feat(pialert) add pialert (#5530)

* feat(pi.alert) add pi.alert

* fix path

* Update charts/incubator/pialert/values.yaml

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

* Update charts/incubator/pialert/values.yaml

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>

* basic plumbing

* add note

* add some mroe

* add all

* dark mode init

* subpath

* general ui

* add ui

* rename contaienr

* stupid containers.

* update image

* whops

* move temp config out of config dir

* subpath...

* typos

* meh

* hmm

* whops

* no subpath on volume, only on mount

* empty list

* req

* meh

Signed-off-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros Kois <47820033+stavros-k@users.noreply.github.com>
Co-authored-by: Stavros kois <s.kois@outlook.com>
This commit is contained in:
Xstar97
2022-12-31 12:57:08 -05:00
committed by GitHub
parent 575dd27e81
commit de754ab16b
10 changed files with 884 additions and 0 deletions

View File

@@ -0,0 +1,30 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# OWNERS file for Kubernetes
OWNERS
# helm-docs templates
*.gotmpl
# docs folder
/docs
# icon
icon.png

View File

@@ -0,0 +1 @@
# Changelog

View File

@@ -0,0 +1,30 @@
apiVersion: v2
appVersion: "latest"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 11.0.7
deprecated: false
description: Monitoring your WIFI/LAN network and alerting of new (intruder or hacker) devices.
home: https://truecharts.org/docs/charts/incubator/pialert
icon: https://truecharts.org/img/hotlink-ok/chart-icons/pialert.png
keywords:
- pialert
- networking
kubeVersion: ">=1.16.0-0"
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: pialert
sources:
- https://github.com/truecharts/charts/tree/master/charts/incubator/pialert
- https://github.com/jokob-sk/Pi.Alert
- https://hub.docker.com/r/jokobsk/pi.alert
type: application
version: 0.0.1
annotations:
truecharts.org/catagories: |
- networking
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -0,0 +1 @@
# pialert

View File

@@ -0,0 +1,7 @@
# Installation Notes
:::warning
This app defaults to host network **enabled**.
:::

Binary file not shown.

