wrenix/flux-charts
1
0
Fork 0
Code Issues 14 Pull requests 1 Projects Releases Packages Wiki Activity Actions

chore(global): drop asciidoc support

Browse source
This commit is contained in:
WrenIX 2024-11-21 16:50:59 +01:00
parent f4ba205b8d
commit c863fcaa6c
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
55 changed files with 41 additions and 4209 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
/*.tgz

145
base/README.adoc
View file

@ -1,145 +0,0 @@
= base
image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Base
|===
| Key | Type | Default | Description
| base.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| base.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| base.helm.release.interval
| string
| `"10m"`
| interval of FluxCD HelmRelease
| base.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| base.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
| base.helm.release.valuesFrom
| list
| `[]`
| valuesFrom for every components (for use values from ConfigMap or Secret)
| base.helm.repo.interval
| string
| `"10m"`
| interval of FluxCD Repository
| base.helm.repo.namespace
| string
| `nil`
| namespace, where the GitRepo resource is installed (maybe needed together with secretRef)
| base.helm.repo.ref
| object
| `{"branch":"main"}`
| default ref (if no branch is set - maybe overwritten by semver or so)
| base.helm.repo.secretRef
| string
| `nil`
| secret to get access to the git-repo
| base.helm.repo.url
| string
| `"https://codeberg.org/wrenix/flux-charts.git"`
| git repo where all components are stored
| base.helm.repo.verify
| string
| `nil`
| secret to get access to the git-repo
| base.namespace.labels
| object
| `{}`
| labels for every new created namespace (together or overwritten by components.<component-release-name.namespace.labels)
|===
.Values Shared Values - between all components
|===
| Key | Type | Default | Description
| commons
| object
| `{}`
| commons are values which are additional
| global
| object
| `{}`
| global are values which overwrite values global
|===
.Values A Component
|===
| Key | Type | Default | Description
| components.<component-release-name>.enabled
| bool
| `false`
| enable component-release to install
| components.<component-release-name>.name
| string
| `nil`
| optional component-name (if not set component-release-name is used as component-name)
| components.<component-release-name>.namespace.labels
| object
| `{}`
| if create a new namespace use labels (and the common namespace.labels)
| components.<component-release-name>.namespace.name
| string
| `nil`
| if not set, it reuse namespace where this base-chart is deployed
| components.<component-release-name>.namespace.skip_create
| bool
| `false`
| use the named namespace but does not create it
| components.<component-release-name>.values
| object
| `{}`
| set values on component-release
| components.<component-release-name>.valuesFrom
| list
| `[]`
| valuesFrom just for this component (for use values from ConfigMap or Secret)
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

13
docs/antora.yml
View file

@ -1,13 +0,0 @@
name: wrenix-flux
title: "WrenIX's FluxCD (charts)"
version:
v(?<version>+({0..9}).+({0..9}).+({0..9})).*: $<version>
main: latest
nav:
- modules/ROOT/nav.adoc
- modules/fluxcd/nav.adoc
- modules/base/nav.adoc
- modules/infra/nav.adoc
- modules/mycloud/nav.adoc
- modules/components/nav.adoc

1
docs/modules/ROOT/nav.adoc
View file

@ -1 +0,0 @@
* xref:index.adoc[Home]

4
docs/modules/ROOT/pages/index.adoc
View file

@ -1,4 +0,0 @@
= WrenIXs FluxCD-Repository
This repository just contains helm-charts (and some values) which are usable with https://fluxcd.io/
Any helm-chart here is supposed to deploy fluxcd-resource and is called in this documentation as component (exclude xref:base:index.adoc[Base] which is supposed to bundle multiple components).

3
docs/modules/base/nav.adoc
View file

@ -1,3 +0,0 @@
* Base
** xref:index.adoc[Home]
** xref:README.adoc[Readme]

1
docs/modules/base/pages/README.adoc
View file

@ -1 +0,0 @@
../../../../base/README.adoc

174
docs/modules/base/pages/index.adoc
View file

@ -1,174 +0,0 @@
= Base
This Helm-Chart called base is there to bundle multiple components (helm-charts which maybe deployes another flux-repository).
== Base-Values
On this way, it is possible to use one `values.yaml` to setup multiple-components together or multiple overlapping `values.yaml` (e.g. for staging, stacks and so on).
For example, take an look in my xref:infra:index.adoc[Infra] and xref:mycloud:index.adoc[myCloud] stack.
[WARNING]
====
I will do a versioning of this Base Helmchart and every components chart (but not for my default values).
This is just for my setups.
As in Hint, it is possible to use `valuesFrom:` and deploy ConfigMap, see https://fluxcd.io/flux/components/helm/helmreleases/#values-references[fluxcd].
====
=== Shared Values
The values `global:` and `commons:` are down passed into every component values.
This values could be overwritten inside the setup of every component `components.<component-name>.global:` or `components.<component-name>.commons:`.
See also xref:#_values[Components - Values]
== Components
The components are an helmchart in the `commons.helm.chart.sourceRef` root.
Everything else is components specific and could be set under:
[source,yaml]
----
commons:
namespace:
labels:
orgs: example
helm:
release:
install:
test:
upgrade:
driftDetection:
componentCommons:
helm:
release:
interval: 10m
components:
<component-release-name>:
enabled: true <1>
name: <2>
namespace: <3>
name:
labels:
team: my
skip_create: false
valuesFrom: <4>
values: <5>
----
<1> install this components (or not)
<2> if set use component by name otherwise component is used by component-release-name
<3> setup namespace, where component is deployed (e.g. name, labels of namespace, skip-create) if not set use namespace of current Base
<4> use `valuesFrom` an `Secret` or `ConfigMap`
<5> use values direct
=== Namespace
It is possible to deploy an components into a specific namespace (and create this).
==== Use existing Namespace
[source,yaml]
----
components:
<component-release-name>:
namespace:
name: "default"
skip_create: true
----
==== Same Namespace as Base
[source,yaml]
----
components:
<component-release-name>:
namespace:
name: nil <1>
----
<1> or never set this part
==== New Namespace
[source,yaml]
----
commons:
namespace:
labels: <1>
orgs: example
components:
<component-release-name>:
namespace:
name: "my-namespace"
labels: <2>
team: my
----
<1> optional with labels on every new namespace by this component-release
<2> optional with labels on this component-release
=== Values
There are multiple options to set values of an components.
Here in short the four options and order by overwrite priority.
[source,yaml]
----
global: <3>
commons: <3>
componentCommons:
helm:
release:
valuesFrom: <1>
components:
<component-release-name>:
valuesFrom: [] <2>
values: <4>
----
<1> `valuesFrom` for every components (e.g one or multiple `ConfigMap` or `Secrets`)
<2> `valuesFrom` of a specific component
<3> `global:` or `commons` for every componets
<4> values for a specific component
==== Adjust Component setup (fluxcd values)
[source,yaml]
----
commons: <1>
helm:
release:
install:
test:
upgrade:
driftDetection:
componentCommons:
helm:
release: <2>
interval: 10m
----
<1> is part of commons, for maybe reuse inside of an component-chart.
<2> is part of componentCommons for just use of component use level.
==== init-Version
[WARNING]
====
Since FluxCD supports driftDetection (with version 2.2) we maybe drop that idea.
====
This is a small workaround to setup manifest in later step / rerun an component-chart, as e.g. CRD installation by an HelmRelease which is part of the used Component-Chart.
.Helper which should be put into the Component-Chart (with Capabilities if every is there to setup / to retries)
[source,yaml]
----
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-init
namespace: "{{ .Values.init.namespace }}"
data:
{{- if and
(.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule")
(.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor")
}}
init: "-1"
{{- else }}
init: "{{ add1 .Values.init.version }}"
{{- end }}
----

