnotations := (dict
"reflector.v1.k8s.emberstack.com/reflection-allowed" "true"
"reflector.v1.k8s.emberstack.com/reflection-auto-enabled" "true"
"reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces" (printf "%v,%v" $certNamespace $replicationNamespaces)
"reflector.v1.k8s.emberstack.com/reflection-auto-namespaces" $replicationNamespaces ) -}}
{{- $certAnnotations := (mustMerge ($reflectorAnnotations) (include "tc.v1.common.lib.metadata.allAnnotations" $ | fromYaml)) -}}
{{- $_ := set $secretTemplates "annotations" $certAnnotations -}}
{{- range .Values.clusterCertificates.certificates -}}
{{- $_ := set $certs .name dict -}}
{{- $currentCert := (index $certs (.name)) -}}
{{- $_ := set $currentCert "enabled" .enabled -}}
{{- $_ := set $currentCert "nameOverride" .name -}}
{{- $_ := set $currentCert "hosts" .hosts -}}
{{- $_ := set $currentCert "certificateIssuer" .certificateIssuer -}}
{{- $_ := set $currentCert "secretTemplate" $secretTemplates -}}
{{- end -}}
{{- $_ := set .Values "cert" $certs -}}
{{/* Render the ClusterWide Certificate(s) */}}
{{- include "tc.v1.common.spawner.certificate" . | nindent 0 -}}
{{- end -}}
{{- end -}}

View File

@@ -7,8 +7,3 @@
{{- include "certmanager.clusterissuer.acme" . }}
{{- include "certmanager.clusterissuer.selfsigned" . }}
{{- include "certmanager.clusterissuer.ca" . }}
{{/* Must be called after the initial loader.apply template,
because it overrides .Values.cert in order to generate
the additional cluster-wide certificates */}}
{{- include "certmanager.clusterissuer.clusterCertificates" . }}

View File

@@ -1,6 +1,6 @@
image:
repository: tccr.io/truecharts/scratch
tag: latest@sha256:7f821eeb99d04ac248c47f79cfbcc2482651fea48aff9ec5d2ba0ba34f1f5531
tag: latest@sha256:1a9a10a0a5f5cb5fe4b30ac6d9c56ff87ad47f3f3490bafb6938fc155230131b
pullPolicy: IfNotPresent
manifestManager:
enabled: true
@@ -59,7 +59,7 @@ clusterIssuer:
# # Used primarily for the SCALE GUI
# customServer: 'https://acme-staging-v02.api.letsencrypt.org/directory'
# email: ""
# # Options: HTTP01, cloudflare, route53, akamai, digitalocean, rfc2136, acmedns
# # Options: HTTP01, cloudflare, route53
# type: ""
# # for cloudflare
# cfapikey: ""
@@ -82,27 +82,3 @@ clusterIssuer:
# tsigKeyName: ""
# tsigAlgorithm: ""
# rfctsigSecret: ""
# # for acmedns
# name: sd
# acmednsHost: asdf
# # Pick one of the bellow acmednsConfig
# acmednsConfigJson:
# acmednsConfig:
# - domain: ""
# username: ""
# password: ""
# fulldomain: ""
# subdomain: ""
# allowFrom: []
clusterCertificates:
# Namespaces in which the certificates must be available
# Accepts comma-separated regex expressions
# replicationNamespaces: 'ix-.*'
certificates: []
# - name: mycert
# enabled: true
# certificateIssuer: selfsigned
# hosts:
# - my.domain.com
# - '*.my.domain.com'

View File

@@ -1,28 +0,0 @@
apiVersion: v2
appVersion: "0.13.6"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
deprecated: false
description: ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
home: https://truecharts.org/charts/enterprise/external-dns
icon: https://truecharts.org/img/hotlink-ok/chart-icons/external-dns.png
keywords:
- external-dns
- k8s
- kubernetes
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: external-dns
sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/external-dns
- https://github.com/kubernetes-sigs/external-dns
type: application
version: 1.0.1
annotations:
truecharts.org/category: networking
truecharts.org/SCALE-support: "true"

View File

@@ -1,27 +0,0 @@
# README
## General Info
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
However only installations using the TrueNAS SCALE Apps system are supported.
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
*All Rights Reserved - The TrueCharts Project*

Binary file not shown.

Before

Width:  |  Height:  |  Size: 42 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 44 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 22 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 34 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 26 KiB

Binary file not shown.

