wrenix/helm-charts
1
0
Fork 0
Code Issues 8 Pull requests 2 Projects Packages Activity

fix: migrate markdown

Browse source
This commit is contained in:
WrenIX 2024-11-06 22:50:54 +01:00
parent c2d9a19f25
commit c1b6888e15
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
55 changed files with 1 additions and 10730 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
README.adoc
View file

@ -1,26 +0,0 @@
= helm-charts
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/<chart.name>
----
You can install a chart release using the following command:
[source,bash]
----
helm install <release> oci://codeberg.org/wrenix/helm-charts/<chart.name> --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall <release>
----

87
README.adoc.gotmpl
View file

@ -1,87 +0,0 @@
{{ define "chart.header" }}= {{ .Name }}
{{ end }}
{{ define "chart.versionBadge" }}
image::https://img.shields.io/badge/Version-{{ .Version | replace "-" "--" }}-informational?style=flat-square[Version: {{ .Version }}]{{end}}
{{ define "chart.typeBadge" }}
image::https://img.shields.io/badge/Version-{{ .Type }}-informational?style=flat-square[Type: {{ .Type }}]{{end}}
{{ define "chart.appVersionBadge" }}{{- if (ne .AppVersion "") }}
image::https://img.shields.io/badge/AppVersion-{{ .AppVersion }}-informational?style=flat-square[AppVersion: {{ .AppVersion }}]{{ end }}{{end}}
{{ define "chart.maintainersHeader" }}== Maintainers{{ end }}
{{ define "chart.maintainersTable" }}.Maintainers
|===
| Name | Email | Url
{{- range .Maintainers }}
| {{ .Name }}
| {{ if .Email }}<{{ .Email }}>{{ end }}
| {{ if .Url }}<{{ .Url }}>{{ end }}
{{- end }}
|===
{{ end }}
{{ define "chart.valuesHeader" }}== Values{{ end }}
{{ define "chart.valuesTable" -}}
{{- if .Sections.Sections -}}
{{- range .Sections.Sections }}
.Values {{.SectionName }}
{{ template "chart.valuesOneTable" .SectionItems }}
{{- end }}{{/* range sections*/}}
{{- if .Sections.DefaultSection.SectionItems -}}
.Values {{.Sections.DefaultSection.SectionName }}
{{ template "chart.valuesOneTable" .Sections.DefaultSection.SectionItems }}
{{- end }}{{/* end default section */}}
{{- else }}{{/* if no sections */}}
.Values
{{ template "chart.valuesOneTable" .Values }}
{{- end }}
{{ end }}{{/* end chart.valuesTable */}}
{{ define "chart.valuesOneTable" -}}
|===
| Key | Type | Default | Description
{{- range . }}
| {{ .Key }}
| {{ .Type }}
| {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }}
| {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }}
{{- end }}
|===
{{ end }}{{/* end chart.valuesOneTable */}}
{{- define "chart.prerequirements" -}}{{- end -}}
{{ template "chart.header" . }}
{{ template "chart.deprecationWarning" . }}
{{ template "chart.badgesSection" . }}
{{ template "chart.maintainersSection" . }}
{{ template "chart.prerequirements" . }}
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/{{ template "chart.name" . }}
----
You can install a chart release using the following command:
[source,bash]
----
helm install {{ template "chart.name" . }}-release oci://codeberg.org/wrenix/helm-charts/{{ template "chart.name" . }} --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall {{ template "chart.name" . }}-release
----
{{ template "chart.valuesSection" . }}
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

366
alertmanager-matrix/README.adoc
View file

@ -1,366 +0,0 @@
= alertmanager-matrix
image::https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square[Version: 0.1.10]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square[AppVersion: 0.5.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/alertmanager-matrix
----
You can install a chart release using the following command:
[source,bash]
----
helm install alertmanager-matrix-release oci://codeberg.org/wrenix/helm-charts/alertmanager-matrix --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall alertmanager-matrix-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| bot.alertmanager
| string
| `"http://localhost:9093"`
|
| bot.colors.alert
| string
| `"black"`
|
| bot.colors.critical
| string
| `"red"`
|
| bot.colors.error
| string
| `"red"`
|
| bot.colors.info
| string
| `"blue"`
|
| bot.colors.information
| string
| `"blue"`
|
| bot.colors.resolved
| string
| `"green"`
|
| bot.colors.silenced
| string
| `"gray"`
|
| bot.colors.warning
| string
| `"orange"`
|
| bot.icons.alert
| string
| `"🔔️"`
|
| bot.icons.critical
| string
| `"🚨"`
|
| bot.icons.error
| string
| `"🚨"`
|
| bot.icons.info
| string
| `""`
|
| bot.icons.information
| string
| `""`
|
| bot.icons.resolved
| string
| `"✅"`
|
| bot.icons.silenced
| string
| `"🔕"`
|
| bot.icons.warning
| string
| `"⚠️"`
|
| bot.matrix.homeserver
| string
| `"http://localhost:8008"`
|
| bot.matrix.rooms[0]
| string
| `"!not_existing:matrix.org"`
|
| bot.matrix.rooms[1]
| string
| `"!also_not_existing:matrix.org"`
|
| bot.matrix.token
| string
| `"SECRET_TOKEN"`
|
| bot.matrix.userID
| string
| `"bot"`
|
| bot.messageType
| string
| `"m.notice"`
|
| bot.showLabels
| bool
| `false`
|
| bot.template.html
| string
| `"{{ range .Alerts }}\n <font color=\"{{.StatusString|color}}\">\n {{.StatusString|icon}}\n <b>{{.StatusString|upper}}</b>\n {{.AlertName}}:\n </font>\n {{.Summary}}\n {{if ne .Fingerprint \"\"}}\n ({{.Fingerprint}})\n {{end}}\n {{if $.ShowLabels}}\n <br/>\n <b>Labels:</b>\n <code>{{.LabelString}}</code>\n {{end}}\n <br/>\n{{- end -}}\n"`
|
| bot.template.text
| string
| `"{{ range .Alerts }}\n {{- .StatusString|icon}} {{ .StatusString|upper }}{{ .AlertName }}: {{ .Summary }} {{ if ne .Fingerprint \"\" -}}\n ({{.Fingerprint}})\n {{- end}}\n {{- if $.ShowLabels -}}\n , labels:\n {{- .LabelString}}\n {{- end }}\n{{ end -}}\n"`
|
| fullnameOverride
| string
| `""`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"registry.gitlab.com"`
|
| image.repository
| string
| `"wrenix/alertmanager_matrix"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| logging.additionalFilters
| list
| `[]`
| Add other filters to Flow
| logging.dedot
| string
| `nil`
| if an filter (here or global) for dedot is active - for disable set `null`
| logging.enabled
| bool
| `false`
| Deploy Flow for logging-operator
| logging.globalOutputRefs
| list
| `["default"]`
| Flows globalOutputRefs for use of ClusterOutputs
| logging.localOutputRefs
| list
| `[]`
| Flows localOutputRefs for use of Outputs
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `4051`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

301
alertmanager-ntfy/README.adoc
View file

@ -1,301 +0,0 @@
= alertmanager-ntfy
image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.3.0-informational?style=flat-square[AppVersion: 0.3.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/alertmanager-ntfy
----
You can install a chart release using the following command:
[source,bash]
----
helm install alertmanager-ntfy-release oci://codeberg.org/wrenix/helm-charts/alertmanager-ntfy --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall alertmanager-ntfy-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"docker.io"`
|
| image.repository
| string
| `"xenrox/ntfy-alertmanager"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| ntfyAlertmanager.labels.entries[0].label
| string
| `"severity"`
|
| ntfyAlertmanager.labels.entries[0].priority
| int
| `5`
|
| ntfyAlertmanager.labels.entries[0].tags[0]
| string
| `"rotating_light"`
|
| ntfyAlertmanager.labels.entries[0].value
| string
| `"critical"`
|
| ntfyAlertmanager.labels.entries[1].label
| string
| `"severity"`
|
| ntfyAlertmanager.labels.entries[1].priority
| int
| `1`
|
| ntfyAlertmanager.labels.entries[1].value
| string
| `"info"`
|
| ntfyAlertmanager.labels.entries[2].label
| string
| `"instance"`
|
| ntfyAlertmanager.labels.entries[2].tags[0]
| string
| `"computer"`
|
| ntfyAlertmanager.labels.entries[2].tags[1]
| string
| `"example"`
|
| ntfyAlertmanager.labels.entries[2].value
| string
| `"example.com"`
|
| ntfyAlertmanager.labels.order[0]
| string
| `"severity"`
|
| ntfyAlertmanager.labels.order[1]
| string
| `"instance"`
|
| ntfyAlertmanager.logLevel
| string
| `"info"`
|
| ntfyAlertmanager.ntfy.topic
| string
| `"https://ntfy.sh/alertmanager-alerts"`
|
| ntfyAlertmanager.port
| int
| `80`
|
| ntfyAlertmanager.resolved.tags[0]
| string
| `"resolved"`
|
| ntfyAlertmanager.resolved.tags[1]
| string
| `"partying_face"`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `80`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

284
authentik-application/README.adoc
View file

@ -1,284 +0,0 @@
= authentik-application
image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
## Pre-Requirement
Usage of https://github.com/goauthentik/helm/pull/146
## or manual:
Install authentik with this `values.yaml`:
```yaml
serviceAccount:
create: true
additionalContainers:
- name: sidecar-blueprints
image: "ghcr.io/kiwigrid/k8s-sidecar:1.25.1"
env:
- name: "FOLDER"
value: "/blueprints/sidecar"
- name: "LABEL"
value: "goauthentik_blueprint"
- name: "LABEL_VALUE"
value: "1"
# - name: "NAMESPACE"
# value: "ALL"
- name: "RESOURCE"
value: "both"
- name: "UNIQUE_FILENAMES"
value: "true"
volumeMounts:
- name: sidecar-blueprints
mountPath: /blueprints/sidecar
volumeMounts:
- name: sidecar-blueprints
mountPath: /blueprints/sidecar
volumes:
- name: sidecar-blueprints
emptyDir: {}
```
And create an Role and bind them on to the ServiceAccount to read secrets:
```yaml
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: authentik-blueprint-sidecar
rules:
- apiGroups: [""]
resources: ["configmaps", "secrets"]
verbs: ["get", "watch", "list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: authentik-blueprint-sidecar
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: authentik-blueprint-sidecar
subjects:
- kind: ServiceAccount
name: authentik
```
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/authentik-application
----
You can install a chart release using the following command:
[source,bash]
----
helm install authentik-application-release oci://codeberg.org/wrenix/helm-charts/authentik-application --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall authentik-application-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| blueprint.application.bindPolicyID
| string
| `nil`
| uuid for bindPolicyID for group - if not set generated on secret for be stable (or groups: [] filled)
| blueprint.application.description
| string
| `""`
| description of application
| blueprint.application.group
| string
| `""`
| put this application in authentik in group
| blueprint.application.icon
| string
| `""`
| icon of application (url)
| blueprint.application.launchURL
| string
| `""`
|
| blueprint.application.name
| string
| `""`
| application name in menu
| blueprint.application.openInNewTab
| bool
| `false`
| open application in new tab
| blueprint.application.policyEngineMode
| string
| `"any"`
|
| blueprint.application.publisher
| string
| `""`
| publisher of application
| blueprint.application.slug
| string
| `"app-name"`
| application slug
| blueprint.authentik.domain
| string
| `"https://auth.wrenix.eu"`
| domain to authentik, used in generated url (like issuer)
| blueprint.groups
| string
| `nil`
| authentik groups created / give access to this application disable any groups by set groups: [] (to a slice) example: - slug: "app: grafana-admin" parent: "app: infra" bindID: uuid
| blueprint.labels
| object
| `{"goauthentik_blueprint":"1"}`
| label of generated secret with blueprint
| blueprint.provider.authorizationFlow
| string
| `"default-provider-authorization-implicit-consent"`
|
| blueprint.provider.enabled
| bool
| `true`
| creat an provider for authentification (otherwise just a like in menu is created)
| blueprint.provider.name
| string
| `""`
|
| blueprint.provider.oidc.clientID
| string
| `nil`
| client id - generated if secret enabled
| blueprint.provider.oidc.clientSecret
| string
| `nil`
| client secret - generated if secret enabled
| blueprint.provider.oidc.clientType
| string
| `"confidential"`
|
| blueprint.provider.oidc.redirectURL
| string
| `""`
|
| blueprint.provider.oidc.scopes
| string
| `nil`
| Scope
| blueprint.provider.oidc.signingKey
| string
| `""`
| Need for non-curve / RSA
| blueprint.provider.proxy.cookieDomain
| string
| `""`
|
| blueprint.provider.proxy.externalHost
| string
| `nil`
|
| blueprint.provider.proxy.ingress.annotations
| list
| `[]`
| annotations to ingress for outpost
| blueprint.provider.proxy.ingress.backend
| string
| `"authentik"`
| service backend to authentik
| blueprint.provider.proxy.ingress.domain
| string
| `nil`
| domain of application (where outpost should be deployed)
| blueprint.provider.proxy.ingress.enabled
| bool
| `false`
| deploy ingress on application domain for e.g. logout (WIP)
| blueprint.provider.proxy.ingress.tls
| list
| `[]`
| tls to ingress for outpost
| blueprint.provider.proxy.skipPathRegex
| string
| `""`
|
| blueprint.provider.saml
| string
| `nil`
|
| blueprint.provider.type
| string
| `"oidc"`
| type of application connection, current support: oidc, saml and proxy
| secret.labels
| object
| `{}`
| label of secret to store generated secret
| secret.name
| string
| `""`
| name of secret to store generated secret (like clientI)
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

