wrenix/helm-charts
1
0
Fork 0
Code Issues 8 Pull requests 8 Projects Packages Activity

feat(pretix): init

Browse source
This commit is contained in:
WrenIX 2024-12-12 22:33:45 +01:00
parent b3fd15e30f
commit 2407101ec0
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
23 changed files with 1166 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pretix/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
charts/*.tgz

23
pretix/.helmignore Normal file
View file

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

9
pretix/Chart.lock Normal file
View file

@ -0,0 +1,9 @@
dependencies:
- name: postgresql
repository: oci://docker.io/bitnamicharts
version: 16.3.0
- name: redis
repository: oci://docker.io/bitnamicharts
version: 20.5.0
digest: sha256:7126a34c5cb99dc7bf96ee997009392d629bd6d0e57af288eec2d73b548a5d47
generated: "2024-12-12T23:28:46.938657955+01:00"

25
pretix/Chart.yaml Normal file
View file

@ -0,0 +1,25 @@
apiVersion: v2
name: pretix
description: Reinventing ticket presales, one ticket at a time.
type: application
version: 0.1.0
# renovate: image=docker.io/pretix/standalone
appVersion: "2024.11.0"
keywords:
- event-tickets
maintainers:
- name: WrenIX
url: https://wrenix.eu
sources:
- https://github.com/pretix/pretix
- https://codeberg.org/wrenix/helm-charts/src/branch/main/pretix
- https://hub.docker.com/r/pretix/standalone
dependencies:
- name: postgresql
version: "16.3.0"
repository: "oci://docker.io/bitnamicharts"
condition: postgresql.enabled
- name: redis
version: "20.5.0"
repository: "oci://docker.io/bitnamicharts"
condition: redis.enabled