58
docs/modules/components/README.adoc.gotmpl
View file

@ -1,58 +0,0 @@
{{ define "chart.header" }}= {{ .Name }}
{{ end }}
{{ define "chart.versionBadge" }}
image::https://img.shields.io/badge/Version-{{ .Version | replace "-" "--" }}-informational?style=flat-square[Version: {{ .Version }}]{{end}}
{{ define "chart.typeBadge" }}
image::https://img.shields.io/badge/Version-{{ .Type }}-informational?style=flat-square[Type: {{ .Type }}]{{end}}
{{ define "chart.appVersionBadge" }}{{- if (ne .AppVersion "") }}
image::https://img.shields.io/badge/AppVersion-{{ .AppVersion }}-informational?style=flat-square[AppVersion: {{ .AppVersion }}]{{ end }}{{end}}
{{ define "chart.maintainersHeader" }}== Maintainers{{ end }}
{{ define "chart.maintainersTable" }}.Maintainers
|===
| Name | Email | Url
{{- range .Maintainers }}
| {{ .Name }}
| {{ if .Email }}<{{ .Email }}>{{ end }}
| {{ if .Url }}<{{ .Url }}>{{ end }}
{{- end }}
|===
{{ end }}
{{ define "chart.valuesHeader" }}== Values{{ end }}
{{ define "chart.valuesTable" -}}
{{- if .Sections.Sections -}}
{{- range .Sections.Sections }}
.Values {{.SectionName }}
{{ template "chart.valuesOneTable" .SectionItems }}
{{- end }}{{/* range sections*/}}
{{- if .Sections.DefaultSection.SectionItems -}}
.Values {{.Sections.DefaultSection.SectionName }}
{{ template "chart.valuesOneTable" .Sections.DefaultSection.SectionItems }}
{{- end }}{{/* end default section */}}
{{- else }}{{/* if no sections */}}
.Values
{{ template "chart.valuesOneTable" .Values }}
{{- end }}
{{ end }}{{/* end chart.valuesTable */}}
{{ define "chart.valuesOneTable" -}}
|===
| Key | Type | Default | Description
{{- range . }}
| {{ .Key }}
| {{ .Type }}
| {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }}
| {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }}
{{- end }}
|===
{{ end }}{{/* end chart.valuesOneTable */}}
{{ template "chart.header" . }}
{{ template "chart.deprecationWarning" . }}
{{ template "chart.badgesSection" . }}
{{ template "chart.maintainersSection" . }}
{{ template "chart.valuesSection" . }}
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

15
docs/modules/components/nav.adoc
View file

@ -1,15 +0,0 @@
* components
** xref:infra-certificates.adoc[infra-certificates]
** xref:infra-fluxcd.adoc[infra-fluxcd]
** xref:infra-ingress.adoc[infra-ingress]
** xref:infra-logging.adoc[infra-logging]
** xref:infra-monitoring.adoc[infra-monitoring]
** xref:infra-trivy.adoc[infra-trivy]
** xref:mycloud-authentik.adoc[mycloud-authentik]
** xref:mycloud-collabora.adoc[mycloud-collabora]
** xref:mycloud-firefly-iii.adoc[mycloud-firefly-iii]
** xref:mycloud-gotosocial.adoc[mycloud-gotosocial]
** xref:mycloud-matrix.adoc[mycloud-matrix]
** xref:mycloud-nextcloud.adoc[mycloud-nextcloud]
** xref:mycloud-services.adoc[mycloud-services]
** xref:template.adoc[template]

1
docs/modules/components/pages/infra-certificates.adoc
View file

@ -1 +0,0 @@
../../../../infra-certificates/README.adoc

1
docs/modules/components/pages/infra-fluxcd.adoc
View file

@ -1 +0,0 @@
../../../../infra-fluxcd/README.adoc

1
docs/modules/components/pages/infra-ingress.adoc
View file

@ -1 +0,0 @@
../../../../infra-ingress/README.adoc

1
docs/modules/components/pages/infra-logging.adoc
View file

@ -1 +0,0 @@
../../../../infra-logging/README.adoc

1
docs/modules/components/pages/infra-monitoring.adoc
View file

@ -1 +0,0 @@
../../../../infra-monitoring/README.adoc

1
docs/modules/components/pages/infra-trivy.adoc
View file

@ -1 +0,0 @@
../../../../infra-trivy/README.adoc

1
docs/modules/components/pages/mycloud-authentik.adoc
View file

@ -1 +0,0 @@
../../../../mycloud-authentik/README.adoc

1
docs/modules/components/pages/mycloud-collabora.adoc
View file

@ -1 +0,0 @@
../../../../mycloud-collabora/README.adoc

1
docs/modules/components/pages/mycloud-firefly-iii.adoc
View file

@ -1 +0,0 @@
../../../../mycloud-firefly-iii/README.adoc

1
docs/modules/components/pages/mycloud-gotosocial.adoc
View file

@ -1 +0,0 @@
../../../../mycloud-gotosocial/README.adoc

1
docs/modules/components/pages/mycloud-matrix.adoc
View file

@ -1 +0,0 @@
../../../../mycloud-matrix/README.adoc

1
docs/modules/components/pages/mycloud-nextcloud.adoc
View file

@ -1 +0,0 @@
../../../../mycloud-nextcloud/README.adoc

1
docs/modules/components/pages/mycloud-services.adoc
View file

@ -1 +0,0 @@
../../../../mycloud-services/README.adoc

1
docs/modules/components/pages/template.adoc
View file

@ -1 +0,0 @@
../../../../template/README.adoc

1
docs/modules/fluxcd/nav.adoc
View file

@ -1 +0,0 @@
* xref:index.adoc[Flux]

57
docs/modules/fluxcd/pages/index.adoc
View file

@ -1,57 +0,0 @@
= FluxCD
== Install FluxCD into a cluster
Here i install it with connection to codeberg:
* the path is just for the cluster
* the url a repo where fluxcd (in given path) install itself and monitor
* i just install my needed components (i skip notification-controller, i prefer prometheus and alerting)
[source,bash]
----
flux bootstrap git --components source-controller,kustomize-controller,helm-controller --path=<path> --url ssh://git@codeberg.org/wrenix/<repo>.git
----
=== Secure with verify
Afterwards we need to setup a verification with GPG, so that nobody else could commit any workload in your cluster.
That is because i select an public git hosting (here codeberg), i trust them but maybe it get compromised one time.
in your repository the flux cli has created an `<path>/flux-system/kustomization.yaml`, we will edit them.
[source,patch]
----
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- gotk-components.yaml
- gotk-sync.yaml
+patches:
+ - target:
+ kind: GitRepository
+ name: flux-system
+ patch: |-
+ apiVersion: source.toolkit.fluxcd.io/v1
+ kind: GitRepository
+ metadata:
+ name: flux-system
+ spec:
+ verify: <1>
+ mode: HEAD
+ secretRef:
+ name: gpg-publickey
+
+generatorOptions:
+ disableNameSuffixHash: true <2>
+
+secretGenerator:
+ - name: gpg-publickey <3>
+ namespace: flux-system
+ files:
+ - gpg-publickey/wrenix.gpg <4>
----
<1> add verify, that only HEAD git commit with valide gpg signature is used
<2> on the next generate, do not add hash
<3> generate kubernetes Secret with the name `gpg-publickey` which is used in the patched GitRepository, see <1>
<4> Add list of valide gpg key files

4
docs/modules/infra/nav.adoc
View file

@ -1,4 +0,0 @@
* Infra
** xref:index.adoc[Home]
** xref:monitoring.adoc[Monitoring]
** xref:auth.adoc[Auth / myCloud]

31
docs/modules/infra/pages/auth.adoc
View file

@ -1,31 +0,0 @@
= Authentification
It is possible to use xref:components/mycloud-authentik.adoc[mycloud-authentik] (or with ``./base-values/mycloud-core.yaml`).
[source,yaml]
----
commons:
auth:
enabled: true <1>
namespace: "mycloud" <2>
authentik:
domain: "auth.wrenix.eu" <3>
backend: "mycloud-authentik-hr" <4>
components:
infra-monitoring:
grafana:
auth:
anonymous:
enabled: false <5>
----
<1> enable to configurate own ressurces and mycloud (blueprint for authentik)
<2> namespace where authentik of mycloud runs (where to put blueprint secrets)
<3> domain of authentik (for setup OIDCs and so on on own instances)
<4> backend of authentik for logout ingresses of infra-components
<5> configure grafana to disable anonymous auth (just use authentik SSO / OIDC)
For the following software an proxy based setup handled (current just traefik is supported):
* alertmanager
* karma
* prometheus