426
conduit/README.adoc
View file

@ -1,426 +0,0 @@
= conduit
image::https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square[Version: 1.0.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square[AppVersion: 0.9.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/conduit
----
You can install a chart release using the following command:
[source,bash]
----
helm install conduit-release oci://codeberg.org/wrenix/helm-charts/conduit --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall conduit-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| conduit.allowEncryption
| bool
| `true`
|
| conduit.allowFederation
| bool
| `true`
|
| conduit.allowRegistration
| bool
| `false`
|
| conduit.allowRoomCreation
| bool
| `true`
|
| conduit.allowUnstableRoomVersions
| bool
| `true`
|
| conduit.log
| string
| `nil`
|
| conduit.maxConcurrentRequests
| string
| `nil`
|
| conduit.maxRequestSize
| string
| `"20000000"`
| in bytes default 20 MB
| conduit.registrationToken
| string
| `nil`
|
| conduit.server_name
| string
| `"your.server.name"`
|
| conduit.trustedServers[0]
| string
| `"matrix.org"`
|
| conduit.wellKnown.client
| string
| `""`
| client well-known configuration in conduit
| conduit.wellKnown.server
| string
| `"https://your.server.name"`
| server well-known configuration in conduit
| fullnameOverride
| string
| `""`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"docker.io"`
|
| image.repository
| string
| `"matrixconduit/matrix-conduit"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
|
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `true`
|
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Do not create an PVC, direct use hostPath in Pod
| persistence.size
| string
| `"1Gi"`
|
| persistence.storageClass
| string
| `nil`
| Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `6167`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| wellknown.affinity
| object
| `{}`
|
| wellknown.client
| object
| `{"m.homeserver":{"base_url":"https://your.server.name/"},"org.matrix.msc3575.proxy":{"url":"https://your.server.name/"}}`
| client entry in well-known
| wellknown.containerPort
| int
| `80`
|
| wellknown.enabled
| bool
| `false`
|
| wellknown.env
| list
| `[]`
|
| wellknown.image.pullPolicy
| string
| `"IfNotPresent"`
|
| wellknown.image.registry
| string
| `"docker.io"`
|
| wellknown.image.repository
| string
| `"library/nginx"`
|
| wellknown.image.tag
| string
| `"1.27.2"`
|
| wellknown.nginxServerConf
| string
| `"server {\n listen {{ .containerPort }};\n server_name localhost;\n\n location /.well-known/matrix/server {\n return 200 {{ toJson .server | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n }\n\n location /.well-known/matrix/client {\n return 200 {{ toJson .client | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n add_header \"Access-Control-Allow-Origin\" *;\n }\n\n location / {\n # return 200 'Welcome to the your.server.name conduit server!';\n # types { } default_type \"text/plain; charset=utf-8\";\n return 404;\n }\n\n location /nginx_health {\n return 200 'OK';\n types { } default_type \"text/plain; charset=utf-8\";\n }\n}"`
| nginx config
| wellknown.nodeSelector
| object
| `{}`
|
| wellknown.podAnnotations
| list
| `[]`
|
| wellknown.podLabels
| object
| `{}`
|
| wellknown.podSecurityContext
| object
| `{}`
|
| wellknown.replicaCount
| int
| `1`
|
| wellknown.resources
| object
| `{}`
|
| wellknown.rewriteRoot
| bool
| `false`
| if ingress is enabled: specifies whether ingress should redirect the `/`-Location to the wellknown server
| wellknown.securityContext
| object
| `{}`
|
| wellknown.server
| object
| `{"m.server":"your.server.name:443"}`
| server entry in well-known
| wellknown.service.annotations
| object
| `{}`
|
| wellknown.service.port
| int
| `8080`
|
| wellknown.service.type
| string
| `"ClusterIP"`
|
| wellknown.tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

8
docs/antora.yml
View file

@ -1,8 +0,0 @@
name: wrenix-helm
title: "WrenIX's Helm charts"
version:
main: latest
nav:
- modules/ROOT/nav.adoc
- modules/charts/nav.adoc

1
docs/modules/ROOT/nav.adoc
View file

@ -1 +0,0 @@
* xref:index.adoc[Home]

1
docs/modules/ROOT/pages/index.adoc
View file

@ -1 +0,0 @@
../../../../README.adoc

16
docs/modules/charts/generate.sh
View file

@ -1,16 +0,0 @@
#!/bin/sh
ROOT_DIR="./docs/modules/charts/"
rm "${ROOT_DIR}/pages/"*".adoc"
echo "* charts" > "${ROOT_DIR}/nav.adoc"
for name in * ; do
if \
[ ! -d $name ] || \
[ ! -f $name/Chart.yaml ] \
; then
continue;
fi
ln -sf "../../../../${name}/README.adoc" "${ROOT_DIR}/pages/${name}.adoc";
echo "** xref:${name}.adoc[${name}]" >> "${ROOT_DIR}/nav.adoc"
done

24
docs/modules/charts/nav.adoc
View file

@ -1,24 +0,0 @@
* charts
** xref:alertmanager-matrix.adoc[alertmanager-matrix]
** xref:alertmanager-ntfy.adoc[alertmanager-ntfy]
** xref:authentik-application.adoc[authentik-application]
** xref:conduit.adoc[conduit]
** xref:element-call.adoc[element-call]
** xref:forgejo-runner.adoc[forgejo-runner]
** xref:gotosocial.adoc[gotosocial]
** xref:grampsweb.adoc[grampsweb]
** xref:headscale.adoc[headscale]
** xref:headscale-ui.adoc[headscale-ui]
** xref:home-assistant.adoc[home-assistant]
** xref:hydrogen-web.adoc[hydrogen-web]
** xref:jellyfin.adoc[jellyfin]
** xref:matrix-authentication-service.adoc[matrix-authentication-service]
** xref:matrix-sliding-sync.adoc[matrix-sliding-sync]
** xref:matrix-synapse.adoc[matrix-synapse]
** xref:mautrix-signal.adoc[mautrix-signal]
** xref:miniserve.adoc[miniserve]
** xref:monitoring.adoc[monitoring]
** xref:ntfy.adoc[ntfy]
** xref:postgresql.adoc[postgresql]
** xref:speedtest-exporter.adoc[speedtest-exporter]
** xref:stalwart-mail.adoc[stalwart-mail]

1
docs/modules/charts/pages/alertmanager-matrix.adoc
View file

@ -1 +0,0 @@
../../../../alertmanager-matrix/README.adoc

1
docs/modules/charts/pages/alertmanager-ntfy.adoc
View file

@ -1 +0,0 @@
../../../../alertmanager-ntfy/README.adoc

1
docs/modules/charts/pages/authentik-application.adoc
View file

@ -1 +0,0 @@
../../../../authentik-application/README.adoc

1
docs/modules/charts/pages/conduit.adoc
View file

@ -1 +0,0 @@
../../../../conduit/README.adoc

1
docs/modules/charts/pages/element-call.adoc
View file

@ -1 +0,0 @@
../../../../element-call/README.adoc

1
docs/modules/charts/pages/forgejo-runner.adoc
View file

@ -1 +0,0 @@
../../../../forgejo-runner/README.adoc

1
docs/modules/charts/pages/gotosocial.adoc
View file

@ -1 +0,0 @@
../../../../gotosocial/README.adoc

1
docs/modules/charts/pages/grampsweb.adoc
View file

@ -1 +0,0 @@
../../../../grampsweb/README.adoc

1
docs/modules/charts/pages/headscale-ui.adoc
View file

@ -1 +0,0 @@
../../../../headscale-ui/README.adoc

1
docs/modules/charts/pages/headscale.adoc
View file

@ -1 +0,0 @@
../../../../headscale/README.adoc

1
docs/modules/charts/pages/home-assistant.adoc
View file

@ -1 +0,0 @@
../../../../home-assistant/README.adoc

1
docs/modules/charts/pages/hydrogen-web.adoc
View file

@ -1 +0,0 @@
../../../../hydrogen-web/README.adoc

1
docs/modules/charts/pages/jellyfin.adoc
View file

@ -1 +0,0 @@
../../../../jellyfin/README.adoc

1
docs/modules/charts/pages/matrix-authentication-service.adoc
View file

@ -1 +0,0 @@
../../../../matrix-authentication-service/README.adoc

1
docs/modules/charts/pages/matrix-sliding-sync.adoc
View file

@ -1 +0,0 @@
../../../../matrix-sliding-sync/README.adoc

1
docs/modules/charts/pages/matrix-synapse.adoc
View file

@ -1 +0,0 @@
../../../../matrix-synapse/README.adoc

1
docs/modules/charts/pages/mautrix-signal.adoc
View file

@ -1 +0,0 @@
../../../../mautrix-signal/README.adoc

1
docs/modules/charts/pages/miniserve.adoc
View file

@ -1 +0,0 @@
../../../../miniserve/README.adoc

1
docs/modules/charts/pages/monitoring.adoc
View file

@ -1 +0,0 @@
../../../../monitoring/README.adoc

1
docs/modules/charts/pages/ntfy.adoc
View file

@ -1 +0,0 @@
../../../../ntfy/README.adoc

1
docs/modules/charts/pages/postgresql.adoc
View file

@ -1 +0,0 @@
../../../../postgresql/README.adoc

1
docs/modules/charts/pages/speedtest-exporter.adoc
View file

@ -1 +0,0 @@
../../../../speedtest-exporter/README.adoc

1
docs/modules/charts/pages/stalwart-mail.adoc
View file

@ -1 +0,0 @@
../../../../stalwart-mail/README.adoc

402
element-call/README.adoc
View file

@ -1,402 +0,0 @@
= element-call
image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square[AppVersion: 0.6.6]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/element-call
----
You can install a chart release using the following command:
[source,bash]
----
helm install element-call-release oci://codeberg.org/wrenix/helm-charts/element-call --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall element-call-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| service.call.affinity
| object
| `{}`
|
| service.call.config
| object
| `{}`
|
| service.call.image.pullPolicy
| string
| `"IfNotPresent"`
|
| service.call.image.registry
| string
| `"ghcr.io"`
|
| service.call.image.repository
| string
| `"element-hq/element-call"`
|
| service.call.image.tag
| string
| `nil`
| Overrides the image tag whose default is the chart appVersion.
| service.call.ingress.host
| string
| `nil`
|
| service.call.livenessProbe.httpGet.path
| string
| `"/"`
|
| service.call.livenessProbe.httpGet.port
| string
| `"http"`
|
| service.call.networkPolicy.egress.enabled
| bool
| `true`
| activate egress no networkpolicy
| service.call.networkPolicy.egress.extra
| list
| `[]`
| egress rules
| service.call.networkPolicy.enabled
| bool
| `false`
|
| service.call.networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller)
| service.call.nodeSelector
| object
| `{}`
|
| service.call.podAnnotations
| object
| `{}`
|
| service.call.podLabels
| object
| `{}`
|
| service.call.podSecurityContext
| object
| `{}`
|
| service.call.readinessProbe.httpGet.path
| string
| `"/"`
|
| service.call.readinessProbe.httpGet.port
| string
| `"http"`
|
| service.call.replicaCount
| int
| `1`
|
| service.call.resources
| object
| `{}`
|
| service.call.securityContext
| object
| `{}`
|
| service.call.serviceAccount.annotations
| object
| `{}`
|
| service.call.serviceAccount.automount
| bool
| `true`
|
| service.call.serviceAccount.create
| bool
| `true`
|
| service.call.serviceAccount.name
| string
| `""`
|
| service.call.tolerations
| list
| `[]`
|
| service.lkJWT.affinity
| object
| `{}`
|
| service.lkJWT.config.key
| string
| `"devkey"`
|
| service.lkJWT.config.secret
| string
| `"secret"`
|
| service.lkJWT.config.url
| string
| `""`
|
| service.lkJWT.enabled
| bool
| `true`
|
| service.lkJWT.image.pullPolicy
| string
| `"IfNotPresent"`
|
| service.lkJWT.image.registry
| string
| `"ghcr.io"`
|
| service.lkJWT.image.repository
| string
| `"element-hq/lk-jwt-service"`
|
| service.lkJWT.image.tag
| string
| `"sha-4a29504"`
|
| service.lkJWT.ingress.host
| string
| `nil`
|
| service.lkJWT.livenessProbe.httpGet.path
| string
| `"/healthz"`
|
| service.lkJWT.livenessProbe.httpGet.port
| string
| `"http"`
|
| service.lkJWT.networkPolicy.egress.enabled
| bool
| `false`
| activate egress no networkpolicy
| service.lkJWT.networkPolicy.egress.extra
| list
| `[]`
| egress rules
| service.lkJWT.networkPolicy.enabled
| bool
| `false`
|
| service.lkJWT.networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller)
| service.lkJWT.nodeSelector
| object
| `{}`
|
| service.lkJWT.podAnnotations
| object
| `{}`
|
| service.lkJWT.podLabels
| object
| `{}`
|
| service.lkJWT.podSecurityContext
| object
| `{}`
|
| service.lkJWT.readinessProbe.httpGet.path
| string
| `"/healthz"`
|
| service.lkJWT.readinessProbe.httpGet.port
| string
| `"http"`
|
| service.lkJWT.replicaCount
| int
| `1`
|
| service.lkJWT.resources
| object
| `{}`
|
| service.lkJWT.securityContext
| object
| `{}`
|
| service.lkJWT.serviceAccount.annotations
| object
| `{}`
|
| service.lkJWT.serviceAccount.automount
| bool
| `true`
|
| service.lkJWT.serviceAccount.create
| bool
| `true`
|
| service.lkJWT.serviceAccount.name
| string
| `""`
|
| service.lkJWT.tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