Before

Width:  |  Height:  |  Size: 78 KiB

View File

@@ -1,80 +0,0 @@
# External-DNS Setup Guide
ExternalDNS synchronizes exposed Kubernetes Services and Ingresses with DNS providers.
## What it does?
Inspired by Kubernetes DNS, Kubernetes' cluster-internal DNS server, ExternalDNS makes Kubernetes resources discoverable via public DNS servers. Like KubeDNS, it retrieves a list of resources (Services, Ingresses, etc.) from the Kubernetes API to determine a desired list of DNS records. Unlike KubeDNS, however, it's not a DNS server itself, but merely configures other DNS providers accordingly—e.g. AWS Route 53 or Google Cloud DNS.
### Prerequisites (required for Support on TrueCharts Discord)
- Traefik
- Clusterissuer / Cert-manager installed (vital if exposed externally)
Please follow the [Getting Started](https://truecharts.org/manual/SCALE/guides/getting-started) guide on the [Truecharts](https://truecharts.org) website.
## Installation instructions
This guide will cover 2 scenarios, `Cloudflare` and `Pi-Hole` / `Pihole`, for more external DNS record providers, see [External-DNS Docs](https://github.com/kubernetes-sigs/external-dns/tree/master/docs/tutorials).
### Cloudflare
These instructions taken from [external-dns cloudflare tutorial](https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/cloudflare.md)
#### Step 1:
Enter `CF_API_TOKEN` (preferred) or `CF_API_EMAIL`/`CF_API_KEY`
![Cloudflare API Token](img/Cloudflare-API-token.png)
#### Step 2:
Enter preferences for Logs and DNS updates (I suggest >5m to prevent log spam) and select `cloudflare` as provider and select sources. I find `ingress` and `service` covers everything. If you want to filter by multiple domains add your `Domain Filter Entry`
![Cloudflare App Config 1](img/Cloudflare-App-Config-1.png)
I recommend using `noop` for `Registry Type` and leaving the rest as default, can add DNS Zone filters as necessary as well (see upstream/cloudflare docs).
![Cloudflare App Config 2](img/Cloudflare-App-Config-2.png)
#### Step 3:
Verify it works, check the logs for updates to DNS records
```2023-11-07 09:36:07.165596-05:00time="2023-11-07T09:36:07-05:00" level=info msg="Instantiating new Kubernetes client"
2023-11-07 09:36:07.165633-05:00time="2023-11-07T09:36:07-05:00" level=info msg="Using inCluster-config based on serviceaccount-token"
2023-11-07 09:36:07.165850-05:00time="2023-11-07T09:36:07-05:00" level=info msg="Created Kubernetes client https://172.17.0.1:443"
2023-11-07 09:36:08.958946-05:00time="2023-11-07T09:36:08-05:00" level=info msg="Changing record." action=CREATE record=seafile.DOMAIN.com ttl=1 type=A zone=d959ce24eb85d78a7f527b6150446335
```
If this works, you'll see DNS entries inside Cloudflare's DNS page.
### PiHole
#### Step 1
Ignore Provider Credentials, and skip straight to `App Configuration` and select `pihole`, add domain filters as necessary
![PiHole App Config 1](img/PiHole-Config-1.png)
Change to `noop` for `Registry Type` and add `PiHole Server Address` (default is `http://pihole.ix-pihole.svc.cluster.local:9089`) and `PiHole Server Password`
![PiHole App Config 2](img/PiHole-Config-2.png)
#### Step 2
Verify logs from `External-DNS` to see if it connects and updates `PiHole`
```d:false IBMCloudConfigFile:/etc/kubernetes/ibmcloud.json TencentCloudConfigFile:/etc/kubernetes/tencent-cloud.json TencentCloudZoneType: PiholeServer:http://pihole.ix-pihole.svc.cluster.local:9089 PiholePassword:****** PiholeTLSInsecureSkipVerify:false PluralCluster: PluralProvider:}"
2023-11-07 10:29:07.801555-05:00time="2023-11-07T10:29:07-05:00" level=info msg="Instantiating new Kubernetes client"
2023-11-07 10:29:07.801568-05:00time="2023-11-07T10:29:07-05:00" level=info msg="Using inCluster-config based on serviceaccount-token"
2023-11-07 10:29:07.801861-05:00time="2023-11-07T10:29:07-05:00" level=info msg="Created Kubernetes client https://172.17.0.1:443"
2023-11-07 10:29:08.008741-05:00time="2023-11-07T10:29:08-05:00" level=info msg="add firezone.DOMAIN.com IN A -> 192.168.88.105"
2023-11-07 10:29:10.048171-05:00time="2023-11-07T10:29:10-05:00" level=info msg="add scrutiny.DOMAN.com IN A -> 192.168.88.105"
```
Check `PiHole` GUI for A records under `Local DNS`
![PiHole-GUI](img/PiHole-GUI.png)
Enjoy!

Binary file not shown.