114
docs/modules/infra/pages/index.adoc
View file

@ -1,114 +0,0 @@
= Infrastructure
a bundle of software which should run on every kubernetes cluster.
== Components
The following components for an infrastructure setup exists:
include::partial-list-components.adoc[]
== Usage
My `base-values/infra.yaml` use for the different components extra namespaces.
.Example usage (warning, the `base-values` are not versioned, see xref:base:index.adoc[Base])
[source,yaml]
----
---
apiVersion: v1
kind: Namespace
metadata:
name: infra <1>
---
apiVersion: v1
kind: Secret <2>
metadata:
name: infra-secret
namespace: infra <1>
data:
masterPassword: MASTER_PASSWORD_FOR_GENERATE_EVERY_A_NEW_ONE
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: wrenix-flux-charts <3>
namespace: flux-system
spec:
url: https://codeberg.org/wrenix/flux-charts.git
ref:
branch: main
interval: 10m
# for more info about verification take an look here:
# - https://fluxcd.io/flux/components/source/gitrepositories/#verification
# - https://wrenix.codeberg.page/docs/wrenix-flux/latest/#_secure_with_verify
# later replaced with oci and cosign
# verify:
# mode: HEAD
# secretRef:
# name: gpg-publickey
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: infra <4>
namespace: infra <1>
spec:
chart:
spec:
sourceRef:
kind: GitRepository
name: wrenix-flux-charts <3>
namespace: flux-system
chart: "./base"
reconcileStrategy: "Revision"
valuesFiles:
- "./base/values.yaml"
- "./base-values/commons.yaml" <5>
- "./base-values/infra.yaml" <6>
interval: 10m
values:
##
# Commons
##
commons:
helm:
chart:
sourceRef: <3>
kind: GitRepository
name: wrenix-flux-charts
namespace: flux-system
ingress:
domain: "my-infra.eu" <7>
componentCommons:
helm:
release:
valuesFrom:
- kind: Secret <2>
name: infra-secret
valuesKey: masterPassword
targetPath: commons.masterPassword
##
# Compoments
##
components: <8>
infra-certificates:
values:
email: host.acme@wrenix.eu
infra-monitoring:
values:
prometheus:
exporter:
blackbox:
enabled: true
----
<1> namespace where install all the components later
<2> secret to bypass secure values into the infra-components (masterPassword)
<3> reference where base and all the components are founded by fluxcd
<4> use of base-helm chart for fluxcd to bundle the different infra-components together
<5> use my default commons values for flux-chart components
<6> use my default to setup all commons for infra and infra components
<7> setup default domain (where subdomains are generate for the different components)
<8> overwrite componets values (here setup default also certmanager email for Let's Encrypt and setup prometheus-blackbox-exporter)

35
docs/modules/infra/pages/monitoring.adoc
View file

@ -1,35 +0,0 @@
= Monitoring
We deploy by default all resources to monitor every deployment.
For adjusting of the labels, there are following values in `commons` of the xref::base:index.adoc[Base].
[source,yaml]
----
commons:
grafana:
datasource:
labels: <1>
grafana_datasource: "1"
dashboards:
labels: <2>
grafana_dashboard: "1"
annotations: <3>
prometheus:
alertmanager:
labels: <4>
alertmanager: default
monitor:
labels: <5>
prometheus: default
rules:
labels: <6>
prometheus: default
----
<1> used labels on `Secrets` and `ConfigMap` metadata for usage for filter for Datasource of Grafana-Sidecar
<2> used labels on `Secrets` and `ConfigMap` metadata for usage for filter for Dashboards of Grafana-Sidecar
<3> used annotations on `Secrets` and `ConfigMap` metadata of Dashboards for usage configuration of Grafana-Sidecar (useful for but Dashboards into Folders on Grafana)
<4> used labels on `AlertmanagerConfig` metadata for usage for filter on `Alertmanager` instance of https://prometheus-operator.dev/[promethues-operator]
<5> used labels on `ServiceMonitor` and `PodMonitor` metadata for usage for filter on `Prometheus` instance of https://prometheus-operator.dev/[promethues-operator]
<6> used labels on `PrometheusRules` metadata for usage for filter on `Prometheus` instance of https://prometheus-operator.dev/[prometheus-operator]

7
docs/modules/infra/pages/partial-list-components.adoc
View file

@ -1,7 +0,0 @@
* xref:components:infra-certificates.adoc[infra-certificates]
* xref:components:infra-fluxcd.adoc[infra-fluxcd]
* xref:components:infra-ingress.adoc[infra-ingress]
* xref:components:infra-logging.adoc[infra-logging]
* xref:components:infra-monitoring.adoc[infra-monitoring]
* xref:components:infra-trivy.adoc[infra-trivy]

7
docs/modules/mycloud/nav.adoc
View file

@ -1,7 +0,0 @@
* myCloud
** xref:index.adoc[Home]
** xref:persistence.adoc[Persistence]
** xref:mail.adoc[Mail]
** xref:ingress.adoc[Ingress]
** xref:theme.adoc[Theme]
** xref:monitoring.adoc[Monitoring]

142
docs/modules/mycloud/pages/index.adoc
View file

@ -1,142 +0,0 @@
= myCloud
a bundle of OpenSource Software with one user management.
Current based only on: https://goauthentik.io[authentik]
== First Login
Your main Account must be initalized:
`https://auth.<commons.ingress.domain>/if/flow/initial-setup/`
== Components
The following components for an myCloud setup exists:
include::partial-list-components.adoc[]
== Usage
My `base-values/mycloud-*.yaml` does not set any namespace, so the same the the Base-Helmchart is used (maybe you like to use multiple myClouds in different namespaces).
.Example usage (warning, the `base-values` are not versioned, see xref:base:index.adoc[Base]):
[source,yaml]
----
---
apiVersion: v1
kind: Namespace
metadata:
name: mycloud <1>
---
apiVersion: v1
kind: Secret <2>
metadata:
name: mycloud-mail
namespace: mycloud <1>
data:
password: MAIL_ACCOUNT_PASSWORD
---
apiVersion: v1
kind: Secret <3>
metadata:
name: mycloud-master-password
namespace: mycloud <1>
data:
masterPassword: MASTER_PASSWORD_FOR_GENERATE_EVERY_A_NEW_ONE
---
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
name: wrenix-flux-charts <4>
namespace: flux-system
spec:
url: https://codeberg.org/wrenix/flux-charts.git
ref:
branch: main
interval: 10m
# for more info about verification take an look here:
# - https://fluxcd.io/flux/components/source/gitrepositories/#verification
# - https://wrenix.codeberg.page/docs/wrenix-flux/latest/#_secure_with_verify
# later replaced with oci and cosign
# verify:
# mode: HEAD
# secretRef:
# name: gpg-publickey
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: mycloud <5>
namespace: mycloud <1>
spec:
chart:
spec:
sourceRef:
kind: GitRepository
name: wrenix-flux-charts <4>
namespace: flux-system
chart: "./base"
reconcileStrategy: "Revision"
valuesFiles:
- "./base/values.yaml"
- "./base-values/commons.yaml" <6>
- "./base-values/mycloud-core.yaml" <7>
- "./base-values/mycloud-nextcloud.yaml" <8>
- "./base-values/mycloud-collabora.yaml" <9>
interval: 10m
values:
##
# Commons
##
commons:
mail: <10>
host: "posteo.de"
username: "mycloud@posteo.net"
use_tls: true
from: "mycloud@posteo.net"
helm:
chart:
sourceRef: <4>
kind: GitRepository
name: wrenix-flux-charts
namespace: flux-system
ingress:
domain: "mycloud.eu" <11>
componentCommons:
helm:
release:
valuesFrom:
- kind: Secret <3>
name: mycloud-master-password
valuesKey: masterPassword
targetPath: commons.masterPassword
- kind: Secret <2>
name: mycloud-mail
valuesKey: password
targetPath: commons.mail.password
##
# Compoments
##
components:
mycloud-nextcloud:
values: <12>
quota: "100 MB"
----
<1> namespace where install all the components later
<2> secret to bypass secure values into the mycloud-components (mail)
<3> secret to bypass secure values into the mycloud-components (masterPassword)
<4> reference where base and all the components are founded by fluxcd
<5> use of base-helm chart for fluxcd to bundle the different mycloud-components together
<6> use my default commons values for flux-chart components
<7> use my default to setup all commons for mycloud-components and the mycloud-core components (e.g. xref:components:mycloud-services.adoc[mycloud-services] and xref:components:mycloud-authentik.adoc[mycloud-authentik])
<8> use my default values for usage of xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud] (it also configure xref:components:mycloud-services.adoc[mycloud-services] for another database and xref:components:mycloud-authentik.adoc[mycloud-authentik] for user management)
<9> use my default values for usage of xref:components:mycloud-collabora.adoc[mycloud-collabora] (it also configure xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud] if it is also used)
<10> setup default mail configuration (for all components) for more commons values take an look into the used components (or `base-values`)
<11> setup default domain (where subdomains are generate for the different components)
<12> overwrite componets values (here setup default quota for an use in xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud])