413
forgejo-runner/README.adoc
View file

@ -1,413 +0,0 @@
= forgejo-runner
image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-4.0.1-informational?style=flat-square[AppVersion: 4.0.1]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Accessing docker socket inside job containers
To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`):
[source,yaml]
----
runner:
config:
create: true
existingSecret: ""
file:
log:
level: "info"
runner:
file: ".runner"
capacity: 1
envs:
A_TEST_ENV_NAME_1: null
A_TEST_ENV_NAME_2: null
DOCKER_HOST: tcp://127.0.0.1:2376
DOCKER_TLS_VERIFY: 1
DOCKER_CERT_PATH: /certs/client
container:
network: host
enable_ipv6: false
privileged: false
options: -v /certs/client:/certs/client
valid_volumes:
- /certs/client
----
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/forgejo-runner
----
You can install a chart release using the following command:
[source,bash]
----
helm install forgejo-runner-release oci://codeberg.org/wrenix/helm-charts/forgejo-runner --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall forgejo-runner-release
----
== Values
.Values Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml)
|===
| Key | Type | Default | Description
| runner.config.file.cache.dir
| string
| `""`
| The directory to store the cache data. If it's empty, the cache data will be stored in $HOME/.cache/actcache.
| runner.config.file.cache.enabled
| bool
| `true`
| Enable cache server to use actions/cache.
| runner.config.file.cache.external_server
| string
| `""`
| The external cache server URL. Valid only when enable is true. If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself. The URL should generally end with "/".
| runner.config.file.cache.host
| string
| `""`
| The host of the cache server. It's not for the address to listen, but the address to connect from job containers. So 0.0.0.0 is a bad choice, leave it empty to detect automatically.
| runner.config.file.cache.port
| int
| `0`
| The port of the cache server. 0 means to use a random available port.
| runner.config.file.container.docker_host
| string
| `""`
| overrides the docker client host with the specified one. If it's empty, act_runner will find an available docker host automatically. If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
| runner.config.file.container.enable_ipv6
| bool
| `false`
| Whether to create networks with IPv6 enabled. Requires the Docker daemon to be set up accordingly. Only takes effect if "network" is set to "".
| runner.config.file.container.force_pull
| bool
| `false`
| Pull docker image(s) even if already present
| runner.config.file.container.network
| string
| `""`
| Specifies the network to which the container will connect. Could be host, bridge or the name of a custom network. If it's empty, create a network automatically.
| runner.config.file.container.options
| string
| `nil`
| And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`).
| runner.config.file.container.privileged
| bool
| `false`
| And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`).
| runner.config.file.container.valid_volumes
| list
| `[]`
| Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: valid_volumes: - data - /src/*.json If you want to allow any volume, please use the following configuration: valid_volumes: - '**'
| runner.config.file.container.workdir_parent
| string
| `nil`
| The parent directory of a job's working directory. If it's empty, /workspace will be used.
| runner.config.file.host.workdir_parent
| string
| `nil`
| The parent directory of a job's working directory. If it's empty, $HOME/.cache/act/ will be used.
| runner.config.file.log.level
| string
| `"info"`
| The level of logging, can be trace, debug, info, warn, error, fatal
| runner.config.file.runner.capacity
| int
| `1`
| Execute how many tasks concurrently at the same time.
| runner.config.file.runner.env_file
| string
| `".env"`
| Extra environment variables to run jobs from a file. It will be ignored if it's empty or the file doesn't exist.
| runner.config.file.runner.envs
| object
| `{"A_TEST_ENV_NAME_1":"a_test_env_value_1","A_TEST_ENV_NAME_2":"a_test_env_value_2"}`
| Extra environment variables to run jobs.
| runner.config.file.runner.fetch_interval
| string
| `"2s"`
| The interval for fetching the job from the Forgejo instance.
| runner.config.file.runner.fetch_timeout
| string
| `"5s"`
| The timeout for fetching the job from the Forgejo instance.
| runner.config.file.runner.file
| string
| `".runner"`
| Runner config which contains id and token of this runner (autogenerate with create)
| runner.config.file.runner.insecure
| bool
| `false`
| Whether skip verifying the TLS certificate of the Forgejo instance.
| runner.config.file.runner.labels
| list
| `[]`
| The labels of a runner are used to determine which jobs the runner can run, and how to run them. Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"] If it's empty when registering, it will ask for inputting labels. If it's empty when execute `deamon`, will use labels in `.runner` file.
| runner.config.file.runner.timeout
| string
| `"3h"`
| The timeout for a job to be finished. Please note that the Forgejo instance also has a timeout (3h by default) for the job. So the job could be stopped by the Forgejo instance if it's timeout is shorter than this.
|===
.Values Other Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.behavior
| object
| `{}`
| behavior of HPA Example: scaleDown: stabilizationWindowSeconds: 300 policies: - type: Pods value: 1 periodSeconds: 60 scaleUp: stabilizationWindowSeconds: 0 policies: - type: Pods value: 1 periodSeconds: 60
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| dind.image.pullPolicy
| string
| `"IfNotPresent"`
|
| dind.image.registry
| string
| `"docker.io"`
|
| dind.image.repository
| string
| `"library/docker"`
|
| dind.image.tag
| string
| `"27.3.1-dind"`
|
| extraEnvVars
| list
| `[]`
| Additional environment variables to be set on runner container Example: extraEnvVars: - name: FOO value: "bar"
| fullnameOverride
| string
| `""`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"code.forgejo.org"`
|
| image.repository
| string
| `"forgejo/runner"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| kubectl.image.pullPolicy
| string
| `"IfNotPresent"`
|
| kubectl.image.registry
| string
| `"docker.io"`
|
| kubectl.image.repository
| string
| `"bitnami/kubectl"`
|
| kubectl.image.tag
| string
| `"1.31.2"`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| runner.config.create
| bool
| `true`
|
| runner.config.existingSecret
| string
| `""`
| use existingSecret instatt
| runner.config.instance
| string
| `"https://codeberg.org"`
|
| runner.config.name
| string
| `nil`
|
| runner.config.token
| string
| `nil`
|
| securityContext.privileged
| bool
| `true`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.automount
| bool
| `true`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

567
gotosocial/README.adoc
View file

@ -1,567 +0,0 @@
= gotosocial
image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.17.3-informational?style=flat-square[AppVersion: 0.17.3]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/gotosocial
----
You can install a chart release using the following command:
[source,bash]
----
helm install gotosocial-release oci://codeberg.org/wrenix/helm-charts/gotosocial --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall gotosocial-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| gotosocial.accountDomain
| string
| `""`
|
| gotosocial.accounts.allowCustomCSS
| bool
| `false`
| Allow accounts on this instance to set custom CSS for their profile pages and statuses. Enabling this setting will allow accounts to upload custom CSS via the /user settings page, which will then be rendered on the web view of the account's profile and statuses. For instances with public sign ups, it is **HIGHLY RECOMMENDED** to leave this setting on 'false', since setting it to true allows malicious accounts to make their profile pages misleading, unusable or even dangerous to visitors. In other words, you should only enable this setting if you trust the users on your instance not to produce harmful CSS. Regardless of what this value is set to, any uploaded CSS will not be federated to other instances, it will only be shown on profiles and statuses on *this* instance.
| gotosocial.accounts.approvalRequired
| bool
| `true`
| Do sign up requests require approval from an admin/moderator before an account can sign in/use the server?
| gotosocial.accounts.customCSSLength
| int
| `10000`
| If accounts-allow-custom-css is true, this is the permitted length in characters for CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false.
| gotosocial.accounts.reasonRequired
| bool
| `true`
| Are sign up requests required to submit a reason for the request (eg., an explanation of why they want to join the instance)?
| gotosocial.accounts.registrationOpen
| bool
| `true`
| Do we want people to be able to just submit sign up requests, or do we want invite only?
| gotosocial.applicationName
| string
| `"gotosocial"`
|
| gotosocial.database.address
| string
| `""`
| Database address or parameters. For Postgres, this should be the address or socket at which the database can be reached.
| gotosocial.database.database
| string
| `"gotosocial"`
| Name of the database to use within the provided database type.
| gotosocial.database.password
| string
| `""`
| Password to use for the database connection
| gotosocial.database.port
| int
| `5432`
| Port for database connection.
| gotosocial.database.tlsCACert
| string
| `""`
| Path to a CA certificate on the host machine for db certificate validation. If this is left empty, just the host certificates will be used. If filled in, the certificate will be loaded and added to host certificates.
| gotosocial.database.tlsMode
| string
| `"disabled"`
| Disable, enable, or require SSL/TLS connection to the database. If "disable" then no TLS connection will be attempted. If "enable" then TLS will be tried, but the database certificate won't be checked (for self-signed certs). If "require" then TLS will be required to make a connection, and a valid certificate must be presented.
| gotosocial.database.type
| string
| `"sqlite"`
| Database type. Options: ["postgres","sqlite"]
| gotosocial.database.username
| string
| `""`
| Username for the database connection.
| gotosocial.host
| string
| `"localhost"`
|
| gotosocial.instance.deliverToSharedInboxes
| bool
| `true`
| This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually. Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances). See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery
| gotosocial.instance.expose.peers
| bool
| `false`
| Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint.
| gotosocial.instance.expose.publicTimeline
| bool
| `false`
| This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually. Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances). See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery
| gotosocial.instance.expose.suspended
| bool
| `false`
| Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint. WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers. See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots
| gotosocial.instance.expose.suspendedWeb
| bool
| `false`
| Allow unauthenticated users to view /about/suspended, showing the HTML rendered list of instances that this instance blocks/suspends.
| gotosocial.instance.federation.mode
| string
| `"blocklist"`
| Federation mode to use for this instance. "blocklist" -- open federation by default. Only instances that are explicitly blocked will be denied (unless they are also explicitly allowed). "allowlist" -- closed federation by default. Only instances that are explicitly allowed will be able to interact with this instance. For more details on blocklist and allowlist modes, check the documentation at: https://docs.gotosocial.org/en/latest/admin/federation_modes Options: ["blocklist", "allowlist"]
| gotosocial.instance.federation.spamFilter
| bool
| `false`
| Enable spam filtering heuristics for messages entering your instance via the federation API. Regardless of what you set here, basic checks for message relevancy will still be performed, but you can try enabling this setting if you are being spammed with unwanted messages from other instances, and want to more strictly filter out spam messages. THIS IS CURRENTLY AN EXPERIMENTAL SETTING, AND MAY FILTER OUT LEGITIMATE MESSAGES, OR FAIL TO FILTER OUT SPAMMY MESSAGES. It is recommended to only enable this setting when the fediverse is in the midst of a spam wave, and you need to batten down the hatches to keep your instance usable. The decision of whether a message counts as spam or not is made based on the following heuristics, in order, where receiver = the account on your instance that received a message in their inbox, and requester = the account on a remote instance that sent the message. First, basic relevancy checks 1. Receiver follows requester. Return OK. 2. Statusable doesn't mention receiver. Return NotRelevant. If instance-federation-spam-filter = false, then return OK now. Otherwise check: 3. Receiver is locked and is followed by requester. Return OK. 4. Five or more people are mentioned. Return Spam. 5. Receiver follow (requests) a mentioned account. Return OK. 6. Statusable has a media attachment. Return Spam. 7. Statusable contains non-mention, non-hashtag links. Return Spam. Messages identified as spam will be dropped from your instance, and not inserted into the database, or into home timelines or notifications.
| gotosocial.instance.injectMastodonVersion
| bool
| `false`
| This flag will inject a Mastodon version into the version field that is included in /api/v1/instance. This version is often used by Mastodon clients to do API feature detection. By injecting a Mastodon compatible version, it is possible to cajole those clients to behave correctly with GoToSocial.
| gotosocial.instance.languages
| list
| `[]`
| BCP47 language tags to indicate preferred languages of users on this instance. If you provide these, you should provide these in order from most-preferred to least-preferred, but note that leaving out a language from this array doesn't mean it can't be used on this instance, it only means it won't be advertised as a preferred instance language. It is valid to provide no entries here; your instance will then have no particular preferred language. See here for commonly-used tags: https://en.wikipedia.org/wiki/IETF_language_tag#List_of_common_primary_language_subtags See here for all current tags: https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry Example: ["nl", "en-gb", "fr"]
| gotosocial.landingPageUser
| string
| `""`
|
| gotosocial.metrics.auth.enabled
| bool
| `false`
|
| gotosocial.metrics.auth.password
| string
| `""`
|
| gotosocial.metrics.auth.username
| string
| `""`
|
| gotosocial.metrics.enabled
| bool
| `true`
|
| gotosocial.oidc.adminGroups
| list
| `["admins"]`
| If the returned ID token contains a 'groups' claim that matches one of the groups in oidc-admin-groups, then this user will be granted admin rights on the GtS instance
| gotosocial.oidc.clientID
| string
| `""`
| The ID for this client as registered with the OIDC provider.
| gotosocial.oidc.clientSecret
| string
| `""`
| The secret for this client as registered with the OIDC provider.
| gotosocial.oidc.enabled
| bool
| `false`
| Enable authentication with external OIDC provider. If set to true, then the other OIDC options must be set as well. If this is set to false, then the standard internal oauth flow will be used, where users sign in to GtS with username/password.
| gotosocial.oidc.idpName
| string
| `""`
| Name of the oidc idp (identity provider). This will be shown to users when they log in.
| gotosocial.oidc.issuer
| string
| `""`
| The OIDC issuer URI. This is where GtS will redirect users to for login. Typically this will look like a standard web URL.
| gotosocial.oidc.linkExisting
| bool
| `false`
| Link OIDC authenticated users to existing ones based on their email address. This is mostly intended for migration purposes if you were running previous versions of GTS which only correlated users with their email address. Should be set to false for most usecases.
| gotosocial.oidc.scopes
| list
| `["openid","email","profile","groups"]`
| Scopes to request from the OIDC provider. The returned values will be used to populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required. 'profile' is used to extract a username for the newly created user. 'groups' is optional and can be used to determine if a user is an admin based on oidc-admin-groups.
| gotosocial.oidc.skipVerification
| bool
| `false`
| Skip the normal verification flow of tokens returned from the OIDC provider, ie., don't check the expiry or signature. This should only be used in debugging or testing, never ever in a production environment as it's extremely unsafe!
| gotosocial.smtp.discloseRecipients
| bool
| `false`
| If true, when an email is sent that has multiple recipients, each recipient will be included in the To field, so that each recipient can see who else got the email, and they can 'reply all' to the other recipients if they want to. If false, email will be sent to Undisclosed Recipients, and each recipient will not be able to see who else received the email. It might be useful to change this setting to 'true' if you want to be able to discuss new moderation reports with other admins by 'replying-all' to the notification email.
| gotosocial.smtp.from
| string
| `""`
| 'From' address for sent emails.
| gotosocial.smtp.host
| string
| `""`
| The hostname of the smtp server you want to use. If this is not set, smtp will not be used to send emails, and you can ignore the other settings.
| gotosocial.smtp.password
| string
| `""`
| Password to use when authenticating with the smtp server. This should have been provided to you by your smtp host.
| gotosocial.smtp.port
| int
| `0`
| Port to use to connect to the smtp server.
| gotosocial.smtp.username
| string
| `""`
| Username to use when authenticating with the smtp server. This should have been provided to you by your smtp host. This is often, but not always, an email address.
| gotosocial.storage.backend
| string
| `"local"`
| Type of storage backend to use. Examples: ["local", "s3"] Default: "local" (storage on local disk)
| gotosocial.storage.s3.accessKey
| string
| `""`
| Access key part of the S3 credentials. Consider setting this value using environment variables to avoid leaking it via the config file Only required when running with the s3 storage backend.
| gotosocial.storage.s3.bucket
| string
| `""`
| Name of the storage bucket. If you have already encoded your bucket name in the storage-s3-endpoint, this value will be used as a directory containing your data. The bucket must exist prior to starting GoToSocial Only required when running with the s3 storage backend.
| gotosocial.storage.s3.endpoint
| string
| `""`
| API endpoint of the S3 compatible service. Only required when running with the s3 storage backend. GoToSocial uses "DNS-style" when accessing buckets. If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address
| gotosocial.storage.s3.proxy
| bool
| `false`
| If data stored in S3 should be proxied through GoToSocial instead of redirecting to a presigned URL.
| gotosocial.storage.s3.secretKey
| string
| `""`
| Secret key part of the S3 credentials. Consider setting this value using environment variables to avoid leaking it via the config file Only required when running with the s3 storage backend.
| gotosocial.storage.s3.useSSL
| bool
| `true`
| Use SSL for S3 connections. Only set this to 'false' when testing locally.
| gotosocial.tracing.enabled
| bool
| `false`
| Enable OpenTelemetry based tracing support.
| gotosocial.tracing.endpoint
| string
| `""`
| Endpoint of the trace ingester. When using the gRPC or HTTP based transports, provide the endpoint as a single address/port combination without a protocol scheme.
| gotosocial.tracing.insecureTransport
| bool
| `false`
| Disable TLS for the gRPC and HTTP transport protocols.
| gotosocial.tracing.transport
| string
| `"grpc"`
| Set the transport protocol for the tracing system. Can either be "grpc" for OTLP gRPC, or "http" for OTLP HTTP.
| gotosocial.tz
| string
| `"UTC"`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"docker.io"`
|
| image.repository
| string
| `"superseriousbusiness/gotosocial"`
|
| image.tag
| string
| `""`
| Overrides the image tag whose default is the chart appVersion.
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
| accessMode
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `true`
| Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Do not create an PVC, direct use hostPath in Pod
| persistence.size
| string
| `"10Gi"`
| size
| persistence.storageClass
| string
| `nil`
| Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.labels
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `8080`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
| Annotations to add to the service account
| serviceAccount.automount
| bool
| `true`
| Automatically mount a ServiceAccount's API credentials?
| serviceAccount.create
| bool
| `false`
| Specifies whether a service account should be created
| serviceAccount.name
| string
| `""`
| The name of the service account to use. If not set and create is true, a name is generated using the fullname template
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