280
pretix/README.md Normal file
View file

@ -0,0 +1,280 @@
---
title: "pretix"
description: "Reinventing ticket presales, one ticket at a time."
---
# pretix
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square)
Reinventing ticket presales, one ticket at a time.
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Source Code
* <https://github.com/pretix/pretix>
* <https://codeberg.org/wrenix/helm-charts/src/branch/main/pretix>
* <https://hub.docker.com/r/pretix/standalone>
## Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's [documentation](https://helm.sh/docs) to get started.
Once Helm has been set up correctly, fetch the charts as follows:
```bash
helm pull oci://codeberg.org/wrenix/helm-charts/pretix
```
You can install a chart release using the following command:
```bash
helm install pretix-release oci://codeberg.org/wrenix/helm-charts/pretix --values values.yaml
```
To uninstall a chart release use `helm`'s delete command:
```bash
helm uninstall pretix-release
```
## Requirements
| Repository | Name | Version |
|------------|------|---------|
| oci://docker.io/bitnamicharts | postgresql | 16.3.0 |
| oci://docker.io/bitnamicharts | redis | 20.5.0 |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| affinity | object | `{}` | |
| autoscaling.enabled | bool | `false` | |
| autoscaling.maxReplicas | int | `100` | |
| autoscaling.minReplicas | int | `1` | |
| autoscaling.targetCPUUtilizationPercentage | int | `80` | |
| cronSchedule | string | `"*/30 * * * *"` | |
| env.PRETIX_CELERY_BACKEND | string | `"redis://pretix-redis-master/1"` | |
| env.PRETIX_CELERY_BROKER | string | `"redis://pretix-redis-master/2"` | |
| env.PRETIX_DATABASE_BACKEND | string | `"postgresql"` | |
| env.PRETIX_DATABASE_HOST | string | `"pretix-postgresql"` | |
| env.PRETIX_DATABASE_NAME | string | `"pretix"` | |
| env.PRETIX_DATABASE_PASSWORD | string | `"pretix"` | |
| env.PRETIX_DATABASE_USER | string | `"pretix"` | |
| env.PRETIX_MAIL_FROM | string | `"test@example.com"` | |
| env.PRETIX_MAIL_HOST | string | `nil` | |
| env.PRETIX_MAIL_PASSWORD | string | `nil` | |
| env.PRETIX_MAIL_PORT | int | `587` | |
| env.PRETIX_MAIL_TLS | bool | `true` | |
| env.PRETIX_MAIL_USER | string | `nil` | |
| env.PRETIX_METRICS_ENABLED | bool | `false` | |
| env.PRETIX_METRICS_PASSPHRASE | string | `"pretix"` | |
| env.PRETIX_METRICS_USER | string | `"pretix"` | |
| env.PRETIX_PRETIX_CURRENCY | string | `"EUR"` | |
| env.PRETIX_PRETIX_DATADIR | string | `"/data"` | |
| env.PRETIX_PRETIX_INSTANCE_NAME | string | `"Pretix Helm"` | |
| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | string | `"on"` | |
| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | string | `"on"` | |
| env.PRETIX_PRETIX_URL | string | `"http://localhost"` | |
| env.PRETIX_REDIS_LOCATION | string | `"redis://pretix-redis-master/0"` | |
| env.PRETIX_REDIS_SESSIONS | bool | `true` | |
| fullnameOverride | string | `""` | |
| grafana.dashboards.annotations | object | `{}` | |
| grafana.dashboards.enabled | bool | `false` | |
| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.registry | string | `"docker.io"` | |
| image.repository | string | `"pretix/standalone"` | |
| image.tag | string | `""` | |
| imagePullSecrets | list | `[]` | |
| ingress.annotations | object | `{}` | |
| ingress.className | string | `""` | |
| ingress.enabled | bool | `false` | |
| ingress.hosts[0].host | string | `"chart-example.local"` | |
| ingress.hosts[0].paths[0].path | string | `"/"` | |
| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | |
| ingress.tls | list | `[]` | |
| livenessProbe.httpGet.httpHeaders[0].name | string | `"host"` | |
| livenessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | |
| livenessProbe.httpGet.path | string | `"/healthcheck/"` | |
| livenessProbe.httpGet.port | string | `"http"` | |
| nameOverride | string | `""` | |
| nodeSelector | object | `{}` | |
| persistence.accessMode | string | `"ReadWriteOnce"` | |
| persistence.annotations | object | `{}` | |
| persistence.enabled | bool | `true` | |
| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound |
| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod |
| persistence.size | string | `"5Gi"` | |
| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) |
| podAnnotations | object | `{}` | |
| podLabels | object | `{}` | |
| podSecurityContext | object | `{}` | |
| postgresql.auth.database | string | `"pretix"` | |
| postgresql.auth.password | string | `"pretix"` | |
| postgresql.auth.postgresPassword | string | `"supersecureadminpassword"` | |
| postgresql.auth.username | string | `"pretix"` | |
| postgresql.enabled | bool | `true` | |
| prometheus.rules.additionalRules | list | `[]` | |
| prometheus.rules.enabled | bool | `false` | |
| prometheus.rules.labels | object | `{}` | |
| prometheus.servicemonitor.enabled | bool | `false` | broken, Host need to be localhost on request (instatt of ip) needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003 |
| prometheus.servicemonitor.interval | string | `nil` | interval |
| prometheus.servicemonitor.labels | object | `{}` | |
| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout |
| readinessProbe.httpGet.httpHeaders[0].name | string | `"host"` | |
| readinessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | |
| readinessProbe.httpGet.path | string | `"/healthcheck/"` | |
| readinessProbe.httpGet.port | string | `"http"` | |
| redis.architecture | string | `"standalone"` | |
| redis.auth.enabled | bool | `false` | |
| redis.enabled | bool | `true` | |
| replicas.taskworker | int | `1` | |
| replicas.web | int | `1` | |
| resources | object | `{}` | |
| securityContext | object | `{}` | |
| service.port | int | `80` | |
| service.type | string | `"ClusterIP"` | |
