diff --git a/README.md b/README.md new file mode 100644 index 0000000..2ca302c --- /dev/null +++ b/README.md @@ -0,0 +1,8 @@ +--- +title: "FluxCD Charts" +weight: 2 +--- + +This repository just contains helm-charts (and some values) which are usable with [FluxCD](https://fluxcd.io/) + +Any helm-chart here is supposed to deploy fluxcd-resource and is called in this documentation as component (exclude [Base](base/get-started) which is supposed to bundle multiple components). diff --git a/README.md.gotmpl b/README.md.gotmpl new file mode 100644 index 0000000..69aaaa7 --- /dev/null +++ b/README.md.gotmpl @@ -0,0 +1,23 @@ +--- +title: {{ .Name | quote }} +{{ if .Description }} +description: {{.Description | quote }} +{{ end }} +--- + +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + +{{ template "chart.valuesSection" . }} + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/_index.md b/_index.md new file mode 100644 index 0000000..0aa330e --- /dev/null +++ b/_index.md @@ -0,0 +1,9 @@ +--- +title: "Components" +cascade: + - url: "/:sections/:title" +url: "/:sections/:slugorfilename" +weight: 90 +--- + +Test diff --git a/base/README.md b/base/README.md new file mode 100644 index 0000000..acff3cc --- /dev/null +++ b/base/README.md @@ -0,0 +1,60 @@ +--- +title: "base" + +description: "This is an Helm-Chart which creates an overlaye to connect / install multiple flux-charts / components (and use the helm values for it)" + +--- + +# base + +![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +This is an Helm-Chart which creates an overlaye to connect / install multiple flux-charts / components (and use the helm values for it) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Base + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| base.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| base.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| base.helm.release.interval | string | `"10m"` | interval of FluxCD HelmRelease | +| base.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| base.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | +| base.helm.release.valuesFrom | list | `[]` | valuesFrom for every components (for use values from ConfigMap or Secret) | +| base.helm.repo.interval | string | `"10m"` | interval of FluxCD Repository | +| base.helm.repo.namespace | string | `nil` | namespace, where the GitRepo resource is installed (maybe needed together with secretRef) | +| base.helm.repo.ref | object | `{"branch":"main"}` | default ref (if no branch is set - maybe overwritten by semver or so) | +| base.helm.repo.secretRef | string | `nil` | secret to get access to the git-repo | +| base.helm.repo.url | string | `"https://codeberg.org/wrenix/flux-charts.git"` | git repo where all components are stored | +| base.helm.repo.verify | string | `nil` | secret to get access to the git-repo | +| base.namespace.labels | object | `{}` | labels for every new created namespace (together or overwritten by components..enabled | bool | `false` | enable component-release to install | +| components..name | string | `nil` | optional component-name (if not set component-release-name is used as component-name) | +| components..namespace.labels | object | `{}` | if create a new namespace use labels (and the common namespace.labels) | +| components..namespace.name | string | `nil` | if not set, it reuse namespace where this base-chart is deployed | +| components..namespace.skip_create | bool | `false` | use the named namespace but does not create it | +| components..values | object | `{}` | set values on component-release | +| components..valuesFrom | list | `[]` | valuesFrom just for this component (for use values from ConfigMap or Secret) | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + diff --git a/base/_docs.gotmpl b/base/_docs.gotmpl new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/base/_docs.gotmpl @@ -0,0 +1 @@ + diff --git a/base/docs/_index.md b/base/docs/_index.md new file mode 100644 index 0000000..5cfc4b4 --- /dev/null +++ b/base/docs/_index.md @@ -0,0 +1,169 @@ +--- +title: "Base" +weight: 10 +--- + +This Helm-Chart called base is there to bundle multiple components (helm-charts which maybe deployes another flux-repository). + +## Base-Values +On this way, it is possible to use one `values.yaml` to setup multiple-components together or multiple overlapping `values.yaml` (e.g. for staging, stacks and so on). +For example, take an look in my [Infra](../infra) and [myCloud](../mycloud) stack. + +{{< callout type="warning" >}} + I will do a versioning of this Base Helmchart and every components chart (but not for my default values). + This is just for my setups. + + As in Hint, it is possible to use `valuesFrom:` and deploy ConfigMap, see [fluxcd](https://fluxcd.io/flux/components/helm/helmreleases/#values-references). +{{< /callout >}} + +### Shared Values + +The values `global:` and `commons:` are down passed into every component values. +This values could be overwritten inside the setup of every component `components..global:` or `components..commons:`. + +See also [Components - Values](#values) + +## Components + +The components are an helmchart in the `commons.helm.chart.sourceRef` root. + +Everything else is components specific and could be set under: +``` yaml {filename="base-values.yaml"} +commons: + namespace: + labels: + orgs: example + + helm: + release: + install: + test: + upgrade: + driftDetection: + +componentCommons: + helm: + release: + interval: 10m + +components: + : + enabled: true <1> + name: <2> + namespace: <3> + name: + labels: + team: my + skip_create: false + valuesFrom: <4> + values: <5> +``` + * <1> install this components (or not) + * <2> if set use component by name otherwise component is used by component-release-name + * <3> setup namespace, where component is deployed (e.g. name, labels of namespace, skip-create) if not set use namespace of current Base + * <4> use `valuesFrom` an `Secret` or `ConfigMap` + * <5> use values direct + +### Namespace +It is possible to deploy an components into a specific namespace (and create this). + +#### Use existing Namespace +``` yaml {filename="base-values.yaml"} +components: + : + namespace: + name: "default" + skip_create: true +``` + +#### Same Namespace as Base +``` yaml {filename="base-values.yaml"} +components: + : + namespace: + name: nil <1> +``` + * <1> or never set this part + +#### New Namespace +``` yaml {filename="base-values.yaml"} +commons: + namespace: + labels: <1> + orgs: example + +components: + : + namespace: + name: "my-namespace" + labels: <2> + team: my +``` + * <1> optional with labels on every new namespace by this component-release + * <2> optional with labels on this component-release + +### Values +There are multiple options to set values of an components. +Here in short the four options and order by overwrite priority. +``` yaml {filename="base-values.yaml"} +global: <3> +commons: <3> +componentCommons: + helm: + release: + valuesFrom: <1> + +components: + : + valuesFrom: [] <2> + values: <4> +``` + * <1> `valuesFrom` for every components (e.g one or multiple `ConfigMap` or `Secrets`) + * <2> `valuesFrom` of a specific component + * <3> `global:` or `commons` for every componets + * <4> values for a specific component + +#### Adjust Component setup (fluxcd values) + +``` yaml {filename="base-values.yaml"} +commons: <1> + helm: + release: + install: + test: + upgrade: + driftDetection: + +componentCommons: + helm: + release: <2> + interval: 10m +``` + * <1> is part of commons, for maybe reuse inside of an component-chart. + * <2> is part of componentCommons for just use of component use level. + +#### init-Version + +{{< callout type="warning" >}} + Since FluxCD supports driftDetection (with version 2.2) we maybe drop that idea. +{{< /callout >}} + +This is a small