326
grampsweb/README.adoc
View file

@ -1,326 +0,0 @@
= grampsweb
image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-24.10.0-informational?style=flat-square[AppVersion: 24.10.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/grampsweb
----
You can install a chart release using the following command:
[source,bash]
----
helm install grampsweb-release oci://codeberg.org/wrenix/helm-charts/grampsweb --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall grampsweb-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| gramps.baseURL
| string
| `"https://gramps.example.org"`
| Base URL where the API can be reached (e.g. https://mygramps.mydomain.com/). This is necessary e.g. to build correct passwort reset links
| gramps.mail.from
| string
| `nil`
| "From" address for automated e-mails
| gramps.mail.host
| string
| `nil`
| SMTP server host (e.g. for sending password reset e-mails)
| gramps.mail.password
| string
| `nil`
| SMTP server password
| gramps.mail.port
| int
| `465`
| SMTP server port.
| gramps.mail.useTLS
| bool
| `true`
| Boolean, whether to use TLS for sending e-mails. Defaults to true. When using STARTTLS, set this to false and use a port different from 25.
| gramps.mail.username
| string
| `nil`
| SMTP server username
| gramps.mediaPrefixTree
| bool
| `false`
| whether or not to use a separate subfolder for the media files of each tree. Defaults to False, but strongly recommend to use True in a multi-tree setup
| gramps.tree
| string
| `"Gramps Web"`
| To enable multi-tree support, the TREE config option must be set to a single asterisk `*`
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"gramps-project/grampsweb"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| networkPolicy.egress.enabled
| bool
| `true`
| activate egress no networkpolicy
| networkPolicy.egress.extra
| list
| `[]`
| egress rules
| networkPolicy.enabled
| bool
| `false`
|
| networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller)
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
|
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `true`
|
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Do not create an PVC, direct use hostPath in Pod
| persistence.size
| string
| `"5Gi"`
|
| persistence.storageClass
| string
| `nil`
| Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `5000`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.automount
| bool
| `true`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

251
headscale-ui/README.adoc
View file

@ -1,251 +0,0 @@
= headscale-ui
image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-2024.02.24-beta1-informational?style=flat-square[AppVersion: 2024.02.24-beta1]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/headscale-ui
----
You can install a chart release using the following command:
[source,bash]
----
helm install headscale-ui-release oci://codeberg.org/wrenix/helm-charts/headscale-ui --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall headscale-ui-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"gurucomputing/headscale-ui"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| networkPolicy.egress.enabled
| bool
| `true`
| activate egress no networkpolicy
| networkPolicy.egress.extra
| list
| `[]`
| egress rules
| networkPolicy.enabled
| bool
| `false`
|
| networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller)
| networkPolicy.ingress.https
| list
| `[]`
|
| nodeSelector
| object
| `{}`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port.http
| int
| `8080`
|
| service.port.https
| int
| `8443`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

491
headscale/README.adoc
View file

@ -1,491 +0,0 @@
= headscale
image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.22.3-informational?style=flat-square[AppVersion: 0.22.3]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/headscale
----
You can install a chart release using the following command:
[source,bash]
----
helm install headscale-release oci://codeberg.org/wrenix/helm-charts/headscale --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall headscale-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| headscale.certmanager.dnsNames[0]
| string
| `"example.com"`
|
| headscale.certmanager.enabled
| bool
| `true`
|
| headscale.certmanager.issuerRef.group
| string
| `"cert-manager.io"`
|
| headscale.certmanager.issuerRef.kind
| string
| `"ClusterIssuer"`
|
| headscale.certmanager.issuerRef.name
| string
| `"letsencrypt-prod"`
|
| headscale.config.db_path
| string
| `"/var/lib/headscale/db.sqlite"`
|
| headscale.config.db_type
| string
| `"sqlite3"`
|
| headscale.config.derp.paths
| list
| `[]`
|
| headscale.config.derp.server.enabled
| bool
| `true`
|
| headscale.config.derp.server.region_code
| string
| `"headscale"`
|
| headscale.config.derp.server.region_id
| int
| `999`
|
| headscale.config.derp.server.region_name
| string
| `"Headscale Embedded DERP"`
|
| headscale.config.derp.server.stun_listen_addr
| string
| `"0.0.0.0:3478"`
|
| headscale.config.derp.update_frequency
| string
| `"24h"`
|
| headscale.config.derp.urls
| list
| `[]`
|
| headscale.config.disable_check_updates
| bool
| `true`
|
| headscale.config.grpc_listen_addr
| string
| `":50443"`
|
| headscale.config.listen_addr
| string
| `":8080"`
|
| headscale.config.metrics_listen_addr
| string
| `":9090"`
|
| headscale.config.noise.private_key_path
| string
| `"/etc/headscale/secrets/noise.key"`
|
| headscale.config.private_key_path
| string
| `"/etc/headscale/secrets/wireguard.key"`
|
| headscale.config.server_url
| string
| `"http://127.0.0.1:8080"`
|
| headscale.config.tls_cert_path
| string
| `"/etc/headscale/certs/tls.crt"`
|
| headscale.config.tls_key_path
| string
| `"/etc/headscale/certs/tls.key"`
|
| headscale.keys.create
| bool
| `true`
| Create a new private key, if not exists
| headscale.keys.existingSecret
| string
| `""`
| Use an existing secret
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"juanfont/headscale"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| networkPolicy.egress.enabled
| bool
| `false`
| activate egress no networkpolicy
| networkPolicy.egress.extra
| list
| `[]`
| egress rules
| networkPolicy.enabled
| bool
| `false`
|
| networkPolicy.ingress.derp
| list
| `[{"ipBlock":{"cidr":"0.0.0.0/0"}},{"ipBlock":{"cidr":"::/0"}}]`
| ingress for derp
| networkPolicy.ingress.grpc
| list
| `[]`
| ingress for grpc port
| networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller)
| networkPolicy.ingress.metrics
| list
| `[]`
| ingress for metrics port (e.g. prometheus)
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
|
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `false`
|
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Create a PV on Node with given hostPath storageClass has to be manual
| persistence.size
| string
| `"1Gi"`
|
| persistence.storageClass
| string
| `nil`
| data Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| prometheus.rules.additionalRules
| list
| `[]`
|
| prometheus.rules.defaults.enabled
| bool
| `true`
|
| prometheus.rules.defaults.filter
| string
| `""`
|
| prometheus.rules.defaults.lastUpdates.critical
| int
| `3600`
|
| prometheus.rules.defaults.lastUpdates.info
| int
| `300`
|
| prometheus.rules.defaults.lastUpdates.warning
| int
| `600`
|
| prometheus.rules.enabled
| bool
| `false`
|
| prometheus.rules.labels
| object
| `{}`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.labels
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.annotations
| string
| `nil`
|
| service.derp.annotations
| string
| `nil`
|
| service.derp.port
| int
| `3478`
|
| service.derp.type
| string
| `"LoadBalancer"`
|
| service.port.grpc
| int
| `50443`
|
| service.port.http
| int
| `8080`
|
| service.port.metrics
| int
| `9090`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

416
home-assistant/README.adoc
View file

@ -1,416 +0,0 @@
= home-assistant
image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square[AppVersion: 2024.11.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/home-assistant
----
You can install a chart release using the following command:
[source,bash]
----
helm install home-assistant-release oci://codeberg.org/wrenix/helm-charts/home-assistant --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall home-assistant-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"home-assistant/home-assistant"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| livenessProbe.httpGet.path
| string
| `"/"`
|
| livenessProbe.httpGet.port
| string
| `"http"`
|
| nameOverride
| string
| `""`
|
| nats.enabled
| bool
| `true`
|
| nats.image.pullPolicy
| string
| `"IfNotPresent"`
|
| nats.image.registry
| string
| `"docker.io"`
|
| nats.image.repository
| string
| `"library/nats"`
|
| nats.image.tag
| string
| `"2.10.22-scratch"`
|
| nats.livenessProbe.tcpSocket.port
| string
| `"nats"`
|
| nats.readinessProbe.tcpSocket.port
| string
| `"nats"`
|
| nats.resources.limits.cpu
| string
| `"100m"`
|
| nats.resources.limits.memory
| string
| `"128Mi"`
|
| nats.resources.requests.cpu
| string
| `"100m"`
|
| nats.resources.requests.memory
| string
| `"128Mi"`
|
| nats.service.port.mqtt
| int
| `1883`
|
| nats.service.port.nats
| int
| `4222`
|
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
|
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `false`
|
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
|
| persistence.size
| string
| `"1Gi"`
|
| persistence.storageClass
| string
| `nil`
| data Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| prometheus.podmonitor.bearerTokenSecret
| object
| `{}`
|
| prometheus.podmonitor.enabled
| bool
| `false`
|
| prometheus.podmonitor.labels
| object
| `{}`
|
| readinessProbe.httpGet.path
| string
| `"/"`
|
| readinessProbe.httpGet.port
| string
| `"http"`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `80`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
| Annotations to add to the service account
| serviceAccount.create
| bool
| `true`
| Specifies whether a service account should be created
| serviceAccount.name
| string
| `""`
| If not set and create is true, a name is generated using the fullname template
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
| zigbee2mqtt.config.homeassistant
| bool
| `true`
|
| zigbee2mqtt.config.serial.port
| string
| `"/dev/ttyACM0"`
|
| zigbee2mqtt.device
| string
| `"/dev/ttyACM0"`
|
| zigbee2mqtt.enabled
| bool
| `true`
|
| zigbee2mqtt.image.pullPolicy
| string
| `"IfNotPresent"`
|
| zigbee2mqtt.image.registry
| string
| `"docker.io"`
|
| zigbee2mqtt.image.repository
| string
| `"koenkk/zigbee2mqtt"`
|
| zigbee2mqtt.image.tag
| string
| `"1.41.0"`
|
| zigbee2mqtt.ingress.hosts
| list
| `[]`
|
| zigbee2mqtt.securityContext.privileged
| bool
| `true`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

246
hydrogen-web/README.adoc
View file

@ -1,246 +0,0 @@
= hydrogen-web
image::https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square[Version: 0.1.8]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.5.1-informational?style=flat-square[AppVersion: 0.5.1]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/hydrogen-web
----
You can install a chart release using the following command:
[source,bash]
----
helm install hydrogen-web-release oci://codeberg.org/wrenix/helm-charts/hydrogen-web --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall hydrogen-web-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| fullnameOverride
| string
| `""`
|
| hydrogen.bugReportEndpointUrl"
| string
| `"https://element.io/bugreports/submit"`
|
| hydrogen.defaultHomeServer
| string
| `"matrix.org"`
|
| hydrogen.defaultTheme.dark
| string
| `"element-dark"`
|
| hydrogen.defaultTheme.light
| string
| `"element-light"`
|
| hydrogen.push.appId
| string
| `"io.element.hydrogen.web"`
|
| hydrogen.push.applicationServerKey
| string
| `"BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM"`
|
| hydrogen.push.gatewayUrl
| string
| `"https://matrix.org"`
|
| hydrogen.themeManifests[0]
| string
| `"assets/theme-element.json"`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.repository
| string
| `"ghcr.io/element-hq/hydrogen-web"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `8080`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

326
jellyfin/README.adoc
View file

@ -1,326 +0,0 @@
= jellyfin
image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-10.10.1-informational?style=flat-square[AppVersion: 10.10.1]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/jellyfin
----
You can install a chart release using the following command:
[source,bash]
----
helm install jellyfin-release oci://codeberg.org/wrenix/helm-charts/jellyfin --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall jellyfin-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| config.enabled
| bool
| `false`
|
| config.image
| object
| `{"pullPolicy":"IfNotPresent","registry":"ghcr.io","repository":"tomwright/dasel","tag":"2.8.1"}`
| image to patch config
| config.metrics
| bool
| `false`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| grafana.dashboards.annotations
| object
| `{}`
|
| grafana.dashboards.enabled
| bool
| `false`
|
| grafana.dashboards.labels.grafana_dashboard
| string
| `"1"`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"jellyfin/jellyfin"`
|
| image.tag
| string
| `""`
| Overrides the image tag whose default is the chart appVersion.
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| networkPolicy.egress.enabled
| bool
| `true`
| activate egress no networkpolicy
| networkPolicy.egress.extra
| list
| `[]`
| egress rules
| networkPolicy.enabled
| bool
| `false`
|
| networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller, prometheus)
| nodeSelector
| object
| `{}`
|
| persistence.config.hostPath
| string
| `nil`
|
| persistence.config.nfs.path
| string
| `"/"`
|
| persistence.config.nfs.server
| string
| `nil`
|
| persistence.config.pvc.enabled
| bool
| `false`
|
| persistence.media.hostPath
| string
| `nil`
|
| persistence.media.nfs.path
| string
| `"/"`
|
| persistence.media.nfs.server
| string
| `nil`
|
| persistence.media.pvc.enabled
| bool
| `false`
|
| persistence.media.readOnly
| bool
| `true`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.labels
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `8096`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