| serviceAccount.annotations | object | `{}` | |
| serviceAccount.automount | bool | `true` | |
| serviceAccount.create | bool | `true` | |
| serviceAccount.name | string | `""` | |
| tolerations | list | `[]` | |
| volumeMounts | list | `[]` | |
| volumes | list | `[]` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
# pretix
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square)
Reinventing ticket presales, one ticket at a time.
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Source Code
* <https://github.com/pretix/pretix>
* <https://codeberg.org/wrenix/helm-charts/src/branch/main/pretix>
* <https://hub.docker.com/r/pretix/standalone>
## Requirements
| Repository | Name | Version |
|------------|------|---------|
| oci://docker.io/bitnamicharts | postgresql | 16.3.0 |
| oci://docker.io/bitnamicharts | redis | 20.5.0 |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| affinity | object | `{}` | |
| autoscaling.enabled | bool | `false` | |
| autoscaling.maxReplicas | int | `100` | |
| autoscaling.minReplicas | int | `1` | |
| autoscaling.targetCPUUtilizationPercentage | int | `80` | |
| cronSchedule | string | `"*/30 * * * *"` | |
| env.PRETIX_CELERY_BACKEND | string | `"redis://pretix-redis-master/1"` | |
| env.PRETIX_CELERY_BROKER | string | `"redis://pretix-redis-master/2"` | |
| env.PRETIX_DATABASE_BACKEND | string | `"postgresql"` | |
| env.PRETIX_DATABASE_HOST | string | `"pretix-postgresql"` | |
| env.PRETIX_DATABASE_NAME | string | `"pretix"` | |
| env.PRETIX_DATABASE_PASSWORD | string | `"pretix"` | |
| env.PRETIX_DATABASE_USER | string | `"pretix"` | |
| env.PRETIX_MAIL_FROM | string | `"test@example.com"` | |
| env.PRETIX_MAIL_HOST | string | `nil` | |
| env.PRETIX_MAIL_PASSWORD | string | `nil` | |
| env.PRETIX_MAIL_PORT | int | `587` | |
| env.PRETIX_MAIL_TLS | bool | `true` | |
| env.PRETIX_MAIL_USER | string | `nil` | |
| env.PRETIX_METRICS_ENABLED | bool | `false` | |
| env.PRETIX_METRICS_PASSPHRASE | string | `"pretix"` | |
| env.PRETIX_METRICS_USER | string | `"pretix"` | |
| env.PRETIX_PRETIX_CURRENCY | string | `"EUR"` | |
| env.PRETIX_PRETIX_DATADIR | string | `"/data"` | |
| env.PRETIX_PRETIX_INSTANCE_NAME | string | `"Pretix Helm"` | |
| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | string | `"on"` | |
| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | string | `"on"` | |
| env.PRETIX_PRETIX_URL | string | `"http://localhost"` | |
| env.PRETIX_REDIS_LOCATION | string | `"redis://pretix-redis-master/0"` | |
| env.PRETIX_REDIS_SESSIONS | bool | `true` | |
| fullnameOverride | string | `""` | |
| grafana.dashboards.annotations | object | `{}` | |
| grafana.dashboards.enabled | bool | `false` | |
| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.registry | string | `"docker.io"` | |
| image.repository | string | `"pretix/standalone"` | |
| image.tag | string | `""` | |
| imagePullSecrets | list | `[]` | |
| ingress.annotations | object | `{}` | |
| ingress.className | string | `""` | |
| ingress.enabled | bool | `false` | |
| ingress.hosts[0].host | string | `"chart-example.local"` | |
| ingress.hosts[0].paths[0].path | string | `"/"` | |
| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | |
| ingress.tls | list | `[]` | |
| livenessProbe.httpGet.httpHeaders[0].name | string | `"host"` | |
| livenessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | |
| livenessProbe.httpGet.path | string | `"/healthcheck/"` | |
| livenessProbe.httpGet.port | string | `"http"` | |
| nameOverride | string | `""` | |
| nodeSelector | object | `{}` | |
| persistence.accessMode | string | `"ReadWriteOnce"` | |
| persistence.annotations | object | `{}` | |
| persistence.enabled | bool | `true` | |
| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound |
| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod |
| persistence.size | string | `"5Gi"` | |
| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) |
| podAnnotations | object | `{}` | |
| podLabels | object | `{}` | |
| podSecurityContext | object | `{}` | |
| postgresql.auth.database | string | `"pretix"` | |
| postgresql.auth.password | string | `"pretix"` | |
| postgresql.auth.postgresPassword | string | `"supersecureadminpassword"` | |
| postgresql.auth.username | string | `"pretix"` | |
| postgresql.enabled | bool | `true` | |
| prometheus.rules.additionalRules | list | `[]` | |
| prometheus.rules.enabled | bool | `false` | |
| prometheus.rules.labels | object | `{}` | |
| prometheus.servicemonitor.enabled | bool | `false` | broken, Host need to be localhost on request (instatt of ip) needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003 |
| prometheus.servicemonitor.interval | string | `nil` | interval |
| prometheus.servicemonitor.labels | object | `{}` | |
| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout |
| readinessProbe.httpGet.httpHeaders[0].name | string | `"host"` | |
| readinessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | |
| readinessProbe.httpGet.path | string | `"/healthcheck/"` | |
| readinessProbe.httpGet.port | string | `"http"` | |
| redis.architecture | string | `"standalone"` | |
| redis.auth.enabled | bool | `false` | |
| redis.enabled | bool | `true` | |
| replicas.taskworker | int | `1` | |
| replicas.web | int | `1` | |
| resources | object | `{}` | |
| securityContext | object | `{}` | |
| service.port | int | `80` | |
| service.type | string | `"ClusterIP"` | |
| serviceAccount.annotations | object | `{}` | |
| serviceAccount.automount | bool | `true` | |
| serviceAccount.create | bool | `true` | |
| serviceAccount.name | string | `""` | |
| tolerations | list | `[]` | |
| volumeMounts | list | `[]` | |
| volumes | list | `[]` | |
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