workaround to setup manifest in later step / rerun an component-chart, as e.g. CRD installation by an HelmRelease which is part of the used Component-Chart. + +Helper which should be put into the Component-Chart (with Capabilities if every is there to setup / to retries) +``` yaml {filename="component/templates/configmap.yaml"} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-init + namespace: "{{ .Values.init.namespace }}" +data: + {{- if and + (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") + (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") + }} + init: "-1" + {{- else }} + init: "{{ add1 .Values.init.version }}" + {{- end }} +``` diff --git a/docs/fluxcd/_index.md b/docs/fluxcd/_index.md new file mode 100644 index 0000000..1ac9ed5 --- /dev/null +++ b/docs/fluxcd/_index.md @@ -0,0 +1,62 @@ +--- +title: "FluxCD: Get Started" +slug: "get-started" +weight: 1 +cascade: + - url: /:sections[:2]/:sections[3:]/:slugorfilename +--- + +## Install FluxCD into a cluster + +Here i install it with connection to codeberg: + +* the path is just for the cluster +* the url a repo where fluxcd (in given path) install itself and monitor +* i just install my needed components (i skip notification-controller, i prefer prometheus and alerting) + +```bash +flux bootstrap git --components source-controller,kustomize-controller,helm-controller --path= --url ssh://git@codeberg.org/wrenix/.git +``` + +### Secure with verify + +Afterwards we need to setup a verification with GPG, so that nobody else could commit any workload in your cluster. +That is because i select an public git hosting (here codeberg), i trust them but maybe it get compromised one time. + +in your repository the flux cli has created an `/flux-system/kustomization.yaml`, we will edit them. + +```patch + apiVersion: kustomize.config.k8s.io/v1beta1 + kind: Kustomization + resources: + - gotk-components.yaml + - gotk-sync.yaml + ++patches: ++ - target: ++ kind: GitRepository ++ name: flux-system ++ patch: |- ++ apiVersion: source.toolkit.fluxcd.io/v1 ++ kind: GitRepository ++ metadata: ++ name: flux-system ++ spec: ++ verify: <1> ++ mode: HEAD ++ secretRef: ++ name: gpg-publickey ++ ++generatorOptions: ++ disableNameSuffixHash: true <2> ++ ++secretGenerator: ++ - name: gpg-publickey <3> ++ namespace: flux-system ++ files: ++ - gpg-publickey/wrenix.gpg <4> +``` +* <1> add verify, that only HEAD git commit with valide gpg signature is used +* <2> on the next generate, do not add hash +* <3> generate kubernetes Secret with the name `gpg-publickey` which is used in the patched GitRepository, see <1> +* <4> Add list of valide gpg key files diff --git a/docs/generate.sh b/docs/generate.sh index 494b03d..e63bf00 100755 --- a/docs/generate.sh +++ b/docs/generate.sh @@ -22,6 +22,7 @@ for c in $ROOT_DIR/* ; do done helm-docs --chart-search-root "${ROOT_DIR}/" -t ./docs/modules/components/README.adoc.gotmpl -o README.adoc +helm-docs --chart-search-root "${ROOT_DIR}/" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl ## # infra diff --git a/docs/infra/_index.md b/docs/infra/_index.md new file mode 100644 index 0000000..7da5f53 --- /dev/null +++ b/docs/infra/_index.md @@ -0,0 +1,117 @@ +--- +title: Infrastructure +weight: 50 +--- +a bundle of software which should run on every kubernetes cluster. + +# Components + +The following components for an infrastructure setup exists: + +## Usage + +My `base-values/infra.yaml` use for the different components extra namespaces. + +{{< callout type="warning" >}} +The `base-values` are not versioned, see [Base](../base). +{{< /callout >}} + +``` yaml {filename="Example usage"} +--- +apiVersion: v1 +kind: Namespace +metadata: + name: infra <1> +--- +apiVersion: v1 +kind: Secret <2> +metadata: + name: infra-secret + namespace: infra <1> +data: + masterPassword: MASTER_PASSWORD_FOR_GENERATE_EVERY_A_NEW_ONE +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: GitRepository +metadata: + name: wrenix-flux-charts <3> + namespace: flux-system +spec: + url: https://codeberg.org/wrenix/flux-charts.git + ref: + branch: main + interval: 10m + # for more info about verification take an look here: + # - https://fluxcd.io/flux/components/source/gitrepositories/#verification + # - https://wrenix.codeberg.page/docs/wrenix-flux/latest/#_secure_with_verify + # later replaced with oci and cosign + # verify: + # mode: HEAD + # secretRef: + # name: gpg-publickey +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: infra <4> + namespace: infra <1> +spec: + chart: + spec: + sourceRef: + kind: GitRepository + name: wrenix-flux-charts <3> + namespace: flux-system + chart: "./base" + reconcileStrategy: "Revision" + valuesFiles: + - "./base/values.yaml" + - "./base-values/commons.yaml" <5> + - "./base-values/infra.yaml" <6> + interval: 10m + values: + ## + # Commons + ## + commons: + + helm: + chart: + sourceRef: <3> + kind: GitRepository + name: wrenix-flux-charts + namespace: flux-system + + ingress: + domain: "my-infra.eu" <7> + + componentCommons: + helm: + release: + valuesFrom: + - kind: Secret <2> + name: infra-secret + valuesKey: masterPassword + targetPath: commons.masterPassword + ## + # Compoments + ## + components: <8> + infra-certificates: + values: + email: host.acme@wrenix.eu + infra-monitoring: + values: + prometheus: + exporter: + blackbox: + enabled: true +``` + * <1> namespace where install all the components later + * <2> secret to bypass secure values into the infra-components (masterPassword) + * <3> reference where base and all the components are founded by fluxcd + * <4> use of base-helm chart for fluxcd to bundle the different infra-components together + * <5> use my default commons values for flux-chart components + * <6> use my default to setup all commons for infra and infra components + * <7> setup default domain (where subdomains are generate for the different components) + * <8> overwrite componets values (here setup default also certmanager email for Let's Encrypt and setup prometheus-blackbox-exporter) diff --git a/docs/infra/auth.md b/docs/infra/auth.md new file mode 100644 index 0000000..f62c227 --- /dev/null +++ b/docs/infra/auth.md @@ -0,0 +1,32 @@ +--- +title: "Authentification" +--- +# Authentification +It is possible to use [mycloud-authentik](../components/mycloud-authentik) (or with [`./base-values/mycloud-core.yaml`](base-values/mycloud-core.yaml)). + +``` yaml {filename="base-auth-values.yaml"} +commons: + auth: + enabled: true <1> + namespace: "mycloud" <2> + authentik: + domain: "auth.wrenix.eu" <3> + backend: "mycloud-authentik-hr" <4> + +components: + infra-monitoring: + grafana: + auth: + anonymous: + enabled: false <5> +``` + * <1> enable to configurate own ressurces and mycloud (blueprint for authentik) + * <2> namespace where authentik of mycloud runs (where to put blueprint secrets) + * <3> domain of authentik (for setup OIDCs and so on on own instances) + * <4> backend of authentik for logout ingresses of infra-components + * <5> configure grafana to disable anonymous auth (just use authentik SSO / OIDC) + +For the following software an proxy based setup handled (current just traefik is supported): + * alertmanager + * karma + * prometheus diff --git a/docs/infra/monitoring.md b/docs/infra/monitoring.md new file mode 100644 index 0000000..cf6815b --- /dev/null +++ b/docs/infra/monitoring.md @@ -0,0 +1,37 @@ +--- +title: "Monitoring" +--- +# Monitoring + +We deploy by default all resources to monitor every deployment. + +For adjusting of the labels, there are following values in [`./base-values/commons.yaml`](https://codeberg.org/wrenix/flux-charts/src/branch/main/base-values/commons.yaml). + +``` yaml {filename="base-monitor-values.yaml"} +commons: + grafana: + datasource: + labels: <1> + grafana_datasource: "1" + dashboards: + labels: <2> + grafana_dashboard: "1" + annotations: <3> + + prometheus: + alertmanager: + labels: <4> + alertmanager: default + monitor: + labels: <5> + prometheus: default + rules: + labels: <6> + prometheus: default +``` + * <1> used labels on `Secrets` and `ConfigMap` metadata for usage for filter for Datasource of Grafana-Sidecar + * <2> used labels on `Secrets` and `ConfigMap` metadata for usage for filter for Dashboards of Grafana-Sidecar + * <3> used annotations on `Secrets` and `ConfigMap` metadata of Dashboards for usage configuration of Grafana-Sidecar (useful for but Dashboards into Folders on Grafana) + * <4> used labels on `AlertmanagerConfig` metadata for usage for filter on `Alertmanager` instance of [prometheus-operator](https://prometheus-operator.dev/) + * <5> used labels on `ServiceMonitor` and `PodMonitor` metadata for usage for filter on `Prometheus` instance of [prometheus-operator](https://prometheus-operator.dev/) + * <6> used labels on `PrometheusRules` metadata for usage for filter on `Prometheus` instance of [prometheus-operator](https://prometheus-operator.dev/) diff --git a/docs/mycloud/_index.md b/docs/mycloud/_index.md new file mode 100644 index 0000000..19a02b7 --- /dev/null +++ b/docs/mycloud/_index.md @@ -0,0 +1,147 @@ +--- +title: "myCloud" +weight: 60 +--- + +# myCloud + +a bundle of OpenSource Software with one user management. + +Current based only on: [authentik](https://goauthentik.io) + +## First Login +Your main Account must be initalized: +`https://auth./if/flow/initial-setup/` + +## Components + +The following components for an myCloud setup exists: +include::partial-list-components.adoc[] + +## Usage + +My `base-values/mycloud-*.yaml` does not set any namespace, so the same the the Base-Helmchart is used (maybe you like to use multiple myClouds in different namespaces). + +.Example usage (warning, the `base-values` are not versioned, see xref:base:index.adoc[Base]): +``` yaml {filename="fluxcd-mycloud.yaml"} +--- +apiVersion: v1 +kind: Namespace +metadata: + name: mycloud <1> + +--- +apiVersion: v1 +kind: Secret <2> +metadata: + name: mycloud-mail + namespace: mycloud <1> +data: + password: MAIL_ACCOUNT_PASSWORD + +--- +apiVersion: v1 +kind: Secret <3> +metadata: + name: mycloud-master-password + namespace: mycloud <1> +data: + masterPassword: MASTER_PASSWORD_FOR_GENERATE_EVERY_A_NEW_ONE + +--- +apiVersion: source.toolkit.fluxcd.io/v1 +kind: GitRepository +metadata: + name: wrenix-flux-charts <4> + namespace: flux-system +spec: + url: https://codeberg.org/wrenix/flux-charts.git + ref: + branch: main + interval: 10m + # for more info about verification take an look here: + # - https://fluxcd.io/flux/components/source/gitrepositories/#verification + # - https://wrenix.codeberg.page/docs/wrenix-flux/latest/#_secure_with_verify + # later replaced with oci and cosign + # verify: + # mode: HEAD + # secretRef: + # name: gpg-publickey + +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta1 +kind: HelmRelease +metadata: + name: mycloud <1> + namespace: mycloud <2> +spec: + chart: + spec: + sourceRef: + kind: GitRepository + name: wrenix-flux-charts <3> + namespace: flux-system + chart: "./base" + reconcileStrategy: "Revision" + valuesFiles: + - "./base/values.yaml" + - "./base-values/commons.yaml" <4> + - "./base-values/mycloud-core.yaml" <5> + - "./base-values/mycloud-nextcloud.yaml" <6> + - "./base-values/mycloud-collabora.yaml" <7> + interval: 10m + values: + base: + helm: + release: + valuesFrom: + - kind: Secret <8> + name: mycloud-secrets + valuesKey: masterPassword + targetPath: commons.masterPassword + - kind: Secret <9> + name: mycloud-secrets + valuesKey: password + targetPath: commons.mail.password + ## + # Commons + ## + commons: + mail: <10> + host: "posteo.de" + username: "mycloud@posteo.net" + use_tls: true + from: "mycloud@posteo.net" + + helm: + chart: + sourceRef: <11> + kind: GitRepository + name: wrenix-flux-charts + namespace: flux-system + + ingress: + domain: "mycloud.eu" <12> + + + ## + # Compoments + ## + components: + mycloud-nextcloud: + values: <13> + quota: "100 MB" +``` + * <1> use of base-helm chart for fluxcd to bundle the different mycloud-components together + * <2> namespace where install all the components later + * <3> reference where base are founded by fluxcd + * <4> use my default commons values for flux-chart components + * <5> use my default to setup all commons for mycloud-components and the mycloud-core components (e.g. xref:components:mycloud-services.adoc[mycloud-services] and xref:components:mycloud-authentik.adoc[mycloud-authentik]) + * <6> use my default values for usage of xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud] (it also configure xref:components:mycloud-services.adoc[mycloud-services] for another database and xref:components:mycloud-authentik.adoc[mycloud-authentik] for user management) + * <7> use my default values for usage of xref:components:mycloud-collabora.adoc[mycloud-collabora] (it also configure xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud] if it is also used) + * <8> secret to bypass secure values into the mycloud-components (mail) + * <9> secret to bypass secure values into the mycloud-components (masterPassword) + * <10> setup default mail configuration (for all components) for more commons values take an look into the used components (or `base-values`) + * <11> reference where all the components are foundet by fluxcd (e.g. same then the base chart, see <3>) + * <12> setup default domain (where subdomains are generate for the different components) + * <13> overwrite componets values (here setup default quota for an use in xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud]) diff --git a/docs/mycloud/ingress.md b/docs/mycloud/ingress.md new file mode 100644 index 0000000..941ca95 --- /dev/null +++ b/docs/mycloud/ingress.md @@ -0,0 +1,84 @@ +--- +title: "Ingress" +--- +# Ingress + +Per default, the ingress domain and tls could be set, + +The domain is used, to set for every components per default an subdomain by this domain. +(This could be overwritten by see [Change Host / Domain per Components](#change_host__domain_per_components).) + +If you do not like to setup for every ingress-tls an new cert secrets (e.g. you do not use an cert-manager), the you could override it global with your on entry. + +``` yaml {filename="base-mycloud-ingress-values.yaml"} +commons: + ingress: + domain: + tls: + enabled: true + override: +``` + +## Annotations + +It is possible to set annotations global or per components: +``` yaml {filename="base-mycloud-ingress-values.yaml"} +commons: + ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + +components: + mycloud-authentik: + values: + ingress: + annotations: + traefik.ingress.kubernetes.io/router.middlewares: ingress-redirect-https@kubernetescrd +``` + +## Change Host / Domain per Components + +### Authentik +``` yaml {filename="base-mycloud-authentik-values.yaml"} +commons: + auth: + host: "login.wrenix.eu" + +components: + mycloud-authentik: + values: + ingress: + host: "login.wrenix.eu" +``` + +### Nextcloud +``` yaml {filename="base-mycloud-nextcloud-values.yaml"} +components: + mycloud-nextcloud: + values: + ingress: + host: "files.wrenix.eu:" + + mycloud-collabora: + values: + allowedHosts: + files.wrenix.eu: [] +``` + +### Collabora + +``` yaml {filename="base-mycloud-collabora-values.yaml"} +components: + mycloud-nextcloud: + values: + apps: + richdocuments: + enabled: true + config: + wopi_url: "https://office.wrenix.eu" + + mycloud-collabora: + values: + ingress: + host: "office.wrenix.eu" +``` diff --git a/docs/mycloud/mail.md b/docs/mycloud/mail.md new file mode 100644 index 0000000..a65231a --- /dev/null +++ b/docs/mycloud/mail.md @@ -0,0 +1,28 @@ +--- +title: "Mail" +--- +# Mail + +``` yaml {filename="base-mycloud-mail.yaml"} +commons: + mail: + host: + username: + password: + from: "no-reply@example.org" + use_tls: false + use_ssl: false + +components: + mycloud-authentik: + values: + mail: + from: + + mycloud-nextcloud: + values: + mail: + from: + host: + authtype: PLAIN +``` diff --git a/docs/mycloud/persistence.md b/docs/mycloud/persistence.md new file mode 100644 index 0000000..77f0473 --- /dev/null +++ b/docs/mycloud/persistence.md @@ -0,0 +1,32 @@ +--- +title: "Persistence" +--- + +# Persistence + +``` yaml {filename="base-mycloud-persistant-values.yaml"} +commons: + persistence: + storageClass: + hostPath: + enabled: false + prefix: "/var/lib/mycloud" + +components: + mycloud-services: + values: + postgresql: + persistence: + storageClass: + size: "10G" + + mycloud-nextcloud: + values: + persistence: + main: + pvc: "nextcloud" + size: 8Gi + data: + pvc: "nextcloud-data" + size: 16Gi +``` diff --git a/docs/mycloud/theme.md b/docs/mycloud/theme.md new file mode 100644 index 0000000..5d4d03e --- /dev/null +++ b/docs/mycloud/theme.md @@ -0,0 +1,20 @@ +--- +title: "Theme" +--- + +# Theme + +``` yaml {filename="base-mycloud-theme.yaml"} +commons: + theme: + title: + logo: + favicon: + +components: + mycloud-authentik: + values: + theme: + background: > +``` + diff --git a/infra-certificates/README.md b/infra-certificates/README.md new file mode 100644 index 0000000..8832a37 --- /dev/null +++ b/infra-certificates/README.md @@ -0,0 +1,48 @@ +--- +title: "infra-certificates" + +description: "Install all certificate related" + +--- + +# infra-certificates + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Install all certificate related + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap | +| commons.grafana.datasource.labels | object | `{"grafana_datasource":"1"}` | labels of grafana datasource configmap and secret | +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | +| email | string | `"an@example.org"` | | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/infra-certificates/_docs.gotmpl b/infra-certificates/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/infra-fluxcd/README.md b/infra-fluxcd/README.md new file mode 100644 index 0000000..2c341e6 --- /dev/null +++ b/infra-fluxcd/README.md @@ -0,0 +1,39 @@ +--- +title: "infra-fluxcd" + +description: "Install resources for FluxCD (e.g. grafana dashboards, prometheus podmonitor)" + +--- + +# infra-fluxcd + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Install resources for FluxCD (e.g. grafana dashboards, prometheus podmonitor) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap | +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| prometheus.kubeStateMetricsConfig.namespace | string | `nil` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/infra-fluxcd/_docs.gotmpl b/infra-fluxcd/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/infra-ingress/README.adoc b/infra-ingress/README.adoc index 250bdbb..2e7a8d0 100644 --- a/infra-ingress/README.adoc +++ b/infra-ingress/README.adoc @@ -120,6 +120,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `0` | +| logs.access +| bool +| `false` +| + | traefik.additionalArguments | list | `[]` diff --git a/infra-ingress/README.md b/infra-ingress/README.md new file mode 100644 index 0000000..0ff370c --- /dev/null +++ b/infra-ingress/README.md @@ -0,0 +1,67 @@ +--- +title: "infra-ingress" + +description: "Setup an ingress" + +--- + +# infra-ingress + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Setup an ingress + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | + +### Commons Tracing + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.tracing.enabled | bool | `false` | enable tracing on all components | +| commons.tracing.grpc.enabled | bool | `true` | prefer grpc over http | +| commons.tracing.grpc.endpoint | string | `"tempo.monitoring.svc:4317"` | grpc endpoint | +| commons.tracing.grpc.insecure | bool | `true` | allow insecure connection per grpc | +| commons.tracing.http.endpoint | string | `"http://tempo.monitoring.svc:4318/v1/traces"` | http endpoint | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| controller | string | `"traefik"` | | +| external | bool | `true` | | +| hostNetwork | bool | `true` | | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| logs.access | bool | `false` | | +| traefik.additionalArguments | list | `[]` | | +| traefik.hostPath | string | `"/srv/k8s/pv/pvc-traefik-certs"` | | +| traefik.ports | object | `{}` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/infra-ingress/_docs.gotmpl b/infra-ingress/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/infra-logging/README.md b/infra-logging/README.md new file mode 100644 index 0000000..39bed0c --- /dev/null +++ b/infra-logging/README.md @@ -0,0 +1,50 @@ +--- +title: "infra-logging" + +description: "Install all logging related" + +--- + +# infra-logging + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Install all logging related + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap | +| commons.grafana.datasource.labels | object | `{"grafana_datasource":"1"}` | labels of grafana datasource configmap and secret | +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| fluentd.replicas | int | `1` | | +| grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| loki.enabled | bool | `true` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/infra-logging/_docs.gotmpl b/infra-logging/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/infra-monitoring/README.md b/infra-monitoring/README.md new file mode 100644 index 0000000..cfd6341 --- /dev/null +++ b/infra-monitoring/README.md @@ -0,0 +1,116 @@ +--- +title: "infra-monitoring" + +description: "Install all monitoring related" + +--- + +# infra-monitoring + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Install all monitoring related + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects | +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | +| commons.ingress.tls.enabled | bool | `false` | tls on every ingress | +| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) | + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| alertmanager.auth.anonymous.enabled | bool | `false` | | +| alertmanager.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) | +| alertmanager.ingress.enabled | bool | `true` | | +| alertmanager.ingress.host | string | `""` | | +| alertmanager.inhibitRules | list | `[]` | additional inhibitRules | +| alertmanager.receiver.customs | object | `{}` | customs | +| alertmanager.receiver.matrix.default | string | `"!example-room:matrix.org"` | | +| alertmanager.receiver.matrix.enabled | bool | `false` | | +| alertmanager.receiver.matrix.homeserver | string | `"https://matrix.org"` | | +| alertmanager.receiver.matrix.rooms | object | `{}` | | +| alertmanager.receiver.matrix.sendResolved | bool | `false` | | +| alertmanager.receiver.matrix.token | string | `""` | token of matrix reciever (use valuesFrom in flux for it) | +| alertmanager.receiver.matrix.userID | string | `"@alert:matrix.org"` | | +| alertmanager.receiver.ntfy.config.labels | object | `{"entries":[{"label":"severity","priority":4,"tags":["rotating_light"],"value":"critical"},{"label":"severity","priority":3,"tags":["warning"],"value":"warning"},{"label":"severity","priority":1,"tags":["information_source"],"value":"info"}],"order":["severity"]}` | label of alert to ntfy message config | +| alertmanager.receiver.ntfy.config.ntfy.topic | string | `"https://ntfy.wrenix.eu/alertmanager-example"` | | +| alertmanager.receiver.ntfy.config.password | string | `nil` | password used between alertmanager and ntfy reciever generated from commons.masterPassword | +| alertmanager.receiver.ntfy.config.user | string | `"alertmanager-to-ntfy"` | user used between alertmanager and ntfy receiver | +| alertmanager.receiver.ntfy.enabled | bool | `false` | | +| alertmanager.receiver.ntfy.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) | +| alertmanager.receiver.ntfy.ingress.enabled | bool | `false` | | +| alertmanager.receiver.ntfy.ingress.host | string | `nil` | | +| alertmanager.receiver.ntfy.sendResolved | bool | `false` | | +| alertmanager.route.groupBy | list | `["namespace","alertname"]` | groupBy | +| alertmanager.route.repeatInterval | string | `"24h"` | repeat Interval | +| alertmanager.route.routes | list | `[]` | would overwrite defaults (like ntfy or matrix) # send every alert to ntfy # (and continue to routing for that alert) - receiver: "ntfy-default" continue: true # send selected alerts to special matrix room # (and remove them for evaluation - no continue) - receiver: "matrix-room-name" matchers: - name: "team" matchType: "=" value: "room-name" # all reminig alerts to matrix default room - receiver: "matrix-default" | +| commons.auth.authentik.backend | string | `"authentik-server"` | | +| commons.auth.authentik.domain | string | `""` | | +| commons.auth.enabled | bool | `false` | | +| commons.auth.namespace | string | `""` | | +| commons.auth.type | string | `"authentik"` | | +| grafana.adminPassword | string | `nil` | generated from commons.masterPassword | +| grafana.auth.anonymous.enabled | bool | `true` | | +| grafana.auth.authentik.clientID | string | `nil` | generated from commons.masterPassword | +| grafana.auth.authentik.clientSecret | string | `nil` | generated from commons.masterPassword | +| grafana.auth.enabled | bool | `false` | | +| grafana.dashboards.annotations."grafana.mon.local/dashboard-folder" | string | `"Kubernetes"` | | +| grafana.dashboards.folderAnnotation | string | `"grafana.mon.local/dashboard-folder"` | | +| grafana.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) | +| grafana.ingress.enabled | bool | `true` | | +| grafana.ingress.host | string | `""` | | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| karma.additionalAlertmanager | string | `nil` | | +| karma.auth.anonymous.enabled | bool | `false` | | +| karma.enabled | bool | `true` | | +| karma.filters.default[0] | string | `"@state=active"` | | +| karma.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) | +| karma.ingress.enabled | bool | `true` | | +| karma.ingress.host | string | `""` | | +| prometheus.auth.anonymous.enabled | bool | `false` | | +| prometheus.exporter.blackbox.enabled | bool | `true` | | +| prometheus.exporter.blackbox.hostNetwork | bool | `false` | | +| prometheus.exporter.blackbox.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) | +| prometheus.exporter.blackbox.ingress.enabled | bool | `false` | enable ingress for blackbox-exporter | +| prometheus.exporter.blackbox.ingress.host | string | `""` | default use .Values.commons.ingress.host with prefix: `blackbox.exporter` | +| prometheus.ingress.annotations | object | `{}` | annotations on ingress object (beside of .Values.commons.ingress.annotations ) | +| prometheus.ingress.enabled | bool | `true` | | +| prometheus.ingress.host | string | `""` | | +| tempo.enabled | bool | `false` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/infra-monitoring/_docs.gotmpl b/infra-monitoring/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/infra-trivy/README.md b/infra-trivy/README.md new file mode 100644 index 0000000..bce2c7d --- /dev/null +++ b/infra-trivy/README.md @@ -0,0 +1,70 @@ +--- +title: "infra-trivy" + +description: "deploy trivy-operator" + +--- + +# infra-trivy + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +deploy trivy-operator + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap | +| commons.prometheus.alertmanager.labels | object | `{}` | labels on AlertmanagerConf | +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| prometheus.rules.clusterCompliance.enabled | bool | `false` | | +| prometheus.rules.clusterRBACAssessments.enabled | bool | `false` | | +| prometheus.rules.clusterRBACAssessments.info.enabled | bool | `false` | | +| prometheus.rules.clusterRBACAssessments.warning.enabled | bool | `false` | | +| prometheus.rules.enabled | bool | `true` | | +| prometheus.rules.imageExposedSecrets.enabled | bool | `true` | | +| prometheus.rules.imageExposedSecrets.info.enabled | bool | `false` | | +| prometheus.rules.imageExposedSecrets.warning.enabled | bool | `false` | | +| prometheus.rules.imageVulnerabilities.enabled | bool | `false` | | +| prometheus.rules.imageVulnerabilities.info.enabled | bool | `false` | | +| prometheus.rules.imageVulnerabilities.warning.enabled | bool | `false` | | +| prometheus.rules.infraAssessments.enabled | bool | `true` | | +| prometheus.rules.infraAssessments.info.enabled | bool | `true` | | +| prometheus.rules.infraAssessments.warning.enabled | bool | `true` | | +| prometheus.rules.resourceConfigAudits.enabled | bool | `true` | | +| prometheus.rules.resourceConfigAudits.info.enabled | bool | `false` | | +| prometheus.rules.resourceConfigAudits.warning.enabled | bool | `false` | | +| prometheus.rules.roleRBACAssessments.enabled | bool | `false` | | +| prometheus.rules.roleRBACAssessments.info.enabled | bool | `false` | | +| prometheus.rules.roleRBACAssessments.warning.enabled | bool | `false` | | +| scans.concurrent | int | `2` | | +| scans.ttl | string | `"168h"` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/infra-trivy/_docs.gotmpl b/infra-trivy/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/mycloud-authentik/README.md b/mycloud-authentik/README.md new file mode 100644 index 0000000..7bf876b --- /dev/null +++ b/mycloud-authentik/README.md @@ -0,0 +1,94 @@ +--- +title: "mycloud-authentik" + +description: "A mycloud components using authentik (for central authentification using SSO)" + +--- + +# mycloud-authentik + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +A mycloud components using authentik (for central authentification using SSO) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects | +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | +| commons.ingress.tls.enabled | bool | `true` | tls on every ingress | +| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) | + +### Commons mail + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.mail.from | string | `nil` | send from address | +| commons.mail.host | string | `nil` | smtp server | +| commons.mail.password | string | `nil` | smtp password | +| commons.mail.use_ssl | bool | `false` | smtp server use ssl | +| commons.mail.use_tls | bool | `false` | smtp server use start tls | +| commons.mail.username | string | `nil` | smtp username | + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Commons Redis + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.redis.replicas | int | `0` | replicas | + +### Commons theme + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere | +| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere | +| commons.theme.title | string | `"myCloud"` | title everywhere | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services | +| database.name | string | `"authentik"` | | +| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) | +| database.username | string | `"authentik"` | | +| ingress.annotations | string | `nil` | | +| ingress.host | string | `nil` | default: auth.(Values.commons.ingress.domain) | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| mail.from | string | `nil` | generade by Values.commons.mail.from | +| secret_key | string | `nil` | generated by .Values.commons.masterPassword | +| theme.background | string | `nil` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/mycloud-authentik/_docs.gotmpl b/mycloud-authentik/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/mycloud-collabora/README.md b/mycloud-collabora/README.md new file mode 100644 index 0000000..70d0d06 --- /dev/null +++ b/mycloud-collabora/README.md @@ -0,0 +1,66 @@ +--- +title: "mycloud-collabora" + +description: "myCloud component to setup collabora" + +--- + +# mycloud-collabora + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +myCloud component to setup collabora + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.grafana.dashboards.annotations | object | `{}` | annotations of grafana dashboard configmap | +| commons.grafana.dashboards.labels | object | `{}` | labels of grafana dashboard configmap | +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects | +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | +| commons.ingress.tls.enabled | bool | `true` | tls on every ingress | +| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) | + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| adminPassword | string | `nil` | adminPassword to access collabora admin platform | +| allowedHosts | object | `{}` | allowed host to use this collabora instance if not set we allow defaults (like nextcloud) example: main.host.de: [ "alias1.host.de", "alias2.host.de" ] | +| ingress.annotations | object | `{"haproxy-ingress.github.io/assign-backend-server-id":"true","haproxy-ingress.github.io/balance-algorithm":"url_param WOPISrc","haproxy-ingress.github.io/config-backend":"hash-type consistent acl admin_url path_beg /cool/getMetrics acl admin_url path_beg /cool/adminws/ acl admin_url path_beg /browser/dist/admin/admin.html http-request deny if admin_url","haproxy-ingress.github.io/timeout-tunnel":"3600s","nginx.ingress.kubernetes.io/server-snippet":"location /cool/getMetrics { deny all; return 403; }\nlocation /cool/adminws/ { deny all; return 403; }\nlocation /browser/dist/admin/admin.html { deny all; return 403; }\n","nginx.ingress.kubernetes.io/upstream-hash-by":"$arg_WOPISrc"}` | ingress annotatations - default are all the best practise of collabora | +| ingress.host | string | `nil` | default: fs.(Values.commons.ingress.domain) | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/mycloud-collabora/_docs.gotmpl b/mycloud-collabora/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/mycloud-firefly-iii/README.md b/mycloud-firefly-iii/README.md new file mode 100644 index 0000000..8e84c13 --- /dev/null +++ b/mycloud-firefly-iii/README.md @@ -0,0 +1,92 @@ +--- +title: "mycloud-firefly-iii" + +description: "A Helm chart for Kubernetes" + +--- + +# mycloud-firefly-iii + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) | +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects | +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | +| commons.ingress.tls.enabled | bool | `true` | tls on every ingress | +| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) | + +### Commons mail + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.mail.from | string | `nil` | send from address | +| commons.mail.host | string | `nil` | smtp server | +| commons.mail.password | string | `nil` | smtp password | +| commons.mail.use_ssl | bool | `false` | smtp server use ssl | +| commons.mail.use_tls | bool | `false` | smtp server use start tls | +| commons.mail.username | string | `nil` | smtp username | + +### Commons Persistence + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC | +| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path | +| commons.persistence.storageClass | string | `nil` | storageClass of PVC | + +### Commons theme + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere | +| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere | +| commons.theme.title | string | `"myCloud"` | title everywhere | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.auth.authentik.backend | string | `"mycloud-authentik-hr-server"` | | +| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services | +| database.name | string | `"firefly"` | | +| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) | +| database.username | string | `"firefly"` | | +| ingress.annotations | object | `{}` | | +| ingress.host | string | `nil` | default: social.(Values.commons.ingress.domain) | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| mail.from | string | `nil` | generade by Values.commons.mail.from | +| mail.host | string | `nil` | default Values.commons.mail.host | +| persistence.size | string | `"16Gi"` | | +| persistence.storageClass | string | `nil` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/mycloud-firefly-iii/_docs.gotmpl b/mycloud-firefly-iii/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/mycloud-gotosocial/README.adoc b/mycloud-gotosocial/README.adoc index 6a395e2..ecb6cb7 100644 --- a/mycloud-gotosocial/README.adoc +++ b/mycloud-gotosocial/README.adoc @@ -255,6 +255,11 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat | `0` | +| instance +| object +| `{}` +| see https://codeberg.org/wrenix/helm-charts/src/branch/main/gotosocial#_values + | mail.from | string | `nil` diff --git a/mycloud-gotosocial/README.md b/mycloud-gotosocial/README.md new file mode 100644 index 0000000..a377c92 --- /dev/null +++ b/mycloud-gotosocial/README.md @@ -0,0 +1,111 @@ +--- +title: "mycloud-gotosocial" + +description: "myCloud component to setup gotosocial" + +--- + +# mycloud-gotosocial + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +myCloud component to setup gotosocial + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) | +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects | +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | +| commons.ingress.tls.enabled | bool | `true` | tls on every ingress | +| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) | + +### Commons mail + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.mail.from | string | `nil` | send from address | +| commons.mail.host | string | `nil` | smtp server | +| commons.mail.password | string | `nil` | smtp password | +| commons.mail.use_ssl | bool | `false` | smtp server use ssl | +| commons.mail.use_tls | bool | `false` | smtp server use start tls | +| commons.mail.username | string | `nil` | smtp username | + +### Commons Persistence + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC | +| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path | +| commons.persistence.storageClass | string | `nil` | storageClass of PVC | + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Commons theme + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere | +| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere | +| commons.theme.title | string | `"myCloud"` | title everywhere | + +### Commons Tracing + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.tracing.enabled | bool | `false` | enable tracing on all components | +| commons.tracing.grpc.enabled | bool | `true` | prefer grpc over http | +| commons.tracing.grpc.endpoint | string | `"tempo.monitoring.svc:4317"` | grpc endpoint | +| commons.tracing.grpc.insecure | bool | `true` | allow insecure connection per grpc | +| commons.tracing.http.endpoint | string | `"http://tempo.monitoring.svc:4318/v1/traces"` | http endpoint | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| auth.clientID | string | `nil` | generated by .Values.commons.masterPassword | +| auth.clientSecret | string | `nil` | generated by .Values.commons.masterPassword | +| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services | +| database.name | string | `"gotosocial"` | | +| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) | +| database.username | string | `"gotosocial"` | | +| ingress.annotations | string | `nil` | | +| ingress.host | string | `nil` | default: social.(Values.commons.ingress.domain) | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| instance | object | `{}` | see https://codeberg.org/wrenix/helm-charts/src/branch/main/gotosocial#_values | +| mail.from | string | `nil` | generade by Values.commons.mail.from | +| mail.host | string | `nil` | default Values.commons.mail.host | +| persistence.size | string | `"16Gi"` | | +| persistence.storageClass | string | `nil` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/mycloud-gotosocial/_docs.gotmpl b/mycloud-gotosocial/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/mycloud-matrix/README.md b/mycloud-matrix/README.md new file mode 100644 index 0000000..4ddba77 --- /dev/null +++ b/mycloud-matrix/README.md @@ -0,0 +1,172 @@ +--- +title: "mycloud-matrix" + +description: "myCloud component to setup matrix" + +--- + +# mycloud-matrix + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +myCloud component to setup matrix + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) | +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.grafana.dashboards.annotations | string | `nil` | annotations of grafana dashboard configmap | +| commons.grafana.dashboards.labels | object | `{"grafana_dashboard":"1"}` | labels of grafana dashboard configmap | +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects | +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | +| commons.ingress.tls.enabled | bool | `true` | tls on every ingress | +| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) | + +### Commons mail + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.mail.from | string | `nil` | send from address | +| commons.mail.host | string | `nil` | smtp server | +| commons.mail.password | string | `nil` | smtp password | +| commons.mail.use_ssl | bool | `false` | smtp server use ssl | +| commons.mail.use_tls | bool | `false` | smtp server use start tls | +| commons.mail.username | string | `nil` | smtp username | + +### Commons Persistence + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC | +| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path | +| commons.persistence.storageClass | string | `nil` | storageClass of PVC | + +### Commons theme + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere | +| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere | +| commons.theme.title | string | `"myCloud"` | title everywhere | + +### Commons Tracing + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.tracing.enabled | bool | `false` | enable tracing on all components | +| commons.tracing.grpc.enabled | bool | `true` | prefer grpc over http | +| commons.tracing.grpc.endpoint | string | `"tempo.monitoring.svc:4317"` | grpc endpoint | +| commons.tracing.grpc.insecure | bool | `true` | allow insecure connection per grpc | +| commons.tracing.http.endpoint | string | `"http://tempo.monitoring.svc:4318/v1/traces"` | http endpoint | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| bridge.signal.admins | list | `[]` | | +| bridge.signal.enabled | bool | `false` | | +| bridge.slack.admins | list | `[]` | | +| bridge.slack.enabled | bool | `false` | | +| commons.networkpolicies.enabled | bool | `false` | | +| commons.networkpolicies.from.ingress | list | `[]` | | +| commons.networkpolicies.from.metrics | list | `[]` | | +| commons.networkpolicies.to.dns | list | `[]` | | +| commons.networkpolicies.to.matrix | list | `[]` | | +| commons.networkpolicies.to.smtp | list | `[]` | | +| databases.authenticationService.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services | +| databases.authenticationService.name | string | `"matrix-authentication-service"` | | +| databases.authenticationService.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) | +| databases.authenticationService.username | string | `"matrix-authentication-service"` | | +| databases.bridge.signal.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services | +| databases.bridge.signal.name | string | `"matrix-bridge-signal"` | | +| databases.bridge.signal.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) | +| databases.bridge.signal.username | string | `"matrix-bridge-signal"` | | +| databases.bridge.slack.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services | +| databases.bridge.slack.name | string | `"matrix-bridge-slack"` | | +| databases.bridge.slack.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) | +| databases.bridge.slack.username | string | `"matrix-bridge-slack"` | | +| databases.server.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services | +| databases.server.name | string | `"matrix-synapse"` | | +| databases.server.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) | +| databases.server.username | string | `"matrix-synapse"` | | +| databases.slidingSync.host | string | `"mycloud-services-postgresql"` | default is from mycloud-services | +| databases.slidingSync.name | string | `"matrix-sliding-sync"` | | +| databases.slidingSync.password | string | `nil` | generated by .commons.masterPassword (equal to mycloud-services) | +| databases.slidingSync.username | string | `"matrix-sliding-sync"` | | +| ingress.authenticationService.annotations | object | `{}` | | +| ingress.authenticationService.host | string | `nil` | default: auth.matrix.(.commons.ingress.domain) | +| ingress.element.annotations | object | `{}` | | +| ingress.element.config.features.feature_location_share_live | bool | `true` | | +| ingress.element.config.features.feature_new_room_decoration_ui | bool | `true` | | +| ingress.element.config.features.feature_notifications | bool | `true` | | +| ingress.element.enabled | bool | `true` | | +| ingress.element.host | string | `nil` | default: element.(.commons.ingress.domain) | +| ingress.elementCall.annotations | object | `{}` | | +| ingress.elementCall.enabled | bool | `false` | deploy element-call | +| ingress.elementCall.host | string | `nil` | default: call.(.commons.ingress.domain) | +| ingress.elementCall.livekitJWT.host | string | `nil` | default: call.(.commons.ingress.domain) | +| ingress.elementCall.livekitJWT.livekit.host | string | `nil` | default: .ingress.livekit.host | +| ingress.elementCall.livekitJWT.livekit.key | string | `nil` | default: .livekit.key | +| ingress.elementCall.livekitJWT.livekit.secret | string | `nil` | default: .livekit.secret | +| ingress.hydrogen.annotations | object | `{}` | | +| ingress.hydrogen.enabled | bool | `false` | | +| ingress.hydrogen.host | string | `nil` | default: hydrogen.(.commons.ingress.domain) | +| ingress.livekit.annotations | object | `{}` | | +| ingress.livekit.enabled | bool | `false` | | +| ingress.livekit.host | string | `nil` | default: sfu.call.(.commons.ingress.domain) | +| ingress.server.annotations | object | `{}` | | +| ingress.server.host | string | `nil` | default: matrix.(.commons.ingress.domain) | +| ingress.server.wellknown.client."m.tile_server".map_style_url | string | `"https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"` | | +| ingress.slidingSync.annotations | object | `{}` | | +| ingress.slidingSync.host | string | `nil` | default: sliding.matrix.(.commons.ingress.domain) | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| livekit.enabled | bool | `false` | deploy livekit for usage with element-call | +| livekit.key | string | `"dev"` | key for api (kind of username) | +| livekit.secret | string | `nil` | secret for api a kind of password (default: generated by .commons.masterPassword) | +| persistence.size | string | `"16Gi"` | | +| persistence.storageClass | string | `nil` | | +| server.auth.clientID | string | `nil` | generated by .commons.masterPassword | +| server.auth.clientSecret | string | `nil` | generated by .commons.masterPassword | +| server.auth.webClient | string | `nil` | default: element.(.commons.ingress.domain) | +| server.authenticationService.admins | list | `[]` | | +| server.authenticationService.enabled | bool | `false` | | +| server.host | string | `nil` | default: (commons.ingress.domain) | +| server.mail.from | string | `nil` | generade by .commons.mail.from | +| server.mail.host | string | `nil` | default .commons.mail.host | +| server.scaling | bool | `false` | | +| server.slidingSync.enabled | bool | `false` | | +| server.software | string | `"synapse"` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/mycloud-matrix/_docs.gotmpl b/mycloud-matrix/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/mycloud-nextcloud/README.md b/mycloud-nextcloud/README.md new file mode 100644 index 0000000..446dcc6 --- /dev/null +++ b/mycloud-nextcloud/README.md @@ -0,0 +1,136 @@ +--- +title: "mycloud-nextcloud" + +description: "myCloud component to setup nextcloud" + +--- + +# mycloud-nextcloud + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +myCloud component to setup nextcloud + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.auth.host | string | `nil` | default auth.(.Values.commons.ingress.domain) | +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons Ingress + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.ingress.annotations | object | `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}` | annotations for all ingress objects | +| commons.ingress.domain | string | `"wrenix.eu"` | top domain for all services | +| commons.ingress.tls.enabled | bool | `true` | tls on every ingress | +| commons.ingress.tls.override | list | `[]` | use own definition of tls (e.g. for own or wildcard certificate) | + +### Commons mail + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.mail.from | string | `nil` | send from address | +| commons.mail.host | string | `nil` | smtp server | +| commons.mail.password | string | `nil` | smtp password | +| commons.mail.use_ssl | bool | `false` | smtp server use ssl | +| commons.mail.use_tls | bool | `false` | smtp server use start tls | +| commons.mail.username | string | `nil` | smtp username | + +### Commons Persistence + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC | +| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path | +| commons.persistence.storageClass | string | `nil` | storageClass of PVC | + +### Commons Monitoring + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.prometheus.monitor.labels | object | `{}` | labels on Pod- and Service-Monitor | +| commons.prometheus.rules.labels | object | `{}` | labels on PrometheusRules | + +### Commons Redis + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.redis.replicas | int | `0` | replicas | + +### Commons theme + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.theme.favicon | string | `"/static/dist/assets/icons/icon.png"` | favicon everywhere | +| commons.theme.logo | string | `"/static/dist/assets/icons/icon_left_brand.svg"` | logo everywhere | +| commons.theme.title | string | `"myCloud"` | title everywhere | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| adminPassword | string | `nil` | generated by .Values.commons.masterPassword | +| apps.calendar.enabled | bool | `true` | | +| apps.checksum.enabled | bool | `true` | | +| apps.contacts.enabled | bool | `true` | | +| apps.dashboard.enabled | bool | `false` | | +| apps.deck.enabled | bool | `true` | | +| apps.firstrunwizard.enabled | bool | `false` | | +| apps.memories.enabled | bool | `false` | | +| apps.notes.enabled | bool | `true` | | +| apps.richdocuments.config.wopi_url | string | `nil` | | +| apps.richdocuments.enabled | bool | `false` | | +| auth.clientID | string | `nil` | generated by .Values.commons.masterPassword | +| auth.clientSecret | string | `nil` | generated by .Values.commons.masterPassword | +| auth.idMapping | string | `"sub"` | oidc field which us used as id in nextcloud for username (for security reason it is sub, but could be overwritten by username) https://goauthentik.io/integrations/services/nextcloud/#provider-and-application | +| chart.ref | object | `{"branch":"main"}` | for default set: null | +| chart.url | string | `"https://github.com/wrenix/nextcloud-helm.git"` | for default set: https://nextcloud.github.io/helm/ | +| commons.networkpolicies.enabled | bool | `false` | | +| commons.networkpolicies.from.ingress | list | `[]` | | +| commons.networkpolicies.from.metrics | list | `[]` | | +| commons.networkpolicies.to.dns | list | `[]` | | +| config | object | `{}` | | +| database.host | string | `"mycloud-services-postgresql"` | default is from mysql-services | +| database.name | string | `"nextcloud"` | | +| database.password | string | `nil` | generated by .Values.commons.masterPassword (equal to mycloud-services) | +| database.username | string | `"nextcloud"` | | +| default.language | string | `"en"` | | +| default.maintenanceWindowStart | int | `1` | | +| default.phoneRegion | string | `"GB"` | | +| imaginary.enabled | bool | `true` | | +| ingress.annotations | string | `nil` | | +| ingress.host | string | `nil` | default: fs.(Values.commons.ingress.domain) | +| init.namespace | string | `"bases"` | | +| init.version | int | `0` | | +| limits.memory | string | `"512M"` | | +| limits.upload | string | `"2G"` | | +| mail.authtype | string | `"PLAIN"` | | +| mail.from | string | `nil` | generade by Values.commons.mail.from | +| mail.host | string | `nil` | default Values.commons.mail.host | +| persistence.data.pvc | string | `"nextcloud-data"` | | +| persistence.data.size | string | `"16Gi"` | | +| persistence.main.pvc | string | `"nextcloud"` | | +| persistence.main.size | string | `"8Gi"` | | +| quota | string | `nil` | default quota for an user | +| theme.color | string | `nil` | set theme color in nextcloud | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/mycloud-nextcloud/_docs.gotmpl b/mycloud-nextcloud/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/mycloud-services/README.md b/mycloud-services/README.md new file mode 100644 index 0000000..cb4292c --- /dev/null +++ b/mycloud-services/README.md @@ -0,0 +1,58 @@ +--- +title: "mycloud-services" + +description: "A Helm chart for Kubernetes" + +--- + +# mycloud-services + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Values + +### Commons helm release + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.helm.release.driftDetection | object | `{}` | driftDetection of FluxCD HelmRelease | +| commons.helm.release.install | object | `{}` | install of FluxCD HelmRelease | +| commons.helm.release.test | object | `{}` | test of FluxCD HelmRelease | +| commons.helm.release.upgrade | object | `{}` | upgrade of FluxCD HelmRelease | + +### Commons + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.masterPassword | string | `"CHANGEME"` | masterPassword to generate secrets | + +### Commons Persistence + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commons.persistence.hostPath.enabled | bool | `false` | use hostPath instatt of PVC | +| commons.persistence.hostPath.prefix | string | `"/var/lib/mycloud"` | use hostPath under the following path | +| commons.persistence.storageClass | string | `nil` | storageClass of PVC | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| databases | object | `{"example":{"additionalParams":null,"password":null,"type":"none","username":"example-password"}}` | create databases | +| databases.example.additionalParams | string | `nil` | additional params for databases | +| databases.example.password | string | `nil` | if not set generated by .Values.commons.masterPassword and databasename | +| databases.example.type | string | `"none"` | database type (current only "postgresql" is supported) | +| databases.example.username | string | `"example-password"` | username default like database | +| postgresql.password | string | `nil` | root | +| postgresql.persistence.size | string | `"10G"` | | +| postgresql.persistence.storageClass | string | `nil` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/mycloud-services/_docs.gotmpl b/mycloud-services/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/template/README.md b/template/README.md new file mode 100644 index 0000000..089d7cd --- /dev/null +++ b/template/README.md @@ -0,0 +1,103 @@ +--- +title: "