666
matrix-authentication-service/README.adoc
View file

@ -1,666 +0,0 @@
= matrix-authentication-service
image::https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square[Version: 0.0.6]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.11.0-informational?style=flat-square[AppVersion: 0.11.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/matrix-authentication-service
----
You can install a chart release using the following command:
[source,bash]
----
helm install matrix-authentication-service-release oci://codeberg.org/wrenix/helm-charts/matrix-authentication-service --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall matrix-authentication-service-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| config.branding.imprint
| string
| `nil`
|
| config.branding.logo_uri
| string
| `nil`
|
| config.branding.policy_uri
| string
| `nil`
|
| config.branding.service_name
| string
| `nil`
|
| config.branding.tos_uri
| string
| `nil`
|
| config.clients
| list
| `[]`
|
| config.database.connect_timeout
| int
| `30`
|
| config.database.database
| string
| `"sliding_sync"`
|
| config.database.host
| string
| `"localhost"`
|
| config.database.idle_timeout
| int
| `600`
|
| config.database.max_connections
| int
| `10`
|
| config.database.max_lifetime
| int
| `1800`
|
| config.database.min_connections
| int
| `0`
|
| config.database.password
| string
| `"secret"`
|
| config.database.port
| int
| `5432`
|
| config.database.username
| string
| `"sliding_sync"`
|
| config.email.from
| string
| `"\"Authentication Service\" <root@localhost>"`
|
| config.email.reply_to
| string
| `"\"Authentication Service\" <root@localhost>"`
|
| config.email.transport
| string
| `"blackhole"`
|
| config.experimental.access_token_ttl
| int
| `300`
|
| config.experimental.compat_token_ttl
| int
| `300`
|
| config.http.issuer
| string
| `"http://[::]:8080/"`
|
| config.http.listeners[0].binds[0].address
| string
| `"[::]:8080"`
|
| config.http.listeners[0].name
| string
| `"http"`
|
| config.http.listeners[0].proxy_protocol
| bool
| `false`
|
| config.http.listeners[0].resources[0].name
| string
| `"discovery"`
|
| config.http.listeners[0].resources[1].name
| string
| `"human"`
|
| config.http.listeners[0].resources[2].name
| string
| `"oauth"`
|
| config.http.listeners[0].resources[3].name
| string
| `"compat"`
|
| config.http.listeners[0].resources[4].name
| string
| `"graphql"`
|
| config.http.listeners[0].resources[4].playground
| bool
| `true`
|
| config.http.listeners[0].resources[5].name
| string
| `"assets"`
|
| config.http.listeners[0].resources[5].path
| string
| `"/usr/local/share/mas-cli/assets/"`
|
| config.http.listeners[1].binds[0].address
| string
| `"[::]:8081"`
|
| config.http.listeners[1].name
| string
| `"internal"`
|
| config.http.listeners[1].resources[0].name
| string
| `"health"`
|
| config.http.listeners[2].binds[0].address
| string
| `"[::]:9100"`
|
| config.http.listeners[2].name
| string
| `"metrics"`
|
| config.http.listeners[2].resources[0].name
| string
| `"prometheus"`
|
| config.http.public_base
| string
| `"http://[::]:8080/"`
|
| config.http.trusted_proxies[0]
| string
| `"192.128.0.0/16"`
|
| config.http.trusted_proxies[1]
| string
| `"172.16.0.0/12"`
|
| config.http.trusted_proxies[2]
| string
| `"10.0.0.0/10"`
|
| config.http.trusted_proxies[3]
| string
| `"127.0.0.1/8"`
|
| config.http.trusted_proxies[4]
| string
| `"fd00::/8"`
|
| config.http.trusted_proxies[5]
| string
| `"::1/128"`
|
| config.matrix.endpoint
| string
| `"http://localhost:8008/"`
|
| config.matrix.homeserver
| string
| `"localhost:8008"`
|
| config.matrix.secret
| string
| `"kPnqGbK9hmSRK41DZTgVJxfKVAiLrY6G"`
|
| config.passwords.enabled
| bool
| `true`
|
| config.passwords.schemes[0].algorithm
| string
| `"argon2id"`
|
| config.passwords.schemes[0].version
| int
| `1`
|
| config.policy.authorization_grant_entrypoint
| string
| `"authorization_grant/violation"`
|
| config.policy.client_registration_entrypoint
| string
| `"client_registration/violation"`
|
| config.policy.data
| string
| `nil`
|
| config.policy.email_entrypoint
| string
| `"email/violation"`
|
| config.policy.password_entrypoint
| string
| `"password/violation"`
|
| config.policy.register_entrypoint
| string
| `"register/violation"`
|
| config.policy.wasm_module
| string
| `"/usr/local/share/mas-cli/policy.wasm"`
|
| config.secrets.encryption
| string
| `nil`
|
| config.secrets.keys
| list
| `[]`
|
| config.telemetry.metrics.exporter
| string
| `"prometheus"`
|
| config.telemetry.sentry.dsn
| string
| `nil`
|
| config.telemetry.tracing.exporter
| string
| `"none"`
|
| config.telemetry.tracing.propagators
| list
| `[]`
|
| config.templates.assets_manifest
| string
| `"/usr/local/share/mas-cli/manifest.json"`
|
| config.templates.path
| string
| `"/usr/local/share/mas-cli/templates/"`
|
| config.templates.translations_path
| string
| `"/usr/local/share/mas-cli/translations/"`
|
| config.upstream_oauth2.providers
| list
| `[]`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"matrix-org/matrix-authentication-service"`
|
| image.tag
| string
| `nil`
| Overrides the image tag whose default is the chart appVersion.
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"auth.matrix.chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/l"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"Prefix"`
|
| ingress.hosts[1].host
| string
| `"matrix.chart-example.local"`
|
| ingress.hosts[1].paths[0].path
| string
| `"/_matrix/client/v3/login"`
|
| ingress.hosts[1].paths[0].pathType
| string
| `"Exact"`
|
| ingress.hosts[1].paths[1].path
| string
| `"/_matrix/client/v3/logout"`
|
| ingress.hosts[1].paths[1].pathType
| string
| `"Exact"`
|
| ingress.hosts[1].paths[2].path
| string
| `"/_matrix/client/v3/refresh"`
|
| ingress.hosts[1].paths[2].pathType
| string
| `"Exact"`
|
| ingress.tls
| list
| `[]`
|
| livenessProbe.httpGet.path
| string
| `"/health"`
|
| livenessProbe.httpGet.port
| string
| `"internal"`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext.fsGroup
| int
| `1000`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.labels
| object
| `{}`
|
| readinessProbe.httpGet.path
| string
| `"/health"`
|
| readinessProbe.httpGet.port
| string
| `"internal"`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext.capabilities.drop[0]
| string
| `"ALL"`
|
| securityContext.readOnlyRootFilesystem
| bool
| `true`
|
| securityContext.runAsNonRoot
| bool
| `true`
|
| securityContext.runAsUser
| int
| `1000`
|
| service.port.http
| int
| `8080`
|
| service.port.metrics
| int
| `9100`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.automount
| bool
| `true`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

356
matrix-sliding-sync/README.adoc
View file

@ -1,356 +0,0 @@
= matrix-sliding-sync
image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.99.19-informational?style=flat-square[AppVersion: 0.99.19]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/matrix-sliding-sync
----
You can install a chart release using the following command:
[source,bash]
----
helm install matrix-sliding-sync-release oci://codeberg.org/wrenix/helm-charts/matrix-sliding-sync --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall matrix-sliding-sync-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| config.homeserver
| string
| `"http://localhost:8008"`
|
| config.logLevel
| string
| `"INFO"`
|
| config.metrics
| int
| `9100`
|
| config.opentelemetry.password
| string
| `nil`
|
| config.opentelemetry.url
| string
| `nil`
|
| config.opentelemetry.username
| string
| `nil`
|
| config.postgresql.database
| string
| `"sliding_sync"`
|
| config.postgresql.host
| string
| `"localhost"`
|
| config.postgresql.maxConn
| int
| `0`
|
| config.postgresql.password
| string
| `"secret"`
|
| config.postgresql.port
| int
| `5432`
|
| config.postgresql.sslmode
| string
| `"disable"`
|
| config.postgresql.username
| string
| `"sliding_sync"`
|
| config.syncSecret
| string
| `nil`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| grafana.dashboards.annotations
| object
| `{}`
|
| grafana.dashboards.enabled
| bool
| `false`
|
| grafana.dashboards.labels.grafana_dashboard
| string
| `"1"`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"matrix-org/sliding-sync"`
|
| image.tag
| string
| `nil`
| Overrides the image tag whose default is the chart appVersion.
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| livenessProbe.tcpSocket.port
| string
| `"http"`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext.fsGroup
| int
| `2000`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.labels
| object
| `{}`
|
| readinessProbe.tcpSocket.port
| string
| `"http"`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext.capabilities.drop[0]
| string
| `"ALL"`
|
| securityContext.readOnlyRootFilesystem
| bool
| `true`
|
| securityContext.runAsNonRoot
| bool
| `true`
|
| securityContext.runAsUser
| int
| `1000`
|
| service.port
| int
| `8008`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.automount
| bool
| `true`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

1176
matrix-synapse/README.adoc
View file

File diff suppressed because it is too large Load diff

4
matrix-synapse/grafana_dashboards/README.adoc
View file

@ -1,4 +0,0 @@
# Readme
## Changelog from monitoring resources
- Dashboard: https://github.com/element-hq/synapse/blob/v1.101.0/contrib/grafana/synapse.json

