wrenix/flux-charts
1
0
Fork 0
Code Issues 14 Pull requests 1 Projects Releases Packages Wiki Activity Actions

fix(global): migrate to markdown docs

Browse source
This commit is contained in:
WrenIX 2024-11-08 18:32:50 +01:00
parent ebe8b4943b
commit 09752b5221
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
46 changed files with 2062 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
README.md Normal file
View file

@ -0,0 +1,8 @@
---
title: "FluxCD Charts"
weight: 2
---
This repository just contains helm-charts (and some values) which are usable with [FluxCD](https://fluxcd.io/)
Any helm-chart here is supposed to deploy fluxcd-resource and is called in this documentation as component (exclude [Base](base/get-started) which is supposed to bundle multiple components).

23
README.md.gotmpl Normal file
View file

@ -0,0 +1,23 @@
---
title: {{ .Name | quote }}
{{ if .Description }}
description: {{.Description | quote }}
{{ end }}
---
{{ template "chart.header" . }}
{{ template "chart.deprecationWarning" . }}
{{ template "chart.badgesSection" . }}
{{ template "chart.description" . }}
{{ template "chart.homepageLine" . }}
{{ template "chart.maintainersSection" . }}
{{ template "chart.sourcesSection" . }}
{{ template "chart.valuesSection" . }}
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

9
_index.md Normal file
View file

@ -0,0 +1,9 @@
---
title: "Components"
cascade:
- url: "/:sections/:title"
url: "/:sections/:slugorfilename"
weight: 90
---
Test

60
base/README.md Normal file
View file

@ -0,0 +1,60 @@
---
title: "base"
description: "This is an Helm-Chart which creates an overlaye to connect / install multiple flux-charts / components (and use the helm values for it)"
---
# base
![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
This is an Helm-Chart which creates an overlaye to connect / install multiple flux-charts / components (and use the helm values for it)
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Base
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| base.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| base.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| base.helm.release.interval | string | `"10m"` | interval of FluxCD HelmRelease |
| base.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| base.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
| base.helm.release.valuesFrom | list | `[]` | valuesFrom for every components (for use values from ConfigMap or Secret) |
| base.helm.repo.interval | string | `"10m"` | interval of FluxCD Repository |
| base.helm.repo.namespace | string | `nil` | namespace, where the GitRepo resource is installed (maybe needed together with secretRef) |
| base.helm.repo.ref | object | `{"branch":"main"}` | default ref (if no branch is set - maybe overwritten by semver or so) |
| base.helm.repo.secretRef | string | `nil` | secret to get access to the git-repo |
| base.helm.repo.url | string | `"https://codeberg.org/wrenix/flux-charts.git"` | git repo where all components are stored |
| base.helm.repo.verify | string | `nil` | secret to get access to the git-repo |
| base.namespace.labels | object | `{}` | labels for every new created namespace (together or overwritten by components.<component-release-name.namespace.labels) |
### Shared Values - between all components
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons | object | `{}` | commons are values which are additional |
| global | object | `{}` | global are values which overwrite values global |
### A Component
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| components.<component-release-name>.enabled | bool | `false` | enable component-release to install |
| components.<component-release-name>.name | string | `nil` | optional component-name (if not set component-release-name is used as component-name) |
| components.<component-release-name>.namespace.labels | object | `{}` | if create a new namespace use labels (and the common namespace.labels) |
| components.<component-release-name>.namespace.name | string | `nil` | if not set, it reuse namespace where this base-chart is deployed |
| components.<component-release-name>.namespace.skip_create | bool | `false` | use the named namespace but does not create it |
| components.<component-release-name>.values | object | `{}` | set values on component-release |
| components.<component-release-name>.valuesFrom | list | `[]` | valuesFrom just for this component (for use values from ConfigMap or Secret) |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

1
base/_docs.gotmpl Normal file
View file

@ -0,0 +1 @@

169
base/docs/_index.md Normal file
View file

@ -0,0 +1,169 @@
---
title: "Base"
weight: 10
---
This Helm-Chart called base is there to bundle multiple components (helm-charts which maybe deployes another flux-repository).
## Base-Values
On this way, it is possible to use one `values.yaml` to setup multiple-components together or multiple overlapping `values.yaml` (e.g. for staging, stacks and so on).
For example, take an look in my [Infra](../infra) and [myCloud](../mycloud) stack.
{{< callout type="warning" >}}
I will do a versioning of this Base Helmchart and every components chart (but not for my default values).
This is just for my setups.
As in Hint, it is possible to use `valuesFrom:` and deploy ConfigMap, see [fluxcd](https://fluxcd.io/flux/components/helm/helmreleases/#values-references).
{{< /callout >}}
### Shared Values
The values `global:` and `commons:` are down passed into every component values.
This values could be overwritten inside the setup of every component `components.<component-name>.global:` or `components.<component-name>.commons:`.
See also [Components - Values](#values)
## Components
The components are an helmchart in the `commons.helm.chart.sourceRef` root.
Everything else is components specific and could be set under:
``` yaml {filename="base-values.yaml"}
commons:
namespace:
labels:
orgs: example
helm:
release:
install:
test:
upgrade:
driftDetection:
componentCommons:
helm:
release:
interval: 10m
components:
<component-release-name>:
enabled: true <1>
name: <2>
namespace: <3>
name:
labels:
team: my
skip_create: false
valuesFrom: <4>
values: <5>
```
* <1> install this components (or not)
* <2> if set use component by name otherwise component is used by component-release-name
* <3> setup namespace, where component is deployed (e.g. name, labels of namespace, skip-create) if not set use namespace of current Base
* <4> use `valuesFrom` an `Secret` or `ConfigMap`
* <5> use values direct
### Namespace
It is possible to deploy an components into a specific namespace (and create this).
#### Use existing Namespace
``` yaml {filename="base-values.yaml"}
components:
<component-release-name>:
namespace:
name: "default"
skip_create: true
```
#### Same Namespace as Base
``` yaml {filename="base-values.yaml"}
components:
<component-release-name>:
namespace:
name: nil <1>
```
* <1> or never set this part
#### New Namespace
``` yaml {filename="base-values.yaml"}
commons:
namespace:
labels: <1>
orgs: example
components:
<component-release-name>:
namespace:
name: "my-namespace"
labels: <2>
team: my
```
* <1> optional with labels on every new namespace by this component-release
* <2> optional with labels on this component-release
### Values
There are multiple options to set values of an components.
Here in short the four options and order by overwrite priority.
``` yaml {filename="base-values.yaml"}
global: <3>
commons: <3>
componentCommons:
helm:
release:
valuesFrom: <1>
components:
<component-release-name>:
valuesFrom: [] <2>
values: <4>
```
* <1> `valuesFrom` for every components (e.g one or multiple `ConfigMap` or `Secrets`)
* <2> `valuesFrom` of a specific component
* <3> `global:` or `commons` for every componets
* <4> values for a specific component
#### Adjust Component setup (fluxcd values)
``` yaml {filename="base-values.yaml"}
commons: <1>
helm:
release:
install:
test:
upgrade:
driftDetection:
componentCommons:
helm:
release: <2>
interval: 10m
```
* <1> is part of commons, for maybe reuse inside of an component-chart.
* <2> is part of componentCommons for just use of component use level.
#### init-Version
{{< callout type="warning" >}}
Since FluxCD supports driftDetection (with version 2.2) we maybe drop that idea.
{{< /callout >}}
This is a small workaround to setup manifest in later step / rerun an component-chart, as e.g. CRD installation by an HelmRelease which is part of the used Component-Chart.
Helper which should be put into the Component-Chart (with Capabilities if every is there to setup / to retries)
``` yaml {filename="component/templates/configmap.yaml"}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-init
namespace: "{{ .Values.init.namespace }}"
data:
{{- if and
(.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule")
(.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor")
}}
init: "-1"
{{- else }}
init: "{{ add1 .Values.init.version }}"
{{- end }}
```