85
docs/modules/mycloud/pages/ingress.adoc
View file

@ -1,85 +0,0 @@
= Ingress
Per default, the ingress domain and tls could be set,
The domain is used, to set for every components per default an subdomain by this domain.
(This could be overwritten by see xref:#_change_host__domain_per_components[Change Host / Domain per Components].)
If you do not like to setup for every ingress-tls an new cert secrets (e.g. you do not use an cert-manager), the you could override it global with your on entry.
[source,yaml]
----
commons:
ingress:
domain:
tls:
enabled: true
override:
----
== Annotations
It is possible to set annotations global or per components:
[source,yaml]
----
commons:
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
components:
mycloud-authentik:
values:
ingress:
annotations:
traefik.ingress.kubernetes.io/router.middlewares: ingress-redirect-https@kubernetescrd
----
== Change Host / Domain per Components
=== Authentik
[source,yaml]
----
commons:
auth:
host: "login.wrenix.eu"
components:
mycloud-authentik:
values:
ingress:
host: "login.wrenix.eu"
----
=== Nextcloud
[source,yaml]
----
components:
mycloud-nextcloud:
values:
ingress:
host: "files.wrenix.eu:"
mycloud-collabora:
values:
allowedHosts:
files.wrenix.eu: []
----
=== Collabora
[source,yaml]
----
components:
mycloud-nextcloud:
values:
apps:
richdocuments:
enabled: true
config:
wopi_url: "https://office.wrenix.eu"
mycloud-collabora:
values:
ingress:
host: "office.wrenix.eu"
----

26
docs/modules/mycloud/pages/mail.adoc
View file

@ -1,26 +0,0 @@
= Mail
[source,yaml]
----
commons:
mail:
host:
username:
password:
from: "no-reply@example.org"
use_tls: false
use_ssl: false
components:
mycloud-authentik:
values:
mail:
from:
mycloud-nextcloud:
values:
mail:
from:
host:
authtype: PLAIN
----

1
docs/modules/mycloud/pages/monitoring.adoc
View file

@ -1 +0,0 @@
../../infra/pages/monitoring.adoc

8
docs/modules/mycloud/pages/partial-list-components.adoc
View file

@ -1,8 +0,0 @@
* xref:components:mycloud-authentik.adoc[mycloud-authentik]
* xref:components:mycloud-collabora.adoc[mycloud-collabora]
* xref:components:mycloud-firefly-iii.adoc[mycloud-firefly-iii]
* xref:components:mycloud-gotosocial.adoc[mycloud-gotosocial]
* xref:components:mycloud-matrix.adoc[mycloud-matrix]
* xref:components:mycloud-nextcloud.adoc[mycloud-nextcloud]
* xref:components:mycloud-services.adoc[mycloud-services]

29
docs/modules/mycloud/pages/persistence.adoc
View file

@ -1,29 +0,0 @@
= Persistence
[source,yaml]
----
commons:
persistence:
storageClass:
hostPath:
enabled: false
prefix: "/var/lib/mycloud"
components:
mycloud-services:
values:
postgresql:
persistence:
storageClass:
size: "10G"
mycloud-nextcloud:
values:
persistence:
main:
pvc: "nextcloud"
size: 8Gi
data:
pvc: "nextcloud-data"
size: 16Gi
----

17
docs/modules/mycloud/pages/theme.adoc
View file

@ -1,17 +0,0 @@
= Theme
[source,yaml]
----
commons:
theme:
title:
logo:
favicon:
components:
mycloud-authentik:
values:
theme:
background: >
----

89
infra-certificates/README.adoc
View file

@ -1,89 +0,0 @@
= infra-certificates
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.grafana.dashboards.labels
| object
| `{"grafana_dashboard":"1"}`
| labels of grafana dashboard configmap
| commons.grafana.datasource.labels
| object
| `{"grafana_datasource":"1"}`
| labels of grafana datasource configmap and secret
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Other Values
|===
| Key | Type | Default | Description
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
| email
| string
| `"an@example.org"`
|
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

2
infra-certificates/grafana_dashboards/README.adoc → infra-certificates/grafana_dashboards/README.md
View file

@ -1,4 +1,4 @@
= Cert-Manager
# Cert-Manager
Dashboard downloaded from:
https://gitlab.com/uneeq-oss/cert-manager-mixin/-/blob/eae22f642aaa5d422e4766f6811df2158fc05539/dashboards/cert-manager.json

64
infra-fluxcd/README.adoc
View file

@ -1,64 +0,0 @@
= infra-fluxcd
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.grafana.dashboards.labels
| object
| `{"grafana_dashboard":"1"}`
| labels of grafana dashboard configmap
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Other Values
|===
| Key | Type | Default | Description
| grafana.dashboards.annotations
| object
| `{}`
| annotations of grafana dashboard configmap
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| prometheus.kubeStateMetricsConfig.namespace
| string
| `nil`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

144
infra-ingress/README.adoc
View file

@ -1,144 +0,0 @@
= infra-ingress
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
|===
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
|===
.Values Commons Tracing
|===
| Key | Type | Default | Description
| commons.tracing.enabled
| bool
| `false`
| enable tracing on all components
| commons.tracing.grpc.enabled
| bool
| `true`
| prefer grpc over http
| commons.tracing.grpc.endpoint
| string
| `"tempo.monitoring.svc:4317"`
| grpc endpoint
| commons.tracing.grpc.insecure
| bool
| `true`
| allow insecure connection per grpc
| commons.tracing.http.endpoint
| string
| `"http://tempo.monitoring.svc:4318/v1/traces"`
| http endpoint
|===
.Values Other Values
|===
| Key | Type | Default | Description
| controller
| string
| `"traefik"`
|
| external
| bool
| `true`
|
| hostNetwork
| bool
| `true`
|
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| logs.access
| bool
| `false`
|
| traefik.additionalArguments
| list
| `[]`
|
| traefik.hostPath
| string
| `"/srv/k8s/pv/pvc-traefik-certs"`
|
| traefik.ports
| object
| `{}`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

99
infra-logging/README.adoc
View file

@ -1,99 +0,0 @@
= infra-logging
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.grafana.dashboards.labels
| object
| `{"grafana_dashboard":"1"}`
| labels of grafana dashboard configmap
| commons.grafana.datasource.labels
| object
| `{"grafana_datasource":"1"}`
| labels of grafana datasource configmap and secret
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Other Values
|===
| Key | Type | Default | Description
| fluentd.replicas
| int
| `1`
|
| grafana.dashboards.annotations
| object
| `{}`
| annotations of grafana dashboard configmap
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| loki.enabled
| bool
| `true`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

389
infra-monitoring/README.adoc
View file

@ -1,389 +0,0 @@
= infra-monitoring
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `false`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons
|===
| Key | Type | Default | Description
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
|===
.Values Other Values
|===
| Key | Type | Default | Description
| alertmanager.auth.anonymous.enabled
| bool
| `false`
|
| alertmanager.ingress.annotations
| object
| `{}`
| annotations on ingress object (beside of .Values.commons.ingress.annotations )
| alertmanager.ingress.enabled
| bool
| `true`
|
| alertmanager.ingress.host
| string
| `""`
|
| alertmanager.inhibitRules
| list
| `[]`
| additional inhibitRules
| alertmanager.receiver.customs
| object
| `{}`
| customs
| alertmanager.receiver.matrix.default
| string
| `"!example-room:matrix.org"`
|
| alertmanager.receiver.matrix.enabled
| bool
| `false`
|
| alertmanager.receiver.matrix.homeserver
| string
| `"https://matrix.org"`
|
| alertmanager.receiver.matrix.rooms
| object
| `{}`
|
| alertmanager.receiver.matrix.sendResolved
| bool
| `false`
|
| alertmanager.receiver.matrix.token
| string
| `""`
| token of matrix reciever (use valuesFrom in flux for it)
| alertmanager.receiver.matrix.userID
| string
| `"@alert:matrix.org"`
|
| alertmanager.receiver.ntfy.config.labels
| object
| `{"entries":[{"label":"severity","priority":4,"tags":["rotating_light"],"value":"critical"},{"label":"severity","priority":3,"tags":["warning"],"value":"warning"},{"label":"severity","priority":1,"tags":["information_source"],"value":"info"}],"order":["severity"]}`
| label of alert to ntfy message config
| alertmanager.receiver.ntfy.config.ntfy.topic
| string
| `"https://ntfy.wrenix.eu/alertmanager-example"`
|
| alertmanager.receiver.ntfy.config.password
| string
| `nil`
| password used between alertmanager and ntfy reciever generated from commons.masterPassword
| alertmanager.receiver.ntfy.config.user
| string
| `"alertmanager-to-ntfy"`
| user used between alertmanager and ntfy receiver
| alertmanager.receiver.ntfy.enabled
| bool
| `false`
|
| alertmanager.receiver.ntfy.ingress.annotations
| object
| `{}`
| annotations on ingress object (beside of .Values.commons.ingress.annotations )
| alertmanager.receiver.ntfy.ingress.enabled
| bool
| `false`
|
| alertmanager.receiver.ntfy.ingress.host
| string
| `nil`
|
| alertmanager.receiver.ntfy.sendResolved
| bool
| `false`
|
| alertmanager.route.groupBy
| list
| `["namespace","alertname"]`
| groupBy
| alertmanager.route.repeatInterval
| string
| `"24h"`
| repeat Interval
| alertmanager.route.routes
| list
| `[]`
| would overwrite defaults (like ntfy or matrix) # send every alert to ntfy # (and continue to routing for that alert) - receiver: "ntfy-default" continue: true # send selected alerts to special matrix room # (and remove them for evaluation - no continue) - receiver: "matrix-room-name" matchers: - name: "team" matchType: "=" value: "room-name" # all reminig alerts to matrix default room - receiver: "matrix-default"
| commons.auth.authentik.backend
| string
| `"authentik-server"`
|
| commons.auth.authentik.domain
| string
| `""`
|
| commons.auth.enabled
| bool
| `false`
|
| commons.auth.namespace
| string
| `""`
|
| commons.auth.type
| string
| `"authentik"`
|
| grafana.adminPassword
| string
| `nil`
| generated from commons.masterPassword
| grafana.auth.anonymous.enabled
| bool
| `true`
|
| grafana.auth.authentik.clientID
| string
| `nil`
| generated from commons.masterPassword
| grafana.auth.authentik.clientSecret
| string
| `nil`
| generated from commons.masterPassword
| grafana.auth.enabled
| bool
| `false`
|
| grafana.dashboards.annotations."grafana.mon.local/dashboard-folder"
| string
| `"Kubernetes"`
|
| grafana.dashboards.folderAnnotation
| string
| `"grafana.mon.local/dashboard-folder"`
|
| grafana.ingress.annotations
| object
| `{}`
| annotations on ingress object (beside of .Values.commons.ingress.annotations )
| grafana.ingress.enabled
| bool
| `true`
|
| grafana.ingress.host
| string
| `""`
|
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| karma.additionalAlertmanager
| string
| `nil`
|
| karma.auth.anonymous.enabled
| bool
| `false`
|
| karma.enabled
| bool
| `true`
|
| karma.filters.default[0]
| string
| `"@state=active"`
|
| karma.ingress.annotations
| object
| `{}`
| annotations on ingress object (beside of .Values.commons.ingress.annotations )
| karma.ingress.enabled
| bool
| `true`
|
| karma.ingress.host
| string
| `""`
|
| prometheus.auth.anonymous.enabled
| bool
| `false`
|
| prometheus.exporter.blackbox.enabled
| bool
| `true`
|
| prometheus.exporter.blackbox.hostNetwork
| bool
| `false`
|
| prometheus.exporter.blackbox.ingress.annotations
| object
| `{}`
| annotations on ingress object (beside of .Values.commons.ingress.annotations )
| prometheus.exporter.blackbox.ingress.enabled
| bool
| `false`
| enable ingress for blackbox-exporter
| prometheus.exporter.blackbox.ingress.host
| string
| `""`
| default use .Values.commons.ingress.host with prefix: `blackbox.exporter`
| prometheus.ingress.annotations
| object
| `{}`
| annotations on ingress object (beside of .Values.commons.ingress.annotations )
| prometheus.ingress.enabled
| bool
| `true`
|
| prometheus.ingress.host
| string
| `""`
|
| tempo.enabled
| bool
| `false`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

199
infra-trivy/README.adoc
View file

@ -1,199 +0,0 @@
= infra-trivy
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.grafana.dashboards.labels
| object
| `{"grafana_dashboard":"1"}`
| labels of grafana dashboard configmap
| commons.prometheus.alertmanager.labels
| object
| `{}`
| labels on AlertmanagerConf
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Other Values
|===
| Key | Type | Default | Description
| grafana.dashboards.annotations
| object
| `{}`
| annotations of grafana dashboard configmap
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| prometheus.rules.clusterCompliance.enabled
| bool
| `false`
|
| prometheus.rules.clusterRBACAssessments.enabled
| bool
| `false`
|
| prometheus.rules.clusterRBACAssessments.info.enabled
| bool
| `false`
|
| prometheus.rules.clusterRBACAssessments.warning.enabled
| bool
| `false`
|
| prometheus.rules.enabled
| bool
| `true`
|
| prometheus.rules.imageExposedSecrets.enabled
| bool
| `true`
|
| prometheus.rules.imageExposedSecrets.info.enabled
| bool
| `false`
|
| prometheus.rules.imageExposedSecrets.warning.enabled
| bool
| `false`
|
| prometheus.rules.imageVulnerabilities.enabled
| bool
| `false`
|
| prometheus.rules.imageVulnerabilities.info.enabled
| bool
| `false`
|
| prometheus.rules.imageVulnerabilities.warning.enabled
| bool
| `false`
|
| prometheus.rules.infraAssessments.enabled
| bool
| `true`
|
| prometheus.rules.infraAssessments.info.enabled
| bool
| `true`
|
| prometheus.rules.infraAssessments.warning.enabled
| bool
| `true`
|
| prometheus.rules.resourceConfigAudits.enabled
| bool
| `true`
|
| prometheus.rules.resourceConfigAudits.info.enabled
| bool
| `false`
|
| prometheus.rules.resourceConfigAudits.warning.enabled
| bool
| `false`
|
| prometheus.rules.roleRBACAssessments.enabled
| bool
| `false`
|
| prometheus.rules.roleRBACAssessments.info.enabled
| bool
| `false`
|
| prometheus.rules.roleRBACAssessments.warning.enabled
| bool
| `false`
|
| scans.concurrent
| int
| `2`
|
| scans.ttl
| string
| `"168h"`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

219
mycloud-authentik/README.adoc
View file

@ -1,219 +0,0 @@
= mycloud-authentik
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `true`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons mail
|===
| Key | Type | Default | Description
| commons.mail.from
| string
| `nil`
| send from address
| commons.mail.host
| string
| `nil`
| smtp server
| commons.mail.password
| string
| `nil`
| smtp password
| commons.mail.use_ssl
| bool
| `false`
| smtp server use ssl
| commons.mail.use_tls
| bool
| `false`
| smtp server use start tls
| commons.mail.username
| string
| `nil`
| smtp username
|===
.Values Commons
|===
| Key | Type | Default | Description
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons Redis
|===
| Key | Type | Default | Description
| commons.redis.replicas
| int
| `0`
| replicas
|===
.Values Commons theme
|===
| Key | Type | Default | Description
| commons.theme.favicon
| string
| `"/static/dist/assets/icons/icon.png"`
| favicon everywhere
| commons.theme.logo
| string
| `"/static/dist/assets/icons/icon_left_brand.svg"`
| logo everywhere
| commons.theme.title
| string
| `"myCloud"`
| title everywhere
|===
.Values Other Values
|===
| Key | Type | Default | Description
| database.host
| string
| `"mycloud-services-postgresql"`
| default is from mysql-services
| database.name
| string
| `"authentik"`
|
| database.password
| string
| `nil`
| generated by .Values.commons.masterPassword (equal to mycloud-services)
| database.username
| string
| `"authentik"`
|
| ingress.annotations
| string
| `nil`
|
| ingress.host
| string
| `nil`
| default: auth.(Values.commons.ingress.domain)
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| mail.from
| string
| `nil`
| generade by Values.commons.mail.from
| secret_key
| string
| `nil`
| generated by .Values.commons.masterPassword
| theme.background
| string
| `nil`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