10
pretix/ci/all-values.yaml Normal file
View file

@ -0,0 +1,10 @@
env:
a: a
persistence:
enabled: true
ingress:
enabled: true
annotations:
a: a

0
pretix/ci/empty-values.yaml Normal file
View file

22
pretix/templates/NOTES.txt Normal file
View file

@ -0,0 +1,22 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pretix.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pretix.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pretix.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pretix.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
{{- end }}

62
pretix/templates/_helpers.tpl Normal file
View file

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "pretix.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "pretix.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "pretix.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "pretix.labels" -}}
helm.sh/chart: {{ include "pretix.chart" . }}
{{ include "pretix.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "pretix.selectorLabels" -}}
app.kubernetes.io/name: {{ include "pretix.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "pretix.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "pretix.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

14
pretix/templates/configmap_grafana_dashboards.yaml Normal file
View file

@ -0,0 +1,14 @@
{{- if .Values.grafana.dashboards.enabled }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "pretix.fullname" . }}-grafana-dashboards
labels:
{{- include "pretix.labels" . | nindent 4 }}
{{- toYaml .Values.grafana.dashboards.labels | nindent 4 }}
annotations:
{{- toYaml .Values.grafana.dashboards.annotations | nindent 4 }}
data:
{{- (.Files.Glob "grafana_dashboards/*.json" ).AsConfig | nindent 2 }}
{{- end }}

84
pretix/templates/cronjob.yaml Normal file
View file

@ -0,0 +1,84 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: {{ include "pretix.fullname" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
spec:
schedule: {{ .Values.cronSchedule | quote }}
jobTemplate:
spec:
template:
metadata:
annotations:
checksum/secret: {{ toYaml $.Values.env | sha256sum }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 12 }}
{{- end }}
labels:
{{- include "pretix.labels" . | nindent 12 }}
app.kubernetes.io/component: cronjob
{{- with .Values.podLabels }}
{{- toYaml . | nindent 12 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 12 }}
{{- end }}
serviceAccountName: {{ include "pretix.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 12 }}
restartPolicy: OnFailure
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 16 }}
{{- with .Values.image }}
image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}"
imagePullPolicy: {{ .pullPolicy }}
{{- end }}
envFrom:
- secretRef:
name: {{ include "pretix.fullname" . }}
env:
# Migrations are handled by helm hooks in pretix-migrate.yaml
- name: AUTOMIGRATE
value: "skip"
command: [ "pretix" ]
args: [ "cron" ]
resources:
{{- toYaml .Values.resources | nindent 16 }}
volumeMounts:
- name: pretix-data
mountPath: /data
{{- with .Values.volumeMounts }}
{{- toYaml . | nindent 16 }}
{{- end }}
volumes:
- name: pretix-data
{{- if .Values.persistence.hostPath }}
hostPath:
type: Directory
path: {{ .Values.persistence.hostPath | quote }}
{{- else if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ with .Values.persistence.existingClaim }}{{ . }}{{- else }}{{ template "pretix.fullname" . }}{{- end }}
{{- else }}
emptyDir: {}
{{- end }}
{{- with .Values.volumes }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 12 }}
{{- end }}