62
docs/fluxcd/_index.md Normal file
View file

@ -0,0 +1,62 @@
---
title: "FluxCD: Get Started"
slug: "get-started"
weight: 1
cascade:
- url: /:sections[:2]/:sections[3:]/:slugorfilename
---
## Install FluxCD into a cluster
Here i install it with connection to codeberg:
* the path is just for the cluster
* the url a repo where fluxcd (in given path) install itself and monitor
* i just install my needed components (i skip notification-controller, i prefer prometheus and alerting)
```bash
flux bootstrap git --components source-controller,kustomize-controller,helm-controller --path=<path> --url ssh://git@codeberg.org/wrenix/<repo>.git
```
### Secure with verify
Afterwards we need to setup a verification with GPG, so that nobody else could commit any workload in your cluster.
That is because i select an public git hosting (here codeberg), i trust them but maybe it get compromised one time.
in your repository the flux cli has created an `<path>/flux-system/kustomization.yaml`, we will edit them.
```patch
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gotk-components.yaml
- gotk-sync.yaml
+patches:
+ - target:
+ kind: GitRepository
+ name: flux-system
+ patch: |-
+ apiVersion: source.toolkit.fluxcd.io/v1
+ kind: GitRepository
+ metadata:
+ name: flux-system
+ spec:
+ verify: <1>
+ mode: HEAD
+ secretRef:
+ name: gpg-publickey
+
+generatorOptions:
+ disableNameSuffixHash: true <2>
+
+secretGenerator:
+ - name: gpg-publickey <3>
+ namespace: flux-system
+ files:
+ - gpg-publickey/wrenix.gpg <4>
```
* <1> add verify, that only HEAD git commit with valide gpg signature is used
* <2> on the next generate, do not add hash
* <3> generate kubernetes Secret with the name `gpg-publickey` which is used in the patched GitRepository, see <1>
* <4> Add list of valide gpg key files

1
docs/generate.sh
View file

@ -22,6 +22,7 @@ for c in $ROOT_DIR/* ; do
done
helm-docs --chart-search-root "${ROOT_DIR}/" -t ./docs/modules/components/README.adoc.gotmpl -o README.adoc
helm-docs --chart-search-root "${ROOT_DIR}/" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl
##
# infra

117
docs/infra/_index.md Normal file
View file

@ -0,0 +1,117 @@
---
title: Infrastructure
weight: 50
---
a bundle of software which should run on every kubernetes cluster.
# Components
The following components for an infrastructure setup exists:
## Usage
My `base-values/infra.yaml` use for the different components extra namespaces.
{{< callout type="warning" >}}
The `base-values` are not versioned, see [Base](../base).
{{< /callout >}}
``` yaml {filename="Example usage"}
---
apiVersion: v1
kind: Namespace
metadata:
name: infra <1>
---
apiVersion: v1
kind: Secret <2>
metadata:
name: infra-secret
namespace: infra <1>
data:
masterPassword: MASTER_PASSWORD_FOR_GENERATE_EVERY_A_NEW_ONE
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: wrenix-flux-charts <3>
namespace: flux-system
spec:
url: https://codeberg.org/wrenix/flux-charts.git
ref:
branch: main
interval: 10m
# for more info about verification take an look here:
# - https://fluxcd.io/flux/components/source/gitrepositories/#verification
# - https://wrenix.codeberg.page/docs/wrenix-flux/latest/#_secure_with_verify
# later replaced with oci and cosign
# verify:
# mode: HEAD
# secretRef:
# name: gpg-publickey
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: infra <4>
namespace: infra <1>
spec:
chart:
spec:
sourceRef:
kind: GitRepository
name: wrenix-flux-charts <3>
namespace: flux-system
chart: "./base"
reconcileStrategy: "Revision"
valuesFiles:
- "./base/values.yaml"
- "./base-values/commons.yaml" <5>
- "./base-values/infra.yaml" <6>
interval: 10m
values:
##
# Commons
##
commons:
helm:
chart:
sourceRef: <3>
kind: GitRepository
name: wrenix-flux-charts
namespace: flux-system
ingress:
domain: "my-infra.eu" <7>
componentCommons:
helm:
release:
valuesFrom:
- kind: Secret <2>
name: infra-secret
valuesKey: masterPassword
targetPath: commons.masterPassword
##
# Compoments
##
components: <8>
infra-certificates:
values:
email: host.acme@wrenix.eu
infra-monitoring:
values:
prometheus:
exporter:
blackbox:
enabled: true
```
* <1> namespace where install all the components later
* <2> secret to bypass secure values into the infra-components (masterPassword)
* <3> reference where base and all the components are founded by fluxcd
* <4> use of base-helm chart for fluxcd to bundle the different infra-components together
* <5> use my default commons values for flux-chart components
* <6> use my default to setup all commons for infra and infra components
* <7> setup default domain (where subdomains are generate for the different components)
* <8> overwrite componets values (here setup default also certmanager email for Let's Encrypt and setup prometheus-blackbox-exporter)

32
docs/infra/auth.md Normal file
View file

@ -0,0 +1,32 @@
---
title: "Authentification"
---
# Authentification
It is possible to use [mycloud-authentik](../components/mycloud-authentik) (or with [`./base-values/mycloud-core.yaml`](base-values/mycloud-core.yaml)).
``` yaml {filename="base-auth-values.yaml"}
commons:
auth:
enabled: true <1>
namespace: "mycloud" <2>
authentik:
domain: "auth.wrenix.eu" <3>
backend: "mycloud-authentik-hr" <4>
components:
infra-monitoring:
grafana:
auth:
anonymous:
enabled: false <5>
```
* <1> enable to configurate own ressurces and mycloud (blueprint for authentik)
* <2> namespace where authentik of mycloud runs (where to put blueprint secrets)
* <3> domain of authentik (for setup OIDCs and so on on own instances)
* <4> backend of authentik for logout ingresses of infra-components
* <5> configure grafana to disable anonymous auth (just use authentik SSO / OIDC)
For the following software an proxy based setup handled (current just traefik is supported):
* alertmanager
* karma
* prometheus

37
docs/infra/monitoring.md Normal file
View file

@ -0,0 +1,37 @@
---
title: "Monitoring"
---
# Monitoring
We deploy by default all resources to monitor every deployment.
For adjusting of the labels, there are following values in [`./base-values/commons.yaml`](https://codeberg.org/wrenix/flux-charts/src/branch/main/base-values/commons.yaml).
``` yaml {filename="base-monitor-values.yaml"}
commons:
grafana:
datasource:
labels: <1>
grafana_datasource: "1"
dashboards:
labels: <2>
grafana_dashboard: "1"
annotations: <3>
prometheus:
alertmanager:
labels: <4>
alertmanager: default
monitor:
labels: <5>
prometheus: default
rules:
labels: <6>
prometheus: default
```
* <1> used labels on `Secrets` and `ConfigMap` metadata for usage for filter for Datasource of Grafana-Sidecar
* <2> used labels on `Secrets` and `ConfigMap` metadata for usage for filter for Dashboards of Grafana-Sidecar
* <3> used annotations on `Secrets` and `ConfigMap` metadata of Dashboards for usage configuration of Grafana-Sidecar (useful for but Dashboards into Folders on Grafana)
* <4> used labels on `AlertmanagerConfig` metadata for usage for filter on `Alertmanager` instance of [prometheus-operator](https://prometheus-operator.dev/)
* <5> used labels on `ServiceMonitor` and `PodMonitor` metadata for usage for filter on `Prometheus` instance of [prometheus-operator](https://prometheus-operator.dev/)
* <6> used labels on `PrometheusRules` metadata for usage for filter on `Prometheus` instance of [prometheus-operator](https://prometheus-operator.dev/)

147
docs/mycloud/_index.md Normal file
View file

@ -0,0 +1,147 @@
---
title: "myCloud"
weight: 60
---
# myCloud
a bundle of OpenSource Software with one user management.
Current based only on: [authentik](https://goauthentik.io)
## First Login
Your main Account must be initalized:
`https://auth.<commons.ingress.domain>/if/flow/initial-setup/`
## Components
The following components for an myCloud setup exists:
include::partial-list-components.adoc[]
## Usage
My `base-values/mycloud-*.yaml` does not set any namespace, so the same the the Base-Helmchart is used (maybe you like to use multiple myClouds in different namespaces).
.Example usage (warning, the `base-values` are not versioned, see xref:base:index.adoc[Base]):
``` yaml {filename="fluxcd-mycloud.yaml"}
---
apiVersion: v1
kind: Namespace
metadata:
name: mycloud <1>
---
apiVersion: v1
kind: Secret <2>
metadata:
name: mycloud-mail
namespace: mycloud <1>
data:
password: MAIL_ACCOUNT_PASSWORD
---
apiVersion: v1
kind: Secret <3>
metadata:
name: mycloud-master-password
namespace: mycloud <1>
data:
masterPassword: MASTER_PASSWORD_FOR_GENERATE_EVERY_A_NEW_ONE
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: wrenix-flux-charts <4>
namespace: flux-system
spec:
url: https://codeberg.org/wrenix/flux-charts.git
ref:
branch: main
interval: 10m
# for more info about verification take an look here:
# - https://fluxcd.io/flux/components/source/gitrepositories/#verification
# - https://wrenix.codeberg.page/docs/wrenix-flux/latest/#_secure_with_verify
# later replaced with oci and cosign
# verify:
# mode: HEAD
# secretRef:
# name: gpg-publickey
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: mycloud <1>
namespace: mycloud <2>
spec:
chart:
spec:
sourceRef:
kind: GitRepository
name: wrenix-flux-charts <3>
namespace: flux-system
chart: "./base"
reconcileStrategy: "Revision"
valuesFiles:
- "./base/values.yaml"
- "./base-values/commons.yaml" <4>
- "./base-values/mycloud-core.yaml" <5>
- "./base-values/mycloud-nextcloud.yaml" <6>
- "./base-values/mycloud-collabora.yaml" <7>
interval: 10m
values:
base:
helm:
release:
valuesFrom:
- kind: Secret <8>
name: mycloud-secrets
valuesKey: masterPassword
targetPath: commons.masterPassword
- kind: Secret <9>
name: mycloud-secrets
valuesKey: password
targetPath: commons.mail.password
##
# Commons
##
commons:
mail: <10>
host: "posteo.de"
username: "mycloud@posteo.net"
use_tls: true
from: "mycloud@posteo.net"
helm:
chart:
sourceRef: <11>
kind: GitRepository
name: wrenix-flux-charts
namespace: flux-system
ingress:
domain: "mycloud.eu" <12>
##
# Compoments
##
components:
mycloud-nextcloud:
values: <13>
quota: "100 MB"
```
* <1> use of base-helm chart for fluxcd to bundle the different mycloud-components together
* <2> namespace where install all the components later
* <3> reference where base are founded by fluxcd
* <4> use my default commons values for flux-chart components
* <5> use my default to setup all commons for mycloud-components and the mycloud-core components (e.g. xref:components:mycloud-services.adoc[mycloud-services] and xref:components:mycloud-authentik.adoc[mycloud-authentik])
* <6> use my default values for usage of xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud] (it also configure xref:components:mycloud-services.adoc[mycloud-services] for another database and xref:components:mycloud-authentik.adoc[mycloud-authentik] for user management)
* <7> use my default values for usage of xref:components:mycloud-collabora.adoc[mycloud-collabora] (it also configure xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud] if it is also used)
* <8> secret to bypass secure values into the mycloud-components (mail)
* <9> secret to bypass secure values into the mycloud-components (masterPassword)
* <10> setup default mail configuration (for all components) for more commons values take an look into the used components (or `base-values`)
* <11> reference where all the components are foundet by fluxcd (e.g. same then the base chart, see <3>)
* <12> setup default domain (where subdomains are generate for the different components)
* <13> overwrite componets values (here setup default quota for an use in xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud])

84
docs/mycloud/ingress.md Normal file
View file

@ -0,0 +1,84 @@
---
title: "Ingress"
---
# Ingress
Per default, the ingress domain and tls could be set,
The domain is used, to set for every components per default an subdomain by this domain.
(This could be overwritten by see [Change Host / Domain per Components](#change_host__domain_per_components).)
If you do not like to setup for every ingress-tls an new cert secrets (e.g. you do not use an cert-manager), the you could override it global with your on entry.
``` yaml {filename="base-mycloud-ingress-values.yaml"}
commons:
ingress:
domain:
tls:
enabled: true
override:
```
## Annotations
It is possible to set annotations global or per components:
``` yaml {filename="base-mycloud-ingress-values.yaml"}
commons:
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
components:
mycloud-authentik:
values:
ingress:
annotations:
traefik.ingress.kubernetes.io/router.middlewares: ingress-redirect-https@kubernetescrd
```
## Change Host / Domain per Components
### Authentik
``` yaml {filename="base-mycloud-authentik-values.yaml"}
commons:
auth:
host: "login.wrenix.eu"
components:
mycloud-authentik:
values:
ingress:
host: "login.wrenix.eu"
```
### Nextcloud
``` yaml {filename="base-mycloud-nextcloud-values.yaml"}
components:
mycloud-nextcloud:
values:
ingress:
host: "files.wrenix.eu:"
mycloud-collabora:
values:
allowedHosts:
files.wrenix.eu: []
```
### Collabora
``` yaml {filename="base-mycloud-collabora-values.yaml"}
components:
mycloud-nextcloud:
values:
apps:
richdocuments:
enabled: true
config:
wopi_url: "https://office.wrenix.eu"
mycloud-collabora:
values:
ingress:
host: "office.wrenix.eu"
```

28
docs/mycloud/mail.md Normal file
View file

@ -0,0 +1,28 @@
---
title: "Mail"
---
# Mail
``` yaml {filename="base-mycloud-mail.yaml"}
commons:
mail:
host:
username:
password:
from: "no-reply@example.org"
use_tls: false
use_ssl: false
components:
mycloud-authentik:
values:
mail:
from:
mycloud-nextcloud:
values:
mail:
from:
host:
authtype: PLAIN
```

32
docs/mycloud/persistence.md Normal file
View file

@ -0,0 +1,32 @@
---
title: "Persistence"
---
# Persistence
``` yaml {filename="base-mycloud-persistant-values.yaml"}
commons:
persistence:
storageClass:
hostPath:
enabled: false
prefix: "/var/lib/mycloud"
components:
mycloud-services:
values:
postgresql:
persistence:
storageClass:
size: "10G"
mycloud-nextcloud:
values:
persistence:
main:
pvc: "nextcloud"
size: 8Gi
data:
pvc: "nextcloud-data"
size: 16Gi
```

20
docs/mycloud/theme.md Normal file
View file

@ -0,0 +1,20 @@
---
title: "Theme"
---
# Theme
``` yaml {filename="base-mycloud-theme.yaml"}
commons:
theme:
title:
logo:
favicon:
components:
mycloud-authentik:
values:
theme:
background: >
```

48
infra-certificates/README.md Normal file
View file

@ -0,0 +1,48 @@
---
title: "infra-certificates"
description: "Install all certificate related"
---
# infra-certificates
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
Install all certificate related
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap |
| commons.grafana.datasource.labels | object | `{"grafana_datasource":"1"}` | labels of grafana datasource configmap and secret |
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
| email | string | `"an@example.org"` | |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
infra-certificates/_docs.gotmpl Normal file
View file

39
infra-fluxcd/README.md Normal file
View file

@ -0,0 +1,39 @@
---
title: "infra-fluxcd"
description: "Install resources for FluxCD (e.g. grafana dashboards, prometheus podmonitor)"
---
# infra-fluxcd
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
Install resources for FluxCD (e.g. grafana dashboards, prometheus podmonitor)
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap |
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| prometheus.kubeStateMetricsConfig.namespace | string | `nil` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
infra-fluxcd/_docs.gotmpl Normal file
View file

5
infra-ingress/README.adoc
View file

@ -120,6 +120,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `0`
|
| logs.access
| bool
| `false`
|
| traefik.additionalArguments
| list
| `[]`

67
infra-ingress/README.md Normal file
View file

@ -0,0 +1,67 @@
---
title: "infra-ingress"
description: "Setup an ingress"
---
# infra-ingress
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
Setup an ingress
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
### Commons Tracing
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.tracing.enabled | bool | `false` | enable tracing on all components |
| commons.tracing.grpc.enabled | bool | `true` | prefer grpc over http |
| commons.tracing.grpc.endpoint | string | `"tempo.monitoring.svc:4317"` | grpc endpoint |
| commons.tracing.grpc.insecure | bool | `true` | allow insecure connection per grpc |
| commons.tracing.http.endpoint | string | `"http://tempo.monitoring.svc:4318/v1/traces"` | http endpoint |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| controller | string | `"traefik"` | |
| external | bool | `true` | |
| hostNetwork | bool | `true` | |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| logs.access | bool | `false` | |
| traefik.additionalArguments | list | `[]` | |
| traefik.hostPath | string | `"/srv/k8s/pv/pvc-traefik-certs"` | |
| traefik.ports | object | `{}` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
infra-ingress/_docs.gotmpl Normal file
View file

50
infra-logging/README.md Normal file
View file

@ -0,0 +1,50 @@
---
title: "infra-logging"
description: "Install all logging related"
---
# infra-logging
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
Install all logging related
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap |
| commons.grafana.datasource.labels | object | `{"grafana_datasource":"1"}` | labels of grafana datasource configmap and secret |
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| fluentd.replicas | int | `1` | |
| grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| loki.enabled | bool | `true` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
infra-logging/_docs.gotmpl Normal file
View file

116
infra-monitoring/README.md Normal file
View file

@ -0,0 +1,116 @@
---
title: "infra-monitoring"
description: "Install all monitoring related"
---
# infra-monitoring
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
Install all monitoring related
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `false` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| alertmanager.auth.anonymous.enabled | bool | `false` | |
| alertmanager.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) |
| alertmanager.ingress.enabled | bool | `true` | |
| alertmanager.ingress.host | string | `""` | |
| alertmanager.inhibitRules | list | `[]` | additional inhibitRules |
| alertmanager.receiver.customs | object | `{}` | customs |
| alertmanager.receiver.matrix.default | string | `"!example-room:matrix.org"` | |
| alertmanager.receiver.matrix.enabled | bool | `false` | |
| alertmanager.receiver.matrix.homeserver | string | `"https://matrix.org"` | |
| alertmanager.receiver.matrix.rooms | object | `{}` | |
| alertmanager.receiver.matrix.sendResolved | bool | `false` | |
| alertmanager.receiver.matrix.token | string | `""` | token of matrix reciever (use valuesFrom in flux for it) |
| alertmanager.receiver.matrix.userID | string | `"@alert:matrix.org"` | |
| alertmanager.receiver.ntfy.config.labels | object | `{"entries":[{"label":"severity","priority":4,"tags":["rotating_light"],"value":"critical"},{"label":"severity","priority":3,"tags":["warning"],"value":"warning"},{"label":"severity","priority":1,"tags":["information_source"],"value":"info"}],"order":["severity"]}` | label of alert to ntfy message config |
| alertmanager.receiver.ntfy.config.ntfy.topic | string | `"https://ntfy.wrenix.eu/alertmanager-example"` | |
| alertmanager.receiver.ntfy.config.password | string | `nil` | password used between alertmanager and ntfy reciever generated from commons.masterPassword |
| alertmanager.receiver.ntfy.config.user | string | `"alertmanager-to-ntfy"` | user used between alertmanager and ntfy receiver |
| alertmanager.receiver.ntfy.enabled | bool | `false` | |
| alertmanager.receiver.ntfy.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) |
| alertmanager.receiver.ntfy.ingress.enabled | bool | `false` | |
| alertmanager.receiver.ntfy.ingress.host | string | `nil` | |
| alertmanager.receiver.ntfy.sendResolved | bool | `false` | |
| alertmanager.route.groupBy | list | `["namespace","alertname"]` | groupBy |
| alertmanager.route.repeatInterval | string | `"24h"` | repeat Interval |
| alertmanager.route.routes | list | `[]` | would overwrite defaults (like ntfy or matrix) # send every alert to ntfy # (and continue to routing for that alert) - receiver: "ntfy-default" continue: true # send selected alerts to special matrix room # (and remove them for evaluation - no continue) - receiver: "matrix-room-name" matchers: - name: "team" matchType: "=" value: "room-name" # all reminig alerts to matrix default room - receiver: "matrix-default" |
| commons.auth.authentik.backend | string | `"authentik-server"` | |
| commons.auth.authentik.domain | string | `""` | |
| commons.auth.enabled | bool | `false` | |
| commons.auth.namespace | string | `""` | |
| commons.auth.type | string | `"authentik"` | |
| grafana.adminPassword | string | `nil` | generated from commons.masterPassword |
| grafana.auth.anonymous.enabled | bool | `true` | |
| grafana.auth.authentik.clientID | string | `nil` | generated from commons.masterPassword |
| grafana.auth.authentik.clientSecret | string | `nil` | generated from commons.masterPassword |
| grafana.auth.enabled | bool | `false` | |
| grafana.dashboards.annotations."grafana.mon.local/dashboard-folder" | string | `"Kubernetes"` | |
| grafana.dashboards.folderAnnotation | string | `"grafana.mon.local/dashboard-folder"` | |
| grafana.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) |
| grafana.ingress.enabled | bool | `true` | |
| grafana.ingress.host | string | `""` | |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| karma.additionalAlertmanager | string | `nil` | |
| karma.auth.anonymous.enabled | bool | `false` | |
| karma.enabled | bool | `true` | |
| karma.filters.default[0] | string | `"@state=active"` | |
| karma.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) |
| karma.ingress.enabled | bool | `true` | |
| karma.ingress.host | string | `""` | |
| prometheus.auth.anonymous.enabled | bool | `false` | |
| prometheus.exporter.blackbox.enabled | bool | `true` | |
| prometheus.exporter.blackbox.hostNetwork | bool | `false` | |
| prometheus.exporter.blackbox.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) |
| prometheus.exporter.blackbox.ingress.enabled | bool | `false` | enable ingress for blackbox-exporter |
| prometheus.exporter.blackbox.ingress.host | string | `""` | default use .Values.commons.ingress.host with prefix: `blackbox.exporter` |
| prometheus.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) |
| prometheus.ingress.enabled | bool | `true` | |
| prometheus.ingress.host | string | `""` | |
| tempo.enabled | bool | `false` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
infra-monitoring/_docs.gotmpl Normal file
View file

70
infra-trivy/README.md Normal file
View file

@ -0,0 +1,70 @@
---
title: "infra-trivy"
description: "deploy trivy-operator"
---
# infra-trivy
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
deploy trivy-operator
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap |
| commons.prometheus.alertmanager.labels | object | `{}` | labels on AlertmanagerConf |
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| prometheus.rules.clusterCompliance.enabled | bool | `false` | |
| prometheus.rules.clusterRBACAssessments.enabled | bool | `false` | |
| prometheus.rules.clusterRBACAssessments.info.enabled | bool | `false` | |
| prometheus.rules.clusterRBACAssessments.warning.enabled | bool | `false` | |
| prometheus.rules.enabled | bool | `true` | |
| prometheus.rules.imageExposedSecrets.enabled | bool | `true` | |
| prometheus.rules.imageExposedSecrets.info.enabled | bool | `false` | |
| prometheus.rules.imageExposedSecrets.warning.enabled | bool | `false` | |
| prometheus.rules.imageVulnerabilities.enabled | bool | `false` | |
| prometheus.rules.imageVulnerabilities.info.enabled | bool | `false` | |
| prometheus.rules.imageVulnerabilities.warning.enabled | bool | `false` | |
| prometheus.rules.infraAssessments.enabled | bool | `true` | |
| prometheus.rules.infraAssessments.info.enabled | bool | `true` | |
| prometheus.rules.infraAssessments.warning.enabled | bool | `true` | |
| prometheus.rules.resourceConfigAudits.enabled | bool | `true` | |
| prometheus.rules.resourceConfigAudits.info.enabled | bool | `false` | |
| prometheus.rules.resourceConfigAudits.warning.enabled | bool | `false` | |
| prometheus.rules.roleRBACAssessments.enabled | bool | `false` | |
| prometheus.rules.roleRBACAssessments.info.enabled | bool | `false` | |
| prometheus.rules.roleRBACAssessments.warning.enabled | bool | `false` | |
| scans.concurrent | int | `2` | |
| scans.ttl | string | `"168h"` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
infra-trivy/_docs.gotmpl Normal file
View file

94
mycloud-authentik/README.md Normal file
View file

@ -0,0 +1,94 @@
---
title: "mycloud-authentik"
description: "A mycloud components using authentik (for central authentification using SSO)"
---
# mycloud-authentik
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
A mycloud components using authentik (for central authentification using SSO)
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `true` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons mail
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.mail.from | string | `nil` | send from address |
| commons.mail.host | string | `nil` | smtp server |
| commons.mail.password | string | `nil` | smtp password |
| commons.mail.use_ssl | bool | `false` | smtp server use ssl |
| commons.mail.use_tls | bool | `false` | smtp server use start tls |
| commons.mail.username | string | `nil` | smtp username |
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons Redis
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.redis.replicas | int | `0` | replicas |
### Commons theme
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere |
| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere |
| commons.theme.title | string | `"myCloud"` | title everywhere |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services |
| database.name | string | `"authentik"` | |
| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) |
| database.username | string | `"authentik"` | |
| ingress.annotations | string | `nil` | |
| ingress.host | string | `nil` | default: auth.(Values.commons.ingress.domain) |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| mail.from | string | `nil` | generade by Values.commons.mail.from |
| secret_key | string | `nil` | generated by .Values.commons.masterPassword |
| theme.background | string | `nil` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
mycloud-authentik/_docs.gotmpl Normal file
View file

66
mycloud-collabora/README.md Normal file
View file

@ -0,0 +1,66 @@
---
title: "mycloud-collabora"
description: "myCloud component to setup collabora"
---
# mycloud-collabora
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
myCloud component to setup collabora
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap |
| commons.grafana.dashboards.labels | object | `{}` | labels of grafana dashboard configmap |
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `true` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| adminPassword | string | `nil` | adminPassword to access collabora admin platform |
| allowedHosts | object | `{}` | allowed host to use this collabora instance if not set we allow defaults (like nextcloud) example: main.host.de: [ "alias1.host.de", "alias2.host.de" ] |
| ingress.annotations | object | `{"haproxy-ingress.github.io/assign-backend-server-id":"true","haproxy-ingress.github.io/balance-algorithm":"url_param WOPISrc","haproxy-ingress.github.io/config-backend":"hash-type consistent acl admin_url path_beg /cool/getMetrics acl admin_url path_beg /cool/adminws/ acl admin_url path_beg /browser/dist/admin/admin.html http-request deny if admin_url","haproxy-ingress.github.io/timeout-tunnel":"3600s","nginx.ingress.kubernetes.io/server-snippet":"location /cool/getMetrics { deny all; return 403; }\nlocation /cool/adminws/ { deny all; return 403; }\nlocation /browser/dist/admin/admin.html { deny all; return 403; }\n","nginx.ingress.kubernetes.io/upstream-hash-by":"$arg_WOPISrc"}` | ingress annotatations - default are all the best practise of collabora |
| ingress.host | string | `nil` | default: fs.(Values.commons.ingress.domain) |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
mycloud-collabora/_docs.gotmpl Normal file
View file

92
mycloud-firefly-iii/README.md Normal file
View file

@ -0,0 +1,92 @@
---
title: "mycloud-firefly-iii"
description: "A Helm chart for Kubernetes"
---
# mycloud-firefly-iii
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
A Helm chart for Kubernetes
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) |
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `true` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons mail
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.mail.from | string | `nil` | send from address |
| commons.mail.host | string | `nil` | smtp server |
| commons.mail.password | string | `nil` | smtp password |
| commons.mail.use_ssl | bool | `false` | smtp server use ssl |
| commons.mail.use_tls | bool | `false` | smtp server use start tls |
| commons.mail.username | string | `nil` | smtp username |
### Commons Persistence
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC |
| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path |
| commons.persistence.storageClass | string | `nil` | storageClass of PVC |
### Commons theme
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere |
| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere |
| commons.theme.title | string | `"myCloud"` | title everywhere |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.auth.authentik.backend | string | `"mycloud-authentik-hr-server"` | |
| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services |
| database.name | string | `"firefly"` | |
| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) |
| database.username | string | `"firefly"` | |
| ingress.annotations | object | `{}` | |
| ingress.host | string | `nil` | default: social.(Values.commons.ingress.domain) |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| mail.from | string | `nil` | generade by Values.commons.mail.from |
| mail.host | string | `nil` | default Values.commons.mail.host |
| persistence.size | string | `"16Gi"` | |
| persistence.storageClass | string | `nil` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
mycloud-firefly-iii/_docs.gotmpl Normal file
View file

5
mycloud-gotosocial/README.adoc
View file

@ -255,6 +255,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `0`
|
| instance
| object
| `{}`
| see https://codeberg.org/wrenix/helm-charts/src/branch/main/gotosocial#_values
| mail.from
| string
| `nil`

111
mycloud-gotosocial/README.md Normal file
View file

@ -0,0 +1,111 @@
---
title: "mycloud-gotosocial"
description: "myCloud component to setup gotosocial"
---
# mycloud-gotosocial
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
myCloud component to setup gotosocial
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) |
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `true` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons mail
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.mail.from | string | `nil` | send from address |
| commons.mail.host | string | `nil` | smtp server |
| commons.mail.password | string | `nil` | smtp password |
| commons.mail.use_ssl | bool | `false` | smtp server use ssl |
| commons.mail.use_tls | bool | `false` | smtp server use start tls |
| commons.mail.username | string | `nil` | smtp username |
### Commons Persistence
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC |
| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path |
| commons.persistence.storageClass | string | `nil` | storageClass of PVC |
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons theme
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere |
| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere |
| commons.theme.title | string | `"myCloud"` | title everywhere |
### Commons Tracing
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.tracing.enabled | bool | `false` | enable tracing on all components |
| commons.tracing.grpc.enabled | bool | `true` | prefer grpc over http |
| commons.tracing.grpc.endpoint | string | `"tempo.monitoring.svc:4317"` | grpc endpoint |
| commons.tracing.grpc.insecure | bool | `true` | allow insecure connection per grpc |
| commons.tracing.http.endpoint | string | `"http://tempo.monitoring.svc:4318/v1/traces"` | http endpoint |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| auth.clientID | string | `nil` | generated by .Values.commons.masterPassword |
| auth.clientSecret | string | `nil` | generated by .Values.commons.masterPassword |
| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services |
| database.name | string | `"gotosocial"` | |
| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) |
| database.username | string | `"gotosocial"` | |
| ingress.annotations | string | `nil` | |
| ingress.host | string | `nil` | default: social.(Values.commons.ingress.domain) |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| instance | object | `{}` | see https://codeberg.org/wrenix/helm-charts/src/branch/main/gotosocial#_values |
| mail.from | string | `nil` | generade by Values.commons.mail.from |
| mail.host | string | `nil` | default Values.commons.mail.host |
| persistence.size | string | `"16Gi"` | |
| persistence.storageClass | string | `nil` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
mycloud-gotosocial/_docs.gotmpl Normal file
View file

172
mycloud-matrix/README.md Normal file
View file

@ -0,0 +1,172 @@
---
title: "mycloud-matrix"
description: "myCloud component to setup matrix"
---
# mycloud-matrix
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
myCloud component to setup matrix
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) |
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.grafana.dashboards.annotations | string | `nil` | annotations of grafana dashboard configmap |
| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap |
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `true` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons mail
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.mail.from | string | `nil` | send from address |
| commons.mail.host | string | `nil` | smtp server |
| commons.mail.password | string | `nil` | smtp password |
| commons.mail.use_ssl | bool | `false` | smtp server use ssl |
| commons.mail.use_tls | bool | `false` | smtp server use start tls |
| commons.mail.username | string | `nil` | smtp username |
### Commons Persistence
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC |
| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path |
| commons.persistence.storageClass | string | `nil` | storageClass of PVC |
### Commons theme
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere |
| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere |
| commons.theme.title | string | `"myCloud"` | title everywhere |
### Commons Tracing
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.tracing.enabled | bool | `false` | enable tracing on all components |
| commons.tracing.grpc.enabled | bool | `true` | prefer grpc over http |
| commons.tracing.grpc.endpoint | string | `"tempo.monitoring.svc:4317"` | grpc endpoint |
| commons.tracing.grpc.insecure | bool | `true` | allow insecure connection per grpc |
| commons.tracing.http.endpoint | string | `"http://tempo.monitoring.svc:4318/v1/traces"` | http endpoint |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| bridge.signal.admins | list | `[]` | |
| bridge.signal.enabled | bool | `false` | |
| bridge.slack.admins | list | `[]` | |
| bridge.slack.enabled | bool | `false` | |
| commons.networkpolicies.enabled | bool | `false` | |
| commons.networkpolicies.from.ingress | list | `[]` | |
| commons.networkpolicies.from.metrics | list | `[]` | |
| commons.networkpolicies.to.dns | list | `[]` | |
| commons.networkpolicies.to.matrix | list | `[]` | |
| commons.networkpolicies.to.smtp | list | `[]` | |
| databases.authenticationService.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services |
| databases.authenticationService.name | string | `"matrix-authentication-service"` | |
| databases.authenticationService.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) |
| databases.authenticationService.username | string | `"matrix-authentication-service"` | |
| databases.bridge.signal.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services |
| databases.bridge.signal.name | string | `"matrix-bridge-signal"` | |
| databases.bridge.signal.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) |
| databases.bridge.signal.username | string | `"matrix-bridge-signal"` | |
| databases.bridge.slack.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services |
| databases.bridge.slack.name | string | `"matrix-bridge-slack"` | |
| databases.bridge.slack.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) |
| databases.bridge.slack.username | string | `"matrix-bridge-slack"` | |
| databases.server.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services |
| databases.server.name | string | `"matrix-synapse"` | |
| databases.server.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) |
| databases.server.username | string | `"matrix-synapse"` | |
| databases.slidingSync.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services |
| databases.slidingSync.name | string | `"matrix-sliding-sync"` | |
| databases.slidingSync.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) |
| databases.slidingSync.username | string | `"matrix-sliding-sync"` | |
| ingress.authenticationService.annotations | object | `{}` | |
| ingress.authenticationService.host | string | `nil` | default: auth.matrix.(.commons.ingress.domain) |
| ingress.element.annotations | object | `{}` | |
| ingress.element.config.features.feature_location_share_live | bool | `true` | |
| ingress.element.config.features.feature_new_room_decoration_ui | bool | `true` | |
| ingress.element.config.features.feature_notifications | bool | `true` | |
| ingress.element.enabled | bool | `true` | |
| ingress.element.host | string | `nil` | default: element.(.commons.ingress.domain) |
| ingress.elementCall.annotations | object | `{}` | |
| ingress.elementCall.enabled | bool | `false` | deploy element-call |
| ingress.elementCall.host | string | `nil` | default: call.(.commons.ingress.domain) |
| ingress.elementCall.livekitJWT.host | string | `nil` | default: call.(.commons.ingress.domain) |
| ingress.elementCall.livekitJWT.livekit.host | string | `nil` | default: .ingress.livekit.host |
| ingress.elementCall.livekitJWT.livekit.key | string | `nil` | default: .livekit.key |
| ingress.elementCall.livekitJWT.livekit.secret | string | `nil` | default: .livekit.secret |
| ingress.hydrogen.annotations | object | `{}` | |
| ingress.hydrogen.enabled | bool | `false` | |
| ingress.hydrogen.host | string | `nil` | default: hydrogen.(.commons.ingress.domain) |
| ingress.livekit.annotations | object | `{}` | |
| ingress.livekit.enabled | bool | `false` | |
| ingress.livekit.host | string | `nil` | default: sfu.call.(.commons.ingress.domain) |
| ingress.server.annotations | object | `{}` | |
| ingress.server.host | string | `nil` | default: matrix.(.commons.ingress.domain) |
| ingress.server.wellknown.client."m.tile_server".map_style_url | string | `"https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"` | |
| ingress.slidingSync.annotations | object | `{}` | |
| ingress.slidingSync.host | string | `nil` | default: sliding.matrix.(.commons.ingress.domain) |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| livekit.enabled | bool | `false` | deploy livekit for usage with element-call |
| livekit.key | string | `"dev"` | key for api (kind of username) |
| livekit.secret | string | `nil` | secret for api a kind of password (default: generated by .commons.masterPassword) |
| persistence.size | string | `"16Gi"` | |
| persistence.storageClass | string | `nil` | |
| server.auth.clientID | string | `nil` | generated by .commons.masterPassword |
| server.auth.clientSecret | string | `nil` | generated by .commons.masterPassword |
| server.auth.webClient | string | `nil` | default: element.(.commons.ingress.domain) |
| server.authenticationService.admins | list | `[]` | |
| server.authenticationService.enabled | bool | `false` | |
| server.host | string | `nil` | default: (commons.ingress.domain) |
| server.mail.from | string | `nil` | generade by .commons.mail.from |
| server.mail.host | string | `nil` | default .commons.mail.host |
| server.scaling | bool | `false` | |
| server.slidingSync.enabled | bool | `false` | |
| server.software | string | `"synapse"` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
mycloud-matrix/_docs.gotmpl Normal file
View file

136
mycloud-nextcloud/README.md Normal file
View file

@ -0,0 +1,136 @@
---
title: "mycloud-nextcloud"
description: "myCloud component to setup nextcloud"
---
# mycloud-nextcloud
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
myCloud component to setup nextcloud
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) |
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `true` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons mail
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.mail.from | string | `nil` | send from address |
| commons.mail.host | string | `nil` | smtp server |
| commons.mail.password | string | `nil` | smtp password |
| commons.mail.use_ssl | bool | `false` | smtp server use ssl |
| commons.mail.use_tls | bool | `false` | smtp server use start tls |
| commons.mail.username | string | `nil` | smtp username |
### Commons Persistence
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC |
| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path |
| commons.persistence.storageClass | string | `nil` | storageClass of PVC |
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons Redis
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.redis.replicas | int | `0` | replicas |
### Commons theme
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere |
| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere |
| commons.theme.title | string | `"myCloud"` | title everywhere |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| adminPassword | string | `nil` | generated by .Values.commons.masterPassword |
| apps.calendar.enabled | bool | `true` | |
| apps.checksum.enabled | bool | `true` | |
| apps.contacts.enabled | bool | `true` | |
| apps.dashboard.enabled | bool | `false` | |
| apps.deck.enabled | bool | `true` | |
| apps.firstrunwizard.enabled | bool | `false` | |
| apps.memories.enabled | bool | `false` | |
| apps.notes.enabled | bool | `true` | |
| apps.richdocuments.config.wopi_url | string | `nil` | |
| apps.richdocuments.enabled | bool | `false` | |
| auth.clientID | string | `nil` | generated by .Values.commons.masterPassword |
| auth.clientSecret | string | `nil` | generated by .Values.commons.masterPassword |
| auth.idMapping | string | `"sub"` | oidc field which us used as id in nextcloud for username (for security reason it is sub, but could be overwritten by username) https://goauthentik.io/integrations/services/nextcloud/#provider-and-application |
| chart.ref | object | `{"branch":"main"}` | for default set: null |
| chart.url | string | `"https://github.com/wrenix/nextcloud-helm.git"` | for default set: https://nextcloud.github.io/helm/ |
| commons.networkpolicies.enabled | bool | `false` | |
| commons.networkpolicies.from.ingress | list | `[]` | |
| commons.networkpolicies.from.metrics | list | `[]` | |
| commons.networkpolicies.to.dns | list | `[]` | |
| config | object | `{}` | |
| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services |
| database.name | string | `"nextcloud"` | |
| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) |
| database.username | string | `"nextcloud"` | |
| default.language | string | `"en"` | |
| default.maintenanceWindowStart | int | `1` | |
| default.phoneRegion | string | `"GB"` | |
| imaginary.enabled | bool | `true` | |
| ingress.annotations | string | `nil` | |
| ingress.host | string | `nil` | default: fs.(Values.commons.ingress.domain) |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
| limits.memory | string | `"512M"` | |
| limits.upload | string | `"2G"` | |
| mail.authtype | string | `"PLAIN"` | |
| mail.from | string | `nil` | generade by Values.commons.mail.from |
| mail.host | string | `nil` | default Values.commons.mail.host |
| persistence.data.pvc | string | `"nextcloud-data"` | |
| persistence.data.size | string | `"16Gi"` | |
| persistence.main.pvc | string | `"nextcloud"` | |
| persistence.main.size | string | `"8Gi"` | |
| quota | string | `nil` | default quota for an user |
| theme.color | string | `nil` | set theme color in nextcloud |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
mycloud-nextcloud/_docs.gotmpl Normal file
View file

58
mycloud-services/README.md Normal file
View file

@ -0,0 +1,58 @@
---
title: "mycloud-services"
description: "A Helm chart for Kubernetes"
---
# mycloud-services
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
A Helm chart for Kubernetes
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons Persistence
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC |
| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path |
| commons.persistence.storageClass | string | `nil` | storageClass of PVC |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| databases | object | `{"example":{"additionalParams":null,"password":null,"type":"none","username":"example-password"}}` | create databases |
| databases.example.additionalParams | string | `nil` | additional params for databases |
| databases.example.password | string | `nil` | if not set generated by .Values.commons.masterPassword and databasename |
| databases.example.type | string | `"none"` | database type (current only "postgresql" is supported) |
| databases.example.username | string | `"example-password"` | username default like database |
| postgresql.password | string | `nil` | root |
| postgresql.persistence.size | string | `"10G"` | |
| postgresql.persistence.storageClass | string | `nil` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
mycloud-services/_docs.gotmpl Normal file
View file

103
template/README.md Normal file
View file

@ -0,0 +1,103 @@
---
title: "<template>"
description: "A Helm chart for Kubernetes"
---
# <template>
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
A Helm chart for Kubernetes
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Values
### Commons
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) |
| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets |
### Commons helm release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease |
| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease |
| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease |
| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease |
### Commons Ingress
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects |
| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services |
| commons.ingress.tls.enabled | bool | `true` | tls on every ingress |
| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) |
### Commons mail
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.mail.from | string | `nil` | send from address |
| commons.mail.host | string | `nil` | smtp server |
| commons.mail.password | string | `nil` | smtp password |
| commons.mail.use_ssl | bool | `false` | smtp server use ssl |
| commons.mail.use_tls | bool | `false` | smtp server use start tls |
| commons.mail.username | string | `nil` | smtp username |
### Commons Persistence
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC |
| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path |
| commons.persistence.storageClass | string | `nil` | storageClass of PVC |
### Commons Monitoring
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor |
| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules |
### Commons theme
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere |
| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere |
| commons.theme.title | string | `"myCloud"` | title everywhere |
### Commons Tracing
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.tracing.enabled | bool | `false` | enable tracing on all components |
| commons.tracing.grpc.enabled | bool | `true` | prefer grpc over http |
| commons.tracing.grpc.endpoint | string | `"tempo.monitoring.svc:4317"` | grpc endpoint |
| commons.tracing.grpc.insecure | bool | `true` | allow insecure connection per grpc |
| commons.tracing.http.endpoint | string | `"http://tempo.monitoring.svc:4318/v1/traces"` | http endpoint |
### Other Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| commons.auth.authentik.backend | string | `"authentik-server"` | |
| commons.auth.authentik.domain | string | `""` | |
| commons.auth.enabled | bool | `false` | |
| commons.auth.namespace | string | `""` | |
| commons.auth.type | string | `"authentik"` | |
| init.namespace | string | `"bases"` | |
| init.version | int | `0` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

0
template/_docs.gotmpl Normal file
View file