139
mycloud-collabora/README.adoc
View file

@ -1,139 +0,0 @@
= mycloud-collabora
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.grafana.dashboards.annotations
| object
| `{}`
| annotations of grafana dashboard configmap
| commons.grafana.dashboards.labels
| object
| `{}`
| labels of grafana dashboard configmap
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `true`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons
|===
| Key | Type | Default | Description
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Other Values
|===
| Key | Type | Default | Description
| adminPassword
| string
| `nil`
| adminPassword to access collabora admin platform
| allowedHosts
| object
| `{}`
| allowed host to use this collabora instance if not set we allow defaults (like nextcloud) example: main.host.de: [ "alias1.host.de", "alias2.host.de" ]
| ingress.annotations
| object
| `{"haproxy-ingress.github.io/assign-backend-server-id":"true","haproxy-ingress.github.io/balance-algorithm":"url_param WOPISrc","haproxy-ingress.github.io/config-backend":"hash-type consistent acl admin_url path_beg /cool/getMetrics acl admin_url path_beg /cool/adminws/ acl admin_url path_beg /browser/dist/admin/admin.html http-request deny if admin_url","haproxy-ingress.github.io/timeout-tunnel":"3600s","nginx.ingress.kubernetes.io/server-snippet":"location /cool/getMetrics { deny all; return 403; }\nlocation /cool/adminws/ { deny all; return 403; }\nlocation /browser/dist/admin/admin.html { deny all; return 403; }\n","nginx.ingress.kubernetes.io/upstream-hash-by":"$arg_WOPISrc"}`
| ingress annotatations - default are all the best practise of collabora
| ingress.host
| string
| `nil`
| default: fs.(Values.commons.ingress.domain)
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

229
mycloud-firefly-iii/README.adoc
View file

@ -1,229 +0,0 @@
= mycloud-firefly-iii
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons
|===
| Key | Type | Default | Description
| commons.auth.host
| string
| `nil`
| default auth.(.Values.commons.ingress.domain)
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `true`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons mail
|===
| Key | Type | Default | Description
| commons.mail.from
| string
| `nil`
| send from address
| commons.mail.host
| string
| `nil`
| smtp server
| commons.mail.password
| string
| `nil`
| smtp password
| commons.mail.use_ssl
| bool
| `false`
| smtp server use ssl
| commons.mail.use_tls
| bool
| `false`
| smtp server use start tls
| commons.mail.username
| string
| `nil`
| smtp username
|===
.Values Commons Persistence
|===
| Key | Type | Default | Description
| commons.persistence.hostPath.enabled
| bool
| `false`
| use hostPath instatt of PVC
| commons.persistence.hostPath.prefix
| string
| `"/var/lib/mycloud"`
| use hostPath under the following path
| commons.persistence.storageClass
| string
| `nil`
| storageClass of PVC
|===
.Values Commons theme
|===
| Key | Type | Default | Description
| commons.theme.favicon
| string
| `"/static/dist/assets/icons/icon.png"`
| favicon everywhere
| commons.theme.logo
| string
| `"/static/dist/assets/icons/icon_left_brand.svg"`
| logo everywhere
| commons.theme.title
| string
| `"myCloud"`
| title everywhere
|===
.Values Other Values
|===
| Key | Type | Default | Description
| commons.auth.authentik.backend
| string
| `"mycloud-authentik-hr-server"`
|
| database.host
| string
| `"mycloud-services-postgresql"`
| default is from mysql-services
| database.name
| string
| `"firefly"`
|
| database.password
| string
| `nil`
| generated by .Values.commons.masterPassword (equal to mycloud-services)
| database.username
| string
| `"firefly"`
|
| ingress.annotations
| object
| `{}`
|
| ingress.host
| string
| `nil`
| default: social.(Values.commons.ingress.domain)
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| mail.from
| string
| `nil`
| generade by Values.commons.mail.from
| mail.host
| string
| `nil`
| default Values.commons.mail.host
| persistence.size
| string
| `"16Gi"`
|
| persistence.storageClass
| string
| `nil`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

284
mycloud-gotosocial/README.adoc
View file

@ -1,284 +0,0 @@
= mycloud-gotosocial
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons
|===
| Key | Type | Default | Description
| commons.auth.host
| string
| `nil`
| default auth.(.Values.commons.ingress.domain)
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `true`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons mail
|===
| Key | Type | Default | Description
| commons.mail.from
| string
| `nil`
| send from address
| commons.mail.host
| string
| `nil`
| smtp server
| commons.mail.password
| string
| `nil`
| smtp password
| commons.mail.use_ssl
| bool
| `false`
| smtp server use ssl
| commons.mail.use_tls
| bool
| `false`
| smtp server use start tls
| commons.mail.username
| string
| `nil`
| smtp username
|===
.Values Commons Persistence
|===
| Key | Type | Default | Description
| commons.persistence.hostPath.enabled
| bool
| `false`
| use hostPath instatt of PVC
| commons.persistence.hostPath.prefix
| string
| `"/var/lib/mycloud"`
| use hostPath under the following path
| commons.persistence.storageClass
| string
| `nil`
| storageClass of PVC
|===
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons theme
|===
| Key | Type | Default | Description
| commons.theme.favicon
| string
| `"/static/dist/assets/icons/icon.png"`
| favicon everywhere
| commons.theme.logo
| string
| `"/static/dist/assets/icons/icon_left_brand.svg"`
| logo everywhere
| commons.theme.title
| string
| `"myCloud"`
| title everywhere
|===
.Values Commons Tracing
|===
| Key | Type | Default | Description
| commons.tracing.enabled
| bool
| `false`
| enable tracing on all components
| commons.tracing.grpc.enabled
| bool
| `true`
| prefer grpc over http
| commons.tracing.grpc.endpoint
| string
| `"tempo.monitoring.svc:4317"`
| grpc endpoint
| commons.tracing.grpc.insecure
| bool
| `true`
| allow insecure connection per grpc
| commons.tracing.http.endpoint
| string
| `"http://tempo.monitoring.svc:4318/v1/traces"`
| http endpoint
|===
.Values Other Values
|===
| Key | Type | Default | Description
| auth.clientID
| string
| `nil`
| generated by .Values.commons.masterPassword
| auth.clientSecret
| string
| `nil`
| generated by .Values.commons.masterPassword
| database.host
| string
| `"mycloud-services-postgresql"`
| default is from mysql-services
| database.name
| string
| `"gotosocial"`
|
| database.password
| string
| `nil`
| generated by .Values.commons.masterPassword (equal to mycloud-services)
| database.username
| string
| `"gotosocial"`
|
| ingress.annotations
| string
| `nil`
|
| ingress.host
| string
| `nil`
| default: social.(Values.commons.ingress.domain)
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| instance
| object
| `{}`
| see https://codeberg.org/wrenix/helm-charts/src/branch/main/gotosocial#_values
| mail.from
| string
| `nil`
| generade by Values.commons.mail.from
| mail.host
| string
| `nil`
| default Values.commons.mail.host
| persistence.size
| string
| `"16Gi"`
|
| persistence.storageClass
| string
| `nil`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

589
mycloud-matrix/README.adoc
View file

@ -1,589 +0,0 @@
= mycloud-matrix
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons
|===
| Key | Type | Default | Description
| commons.auth.host
| string
| `nil`
| default auth.(.Values.commons.ingress.domain)
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.grafana.dashboards.annotations
| string
| `nil`
| annotations of grafana dashboard configmap
| commons.grafana.dashboards.labels
| object
| `{"grafana_dashboard":"1"}`
| labels of grafana dashboard configmap
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `true`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons mail
|===
| Key | Type | Default | Description
| commons.mail.from
| string
| `nil`
| send from address
| commons.mail.host
| string
| `nil`
| smtp server
| commons.mail.password
| string
| `nil`
| smtp password
| commons.mail.use_ssl
| bool
| `false`
| smtp server use ssl
| commons.mail.use_tls
| bool
| `false`
| smtp server use start tls
| commons.mail.username
| string
| `nil`
| smtp username
|===
.Values Commons Persistence
|===
| Key | Type | Default | Description
| commons.persistence.hostPath.enabled
| bool
| `false`
| use hostPath instatt of PVC
| commons.persistence.hostPath.prefix
| string
| `"/var/lib/mycloud"`
| use hostPath under the following path
| commons.persistence.storageClass
| string
| `nil`
| storageClass of PVC
|===
.Values Commons theme
|===
| Key | Type | Default | Description
| commons.theme.favicon
| string
| `"/static/dist/assets/icons/icon.png"`
| favicon everywhere
| commons.theme.logo
| string
| `"/static/dist/assets/icons/icon_left_brand.svg"`
| logo everywhere
| commons.theme.title
| string
| `"myCloud"`
| title everywhere
|===
.Values Commons Tracing
|===
| Key | Type | Default | Description
| commons.tracing.enabled
| bool
| `false`
| enable tracing on all components
| commons.tracing.grpc.enabled
| bool
| `true`
| prefer grpc over http
| commons.tracing.grpc.endpoint
| string
| `"tempo.monitoring.svc:4317"`
| grpc endpoint
| commons.tracing.grpc.insecure
| bool
| `true`
| allow insecure connection per grpc
| commons.tracing.http.endpoint
| string
| `"http://tempo.monitoring.svc:4318/v1/traces"`
| http endpoint
|===
.Values Other Values
|===
| Key | Type | Default | Description
| bridge.signal.admins
| list
| `[]`
|
| bridge.signal.enabled
| bool
| `false`
|
| bridge.slack.admins
| list
| `[]`
|
| bridge.slack.enabled
| bool
| `false`
|
| commons.networkpolicies.enabled
| bool
| `false`
|
| commons.networkpolicies.from.ingress
| list
| `[]`
|
| commons.networkpolicies.from.metrics
| list
| `[]`
|
| commons.networkpolicies.to.dns
| list
| `[]`
|
| commons.networkpolicies.to.matrix
| list
| `[]`
|
| commons.networkpolicies.to.smtp
| list
| `[]`
|
| databases.authenticationService.host
| string
| `"mycloud-services-postgresql"`
| default is from mycloud-services
| databases.authenticationService.name
| string
| `"matrix-authentication-service"`
|
| databases.authenticationService.password
| string
| `nil`
| generated by .commons.masterPassword (equal to mycloud-services)
| databases.authenticationService.username
| string
| `"matrix-authentication-service"`
|
| databases.bridge.signal.host
| string
| `"mycloud-services-postgresql"`
| default is from mycloud-services
| databases.bridge.signal.name
| string
| `"matrix-bridge-signal"`
|
| databases.bridge.signal.password
| string
| `nil`
| generated by .commons.masterPassword (equal to mycloud-services)
| databases.bridge.signal.username
| string
| `"matrix-bridge-signal"`
|
| databases.bridge.slack.host
| string
| `"mycloud-services-postgresql"`
| default is from mycloud-services
| databases.bridge.slack.name
| string
| `"matrix-bridge-slack"`
|
| databases.bridge.slack.password
| string
| `nil`
| generated by .commons.masterPassword (equal to mycloud-services)
| databases.bridge.slack.username
| string
| `"matrix-bridge-slack"`
|
| databases.server.host
| string
| `"mycloud-services-postgresql"`
| default is from mycloud-services
| databases.server.name
| string
| `"matrix-synapse"`
|
| databases.server.password
| string
| `nil`
| generated by .commons.masterPassword (equal to mycloud-services)
| databases.server.username
| string
| `"matrix-synapse"`
|
| databases.slidingSync.host
| string
| `"mycloud-services-postgresql"`
| default is from mycloud-services
| databases.slidingSync.name
| string
| `"matrix-sliding-sync"`
|
| databases.slidingSync.password
| string
| `nil`
| generated by .commons.masterPassword (equal to mycloud-services)
| databases.slidingSync.username
| string
| `"matrix-sliding-sync"`
|
| ingress.authenticationService.annotations
| object
| `{}`
|
| ingress.authenticationService.host
| string
| `nil`
| default: auth.matrix.(.commons.ingress.domain)
| ingress.element.annotations
| object
| `{}`
|
| ingress.element.config.features.feature_location_share_live
| bool
| `true`
|
| ingress.element.config.features.feature_new_room_decoration_ui
| bool
| `true`
|
| ingress.element.config.features.feature_notifications
| bool
| `true`
|
| ingress.element.enabled
| bool
| `true`
|
| ingress.element.host
| string
| `nil`
| default: element.(.commons.ingress.domain)
| ingress.elementCall.annotations
| object
| `{}`
|
| ingress.elementCall.enabled
| bool
| `false`
| deploy element-call
| ingress.elementCall.host
| string
| `nil`
| default: call.(.commons.ingress.domain)
| ingress.elementCall.livekitJWT.host
| string
| `nil`
| default: call.(.commons.ingress.domain)
| ingress.elementCall.livekitJWT.livekit.host
| string
| `nil`
| default: .ingress.livekit.host
| ingress.elementCall.livekitJWT.livekit.key
| string
| `nil`
| default: .livekit.key
| ingress.elementCall.livekitJWT.livekit.secret
| string
| `nil`
| default: .livekit.secret
| ingress.hydrogen.annotations
| object
| `{}`
|
| ingress.hydrogen.enabled
| bool
| `false`
|
| ingress.hydrogen.host
| string
| `nil`
| default: hydrogen.(.commons.ingress.domain)
| ingress.livekit.annotations
| object
| `{}`
|
| ingress.livekit.enabled
| bool
| `false`
|
| ingress.livekit.host
| string
| `nil`
| default: sfu.call.(.commons.ingress.domain)
| ingress.server.annotations
| object
| `{}`
|
| ingress.server.host
| string
| `nil`
| default: matrix.(.commons.ingress.domain)
| ingress.server.wellknown.client."m.tile_server".map_style_url
| string
| `"https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"`
|
| ingress.slidingSync.annotations
| object
| `{}`
|
| ingress.slidingSync.host
| string
| `nil`
| default: sliding.matrix.(.commons.ingress.domain)
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| livekit.enabled
| bool
| `false`
| deploy livekit for usage with element-call
| livekit.key
| string
| `"dev"`
| key for api (kind of username)
| livekit.secret
| string
| `nil`
| secret for api a kind of password (default: generated by .commons.masterPassword)
| persistence.size
| string
| `"16Gi"`
|
| persistence.storageClass
| string
| `nil`
|
| server.auth.clientID
| string
| `nil`
| generated by .commons.masterPassword
| server.auth.clientSecret
| string
| `nil`
| generated by .commons.masterPassword
| server.auth.webClient
| string
| `nil`
| default: element.(.commons.ingress.domain)
| server.authenticationService.admins
| list
| `[]`
|
| server.authenticationService.enabled
| bool
| `false`
|
| server.host
| string
| `nil`
| default: (commons.ingress.domain)
| server.mail.from
| string
| `nil`
| generade by .commons.mail.from
| server.mail.host
| string
| `nil`
| default .commons.mail.host
| server.scaling
| bool
| `false`
|
| server.slidingSync.enabled
| bool
| `false`
|
| server.software
| string
| `"synapse"`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

409
mycloud-nextcloud/README.adoc
View file

@ -1,409 +0,0 @@
= mycloud-nextcloud
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons
|===
| Key | Type | Default | Description
| commons.auth.host
| string
| `nil`
| default auth.(.Values.commons.ingress.domain)
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `true`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons mail
|===
| Key | Type | Default | Description
| commons.mail.from
| string
| `nil`
| send from address
| commons.mail.host
| string
| `nil`
| smtp server
| commons.mail.password
| string
| `nil`
| smtp password
| commons.mail.use_ssl
| bool
| `false`
| smtp server use ssl
| commons.mail.use_tls
| bool
| `false`
| smtp server use start tls
| commons.mail.username
| string
| `nil`
| smtp username
|===
.Values Commons Persistence
|===
| Key | Type | Default | Description
| commons.persistence.hostPath.enabled
| bool
| `false`
| use hostPath instatt of PVC
| commons.persistence.hostPath.prefix
| string
| `"/var/lib/mycloud"`
| use hostPath under the following path
| commons.persistence.storageClass
| string
| `nil`
| storageClass of PVC
|===
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons Redis
|===
| Key | Type | Default | Description
| commons.redis.replicas
| int
| `0`
| replicas
|===
.Values Commons theme
|===
| Key | Type | Default | Description
| commons.theme.favicon
| string
| `"/static/dist/assets/icons/icon.png"`
| favicon everywhere
| commons.theme.logo
| string
| `"/static/dist/assets/icons/icon_left_brand.svg"`
| logo everywhere
| commons.theme.title
| string
| `"myCloud"`
| title everywhere
|===
.Values Other Values
|===
| Key | Type | Default | Description
| adminPassword
| string
| `nil`
| generated by .Values.commons.masterPassword
| apps.calendar.enabled
| bool
| `true`
|
| apps.checksum.enabled
| bool
| `true`
|
| apps.contacts.enabled
| bool
| `true`
|
| apps.dashboard.enabled
| bool
| `false`
|
| apps.deck.enabled
| bool
| `true`
|
| apps.firstrunwizard.enabled
| bool
| `false`
|
| apps.memories.enabled
| bool
| `false`
|
| apps.notes.enabled
| bool
| `true`
|
| apps.richdocuments.config.wopi_url
| string
| `nil`
|
| apps.richdocuments.enabled
| bool
| `false`
|
| auth.clientID
| string
| `nil`
| generated by .Values.commons.masterPassword
| auth.clientSecret
| string
| `nil`
| generated by .Values.commons.masterPassword
| auth.idMapping
| string
| `"sub"`
| oidc field which us used as id in nextcloud for username (for security reason it is sub, but could be overwritten by username) https://goauthentik.io/integrations/services/nextcloud/#provider-and-application
| chart.ref
| object
| `{"branch":"main"}`
| for default set: null
| chart.url
| string
| `"https://github.com/wrenix/nextcloud-helm.git"`
| for default set: https://nextcloud.github.io/helm/
| commons.networkpolicies.enabled
| bool
| `false`
|
| commons.networkpolicies.from.ingress
| list
| `[]`
|
| commons.networkpolicies.from.metrics
| list
| `[]`
|
| commons.networkpolicies.to.dns
| list
| `[]`
|
| config
| object
| `{}`
|
| database.host
| string
| `"mycloud-services-postgresql"`
| default is from mysql-services
| database.name
| string
| `"nextcloud"`
|
| database.password
| string
| `nil`
| generated by .Values.commons.masterPassword (equal to mycloud-services)
| database.username
| string
| `"nextcloud"`
|
| default.language
| string
| `"en"`
|
| default.maintenanceWindowStart
| int
| `1`
|
| default.phoneRegion
| string
| `"GB"`
|
| imaginary.enabled
| bool
| `true`
|
| ingress.annotations
| string
| `nil`
|
| ingress.host
| string
| `nil`
| default: fs.(Values.commons.ingress.domain)
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
| limits.memory
| string
| `"512M"`
|
| limits.upload
| string
| `"2G"`
|
| mail.authtype
| string
| `"PLAIN"`
|
| mail.from
| string
| `nil`
| generade by Values.commons.mail.from
| mail.host
| string
| `nil`
| default Values.commons.mail.host
| persistence.data.pvc
| string
| `"nextcloud-data"`
|
| persistence.data.size
| string
| `"16Gi"`
|
| persistence.main.pvc
| string
| `"nextcloud"`
|
| persistence.main.size
| string
| `"8Gi"`
|
| quota
| string
| `nil`
| default quota for an user
| theme.color
| string
| `nil`
| set theme color in nextcloud
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

119
mycloud-services/README.adoc
View file

@ -1,119 +0,0 @@
= mycloud-services
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons
|===
| Key | Type | Default | Description
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons Persistence
|===
| Key | Type | Default | Description
| commons.persistence.hostPath.enabled
| bool
| `false`
| use hostPath instatt of PVC
| commons.persistence.hostPath.prefix
| string
| `"/var/lib/mycloud"`
| use hostPath under the following path
| commons.persistence.storageClass
| string
| `nil`
| storageClass of PVC
|===
.Values Other Values
|===
| Key | Type | Default | Description
| databases
| object
| `{"example":{"additionalParams":null,"password":null,"type":"none","username":"example-password"}}`
| create databases
| databases.example.additionalParams
| string
| `nil`
| additional params for databases
| databases.example.password
| string
| `nil`
| if not set generated by .Values.commons.masterPassword and databasename
| databases.example.type
| string
| `"none"`
| database type (current only "postgresql" is supported)
| databases.example.username
| string
| `"example-password"`
| username default like database
| postgresql.password
| string
| `nil`
| root
| postgresql.persistence.size
| string
| `"10G"`
|
| postgresql.persistence.storageClass
| string
| `nil`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

39
publish.sh Executable file
View file

@ -0,0 +1,39 @@
#/bin/sh
HELM_REPO=${HELM_REPO:-codeberg.org/wrenix/flux-charts}
HELM_REPO_URL="oci://${HELM_REPO}"
COMMIT_SCOPE=${2:-fix}
COMMIT_MESSAGE=${1:-"update appVersion"}
ct lint # || exit 1
for p in * ; do
if \
[ ! -d $p ] || \
[ ! -f $p/Chart.yaml ] \
; then
continue
fi
echo "${p}:";
v=$(dasel -f "${p}/Chart.yaml" -s version)
echo "version: ${v}";
echo "update docs"
helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}"
echo "package and push helm-chart"
helm package "${p}"
helm push "${p}-${v}.tgz" "${HELM_REPO_URL}";
echo "push to git"
set -e
git add "${p}/"
git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}"
git push origin main;
set +e
echo
done

244
template/README.adoc
View file

@ -1,244 +0,0 @@
= <template>
image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Values
.Values Commons
|===
| Key | Type | Default | Description
| commons.auth.host
| string
| `nil`
| default auth.(.Values.commons.ingress.domain)
| commons.masterPassword
| string
| `"CHANGEME"`
| masterPassword to generate secrets
|===
.Values Commons helm release
|===
| Key | Type | Default | Description
| commons.helm.release.driftDetection
| object
| `{}`
| driftDetection of FluxCD HelmRelease
| commons.helm.release.install
| object
| `{}`
| install of FluxCD HelmRelease
| commons.helm.release.test
| object
| `{}`
| test of FluxCD HelmRelease
| commons.helm.release.upgrade
| object
| `{}`
| upgrade of FluxCD HelmRelease
|===
.Values Commons Ingress
|===
| Key | Type | Default | Description
| commons.ingress.annotations
| object
| `{"cert-manager.io/cluster-issuer":"letsencrypt-prod"}`
| annotations for all ingress objects
| commons.ingress.domain
| string
| `"wrenix.eu"`
| top domain for all services
| commons.ingress.tls.enabled
| bool
| `true`
| tls on every ingress
| commons.ingress.tls.override
| list
| `[]`
| use own definition of tls (e.g. for own or wildcard certificate)
|===
.Values Commons mail
|===
| Key | Type | Default | Description
| commons.mail.from
| string
| `nil`
| send from address
| commons.mail.host
| string
| `nil`
| smtp server
| commons.mail.password
| string
| `nil`
| smtp password
| commons.mail.use_ssl
| bool
| `false`
| smtp server use ssl
| commons.mail.use_tls
| bool
| `false`
| smtp server use start tls
| commons.mail.username
| string
| `nil`
| smtp username
|===
.Values Commons Persistence
|===
| Key | Type | Default | Description
| commons.persistence.hostPath.enabled
| bool
| `false`
| use hostPath instatt of PVC
| commons.persistence.hostPath.prefix
| string
| `"/var/lib/mycloud"`
| use hostPath under the following path
| commons.persistence.storageClass
| string
| `nil`
| storageClass of PVC
|===
.Values Commons Monitoring
|===
| Key | Type | Default | Description
| commons.prometheus.monitor.labels
| object
| `{}`
| labels on Pod- and Service-Monitor
| commons.prometheus.rules.labels
| object
| `{}`
| labels on PrometheusRules
|===
.Values Commons theme
|===
| Key | Type | Default | Description
| commons.theme.favicon
| string
| `"/static/dist/assets/icons/icon.png"`
| favicon everywhere
| commons.theme.logo
| string
| `"/static/dist/assets/icons/icon_left_brand.svg"`
| logo everywhere
| commons.theme.title
| string
| `"myCloud"`
| title everywhere
|===
.Values Commons Tracing
|===
| Key | Type | Default | Description
| commons.tracing.enabled
| bool
| `false`
| enable tracing on all components
| commons.tracing.grpc.enabled
| bool
| `true`
| prefer grpc over http
| commons.tracing.grpc.endpoint
| string
| `"tempo.monitoring.svc:4317"`
| grpc endpoint
| commons.tracing.grpc.insecure
| bool
| `true`
| allow insecure connection per grpc
| commons.tracing.http.endpoint
| string
| `"http://tempo.monitoring.svc:4318/v1/traces"`
| http endpoint
|===
.Values Other Values
|===
| Key | Type | Default | Description
| commons.auth.authentik.backend
| string
| `"authentik-server"`
|
| commons.auth.authentik.domain
| string
| `""`
|
| commons.auth.enabled
| bool
| `false`
|
| commons.auth.namespace
| string
| `""`
|
| commons.auth.type
| string
| `"authentik"`
|
| init.namespace
| string
| `"bases"`
|
| init.version
| int
| `0`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]