930
mautrix-signal/README.adoc
View file

@ -1,930 +0,0 @@
= mautrix-signal
image::https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square[Version: 0.0.13]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-square[AppVersion: 0.7.2]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
= Alpha
WARNING
====
We stop working on this Helm-Chart.
There are still many breaking change like:
* https://github.com/stalwartlabs/mail-server/issues/211[storage.fts in toml configuration has two meanings]
We hope that stalward mail-server becomes more stable.
====
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/mautrix-signal
----
You can install a chart release using the following command:
[source,bash]
----
helm install mautrix-signal-release oci://codeberg.org/wrenix/helm-charts/mautrix-signal --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall mautrix-signal-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| config.appservice.address
| string
| `"http://localhost:29328"`
| The address that the homeserver can use to connect to this appservice.
| config.appservice.as_token
| string
| `""`
|
| config.appservice.async_transactions
| bool
| `false`
| Should incoming events be handled asynchronously? This may be necessary for large public instances with lots of messages going through. However, messages will not be guaranteed to be bridged in the same order they were sent in.
| config.appservice.bot.avatar
| string
| `"mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp"`
|
| config.appservice.bot.displayname
| string
| `"Signal bridge bot"`
| Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty to leave display name/avatar as-is.
| config.appservice.bot.username
| string
| `"signalbot"`
| Username of the appservice bot.
| config.appservice.ephemeral_events
| bool
| `true`
| Whether or not to receive ephemeral events via appservice transactions. Requires MSC2409 support (i.e. Synapse 1.22+).
| config.appservice.hostname
| string
| `"0.0.0.0"`
| The hostname and port where this appservice should listen.
| config.appservice.hs_token
| string
| `""`
|
| config.appservice.id
| string
| `"signal"`
| The unique ID of this appservice.
| config.appservice.port
| int
| `29328`
|
| config.appservice.public_address
| string
| `nil`
|
| config.appservice.username_template
| string
| `"signal_{{.}}"`
| Localpart template of MXIDs for Signal users. {{.}} is replaced with the internal ID of the Signal user.
| config.backfill.enabled
| bool
| `false`
| Whether to do backfilling at all.
| config.backfill.max_catchup_messages
| int
| `500`
| Maximum number of missed messages to backfill after bridge restarts.
| config.backfill.max_initial_messages
| int
| `50`
| Maximum number of messages to backfill in empty rooms.
| config.backfill.queue.batch_delay
| int
| `20`
| Delay between batches in seconds.
| config.backfill.queue.batch_size
| int
| `100`
| Number of messages to backfill in one batch.
| config.backfill.queue.enabled
| bool
| `false`
| Should the backfill queue be enabled?
| config.backfill.queue.max_batches
| int
| `-1`
| Maximum number of batches to backfill per portal. If set to -1, all available messages will be backfilled.
| config.backfill.queue.max_batches_override
| object
| `{}`
| Optional network-specific overrides for max batches. Interpretation of this field depends on the network connector.
| config.backfill.threads.max_initial_messages
| int
| `50`
| Maximum number of messages to backfill in a new thread.
| config.backfill.unread_hours_threshold
| int
| `720`
| If a backfilled chat is older than this number of hours, mark it as read even if it's unread on the remote network.
| config.bridge.bridge_matrix_leave
| bool
| `false`
| Should leaving Matrix rooms be bridged as leaving groups on the remote network?
| config.bridge.cleanup_on_logout.bad_credentials.private
| string
| `"nothing"`
|
| config.bridge.cleanup_on_logout.bad_credentials.relayed
| string
| `"nothing"`
|
| config.bridge.cleanup_on_logout.bad_credentials.shared_has_users
| string
| `"nothing"`
|
| config.bridge.cleanup_on_logout.bad_credentials.shared_no_users
| string
| `"nothing"`
|
| config.bridge.cleanup_on_logout.enabled
| bool
| `false`
| Should cleanup on logout be enabled at all?
| config.bridge.cleanup_on_logout.manual.private
| string
| `"nothing"`
| Action for private portals which will never be shared with other Matrix users.
| config.bridge.cleanup_on_logout.manual.relayed
| string
| `"nothing"`
| Action for portals with a relay user configured.
| config.bridge.cleanup_on_logout.manual.shared_has_users
| string
| `"nothing"`
| Action for portals which have other logged-in Matrix users.
| config.bridge.cleanup_on_logout.manual.shared_no_users
| string
| `"nothing"`
| Action for portals which may be shared, but don't currently have any other Matrix users.
| config.bridge.command_prefix
| string
| `"!signal"`
| The prefix for commands. Only required in non-management rooms.
| config.bridge.mute_only_on_create
| bool
| `true`
| Should room mute status only be synced when creating the portal? Like tags, mutes can't currently be synced back to the remote network.
| config.bridge.permissions
| object
| `{"*":"relay","@admin:example.com":"admin","example.com":"user"}`
| Permissions for using the bridge. Permitted values: relay - Talk through the relaybot (if enabled), no access otherwise commands - Access to use commands in the bridge, but not login. user - Access to use the bridge with puppeting. admin - Full access, user level with some additional administration tools. Permitted keys: * - All Matrix users domain - All users on that homeserver mxid - Specific user
| config.bridge.personal_filtering_spaces
| bool
| `true`
| Should the bridge create a space for each login containing the rooms that account is in?
| config.bridge.private_chat_portal_meta
| bool
| `false`
| Whether the bridge should set names and avatars explicitly for DM portals. This is only necessary when using clients that don't support MSC4171.
| config.bridge.relay.admin_only
| bool
| `true`
| Should only admins be allowed to set themselves as relay users?
| config.bridge.relay.default_relays
| list
| `[]`
| List of user login IDs which anyone can set as a relay, as long as the relay user is in the room.
| config.bridge.relay.displayname_format
| string
| `"{{ .DisambiguatedName }}"`
| For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names. This has all the Sender variables available under message_formats (but without the .Sender prefix). Note that you need to manually remove the displayname from message_formats above.
| config.bridge.relay.enabled
| bool
| `false`
| Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any authenticated user into a relaybot for that chat.
| config.bridge.relay.message_formats
| object
| `{"m.audio":"<b>{{ .Sender.DisambiguatedName }}</b> sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.emote":"* <b>{{ .Sender.DisambiguatedName }}</b> {{ .Message }}","m.file":"<b>{{ .Sender.DisambiguatedName }}</b> sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.image":"<b>{{ .Sender.DisambiguatedName }}</b> sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}","m.location":"<b>{{ .Sender.DisambiguatedName }}</b> sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}","m.notice":"<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}","m.text":"<b>{{ .Sender.DisambiguatedName }}</b>: {{ .Message }}","m.video":"<b>{{ .Sender.DisambiguatedName }}</b> sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}"}`
| The formats to use when sending messages via the relaybot. Available variables: .Sender.UserID - The Matrix user ID of the sender. .Sender.Displayname - The display name of the sender (if set). .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room. .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set, plus the user ID in parentheses if the displayname is not unique. If the displayname is not set, this is just the user ID. .Message - The `formatted_body` field of the message. .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string. .FileName - The name of the file being sent.
| config.bridge.tag_only_on_create
| bool
| `true`
| Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority. Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone.
| config.database.max_conn_idle_time
| string
| `nil`
| Maximum connection idle time and lifetime before they're closed. Disabled if null. Parsed with https://pkg.go.dev/time#ParseDuration
| config.database.max_conn_lifetime
| string
| `nil`
|
| config.database.max_idle_conns
| int
| `2`
|
| config.database.max_open_conns
| int
| `20`
| Maximum number of connections. Mostly relevant for Postgres.
| config.database.type
| string
| `"postgres"`
| The database type. "sqlite3-fk-wal" and "postgres" are supported.
| config.database.uri
| string
| `"postgres://user:password@host/database?sslmode=disable"`
| The database URI. SQLite: A raw file path is supported, but `file:<path>?_txlock=immediate` is recommended. https://github.com/mattn/go-sqlite3#connection-string Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql
| config.direct_media.allow_proxy
| bool
| `true`
| If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916 media download redirects if the requester supports it. Optionally, you can force redirects and not allow proxying at all by setting this to false. This option does nothing if the remote network does not support media downloads over HTTP.
| config.direct_media.enabled
| bool
| `false`
| Should custom mxc:// URIs be used instead of reuploading media?
| config.direct_media.media_id_prefix
| string
| `nil`
| Optionally specify a custom prefix for the media ID part of the MXC URI.
| config.direct_media.server_key
| string
| `""`
| Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file. This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them.
| config.direct_media.server_name
| string
| `"discord-media.example.com"`
| The server name to use for the custom mxc:// URIs. This server name will effectively be a real Matrix server, it just won't implement anything other than media. You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge.
| config.direct_media.well_known_response
| string
| `nil`
| Optionally a custom .well-known response. This defaults to `server_name:443`
| config.double_puppet.allow_discovery
| bool
| `false`
| Whether to allow client API URL discovery for other servers. When using this option, users on other servers can use double puppeting even if their server URLs aren't explicitly added to the servers map above.
| config.double_puppet.secrets
| object
| `{"example.com":"as_token:foobar"}`
| Shared secrets for automatic double puppeting. See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions.
| config.double_puppet.servers
| object
| `{"example.com":"https://example.com"}`
| Servers to always allow double puppeting from. This is only for other servers and should NOT contain the server the bridge is on.
| config.encryption.allow
| bool
| `false`
| Allow encryption, work in group chat rooms with e2ee enabled
| config.encryption.allow_key_sharing
| bool
| `false`
| Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. You must use a client that supports requesting keys from other users to use this feature.
| config.encryption.appservice
| bool
| `false`
| Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data.
| config.encryption.default
| bool
| `false`
| Default to encryption, force-enable encryption in all portals the bridge creates This will cause the bridge bot to be in private chats for the encryption to work properly.
| config.encryption.delete_keys
| object
| `{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false}`
| Options for deleting megolm sessions from the bridge.
| config.encryption.delete_keys.delete_fully_used_on_decrypt
| bool
| `false`
| Delete fully used keys (index >= max_messages) after decrypting messages.
| config.encryption.delete_keys.delete_on_device_delete
| bool
| `false`
| Delete megolm sessions received from a device when the device is deleted.
| config.encryption.delete_keys.delete_outbound_on_ack
| bool
| `false`
| Beeper-specific: delete outbound sessions when hungryserv confirms that the user has uploaded the key to key backup.
| config.encryption.delete_keys.delete_outdated_inbound
| bool
| `false`
| Delete inbound megolm sessions that don't have the received_at field used for automatic ratcheting and expired session deletion. This is meant as a migration to delete old keys prior to the bridge update.
| config.encryption.delete_keys.delete_prev_on_new_session
| bool
| `false`
| Delete previous megolm sessions from same device when receiving a new one.
| config.encryption.delete_keys.dont_store_outbound
| bool
| `false`
| Don't store outbound sessions in the inbound table.
| config.encryption.delete_keys.periodically_delete_expired
| bool
| `false`
| Periodically delete megolm sessions when 2x max_age has passed since receiving the session.
| config.encryption.delete_keys.ratchet_on_decrypt
| bool
| `false`
| Ratchet megolm sessions forward after decrypting messages.
| config.encryption.pickle_key
| string
| `nil`
|
| config.encryption.plaintext_mentions
| string
| `nil`
|
| config.encryption.require
| bool
| `false`
| Require encryption, drop any unencrypted messages.
| config.encryption.rotation.disable_device_change_key_rotation
| bool
| `false`
| Disable rotating keys when a user's devices change? You should not enable this option unless you understand all the implications.
| config.encryption.rotation.enable_custom
| bool
| `false`
| Enable custom Megolm room key rotation settings. Note that these settings will only apply to rooms created after this option is set.
| config.encryption.rotation.messages
| int
| `100`
| The maximum number of messages that should be sent with a given a session before changing it. The Matrix spec recommends 100 as the default.
| config.encryption.rotation.milliseconds
| int
| `604800000`
| The maximum number of milliseconds a session should be used before changing it. The Matrix spec recommends 604800000 (a week) as the default.
| config.encryption.verification_levels.receive
| string
| `"unverified"`
| Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix.
| config.encryption.verification_levels.send
| string
| `"unverified"`
| Minimum level that the bridge should accept for incoming Matrix messages.
| config.encryption.verification_levels.share
| string
| `"cross-signed-tofu"`
| Minimum level that the bridge should require for accepting key requests.
| config.homeserver.address
| string
| `"https://matrix.example.com"`
| The address that this appservice can use to connect to the homeserver.
| config.homeserver.async_media
| bool
| `false`
| Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246?
| config.homeserver.domain
| string
| `"example.com"`
| The domain of the homeserver (also known as server_name, used for MXIDs, etc).
| config.homeserver.message_send_checkpoint_endpoint
| string
| `nil`
| Endpoint for reporting per-message status.
| config.homeserver.ping_interval_seconds
| int
| `0`
| How often should the websocket be pinged? Pinging will be disabled if this is zero.
| config.homeserver.public_address
| string
| `nil`
|
| config.homeserver.software
| string
| `"standard"`
| What software is the homeserver running? Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here.
| config.homeserver.status_endpoint
| string
| `nil`
| The URL to push real-time bridge status to. If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes. The bridge will use the appservice as_token to authorize requests.
| config.homeserver.websocket
| bool
| `false`
| Should the bridge use a websocket for connecting to the homeserver? The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, mautrix-asmux (deprecated), and hungryserv (proprietary).
| config.homeserver.websocket_proxy
| string
| `""`
|
| config.logging.min_level
| string
| `"warn"`
|
| config.logging.writers[0].format
| string
| `"json"`
|
| config.logging.writers[0].type
| string
| `"stdout"`
|
| config.management_room_text.additional_help
| string
| `""`
| Optional extra text sent when joining a management room.
| config.management_room_text.welcome
| string
| `"Hello, I'm a Signal bridge bot."`
| Sent when joining a room.
| config.management_room_text.welcome_connected
| string
| `"Use `help` for help."`
| Sent when joining a management room and the user is already logged in.
| config.management_room_text.welcome_unconnected
| string
| `"Use `help` for help or `login` to log in."`
| Sent when joining a management room and the user is not logged in.
| config.matrix.delivery_receipts
| bool
| `false`
| Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal?
| config.matrix.federate_rooms
| bool
| `true`
| Whether or not created rooms should have federation enabled. If false, created portal rooms will never be federated.
| config.matrix.message_error_notices
| bool
| `true`
| Whether the bridge should send error notices via m.notice events when a message fails to bridge.
| config.matrix.message_status_events
| bool
| `false`
| Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
| config.matrix.sync_direct_chat_list
| bool
| `false`
| Should the bridge update the m.direct account data event when double puppeting is enabled. Note that updating the m.direct event is not atomic (except with mautrix-asmux) and is therefore prone to race conditions.
| config.provisioning.debug_endpoints
| bool
| `false`
| Enable debug API at /debug with provisioning authentication.
| config.provisioning.prefix
| string
| `"/_matrix/provision"`
| Prefix for the provisioning API paths.
| config.provisioning.shared_secret
| string
| `"generate"`
| Shared secret for authentication. If set to "generate", a random secret will be generated, or if set to "disable", the provisioning API will be disabled.
| config.public_media.enabled
| bool
| `false`
| Should public media be enabled at all? The public_address field under the appservice section MUST be set when enabling public media.
| config.public_media.expiry
| int
| `0`
| Number of seconds that public media URLs are valid for. If set to 0, URLs will never expire.
| config.public_media.hash_length
| int
| `32`
| Length of hash to use for public media URLs. Must be between 0 and 32.
| config.public_media.signing_key
| string
| `"generate"`
| A key for signing public media URLs. If set to "generate", a random key will be generated.
| config.signal.device_name
| string
| `"mautrix-signal"`
| Default device name that shows up in the Signal app.
| config.signal.displayname_template
| string
| `"{{ printf \"%s (%s) %s\" (or .ProfileName .ContactName \"Unknown user\") (or .PhoneNumber \"Unknown number\" (or .AboutEmoji \"\")}}"`
| Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. {{.ProfileName}} - The Signal profile name set by the user. {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. {{.PhoneNumber}} - The phone number of the user. {{.UUID}} - The UUID of the Signal user. {{.AboutEmoji}} - The emoji set by the user in their profile.
| config.signal.location_format
| string
| `"https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s"`
|
| config.signal.note_to_self_avatar
| string
| `"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL"`
|
| config.signal.number_in_topic
| bool
| `true`
| Should the Signal user's phone number be included in the room topic in private chat portal rooms?
| config.signal.sync_contacts_on_startup
| bool
| `true`
| Should the bridge request the user's contact list from the phone on startup?
| config.signal.use_contact_avatars
| bool
| `false`
| Should avatars from the user's contact list be used? This is not safe on multi-user instances.
| config.signal.use_outdated_profiles
| bool
| `false`
| Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances.
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"dock.mau.dev"`
|
| image.repository
| string
| `"mautrix/signal"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| livenessProbe.httpGet.path
| string
| `"/_matrix/mau/live"`
|
| livenessProbe.httpGet.port
| string
| `"http"`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
| accessMode
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `true`
| Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Do not create an PVC, direct use hostPath in Pod
| persistence.size
| string
| `"10Gi"`
| size
| persistence.storageClass
| string
| `nil`
| Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| readinessProbe.httpGet.path
| string
| `"/_matrix/mau/ready"`
|
| readinessProbe.httpGet.port
| string
| `"http"`
|
| registration."de.sorunome.msc2409.push_ephemeral"
| bool
| `true`
|
| registration.namespaces.users[0].exclusive
| bool
| `true`
|
| registration.namespaces.users[0].regex
| string
| `"^@signalbot:example.org$"`
|
| registration.namespaces.users[1].exclusive
| bool
| `true`
|
| registration.namespaces.users[1].regex
| string
| `"^@signal_.*:example.org$"`
|
| registration.push_ephemeral
| bool
| `true`
|
| registration.rate_limited
| bool
| `false`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.automount
| bool
| `false`
|
| serviceAccount.create
| bool
| `false`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