101
pretix/templates/deployment.yaml Normal file
View file

@ -0,0 +1,101 @@
{{- range $component := list "web" "taskworker" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "pretix.fullname" $ }}-{{ $component }}
labels:
{{- include "pretix.labels" $ | nindent 4 }}
app.kubernetes.io/component: {{ $component }}
spec:
{{- if not $.Values.autoscaling.enabled }}
replicas: {{ get $.Values.replicas $component }}
{{- end }}
selector:
matchLabels:
{{- include "pretix.selectorLabels" $ | nindent 6 }}
app.kubernetes.io/component: {{ $component }}
template:
metadata:
annotations:
checksum/secret: {{ toYaml $.Values.env | sha256sum }}
{{- with $.Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "pretix.labels" $ | nindent 8 }}
app.kubernetes.io/component: {{ $component }}
{{- with $.Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with $.Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "pretix.serviceAccountName" $ }}
securityContext:
{{- toYaml $.Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ $.Chart.Name }}
securityContext:
{{- toYaml $.Values.securityContext | nindent 12 }}
{{- with $.Values.image }}
image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}"
imagePullPolicy: {{ .pullPolicy }}
{{- end }}
env:
# Migrations are handled by helm hooks in pretix-migrate.yaml
- name: AUTOMIGRATE
value: "skip"
envFrom:
- secretRef:
name: {{ include "pretix.fullname" $ }}
command: [ "pretix" ]
args: [ {{ $component | quote }} ]
{{- if (eq $component "web") }}
ports:
- name: http
containerPort: {{ $.Values.service.port }}
protocol: TCP
livenessProbe:
{{- toYaml $.Values.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml $.Values.readinessProbe | nindent 12 }}
{{- end }}
resources:
{{- toYaml $.Values.resources | nindent 12 }}
volumeMounts:
- name: pretix-data
mountPath: /data
{{- with $.Values.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
volumes:
- name: pretix-data
{{- if $.Values.persistence.hostPath }}
hostPath:
type: Directory
path: {{ $.Values.persistence.hostPath | quote }}
{{- else if $.Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ with $.Values.persistence.existingClaim }}{{ . }}{{- else }}{{ template "pretix.fullname" $ }}{{- end }}
{{- else }}
emptyDir: {}
{{- end }}
{{- with $.Values.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with $.Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

32
pretix/templates/hpa.yaml Normal file
View file

@ -0,0 +1,32 @@
{{- if .Values.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "pretix.fullname" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ include "pretix.fullname" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
metrics:
{{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}

43
pretix/templates/ingress.yaml Normal file
View file

@ -0,0 +1,43 @@
{{- if .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "pretix.fullname" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- with .Values.ingress.className }}
ingressClassName: {{ . }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- with .pathType }}
pathType: {{ . }}
{{- end }}
backend:
service:
name: {{ include "pretix.fullname" $ }}-web
port:
name: http
{{- end }}
{{- end }}
{{- end }}