Before

Width:  |  Height:  |  Size: 251 KiB

View File

@@ -1,350 +0,0 @@
# Include{groups}
portals:
open:
# Include{portalLink}
questions:
# Include{global}
# Include{workload}
# Include{workloadDeployment}
# Include{replicas1}
# Include{podSpec}
# Include{containerMain}
- variable: env
label: "Provider Specific Credentials - Main Config Below"
schema:
additional_attrs: true
type: dict
attrs:
- variable: CF_API_TOKEN
label: Cloudflare API Token (preferred)
description: Cloudflare API Token, optimal when using with Cloudflare
schema:
type: string
default: ""
- variable: CF_API_KEY
label: Cloudflare API Key
description: Cloudflare API Key if not using the preferred API Token
schema:
type: string
default: ""
- variable: CF_API_EMAIL
label: Cloudflare API Email
description: Cloudflare API email if not using the preferred API Token
schema:
type: string
default: ""
- variable: DO_TOKEN
label: Digitalocean API Key
description: Needed for read / write access on Digitalocean
schema:
type: string
default: ""
- variable: DNSSIMPLE_OAUTH
label: DNS Simple OAUTH Key
description:
schema:
type: string
default: ""
- variable: LINODE_TOKEN
label: Linode PI Key
description: Needed for read / write access on Linode
schema:
type: string
default: ""
- variable: OVH_APPLICATION_KEY
label: OVH Application Key
description: OVH Application Key
schema:
type: string
default: ""
- variable: OVH_APPLICATION_SECRET
label: OVH Application Secret
description: OVH Application Secret
schema:
type: string
default: ""
- variable: OVH_CONSUMER_KEY
label: OVH Consumer Key
description: Your OVH Consumer key after validated link
schema:
type: string
default: ""
- variable: SCW_ACCESS_KEY
label: Scaleway Access Key
description: Your Scaleway Access Key
schema:
type: string
default: ""
- variable: SCW_SECRET_KEY
label: Scaleway Secret Key
description: Your Scaleway Secret Key
schema:
type: string
default: ""
# Include{containerBasic}
# Include{containerAdvanced}
# Include{containerConfig}
- variable: externaldns
group: App Configuration
label: External-DNS Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: logLevel
label: Log Verbosity Level
description: How description the logs are, from info to debug.
schema:
type: string
required: true
default: info
enum:
- value: info
description: info
- value: warning
description: warning
- value: error
description: error
- value: panic
description: panic
- value: debug
description: debug
- value: fatal
description: fatal
- variable: logFormat
label: Log Format
description: Output logs in either text or Json
schema:
type: string
default: text
enum:
- value: text
description: text
- value: json
description: json
- variable: interval
label: The interval for DNS updates.
description: How often the DNS will you update your DNS records
schema:
type: string
default: 5m
- variable: provider
label: Provider
description: Provider where the upstream DNS records will be created, eg Cloudflare, Digitalocean or things such as pihole. Some providers need additional args set when using them, please refer to upstream documentation for their usage.
schema:
type: string
required: true
default: cloudflare
enum:
- value: akamai
description: akamai
- value: alibabacloud
description: alibabacloud
- value: aws
description: aws
- value: aws-sd
description: aws-sd
- value: azure
description: azure
- value: azure-dns
description: azure-dns
- value: azure-private-dns
description: azure-private-dns
- value: bluecat
description: bluecat
- value: civo
description: civo
- value: cloudflare
description: cloudflare
- value: coredns
description: coredns
- value: designate
description: designate
- value: digitalocean
description: digitalocean
- value: dnsimple
description: dnsimple
- value: dyn
description: dyn
- value: exoscale
description: exoscale
- value: gandi
description: gandi
- value: godaddy
description: godaddy
- value: google
description: google
- value: ibmcloud
description: ibmcloud
- value: infoblox
description: infoblox
- value: inmemory
description: inmemory
- value: linode
description: linode
- value: ns1
description: ns1
- value: oci
description: oci
- value: pdns
description: pdns
- value: pihole
description: pihole
- value: plural
description: plural
- value: rcodezero
description: rcodezero
- value: rdns
description: rdns
- value: rfc2136
description: rfc2136
- value: safedns
description: safedns
- value: scaleway
description: scaleway
- value: skydns
description: skydns
- value: tencentcloud
description: tencentcloud
- value: transip
description: transip
- value: ultradns
description: ultradns
- value: vinyldns
description: vinyldns
- value: vultr
description: vultr
- variable: sources
label: "Sources"
schema:
type: list
default: ["ingress"]
items:
- variable: source
label: source
schema:
type: string
required: true
default: ingress
enum:
- value: ingress
description: ingress
- value: service
description: service
- variable: domainFilters
label: Domain Filters
description: Limit possible target zones by domain suffixes.
schema:
type: list
default: []
items:
- variable: domainFilterEntry
label: Domain Filter Entry
schema:
type: string
default: ""
required: true
- variable: zoneidFilters
label: Cloudflare DNS Zone Filter (optional)
description: Limit possible target zones by zone IDs. (Optional)
schema:
type: list
show_if: [["provider", "=", "cloudflare"]]
default: []
items:
- variable: zoneidFilterEntry
label: Zone ID Filter Entry
schema:
type: string
default: ""
required: true
- variable: registry
label: Registry Type
description: Available registry types are txt, noop
schema:
type: string
default: noop
enum:
- value: txt
description: text
- value: noop
description: noop
- variable: policy
label: DNS Synchronization Policy
description: How DNS records are synchronized between sources and providers
schema:
type: string
default: upsert-only
enum:
- value: upsert-only
description: upsert-only
- value: sync
description: sync
- variable: txtOwnerId
label: txt Owner Id
description: TXT registry identifier.
schema:
type: string
default: ""
- variable: txtPrefix
label: txtPrefix
description: Prefix to create a TXT record with a name following the pattern prefix.<CNAME record>
schema:
type: string
default: ""
- variable: txtSuffix
label: txtSuffix
description: TXT Suffix to attach
schema:
type: string
default: ""
- variable: piholeServer
label: Pi-Hole Server Address
description: Actual adresss/FQDN of your Pi-Hole install, such as pihole-web.pihole.svc.cluster.local,
schema:
type: string
show_if: [["provider", "=", "pihole"]]
default: ""
- variable: piholePassword
label: Pi-Hole Server Passowrd
description: Password for Pi-Hole
schema:
type: string
show_if: [["provider", "=", "pihole"]]
private: true
default: ""
# Include{podOptions}
# Include{serviceExpertRoot}
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceList}
# Include{ingressList}
# Include{securityContextRoot}
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 568
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID of the user running the application"
schema:
type: int
default: 568
# Include{securityContextContainer}
# Include{securityContextAdvanced}
# Include{securityContextPod}
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
# Include{resources}
# Include{advanced}
# Include{addons}
# Include{codeserver}
# Include{netshoot}
# Include{vpn}
# Include{documentation}

View File

@@ -1,50 +0,0 @@
{{- define "externaldns.args" -}}
args:
{{- with .Values.externaldns.provider }}
- --provider={{ . }}
{{- end -}}
{{- with .Values.externaldns.zoneidFilters }}
- --zone-id-filter={{ . }}
{{- end -}}
{{- with .Values.externaldns.cloudflareProxied }}
- --cloudflare-proxied={{ . }}
{{- end }}
- --log-level={{ .Values.externaldns.logLevel }}
- --log-format={{ .Values.externaldns.logFormat }}
- --interval={{ .Values.externaldns.interval }}
{{- if .Values.externaldns.triggerLoopOnEvent }}
- --events
{{- end -}}
{{- range .Values.externaldns.sources }}
- --source={{ . }}
{{- end -}}
{{- with .Values.externaldns.policy }}
- --policy={{ . }}
{{- end -}}
{{- with .Values.externaldns.registry }}
- --registry={{ . }}
{{- end -}}
{{- with .Values.externaldns.txtOwnerId }}
- --txt-owner-id={{ . }}
{{- end -}}
{{- with .Values.externaldns.txtPrefix }}
- --txt-prefix={{ . }}
{{- end -}}
{{- if and (eq .Values.externaldns.txtPrefix "") (ne .Values.externaldns.txtSuffix "") }}
- --txt-suffix={{ .Values.externaldns.txtSuffix }}
{{- end -}}
{{- if .Values.externaldns.namespaced }}
- --namespace={{ include "tc.v1.common.lib.metadata.namespace" (dict "caller" "External-DNS" "rootCtx" $ "objectData" .Values) }}
{{- end -}}
{{- with .Values.externaldns.domainFilter }}
{{- range . -}}
- --domain-filter={{ . }}
{{- end -}}
{{- end -}}
{{- with .Values.externaldns.piholeServer }}
- --pihole-server={{ . }}
{{- end -}}
{{- with .Values.externaldns.piholePassword }}
- --pihole-password={{ . }}
{{- end -}}
{{- end -}}

View File

@@ -1,9 +0,0 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.v1.common.loader.init" . }}
{{- $newArgs := (include "externaldns.args" . | fromYaml) }}
{{- $args := concat ((get .Values.workload.main.podSpec.containers.main "args") | default list) $newArgs.args }}
{{- $_ := set .Values.workload.main.podSpec.containers.main "args" $args -}}
{{/* Render the templates */}}
{{ include "tc.v1.common.loader.apply" . }}

View File

@@ -1,151 +0,0 @@
image:
repository: tccr.io/truecharts/external-dns
pullPolicy: IfNotPresent
tag: v0.13.6@sha256:78c942addf7fbc79c384e55bed9a886706c748d744cedf6214d4a50dd7b76d54
externaldns:
logLevel: "info"
logFormat: "text"
interval: "1m"
provider: "inmemory"
sources:
- "service"
- "ingress"
domainFilters: []
zoneidFilters: []
cloudflareProxied: ""
registry: "txt"
policy: ""
piholeServer: ""
piholePassword: ""
triggerLoopOnEvent: "false"
txtOwnerId: ""
txtPrefix: ""
txtSuffix: ""
service:
main:
ports:
main:
protocol: http
targetPort: 7979
port: 7979
workload:
main:
podSpec:
containers:
main:
probes:
liveness:
path: "/healthz"
readiness:
path: "/healthz"
startup:
path: "/healthz"
env:
CF_API_TOKEN: ""
CF_API_KEY: ""
CF_API_EMAIL: ""
DO_TOKEN: ""
DNSIMPLE_OAUTH: ""
LINODE_TOKEN: ""
OVH_APPLICATION_KEY: ""
OVH_APPLICATION_SECRET: ""
OVH_CONSUMER_KEY: ""
SCW_ACCESS_KEY: ""
SCW_SECRET_KEY: ""
# -- Whether Role Based Access Control objects like roles and rolebindings should be created
rbac:
main:
enabled: true
primary: true
clusterWide: true
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["list","watch"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["get","watch","list"]
- apiGroups: [""]
resources: ["services","endpoints"]
verbs: ["get","watch","list"]
- apiGroups: ["extensions","networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get","watch","list"]
- apiGroups: ["networking.istio.io"]
resources: ["gateways"]
verbs: ["get","watch","list"]
- apiGroups: ["networking.istio.io"]
resources: ["virtualservices"]
verbs: ["get","watch","list"]
- apiGroups: ["getambassador.io"]
resources: ["hosts","ingresses"]
verbs: ["get","watch","list"]
- apiGroups: ["projectcontour.io"]
resources: ["httpproxies"]
verbs: ["get","watch","list"]
- apiGroups: ["externaldns.k8s.io"]
resources: ["dnsendpoints"]
verbs: ["get","watch","list"]
- apiGroups: ["externaldns.k8s.io"]
resources: ["dnsendpoints/status"]
verbs: ["*"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["gateways"]
verbs: ["get","watch","list"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["httproutes"]
verbs: ["get","watch","list"]
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get","watch","list"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["grpcroutes"]
verbs: ["get","watch","list"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["tlsroutes"]
verbs: ["get","watch","list"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["tcproutes"]
verbs: ["get","watch","list"]
- apiGroups: ["gateway.networking.k8s.io"]
resources: ["udproutes"]
verbs: ["get","watch","list"]
- apiGroups: ["gloo.solo.io","gateway.solo.io"]
resources: ["proxies","virtualservices"]
verbs: ["get","watch","list"]
- apiGroups: ["configuration.konghq.com"]
resources: ["tcpingresses"]
verbs: ["get","watch","list"]
- apiGroups: ["traefik.containo.us", "traefik.io"]
resources: ["ingressroutes", "ingressroutetcps", "ingressrouteudps"]
verbs: ["get","watch","list"]
- apiGroups: ["route.openshift.io"]
resources: ["routes"]
verbs: ["get","watch","list"]
- apiGroups: ["zalando.org"]
resources: ["routegroups"]
verbs: ["get","watch","list"]
- apiGroups: ["zalando.org"]
resources: ["routegroups/status"]
verbs: ["patch","update"]
- apiGroups: ["cis.f5.com"]
resources: ["virtualservers"]
verbs: ["get","watch","list"]
# -- The service account the pods will use to interact with the Kubernetes API
serviceAccount:
main:
enabled: true
primary: true
podOptions:
automountServiceAccountToken: true
portal:
open:
enabled: false

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "10.2.0"
appVersion: "10.0.3"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
home: https://truecharts.org/charts/enterprise/grafana
@@ -24,8 +24,9 @@ sources:
- https://github.com/bitnami/bitnami-docker-grafana
- https://grafana.com/
type: application
version: 9.0.35
version: 9.0.0
annotations:
truecharts.org/category: metrics
truecharts.org/catagories: |
- metrics
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/grafana
pullPolicy: IfNotPresent
tag: v10.2.0@sha256:fd58e89fdc7567b445ef3110016f196deb9dfb2eba0e42711fc5f1437fb53a6f
tag: v10.0.3@sha256:c39406b61cd96aeb602fe1a2e6995053190fb3f09526cbc25886bcc252a2a016
manifestManager:
enabled: true
securityContext:

View File

@@ -1,31 +0,0 @@
apiVersion: v2
appVersion: "7.1.217"
deprecated: false
description: Kubernetes-Reflector is a Kubernetes addon designed to monitor and reflect changes to secrets and configmaps across namespaces
home: https://truecharts.org/charts/enterprise/kubernetes-reflector
icon: https://truecharts.org/img/hotlink-ok/chart-icons/kubernetes-reflector.png
keywords:
- reflector
- secrets
- configmaps
- cert-manager
- certificates
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: kubernetes-reflector
sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/kubernetes-reflector
- https://github.com/emberstack/kubernetes-reflector
type: application
version: 1.0.3
annotations:
truecharts.org/category: operators
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,27 +0,0 @@
# README
## General Info
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
However only installations using the TrueNAS SCALE Apps system are supported.
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/enterprise/)
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
## Support
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE/guides/scale-intro).
- See the [Website](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
---
## Sponsor TrueCharts
TrueCharts can only exist due to the incredible effort of our staff.
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
*All Rights Reserved - The TrueCharts Project*

Binary file not shown.

Before

Width:  |  Height:  |  Size: 5.9 KiB

View File

@@ -1,42 +0,0 @@
# Include{groups}
questions:
# Include{global}
# Include{workload}
# Include{workloadDeployment}
# Include{replicas1}
# Include{podSpec}
# Include{containerMain}
# Include{containerBasic}
# Include{containerAdvanced}
- variable: kubernetesReflector
group: "App Configuration"
label: "Kubernetes-Reflector Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: logLevel
label: "Log Level"
schema:
type: string
default: "Information"
enum:
- value: "Verbose"
description: "Trace"
- value: "Debug"
description: "Debug"
- value: "Information"
description: "Info"
- value: "Warning"
description: "Warnings"
- value: "Error"
description: "Errors"
- value: "Fatal"
description: "Fatal Errors"
# Include{resources}
# Include{advanced}
# Include{addons}
# Include{codeserver}
# Include{netshoot}
# Include{vpn}
# Include{documentation}

View File

@@ -1 +0,0 @@
{{- include "tc.v1.common.loader.all" . }}

View File

@@ -1,78 +0,0 @@
image:
repository: tccr.io/truecharts/kubernetes-reflector
pullPolicy: IfNotPresent
tag: v7.1.217@sha256:4ca9ce8c04441786ba0d343b3e5bfe9c638ac8efcc25aba0aaff3c6fb2363b5f
operator:
register: true
portal:
open:
enabled: false
rbac:
main:
enabled: true
primary: true
clusterWide: true
rules:
- apiGroups:
- ""
resources:
- "configmaps"
- "secrets"
verbs:
- "get"
- "list"
- "watch"
- "create"
- "update"
- "patch"
- "delete"
- apiGroups:
- ""
resources:
- "namespaces"
verbs:
- "watch"
- "list"
serviceAccount:
main:
enabled: true
primary: true
kubernetesReflector:
logLevel: Information
workload:
main:
podSpec:
automountServiceAccountToken: true
containers:
main:
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
env:
ES_Serilog__MinimumLevel__Default: '{{ .Values.kubernetesReflector.logLevel }}'
ES_Reflector__Watcher__Timeout: ""
ES_Reflector__Kubernetes__SkipTlsVerify: "false"
probes:
liveness:
type: http
path: /healthz
port: 25080
readiness:
type: http
path: /healthz
port: 25080
startup:
type: http
path: /healthz
port: 25080
service:
main:
enabled: false

View File

@@ -10,7 +10,7 @@ keywords:
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
@@ -22,8 +22,9 @@ sources:
- https://github.com/metallb/metallb
- https://metallb.universe.tf
type: application
version: 3.0.8
version: 3.0.0
annotations:
truecharts.org/category: core
truecharts.org/catagories: |
- core
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -4,7 +4,7 @@ The guide walks through a basic configuration of MetalLB for a single address po
:::warning
With MetalLB installed, apps will not be reachable using the integrated LoadBalancer. You cannot combine two different LoadBalancers in TrueNAS SCALE.
With MetalLB installed, apps will not be reachable using the integrated loadbalancer. You cannot combine two different loadbalancers in TrueNAS SCALE.
:::
@@ -14,12 +14,6 @@ With MetalLB installed, apps will not be reachable using the integrated LoadBala
![metallb-addtrains](img/metallb_guide_trains.png)
:::caution
Our customized version of MetalLB is only intended for use with other TrueCharts applications. Other catalogs will likely not support our MetalLB application. MetalLB could technically work with TrueNAS catalog apps if they used the LoadBalancer service, but they don't as they use NodePort instead. These atypical configurations aren't officially supported nor encouraged by TrueCharts.
:::
## 1. Install MetalLB Operator from Operators Train
![metallb-apps](img/metallb_guide_apps.png)
@@ -27,7 +21,7 @@ Our customized version of MetalLB is only intended for use with other TrueCharts
Install `metallb` from `operators` train first. There is no config, so just hit save.
If you encounter an error upon install, run the following command as root from system settings -> shell and attempt the install again:
`k3s kubectl delete --grace-period 30 --v=4 -k https://github.com/truecharts/manifests/delete`
```k3s kubectl delete --grace-period 30 --v=4 -k https://github.com/truecharts/manifests/delete```
If you previously had `metallb` installed and encounter an error, delete the old version, then run the above command before proceeding to install the `metallb` operator.
@@ -63,21 +57,21 @@ Once installed, `metallb-config` will always show as Stopped.
![metallb-specifyIP](img/metallb_guide_specifyIP.png)
With MetalLB installed, it's recommended (but optional) to specify IP addresses for your apps.
With MetalLB installed, its is recommended (but optional) to specify IP addresses for your apps.
For each app, under **Networking and Services**, select `LoadBalancer` Service Type for the Main Service.
In the **LoadBalancer IP** field, specify an IP address that is within the MetalLB address pool that you configured. Apply the same IP address to the **LoadBalancer IP** field on other services within the app.
## 4. Disable SCALE's Default LoadBalancer
## 4. Disable SCALE's Default Loadbalancer
With MetalLB installed and configured, you must now disable SCALE's default LoadBalancer.
With MetalLB installed and configured, you must now disable SCALE's default loadbalancer.
In the SCALE UI, under **Apps** > **Settings** > **Advanced Settings**
![metallb-disable](img/metallb_guide_disableLB.png)
Uncheck `Enable Integrated LoadBalancer`.
Uncheck `Enable Integrated Loadbalancer`.
**This will trigger a restart of Kubernetes and all apps**. After roughly 5-10 minutes, your apps will redeploy using the MetalLB-assigned IP addresses.

View File

@@ -1,6 +1,6 @@
image:
repository: tccr.io/truecharts/scratch
tag: latest@sha256:7f821eeb99d04ac248c47f79cfbcc2482651fea48aff9ec5d2ba0ba34f1f5531
tag: latest@sha256:1a9a10a0a5f5cb5fe4b30ac6d9c56ff87ad47f3f3490bafb6938fc155230131b
pullPolicy: IfNotPresent
manifestManager:
enabled: false
@@ -26,7 +26,7 @@ service:
main:
enabled: false
port: 9999
operator:
verify:
enabled: true

View File

@@ -1,17 +1,17 @@
apiVersion: v2
appVersion: "2.47.2"
appVersion: "2.46.0"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
- condition: exporters.enabled,exporters.node-exporter.enabled
name: node-exporter
repository: https://deps.truecharts.org
version: 3.0.37
version: 2.0.7
- condition: exporters.enabled,exporters.kube-state-metrics.enabled
name: kube-state-metrics
repository: https://deps.truecharts.org
version: 3.0.35
version: 2.0.6
deprecated: false
description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
icon: https://truecharts.org/img/hotlink-ok/chart-icons/prometheus.png
@@ -29,8 +29,9 @@ sources:
- https://github.com/prometheus-community/helm-charts
- https://github.com/prometheus-operator/kube-prometheus
type: application
version: 13.0.13
version: 12.0.0
annotations:
truecharts.org/category: metrics
truecharts.org/catagories: |
- metrics
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -80,45 +80,6 @@ questions:
schema:
type: boolean
default: false
- variable: remoteWrite
label: "Remote Write"
schema:
type: list
default: []
items:
- variable: remoteWriteEntry
label: Remote Write Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: url
label: URL
description: Remote write destination URL
schema:
type: string
required: true
default: ""
- variable: basicAuth
label: Basic Auth
description: Basic authentication for remote write
schema:
type: dict
attrs:
- variable: username
label: Username
description: Basic auth username
schema:
type: string
required: true
default: ""
- variable: password
label: Password
description: Basic auth password
schema:
type: string
required: false
default: ""
- variable: exporters
group: "App Configuration"

View File

@@ -126,9 +126,8 @@ spec:
{{- if .Values.prometheus.remoteRead }}
remoteRead: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.remoteRead "context" $) | nindent 4 }}
{{- end }}
{{- with .Values.prometheus.remoteWrite }}
remoteWrite:
{{- tpl (toYaml .) $ | nindent 4 }}
{{- if .Values.prometheus.remoteWrite }}
remoteWrite: {{- include "tc.v1.common.tplvalues.render" (dict "value" .Values.prometheus.remoteWrite "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.prometheus.podSecurityContext.enabled }}