411
miniserve/README.adoc
View file

@ -1,411 +0,0 @@
= miniserve
image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.28.0-informational?style=flat-square[AppVersion: 0.28.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/miniserve
----
You can install a chart release using the following command:
[source,bash]
----
helm install miniserve-release oci://codeberg.org/wrenix/helm-charts/miniserve --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall miniserve-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| data.args
| list
| `[]`
| used for commandline flags
| data.auth
| string
| `""`
| Set authentication. Currently supported formats: username:password, username:sha256:hash, username:sha512:hash (e.g. joe:123, joe:sha256:a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3)
| data.colorScheme
| string
| `"squirrel"`
| Default color scheme
| data.colorSchemeDark
| string
| `"archlinux"`
| Default color scheme
| data.dirsFirst
| bool
| `true`
| List directories first
| data.enable.tar
| bool
| `false`
| Enable uncompressed tar archive generation
| data.enable.tarGZ
| bool
| `false`
| Enable gz-compressed tar archive generation
| data.enable.zip
| bool
| `false`
| Enable zip archive generation WARNING: Zipping large directories can result in out-of-memory exception because zip generation is done in memory and cannot be sent on the fly
| data.hidden
| bool
| `false`
| Show hidden files
| data.hideThemeSelector
| bool
| `false`
| Hide theme selector
| data.hideVersionFooter
| bool
| `true`
| Hide version footer
| data.index
| string
| `"index.html"`
| Normally, when miniserve serves a directory, it creates a listing for that directory. However, if a directory contains this file, miniserve will serve that file instead.
| data.noSymlinks
| bool
| `false`
| Hide symlinks in listing and prevent them from being followed
| data.path
| string
| `"/data"`
| Which path to serve
| data.prettyURLs
| bool
| `false`
| Activate Pretty URLs mode
| data.qrcode
| bool
| `false`
| Enable QR code display
| data.readme
| bool
| `false`
| Enable README.md rendering in directories
| data.routePrefix
| string
| `""`
| Use a specific route prefix
| data.showSymlinkInfo
| bool
| `false`
| Visualize symlinks in directory listing
| data.showWGETFooter
| bool
| `true`
| If enabled, display a wget command to recursively download the current directory
| data.spa
| bool
| `false`
| Activate SPA (Single Page Application) mode
| data.title
| string
| `""`
| Shown instead of host in page title and heading
| data.upload.allowedDir
| string
| `""`
| Enable file uploading (and optionally specify for which directory)
| data.upload.mediaType
| string
| `""`
| Specify uploadable media types: possible values image, audio, video
| data.upload.mkdir
| bool
| `false`
| Enable creating directories
| data.upload.overwriteFiles
| bool
| `false`
| Enable overriding existing files during file upload
| data.upload.rawMediaType
| string
| `""`
| Directly specify the uploadable media type expression
| data.verbose
| bool
| `false`
| Be verbose, includes emitting access logs
| fullnameOverride
| string
| `""`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.repository
| string
| `"docker.io/svenstaro/miniserve"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| nameOverride
| string
| `""`
|
| networkPolicy.egress.enabled
| bool
| `true`
| activate egress no networkpolicy
| networkPolicy.egress.extra
| list
| `[]`
| egress rules
| networkPolicy.enabled
| bool
| `false`
|
| networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller)
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
|
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `false`
|
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
|
| persistence.size
| string
| `"1Gi"`
|
| persistence.storageClass
| string
| `nil`
| data Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources.limits.memory
| string
| `"256Mi"`
|
| resources.requests.cpu
| string
| `"80m"`
|
| resources.requests.memory
| string
| `"128Mi"`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `8080`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
| Annotations to add to the service account
| serviceAccount.create
| bool
| `true`
| Specifies whether a service account should be created
| serviceAccount.name
| string
| `""`
| If not set and create is true, a name is generated using the fullname template
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

180
monitoring/README.adoc
View file

@ -1,180 +0,0 @@
= monitoring
image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/monitoring
----
You can install a chart release using the following command:
[source,bash]
----
helm install monitoring-release oci://codeberg.org/wrenix/helm-charts/monitoring --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall monitoring-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| prober
| list
| `[{"ipv4":true,"ipv6":true,"name":"local","spec":{"path":"/probe","url":"prometheus-blackbox-exporter:9115"}}]`
| prober for each the following probes are created (multiside probes)
| prober[0]
| object
| `{"ipv4":true,"ipv6":true,"name":"local","spec":{"path":"/probe","url":"prometheus-blackbox-exporter:9115"}}`
| name of prober
| prober[0].ipv4
| bool
| `true`
| use this prober for ipv4 probes (default: true)
| prober[0].ipv6
| bool
| `true`
| use this prober for ipv6 probes (default: true)
| prober[0].spec
| object
| `{"path":"/probe","url":"prometheus-blackbox-exporter:9115"}`
| spec of prober (like url, path, scheme ...)
| probes[0]
| object
| `{"groups":{"framasoft":["framasoft.org","degooglisons-internet.org","framapiaf.org","framatube.org"]},"ipv4":true,"ipv6":true,"module":"http_2xx","name":"http"}`
| probe module (suffix with _ipv4 and ipv6 if enabled)
| probes[0].groups
| object
| `{"framasoft":["framasoft.org","degooglisons-internet.org","framapiaf.org","framatube.org"]}`
| groups with targets
| probes[0].ipv4
| bool
| `true`
| setup one for ipv4 (see module and his suffix - default: true)
| probes[0].ipv6
| bool
| `true`
| setup one for ipv6 (see module and his suffix - default: true)
| probes[0].name
| string
| `"http"`
| name of probe
| probes[1].groups
| object
| `{"digitalcourage":["digitalcourage.de","nuudel.digitalcourage.de","digitalcourage.social"]}`
| groups with targets
| probes[1].ipv4
| bool
| `true`
| setup one for ipv4 (see module and his suffix - default: true)
| probes[1].ipv6
| bool
| `false`
| setup one for ipv6 (see module and his suffix - default: true)
| probes[1].module
| string
| `"http_2xx"`
|
| probes[1].name
| string
| `"http-ipv4"`
| name of probe
| prometheus.probe.labels
| object
| `{"prometheus":"default"}`
| labels on Probe
| prometheus.scrape.labels
| object
| `{"prometheus":"default"}`
| labels on ScrapeConfig
| scrapes[0]
| object
| `{"groups":{"de":["ber.de.local:9100","fra.de.local:9100","ham.de.local:9100"],"ie":["dub.ie.local:9100","ork.ie.local:9100"]},"name":"nodes"}`
| name of scrape
| scrapes[0].groups
| object
| `{"de":["ber.de.local:9100","fra.de.local:9100","ham.de.local:9100"],"ie":["dub.ie.local:9100","ork.ie.local:9100"]}`
| groups with targets
| scrapes[1].auth.password
| string
| `nil`
| basic auth password
| scrapes[1].auth.token
| string
| `nil`
| bearer token
| scrapes[1].auth.username
| string
| `nil`
| basic auth username
| scrapes[1].groups
| object
| `{"de":["fra.de.s3.local:9000","ham.de.s3.local:9000"],"ie":["dub.ie.s3.local:9000"]}`
| groups with targets
| scrapes[1].metricsPath
| string
| `"/minio/v2/metrics/node"`
| metric path on scrape
| scrapes[1].name
| string
| `"minio"`
|
| scrapes[1].scheme
| string
| `"http"`
| schema on scrape
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

601
ntfy/README.adoc
View file

@ -1,601 +0,0 @@
= ntfy
image::https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square[Version: 0.4.4]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/ntfy
----
You can install a chart release using the following command:
[source,bash]
----
helm install ntfy-release oci://codeberg.org/wrenix/helm-charts/ntfy --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall ntfy-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| env
| list
| `[]`
| set env in container for usage Environment variables
| envFrom
| list
| `[]`
| set envFrom in container for usage of ConfigMaps or Secrets as a bunch of Environment variables
| fullnameOverride
| string
| `""`
|
| grafana.dashboards.annotations
| object
| `{}`
|
| grafana.dashboards.enabled
| bool
| `false`
|
| grafana.dashboards.labels.grafana_dashboard
| string
| `"1"`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.repository
| string
| `"binwiederhier/ntfy"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| kubectl.image
| object
| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.2"}`
| image needed for setup (store generated VAPID / WebPush keys)
| nameOverride
| string
| `""`
|
| networkPolicy.egress.enabled
| bool
| `true`
| activate egress no networkpolicy
| networkPolicy.egress.extra
| list
| `[]`
| egress rules
| networkPolicy.enabled
| bool
| `false`
|
| networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller)
| networkPolicy.ingress.metrics
| list
| `[]`
| ingress for metrics port (e.g. prometheus)
| networkPolicy.ingress.smtp
| list
| `[]`
| ingress for smtp
| nodeSelector
| object
| `{}`
|
| ntfy.attachment.cacheDir
| string
| `nil`
|
| ntfy.attachment.expireDuration
| string
| `"3h"`
|
| ntfy.attachment.sizeLimit.file
| string
| `"15M"`
|
| ntfy.attachment.sizeLimit.total
| string
| `"5G"`
|
| ntfy.auth.defaultAccess
| string
| `"read-write"`
|
| ntfy.auth.file
| string
| `nil`
|
| ntfy.auth.startupQueries
| string
| `nil`
|
| ntfy.baseURL
| string
| `"https://ntfy.example.org"`
|
| ntfy.behindProxy
| bool
| `true`
|
| ntfy.cache.batch.size
| int
| `0`
|
| ntfy.cache.batch.timeout
| string
| `"0s"`
|
| ntfy.cache.duration
| string
| `"12h"`
|
| ntfy.cache.file
| string
| `nil`
|
| ntfy.cache.startupQueries
| string
| `nil`
|
| ntfy.enableLogin
| bool
| `false`
|
| ntfy.enableReservations
| bool
| `false`
|
| ntfy.enableSignup
| bool
| `false`
|
| ntfy.firebaseKeyFile
| string
| `nil`
|
| ntfy.globalTopicLimit
| int
| `15000`
|
| ntfy.keepaliveInterval
| string
| `"45s"`
|
| ntfy.listen.certFile
| string
| `nil`
|
| ntfy.listen.http
| string
| `":80"`
|
| ntfy.listen.https
| string
| `nil`
|
| ntfy.listen.keyFile
| string
| `nil`
|
| ntfy.listen.unix
| string
| `nil`
|
| ntfy.listen.unixMode
| string
| `nil`
|
| ntfy.managerInterval
| string
| `"1m"`
|
| ntfy.metrics.enable
| bool
| `true`
|
| ntfy.metrics.port
| int
| `9000`
|
| ntfy.smtp.sender.addr
| string
| `nil`
|
| ntfy.smtp.sender.from
| string
| `nil`
|
| ntfy.smtp.sender.pass
| string
| `nil`
|
| ntfy.smtp.sender.user
| string
| `nil`
|
| ntfy.smtp.server.addrPrefix
| string
| `nil`
|
| ntfy.smtp.server.domain
| string
| `nil`
|
| ntfy.upstreamBaseURL
| string
| `"https://ntfy.sh"`
|
| ntfy.visitor.attachment.dailyBandwidthLimit
| string
| `"500M"`
|
| ntfy.visitor.attachment.totalSizeLimit
| string
| `"100M"`
|
| ntfy.visitor.email.limitBurst
| int
| `16`
|
| ntfy.visitor.email.limitReplenish
| string
| `"1h"`
|
| ntfy.visitor.request.limitBurst
| int
| `60`
|
| ntfy.visitor.request.limitExemptHosts
| string
| `""`
|
| ntfy.visitor.request.limitReplenish
| string
| `"5s"`
|
| ntfy.visitor.subscriberRateLimiting
| bool
| `false`
|
| ntfy.visitor.subscriptionLimit
| int
| `30`
|
| ntfy.webPush.emailAddress
| string
| `""`
|
| ntfy.webPush.file
| string
| `"/data/webpush.db"`
|
| ntfy.webPush.keys.create
| bool
| `false`
|
| ntfy.webPush.keys.private
| string
| `nil`
|
| ntfy.webPush.keys.public
| string
| `nil`
|
| ntfy.webRoot
| string
| `"app"`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
|
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `false`
|
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Create a PV on Node with given hostPath storageClass has to be manual
| persistence.size
| string
| `"1Gi"`
|
| persistence.storageClass
| string
| `nil`
| data Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
| set securityContext on pod level
| prometheus.rules.additionalRules
| list
| `[]`
|
| prometheus.rules.enabled
| bool
| `false`
|
| prometheus.rules.labels
| object
| `{}`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.labels
| object
| `{}`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
| set securityContext on container level
| service.http.port
| int
| `80`
|
| service.http.type
| string
| `"ClusterIP"`
|
| service.smtp.enabled
| bool
| `false`
|
| service.smtp.port
| int
| `25`
|
| service.smtp.type
| string
| `"LoadBalancer"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| updateStrategy.type
| string
| `"Recreate"`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

266
postgresql/README.adoc
View file

@ -1,266 +0,0 @@
= postgresql
image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-17.0-alpine-informational?style=flat-square[AppVersion: 17.0-alpine]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/postgresql
----
You can install a chart release using the following command:
[source,bash]
----
helm install postgresql-release oci://codeberg.org/wrenix/helm-charts/postgresql --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall postgresql-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoupgrade.enabled
| bool
| `true`
|
| autoupgrade.image.pullPolicy
| string
| `"IfNotPresent"`
|
| autoupgrade.image.registry
| string
| `"docker.io"`
|
| autoupgrade.image.repository
| string
| `"pgautoupgrade/pgautoupgrade"`
|
| autoupgrade.image.tag
| string
| `"17-alpine"`
|
| autoupgrade.securityContext
| object
| `{}`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"docker.io"`
|
| image.repository
| string
| `"library/postgres"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| job.annotations
| object
| `{"helm.sh/hook":"post-install,post-upgrade","helm.sh/hook-delete-policy":"before-hook-creation,hook-succeeded"}`
| Annotations (usefull to delete job by helm afterwards)
| job.databases
| object
| `{}`
| Bootstrap databases into postgresql server. When databases already exists, they will stay untouched. databases: "name_of_database": owner: "existing_user_which_will_get_grant" additionalParams: "" # Optional
| job.enabled
| bool
| `true`
| Enable database bootstrapping.
| job.retries
| int
| `60`
| Amount of retries while waiting for postgresql server is available.
| job.users
| object
| `{}`
| Bootstrap users into postgresql server. When users already exists, they will stay untouched. users: username: RandomPassword0#"
| job.wait
| int
| `5`
| Time to wait in each wait in each iteration until postgresql server is available.
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
|
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `true`
|
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Do not create an PVC, direct use hostPath in Pod
| persistence.size
| string
| `"1Gi"`
|
| persistence.storageClass
| string
| `nil`
| Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| postgres.password
| string
| `"SUPERSTRONGPW"`
| Database password.
| postgres.user
| string
| `"postgres"`
| Database user.
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `5432`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.create
| bool
| `false`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