81
pretix/templates/job-migrate.yaml Normal file
View file

@ -0,0 +1,81 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ include "pretix.fullname" . }}-migrate
labels:
{{- include "pretix.labels" . | nindent 4 }}
annotations:
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "5"
helm.sh/hook-delete-policy: hook-succeeded
spec:
template:
metadata:
annotations:
checksum/secret: {{ toYaml .Values.env | sha256sum }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "pretix.labels" . | nindent 8 }}
app.kubernetes.io/component: cronjob
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "pretix.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
restartPolicy: OnFailure
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
{{- with .Values.image }}
image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}"
imagePullPolicy: {{ .pullPolicy }}
{{- end }}
envFrom:
- secretRef:
name: {{ include "pretix.fullname" . }}
command: [ "pretix" ]
args: [ "migrate" ]
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- name: pretix-data
mountPath: /data
{{- with .Values.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
volumes:
- name: pretix-data
{{- if .Values.persistence.hostPath }}
hostPath:
type: Directory
path: {{ .Values.persistence.hostPath | quote }}
{{- else if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ with .Values.persistence.existingClaim }}{{ . }}{{- else }}{{ template "pretix.fullname" . }}{{- end }}
{{- else }}
emptyDir: {}
{{- end }}
{{- with .Values.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

29
pretix/templates/prometheus-rules.yaml Normal file
View file

@ -0,0 +1,29 @@
{{- if and .Values.prometheus.rules.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: {{ include "pretix.fullname" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
{{- with .Values.prometheus.rules.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
groups:
- name: {{ template "pretix.fullname" . }}-Additional
rules:
- alert: "pretix: error in task"
expr: rate(pretix_task_runs_total{status!="success"}[1h])!=0
for: 5m
labels:
severity: critical
annotations:
{{`
summary: "pretix task of {{ $labels.instance }} has an error on {{ $labels.task_name }} in the last hour"
`}}
{{- with .Values.prometheus.rules.additionalRules }}
- name: {{ template "pretix.fullname" $ }}-Additional
rules:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

29
pretix/templates/pvc.yaml Normal file
View file

@ -0,0 +1,29 @@
{{- if and
.Values.persistence.enabled
(not .Values.persistence.hostPath)
(not .Values.persistence.existingClaim)
}}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "pretix.fullname" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
{{- with .Values.persistence.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- with .Values.persistence.storageClass }}
{{- if (eq "-" .) }}
storageClassName: ""
{{- else }}
storageClassName: {{ . | quote }}
{{- end }}
{{- end }}
{{- end -}}

13
pretix/templates/secrets.yaml Normal file
View file

@ -0,0 +1,13 @@
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "pretix.fullname" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
annotations:
checksum/secret: {{ toYaml $.Values.env | sha256sum }}
data:
{{- range $name, $value := .Values.env }}
{{ $name }}: {{ toYaml $value | b64enc }}
{{- end }}

20
pretix/templates/service.yaml Normal file
View file

@ -0,0 +1,20 @@
{{- range $component := list "web" "taskworker" }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "pretix.fullname" $ }}-{{ $component }}
labels:
{{- include "pretix.labels" $ | nindent 4 }}
app.kubernetes.io/component: {{ $component }}
spec:
type: {{ $.Values.service.type }}
selector:
{{- include "pretix.selectorLabels" $ | nindent 4 }}
app.kubernetes.io/component: {{ $component }}
ports:
- port: {{ $.Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- end }}

13
pretix/templates/serviceaccount.yaml Normal file
View file

@ -0,0 +1,13 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "pretix.serviceAccountName" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
{{- end }}

36
pretix/templates/servicemonitor.yaml Normal file
View file

@ -0,0 +1,36 @@
{{- if and .Values.prometheus.servicemonitor.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ include "pretix.fullname" . }}
labels:
{{- include "pretix.labels" . | nindent 4 }}
{{- with .Values.prometheus.servicemonitor.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
selector:
matchLabels:
{{- include "pretix.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: web
endpoints:
- port: http
path: "/metrics"
enableHttp2: false
basicAuth:
username:
name: {{ include "pretix.fullname" . }}
key: PRETIX_METRICS_USER
password:
name: {{ include "pretix.fullname" . }}
key: PRETIX_METRICS_PASSPHRASE
{{- with .Values.prometheus.servicemonitor }}
{{- with .interval }}
interval: {{ . }}
{{- end }}
{{- with .scrapeTimeout }}
scrapeTimeout: {{ . }}
{{- end }}
{{- end }}
{{- end }}

15
pretix/templates/tests/test-connection.yaml Normal file
View file

@ -0,0 +1,15 @@
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "pretix.fullname" . }}-test-connection"
labels:
{{- include "pretix.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": test
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "pretix.fullname" . }}:{{ .Values.service.port }}']
restartPolicy: Never

224
pretix/values.yaml Normal file
View file

@ -0,0 +1,224 @@
# Default values for pretix.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
replicas:
web: 1
taskworker: 1
# This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
image:
registry: docker.io
repository: pretix/standalone
# This sets the pull policy for images.
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
cronSchedule: "*/30 * * * *"
env:
PRETIX_PRETIX_INSTANCE_NAME: Pretix Helm
PRETIX_PRETIX_URL: http://localhost
PRETIX_PRETIX_CURRENCY: EUR
PRETIX_PRETIX_DATADIR: /data
PRETIX_PRETIX_TRUST_X_FORWARDED_FOR: on
PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO: on
PRETIX_MAIL_FROM: test@example.com
PRETIX_MAIL_HOST:
PRETIX_MAIL_USER:
PRETIX_MAIL_PASSWORD:
PRETIX_MAIL_PORT: 587
PRETIX_MAIL_TLS: True
PRETIX_DATABASE_BACKEND: postgresql
PRETIX_DATABASE_NAME: pretix
PRETIX_DATABASE_USER: pretix
PRETIX_DATABASE_PASSWORD: pretix
PRETIX_DATABASE_HOST: pretix-postgresql
PRETIX_REDIS_LOCATION: redis://pretix-redis-master/0
PRETIX_REDIS_SESSIONS: true
PRETIX_CELERY_BACKEND: redis://pretix-redis-master/1
PRETIX_CELERY_BROKER: redis://pretix-redis-master/2
PRETIX_METRICS_ENABLED: false
PRETIX_METRICS_USER: pretix
PRETIX_METRICS_PASSPHRASE: pretix
# This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets: []
# This is to override the chart name.
nameOverride: ""
fullnameOverride: ""
#This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/
serviceAccount:
# Specifies whether a service account should be created
create: true
# Automatically mount a ServiceAccount's API credentials?
automount: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
# This is for setting Kubernetes Annotations to a Pod.
# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
podAnnotations: {}
# This is for setting Kubernetes Labels to a Pod.
# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
podLabels: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
annotations: {}
# -- Persistent Volume Storage Class
# If defined, storageClassName: <storageClass>
# If set to "-", storageClassName: "", which disables dynamic provisioning
# If undefined (the default) or set to null, no storageClassName spec is
# set, choosing the default provisioner. (gp2 on AWS, standard on
# GKE, AWS & OpenStack)
#
storageClass:
# -- A manually managed Persistent Volume and Claim
# Requires persistence.enabled: true
# If defined, PVC must be created manually before volume will be bound
existingClaim:
# -- Do not create an PVC, direct use hostPath in Pod
hostPath:
accessMode: ReadWriteOnce
size: 5Gi
# This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
service:
# This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: ClusterIP
# This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
port: 80
prometheus:
servicemonitor:
# -- broken, Host need to be localhost on request (instatt of ip)
# needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003
enabled: false
labels: {}
# -- interval
interval:
# -- scrape timeout
scrapeTimeout:
rules:
enabled: false
labels: {}
# current no default alertrules are provided
additionalRules: []
grafana:
dashboards:
enabled: false
labels:
grafana_dashboard: "1"
annotations: {}
# This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
livenessProbe:
httpGet:
path: /healthcheck/
port: http
httpHeaders:
- name: "host"
value: localhost
readinessProbe:
httpGet:
path: /healthcheck/
port: http
httpHeaders:
- name: "host"
value: localhost
#This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
# Additional volumes on the output Deployment definition.
volumes: []
# - name: foo
# secret:
# secretName: mysecret
# optional: false
# Additional volumeMounts on the output Deployment definition.
volumeMounts: []
# - name: foo
# mountPath: "/etc/foo"
# readOnly: true
nodeSelector: {}
tolerations: []
affinity: {}
postgresql:
enabled: true
auth:
database: pretix
username: pretix
password: pretix
postgresPassword: supersecureadminpassword
redis:
enabled: true
architecture: standalone
auth:
enabled: false