After

Width:  |  Height:  |  Size: 68 KiB

View File

@@ -0,0 +1,518 @@
# Include{groups}
portals:
open:
# Include{portalLink}
questions:
# Include{global}
# Include{controller}
# Include{replicas}
# Include{replica1}
# Include{controllerExpertExtraArgs}
- variable: pialert
group: App Configuration
label: PiAlert Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: general
label: General
schema:
additional_attrs: true
type: dict
attrs:
- variable: dark_mode
label: Dark Mode
description: Forces dark mode by creating a <setting_darkmode> file in the container
schema:
type: boolean
default: true
- variable: web_protection
label: Web Protection
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: web_password
label: Web Password
schema:
type: string
default: ""
private: true
required: true
- variable: print_log
label: Print Log
schema:
type: boolean
default: false
- variable: report_dashboard_url
label: Report Dashboard URL
schema:
type: string
default: ""
required: true
- variable: days_to_keep_events
label: Days to Keep Events
schema:
type: int
default: 90
required: true
- variable: scan_cycle_minutes
label: Scan Cycle Minutes
schema:
type: int
default: 5
required: true
- variable: included_sections
label: Included Sections
description: Empty list, will add all sections
schema:
type: list
default: []
items:
- variable: section
label: Section
schema:
type: string
default: ""
required: true
enum:
- value: internet
description: Internet
- value: new_devices
description: New Devices
- value: down_devices
description: Down Devices
- value: events
description: Events
- variable: scan_subnets
label: Scan Subnets
description: CIDR format is <192.168.1.0/24> and interface format is <eth0>
schema:
type: list
required: true
default: []
items:
- variable: subnet
label: Subnet
schema:
additional_attrs: true
type: dict
attrs:
- variable: cidr
label: CIDR
schema:
type: string
default: ""
required: true
- variable: interface
label: Interface
schema:
type: string
default: ""
required: true
- variable: pushsafer
label: PushSafer
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: token
label: Token
schema:
type: string
default: ""
private: true
required: true
- variable: apprise
label: Apprise
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: url
label: URL
schema:
type: string
default: ""
required: true
- variable: ntfy
label: ntfy
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: topic
label: Topic
schema:
type: string
default: ""
required: true
- variable: user
label: Username
schema:
type: string
default: ""
- variable: password
label: Password
schema:
type: string
default: ""
- variable: webhook
label: Webhook
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: url
label: URL
schema:
type: string
default: ""
required: true
- variable: payload
label: Payload
schema:
type: string
default: json
required: true
enum:
- value: json
description: JSON
- value: html
description: HTML
- value: text
description: TEXT
- variable: method
label: Method
schema:
type: string
default: GET
- variable: email
label: Email
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: server
label: Server
schema:
type: string
default: ""
required: true
- variable: port
label: Port
schema:
type: int
default: 587
required: true
- variable: report_to
label: Report To
schema:
type: string
default: ""
required: true
- variable: report_from
label: Report From
schema:
type: string
default: ""
required: true
- variable: skip_login
label: Skip Login
schema:
type: boolean
default: false
- variable: skip_tls
label: Skip TLS
schema:
type: boolean
default: false
- variable: user
label: Username
schema:
type: string
default: ""
- variable: password
label: Password
schema:
type: string
default: ""
- variable: mqtt
label: MQTT
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: broker
label: Broker
schema:
type: string
default: ""
required: true
- variable: port
label: Port
schema:
type: int
default: 587
required: true
- variable: user
label: Username
schema:
type: string
default: ""
- variable: password
label: Password
schema:
type: string
default: ""
- variable: qos
label: QOS
schema:
type: int
default: 0
required: true
- variable: delay_sec
label: Delay Sec
schema:
type: int
default: 2
required: true
- variable: dyndns
label: DynDNS
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: domain
label: Domain
schema:
type: string
default: ""
required: true
- variable: force
label: Force
schema:
type: boolean
default: false
- variable: timeout
label: Timeout
schema:
type: int
default: 20
required: true
- variable: days_data
label: Days Data
schema:
type: int
default: 7
required: true
- variable: days_data
label: Days Data
schema:
type: int
default: 7
required: true
- variable: run
label: Run
schema:
type: string
default: once
required: true
- variable: run_timeout
label: Run Timeout
schema:
type: int
default: 300
required: true
- variable: run_schedule
label: Run Schedule
schema:
type: string
default: "0 4 * * *"
required: true
- variable: pihole
label: PiHole
schema:
additional_attrs: true
type: dict
attrs:
- variable: pihole_active
label: PiHole Active (Not covered by support)
description: If enabled you need to map '/etc/pihole/pihole-FTL.db' with additional storage. Not covered by support
schema:
type: boolean
default: false
- variable: dhcp_active
label: DHCP Active (Not covered by support)
description: If enabled you need to map '/etc/pihole/dhcp.leases' with additional storage. Not covered by support
schema:
type: boolean
default: false
# Include{containerConfig}
# Include{serviceRoot}
- variable: main
label: Main Service
description: The Primary service on which the healthcheck runs, often the webUI
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelectorLoadBalancer}
# Include{serviceSelectorExtras}
- variable: main
label: Main Service Port Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
description: This port exposes the container port on the service
schema:
type: int
default: 10600
required: true
# Include{serviceExpertRoot}
default: true
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceRoot}
- variable: config
label: App Config Storage
description: Stores the Application Configuration.
schema:
additional_attrs: true
type: dict
attrs:
# Include{persistenceBasic}
- variable: db
label: App DB Storage
description: Stores the Application DB.
schema:
additional_attrs: true
type: dict
attrs:
# Include{persistenceBasic}
# Include{persistenceList}
# Include{ingressRoot}
- variable: main
label: Main Ingress
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressList}
# Include{security}
# Include{securityContextAdvancedRoot}
- variable: privileged
label: Privileged mode
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: ReadOnly Root Filesystem
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: Allow Privilege Escalation
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: runAsNonRoot
schema:
type: boolean
default: false
# Include{podSecurityContextRoot}
- variable: runAsUser
label: runAsUser
description: The UserID of the user running the application
schema:
type: int
default: 0
- variable: runAsGroup
label: runAsGroup
description: The groupID this App of the user running the application
schema:
type: int
default: 0
- variable: fsGroup
label: fsGroup
description: The group that should own ALL storage.
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}
# Include{codeserver}
# Include{vpn}
# Include{documentation}

View File

@@ -0,0 +1,148 @@
{{/* Define the configmap */}}
{{- define "pialert.secret" -}}
{{- $secretName := printf "%s-secret" (include "tc.common.names.fullname" .) }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: {{ $secretName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
stringData:
pialert.conf: |
# General
TIMEZONE={{ .Values.TZ | squote }}
PIALERT_WEB_PROTECTION={{ ternary "True" "False" .Values.pialert.general.web_protection }}
{{- if .Values.pialert.general.web_protection }}
PIALERT_WEB_PASSWORD={{ .Values.pialert.general.web_password | squote }}
{{- end }}
PRINT_LOG={{ ternary "True" "False" .Values.pialert.general.print_log }}
REPORT_DASHBOARD_URL={{ .Values.pialert.general.report_dashboard_url | squote }}
DAYS_TO_KEEP_EVENTS={{ .Values.pialert.general.days_to_keep_events }}
SCAN_CYCLE_MINUTES={{ .Values.pialert.general.scan_cycle_minutes }}
{{- with (uniq .Values.pialert.general.included_sections) }}
{{- if gt (len .) 4 -}}
{{- fail "You can define up to 4 unique sections" -}}
{{- end }}
INCLUDED_SECTIONS=[
{{- range $section := initial . }}
{{ . | squote }},
{{- end }}
{{ last . | squote }}
]
{{- else }}
INCLUDED_SECTIONS=['internet','new_devices','down_devices','events']
{{- end }}
{{- with .Values.pialert.general.scan_subnets }}
SCAN_SUBNETS=[
{{- range $entry := initial . }}
{{ (printf "%s --interface=%s" .cidr .interface) | squote }},
{{- end }}
{{- with last . }}
{{ (printf "%s --interface=%s" .cidr .interface) | squote }}
{{- end }}
]
{{- end }}
# PUSHSAFER
REPORT_PUSHSAFER={{ ternary "True" "False" .Values.pialert.pushsafer.enabled }}
{{- if .Values.pialert.pushsafer.enabled }}
PUSHSAFER_TOKEN={{ .Values.pialert.pushsafer.token | squote }}
{{- end }}
# Apprise
REPORT_APPRISE={{ ternary "True" "False" .Values.pialert.apprise.enabled }}
{{- if .Values.pialert.apprise.enabled }}
APPRISE_HOST={{ .Values.pialert.apprise.host | squote }}
APPRISE_URL={{ .Values.pialert.apprise.url | squote }}
{{- end }}
# NTFY
REPORT_NTFY={{ ternary "True" "False" .Values.pialert.ntfy.enabled }}
{{- if .Values.pialert.ntfy.enabled }}
NTFY_HOST={{ .Values.pialert.ntfy.host | squote }}
NTFY_TOPIC={{ .Values.pialert.ntfy.topic | squote }}
NTFY_USER={{ .Values.pialert.ntfy.user | squote }}
NTFY_PASSWORD={{ .Values.pialert.ntfy.password | squote }}
{{- end }}
# Webhooks
REPORT_WEBHOOK={{ ternary "True" "False" .Values.pialert.webhook.enabled }}
{{- if .Values.pialert.webhook.enabled }}
WEBHOOK_URL={{ .Values.pialert.webhook.url | squote }}
WEBHOOK_PAYLOAD={{ .Values.pialert.webhook.payload | squote }}
WEBHOOK_REQUEST_METHOD={{ .Values.pialert.webhook.method | squote }}
{{- end }}
# Email
REPORT_MAIL={{ ternary "True" "False" .Values.pialert.email.enabled }}
{{- if .Values.pialert.email.enabled }}
SMTP_SERVER={{ .Values.pialert.email.server | squote }}
SMTP_PORT={{ .Values.pialert.email.port }}
REPORT_TO={{ .Values.pialert.email.report_to | squote }}
REPORT_FROM={{ .Values.pialert.email.report_from | squote }}
SMTP_SKIP_LOGIN={{ ternary "True" "False" .Values.pialert.email.skip_login }}
{{- with .Values.pialert.email.user }}
SMTP_USER={{ . | squote }}
{{- end }}
{{- with .Values.pialert.email.password }}
SMTP_PASS={{ . | squote }}
{{- end }}
SMTP_SKIP_TLS={{ ternary "True" "False" .Values.pialert.email.skip_tls }}
{{- end }}
# MQTT
REPORT_MQTT={{ ternary "True" "False" .Values.pialert.mqtt.enabled }}
{{- if .Values.pialert.email.enabled }}
MQTT_BROKER={{ .Values.pialert.mqtt.broker | squote }}
MQTT_PORT={{ .Values.pialert.mqtt.port }}
{{- with .Values.pialert.mqtt.user }}
MQTT_USER={{ . | squote }}
{{- end }}
{{- with .Values.pialert.mqtt.password }}
MQTT_PASSWORD={{ . | squote }}
{{- end }}
MQTT_QOS={{ .Values.pialert.mqtt.qos }}
MQTT_DELAY_SEC={{ .Values.pialert.mqtt.delay_sec }}
{{- end }}
# DynDNS
DDNS_ACTIVE={{ ternary "True" "False" .Values.pialert.dyndns.enabled }}
{{- if .Values.pialert.dyndns.enabled }}
DDNS_DOMAIN={{ .Values.pialert.dyndns.domain | squote }}
{{- with .Values.pialert.dyndns.user }}
DDNS_USER={{ . | squote }}
{{- end }}
{{- with .Values.pialert.dyndns.password }}
DDNS_PASSWORD={{ . | squote }}
{{- end }}
DDNS_UPDATE_URL={{ .Values.pialert.dyndns.update_url | squote }}
{{- end }}
# Pholus
PHOLUS_ACTIVE={{ ternary "True" "False" .Values.pialert.pholus.enabled }}
{{- if .Values.pialert.pholus.enabled }}
PHOLUS_TIMEOUT={{ .Values.pialert.pholus.timeout }}
PHOLUS_FORCE={{ ternary "True" "False" .Values.pialert.pholus.force }}
PHOLUS_DAYS_DATA={{ .Values.pialert.pholus.days_data }}
PHOLUS_RUN={{ .Values.pialert.pholus.run | squote }}
PHOLUS_RUN_TIMEOUT={{ .Values.pialert.pholus.run_timeout }}
PHOLUS_RUN_SCHD={{ .Values.pialert.pholus.run_schedule | squote }}
{{- end }}
# PiHole
PIHOLE_ACTIVE={{ ternary "True" "False" .Values.pialert.pihole.pihole_active }}
DHCP_ACTIVE={{ ternary "True" "False" .Values.pialert.pihole.dhcp_active }}
{{- end }}

View File

@@ -0,0 +1,7 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{- include "pialert.secret" . -}}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}

View File

@@ -0,0 +1,142 @@
image:
repository: tccr.io/truecharts/pialert
pullPolicy: IfNotPresent
tag: latest@sha256:a25d25c8d2be38895e4bee0e13f934ed7048a07753e84a6854c9e9b04187fbae
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
hostNetwork: true
pialert:
general:
dark_mode: true
web_protection: false
web_password: ""
print_log: false
report_dashboard_url: http://localhost
days_to_keep_events: 90
scan_cycle_minutes: 5
included_sections: []
scan_subnets:
[]
# - cidr: "192.168.1.0/24"
# interface: eth0
pushsafer:
enabled: false
token: ""
apprise:
enabled: false
host: ""
url: ""
ntfy:
enabled: false
host: ""
topic: ""
user: ""
password: ""
webhook:
enabled: false
url: ""
payload: json
method: GET
email:
enabled: false
server: ""
port: 587
report_to: ""
report_from: ""
skip_login: false
skip_tls: false
user: ""
password: ""
mqtt:
enabled: false
broker: ""
port: 1883
user: ""
password: ""
qos: 0
delay_sec: 2
dyndns:
enabled: false
domain: ""
user: ""
password: ""
update_url: ""
pholus:
enabled: false
timeout: 20
force: false
days_data: 7
run: once
run_timeout: 300
run_schedule: "0 4 * * *"
pihole:
# If enabled you need to map '/etc/pihole/pihole-FTL.db' with additional storage
pihole_active: false
# If enabled you need to map '/etc/pihole/dhcp.leases' with additional storage
dhcp_active: false
env:
HOST_USER_ID: "{{ .Values.podSecurityContext.runAsUser }}"
HOST_USER_GID: "{{ .Values.podSecurityContext.fsGroup }}"
PORT: "{{ .Values.service.main.ports.main.port }}"
service:
main:
ports:
main:
protocol: HTTP
port: 10600
persistence:
config:
enabled: true
mountPath: /home/pi/pialert/config
db:
enabled: true
mountPath: /home/pi/pialert/db
pialert-config:
enabled: true
noMount: true
type: secret
objectName: '{{ template "tc.common.names.fullname" . }}-secret'
initContainers:
init:
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
volumeMounts:
- name: db
mountPath: /home/pi/pialert/db
- name: config
mountPath: /home/pi/pialert/config
- name: pialert-config
mountPath: /tc-pialert.conf
subPath: pialert.conf
command: ["/bin/sh", "-c"]
args:
- |
dark_file="/home/pi/pialert/db/setting_darkmode"
temp_config_file="/tc-pialert.conf"
config_file="/home/pi/pialert/config/pialert.conf"
echo "Copying config file into it's directory.."
cp -f "$temp_config_file" "$config_file" && echo "Copied config file successfully!" || echo "Failed to copy config file..."
{{- if .Values.pialert.general.dark_mode }}
echo "Enabling dark mode file..."
touch "$dark_file" && echo "Created dark mode file!" || echo "Failed to create dark mode file..."
{{- else }}
if [ -f "$dark_file" ]; then
rm -f $dark_file && echo "Dark mode file removed!" || echo "Failed to remove dark mode file..."
else
echo "Dark mode file does not exist, no action is needed."
fi
{{- end }}
portal:
enabled: true