securityContext: {{- omit .Values.prometheus.podSecurityContext "enabled" | toYaml | nindent 4 }}

View File

@@ -1,15 +1,16 @@
image:
repository: tccr.io/truecharts/prometheus
tag: v2.47.2@sha256:609ae6b1d62ee388d8dd552430985bbb332984b6aaa5df5dc62605dfe1f2e035
tag: v2.46.0@sha256:0b0dc821c06967e8562bf32ebd9055eef7f1ddd8851187acbf8871d8bd9c72a3
thanosImage:
repository: tccr.io/truecharts/thanos
tag: v0.32.5@sha256:4cea5ca36f1567993344c3375b9a80d8073dbc8d530656644d36c90683f96464
tag: 0.31.0@sha256:28282d3e63f84cdeeb05e965b173b610d5597997acc7ce75d5849207b0f97b28
alertmanagerImage:
repository: tccr.io/truecharts/alertmanager
tag: v0.26.0@sha256:75279c577a514e90854126ba950cf7afaeac43eda85405fba394658b17ca0a6f
tag: 0.25.0@sha256:6b534671b83aa7fbd91d1b10bf0f1b29b948e4b300f8359a86043d0deba07207
manifestManager:
enabled: true
global:
labels: {}
workload:

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "2.10.5"
appVersion: "2.10.4"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Traefik is a flexible reverse proxy and Ingress Provider.
home: https://truecharts.org/charts/enterprise/traefik
@@ -23,8 +23,9 @@ sources:
- https://github.com/traefik/traefik-helm-chart
- https://traefik.io/
type: application
version: 21.1.5
version: 21.0.0
annotations:
truecharts.org/category: network
truecharts.org/catagories: |
- network
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,3 +1,3 @@
# Authelia + LLDAP + Traefik ForwardAuth Setup guide
Please refer to the full [Authelia + LLDAP + Traefik ForwardAuth Setup guide](https://truecharts.org/charts/enterprise/authelia/Setup-Guide) for a quick guide should take you through the steps necessary to setup `Authelia` as your `forwardAuth` for `Traefik`.
Please refer to the full [Authelia + LLDAP + Traefik ForwardAuth Setup guide](https://truecharts.org/charts/enterprise/authelia/Setup-Guide) for a quick guide should take you through the steps necessary to setup `Authelia` as your `forwardAuth` for `Traefik`.

View File

@@ -187,7 +187,6 @@ questions:
# Include{bufferingMiddleware}
# Include{customRequestHeadersMiddleware}
# Include{customResponseHeadersMiddleware}
# Include{rewriteResponseHeadersMiddleware}
# Include{customFrameOptionsValueMiddleware}
# Include{chainMiddleware}
# Include{redirectSchemeMiddleware}

View File

@@ -173,19 +173,9 @@ args:
{{/* End of GeoBlock */}}
{{/* RealIP */}}
{{- if .Values.middlewares.realIP }}
- "--experimental.localPlugins.traefik-real-ip.modulename=github.com/jramsgz/traefik-real-ip"
- "--experimental.localPlugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
{{- end }}
{{/* End of RealIP */}}
{{/* ModSecurity */}}
{{- if .Values.middlewares.modsecurity }}
- "--experimental.localPlugins.traefik-modsecurity-plugin.modulename=github.com/acouvreur/traefik-modsecurity-plugin"
{{- end }}
{{/* End of ModSecurity */}}
{{/* RewriteResponseHeaders */}}
{{- if .Values.middlewares.rewriteResponseHeaders }}
- "--experimental.localPlugins.rewriteResponseHeaders.modulename=github.com/XciD/traefik-plugin-rewrite-headers"
{{- end }}
{{/* End of RewriteResponseHeaders */}}
{{- with .Values.additionalArguments }}
{{- range . }}
- {{ . | quote }}

View File

@@ -8,16 +8,16 @@ metadata:
namespace: {{ $.Release.Namespace }}
spec:
buffering: {{/* Only render if its not <nil> and has a value of 0 or greater */}}
{{- if and (not (kindIs "invalid" $middlewareData.maxRequestBodyBytes)) (ge ($middlewareData.maxRequestBodyBytes | int) 0) }}
{{- if not (kindIs "invalid" $middlewareData.maxRequestBodyBytes) (ge ($middlewareData.maxRequestBodyBytes | int) 0) }}
maxRequestBodyBytes: {{ $middlewareData.maxRequestBodyBytes }}
{{- end -}}
{{- if and (not (kindIs "invalid" $middlewareData.memRequestBodyBytes)) (ge ($middlewareData.memRequestBodyBytes | int) 0) }}
{{- if not (kindIs "invalid" $middlewareData.memRequestBodyBytes) (ge ($middlewareData.memRequestBodyBytes | int) 0) }}
memRequestBodyBytes: {{ $middlewareData.memRequestBodyBytes }}
{{- end -}}
{{- if and (not (kindIs "invalid" $middlewareData.maxResponseBodyBytes)) (ge ($middlewareData.maxResponseBodyBytes | int) 0) }}
{{- if not (kindIs "invalid" $middlewareData.maxResponseBodyBytes) (ge ($middlewareData.maxResponseBodyBytes | int) 0) }}
maxResponseBodyBytes: {{ $middlewareData.maxResponseBodyBytes }}
{{- end -}}
{{- if and (not (kindIs "invalid" $middlewareData.memResponseBodyBytes)) (ge ($middlewareData.memResponseBodyBytes | int) 0) }}
{{- if not (kindIs "invalid" $middlewareData.memResponseBodyBytes) (ge ($middlewareData.memResponseBodyBytes | int) 0) }}
memResponseBodyBytes: {{ $middlewareData.memResponseBodyBytes }}
{{- end -}}
{{- if $middlewareData.retryExpression }}

View File

@@ -1,17 +0,0 @@
{{- range $index, $middlewareData := .Values.middlewares.rewriteResponseHeaders }}
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: {{ ternary (printf "%v-%v" $.Release.Name $middlewareData.name) $middlewareData.name $.Values.ingressClass.enabled }}
namespace: {{ $.Release.Namespace }}
spec:
plugin:
rewriteResponseHeaders:
rewrites:
{{- range $index, $rewriteResponseHeader := $middlewareData.headers }}
- header: {{ $rewriteResponseHeader.name }}
regex: {{ $rewriteResponseHeader.regex | quote }}
replacement: {{ $rewriteResponseHeader.replacement | quote }}
{{- end }}
{{- end -}}

View File

@@ -1,6 +1,6 @@
image:
repository: tccr.io/truecharts/traefik
tag: v2.10.5@sha256:b277733b5b8d7f9d2761813d97e161c1f64ec77960f9c06adde13868efbc8dce
tag: 2.10.4@sha256:028687caa7680c6189c52a6dd28ffd17c3d0a747885ad83b3027fa74023a0fec
pullPolicy: IfNotPresent
manifestManager:
enabled: true
@@ -349,15 +349,6 @@ middlewares:
# value: "foobar"
# - name: X-Header-To-Remove
# value: ""
rewriteResponseHeaders: []
# - name: rewriteResponseHeadersName
# headers:
# - name: "Location"
# regex: "^http://(.+)$"
# replacement: "https://$1"
# - name: "Date"
# regex: "^[^,]+,\\s*(.+)$"
# replacement: "$1"
customFrameOptionsValue: []
# - name: customFrameOptionsValueExample
# value: "SAMEORIGIN"

View File

@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: "1.30.0"
appVersion: "1.29.1"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 14.3.3
version: 14.0.1
deprecated: false
description: Unofficial Bitwarden compatible server written in Rust
home: https://truecharts.org/charts/enterprise/vaultwarden
@@ -25,8 +25,9 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/enterprise/vaultwarden
- https://github.com/dani-garcia/vaultwarden
type: application
version: 23.0.7
version: 22.0.0
annotations:
truecharts.org/category: security
truecharts.org/catagories: |
- security
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,51 +0,0 @@
# Disabling the Admin Interface
:::caution Backup Reminder
Before proceeding, ensure that you have backed up important configurations, especially when making changes to configuration files or secrets. It's also advisable to back up the Vaultwarden database to prevent potential data loss.
:::
This guide is a combination of the [upstream documentation](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page#disabling-the-admin-page) and how we implemented it.
## Modify the Host Secret
To start with the deactivation, you must first modify the secret on the host's shell. Execute the following command:
```bash
k3s kubectl patch secret vaultwarden-vaultwardensecret -n ix-vaultwarden --type='json' -p='[{"op": "remove", "path": "/data/ADMIN_TOKEN"}]'
```
:::info Command Explanation
The command above utilizes `kubectl`, a command-line tool for interacting with Kubernetes clusters. Here's a breakdown:
- `k3s`: This is a lightweight version of Kubernetes.
- `patch secret vaultwarden-vaultwardensecret`: This indicates that we are patching (modifying) the secret named `vaultwarden-vaultwardensecret`.
- `-n ix-vaultwarden`: This specifies the namespace (`ix-vaultwarden`) in which the secret resides.
- `--type='json'`: Specifies that the patch content is of type JSON.
- `-p='[{"op": "remove", "path": "/data/ADMIN_TOKEN"}]'`: This JSON patch instruction tells Kubernetes to remove the `ADMIN_TOKEN` field from the secret.
:::
## Update Container Config
Next, while inside the Vaultwarden container, run the command below to modify the `config.json` file:
```bash
sed -i.bak '/admin_token/d' /data/config.json
```
:::info Command Explanation
- The `sed` command is used to search and delete the line containing `admin_token` from the `config.json` file.
- A backup of the original `config.json` is created with the `.bak` extension before making the change.
:::
## Adjust the App Configuration
Finally, head to the Vaultwarden app's configuration:
1. Find and disable the admin interface option (if it is still enabled).
2. Click "Save" at the bottom to apply the changes.

View File

@@ -200,21 +200,14 @@ questions:
schema:
type: string
default: ""
- variable: security
- variable: ssl
label: "Enable SSL connection"
schema:
type: string
default: "starttls"
enum:
- value: "starttls"
description: "STARTTLS (587)"
- value: "force_tls"
description: "FORCE_TLS (465)"
- value: "off"
description: "OFF (25)"
type: boolean
default: true
- variable: port
label: "SMTP port"
description: "Usually: 587 with STARTTLS, 465 with FORCE_TLS, and 25 without SSL"
description: "Usually: 25 without SSL, 587 with SSL"
schema:
type: int
default: 587

View File

@@ -47,7 +47,7 @@ data:
SMTP_FROM_NAME: {{ .Values.vaultwarden.smtp.fromName | quote }}
{{- end }}
{{- if .Values.vaultwarden.smtp.ssl }}
SMTP_SECURITY: {{ .Values.vaultwarden.smtp.security | quote }}
SMTP_SSL: {{ .Values.vaultwarden.smtp.ssl | quote }}
{{- end }}
{{- if .Values.vaultwarden.smtp.port }}
SMTP_PORT: {{ .Values.vaultwarden.smtp.port | quote }}

View File

@@ -1,7 +1,7 @@
image:
repository: tccr.io/truecharts/vaultwarden
pullPolicy: IfNotPresent
tag: v1.30.0@sha256:57bc723900152d5401473f9e458bed388c253f034eeae878984216166cd14967
tag: v1.29.1@sha256:5a670aee4b1a57a5a414607f9222f558ab365625f64ff78885f7776971c95b54
manifestManager:
enabled: true
service:
@@ -95,8 +95,8 @@ vaultwarden:
## SMTP sender name, defaults to 'Bitwarden_RS'.
# fromName: ""
## Enable SSL connection.
# security: starttls
## SMTP port. Defaults to 587 with STARTTLS, 465 with FORCE_TLS, and 25 without SSL.
# ssl: true
## SMTP port. Defaults to 25 without SSL, 587 with SSL.
# port: 587
## SMTP Authentication Mechanisms. Comma-separated options: 'Plain', 'Login' and 'Xoauth2'. Defaults to 'Plain'.
# authMechanism: Plain
@@ -126,7 +126,7 @@ vaultwarden:
push:
enabled: false
# installationId:
# installationKey:
# installationKey:
## Logging options. https://github.com/dani-garcia/bitwarden_rs/wiki/Logging
log:

View File

@@ -21,8 +21,9 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/incubator/acestream
- https://github.com/vstavrinov/acestream-service
type: application
version: 3.0.0
version: 4.0.0
annotations:
truecharts.org/category: MediaServer-Video
truecharts.org/catagories: |
- MediaServer-Video
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -21,8 +21,9 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/incubator/adguardhome-sync
- https://github.com/bakito/adguardhome-sync/
type: application
version: 3.0.0
version: 4.0.0
annotations:
truecharts.org/category: Other
truecharts.org/catagories: |
- Other
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -1,6 +1,7 @@
annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/category: GameServers
truecharts.org/catagories: |
- GameServers
apiVersion: v2
appVersion: "latest"
dependencies:
@@ -24,4 +25,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/incubator/alienswarm-reactivedrop
- https://www.steampowered.com/
type: application
version: 2.0.9
version: 3.0.0

View File

@@ -1,6 +1,7 @@
annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/category: GameServers
truecharts.org/catagories: |
- GameServers
apiVersion: v2
appVersion: "latest"
dependencies:
@@ -24,4 +25,4 @@ sources:
- https://github.com/truecharts/charts/tree/master/charts/incubator/alienswarm
- https://www.steampowered.com/
type: application
version: 2.0.8
version: 3.0.0

Some files were not shown because too many files have changed in this diff Show More