5
publish.sh
View file

@ -4,8 +4,6 @@ HELM_REPO=${HELM_REPO:-oci://codeberg.org/wrenix/helm-charts}
COMMIT_SCOPE=${2:-fix} COMMIT_SCOPE=${2:-fix}
COMMIT_MESSAGE=${1:-"update appVersion"} COMMIT_MESSAGE=${1:-"update appVersion"}
ct lint # || exit 1 ct lint # || exit 1
for p in * ; do for p in * ; do
@ -49,12 +47,11 @@ for p in * ; do
fi fi
helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}"
helm-docs -t ./README.adoc.gotmpl -t _docs.gotmpl -o README.adoc -g "${p}"
helm package "${p}" helm package "${p}"
helm push "${p}-${v}.tgz" "${HELM_REPO}"; helm push "${p}-${v}.tgz" "${HELM_REPO}";
git add "${p}/" "docs/modules/charts/nav.adoc" "docs/modules/charts/pages/${p}.adoc" git add "${p}/"
git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}" git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}"
git tag "${tag}" --no-sign; git tag "${tag}" --no-sign;
git push --tags origin main; git push --tags origin main;

326
speedtest-exporter/README.adoc
View file

@ -1,326 +0,0 @@
= speedtest-exporter
image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-3.5.4-informational?style=flat-square[AppVersion: 3.5.4]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/speedtest-exporter
----
You can install a chart release using the following command:
[source,bash]
----
helm install speedtest-exporter-release oci://codeberg.org/wrenix/helm-charts/speedtest-exporter --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall speedtest-exporter-release
----
== Values
.Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| config.cacheFor
| int
| `0`
| cache result for seconds
| config.server
| string
| `nil`
| speedtest-serverid
| config.timeout
| int
| `90`
| timeout of speedtest
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| grafana.dashboards.annotations
| object
| `{}`
|
| grafana.dashboards.enabled
| bool
| `false`
|
| grafana.dashboards.labels.grafana_dashboard
| string
| `"1"`
|
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"ghcr.io"`
|
| image.repository
| string
| `"miguelndecarvalho/speedtest-exporter"`
|
| image.tag
| string
| `""`
|
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| livenessProbe.httpGet.path
| string
| `"/"`
|
| livenessProbe.httpGet.port
| string
| `"http"`
|
| nameOverride
| string
| `""`
|
| networkPolicy.egress.enabled
| bool
| `false`
| activate egress no networkpolicy
| networkPolicy.egress.extra
| list
| `[]`
| egress rules
| networkPolicy.enabled
| bool
| `false`
|
| networkPolicy.ingress.http
| list
| `[]`
| ingress for http port (e.g. ingress-controller, prometheus)
| nodeSelector
| object
| `{}`
|
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.interval
| string
| `"1h"`
| interval
| prometheus.servicemonitor.labels
| object
| `{}`
|
| prometheus.servicemonitor.scrapeTimeout
| string
| `"2m"`
| scrape timeout
| readinessProbe.httpGet.path
| string
| `"/"`
|
| readinessProbe.httpGet.port
| string
| `"http"`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| securityContext
| object
| `{}`
|
| service.port
| int
| `80`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.automount
| bool
| `true`
|
| serviceAccount.create
| bool
| `true`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]

809
stalwart-mail/README.adoc
View file

@ -1,809 +0,0 @@
= stalwart-mail
image::https://img.shields.io/badge/Version-0.0.17-informational?style=flat-square[Version: 0.0.17]
image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application]
image::https://img.shields.io/badge/AppVersion-0.10.5-informational?style=flat-square[AppVersion: 0.10.5]
== Maintainers
.Maintainers
|===
| Name | Email | Url
| WrenIX
|
| <https://wrenix.eu>
|===
= Alpha
WARNING
====
We stop working on this Helm-Chart.
There are still many breaking change like:
* https://github.com/stalwartlabs/mail-server/issues/211[storage.fts in toml configuration has two meanings]
We hope that stalward mail-server becomes more stable.
====
== Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's https://helm.sh/docs[documentation] to get started.
Once Helm has been set up correctly, fetch the charts as follows:
[source,bash]
----
helm pull oci://codeberg.org/wrenix/helm-charts/stalwart-mail
----
You can install a chart release using the following command:
[source,bash]
----
helm install stalwart-mail-release oci://codeberg.org/wrenix/helm-charts/stalwart-mail --values values.yaml
----
To uninstall a chart release use `helm`'s delete command:
[source,bash]
----
helm uninstall stalwart-mail-release
----
== Values
.Values DKIM
|===
| Key | Type | Default | Description
| config.auth.dkim.sign
| list
| `[{"if":"listener != 'smtp'","then":"['rsa', 'ed25519']"},{"else":false}]`
| auth rule for signing with dkim
| config.auth.dkim.verify
| string
| `"relaxed"`
| verify of dkim signature (relaxed, strict, disable)
|===
.Values Authentification
|===
| Key | Type | Default | Description
| config.authentication.fallback-admin.secret
| string
| `"%{env:FALLBACK_ADMIN_SECRET}%"`
| password for fallback authentfication (use env for store in secrets of kubernetes)
| config.authentication.fallback-admin.user
| string
| `"admin"`
| username for fallback authentfication
| secrets.env.FALLBACK_ADMIN_SECRET
| string
| `"supersecret"`
| password for fallback authentfication (env)
|===
.Values Other Values
|===
| Key | Type | Default | Description
| affinity
| object
| `{}`
|
| autoscaling.enabled
| bool
| `false`
|
| autoscaling.maxReplicas
| int
| `100`
|
| autoscaling.minReplicas
| int
| `1`
|
| autoscaling.targetCPUUtilizationPercentage
| int
| `80`
|
| certificate.certmanager.dnsNames[0]
| string
| `"chart-example.local"`
|
| certificate.certmanager.enabled
| bool
| `true`
|
| certificate.certmanager.issuerRef.group
| string
| `"cert-manager.io"`
|
| certificate.certmanager.issuerRef.kind
| string
| `"ClusterIssuer"`
|
| certificate.certmanager.issuerRef.name
| string
| `"letsencrypt-prod"`
|
| certificate.secretName
| string
| `nil`
| not needed if certmanager is used
| config.directory.internal.store
| string
| `"rocksdb"`
|
| config.directory.internal.type
| string
| `"internal"`
|
| config.metrics.prometheus.auth.secret
| string
| `"%{env:METRICS_SECRET}%"`
|
| config.metrics.prometheus.auth.username
| string
| `"%{env:METRICS_USERNAME}%"`
|
| config.metrics.prometheus.enable
| bool
| `true`
|
| config.server.listener.http.bind[0]
| string
| `"[::]:80"`
|
| config.server.listener.http.protocol
| string
| `"http"`
|
| config.server.listener.https.bind[0]
| string
| `"[::]:443"`
|
| config.server.listener.https.protocol
| string
| `"http"`
|
| config.server.listener.https.tls.implicit
| bool
| `true`
|
| config.server.listener.imap.bind[0]
| string
| `"[::]:143"`
|
| config.server.listener.imap.protocol
| string
| `"imap"`
|
| config.server.listener.imaptls.bind[0]
| string
| `"[::]:993"`
|
| config.server.listener.imaptls.protocol
| string
| `"imap"`
|
| config.server.listener.imaptls.tls.implicit
| bool
| `true`
|
| config.server.listener.pop3.bind[0]
| string
| `"[::]:110"`
|
| config.server.listener.pop3.protocol
| string
| `"pop3"`
|
| config.server.listener.pop3s.bind[0]
| string
| `"[::]:995"`
|
| config.server.listener.pop3s.protocol
| string
| `"pop3"`
|
| config.server.listener.pop3s.tls.implicit
| bool
| `true`
|
| config.server.listener.sieve.bind[0]
| string
| `"[::]:4190"`
|
| config.server.listener.sieve.protocol
| string
| `"managesieve"`
|
| config.server.listener.smtp.bind[0]
| string
| `"[::]:25"`
|
| config.server.listener.smtp.protocol
| string
| `"smtp"`
|
| config.server.listener.submission.bind[0]
| string
| `"[::]:587"`
|
| config.server.listener.submission.protocol
| string
| `"smtp"`
|
| config.server.listener.submissions.bind[0]
| string
| `"[::]:465"`
|
| config.server.listener.submissions.protocol
| string
| `"smtp"`
|
| config.server.listener.submissions.tls.implicit
| bool
| `true`
|
| config.storage.blob
| string
| `"rocksdb"`
|
| config.storage.data
| string
| `"rocksdb"`
|
| config.storage.directory
| string
| `"internal"`
|
| config.storage.fts
| string
| `"rocksdb"`
|
| config.storage.lookup
| string
| `"rocksdb"`
|
| config.store.rocksdb.compression
| string
| `"lz4"`
|
| config.store.rocksdb.path
| string
| `"/data"`
|
| config.store.rocksdb.type
| string
| `"rocksdb"`
|
| config.tracer.otel.enable
| bool
| `false`
|
| config.tracer.otel.endpoint
| string
| `"https://127.0.0.1/otel"`
|
| config.tracer.otel.headers
| list
| `[]`
| headers for usage with http (e.g. 'Authorization: <place_auth_here>')
| config.tracer.otel.level
| string
| `"info"`
|
| config.tracer.otel.transport
| string
| `"grpc"`
| grpc or http
| config.tracer.otel.type
| string
| `"open-telemetry"`
|
| config.tracer.stdout.ansi
| bool
| `false`
|
| config.tracer.stdout.enable
| bool
| `true`
|
| config.tracer.stdout.level
| string
| `"info"`
|
| config.tracer.stdout.type
| string
| `"stdout"`
|
| env
| list
| `[]`
|
| fullnameOverride
| string
| `""`
|
| global.image.pullPolicy
| string
| `nil`
| if set it will overwrite all pullPolicy
| global.image.registry
| string
| `nil`
| if set it will overwrite all registry entries
| image.pullPolicy
| string
| `"IfNotPresent"`
|
| image.registry
| string
| `"docker.io"`
|
| image.repository
| string
| `"stalwartlabs/mail-server"`
|
| image.tag
| string
| `""`
| Overrides the image tag whose default is the chart appVersion.
| imagePullSecrets
| list
| `[]`
|
| ingress.annotations
| object
| `{}`
|
| ingress.className
| string
| `""`
|
| ingress.enabled
| bool
| `false`
|
| ingress.hosts[0].host
| string
| `"chart-example.local"`
|
| ingress.hosts[0].paths[0].path
| string
| `"/"`
|
| ingress.hosts[0].paths[0].pathType
| string
| `"ImplementationSpecific"`
|
| ingress.tls
| list
| `[]`
|
| livenessProbe.httpGet.path
| string
| `"/healthz/live"`
|
| livenessProbe.httpGet.port
| string
| `"http"`
|
| nameOverride
| string
| `""`
|
| nodeSelector
| object
| `{}`
|
| persistence.accessMode
| string
| `"ReadWriteOnce"`
| accessMode
| persistence.annotations
| object
| `{}`
|
| persistence.enabled
| bool
| `true`
| Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
| persistence.existingClaim
| string
| `nil`
| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound
| persistence.hostPath
| string
| `nil`
| Do not create an PVC, direct use hostPath in Pod
| persistence.size
| string
| `"10Gi"`
| size
| persistence.storageClass
| string
| `nil`
| Persistent Volume Storage Class If defined, storageClassName: <storageClass> If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack)
| podAnnotations
| object
| `{}`
|
| podLabels
| object
| `{}`
|
| podSecurityContext
| object
| `{}`
|
| prometheus.servicemonitor.enabled
| bool
| `false`
|
| prometheus.servicemonitor.labels
| object
| `{}`
|
| readinessProbe.httpGet.path
| string
| `"/healthz/ready"`
|
| readinessProbe.httpGet.port
| string
| `"http"`
|
| replicaCount
| int
| `1`
|
| resources
| object
| `{}`
|
| secrets.env.METRICS_SECRET
| string
| `"scrape_metrics_password"`
|
| secrets.env.METRICS_USERNAME
| string
| `"scrape_metrics_user"`
|
| securityContext
| object
| `{}`
|
| service.annotations
| object
| `{}`
|
| service.ipFamilies[0]
| string
| `"IPv4"`
|
| service.ipFamilyPolicy
| string
| `"SingleStack"`
| other option is RequireDualStack
| service.ports.http
| int
| `80`
|
| service.ports.https
| int
| `443`
|
| service.ports.imap
| int
| `143`
|
| service.ports.imaptls
| int
| `993`
|
| service.ports.pop3
| int
| `110`
|
| service.ports.pop3s
| int
| `995`
|
| service.ports.sieve
| int
| `4190`
|
| service.ports.smtp
| int
| `25`
|
| service.ports.submission
| int
| `587`
|
| service.ports.submissions
| int
| `465`
|
| service.type
| string
| `"ClusterIP"`
|
| serviceAccount.annotations
| object
| `{}`
|
| serviceAccount.automount
| bool
| `true`
|
| serviceAccount.create
| bool
| `false`
|
| serviceAccount.name
| string
| `""`
|
| tolerations
| list
| `[]`
|
| traefik.enabled
| bool
| `false`
|
| traefik.ports.https.entrypoint
| string
| `"websecure"`
|
| traefik.ports.https.match
| string
| `nil`
|
| traefik.ports.https.passthroughTLS
| bool
| `true`
|
| traefik.ports.https.proxyProtocol
| bool
| `true`
|
| traefik.ports.imaptls.entrypoint
| string
| `"imaps"`
|
| traefik.ports.imaptls.match
| string
| `nil`
|
| traefik.ports.imaptls.passthroughTLS
| bool
| `true`
|
| traefik.ports.imaptls.proxyProtocol
| bool
| `true`
|
| traefik.ports.pop3s.entrypoint
| string
| `"pop3s"`
|
| traefik.ports.pop3s.match
| string
| `nil`
|
| traefik.ports.pop3s.passthroughTLS
| bool
| `true`
|
| traefik.ports.pop3s.proxyProtocol
| bool
| `true`
|
| traefik.ports.sieve.entrypoint
| string
| `"sieve"`
|
| traefik.ports.sieve.match
| string
| `nil`
|
| traefik.ports.sieve.passthroughTLS
| bool
| `true`
|
| traefik.ports.sieve.proxyProtocol
| bool
| `true`
|
| traefik.ports.smtp.entrypoint
| string
| `"smtp"`
|
| traefik.ports.smtp.match
| string
| `nil`
|
| traefik.ports.smtp.proxyProtocol
| bool
| `true`
|
| traefik.ports.submissions.entrypoint
| string
| `"smtps"`
|
| traefik.ports.submissions.match
| string
| `nil`
|
| traefik.ports.submissions.passthroughTLS
| bool
| `true`
|
| traefik.ports.submissions.proxyProtocol
| bool
| `true`
|
| volumeMounts
| list
| `[]`
|
| volumes
| list
| `[]`
|
|===
Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs]