From 3d1999fd7a3e8ad1c7c33188afdc02b70d9b801e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 9 Mar 2024 10:09:48 +0000 Subject: [PATCH 001/256] fix(stalwart-mail): update AppVersion to v0.8.1 --- stalwart-mail/Chart.yaml | 4 +- stalwart-mail/README.adoc | 876 +++++------------------ stalwart-mail/templates/configmap.yaml | 10 + stalwart-mail/templates/deployment.yaml | 18 +- stalwart-mail/templates/secrets-env.yaml | 11 + stalwart-mail/templates/secrets.yaml | 20 - stalwart-mail/templates/traefik.yaml | 4 +- stalwart-mail/values.yaml | 738 ++----------------- 8 files changed, 278 insertions(+), 1403 deletions(-) create mode 100644 stalwart-mail/templates/configmap.yaml create mode 100644 stalwart-mail/templates/secrets-env.yaml delete mode 100644 stalwart-mail/templates/secrets.yaml diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 79820e4..bc012c9 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.4 +version: 0.0.5 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.6.0" +appVersion: "0.8.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index 876b2bf..446c7f7 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.4-informational?style=flat-square[Version: 0.0.4] +image::https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square[Version: 0.0.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.0-informational?style=flat-square[AppVersion: 0.6.0] +image::https://img.shields.io/badge/AppVersion-0.8.1-informational?style=flat-square[AppVersion: 0.8.1] == Maintainers .Maintainers @@ -56,7 +56,41 @@ helm uninstall stalwart-mail-release == Values -.Values +.Values DKIM +|=== +| Key | Type | Default | Description + +| config.auth.dkim.sign +| list +| `[{"if":"listener != 'smtp'","then":"['rsa', 'ed25519']"},{"else":false}]` +| auth rule for signing with dkim + +| config.auth.dkim.verify +| string +| `"relaxed"` +| verify of dkim signature (relaxed, strict, disable) +|=== + +.Values Authentification +|=== +| Key | Type | Default | Description + +| config.authentication.fallback-admin.secret +| string +| `"%{env:FALLBACK_ADMIN_SECRET}%"` +| password for fallback authentfication (use env for store in secrets of kubernetes) + +| config.authentication.fallback-admin.user +| string +| `"admin"` +| username for fallback authentfication + +| secrets.env.FALLBACK_ADMIN_SECRET +| string +| `"supersecret"` +| password for fallback authentfication (env) +|=== +.Values Other Values |=== | Key | Type | Default | Description @@ -115,765 +149,205 @@ helm uninstall stalwart-mail-release | `nil` | not needed if certmanager is used -| config.acme.letsencrypt -| object -| `{"cache":"/opt/stalwart-mail/etc/acme","contact":["postmaster@%{DEFAULT_DOMAIN}%"],"directory":"https://acme-v02.api.letsencrypt.org/directory","port":443,"renew-before":"30d"}` -| acme with name letsencrypt (from: common/tls.toml) - -| config.acme.letsencrypt.cache +| config.directory.internal.store | string -| `"/opt/stalwart-mail/etc/acme"` -| acme cache (from: common/tls.toml) - -| config.acme.letsencrypt.contact -| list -| `["postmaster@%{DEFAULT_DOMAIN}%"]` -| acme contact (from: common/tls.toml) - -| config.acme.letsencrypt.directory -| string -| `"https://acme-v02.api.letsencrypt.org/directory"` -| acme directory (from: common/tls.toml) - -| config.acme.letsencrypt.port -| int -| `443` -| acme port (from: common/tls.toml) - -| config.acme.letsencrypt.renew-before -| string -| `"30d"` -| acme renew-before (from: common/tls.toml) - -| config.certificate.default -| object -| `{"cert":"file:///opt/stalwart-mail/etc/certs/tls.crt","private-key":"file:///opt/stalwart-mail/etc/certs/tls.key"}` -| certificate with name default (from: common/tls.toml) - -| config.certificate.default.cert -| string -| `"file:///opt/stalwart-mail/etc/certs/tls.crt"` -| certificate cert (from: common/tls.toml) - -| config.certificate.default.private-key -| string -| `"file:///opt/stalwart-mail/etc/certs/tls.key"` -| certificate private-key (from: common/tls.toml) - -| config.directory.memory -| object -| `{"disable":false,"options":{"catch-all":true,"subaddressing":true},"principals":[{"description":"Superuser","mail":["postmaster@%{DEFAULT_DOMAIN}%"],"name":"admin","secret":"changeme","type":"admin"}],"type":"memory"}` -| directory - with name memory (from: directory/internal.yaml) - -| config.directory.memory.disable -| bool -| `false` -| overwrite me, if not wanted - -| config.global.shared-map.capacity -| int -| `10` -| global shared-map capacity (from: common/server.toml) - -| config.global.shared-map.shard -| int -| `32` -| global shared-map shard (from: common/server.toml) - -| config.global.thread-pool -| string -| `nil` -| global thead-pool (from: common/server.toml) - -| config.global.tracing -| object -| `{"level":"info","method":"stdout"}` -| global tracing (from: common/tracing.toml) - -| config.imap.auth.allow-plain-text -| bool -| `false` -| imap auth allow-plain-text (from: imap/settings.toml) - -| config.imap.auth.max-failures -| int -| `3` -| imap auth max-failures(from: imap/settings.toml) - -| config.imap.folders.name.shared -| string -| `"Shared Folders"` -| imap folders name shared (from: imap/settings.toml) - -| config.imap.protocol.uidplus -| bool -| `false` -| imap protocol uidplus (from: imap/settings.toml) - -| config.imap.rate-limit.concurrent -| int -| `6` -| imap rate-limit concurrent (from: imap/settings.toml) - -| config.imap.rate-limit.requests -| string -| `"2000/1m"` -| imap rate-limit requests (from: imap/settings.toml) - -| config.imap.request.max-size -| int -| `52428800` -| imap request max-size (from: imap/settings.toml) - -| config.imap.timeout.anonymous -| string -| `"1m"` -| imap timeout anonymous (from: imap/settings.toml) - -| config.imap.timeout.authenticated -| string -| `"30m"` -| imap timeout authenticated (from: imap/settings.toml) - -| config.imap.timeout.idle -| string -| `"30m"` -| imap timeout idle (from: imap/settings.toml) - -| config.jmap.directory -| string -| `"%{DEFAULT_DIRECTORY}%"` -| jmap-directory (from: jmap/auth.yaml) - -| config.jmap.email -| object -| `{"max-attachment-size":50000000,"max-size":75000000,"parse":{"max-items":10}}` -| jmap-email - -| config.jmap.event-source -| object -| `{"throttle":"1s"}` -| jmap-event-source - -| config.jmap.mailbox -| object -| `{"max-depth":10,"max-name-length":255}` -| jmap-mailbox - -| config.jmap.principal -| object -| `{"allow-lookups":true}` -| jmap-principal - -| config.jmap.protocol -| object -| `{"changes":{"max-results":5000},"get":{"max-objects":500},"query":{"max-results":5000},"request":{"max-calls":16,"max-concurrent":4,"max-size":10000000},"set":{"max-objects":500},"upload":{"max-concurrent":4,"max-size":50000000,"quota":{"files":1000,"size":50000000},"ttl":"1h"}}` -| jmap-protocol (from: jmap/protocol.yaml) - -| config.jmap.push -| object -| `{"attempts":{"interval":"1m","max":3},"max-total":100,"retry":{"interval":"1s"},"throttle":"1ms","timeout":{"request":"10s","verify":"1s"}}` -| jmap-push (from: jmap/push.yaml) - -| config.jmap.rate-limit -| object -| `{"account":"1000/1m","anonymous":"100/1m","authentication":"10/1m","cache":{"size":1024},"use-forwarded":true}` -| jmap-rate-limit (from: jmap/ratelimit.yaml) - -| config.jmap.session -| object -| `{"cache":{"size":100,"ttl":"1h"},"purge":{"frequency":"0 3 *"}}` -| jmap-session (from: jmap/auth.yaml) - -| config.jmap.web-sockets -| object -| `{"heartbeat":"1m","throttle":"1s","timeout":"10m"}` -| jmap-web-sockets (from: jmap/websocket.yaml) - -| config.macros -| object -| `{"default_directory":"memory","default_domain":"__DOMAIN__","default_store":"sqlite","host":"__HOST__"}` -| macros (from: config.toml) - -| config.oauth.auth -| object -| `{"max-attempts":3}` -| oauth - auth - -| config.oauth.cache -| object -| `{"size":128}` -| oauth - cache - -| config.oauth.expiry -| object -| `{"auth-code":"10m","refresh-token":"30d","refresh-token-renew":"4d","token":"1h","user-code":"30m"}` -| oauth - expiry - -| config.oauth.key -| string -| `"__OAUTH_KEY__"` -| oauth - key - -| config.queue.hash -| int -| `64` -| queue-hash - -| config.queue.outbound -| object -| `{"ip-strategy":"ipv4_then_ipv6","limits":{"multihomed":2,"mx":7},"next-hop":[{"if":"is_local_domain('%{DEFAULT_DIRECTORY}%', rcpt_domain)","then":"'local'"},{"else":false}],"timeouts":{"connect":"3m","data":"10m","ehlo":"3m","greeting":"3m","mail-from":"3m","mta-sts":"2m","rcpt-to":"3m","tls":"2m"},"tls":{"allow-invalid-certs":false,"dane":"optional","mta-sts":"optional","starttls":"require"}}` -| queue-outbound - -| config.queue.path -| string -| `"/data/queue"` -| queue-path - -| config.queue.quota[0].key -| string -| `nil` +| `"rocksdb"` | -| config.queue.quota[0].match +| config.directory.internal.type | string -| `nil` +| `"internal"` | -| config.queue.quota[0].messages -| int -| `100000` -| - -| config.queue.quota[0].size -| int -| `10737418240` -| - -| config.queue.schedule -| object -| `{"expire":"5d","notify":"[1d, 3d]","retry":"[2m, 5m, 10m, 15m, 30m, 1h, 2h]"}` -| queue-schedule - -| config.queue.throttle[0].concurrency -| int -| `5` -| - -| config.queue.throttle[0].key[0] +| config.server.listener.https.bind[0] | string -| `"rcpt_domain"` +| `"[::]:80"` | -| config.queue.throttle[0].rate +| config.server.listener.https.protocol | string -| `nil` +| `"http"` | -| config.report.analysis -| object -| `{"addresses":["dmarc@*","abuse@*","postmaster@*"],"forward":true}` -| report-analysis - -| config.report.dkim -| object -| `{"from-address":"'noreply-dkim@%{DEFAULT_DOMAIN}%'","from-name":"'Report Subsystem'","send":"[1, 1d]","sign":"['rsa']","subject":"'DKIM Authentication Failure Report'"}` -| report-dkim - -| config.report.dmarc -| object -| `{"aggregate":{"from-address":"'noreply-dmarc@%{DEFAULT_DOMAIN}%'","from-name":"'DMARC Report'","max-size":26214400,"org-name":"'%{DEFAULT_DOMAIN}%'","send":"daily","sign":"['rsa']"},"from-address":"'noreply-dmarc@%{DEFAULT_DOMAIN}%'","from-name":"'Report Subsystem'","send":"[1, 1d]","sign":"['rsa']","subject":"'DMARC Authentication Failure Report'"}` -| report-dmarc - -| config.report.dmarc.aggregate.max-size -| int -| `26214400` -| default: 25 mb - -| config.report.dsn -| object -| `{"from-address":"'MAILER-DAEMON@%{DEFAULT_DOMAIN}%'","from-name":"'Mail Delivery Subsystem'","sign":"['rsa']"}` -| report-dsn - -| config.report.hash -| int -| `64` -| report-hash - -| config.report.path -| string -| `"/data/reports"` -| report-path - -| config.report.spf -| object -| `{"from-address":"'noreply-spf@%{DEFAULT_DOMAIN}%'","from-name":"'Report Subsystem'","send":"[1, 1d]","sign":"['rsa']","subject":"'SPF Authentication Failure Report'"}` -| report-spf - -| config.report.tls -| object -| `{"aggregate":{"from-address":"'noreply-tls@%{DEFAULT_DOMAIN}%'","from-name":"'TLS Report'","max-size":26214400,"org-name":"'%{DEFAULT_DOMAIN}%'","send":"daily","sign":"['rsa']"}}` -| report-tls - -| config.report.tls.aggregate.max-size -| int -| `26214400` -| default: 25 mb - -| config.resolver.attempts -| int -| `2` -| resolver-attempts - -| config.resolver.cache -| object -| `{"ipv4":1024,"ipv6":1024,"mta-sts":1024,"mx":1024,"ptr":1024,"tlsa":1024,"txt":2048}` -| resolver-cache - -| config.resolver.concurrency -| int -| `2` -| resolver-concurrency - -| config.resolver.preserve-intermediates +| config.server.listener.https.tls.implicit | bool | `true` -| resolver-preserve-intermediates +| -| config.resolver.public-suffix -| list -| `["https://publicsuffix.org/list/public_suffix_list.dat","file:///opt/stalwart-mail/etc/spamfilter/maps/suffix_list.dat.gz"]` -| resolver-public-suffix - -| config.resolver.timeout +| config.server.listener.imap.bind[0] | string -| `"5s"` -| resolver-timeout +| `"[::]:143"` +| -| config.resolver.try-tcp-on-error +| config.server.listener.imap.protocol +| string +| `"imap"` +| + +| config.server.listener.imaptls.bind[0] +| string +| `"[::]:993"` +| + +| config.server.listener.imaptls.protocol +| string +| `"imap"` +| + +| config.server.listener.imaptls.tls.implicit | bool | `true` -| resolver-try-tcp-on-error +| -| config.resolver.type +| config.server.listener.sieve.bind[0] | string -| `"system"` -| resolver-type +| `"[::]:4190"` +| -| config.server.hostname +| config.server.listener.sieve.protocol | string -| `"%{HOST}%"` -| server hostname (from: common/server.toml) +| `"managesieve"` +| -| config.server.listener -| object -| `{"http":{"bind":["[::]:80"],"protocol":"jmap","url":"https://%{HOST}%"},"imap":{"bind":["[::]:143"],"protocol":"imap"},"imaps":{"bind":["[::]:993"],"protocol":"imap","tls":{"implicit":true}},"sieve":{"bind":["[::]:4190"],"protocol":"managesieve","tls":{"implicit":true}},"smtp":{"bind":["[::]:25"],"protocol":"smtp"},"smtp-submission":{"bind":["[::]:587"],"protocol":"smtp"},"smtps":{"bind":["[::]:465"],"protocol":"smtp","tls":{"implicit":true}}}` -| server listener +| config.server.listener.smtp.bind[0] +| string +| `"[::]:25"` +| -| config.server.listener.http -| object -| `{"bind":["[::]:80"],"protocol":"jmap","url":"https://%{HOST}%"}` -| jmap/listener.yaml +| config.server.listener.smtp.protocol +| string +| `"smtp"` +| -| config.server.listener.imap -| object -| `{"bind":["[::]:143"],"protocol":"imap"}` -| server listener with name imap (from: imap/listener.toml) +| config.server.listener.submission.bind[0] +| string +| `"[::]:587"` +| -| config.server.listener.imaps -| object -| `{"bind":["[::]:993"],"protocol":"imap","tls":{"implicit":true}}` -| server listener with name imaps (from: imap/listener.toml) +| config.server.listener.submission.protocol +| string +| `"smtp"` +| -| config.server.listener.sieve -| object -| `{"bind":["[::]:4190"],"protocol":"managesieve","tls":{"implicit":true}}` -| server listener with name sieve (from: imap/listener.toml) +| config.server.listener.submissions.bind[0] +| string +| `"[::]:465"` +| + +| config.server.listener.submissions.protocol +| string +| `"smtp"` +| + +| config.server.listener.submissions.tls.implicit +| bool +| `true` +| | config.server.run-as.group | string | `"stalwart-mail"` -| server run-as group (from: common/server.toml) +| server run-as group | config.server.run-as.user | string | `"stalwart-mail"` -| server run-as user (from: common/server.toml) - -| config.server.security.blocked-networks -| object -| `{}` -| server security blocked-networks (from: common/server.toml) - -| config.server.security.fail2ban -| string -| `"100/1d"` -| server security fail2ban (from: common/server.toml) - -| config.server.socket.backlog -| int -| `1024` -| server socket backlog (from: common/server.toml) - -| config.server.socket.linger -| int -| `1` -| server socket linger (from: common/server.toml) - -| config.server.socket.nodelay -| bool -| `true` -| server socket nodelay (from: common/server.toml) - -| config.server.socket.recv-buffer-size -| int -| `65535` -| server socket recv-buffer-size (from: common/server.toml) - -| config.server.socket.reuse-addr -| bool -| `true` -| server socket reuse-addr (from: common/server.toml) - -| config.server.socket.reuse-port -| bool -| `false` -| server socket reuse-port (from: common/server.toml) - -| config.server.socket.send-buffer-size -| int -| `65535` -| server socket send-buffer-size (from: common/server.toml) - -| config.server.socket.tos -| int -| `1` -| server socket tos (from: common/server.toml) - -| config.server.socket.ttl -| int -| `3600` -| server socket ttl (from: common/server.toml) - -| config.server.tls.acme -| string -| `nil` -| server tls acme (from: common/tls.toml) example: "letsencrypt" - -| config.server.tls.certificate -| string -| `"default"` -| server tls certificate (from: common/tls.toml) - -| config.server.tls.ciphers -| string -| `nil` -| server tls #ciphers (from: common/tls.toml) example: [ "TLS13_AES_256_GCM_SHA384", "TLS13_AES_128_GCM_SHA256", "TLS13_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"] - -| config.server.tls.enable -| bool -| `true` -| server tls enable (from: common/tls.toml) - -| config.server.tls.ignore-client-order -| bool -| `true` -| server tls ignore-client-order (from: common/tls.toml) - -| config.server.tls.implicit -| bool -| `false` -| server tls implicit (from: common/tls.toml) - -| config.server.tls.protocols -| string -| `nil` -| server tls protocols (from: common/tls.toml) example: ["TLSv1.2", "TLSv1.3"] - -| config.server.tls.sni -| string -| `nil` -| server tls sni (from: common/tls.toml) example: [{subject: "", certificate: ""}] - -| config.server.tls.timeout -| string -| `"1m"` -| server tls timeout (from: common/tls.toml) - -| config.sieve.trusted.from-addr -| string -| `"no-reply@%{DEFAULT_DOMAIN}%"` -| sieve trusted from-addr (from: common/sieve.toml) - -| config.sieve.trusted.from-name -| string -| `"Automated Message"` -| sieve trusted from-name (from: common/sieve.toml) - -| config.sieve.trusted.hostname -| string -| `"%{HOST}%"` -| sieve trusted hostname (from: common/sieve.toml) - -| config.sieve.trusted.limits.cpu -| int -| `1048576` -| sieve trusted limits cpu (from: common/sieve.toml) - -| config.sieve.trusted.limits.duplicate-expiry -| string -| `"7d"` -| sieve trusted limits duplicate-expiry (from: common/sieve.toml) - -| config.sieve.trusted.limits.nested-includes -| int -| `5` -| sieve trusted limits nested-includes (from: common/sieve.toml) - -| config.sieve.trusted.limits.out-messages -| int -| `5` -| sieve trusted limits out-messages (from: common/sieve.toml) - -| config.sieve.trusted.limits.received-headers -| int -| `50` -| sieve trusted limits received-headers (from: common/sieve.toml) - -| config.sieve.trusted.limits.redirects -| int -| `3` -| sieve trusted limits redirects (from: common/sieve.toml) - -| config.sieve.trusted.no-capability-check -| bool -| `true` -| sieve trusted no-capability-check (from: common/sieve.toml) - -| config.sieve.trusted.return-path -| string -| `""` -| sieve trusted return-path (from: common/sieve.toml) - -| config.sieve.trusted.scripts.connect -| string -| `nil` -| sieve trusted scripts connect (from: common/sieve.toml) - -| config.sieve.trusted.scripts.ehlo -| string -| `nil` -| sieve trusted scripts ehlo (from: common/sieve.toml) - -| config.sieve.trusted.scripts.mail -| string -| `nil` -| sieve trusted scripts mail (from: common/sieve.toml) - -| config.sieve.trusted.sign -| list -| `["rsa"]` -| sieve trusted sign (from: common/sieve.toml) - -| config.sieve.untrusted.default-expiry.duplicate -| string -| `"7d"` -| sieve untrusted default-expiry duplicate (from: common/sieve.toml) - -| config.sieve.untrusted.default-expiry.vacation -| string -| `"30d"` -| sieve untrusted default-expiry vacation (from: common/sieve.toml) - -| config.sieve.untrusted.disable-capabilities -| list -| `[]` -| sieve untrusted disable-capabilities (from: common/sieve.toml) - -| config.sieve.untrusted.limits.cpu -| int -| `5000` -| sieve untrusted limit cpu (from: common/sieve.toml) - -| config.sieve.untrusted.limits.header-size -| int -| `1024` -| sieve untrusted limit header-size (from: common/sieve.toml) - -| config.sieve.untrusted.limits.includes -| int -| `3` -| sieve untrusted limit includes (from: common/sieve.toml) - -| config.sieve.untrusted.limits.local-variables -| int -| `128` -| sieve untrusted limit local-variables (from: common/sieve.toml) - -| config.sieve.untrusted.limits.match-variables -| int -| `30` -| sieve untrusted limit match-variables (from: common/sieve.toml) - -| config.sieve.untrusted.limits.max-scripts -| int -| `256` -| sieve untrusted limit max-scripts (from: common/sieve.toml) - -| config.sieve.untrusted.limits.name-length -| int -| `512` -| sieve untrusted limit name-length (from: common/sieve.toml) - -| config.sieve.untrusted.limits.nested-blocks -| int -| `15` -| sieve untrusted limit nested-blocks (from: common/sieve.toml) - -| config.sieve.untrusted.limits.nested-foreverypart -| int -| `3` -| sieve untrusted limit nested-foreverypart (from: common/sieve.toml) - -| config.sieve.untrusted.limits.nested-includes -| int -| `3` -| sieve untrusted limit nested-includes (from: common/sieve.toml) - -| config.sieve.untrusted.limits.nested-tests -| int -| `15` -| sieve untrusted limit nested-tests (from: common/sieve.toml) - -| config.sieve.untrusted.limits.outgoing-messages -| int -| `3` -| sieve untrusted limit outgoing-messages (from: common/sieve.toml) - -| config.sieve.untrusted.limits.received-headers -| int -| `10` -| sieve untrusted limit received-headers (from: common/sieve.toml) - -| config.sieve.untrusted.limits.redirects -| int -| `1` -| sieve untrusted limit redirects (from: common/sieve.toml) - -| config.sieve.untrusted.limits.script-size -| int -| `102400` -| sieve untrusted limit script-size (from: common/sieve.toml) - -| config.sieve.untrusted.limits.string-length -| int -| `4096` -| sieve untrusted limit string-length (from: common/sieve.toml) - -| config.sieve.untrusted.limits.variable-name-length -| int -| `32` -| sieve untrusted limit variable-name-length (from: common/sieve.toml) - -| config.sieve.untrusted.limits.variable-size -| int -| `4096` -| sieve untrusted limit variable-size (from: common/sieve.toml) - -| config.sieve.untrusted.notification-uris -| list -| `["mailto"]` -| sieve untrusted notification-uris (from: common/sieve.toml) - -| config.sieve.untrusted.protected-headers -| list -| `["Original-Subject","Original-From","Received","Auto-Submitted"]` -| sieve untrusted protected-headers (from: common/sieve.toml) - -| config.sieve.untrusted.vacation.default-subject -| string -| `"Automated reply"` -| sieve untrusted vacation default-subject (from: common/sieve.toml) - -| config.sieve.untrusted.vacation.subject-prefix -| string -| `"Auto: "` -| sieve untrusted vacation subject-prefix (from: common/sieve.toml) - -| config.signature.rsa -| object -| `{"algorithm":"rsa-sha256","canonicalization":"relaxed/relaxed","domain":"%{DEFAULT_DOMAIN}%","headers":["From","To","Date","Subject","Message-ID"],"private-key":"file://opt/stalwart-mail/etc/dkim/private.key","report":true,"selector":"stalwart","set-body-length":false}` -| signature-rsa +| server run-as user | config.storage.blob | string -| `"%{DEFAULT_STORE}%"` -| storage blob (from: common/store.toml) - -| config.storage.cluster.node-id -| string -| `nil` -| storage - cluster - node-id (from: common/store.toml) +| `"rocksdb"` +| | config.storage.data | string -| `"%{DEFAULT_STORE}%"` -| storage data (from: common/store.toml) +| `"rocksdb"` +| | config.storage.directory | string -| `"%{DEFAULT_DIRECTORY}%"` -| storage directory (from: common/store.toml) - -| config.storage.encryption.append -| bool -| `false` -| storage encryption append (from: common/store.toml) - -| config.storage.encryption.enable -| bool -| `true` -| storage encryption enable (from: common/store.toml) +| `"internal"` +| | config.storage.fts | string -| `"%{DEFAULT_STORE}%"` -| storage fts (from: common/store.toml) BROKEN / TODO see: https://github.com/stalwartlabs/mail-server/issues/211 - -| config.storage.fts-table-duplicated-workaround.default-language -| string -| `"en"` -| storage - fts - default-language (from: common/store.toml) +| `"rocksdb"` +| | config.storage.lookup | string -| `"%{DEFAULT_STORE}%"` -| storage lookup (from: common/store.toml) +| `"rocksdb"` +| -| config.storage.spam.header +| config.store.rocksdb.compression | string -| `"X-Spam-Status: Yes"` -| storage spam header (from: common/store.toml) +| `"lz4"` +| -| config.store.fs -| object -| `{"depth":2,"disable":false,"path":"/data/blobs","purge":{"frequency":"0 3 *"},"type":"fs"}` -| store - with name fs +| config.store.rocksdb.path +| string +| `"/data"` +| -| config.store.fs.disable +| config.store.rocksdb.type +| string +| `"rocksdb"` +| + +| config.tracer.otel.enable | bool | `false` -| overwrite me, if not wanted +| -| config.store.sqlite -| object -| `{"disable":false,"path":"/data/index.sqlite3","purge":{"frequency":"0 3 *"},"query":{"domains":"SELECT 1 FROM emails WHERE address LIKE '%@' || ? LIMIT 1","emails":"SELECT address FROM emails WHERE name = ? AND type != 'list' ORDER BY type DESC, address ASC","expand":"SELECT p.address FROM emails AS p JOIN emails AS l ON p.name = l.name WHERE p.type = 'primary' AND l.address = ? AND l.type = 'list' ORDER BY p.address LIMIT 50","members":"SELECT member_of FROM group_members WHERE name = ?","name":"SELECT name, type, secret, description, quota FROM accounts WHERE name = ? AND active = true","recipients":"SELECT name FROM emails WHERE address = ?","verify":"SELECT address FROM emails WHERE address LIKE '%' || ? || '%' AND type = 'primary' ORDER BY address LIMIT 5"},"type":"sqlite"}` -| store - with name sqlite +| config.tracer.otel.endpoint +| string +| `"https://127.0.0.1/otel"` +| -| config.store.sqlite.disable +| config.tracer.otel.headers +| list +| `[]` +| headers for usage with http (e.g. 'Authorization: ') + +| config.tracer.otel.level +| string +| `"info"` +| + +| config.tracer.otel.transport +| string +| `"grpc"` +| grpc or http + +| config.tracer.otel.type +| string +| `"open-telemetry"` +| + +| config.tracer.stdout.ansi | bool | `false` -| overwrite me, if not wanted +| + +| config.tracer.stdout.enable +| bool +| `true` +| + +| config.tracer.stdout.level +| string +| `"info"` +| + +| config.tracer.stdout.type +| string +| `"stdout"` +| + +| env +| list +| `[]` +| | fullnameOverride | string diff --git a/stalwart-mail/templates/configmap.yaml b/stalwart-mail/templates/configmap.yaml new file mode 100644 index 0000000..ae34beb --- /dev/null +++ b/stalwart-mail/templates/configmap.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "stalwart-mail.fullname" . }} + labels: + {{- include "stalwart-mail.labels" . | nindent 4 }} +data: + "config.toml": | + {{- toToml .Values.config | replace ".0\n" "\n" | nindent 4 }} diff --git a/stalwart-mail/templates/deployment.yaml b/stalwart-mail/templates/deployment.yaml index c7f63df..9aee1cd 100644 --- a/stalwart-mail/templates/deployment.yaml +++ b/stalwart-mail/templates/deployment.yaml @@ -14,7 +14,8 @@ spec: template: metadata: annotations: - confighash: {{ toYaml .Values.config | sha256sum | trunc 32 }} + config-hash: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + secret-env-hash: {{ include (print $.Template.BasePath "/secrets-env.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} @@ -39,6 +40,13 @@ spec: image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} {{- end }} + {{- with .Values.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + envFrom: + - secretRef: + name: {{ include "stalwart-mail.fullname" . }}-env ports: {{- range $name, $port := .Values.service.ports }} - name: {{ $name }} @@ -62,9 +70,7 @@ spec: - name: config mountPath: "/opt/stalwart-mail/etc/config.toml" subPath: "config.toml" - - name: config - mountPath: "/opt/stalwart-mail/etc/dkim/private.key" - subPath: "dkim.key" + readOnly: true {{- if or .Values.certificate.secretName .Values.certificate.certmanager.enabled }} - name: certificate mountPath: "/opt/stalwart-mail/etc/certs" @@ -74,8 +80,8 @@ spec: {{- end }} volumes: - name: "config" - secret: - secretName: {{ include "stalwart-mail.fullname" . }} + configMap: + name: {{ include "stalwart-mail.fullname" . }} {{- if or .Values.certificate.secretName .Values.certificate.certmanager.enabled }} - name: certificate secret: diff --git a/stalwart-mail/templates/secrets-env.yaml b/stalwart-mail/templates/secrets-env.yaml new file mode 100644 index 0000000..14a9584 --- /dev/null +++ b/stalwart-mail/templates/secrets-env.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "stalwart-mail.fullname" . }}-env + labels: + {{- include "stalwart-mail.labels" . | nindent 4 }} +data: + {{- range $key, $value := .Values.secrets.env }} + {{ $key }}: {{ $value | b64enc }} + {{- end }} diff --git a/stalwart-mail/templates/secrets.yaml b/stalwart-mail/templates/secrets.yaml deleted file mode 100644 index 74efdf2..0000000 --- a/stalwart-mail/templates/secrets.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "stalwart-mail.fullname" . }} - labels: - {{- include "stalwart-mail.labels" . | nindent 4 }} - annotations: - confighash: {{ toYaml .Values.config | sha256sum | trunc 32 }} -data: - "config.toml": {{ regexReplaceAll - "trusted-networks = \\[(.*)\\]" - ( - toToml .Values.config - | replace ".0\n" "\n" - | replace "fts-table-duplicated-workaround" "fts" - ) - "trusted-networks = {${1}}" - | b64enc }} - "dkim.key": {{ genPrivateKey "rsa" | b64enc }} diff --git a/stalwart-mail/templates/traefik.yaml b/stalwart-mail/templates/traefik.yaml index c6be692..1be77ef 100644 --- a/stalwart-mail/templates/traefik.yaml +++ b/stalwart-mail/templates/traefik.yaml @@ -9,10 +9,10 @@ spec: entryPoints: - {{ $entryport }} routes: - - match: HostSNI(`{{ $.Values.config.macros.host }}`) + - match: HostSNI(`{{ $.Values.traefik.host }}`) services: - name: {{ include "stalwart-mail.fullname" $ }} - port: {{ $port}} + port: {{ $port }} proxyProtocol: version: 2 tls: diff --git a/stalwart-mail/values.yaml b/stalwart-mail/values.yaml index bf9a103..142ecdf 100644 --- a/stalwart-mail/values.yaml +++ b/stalwart-mail/values.yaml @@ -21,713 +21,105 @@ imagePullSecrets: [] nameOverride: "" fullnameOverride: "" - -## -# Configuration of stalwart mail-server -# defaults taken from: https://github.com/stalwartlabs/mail-server/tree/6aeadb9cda301ec5f210d8e8390515e6292592fa/resources/config -# -# files import completed: -# - config.toml -# - common/*.toml -# - imap/*.toml -# -## config: - - - ## - # macros - ## - - # -- macros (from: config.toml) - macros: - host: "__HOST__" - default_domain: "__DOMAIN__" - default_directory: "memory" - default_store: "sqlite" - - - ## - # global - ## - - global: - shared-map: - # -- global shared-map capacity (from: common/server.toml) - capacity: 10 - # -- global shared-map shard (from: common/server.toml) - shard: 32 - - # -- global thead-pool (from: common/server.toml) - thread-pool: - - # -- global tracing (from: common/tracing.toml) - tracing: - method: "stdout" - level: "info" - - - ## - # server - ## - server: - # -- server hostname (from: common/server.toml) - hostname: "%{HOST}%" - - security: - # -- server security blocked-networks (from: common/server.toml) - blocked-networks: {} - # -- server security fail2ban (from: common/server.toml) - fail2ban: "100/1d" - - run-as: - # -- server run-as user (from: common/server.toml) - user: "stalwart-mail" - # -- server run-as group (from: common/server.toml) - group: "stalwart-mail" - - socket: - # -- server socket nodelay (from: common/server.toml) - nodelay: true - # -- server socket reuse-addr (from: common/server.toml) - reuse-addr: true - # -- server socket reuse-port (from: common/server.toml) - reuse-port: false - # -- server socket backlog (from: common/server.toml) - backlog: 1024 - # -- server socket ttl (from: common/server.toml) - ttl: 3600 - # -- server socket send-buffer-size (from: common/server.toml) - send-buffer-size: 65535 - # -- server socket recv-buffer-size (from: common/server.toml) - recv-buffer-size: 65535 - # -- server socket linger (from: common/server.toml) - linger: 1 - # -- server socket tos (from: common/server.toml) - tos: 1 - - tls: - # -- server tls enable (from: common/tls.toml) - enable: true - # -- server tls implicit (from: common/tls.toml) - implicit: false - # -- server tls timeout (from: common/tls.toml) - timeout: "1m" - # -- server tls certificate (from: common/tls.toml) - certificate: "default" - # -- server tls acme (from: common/tls.toml) - # example: "letsencrypt" - acme: - # -- server tls sni (from: common/tls.toml) - # example: [{subject: "", certificate: ""}] - sni: - # -- server tls protocols (from: common/tls.toml) - # example: ["TLSv1.2", "TLSv1.3"] - protocols: - # -- server tls #ciphers (from: common/tls.toml) - # example: [ "TLS13_AES_256_GCM_SHA384", "TLS13_AES_128_GCM_SHA256", - # "TLS13_CHACHA20_POLY1305_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", - # "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", - # "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", - # "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"] - ciphers: - # -- server tls ignore-client-order (from: common/tls.toml) - ignore-client-order: true - - # -- server listener listener: smtp: - protocol: "smtp" bind: ["[::]:25"] - smtp-submission: protocol: "smtp" + submission: bind: ["[::]:587"] - smtps: protocol: "smtp" + submissions: bind: ["[::]:465"] + protocol: "smtp" tls: implicit: true - - # -- server listener with name imap (from: imap/listener.toml) imap: bind: ["[::]:143"] protocol: "imap" - - # -- server listener with name imaps (from: imap/listener.toml) - imaps: + imaptls: bind: ["[::]:993"] protocol: "imap" tls: implicit: true - # -- server listener with name sieve (from: imap/listener.toml) sieve: bind: ["[::]:4190"] protocol: "managesieve" + + https: + protocol: "http" + bind: ["[::]:80"] tls: implicit: true - # -- jmap/listener.yaml - http: - protocol: "jmap" - bind: ["[::]:80"] - url: "https://%{HOST}%" - - - ## - # sieve - ## - - sieve: - untrusted: - # -- sieve untrusted disable-capabilities (from: common/sieve.toml) - disable-capabilities: [] - # -- sieve untrusted notification-uris (from: common/sieve.toml) - notification-uris: ["mailto"] - # -- sieve untrusted protected-headers (from: common/sieve.toml) - protected-headers: ["Original-Subject", "Original-From", "Received", "Auto-Submitted"] - - limits: - # -- sieve untrusted limit name-length (from: common/sieve.toml) - name-length: 512 - # -- sieve untrusted limit max-scripts (from: common/sieve.toml) - max-scripts: 256 - # -- sieve untrusted limit script-size (from: common/sieve.toml) - script-size: 102400 - # -- sieve untrusted limit string-length (from: common/sieve.toml) - string-length: 4096 - # -- sieve untrusted limit variable-name-length (from: common/sieve.toml) - variable-name-length: 32 - # -- sieve untrusted limit variable-size (from: common/sieve.toml) - variable-size: 4096 - # -- sieve untrusted limit nested-blocks (from: common/sieve.toml) - nested-blocks: 15 - # -- sieve untrusted limit nested-tests (from: common/sieve.toml) - nested-tests: 15 - # -- sieve untrusted limit nested-foreverypart (from: common/sieve.toml) - nested-foreverypart: 3 - # -- sieve untrusted limit match-variables (from: common/sieve.toml) - match-variables: 30 - # -- sieve untrusted limit local-variables (from: common/sieve.toml) - local-variables: 128 - # -- sieve untrusted limit header-size (from: common/sieve.toml) - header-size: 1024 - # -- sieve untrusted limit includes (from: common/sieve.toml) - includes: 3 - # -- sieve untrusted limit nested-includes (from: common/sieve.toml) - nested-includes: 3 - # -- sieve untrusted limit cpu (from: common/sieve.toml) - cpu: 5000 - # -- sieve untrusted limit redirects (from: common/sieve.toml) - redirects: 1 - # -- sieve untrusted limit received-headers (from: common/sieve.toml) - received-headers: 10 - # -- sieve untrusted limit outgoing-messages (from: common/sieve.toml) - outgoing-messages: 3 - - vacation: - # -- sieve untrusted vacation default-subject (from: common/sieve.toml) - default-subject: "Automated reply" - # -- sieve untrusted vacation subject-prefix (from: common/sieve.toml) - subject-prefix: "Auto: " - - default-expiry: - # -- sieve untrusted default-expiry vacation (from: common/sieve.toml) - vacation: "30d" - # -- sieve untrusted default-expiry duplicate (from: common/sieve.toml) - duplicate: "7d" - - trusted: - # -- sieve trusted from-name (from: common/sieve.toml) - from-name: "Automated Message" - # -- sieve trusted from-addr (from: common/sieve.toml) - from-addr: "no-reply@%{DEFAULT_DOMAIN}%" - # -- sieve trusted return-path (from: common/sieve.toml) - return-path: "" - # -- sieve trusted hostname (from: common/sieve.toml) - hostname: "%{HOST}%" - # -- sieve trusted no-capability-check (from: common/sieve.toml) - no-capability-check: true - # -- sieve trusted sign (from: common/sieve.toml) - sign: ["rsa"] - - limits: - # -- sieve trusted limits redirects (from: common/sieve.toml) - redirects: 3 - # -- sieve trusted limits out-messages (from: common/sieve.toml) - out-messages: 5 - # -- sieve trusted limits received-headers (from: common/sieve.toml) - received-headers: 50 - # -- sieve trusted limits cpu (from: common/sieve.toml) - cpu: 1048576 - # -- sieve trusted limits nested-includes (from: common/sieve.toml) - nested-includes: 5 - # -- sieve trusted limits duplicate-expiry (from: common/sieve.toml) - duplicate-expiry: "7d" - - scripts: - # -- sieve trusted scripts connect (from: common/sieve.toml) - connect: - # -- sieve trusted scripts ehlo (from: common/sieve.toml) - ehlo: - # -- sieve trusted scripts mail (from: common/sieve.toml) - mail: - - ## - # storage - ## + run-as: + # -- server run-as user + user: "stalwart-mail" + # -- server run-as group + group: "stalwart-mail" storage: - # -- storage data (from: common/store.toml) - data: "%{DEFAULT_STORE}%" - # -- storage fts (from: common/store.toml) - # BROKEN / TODO - # see: https://github.com/stalwartlabs/mail-server/issues/211 - fts: "%{DEFAULT_STORE}%" - # -- storage blob (from: common/store.toml) - blob: "%{DEFAULT_STORE}%" - # -- storage lookup (from: common/store.toml) - lookup: "%{DEFAULT_STORE}%" - # -- storage directory (from: common/store.toml) - directory: "%{DEFAULT_DIRECTORY}%" - encryption: - # -- storage encryption enable (from: common/store.toml) - enable: true - # -- storage encryption append (from: common/store.toml) - append: false - spam: - # -- storage spam header (from: common/store.toml) - header: "X-Spam-Status: Yes" - # BROKEN / TODO - # should be fts: - # see: https://github.com/stalwartlabs/mail-server/issues/211 - fts-table-duplicated-workaround: - # -- storage - fts - default-language (from: common/store.toml) - default-language: "en" - cluster: - # -- storage - cluster - node-id (from: common/store.toml) - node-id: - - - ## - # ACME - ## - - acme: - # -- acme with name letsencrypt (from: common/tls.toml) - letsencrypt: - # -- acme directory (from: common/tls.toml) - directory: "https://acme-v02.api.letsencrypt.org/directory" - # -- acme contact (from: common/tls.toml) - contact: ["postmaster@%{DEFAULT_DOMAIN}%"] - # -- acme cache (from: common/tls.toml) - cache: "/opt/stalwart-mail/etc/acme" - # -- acme port (from: common/tls.toml) - port: 443 - # -- acme renew-before (from: common/tls.toml) - renew-before: "30d" - - ## - # certificate - ## - - certificate: - # -- certificate with name default (from: common/tls.toml) - default: - # -- certificate cert (from: common/tls.toml) - cert: "file:///opt/stalwart-mail/etc/certs/tls.crt" - # -- certificate private-key (from: common/tls.toml) - private-key: "file:///opt/stalwart-mail/etc/certs/tls.key" - - - ## - # directory - ## - - directory: - - # -- directory - with name memory (from: directory/internal.yaml) - memory: - type: memory - # -- overwrite me, if not wanted - disable: false - options: - catch-all: true - subaddressing: true - principals: - - type: "admin" - description: "Superuser" - name: "admin" - secret: "changeme" - mail: - - "postmaster@%{DEFAULT_DOMAIN}%" - - - ## - # store - ## + data: "rocksdb" + fts: "rocksdb" + blob: "rocksdb" + lookup: "rocksdb" + directory: "internal" store: + rocksdb: + type: rocksdb + path: "/data" + compression: "lz4" - # -- store - with name sqlite - sqlite: - type: "sqlite" - # -- overwrite me, if not wanted - disable: false - path: "/data/index.sqlite3" - purge: - frequency: "0 3 *" - query: - name: "SELECT name, type, secret, description, quota FROM accounts WHERE name = ? AND active = true" - members: "SELECT member_of FROM group_members WHERE name = ?" - recipients: "SELECT name FROM emails WHERE address = ?" - emails: "SELECT address FROM emails WHERE name = ? AND type != 'list' ORDER BY type DESC, address ASC" - verify: "SELECT address FROM emails WHERE address LIKE '%' || ? || '%' AND type = 'primary' ORDER BY address LIMIT 5" - expand: "SELECT p.address FROM emails AS p JOIN emails AS l ON p.name = l.name WHERE p.type = 'primary' AND l.address = ? AND l.type = 'list' ORDER BY p.address LIMIT 50" - domains: "SELECT 1 FROM emails WHERE address LIKE '%@' || ? LIMIT 1" + directory: + internal: + type: "internal" + store: "rocksdb" - # -- store - with name fs - fs: - type: "fs" - # -- overwrite me, if not wanted - disable: false - path: "/data/blobs" - depth: 2 - purge: - frequency: "0 3 *" + tracer: + otel: + enable: false + type: "open-telemetry" + level: "info" + # -- grpc or http + transport: "grpc" + endpoint: "https://127.0.0.1/otel" + # -- headers for usage with http (e.g. 'Authorization: ') + headers: [] + stdout: + enable: true + type: "stdout" + level: "info" + ansi: false - - ## - # OAuth - ## - - oauth: - - # -- oauth - key - key: "__OAUTH_KEY__" - - # -- oauth - auth - auth: - max-attempts: 3 - - # -- oauth - expiry - expiry: - user-code: "30m" - auth-code: "10m" - token: "1h" - refresh-token: "30d" - refresh-token-renew: "4d" - - # -- oauth - cache - cache: - size: 128 - - - ## - # SMTP configuration (smtp/*.yaml) - ## - - - ## - # query (from: smtp/queue.yaml) - ## - - queue: - # -- queue-path - path: "/data/queue" - # -- queue-hash - hash: 64 - - # -- queue-schedule - schedule: - retry: "[2m, 5m, 10m, 15m, 30m, 1h, 2h]" - notify: "[1d, 3d]" - expire: "5d" - - # -- queue-outbound - outbound: - # hostname: "%{HOST}%" - next-hop: - - if: "is_local_domain('%{DEFAULT_DIRECTORY}%', rcpt_domain)" - then: "'local'" - - else: false - ip-strategy: "ipv4_then_ipv6" - tls: - dane: "optional" - mta-sts: "optional" - starttls: "require" - allow-invalid-certs: false - limits: - mx: 7 - multihomed: 2 - timeouts: - connect: "3m" - greeting: "3m" - tls: "2m" - ehlo: "3m" - mail-from: "3m" - rcpt-to: "3m" - data: "10m" - mta-sts: "2m" - quota: - - match: - # match: "sender_domain = 'foobar.org'" - # key: ["rcpt"] - key: - messages: 100000 - # 10gb - size: 10737418240 - throttle: - - key: ["rcpt_domain"] - # rate: "100/1h" - rate: - concurrency: 5 - - - ## - # Report (from: smtp/report.yaml) - ## - - report: - # -- report-path - path: "/data/reports" - # -- report-hash - hash: 64 - # submitter: "%{HOST}%" - - # -- report-analysis - analysis: - addresses: ["dmarc@*", "abuse@*", "postmaster@*"] - forward: true - # store: "/data/incoming" - - # -- report-dsn - dsn: - from-name: "'Mail Delivery Subsystem'" - from-address: "'MAILER-DAEMON@%{DEFAULT_DOMAIN}%'" - sign: "['rsa']" - - # -- report-dkim + auth: dkim: - from-name: "'Report Subsystem'" - from-address: "'noreply-dkim@%{DEFAULT_DOMAIN}%'" - subject: "'DKIM Authentication Failure Report'" - sign: "['rsa']" - send: "[1, 1d]" + # -- auth rule for signing with dkim + # @section -- DKIM + sign: + - if: "listener != 'smtp'" + then: "['rsa', 'ed25519']" + - else: false + # -- verify of dkim signature (relaxed, strict, disable) + # @section -- DKIM + verify: "relaxed" - # -- report-spf - spf: - from-name: "'Report Subsystem'" - from-address: "'noreply-spf@%{DEFAULT_DOMAIN}%'" - subject: "'SPF Authentication Failure Report'" - sign: "['rsa']" - send: "[1, 1d]" + authentication: + fallback-admin: + # -- username for fallback authentfication + # @section -- Authentification + user: "admin" + # -- password for fallback authentfication (use env for store in secrets of kubernetes) + # @section -- Authentification + secret: "%{env:FALLBACK_ADMIN_SECRET}%" - # -- report-dmarc - dmarc: - from-name: "'Report Subsystem'" - from-address: "'noreply-dmarc@%{DEFAULT_DOMAIN}%'" - subject: "'DMARC Authentication Failure Report'" - sign: "['rsa']" - send: "[1, 1d]" - aggregate: - from-name: "'DMARC Report'" - from-address: "'noreply-dmarc@%{DEFAULT_DOMAIN}%'" - org-name: "'%{DEFAULT_DOMAIN}%'" - # contact-info: "" - send: "daily" - # -- default: 25 mb - max-size: 26214400 - sign: "['rsa']" - - # -- report-tls - tls: - aggregate: - from-name: "'TLS Report'" - from-address: "'noreply-tls@%{DEFAULT_DOMAIN}%'" - org-name: "'%{DEFAULT_DOMAIN}%'" - # contact-info: "" - send: "daily" - # -- default: 25 mb - max-size: 26214400 - sign: "['rsa']" - - - ## - # resolver (from: smtp/resolver.yaml) - ## - - resolver: - # -- resolver-type - type: "system" - # -- resolver-preserve-intermediates - preserve-intermediates: true - # -- resolver-concurrency - concurrency: 2 - # -- resolver-timeout - timeout: "5s" - # -- resolver-attempts - attempts: 2 - # -- resolver-try-tcp-on-error - try-tcp-on-error: true - # -- resolver-public-suffix - public-suffix: - - "https://publicsuffix.org/list/public_suffix_list.dat" - - "file:///opt/stalwart-mail/etc/spamfilter/maps/suffix_list.dat.gz" - - # -- resolver-cache - cache: - txt: 2048 - mx: 1024 - ipv4: 1024 - ipv6: 1024 - ptr: 1024 - tlsa: 1024 - mta-sts: 1024 - - - ## - # signature (from: smtp/signature.yaml) - ## - - signature: - # -- signature-rsa - rsa: - # public-key: "file://opt/stalwart-mail/etc/dkim/%{DEFAULT_DOMAIN}%.cert" - private-key: "file://opt/stalwart-mail/etc/dkim/private.key" - domain: "%{DEFAULT_DOMAIN}%" - selector: "stalwart" - headers: ["From", "To", "Date", "Subject", "Message-ID"] - algorithm: "rsa-sha256" - canonicalization: "relaxed/relaxed" - # expire: "10d" - # third-party: "" - # third-party-algo: "" - # auid: "" - set-body-length: false - report: true - - - ## - # IMAP - ## - - imap: - request: - # -- imap request max-size (from: imap/settings.toml) - max-size: 52428800 - auth: - # -- imap auth max-failures(from: imap/settings.toml) - max-failures: 3 - # -- imap auth allow-plain-text (from: imap/settings.toml) - allow-plain-text: false - folders: - name: - # -- imap folders name shared (from: imap/settings.toml) - shared: "Shared Folders" - timeout: - # -- imap timeout authenticated (from: imap/settings.toml) - authenticated: "30m" - # -- imap timeout anonymous (from: imap/settings.toml) - anonymous: "1m" - # -- imap timeout idle (from: imap/settings.toml) - idle: "30m" - rate-limit: - # -- imap rate-limit requests (from: imap/settings.toml) - requests: "2000/1m" - # -- imap rate-limit concurrent (from: imap/settings.toml) - concurrent: 6 - protocol: - # -- imap protocol uidplus (from: imap/settings.toml) - uidplus: false - - - ## - # JMAP - ## - - jmap: - # -- jmap-directory (from: jmap/auth.yaml) - directory: "%{DEFAULT_DIRECTORY}%" - # -- jmap-session (from: jmap/auth.yaml) - session: - cache: - ttl: "1h" - size: 100 - purge: - frequency: "0 3 *" - - # -- jmap-protocol (from: jmap/protocol.yaml) - protocol: - get: - max-objects: 500 - set: - max-objects: 500 - request: - max-concurrent: 4 - max-size: 10000000 - max-calls: 16 - query: - max-results: 5000 - upload: - max-size: 50000000 - max-concurrent: 4 - ttl: "1h" - quota: - files: 1000 - size: 50000000 - changes: - max-results: 5000 - - # -- jmap-mailbox - mailbox: - max-depth: 10 - max-name-length: 255 - - # -- jmap-email - email: - max-attachment-size: 50000000 - max-size: 75000000 - - parse: - max-items: 10 - - # -- jmap-principal - principal: - allow-lookups: true - - # -- jmap-push (from: jmap/push.yaml) - push: - max-total: 100 - throttle: "1ms" - attempts: - interval: "1m" - max: 3 - retry: - interval: "1s" - timeout: - request: "10s" - verify: "1s" - - # -- jmap-event-source - event-source: - throttle: "1s" - - # -- jmap-rate-limit (from: jmap/ratelimit.yaml) - rate-limit: - account: "1000/1m" - authentication: "10/1m" - anonymous: "100/1m" - use-forwarded: true - cache: - size: 1024 - - # -- jmap-web-sockets (from: jmap/websocket.yaml) - web-sockets: - throttle: "1s" - timeout: "10m" - heartbeat: "1m" +secrets: + env: + # -- password for fallback authentfication (env) + # @section -- Authentification + FALLBACK_ADMIN_SECRET: supersecret serviceAccount: # Specifies whether a service account should be created @@ -743,6 +135,8 @@ serviceAccount: podAnnotations: {} podLabels: {} +env: [] + podSecurityContext: {} # fsGroup: 2000 -- 2.45.3 From 5cb8591591c0942945e7c32e7c02226597afd5b2 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 30 May 2024 16:26:40 +0200 Subject: [PATCH 002/256] fix(headscale-ui): improve networking --- headscale-ui/Chart.yaml | 2 +- headscale-ui/README.adoc | 11 ++++++++--- headscale-ui/templates/deployment.yaml | 10 +++++++++- headscale-ui/templates/ingress.yaml | 25 +++---------------------- headscale-ui/templates/service.yaml | 6 +++++- headscale-ui/values.yaml | 4 +++- publish.sh | 1 + 7 files changed, 30 insertions(+), 29 deletions(-) diff --git a/headscale-ui/Chart.yaml b/headscale-ui/Chart.yaml index 401120b..962ad45 100644 --- a/headscale-ui/Chart.yaml +++ b/headscale-ui/Chart.yaml @@ -3,7 +3,7 @@ name: headscale-ui description: A simple Headscale web UI for small-scale deployments. icon: https://raw.githubusercontent.com/gurucomputing/headscale-ui/master/static/favicon.png type: application -version: 0.1.4 +version: 0.1.5 # renovate: image=ghcr.io/gurucomputing/headscale-ui appVersion: "2024.02.24-beta1" maintainers: diff --git a/headscale-ui/README.adoc b/headscale-ui/README.adoc index fbe79ca..847af6a 100644 --- a/headscale-ui/README.adoc +++ b/headscale-ui/README.adoc @@ -2,7 +2,7 @@ = headscale-ui -image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4] +image::https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square[Version: 0.1.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2024.02.24-beta1-informational?style=flat-square[AppVersion: 2024.02.24-beta1] == Maintainers @@ -187,9 +187,14 @@ helm uninstall headscale-ui-release | `{}` | -| service.port +| service.port.http | int -| `80` +| `8080` +| + +| service.port.https +| int +| `8443` | | service.type diff --git a/headscale-ui/templates/deployment.yaml b/headscale-ui/templates/deployment.yaml index 0833241..bb2d38b 100644 --- a/headscale-ui/templates/deployment.yaml +++ b/headscale-ui/templates/deployment.yaml @@ -38,9 +38,17 @@ spec: image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} {{- end }} + env: + - name: "HTTP_PORT" + value: {{ .Values.service.port.http | quote }} + - name: "HTTPS_PORT" + value: {{ .Values.service.port.https | quote }} ports: - name: http - containerPort: {{ .Values.service.port }} + containerPort: {{ .Values.service.port.http }} + protocol: TCP + - name: https + containerPort: {{ .Values.service.port.https }} protocol: TCP livenessProbe: httpGet: diff --git a/headscale-ui/templates/ingress.yaml b/headscale-ui/templates/ingress.yaml index 885bcbf..3919fc1 100644 --- a/headscale-ui/templates/ingress.yaml +++ b/headscale-ui/templates/ingress.yaml @@ -1,18 +1,6 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "headscale-ui.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} kind: Ingress metadata: name: {{ $fullName }} @@ -23,8 +11,8 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: - {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.ingress.className }} + {{- with .Values.ingress.className }} + ingressClassName: {{ . }} {{- end }} {{- if .Values.ingress.tls }} tls: @@ -43,19 +31,12 @@ spec: paths: {{- range .paths }} - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} pathType: {{ .pathType }} - {{- end }} backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} service: name: {{ $fullName }} port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} + name: http {{- end }} {{- end }} {{- end }} diff --git a/headscale-ui/templates/service.yaml b/headscale-ui/templates/service.yaml index 7a3c136..4e5818e 100644 --- a/headscale-ui/templates/service.yaml +++ b/headscale-ui/templates/service.yaml @@ -7,9 +7,13 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.port }} + - port: {{ .Values.service.port.http }} targetPort: http protocol: TCP name: http + - port: {{ .Values.service.port.https }} + targetPort: https + protocol: TCP + name: https selector: {{- include "headscale-ui.selectorLabels" . | nindent 4 }} diff --git a/headscale-ui/values.yaml b/headscale-ui/values.yaml index 88ad28c..c0f8a23 100644 --- a/headscale-ui/values.yaml +++ b/headscale-ui/values.yaml @@ -43,7 +43,9 @@ securityContext: {} service: type: ClusterIP - port: 80 + port: + http: 8080 + https: 8443 ingress: enabled: false diff --git a/publish.sh b/publish.sh index b42943b..b94a30e 100755 --- a/publish.sh +++ b/publish.sh @@ -14,6 +14,7 @@ ct lint # || exit 1 for p in * ; do if \ [ ! -d $p ] || \ + [ "$p" == "matrix-authentication-service" ] || \ [ ! -f $p/Chart.yaml ] \ ; then continue -- 2.45.3 From b9378468f3ad940608f24fff190718359f1e1838 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 5 Jun 2024 17:40:38 +0200 Subject: [PATCH 003/256] fix(matrix-authentication-service): port mapping --- matrix-authentication-service/Chart.yaml | 2 +- matrix-authentication-service/README.adoc | 11 ++++++++--- matrix-authentication-service/templates/NOTES.txt | 2 +- .../templates/deployment.yaml | 6 ++++-- matrix-authentication-service/templates/ingress.yaml | 2 +- matrix-authentication-service/templates/service.yaml | 4 ++-- .../templates/tests/test-connection.yaml | 2 +- matrix-authentication-service/values.yaml | 4 +++- 8 files changed, 21 insertions(+), 12 deletions(-) diff --git a/matrix-authentication-service/Chart.yaml b/matrix-authentication-service/Chart.yaml index 69d3cb1..84de472 100644 --- a/matrix-authentication-service/Chart.yaml +++ b/matrix-authentication-service/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-authentication-service description: OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861) icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.0.3 +version: 0.0.4 # renovate: image=ghcr.io/matrix-org/matrix-authentication-service appVersion: "0.9.0" maintainers: diff --git a/matrix-authentication-service/README.adoc b/matrix-authentication-service/README.adoc index f341bfd..7d5742c 100644 --- a/matrix-authentication-service/README.adoc +++ b/matrix-authentication-service/README.adoc @@ -2,7 +2,7 @@ = matrix-authentication-service -image::https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square[Version: 0.0.3] +image::https://img.shields.io/badge/Version-0.0.4-informational?style=flat-square[Version: 0.0.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square[AppVersion: 0.9.0] == Maintainers @@ -612,9 +612,14 @@ helm uninstall matrix-authentication-service-release | `1000` | -| service.port +| service.port.http | int -| `80` +| `8080` +| + +| service.port.metrics +| int +| `9100` | | service.type diff --git a/matrix-authentication-service/templates/NOTES.txt b/matrix-authentication-service/templates/NOTES.txt index eb6d3bb..c536676 100644 --- a/matrix-authentication-service/templates/NOTES.txt +++ b/matrix-authentication-service/templates/NOTES.txt @@ -13,7 +13,7 @@ NOTE: It may take a few minutes for the LoadBalancer IP to be available. You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "matrix-authentication-service.fullname" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "matrix-authentication-service.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo http://$SERVICE_IP:{{ .Values.service.port }} + echo http://$SERVICE_IP:{{ .Values.service.port.http }} {{- else if contains "ClusterIP" .Values.service.type }} export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "matrix-authentication-service.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") diff --git a/matrix-authentication-service/templates/deployment.yaml b/matrix-authentication-service/templates/deployment.yaml index 7098849..20e6035 100644 --- a/matrix-authentication-service/templates/deployment.yaml +++ b/matrix-authentication-service/templates/deployment.yaml @@ -93,14 +93,16 @@ spec: value: "/etc/mas-config.yaml" ports: - name: http - containerPort: 8080 + containerPort: {{ .Values.service.port.http }} protocol: TCP - name: internal containerPort: 8081 protocol: TCP + {{- with .Values.service.port.metrics }} - name: metrics - containerPort: 9100 + containerPort: {{ . }} protocol: TCP + {{- end }} livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} readinessProbe: diff --git a/matrix-authentication-service/templates/ingress.yaml b/matrix-authentication-service/templates/ingress.yaml index f8449a6..fc4c84f 100644 --- a/matrix-authentication-service/templates/ingress.yaml +++ b/matrix-authentication-service/templates/ingress.yaml @@ -1,6 +1,6 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "matrix-authentication-service.fullname" . -}} -{{- $svcPort := .Values.service.port -}} +{{- $svcPort := .Values.service.port.http -}} {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} diff --git a/matrix-authentication-service/templates/service.yaml b/matrix-authentication-service/templates/service.yaml index fa006ca..5734b7e 100644 --- a/matrix-authentication-service/templates/service.yaml +++ b/matrix-authentication-service/templates/service.yaml @@ -11,9 +11,9 @@ spec: ports: - name: http protocol: TCP - port: {{ .Values.service.port }} + port: {{ .Values.service.port.http }} targetPort: http - {{- with .Values.config.metrics }} + {{- with .Values.service.port.metrics }} - name: metrics protocol: TCP port: {{ . }} diff --git a/matrix-authentication-service/templates/tests/test-connection.yaml b/matrix-authentication-service/templates/tests/test-connection.yaml index 97fdcb4..593372a 100644 --- a/matrix-authentication-service/templates/tests/test-connection.yaml +++ b/matrix-authentication-service/templates/tests/test-connection.yaml @@ -11,5 +11,5 @@ spec: - name: wget image: busybox command: ['wget'] - args: ['{{ include "matrix-authentication-service.fullname" . }}:{{ .Values.service.port }}'] + args: ['{{ include "matrix-authentication-service.fullname" . }}:{{ .Values.service.port.http }}'] restartPolicy: Never diff --git a/matrix-authentication-service/values.yaml b/matrix-authentication-service/values.yaml index 5e4a19c..1924585 100644 --- a/matrix-authentication-service/values.yaml +++ b/matrix-authentication-service/values.yaml @@ -146,7 +146,9 @@ securityContext: service: type: ClusterIP - port: 80 + port: + http: 8080 + metrics: 9100 ingress: enabled: false -- 2.45.3 From a64bdac6f8dd7c8bfc9000c12a86acf90c4bd01a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 6 Jun 2024 08:28:12 +0200 Subject: [PATCH 004/256] fix(forgejo-runner): update dind to v26.1.4 --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 5dce106..6fdb620 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.0 +version: 0.2.1 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.4.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 80e91f7..ca69134 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.4.1-informational?style=flat-square[AppVersion: 3.4.1] == Maintainers @@ -245,7 +245,7 @@ helm uninstall forgejo-runner-release | dind.image.tag | string -| `"26.1.3-dind"` +| `"26.1.4-dind"` | | fullnameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 6e8cd1c..79e7f99 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -141,7 +141,7 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 26.1.3-dind + tag: 26.1.4-dind kubectl: image: registry: docker.io -- 2.45.3 From 7a2be21b71e3cbb7fc8cb5593a2c17a85f1e408a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 6 Jun 2024 08:30:39 +0200 Subject: [PATCH 005/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 8726eb4..2ad5640 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.11 +version: 0.1.12 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.5.5" +appVersion: "2024.6.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 25ba98c..dd3cef2 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square[Version: 0.1.11] +image::https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square[Version: 0.1.12] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.5.5-informational?style=flat-square[AppVersion: 2024.5.5] +image::https://img.shields.io/badge/AppVersion-2024.6.0-informational?style=flat-square[AppVersion: 2024.6.0] == Maintainers .Maintainers @@ -384,7 +384,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.tag | string -| `"1.37.1"` +| `"1.38.0"` | | zigbee2mqtt.ingress.hosts diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index 04e79c1..b91d6ee 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.37.1 + tag: 1.38.0 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From 09ed04bb3c43cba85e9338035058e44fa4d6d668 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 6 Jun 2024 08:32:32 +0200 Subject: [PATCH 006/256] fix(conduit): update nginx to v1.27.0 --- conduit/Chart.yaml | 2 +- conduit/README.adoc | 4 ++-- conduit/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index be63ad8..e8ab2ff 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,7 +3,7 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 0.3.1 +version: 0.3.2 # renovate: image=registry.gitlab.com/famedly/conduit/matrix-conduit appVersion: "0.7.0" maintainers: diff --git a/conduit/README.adoc b/conduit/README.adoc index 6a29bf8..50aa9cf 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,7 +2,7 @@ = conduit -image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] +image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] == Maintainers @@ -349,7 +349,7 @@ helm uninstall conduit-release | wellknown.image.tag | string -| `"1.26"` +| `"1.27.0"` | | wellknown.nodeSelector diff --git a/conduit/values.yaml b/conduit/values.yaml index 0df5ba0..f78092a 100644 --- a/conduit/values.yaml +++ b/conduit/values.yaml @@ -48,7 +48,7 @@ wellknown: registry: docker.io repository: library/nginx pullPolicy: IfNotPresent - tag: "1.26" + tag: "1.27.0" replicaCount: 1 podLabels: {} -- 2.45.3 From 836988f41c2db0ffc6eae358f259bd69adb87ad5 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 6 Jun 2024 08:32:35 +0200 Subject: [PATCH 007/256] fix(matrix-synapse): update nginx to v1.27.0 --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 4 ++-- matrix-synapse/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index e00466f..31d8e4b 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.3 +version: 0.2.4 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.101.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index b13b6f5..9cedc13 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] +image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.101.0-informational?style=flat-square[AppVersion: 1.101.0] == Maintainers @@ -624,7 +624,7 @@ helm uninstall matrix-synapse-release | wellknown.image.tag | string -| `"1.26.0"` +| `"1.27.0"` | | wellknown.nodeSelector diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index e5fc575..e1c9b2b 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -613,7 +613,7 @@ wellknown: image: registry: docker.io repository: library/nginx - tag: 1.26.0 + tag: 1.27.0 pullPolicy: IfNotPresent replicaCount: 1 -- 2.45.3 From c165d1413e1290e03163e264eb2326a964051910 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 10 Jun 2024 01:01:41 +0200 Subject: [PATCH 008/256] fix(home-assistant): update AppVersion to v2024.6.1 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 2ad5640..d3de3c8 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.12 +version: 0.1.13 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.6.0" +appVersion: "2024.6.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index dd3cef2..b5a91b6 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square[Version: 0.1.12] +image::https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square[Version: 0.1.13] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.6.0-informational?style=flat-square[AppVersion: 2024.6.0] +image::https://img.shields.io/badge/AppVersion-2024.6.1-informational?style=flat-square[AppVersion: 2024.6.1] == Maintainers .Maintainers -- 2.45.3 From 0f16270e772612d9168b3b76e23a03041ec055fd Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 10 Jun 2024 01:02:34 +0200 Subject: [PATCH 009/256] fix(forgejo-runner): update AppVersion to v3.5.0 --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- publish.sh | 1 - 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 6fdb620..b212194 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.1 +version: 0.2.2 # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "3.4.1" +appVersion: "3.5.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index ca69134..739b89e 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,9 +2,9 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] +image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-3.4.1-informational?style=flat-square[AppVersion: 3.4.1] +image::https://img.shields.io/badge/AppVersion-3.5.0-informational?style=flat-square[AppVersion: 3.5.0] == Maintainers .Maintainers diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 79e7f99..0bf657b 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -89,7 +89,7 @@ runner: # The URL should generally end with "/". # @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) external_server: "" - + container: # -- Specifies the network to which the container will connect. # Could be host, bridge or the name of a custom network. diff --git a/publish.sh b/publish.sh index b94a30e..b42943b 100755 --- a/publish.sh +++ b/publish.sh @@ -14,7 +14,6 @@ ct lint # || exit 1 for p in * ; do if \ [ ! -d $p ] || \ - [ "$p" == "matrix-authentication-service" ] || \ [ ! -f $p/Chart.yaml ] \ ; then continue -- 2.45.3 From e4ecf55fc1b82e40a6cc2e914ce797083cc9efba Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 10 Jun 2024 22:57:39 +0200 Subject: [PATCH 010/256] fix(jellyfin): update AppVersion to v10.9.6 --- jellyfin/Chart.yaml | 6 ++--- jellyfin/README.adoc | 23 +++++++++++++++---- jellyfin/templates/deployment.yaml | 6 +++-- jellyfin/templates/tests/test-connection.yaml | 15 ------------ jellyfin/values.yaml | 14 +++++++---- 5 files changed, 35 insertions(+), 29 deletions(-) delete mode 100644 jellyfin/templates/tests/test-connection.yaml diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index ae1efc9..2eb6069 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.1.6 -# renovate: image=docker.io/jellyfin/jellyfin -appVersion: "10.8.13-1" +version: 0.1.7 +# renovate: image=ghcr.io/jellyfin/jellyfin +appVersion: "10.9.6" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index 746f467..75b9c04 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.1.6-informational?style=flat-square[Version: 0.1.6] +image::https://img.shields.io/badge/Version-0.1.7-informational?style=flat-square[Version: 0.1.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.8.13-1-informational?style=flat-square[AppVersion: 10.8.13-1] +image::https://img.shields.io/badge/AppVersion-10.9.6-informational?style=flat-square[AppVersion: 10.9.6] == Maintainers .Maintainers @@ -77,20 +77,35 @@ helm uninstall jellyfin-release | `""` | +| global.image.pullPolicy +| string +| `nil` +| if set it will overwrite all pullPolicy + +| global.image.registry +| string +| `nil` +| if set it will overwrite all registry entries + | image.pullPolicy | string | `"IfNotPresent"` | +| image.registry +| string +| `"ghcr.io"` +| + | image.repository | string -| `"docker.io/jellyfin/jellyfin"` +| `"jellyfin/jellyfin"` | | image.tag | string | `""` -| +| Overrides the image tag whose default is the chart appVersion. | imagePullSecrets | list diff --git a/jellyfin/templates/deployment.yaml b/jellyfin/templates/deployment.yaml index f1585f0..348c8fe 100644 --- a/jellyfin/templates/deployment.yaml +++ b/jellyfin/templates/deployment.yaml @@ -36,8 +36,10 @@ spec: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.image}} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} ports: - name: http containerPort: {{ .Values.service.port }} diff --git a/jellyfin/templates/tests/test-connection.yaml b/jellyfin/templates/tests/test-connection.yaml deleted file mode 100644 index 98fb0ee..0000000 --- a/jellyfin/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "jellyfin.fullname" . }}-test-connection" - labels: - {{- include "jellyfin.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "jellyfin.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/jellyfin/values.yaml b/jellyfin/values.yaml index a2e87ab..e714d7e 100644 --- a/jellyfin/values.yaml +++ b/jellyfin/values.yaml @@ -1,13 +1,17 @@ -# Default values for jellyfin. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. +global: + image: + # -- if set it will overwrite all registry entries + registry: + # -- if set it will overwrite all pullPolicy + pullPolicy: replicaCount: 1 image: - repository: docker.io/jellyfin/jellyfin + registry: ghcr.io + repository: jellyfin/jellyfin pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. + # -- Overrides the image tag whose default is the chart appVersion. tag: "" imagePullSecrets: [] -- 2.45.3 From d44afc59a845a1872769e80bc606856618e64bd2 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 11 Jun 2024 14:09:01 +0200 Subject: [PATCH 011/256] fix(stalwart-mail): add pop3 --- stalwart-mail/Chart.yaml | 2 +- stalwart-mail/README.adoc | 74 ++++++++++++++++++++++++++++++--------- stalwart-mail/values.yaml | 31 +++++++++------- 3 files changed, 76 insertions(+), 31 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index bc012c9..02ee721 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,7 +3,7 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.5 +version: 0.0.6 # renovate: image=docker.io/stalwartlabs/mail-server appVersion: "0.8.1" maintainers: diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index 446c7f7..ae49b67 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,7 +2,7 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square[Version: 0.0.5] +image::https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square[Version: 0.0.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.1-informational?style=flat-square[AppVersion: 0.8.1] == Maintainers @@ -161,7 +161,7 @@ helm uninstall stalwart-mail-release | config.server.listener.https.bind[0] | string -| `"[::]:80"` +| `"[::]:443"` | | config.server.listener.https.protocol @@ -199,6 +199,31 @@ helm uninstall stalwart-mail-release | `true` | +| config.server.listener.pop3.bind[0] +| string +| `"[::]:110"` +| + +| config.server.listener.pop3.protocol +| string +| `"pop3"` +| + +| config.server.listener.pop3s.bind[0] +| string +| `"[::]:995"` +| + +| config.server.listener.pop3s.protocol +| string +| `"pop3"` +| + +| config.server.listener.pop3s.tls.implicit +| bool +| `true` +| + | config.server.listener.sieve.bind[0] | string | `"[::]:4190"` @@ -244,16 +269,6 @@ helm uninstall stalwart-mail-release | `true` | -| config.server.run-as.group -| string -| `"stalwart-mail"` -| server run-as group - -| config.server.run-as.user -| string -| `"stalwart-mail"` -| server run-as user - | config.storage.blob | string | `"rocksdb"` @@ -514,9 +529,9 @@ helm uninstall stalwart-mail-release | `"SingleStack"` | other option is RequireDualStack -| service.ports.http +| service.ports.https | int -| `80` +| `443` | | service.ports.imap @@ -524,11 +539,21 @@ helm uninstall stalwart-mail-release | `143` | -| service.ports.imaps +| service.ports.imaptls | int | `993` | +| service.ports.pop3 +| int +| `110` +| + +| service.ports.pop3s +| int +| `995` +| + | service.ports.sieve | int | `4190` @@ -584,16 +609,31 @@ helm uninstall stalwart-mail-release | `false` | -| traefik.ports.http +| traefik.ports.https | string | `"websecure"` | -| traefik.ports.imaps +| traefik.ports.imaptls | string | `"imaps"` | +| traefik.ports.pop3s +| string +| `"pop3s"` +| + +| traefik.ports.sieve +| string +| `"sieve"` +| + +| traefik.ports.smtp +| string +| `"smtp"` +| + | traefik.ports.smtps | string | `"smtps"` diff --git a/stalwart-mail/values.yaml b/stalwart-mail/values.yaml index 142ecdf..8ca9aef 100644 --- a/stalwart-mail/values.yaml +++ b/stalwart-mail/values.yaml @@ -43,23 +43,23 @@ config: protocol: "imap" tls: implicit: true - + pop3: + bind: ["[::]:110"] + protocol: "pop3" + pop3s: + bind: ["[::]:995"] + protocol: "pop3" + tls: + implicit: true sieve: bind: ["[::]:4190"] protocol: "managesieve" - https: protocol: "http" - bind: ["[::]:80"] + bind: ["[::]:443"] tls: implicit: true - run-as: - # -- server run-as user - user: "stalwart-mail" - # -- server run-as group - group: "stalwart-mail" - storage: data: "rocksdb" fts: "rocksdb" @@ -159,9 +159,11 @@ service: smtp-submission: 587 smtps: 465 imap: 143 - imaps: 993 + imaptls: 993 + pop3: 110 + pop3s: 995 sieve: 4190 - http: 80 + https: 443 ingress: enabled: false @@ -182,9 +184,12 @@ ingress: traefik: enabled: false ports: - http: websecure - imaps: imaps + smtp: smtp smtps: smtps + imaptls: imaps + pop3s: pop3s + sieve: sieve + https: websecure certificate: # -- not needed if certmanager is used -- 2.45.3 From f57d6d587add908653b43153cc3e0bb5a4c02979 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 11 Jun 2024 14:24:00 +0200 Subject: [PATCH 012/256] fix(stalwart-mail): improve traefik ports --- stalwart-mail/Chart.yaml | 2 +- stalwart-mail/README.adoc | 99 ++++++++++++++++++++++++++-- stalwart-mail/templates/traefik.yaml | 10 ++- stalwart-mail/values.yaml | 35 ++++++++-- 4 files changed, 129 insertions(+), 17 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 02ee721..672d7eb 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,7 +3,7 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.6 +version: 0.0.7 # renovate: image=docker.io/stalwartlabs/mail-server appVersion: "0.8.1" maintainers: diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index ae49b67..f05a3db 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,7 +2,7 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square[Version: 0.0.6] +image::https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square[Version: 0.0.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.1-informational?style=flat-square[AppVersion: 0.8.1] == Maintainers @@ -609,36 +609,121 @@ helm uninstall stalwart-mail-release | `false` | -| traefik.ports.https +| traefik.ports.https.entrypoint | string | `"websecure"` | -| traefik.ports.imaptls +| traefik.ports.https.match +| string +| `nil` +| + +| traefik.ports.https.passthroughTLS +| bool +| `true` +| + +| traefik.ports.https.proxyProtocol +| bool +| `true` +| + +| traefik.ports.imaptls.entrypoint | string | `"imaps"` | -| traefik.ports.pop3s +| traefik.ports.imaptls.match +| string +| `nil` +| + +| traefik.ports.imaptls.passthroughTLS +| bool +| `true` +| + +| traefik.ports.imaptls.proxyProtocol +| bool +| `true` +| + +| traefik.ports.pop3s.entrypoint | string | `"pop3s"` | -| traefik.ports.sieve +| traefik.ports.pop3s.match +| string +| `nil` +| + +| traefik.ports.pop3s.passthroughTLS +| bool +| `true` +| + +| traefik.ports.pop3s.proxyProtocol +| bool +| `true` +| + +| traefik.ports.sieve.entrypoint | string | `"sieve"` | -| traefik.ports.smtp +| traefik.ports.sieve.match +| string +| `nil` +| + +| traefik.ports.sieve.passthroughTLS +| bool +| `true` +| + +| traefik.ports.sieve.proxyProtocol +| bool +| `true` +| + +| traefik.ports.smtp.entrypoint | string | `"smtp"` | -| traefik.ports.smtps +| traefik.ports.smtp.match +| string +| `nil` +| + +| traefik.ports.smtp.proxyProtocol +| bool +| `true` +| + +| traefik.ports.smtps.entrypoint | string | `"smtps"` | +| traefik.ports.smtps.match +| string +| `nil` +| + +| traefik.ports.smtps.passthroughTLS +| bool +| `true` +| + +| traefik.ports.smtps.proxyProtocol +| bool +| `true` +| + | volumeMounts | list | `[]` diff --git a/stalwart-mail/templates/traefik.yaml b/stalwart-mail/templates/traefik.yaml index 1be77ef..3f682f0 100644 --- a/stalwart-mail/templates/traefik.yaml +++ b/stalwart-mail/templates/traefik.yaml @@ -1,5 +1,5 @@ {{- if .Values.traefik.enabled }} -{{- range $port,$entryport := .Values.traefik.ports }} +{{- range $port,$config := .Values.traefik.ports }} --- apiVersion: traefik.io/v1alpha1 kind: IngressRouteTCP @@ -7,15 +7,19 @@ metadata: name: {{ include "stalwart-mail.fullname" $ }}-{{ $port }} spec: entryPoints: - - {{ $entryport }} + - {{ $config.entrypoint }} routes: - - match: HostSNI(`{{ $.Values.traefik.host }}`) + - match: {{ $config.match | default (printf "HostSNI(`%s`)" $.Values.traefik.host) | quote }} services: - name: {{ include "stalwart-mail.fullname" $ }} port: {{ $port }} + {{- if $config.proxyProtocol }} proxyProtocol: version: 2 + {{- end }} + {{- if $config.passthroughTLS }} tls: passthrough: true + {{- end }} {{- end }} {{- end }}{{/* end-if .enabled */}} diff --git a/stalwart-mail/values.yaml b/stalwart-mail/values.yaml index 8ca9aef..bfa2338 100644 --- a/stalwart-mail/values.yaml +++ b/stalwart-mail/values.yaml @@ -184,12 +184,35 @@ ingress: traefik: enabled: false ports: - smtp: smtp - smtps: smtps - imaptls: imaps - pop3s: pop3s - sieve: sieve - https: websecure + smtp: + match: + entrypoint: smtp + proxyProtocol: true + smtps: + match: + entrypoint: smtps + proxyProtocol: true + passthroughTLS: true + imaptls: + match: + entrypoint: imaps + proxyProtocol: true + passthroughTLS: true + pop3s: + match: + entrypoint: pop3s + proxyProtocol: true + passthroughTLS: true + sieve: + match: + entrypoint: sieve + proxyProtocol: true + passthroughTLS: true + https: + match: + entrypoint: websecure + proxyProtocol: true + passthroughTLS: true certificate: # -- not needed if certmanager is used -- 2.45.3 From 451d130f6bc7b13b33429e850290b2b03d56df65 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 11 Jun 2024 14:38:25 +0200 Subject: [PATCH 013/256] fix(stalwart-mail): ports cleanup --- stalwart-mail/Chart.yaml | 2 +- stalwart-mail/README.adoc | 14 +++++++------- stalwart-mail/values.yaml | 6 +++--- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 672d7eb..0fb075d 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,7 +3,7 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.7 +version: 0.0.8 # renovate: image=docker.io/stalwartlabs/mail-server appVersion: "0.8.1" maintainers: diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index f05a3db..e698f30 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,7 +2,7 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square[Version: 0.0.7] +image::https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square[Version: 0.0.8] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.1-informational?style=flat-square[AppVersion: 0.8.1] == Maintainers @@ -564,12 +564,12 @@ helm uninstall stalwart-mail-release | `25` | -| service.ports.smtp-submission +| service.ports.submission | int | `587` | -| service.ports.smtps +| service.ports.submissions | int | `465` | @@ -704,22 +704,22 @@ helm uninstall stalwart-mail-release | `true` | -| traefik.ports.smtps.entrypoint +| traefik.ports.submissions.entrypoint | string | `"smtps"` | -| traefik.ports.smtps.match +| traefik.ports.submissions.match | string | `nil` | -| traefik.ports.smtps.passthroughTLS +| traefik.ports.submissions.passthroughTLS | bool | `true` | -| traefik.ports.smtps.proxyProtocol +| traefik.ports.submissions.proxyProtocol | bool | `true` | diff --git a/stalwart-mail/values.yaml b/stalwart-mail/values.yaml index bfa2338..0259502 100644 --- a/stalwart-mail/values.yaml +++ b/stalwart-mail/values.yaml @@ -156,8 +156,8 @@ service: annotations: {} ports: smtp: 25 - smtp-submission: 587 - smtps: 465 + submission: 587 + submissions: 465 imap: 143 imaptls: 993 pop3: 110 @@ -188,7 +188,7 @@ traefik: match: entrypoint: smtp proxyProtocol: true - smtps: + submissions: match: entrypoint: smtps proxyProtocol: true -- 2.45.3 From 7e3786c91bcb0f62c9034fbfd28ba79a4baf6b24 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 11 Jun 2024 15:35:53 +0200 Subject: [PATCH 014/256] fix(stalwart-mail): validate traefik port --- stalwart-mail/Chart.yaml | 2 +- stalwart-mail/README.adoc | 2 +- stalwart-mail/templates/traefik.yaml | 6 ++++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 0fb075d..dc25225 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,7 +3,7 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.8 +version: 0.0.9 # renovate: image=docker.io/stalwartlabs/mail-server appVersion: "0.8.1" maintainers: diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index e698f30..399ec1c 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,7 +2,7 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square[Version: 0.0.8] +image::https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square[Version: 0.0.9] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.1-informational?style=flat-square[AppVersion: 0.8.1] == Maintainers diff --git a/stalwart-mail/templates/traefik.yaml b/stalwart-mail/templates/traefik.yaml index 3f682f0..ff32b51 100644 --- a/stalwart-mail/templates/traefik.yaml +++ b/stalwart-mail/templates/traefik.yaml @@ -1,5 +1,6 @@ {{- if .Values.traefik.enabled }} {{- range $port,$config := .Values.traefik.ports }} +{{- if $config }} --- apiVersion: traefik.io/v1alpha1 kind: IngressRouteTCP @@ -7,7 +8,7 @@ metadata: name: {{ include "stalwart-mail.fullname" $ }}-{{ $port }} spec: entryPoints: - - {{ $config.entrypoint }} + - {{ required (printf "traefik.ports.%s.entrypoint is required" $port) $config.entrypoint }} routes: - match: {{ $config.match | default (printf "HostSNI(`%s`)" $.Values.traefik.host) | quote }} services: @@ -21,5 +22,6 @@ spec: tls: passthrough: true {{- end }} -{{- end }} +{{- end }}{{/* if config exists*/}} +{{- end }}{{/* end-range */}} {{- end }}{{/* end-if .enabled */}} -- 2.45.3 From b499dc1f18097cc16d99836e9487eadbb4d58002 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 11 Jun 2024 16:26:46 +0200 Subject: [PATCH 015/256] fix(stalwart-mail): add chart-testing values for traefik --- stalwart-mail/Chart.yaml | 2 +- stalwart-mail/README.adoc | 2 +- stalwart-mail/ci/ct-empty-values.yaml | 1 + stalwart-mail/ci/ct-traefik-values.yaml | 71 +++++++++++++++++++++++++ 4 files changed, 74 insertions(+), 2 deletions(-) create mode 100644 stalwart-mail/ci/ct-empty-values.yaml create mode 100644 stalwart-mail/ci/ct-traefik-values.yaml diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index dc25225..41ddf09 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,7 +3,7 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.9 +version: 0.0.10 # renovate: image=docker.io/stalwartlabs/mail-server appVersion: "0.8.1" maintainers: diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index 399ec1c..ac015d4 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,7 +2,7 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square[Version: 0.0.9] +image::https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square[Version: 0.0.10] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.1-informational?style=flat-square[AppVersion: 0.8.1] == Maintainers diff --git a/stalwart-mail/ci/ct-empty-values.yaml b/stalwart-mail/ci/ct-empty-values.yaml new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/stalwart-mail/ci/ct-empty-values.yaml @@ -0,0 +1 @@ + diff --git a/stalwart-mail/ci/ct-traefik-values.yaml b/stalwart-mail/ci/ct-traefik-values.yaml new file mode 100644 index 0000000..4a5b430 --- /dev/null +++ b/stalwart-mail/ci/ct-traefik-values.yaml @@ -0,0 +1,71 @@ +config: + lookup: + default: + hostname: mail.example.org + + server: + listener: + smtp: + proxy: + trusted-networks: ["10.0.0.0/8"] + submission: + submissions: + proxy: + trusted-networks: ["10.0.0.0/8"] + + imap: + imaptls: + proxy: + trusted-networks: ["10.0.0.0/8"] + + pop3: + pop3s: + proxy: + trusted-networks: ["10.0.0.0/8"] + + sieve: + proxy: + trusted-networks: ["10.0.0.0/8"] + + # without proxy and tls for ingress (well-known) + http: + protocol: "http" + bind: ["[::]:8080"] + + https: + url: "https://mail.example.org" + proxy: + trusted-networks: ["10.0.0.0/8"] + +service: + ports: + submission: + imap: + pop3: + http: 8080 + +traefik: + enabled: true + host: mail.example.org + ports: + submission: + imap: + pop3: + # not exists + blub: + +ingress: + enabled: true + hosts: + - host: "example.org" + paths: + - path: /.well-known/jmap + pathType: Prefix + - path: /.well-known/mta-sts.txt + pathType: Exact + - path: /.well-known/mail-v1.xml + pathType: Exact + - path: /.well-known/autoconfig + pathType: Prefix + - path: /autodiscover + pathType: Prefix -- 2.45.3 From 878c265a27feddfe0dc04676129a1297dc2866f4 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 15 Jun 2024 09:03:22 +0200 Subject: [PATCH 016/256] fix(conduit): update AppVersion v0.8.0 --- conduit/Chart.yaml | 4 ++-- conduit/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index e8ab2ff..a9ffe33 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,9 +3,9 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 0.3.2 +version: 0.3.3 # renovate: image=registry.gitlab.com/famedly/conduit/matrix-conduit -appVersion: "0.7.0" +appVersion: "0.8.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/conduit/README.adoc b/conduit/README.adoc index 50aa9cf..bc9e3a1 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,9 +2,9 @@ = conduit -image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] +image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] +image::https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square[AppVersion: 0.8.0] == Maintainers .Maintainers -- 2.45.3 From febc503b39b1faae827c667931000903d9f08b24 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 15 Jun 2024 09:04:22 +0200 Subject: [PATCH 017/256] fix(home-assistant): update AppVersion v2024.6.2 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index d3de3c8..9d4c571 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.13 +version: 0.1.14 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.6.1" +appVersion: "2024.6.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index b5a91b6..7bde386 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square[Version: 0.1.13] +image::https://img.shields.io/badge/Version-0.1.14-informational?style=flat-square[Version: 0.1.14] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.6.1-informational?style=flat-square[AppVersion: 2024.6.1] +image::https://img.shields.io/badge/AppVersion-2024.6.2-informational?style=flat-square[AppVersion: 2024.6.2] == Maintainers .Maintainers -- 2.45.3 From cf979a2de22239effc74ac0ca740848621096578 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 15 Jun 2024 09:05:18 +0200 Subject: [PATCH 018/256] fix(forgejo-runner): update kubectl v1.30.2 --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index b212194..c61ac4b 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.2 +version: 0.2.3 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.0" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 739b89e..a784ab5 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] +image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.0-informational?style=flat-square[AppVersion: 3.5.0] == Maintainers @@ -295,7 +295,7 @@ helm uninstall forgejo-runner-release | kubectl.image.tag | string -| `"1.30.1"` +| `"1.30.2"` | | nameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 0bf657b..69fdea3 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -147,7 +147,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.30.1 + tag: 1.30.2 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From 1193c85888e19976663f9c23883ab223f091fc70 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 18 Jun 2024 15:46:03 +0200 Subject: [PATCH 019/256] fix(home-assistant): update AppVersion v2024.6.3 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 9d4c571..0225e72 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.14 +version: 0.1.15 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.6.2" +appVersion: "2024.6.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 7bde386..f03026a 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.14-informational?style=flat-square[Version: 0.1.14] +image::https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square[Version: 0.1.15] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.6.2-informational?style=flat-square[AppVersion: 2024.6.2] +image::https://img.shields.io/badge/AppVersion-2024.6.3-informational?style=flat-square[AppVersion: 2024.6.3] == Maintainers .Maintainers -- 2.45.3 From 6aff3bea943197feca15547705c1e9772d803479 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 18 Jun 2024 15:47:51 +0200 Subject: [PATCH 020/256] fix(gotosocial): update AppVersion v0.16.0 --- gotosocial/Chart.yaml | 4 ++-- gotosocial/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index 7c63615..d9d1408 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,9 +3,9 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.1.8 +version: 0.1.9 # renovate: image=docker.io/superseriousbusiness/gotosocial -appVersion: "0.15.0" +appVersion: "0.16.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index 4d482c4..884dc79 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,9 +2,9 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square[Version: 0.1.8] +image::https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square[Version: 0.1.9] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.15.0-informational?style=flat-square[AppVersion: 0.15.0] +image::https://img.shields.io/badge/AppVersion-0.16.0-informational?style=flat-square[AppVersion: 0.16.0] == Maintainers .Maintainers -- 2.45.3 From e6d707b55321747f26df6db4daa45df00bfdcbd9 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 18 Jun 2024 15:48:23 +0200 Subject: [PATCH 021/256] fix(mautrix-signal): update AppVersion v0.6.2 --- mautrix-signal/Chart.yaml | 4 ++-- mautrix-signal/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index 8b2f721..3d11419 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.4 +version: 0.0.5 # renovate: image=dock.mau.dev/mautrix/signal -appVersion: "0.6.1" +appVersion: "0.6.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index ba5f229..60914e2 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,9 +2,9 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.4-informational?style=flat-square[Version: 0.0.4] +image::https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square[Version: 0.0.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.1-informational?style=flat-square[AppVersion: 0.6.1] +image::https://img.shields.io/badge/AppVersion-0.6.2-informational?style=flat-square[AppVersion: 0.6.2] == Maintainers .Maintainers -- 2.45.3 From 06a52ef3af06f3f7dc5adf3877adfa856743520c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 24 Jun 2024 10:00:21 +0200 Subject: [PATCH 022/256] fix(headscale): bootstrap with config --- headscale/Chart.yaml | 2 +- headscale/README.adoc | 2 +- headscale/templates/secret.yaml | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/headscale/Chart.yaml b/headscale/Chart.yaml index 62af4b1..5878996 100644 --- a/headscale/Chart.yaml +++ b/headscale/Chart.yaml @@ -3,7 +3,7 @@ name: headscale description: An open source, self-hosted implementation of the Tailscale control server. icon: https://raw.githubusercontent.com/juanfont/headscale/56a7b1e34952c3e0306a134b2be9b4277f5d8d6e/docs/logo/headscale3-dots.svg type: application -version: 0.3.3 +version: 0.3.4 # renovate: image=docker.io/headscale/headscale appVersion: "0.22.3" maintainers: diff --git a/headscale/README.adoc b/headscale/README.adoc index 045126e..bda3a3f 100644 --- a/headscale/README.adoc +++ b/headscale/README.adoc @@ -2,7 +2,7 @@ = headscale -image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] +image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.22.3-informational?style=flat-square[AppVersion: 0.22.3] == Maintainers diff --git a/headscale/templates/secret.yaml b/headscale/templates/secret.yaml index 649ccc8..5963e2c 100644 --- a/headscale/templates/secret.yaml +++ b/headscale/templates/secret.yaml @@ -4,6 +4,7 @@ kind: Secret metadata: name: {{ include "headscale.fullname" . }} annotations: + "helm.sh/hook": "pre-install" config-hash: {{ toYaml .Values.headscale.config | sha256sum | trunc 32 }} type: Opaque stringData: -- 2.45.3 From 2fffc961e857280f369e8942719dde699c163206 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 24 Jun 2024 10:01:06 +0200 Subject: [PATCH 023/256] fix(home-assistant): update AppVersion v2024.6.4 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 0225e72..1782fe7 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.15 +version: 0.1.16 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.6.3" +appVersion: "2024.6.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index f03026a..f44adb5 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square[Version: 0.1.15] +image::https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square[Version: 0.1.16] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.6.3-informational?style=flat-square[AppVersion: 2024.6.3] +image::https://img.shields.io/badge/AppVersion-2024.6.4-informational?style=flat-square[AppVersion: 2024.6.4] == Maintainers .Maintainers -- 2.45.3 From c0b864be6fd51bbb1ff802072e3748f556996185 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 24 Jun 2024 10:02:42 +0200 Subject: [PATCH 024/256] fix(matrix-synapse): update alpine v3.20.1 --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 4 ++-- matrix-synapse/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 31d8e4b..c3a0aca 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.4 +version: 0.2.5 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.101.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 9cedc13..718d700 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] +image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.101.0-informational?style=flat-square[AppVersion: 1.101.0] == Maintainers @@ -569,7 +569,7 @@ helm uninstall matrix-synapse-release | volumePermissions.image.tag | string -| `"3.20.0"` +| `"3.20.1"` | | volumePermissions.resources diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index e1c9b2b..278f3fe 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -790,7 +790,7 @@ volumePermissions: image: registry: docker.io repository: library/alpine - tag: 3.20.0 + tag: 3.20.1 pullPolicy: Always ## Optionally specify an array of imagePullSecrets. -- 2.45.3 From 2efaee8c2c913f2499247f974469d531c4090294 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 25 Jun 2024 08:10:15 +0200 Subject: [PATCH 025/256] fix(jellyfin): update AppVersion v10.9.7 --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index 2eb6069..8350064 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.1.7 +version: 0.1.8 # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.9.6" +appVersion: "10.9.7" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index 75b9c04..a3e910a 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.1.7-informational?style=flat-square[Version: 0.1.7] +image::https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square[Version: 0.1.8] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.9.6-informational?style=flat-square[AppVersion: 10.9.6] +image::https://img.shields.io/badge/AppVersion-10.9.7-informational?style=flat-square[AppVersion: 10.9.7] == Maintainers .Maintainers -- 2.45.3 From d03a21ee11fd2f49124d494a721dee2d0a6995e9 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 29 Jun 2024 12:42:46 +0200 Subject: [PATCH 026/256] fix(jellyfin): add monitoring --- jellyfin/Chart.yaml | 2 +- jellyfin/README.adoc | 42 +- jellyfin/files/config-patch.sh.gotmpl | 2 + jellyfin/grafana_dashboards/my.json | 585 ++++++++++++++++++ jellyfin/templates/configmap.yaml | 11 + .../configmap_grafana_dashboards.yaml | 14 + jellyfin/templates/deployment.yaml | 29 +- jellyfin/templates/servicemonitor.yaml | 19 + jellyfin/values.yaml | 22 + 9 files changed, 723 insertions(+), 3 deletions(-) create mode 100644 jellyfin/files/config-patch.sh.gotmpl create mode 100644 jellyfin/grafana_dashboards/my.json create mode 100644 jellyfin/templates/configmap.yaml create mode 100644 jellyfin/templates/configmap_grafana_dashboards.yaml create mode 100644 jellyfin/templates/servicemonitor.yaml diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index 8350064..74c0c55 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,7 +3,7 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.1.8 +version: 0.2.0 # renovate: image=ghcr.io/jellyfin/jellyfin appVersion: "10.9.7" maintainers: diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index a3e910a..e6d96cf 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,7 +2,7 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square[Version: 0.1.8] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-10.9.7-informational?style=flat-square[AppVersion: 10.9.7] == Maintainers @@ -72,6 +72,21 @@ helm uninstall jellyfin-release | `80` | +| config.enabled +| bool +| `false` +| + +| config.image +| object +| `{"pullPolicy":"IfNotPresent","registry":"ghcr.io","repository":"tomwright/dasel","tag":"2.8.0"}` +| image to patch config + +| config.metrics +| bool +| `false` +| + | fullnameOverride | string | `""` @@ -87,6 +102,21 @@ helm uninstall jellyfin-release | `nil` | if set it will overwrite all registry entries +| grafana.dashboards.annotations +| object +| `{}` +| + +| grafana.dashboards.enabled +| bool +| `false` +| + +| grafana.dashboards.labels.grafana_dashboard +| string +| `"1"` +| + | image.pullPolicy | string | `"IfNotPresent"` @@ -217,6 +247,16 @@ helm uninstall jellyfin-release | `{}` | +| prometheus.servicemonitor.enabled +| bool +| `false` +| + +| prometheus.servicemonitor.labels +| object +| `{}` +| + | replicaCount | int | `1` diff --git a/jellyfin/files/config-patch.sh.gotmpl b/jellyfin/files/config-patch.sh.gotmpl new file mode 100644 index 0000000..ceff831 --- /dev/null +++ b/jellyfin/files/config-patch.sh.gotmpl @@ -0,0 +1,2 @@ +#!/bin/sh +dasel -f /config/config/system.xml put ServerConfiguration.EnableMetrics -t bool -v {{ .Values.config.metrics | quote}} diff --git a/jellyfin/grafana_dashboards/my.json b/jellyfin/grafana_dashboards/my.json new file mode 100644 index 0000000..307664d --- /dev/null +++ b/jellyfin/grafana_dashboards/my.json @@ -0,0 +1,585 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "datasource", + "uid": "grafana" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "links": [], + "liveNow": false, + "panels": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "bytes" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "maxHeight": 600, + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "sum(dotnet_total_memory_bytes{container=\"jellyfin\"}) without (endpoint,instance,pod)", + "interval": "", + "legendFormat": "Dotnet total memory", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "sum(process_private_memory_bytes{container=\"jellyfin\"}) without (endpoint,instance,pod)", + "hide": false, + "interval": "", + "legendFormat": "Process private memory", + "range": true, + "refId": "B" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "sum(process_working_set_bytes{container=\"jellyfin\"}) without (endpoint,instance,pod)", + "hide": false, + "interval": "", + "legendFormat": "Process working set", + "range": true, + "refId": "C" + } + ], + "title": "Memory usage", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "maxHeight": 600, + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "sum(rate(dotnet_exceptions_total{container=\"jellyfin\"}[$__rate_interval])) without (endpoint,instance,pod)", + "interval": "", + "legendFormat": "{{type}}", + "range": true, + "refId": "A" + } + ], + "title": "Exceptions", + "type": "timeseries" + }, + { + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 9 + }, + "id": 11, + "title": "HTTP Requests", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "reqps" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 8, + "x": 0, + "y": 10 + }, + "id": 8, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "maxHeight": 600, + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "sum(irate(http_requests_received_total{container=\"jellyfin\"}[$__rate_interval])) without (endpoint,instance,pod)", + "interval": "", + "legendFormat": "{{method}} {{controller}} {{action}} {{code}}", + "range": true, + "refId": "A" + } + ], + "title": "Requests per Seconds", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 7, + "x": 8, + "y": 10 + }, + "id": 9, + "options": { + "calculate": false, + "cellGap": 1, + "color": { + "exponent": 0.5, + "fill": "dark-orange", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 64 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto" + }, + "tooltip": { + "maxHeight": 600, + "mode": "single", + "showColorScale": false, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "reverse": false + } + }, + "pluginVersion": "11.0.0", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "sum(increase(http_request_duration_seconds_bucket{container=\"jellyfin\"}[$__rate_interval])) by(le)", + "format": "heatmap", + "interval": "", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "Latency", + "type": "heatmap" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "log": 10, + "type": "log" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "s" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 9, + "x": 15, + "y": 10 + }, + "id": 10, + "options": { + "legend": { + "calcs": [ + "mean", + "lastNotNull" + ], + "displayMode": "table", + "placement": "right", + "showLegend": true, + "sortBy": "Name", + "sortDesc": false + }, + "tooltip": { + "maxHeight": 600, + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "exemplar": true, + "expr": "histogram_quantile(0.95, sum(rate(http_request_duration_seconds_bucket{container=\"jellyfin\"}[$__rate_interval])) without(container,endpoint, instance, pod, code, exported_endpoint, method,action))", + "interval": "", + "legendFormat": "{{controller}}.", + "range": true, + "refId": "A" + } + ], + "title": "Latency", + "type": "timeseries" + } + ], + "refresh": "30s", + "schemaVersion": 39, + "tags": [], + "templating": { + "list": [ + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "prometheus" + }, + "hide": 0, + "includeAll": false, + "label": "datasource", + "multi": false, + "name": "DS_PROMETHEUS", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time": { + "from": "now-6h", + "to": "now" + }, + "timeRangeUpdatedDuringEditOrView": false, + "timepicker": {}, + "timezone": "", + "title": "Jellyfin", + "uid": "zkWB8mtnk", + "version": 1, + "weekStart": "" +} \ No newline at end of file diff --git a/jellyfin/templates/configmap.yaml b/jellyfin/templates/configmap.yaml new file mode 100644 index 0000000..7252259 --- /dev/null +++ b/jellyfin/templates/configmap.yaml @@ -0,0 +1,11 @@ +{{- if .Values.config.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "jellyfin.fullname" . }}-config + labels: + {{- include "jellyfin.labels" . | nindent 4 }} +data: + patch.sh: |- + {{ tpl (.Files.Get "files/config-patch.sh.gotmpl") . | nindent 4 }} +{{- end }} diff --git a/jellyfin/templates/configmap_grafana_dashboards.yaml b/jellyfin/templates/configmap_grafana_dashboards.yaml new file mode 100644 index 0000000..1f5ae52 --- /dev/null +++ b/jellyfin/templates/configmap_grafana_dashboards.yaml @@ -0,0 +1,14 @@ +{{- if .Values.grafana.dashboards.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "jellyfin.fullname" $ }}-grafana-dashboards + labels: + {{- include "jellyfin.labels" $ | nindent 4 }} + {{- toYaml $.Values.grafana.dashboards.labels | nindent 4 }} + annotations: + {{- toYaml $.Values.grafana.dashboards.annotations | nindent 4 }} +data: + {{- (.Files.Glob "grafana_dashboards/*.json" ).AsConfig | nindent 2 }} +{{- end }} diff --git a/jellyfin/templates/deployment.yaml b/jellyfin/templates/deployment.yaml index 348c8fe..e8f61e3 100644 --- a/jellyfin/templates/deployment.yaml +++ b/jellyfin/templates/deployment.yaml @@ -32,11 +32,29 @@ spec: serviceAccountName: {{ include "jellyfin.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if .Values.config.enabled }} + initContainers: + - name: patch-config + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + {{- with .Values.config.image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + command: + - "/bin/sh" + - "/scripts/init.sh" + volumeMounts: + - mountPath: /config + name: config + - mountPath: /scripts + name: configmap + {{- end }} containers: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - {{- with .Values.image}} + {{- with .Values.image }} image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} {{- end }} @@ -92,6 +110,15 @@ spec: {{- end }} - name: cache emptyDir: {} + {{- if .Values.config.enabled }} + - name: configmap + configMap: + name: {{ include "jellyfin.fullname" . }}-config + defaultMode: 0755 + items: + - key: "patch.sh" + path: "init.sh" + {{- end }} - name: media {{- with .Values.persistence.media }} {{- if .nfs.server }} diff --git a/jellyfin/templates/servicemonitor.yaml b/jellyfin/templates/servicemonitor.yaml new file mode 100644 index 0000000..f99ead8 --- /dev/null +++ b/jellyfin/templates/servicemonitor.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.config.metrics .Values.prometheus.servicemonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "jellyfin.fullname" . }} + labels: + {{- include "jellyfin.labels" . | nindent 4 }} + {{- with .Values.prometheus.servicemonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "jellyfin.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + path: "/metrics" +{{- end }} + diff --git a/jellyfin/values.yaml b/jellyfin/values.yaml index e714d7e..c04afcb 100644 --- a/jellyfin/values.yaml +++ b/jellyfin/values.yaml @@ -18,6 +18,16 @@ imagePullSecrets: [] nameOverride: "" fullnameOverride: "" +config: + enabled: false + # -- image to patch config + image: + registry: ghcr.io + repository: tomwright/dasel + pullPolicy: IfNotPresent + tag: "2.8.0" + metrics: false + persistence: config: nfs: @@ -62,6 +72,18 @@ service: type: ClusterIP port: 8096 +prometheus: + servicemonitor: + enabled: false + labels: {} + +grafana: + dashboards: + enabled: false + labels: + grafana_dashboard: "1" + annotations: {} + ingress: enabled: false className: "" -- 2.45.3 From c1d8d02da80cf73da185f17cb0816d7c2b4b5fe8 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 09:43:07 +0200 Subject: [PATCH 027/256] fix(home-assistant): update AppVersion v2024.7.0 and nats,zigbee2mqtt --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 8 ++++---- home-assistant/values.yaml | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 1782fe7..a7e339b 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.16 +version: 0.1.17 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.6.4" +appVersion: "2024.7.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index f44adb5..45f4df1 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square[Version: 0.1.16] +image::https://img.shields.io/badge/Version-0.1.17-informational?style=flat-square[Version: 0.1.17] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.6.4-informational?style=flat-square[AppVersion: 2024.6.4] +image::https://img.shields.io/badge/AppVersion-2024.7.0-informational?style=flat-square[AppVersion: 2024.7.0] == Maintainers .Maintainers @@ -184,7 +184,7 @@ helm uninstall home-assistant-release | nats.image.tag | string -| `"2.10.16-scratch"` +| `"2.10.17-scratch"` | | nats.livenessProbe.tcpSocket.port @@ -384,7 +384,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.tag | string -| `"1.38.0"` +| `"1.39.0"` | | zigbee2mqtt.ingress.hosts diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index b91d6ee..c5c796a 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -24,7 +24,7 @@ nats: registry: docker.io repository: library/nats pullPolicy: IfNotPresent - tag: "2.10.16-scratch" + tag: "2.10.17-scratch" service: port: nats: 4222 @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.38.0 + tag: 1.39.0 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From f2cbe7649b73882bbedaa6aa266acb117b58bdab Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 09:47:53 +0200 Subject: [PATCH 028/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index c61ac4b..6987468 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.3 +version: 0.2.4 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.0" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index a784ab5..d0e0998 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] +image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.0-informational?style=flat-square[AppVersion: 3.5.0] == Maintainers @@ -245,7 +245,7 @@ helm uninstall forgejo-runner-release | dind.image.tag | string -| `"26.1.4-dind"` +| `"27.0.3-dind"` | | fullnameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 69fdea3..8b6317d 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -141,7 +141,7 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 26.1.4-dind + tag: 27.0.3-dind kubectl: image: registry: docker.io -- 2.45.3 From d5fbf2c54fd28938e986f0b58c90cf479ac667de Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 09:47:55 +0200 Subject: [PATCH 029/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 2 +- jellyfin/README.adoc | 4 ++-- jellyfin/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index 74c0c55..bc37ed1 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,7 +3,7 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.2.0 +version: 0.2.1 # renovate: image=ghcr.io/jellyfin/jellyfin appVersion: "10.9.7" maintainers: diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index e6d96cf..97c0aba 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,7 +2,7 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-10.9.7-informational?style=flat-square[AppVersion: 10.9.7] == Maintainers @@ -79,7 +79,7 @@ helm uninstall jellyfin-release | config.image | object -| `{"pullPolicy":"IfNotPresent","registry":"ghcr.io","repository":"tomwright/dasel","tag":"2.8.0"}` +| `{"pullPolicy":"IfNotPresent","registry":"ghcr.io","repository":"tomwright/dasel","tag":"2.8.1"}` | image to patch config | config.metrics diff --git a/jellyfin/values.yaml b/jellyfin/values.yaml index c04afcb..b221226 100644 --- a/jellyfin/values.yaml +++ b/jellyfin/values.yaml @@ -25,7 +25,7 @@ config: registry: ghcr.io repository: tomwright/dasel pullPolicy: IfNotPresent - tag: "2.8.0" + tag: "2.8.1" metrics: false persistence: -- 2.45.3 From 8b84fa2384feca0e4ca8780b343863b30f55d88e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 09:47:57 +0200 Subject: [PATCH 030/256] fix(matrix-sliding-sync): update appVersion --- matrix-sliding-sync/Chart.yaml | 4 ++-- matrix-sliding-sync/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-sliding-sync/Chart.yaml b/matrix-sliding-sync/Chart.yaml index f9360e1..59301bc 100644 --- a/matrix-sliding-sync/Chart.yaml +++ b/matrix-sliding-sync/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-sliding-sync description: Proxy implementation of MSC3575's sync protocol. icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.1.2 +version: 0.1.3 # renovate: image=ghcr.io/matrix-org/sliding-sync -appVersion: "0.99.18" +appVersion: "0.99.19" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-sliding-sync/README.adoc b/matrix-sliding-sync/README.adoc index c72b179..8f408c1 100644 --- a/matrix-sliding-sync/README.adoc +++ b/matrix-sliding-sync/README.adoc @@ -2,9 +2,9 @@ = matrix-sliding-sync -image::https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square[Version: 0.1.2] +image::https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square[Version: 0.1.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.99.18-informational?style=flat-square[AppVersion: 0.99.18] +image::https://img.shields.io/badge/AppVersion-0.99.19-informational?style=flat-square[AppVersion: 0.99.19] == Maintainers .Maintainers -- 2.45.3 From 581addb5599368d3c8aba3055b4cb627d6b2e26c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 10:26:59 +0200 Subject: [PATCH 031/256] feat(speedtest-exporter): implement --- speedtest-exporter/.helmignore | 23 + speedtest-exporter/Chart.yaml | 11 + speedtest-exporter/_docs.gotmpl | 0 .../Speedtest-Exporter.json | 802 ++++++++++++++++++ speedtest-exporter/templates/NOTES.txt | 22 + speedtest-exporter/templates/_helpers.tpl | 62 ++ .../configmap_grafana_dashboards.yaml | 14 + speedtest-exporter/templates/deployment.yaml | 75 ++ speedtest-exporter/templates/hpa.yaml | 32 + speedtest-exporter/templates/ingress.yaml | 61 ++ speedtest-exporter/templates/service.yaml | 15 + .../templates/serviceaccount.yaml | 13 + .../templates/servicemonitor.yaml | 26 + .../templates/tests/test-connection.yaml | 15 + speedtest-exporter/values.yaml | 131 +++ 15 files changed, 1302 insertions(+) create mode 100644 speedtest-exporter/.helmignore create mode 100644 speedtest-exporter/Chart.yaml create mode 100644 speedtest-exporter/_docs.gotmpl create mode 100644 speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json create mode 100644 speedtest-exporter/templates/NOTES.txt create mode 100644 speedtest-exporter/templates/_helpers.tpl create mode 100644 speedtest-exporter/templates/configmap_grafana_dashboards.yaml create mode 100644 speedtest-exporter/templates/deployment.yaml create mode 100644 speedtest-exporter/templates/hpa.yaml create mode 100644 speedtest-exporter/templates/ingress.yaml create mode 100644 speedtest-exporter/templates/service.yaml create mode 100644 speedtest-exporter/templates/serviceaccount.yaml create mode 100644 speedtest-exporter/templates/servicemonitor.yaml create mode 100644 speedtest-exporter/templates/tests/test-connection.yaml create mode 100644 speedtest-exporter/values.yaml diff --git a/speedtest-exporter/.helmignore b/speedtest-exporter/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/speedtest-exporter/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/speedtest-exporter/Chart.yaml b/speedtest-exporter/Chart.yaml new file mode 100644 index 0000000..c433dd7 --- /dev/null +++ b/speedtest-exporter/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: speedtest-exporter +description: +icon: https://b.cdnst.net/images/favicons/favicon-180.png +type: application +version: 0.1.0 +# renovate: image=ghcr.io/miguelndecarvalho/speedtest-exporter +appVersion: "3.5.4" +maintainers: + - name: WrenIX + url: https://wrenix.eu diff --git a/speedtest-exporter/_docs.gotmpl b/speedtest-exporter/_docs.gotmpl new file mode 100644 index 0000000..e69de29 diff --git a/speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json b/speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json new file mode 100644 index 0000000..a1af213 --- /dev/null +++ b/speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json @@ -0,0 +1,802 @@ +{ + "__elements": [], + "__requires": [ + { + "type": "panel", + "id": "gauge", + "name": "Gauge", + "version": "" + }, + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "8.4.3" + }, + { + "type": "datasource", + "id": "prometheus", + "name": "Prometheus", + "version": "1.0.0" + }, + { + "type": "panel", + "id": "stat", + "name": "Stat", + "version": "" + }, + { + "type": "panel", + "id": "timeseries", + "name": "Time series", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": "-- Grafana --", + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "description": "Dashboard for Speedtest Exporter https://github.com/MiguelNdeCarvalho/speedtest-exporter", + "editable": true, + "fiscalYearStartMonth": 0, + "gnetId": 13665, + "graphTooltip": 0, + "id": null, + "iteration": 1650287799671, + "links": [], + "liveNow": false, + "panels": [ + { + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "options": { + "0": { + "index": 1, + "text": "DOWN" + }, + "1": { + "index": 0, + "text": "UP" + } + }, + "type": "value" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 0 + }, + { + "color": "green", + "value": 1 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 12, + "x": 0, + "y": 0 + }, + "id": 16, + "options": { + "colorMode": "background", + "graphMode": "none", + "justifyMode": "center", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "value" + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_up{instance=\"$instance\", job=\"$job\"}", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Status of the Speedtest-Exporter", + "type": "stat" + }, + { + "description": "ServerID of the last test done", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 3, + "w": 12, + "x": 12, + "y": 0 + }, + "id": 15, + "options": { + "colorMode": "value", + "graphMode": "none", + "justifyMode": "center", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "textMode": "value" + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_server_id{instance=\"$instance\", job=\"$job\"}", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "ServerID (Last test done)", + "type": "stat" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 3 + }, + "id": 8, + "panels": [], + "title": "Gauges", + "type": "row" + }, + { + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "Mbits" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 0, + "y": 4 + }, + "id": 10, + "options": { + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true, + "text": {} + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_download_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Download Speed", + "type": "gauge" + }, + { + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "Mbits" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 6, + "y": 4 + }, + "id": 12, + "options": { + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_upload_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Upload Speed", + "type": "gauge" + }, + { + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 12, + "y": 4 + }, + "id": 13, + "options": { + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_ping_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Ping", + "type": "gauge" + }, + { + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 6, + "x": 18, + "y": 4 + }, + "id": 11, + "options": { + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "showThresholdLabels": false, + "showThresholdMarkers": true + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_jitter_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "interval": "", + "legendFormat": "", + "refId": "A" + } + ], + "title": "Jitter", + "type": "gauge" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 12 + }, + "id": 6, + "panels": [], + "title": "Graphics", + "type": "row" + }, + { + "description": "", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "Download Speed", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "opacity", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": true, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Mbits" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 24, + "x": 0, + "y": 13 + }, + "id": 2, + "options": { + "legend": { + "calcs": [ + "mean", + "max", + "min" + ], + "displayMode": "table", + "placement": "bottom" + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_download_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", + "interval": "", + "legendFormat": "Download Speed (Mbits/s)", + "refId": "A" + } + ], + "title": "Download Speed (Mbits/s)", + "type": "timeseries" + }, + { + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "Upload Speed", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "opacity", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": true, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "Mbits" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 24, + "x": 0, + "y": 22 + }, + "id": 3, + "options": { + "legend": { + "calcs": [ + "mean", + "max", + "min" + ], + "displayMode": "table", + "placement": "bottom" + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_upload_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", + "interval": "", + "legendFormat": "Upload Speed (Mbits/s)", + "refId": "A" + } + ], + "title": "Upload Speed (Mbits/s)", + "type": "timeseries" + }, + { + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisLabel": "Time", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 100, + "gradientMode": "opacity", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "never", + "spanNulls": true, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unit": "ms" + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 24, + "x": 0, + "y": 31 + }, + "id": 4, + "options": { + "legend": { + "calcs": [ + "mean", + "max", + "min" + ], + "displayMode": "table", + "placement": "bottom" + }, + "tooltip": { + "mode": "multi", + "sort": "none" + } + }, + "pluginVersion": "8.4.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_ping_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "interval": "", + "legendFormat": "Ping (ms)", + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "exemplar": true, + "expr": "speedtest_jitter_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "instant": false, + "interval": "", + "legendFormat": "Jitter (ms)", + "refId": "B" + } + ], + "title": "Ping and Jitter (ms)", + "type": "timeseries" + } + ], + "refresh": "5m", + "schemaVersion": 35, + "style": "dark", + "tags": [], + "templating": { + "list": [ + { + "current": {}, + "definition": "label_values(speedtest_up, instance)", + "hide": 0, + "includeAll": false, + "label": "Instance", + "multi": false, + "name": "instance", + "options": [], + "query": { + "query": "label_values(speedtest_up, instance)", + "refId": "StandardVariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query", + "datasource": "${DS_PROMETHEUS}" + }, + { + "current": {}, + "definition": "label_values(speedtest_up, job)", + "hide": 0, + "includeAll": false, + "label": "Job", + "multi": false, + "name": "job", + "options": [], + "query": { + "query": "label_values(speedtest_up, job)", + "refId": "StandardVariableQuery" + }, + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "sort": 0, + "type": "query", + "datasource": "${DS_PROMETHEUS}" + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Speedtest-Exporter Dashboard", + "uid": "-fs18ztMz", + "version": 10, + "weekStart": "" +} diff --git a/speedtest-exporter/templates/NOTES.txt b/speedtest-exporter/templates/NOTES.txt new file mode 100644 index 0000000..d840f1a --- /dev/null +++ b/speedtest-exporter/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "speedtest-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "speedtest-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "speedtest-exporter.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "speedtest-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/speedtest-exporter/templates/_helpers.tpl b/speedtest-exporter/templates/_helpers.tpl new file mode 100644 index 0000000..6b2c229 --- /dev/null +++ b/speedtest-exporter/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "speedtest-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "speedtest-exporter.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "speedtest-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "speedtest-exporter.labels" -}} +helm.sh/chart: {{ include "speedtest-exporter.chart" . }} +{{ include "speedtest-exporter.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "speedtest-exporter.selectorLabels" -}} +app.kubernetes.io/name: {{ include "speedtest-exporter.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "speedtest-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "speedtest-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/speedtest-exporter/templates/configmap_grafana_dashboards.yaml b/speedtest-exporter/templates/configmap_grafana_dashboards.yaml new file mode 100644 index 0000000..830812d --- /dev/null +++ b/speedtest-exporter/templates/configmap_grafana_dashboards.yaml @@ -0,0 +1,14 @@ +{{- if .Values.grafana.dashboards.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "speedtest-exporter.fullname" $ }}-grafana-dashboards + labels: + {{- include "speedtest-exporter.labels" $ | nindent 4 }} + {{- toYaml $.Values.grafana.dashboards.labels | nindent 4 }} + annotations: + {{- toYaml $.Values.grafana.dashboards.annotations | nindent 4 }} +data: + {{- (.Files.Glob "grafana_dashboards/*.json" ).AsConfig | nindent 2 }} +{{- end }} diff --git a/speedtest-exporter/templates/deployment.yaml b/speedtest-exporter/templates/deployment.yaml new file mode 100644 index 0000000..166d068 --- /dev/null +++ b/speedtest-exporter/templates/deployment.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "speedtest-exporter.fullname" . }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "speedtest-exporter.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "speedtest-exporter.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + {{- with .Values.image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + env: + {{- with .Values.config.server }} + - name: "SPEEDTEST_SERVER" + value: {{ . | quote }} + {{- end }} + ports: + - name: http + containerPort: 9798 + protocol: TCP + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/speedtest-exporter/templates/hpa.yaml b/speedtest-exporter/templates/hpa.yaml new file mode 100644 index 0000000..a1c4a6d --- /dev/null +++ b/speedtest-exporter/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "speedtest-exporter.fullname" . }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "speedtest-exporter.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/speedtest-exporter/templates/ingress.yaml b/speedtest-exporter/templates/ingress.yaml new file mode 100644 index 0000000..e5fc79a --- /dev/null +++ b/speedtest-exporter/templates/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "speedtest-exporter.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/speedtest-exporter/templates/service.yaml b/speedtest-exporter/templates/service.yaml new file mode 100644 index 0000000..ac6246a --- /dev/null +++ b/speedtest-exporter/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "speedtest-exporter.fullname" . }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "speedtest-exporter.selectorLabels" . | nindent 4 }} diff --git a/speedtest-exporter/templates/serviceaccount.yaml b/speedtest-exporter/templates/serviceaccount.yaml new file mode 100644 index 0000000..9d0600f --- /dev/null +++ b/speedtest-exporter/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "speedtest-exporter.serviceAccountName" . }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/speedtest-exporter/templates/servicemonitor.yaml b/speedtest-exporter/templates/servicemonitor.yaml new file mode 100644 index 0000000..b5fe422 --- /dev/null +++ b/speedtest-exporter/templates/servicemonitor.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.prometheus.servicemonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "speedtest-exporter.fullname" . }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} + {{- with .Values.prometheus.servicemonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "speedtest-exporter.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + path: "/metrics" + {{- with .Values.prometheus.servicemonitor }} + {{- with .interval }} + interval: {{ . }} + {{- end }} + {{- with .scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + {{- end }} +{{- end }} diff --git a/speedtest-exporter/templates/tests/test-connection.yaml b/speedtest-exporter/templates/tests/test-connection.yaml new file mode 100644 index 0000000..2c6125f --- /dev/null +++ b/speedtest-exporter/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "speedtest-exporter.fullname" . }}-test-connection" + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "speedtest-exporter.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/speedtest-exporter/values.yaml b/speedtest-exporter/values.yaml new file mode 100644 index 0000000..1989fa0 --- /dev/null +++ b/speedtest-exporter/values.yaml @@ -0,0 +1,131 @@ +global: + image: + # -- if set it will overwrite all registry entries + registry: + # -- if set it will overwrite all pullPolicy + pullPolicy: + +replicaCount: 1 + +image: + registry: ghcr.io + repository: miguelndecarvalho/speedtest-exporter + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +config: + # -- speedtest-serverid + server: + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +prometheus: + servicemonitor: + enabled: false + labels: {} + # -- interval + interval: 1h + # -- scrape timeout + scrapeTimeout: 1m + +grafana: + dashboards: + enabled: false + labels: + grafana_dashboard: "1" + annotations: {} + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +livenessProbe: + httpGet: + path: / + port: http +readinessProbe: + httpGet: + path: / + port: http + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} -- 2.45.3 From b7910666e9f7d81d23bd95ecf55a9b021c89ddce Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 11:43:42 +0200 Subject: [PATCH 032/256] fix(speedtest-exporter): improve dashboard --- docs/modules/charts/nav.adoc | 1 + .../charts/pages/speedtest-exporter.adoc | 1 + speedtest-exporter/README.adoc | 296 ++++++++++++ .../Speedtest-Exporter.json | 429 ++++++++++-------- 4 files changed, 533 insertions(+), 194 deletions(-) create mode 120000 docs/modules/charts/pages/speedtest-exporter.adoc create mode 100644 speedtest-exporter/README.adoc diff --git a/docs/modules/charts/nav.adoc b/docs/modules/charts/nav.adoc index d8ebf40..95897a7 100644 --- a/docs/modules/charts/nav.adoc +++ b/docs/modules/charts/nav.adoc @@ -19,4 +19,5 @@ ** xref:monitoring.adoc[monitoring] ** xref:ntfy.adoc[ntfy] ** xref:postgresql.adoc[postgresql] +** xref:speedtest-exporter.adoc[speedtest-exporter] ** xref:stalwart-mail.adoc[stalwart-mail] diff --git a/docs/modules/charts/pages/speedtest-exporter.adoc b/docs/modules/charts/pages/speedtest-exporter.adoc new file mode 120000 index 0000000..76661ca --- /dev/null +++ b/docs/modules/charts/pages/speedtest-exporter.adoc @@ -0,0 +1 @@ +../../../../speedtest-exporter/README.adoc \ No newline at end of file diff --git a/speedtest-exporter/README.adoc b/speedtest-exporter/README.adoc new file mode 100644 index 0000000..f0a4e82 --- /dev/null +++ b/speedtest-exporter/README.adoc @@ -0,0 +1,296 @@ + + += speedtest-exporter + +image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0] +image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] +image::https://img.shields.io/badge/AppVersion-3.5.4-informational?style=flat-square[AppVersion: 3.5.4] +== Maintainers + +.Maintainers +|=== +| Name | Email | Url + +| WrenIX +| +| +|=== + +== Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's https://helm.sh/docs[documentation] to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +[source,bash] +---- +helm pull oci://codeberg.org/wrenix/helm-charts/speedtest-exporter +---- + +You can install a chart release using the following command: + +[source,bash] +---- +helm install speedtest-exporter-release oci://codeberg.org/wrenix/helm-charts/speedtest-exporter --values values.yaml +---- + +To uninstall a chart release use `helm`'s delete command: + +[source,bash] +---- +helm uninstall speedtest-exporter-release +---- + +== Values + +.Values +|=== +| Key | Type | Default | Description + +| affinity +| object +| `{}` +| + +| autoscaling.enabled +| bool +| `false` +| + +| autoscaling.maxReplicas +| int +| `100` +| + +| autoscaling.minReplicas +| int +| `1` +| + +| autoscaling.targetCPUUtilizationPercentage +| int +| `80` +| + +| config.server +| string +| `nil` +| speedtest-serverid + +| fullnameOverride +| string +| `""` +| + +| global.image.pullPolicy +| string +| `nil` +| if set it will overwrite all pullPolicy + +| global.image.registry +| string +| `nil` +| if set it will overwrite all registry entries + +| grafana.dashboards.annotations +| object +| `{}` +| + +| grafana.dashboards.enabled +| bool +| `false` +| + +| grafana.dashboards.labels.grafana_dashboard +| string +| `"1"` +| + +| image.pullPolicy +| string +| `"IfNotPresent"` +| + +| image.registry +| string +| `"ghcr.io"` +| + +| image.repository +| string +| `"miguelndecarvalho/speedtest-exporter"` +| + +| image.tag +| string +| `""` +| + +| imagePullSecrets +| list +| `[]` +| + +| ingress.annotations +| object +| `{}` +| + +| ingress.className +| string +| `""` +| + +| ingress.enabled +| bool +| `false` +| + +| ingress.hosts[0].host +| string +| `"chart-example.local"` +| + +| ingress.hosts[0].paths[0].path +| string +| `"/"` +| + +| ingress.hosts[0].paths[0].pathType +| string +| `"ImplementationSpecific"` +| + +| ingress.tls +| list +| `[]` +| + +| livenessProbe.httpGet.path +| string +| `"/"` +| + +| livenessProbe.httpGet.port +| string +| `"http"` +| + +| nameOverride +| string +| `""` +| + +| nodeSelector +| object +| `{}` +| + +| podAnnotations +| object +| `{}` +| + +| podLabels +| object +| `{}` +| + +| podSecurityContext +| object +| `{}` +| + +| prometheus.servicemonitor.enabled +| bool +| `false` +| + +| prometheus.servicemonitor.interval +| string +| `"1h"` +| interval + +| prometheus.servicemonitor.labels +| object +| `{}` +| + +| prometheus.servicemonitor.scrapeTimeout +| string +| `"1m"` +| scrape timeout + +| readinessProbe.httpGet.path +| string +| `"/"` +| + +| readinessProbe.httpGet.port +| string +| `"http"` +| + +| replicaCount +| int +| `1` +| + +| resources +| object +| `{}` +| + +| securityContext +| object +| `{}` +| + +| service.port +| int +| `80` +| + +| service.type +| string +| `"ClusterIP"` +| + +| serviceAccount.annotations +| object +| `{}` +| + +| serviceAccount.automount +| bool +| `true` +| + +| serviceAccount.create +| bool +| `true` +| + +| serviceAccount.name +| string +| `""` +| + +| tolerations +| list +| `[]` +| + +| volumeMounts +| list +| `[]` +| + +| volumes +| list +| `[]` +| +|=== + +Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json b/speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json index a1af213..b74dbb8 100644 --- a/speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json +++ b/speedtest-exporter/grafana_dashboards/Speedtest-Exporter.json @@ -1,42 +1,12 @@ { - "__elements": [], - "__requires": [ - { - "type": "panel", - "id": "gauge", - "name": "Gauge", - "version": "" - }, - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "8.4.3" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "1.0.0" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - } - ], "annotations": { "list": [ { "builtIn": 1, - "datasource": "-- Grafana --", + "datasource": { + "type": "datasource", + "uid": "grafana" + }, "enable": true, "hide": true, "iconColor": "rgba(0, 211, 255, 1)", @@ -56,12 +26,14 @@ "fiscalYearStartMonth": 0, "gnetId": 13665, "graphTooltip": 0, - "id": null, - "iteration": 1650287799671, "links": [], "liveNow": false, "panels": [ { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "description": "", "fieldConfig": { "defaults": { @@ -87,7 +59,7 @@ "mode": "absolute", "steps": [ { - "color": "green", + "color": "yellow", "value": null }, { @@ -109,12 +81,13 @@ "x": 0, "y": 0 }, - "id": 16, + "id": null, "options": { "colorMode": "background", - "graphMode": "none", + "graphMode": "area", "justifyMode": "center", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "lastNotNull" @@ -122,19 +95,24 @@ "fields": "", "values": false }, - "textMode": "value" + "showPercentChange": false, + "textMode": "value", + "wideLayout": true }, - "pluginVersion": "8.4.3", + "pluginVersion": "11.1.0", "targets": [ { "datasource": { "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, - "exemplar": true, - "expr": "speedtest_up{instance=\"$instance\", job=\"$job\"}", + "editorMode": "code", + "exemplar": false, + "expr": "sum(speedtest_up{job=~\"$job\"}) without (instance,pod)", + "instant": false, "interval": "", "legendFormat": "", + "range": true, "refId": "A" } ], @@ -142,6 +120,10 @@ "type": "stat" }, { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "description": "ServerID of the last test done", "fieldConfig": { "defaults": { @@ -173,6 +155,7 @@ "graphMode": "none", "justifyMode": "center", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "lastNotNull" @@ -180,19 +163,24 @@ "fields": "", "values": false }, - "textMode": "value" + "showPercentChange": false, + "textMode": "value", + "wideLayout": true }, - "pluginVersion": "8.4.3", + "pluginVersion": "11.1.0", "targets": [ { "datasource": { "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, - "exemplar": true, - "expr": "speedtest_server_id{instance=\"$instance\", job=\"$job\"}", + "editorMode": "code", + "exemplar": false, + "expr": "sum(speedtest_server_id{job=~\"$job\"})", + "instant": false, "interval": "", "legendFormat": "", + "range": true, "refId": "A" } ], @@ -201,6 +189,10 @@ }, { "collapsed": false, + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, "gridPos": { "h": 1, "w": 24, @@ -209,10 +201,23 @@ }, "id": 8, "panels": [], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "refId": "A" + } + ], "title": "Gauges", "type": "row" }, { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "fieldConfig": { "defaults": { "color": { @@ -229,7 +234,7 @@ } ] }, - "unit": "Mbits" + "unit": "binbps" }, "overrides": [] }, @@ -241,7 +246,11 @@ }, "id": 10, "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "lastNotNull" @@ -249,28 +258,34 @@ "fields": "", "values": false }, - "showThresholdLabels": false, - "showThresholdMarkers": true, - "text": {} + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "8.4.3", + "pluginVersion": "11.1.0", "targets": [ { "datasource": { "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, + "editorMode": "code", "exemplar": true, - "expr": "speedtest_download_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", + "expr": "sum(speedtest_download_bits_per_second{job=~\"$job\"}) without (instance,pod)", "interval": "", "legendFormat": "", + "range": true, "refId": "A" } ], "title": "Download Speed", - "type": "gauge" + "type": "stat" }, { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "fieldConfig": { "defaults": { "color": { @@ -287,7 +302,7 @@ } ] }, - "unit": "Mbits" + "unit": "binbps" }, "overrides": [] }, @@ -299,7 +314,11 @@ }, "id": 12, "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "lastNotNull" @@ -307,27 +326,34 @@ "fields": "", "values": false }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "8.4.3", + "pluginVersion": "11.1.0", "targets": [ { "datasource": { "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, + "editorMode": "code", "exemplar": true, - "expr": "speedtest_upload_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", + "expr": "sum(speedtest_upload_bits_per_second{job=~\"$job\"}) without (instance,pod)", "interval": "", "legendFormat": "", + "range": true, "refId": "A" } ], "title": "Upload Speed", - "type": "gauge" + "type": "stat" }, { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "fieldConfig": { "defaults": { "color": { @@ -356,7 +382,11 @@ }, "id": 13, "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "lastNotNull" @@ -364,27 +394,35 @@ "fields": "", "values": false }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "8.4.3", + "pluginVersion": "11.1.0", "targets": [ { "datasource": { "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, - "exemplar": true, - "expr": "speedtest_ping_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "editorMode": "code", + "exemplar": false, + "expr": "avg(speedtest_ping_latency_milliseconds{job=~\"$job\"}) without (instance,pod)", + "instant": false, "interval": "", "legendFormat": "", + "range": true, "refId": "A" } ], "title": "Ping", - "type": "gauge" + "type": "stat" }, { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "fieldConfig": { "defaults": { "color": { @@ -413,7 +451,11 @@ }, "id": 11, "options": { + "colorMode": "value", + "graphMode": "area", + "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "lastNotNull" @@ -421,28 +463,36 @@ "fields": "", "values": false }, - "showThresholdLabels": false, - "showThresholdMarkers": true + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "8.4.3", + "pluginVersion": "11.1.0", "targets": [ { "datasource": { "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, - "exemplar": true, - "expr": "speedtest_jitter_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "editorMode": "code", + "exemplar": false, + "expr": "avg(speedtest_jitter_latency_milliseconds{job=~\"$job\"}) without (instance,pod)", + "instant": false, "interval": "", "legendFormat": "", + "range": true, "refId": "A" } ], "title": "Jitter", - "type": "gauge" + "type": "stat" }, { "collapsed": false, + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, "gridPos": { "h": 1, "w": 24, @@ -451,10 +501,23 @@ }, "id": 6, "panels": [], + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "prometheus" + }, + "refId": "A" + } + ], "title": "Graphics", "type": "row" }, { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "description": "", "fieldConfig": { "defaults": { @@ -462,17 +525,21 @@ "mode": "palette-classic" }, "custom": { - "axisLabel": "Download Speed", + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, "drawStyle": "line", - "fillOpacity": 100, + "fillOpacity": 50, "gradientMode": "opacity", "hideFrom": { "legend": false, "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -503,9 +570,22 @@ } ] }, - "unit": "Mbits" + "unit": "binbps" }, - "overrides": [] + "overrides": [ + { + "matcher": { + "id": "byRegexp", + "options": "/Upload: .*/" + }, + "properties": [ + { + "id": "custom.transform", + "value": "negative-Y" + } + ] + } + ] }, "gridPos": { "h": 9, @@ -519,10 +599,11 @@ "calcs": [ "mean", "max", - "min" + "logmin" ], "displayMode": "table", - "placement": "bottom" + "placement": "right", + "showLegend": true }, "tooltip": { "mode": "multi", @@ -536,125 +617,57 @@ "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, + "editorMode": "code", "exemplar": true, - "expr": "speedtest_download_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", + "expr": "sum(speedtest_download_bits_per_second{job=~\"$job\"}) without (instance,pod)", "interval": "", - "legendFormat": "Download Speed (Mbits/s)", + "legendFormat": "Download: {{ instance }}", + "range": true, "refId": "A" - } - ], - "title": "Download Speed (Mbits/s)", - "type": "timeseries" - }, - { - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisLabel": "Upload Speed", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 100, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "Mbits" }, - "overrides": [] - }, - "gridPos": { - "h": 9, - "w": 24, - "x": 0, - "y": 22 - }, - "id": 3, - "options": { - "legend": { - "calcs": [ - "mean", - "max", - "min" - ], - "displayMode": "table", - "placement": "bottom" - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "8.4.3", - "targets": [ { "datasource": { "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, - "exemplar": true, - "expr": "speedtest_upload_bits_per_second{instance=\"$instance\", job=\"$job\"}*10^-6", - "interval": "", - "legendFormat": "Upload Speed (Mbits/s)", - "refId": "A" + "editorMode": "code", + "expr": "sum(speedtest_upload_bits_per_second{job=~\"$job\"}) without (instance,pod)", + "hide": false, + "instant": false, + "legendFormat": "Upload: {{ instance }}", + "range": true, + "refId": "B" } ], - "title": "Upload Speed (Mbits/s)", + "title": "Traffic Speed", "type": "timeseries" }, { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, "fieldConfig": { "defaults": { "color": { "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", "axisLabel": "Time", "axisPlacement": "auto", "barAlignment": 0, "drawStyle": "line", - "fillOpacity": 100, + "fillOpacity": 10, "gradientMode": "opacity", "hideFrom": { "legend": false, "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -687,13 +700,26 @@ }, "unit": "ms" }, - "overrides": [] + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "Jitter (ms)" + }, + "properties": [ + { + "id": "custom.axisPlacement", + "value": "right" + } + ] + } + ] }, "gridPos": { "h": 9, "w": 24, "x": 0, - "y": 31 + "y": 22 }, "id": 4, "options": { @@ -701,10 +727,11 @@ "calcs": [ "mean", "max", - "min" + "logmin" ], "displayMode": "table", - "placement": "bottom" + "placement": "right", + "showLegend": true }, "tooltip": { "mode": "multi", @@ -718,10 +745,12 @@ "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, + "editorMode": "code", "exemplar": true, - "expr": "speedtest_ping_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "expr": "avg(speedtest_ping_latency_milliseconds{job=~\"$job\"}) without (instance,pod)", "interval": "", "legendFormat": "Ping (ms)", + "range": true, "refId": "A" }, { @@ -729,8 +758,9 @@ "type": "prometheus", "uid": "${DS_PROMETHEUS}" }, + "editorMode": "code", "exemplar": true, - "expr": "speedtest_jitter_latency_milliseconds{instance=\"$instance\", job=\"$job\"}", + "expr": "avg(speedtest_jitter_latency_milliseconds{job=~\"$job\"}) without (instance,pod)", "instant": false, "interval": "", "legendFormat": "Jitter (ms)", @@ -742,38 +772,50 @@ } ], "refresh": "5m", - "schemaVersion": 35, - "style": "dark", - "tags": [], + "schemaVersion": 39, + "tags": [ + "network" + ], "templating": { "list": [ { - "current": {}, - "definition": "label_values(speedtest_up, instance)", + "current": { + "selected": false, + "text": "default", + "value": "default" + }, "hide": 0, "includeAll": false, - "label": "Instance", + "label": "datasource", "multi": false, - "name": "instance", + "name": "DS_PROMETHEUS", "options": [], - "query": { - "query": "label_values(speedtest_up, instance)", - "refId": "StandardVariableQuery" - }, + "query": "prometheus", + "queryValue": "", "refresh": 1, "regex": "", "skipUrlSync": false, - "sort": 0, - "type": "query", - "datasource": "${DS_PROMETHEUS}" + "type": "datasource" }, { - "current": {}, + "allValue": ".*", + "current": { + "selected": true, + "text": [ + "All" + ], + "value": [ + "$__all" + ] + }, + "datasource": { + "uid": "${DS_PROMETHEUS}" + }, "definition": "label_values(speedtest_up, job)", "hide": 0, - "includeAll": false, + "includeAll": true, "label": "Job", - "multi": false, + "multi": true, "name": "job", "options": [], "query": { @@ -784,19 +826,18 @@ "regex": "", "skipUrlSync": false, "sort": 0, - "type": "query", - "datasource": "${DS_PROMETHEUS}" + "type": "query" } ] }, "time": { - "from": "now-24h", + "from": "now-2d", "to": "now" }, "timepicker": {}, "timezone": "", "title": "Speedtest-Exporter Dashboard", "uid": "-fs18ztMz", - "version": 10, + "version": 1, "weekStart": "" } -- 2.45.3 From 3aad4adb1eb191b1969c9267064c361551692e8c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 12:39:34 +0200 Subject: [PATCH 033/256] fix(speedtest-exporter): improve config parameter --- speedtest-exporter/Chart.yaml | 2 +- speedtest-exporter/README.adoc | 14 ++++++++++++-- speedtest-exporter/templates/deployment.yaml | 8 ++++++++ speedtest-exporter/values.yaml | 6 +++++- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/speedtest-exporter/Chart.yaml b/speedtest-exporter/Chart.yaml index c433dd7..5eeccd4 100644 --- a/speedtest-exporter/Chart.yaml +++ b/speedtest-exporter/Chart.yaml @@ -3,7 +3,7 @@ name: speedtest-exporter description: icon: https://b.cdnst.net/images/favicons/favicon-180.png type: application -version: 0.1.0 +version: 0.1.1 # renovate: image=ghcr.io/miguelndecarvalho/speedtest-exporter appVersion: "3.5.4" maintainers: diff --git a/speedtest-exporter/README.adoc b/speedtest-exporter/README.adoc index f0a4e82..68fa28c 100644 --- a/speedtest-exporter/README.adoc +++ b/speedtest-exporter/README.adoc @@ -2,7 +2,7 @@ = speedtest-exporter -image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0] +image::https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square[Version: 0.1.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.4-informational?style=flat-square[AppVersion: 3.5.4] == Maintainers @@ -72,11 +72,21 @@ helm uninstall speedtest-exporter-release | `80` | +| config.cacheFor +| int +| `0` +| cache result for seconds + | config.server | string | `nil` | speedtest-serverid +| config.timeout +| int +| `90` +| timeout of speedtest + | fullnameOverride | string | `""` @@ -219,7 +229,7 @@ helm uninstall speedtest-exporter-release | prometheus.servicemonitor.scrapeTimeout | string -| `"1m"` +| `"2m"` | scrape timeout | readinessProbe.httpGet.path diff --git a/speedtest-exporter/templates/deployment.yaml b/speedtest-exporter/templates/deployment.yaml index 166d068..6ec8bba 100644 --- a/speedtest-exporter/templates/deployment.yaml +++ b/speedtest-exporter/templates/deployment.yaml @@ -43,6 +43,14 @@ spec: - name: "SPEEDTEST_SERVER" value: {{ . | quote }} {{- end }} + {{- with .Values.config.cacheFor }} + - name: "SPEEDTEST_CACHE_FOR" + value: {{ . | quote }} + {{- end }} + {{- with .Values.config.timeout }} + - name: "SPEEDTEST_TIMEOUT" + value: {{ . | quote }} + {{- end }} ports: - name: http containerPort: 9798 diff --git a/speedtest-exporter/values.yaml b/speedtest-exporter/values.yaml index 1989fa0..4dc6d65 100644 --- a/speedtest-exporter/values.yaml +++ b/speedtest-exporter/values.yaml @@ -17,6 +17,10 @@ image: config: # -- speedtest-serverid server: + # -- cache result for seconds + cacheFor: 0 + # -- timeout of speedtest + timeout: 90 imagePullSecrets: [] nameOverride: "" @@ -58,7 +62,7 @@ prometheus: # -- interval interval: 1h # -- scrape timeout - scrapeTimeout: 1m + scrapeTimeout: 2m grafana: dashboards: -- 2.45.3 From 348a90e0ffc0a3e11b15c9f12ee53324a72df08d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 5 Jul 2024 12:53:22 +0200 Subject: [PATCH 034/256] fix(grampsweb): update AppVersion v24.6.0 --- grampsweb/Chart.yaml | 4 ++-- grampsweb/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index 96af01a..d9d9296 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.1.11 +version: 0.1.12 # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.5.0" +appVersion: "24.6.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index 29365b3..90e3ade 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,9 +2,9 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square[Version: 0.1.11] +image::https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square[Version: 0.1.12] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-24.5.0-informational?style=flat-square[AppVersion: 24.5.0] +image::https://img.shields.io/badge/AppVersion-24.6.0-informational?style=flat-square[AppVersion: 24.6.0] == Maintainers .Maintainers -- 2.45.3 From 492a92e61562b40ef48757b180813bfe38c480c5 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 6 Jul 2024 20:55:27 +0200 Subject: [PATCH 035/256] fix(authentik-application): add tls and annotations for outpost ingress --- authentik-application/Chart.yaml | 2 +- authentik-application/README.adoc | 12 +++++++++++- authentik-application/templates/ingress.yaml | 10 +++++++++- authentik-application/values.yaml | 4 ++++ 4 files changed, 25 insertions(+), 3 deletions(-) diff --git a/authentik-application/Chart.yaml b/authentik-application/Chart.yaml index 066ba97..f0d9780 100644 --- a/authentik-application/Chart.yaml +++ b/authentik-application/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: authentik-application description: "A Chart to deploy a secret for the authentik blueprint-sidecar." type: application -version: 0.4.1 +version: 0.4.2 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/authentik-application/README.adoc b/authentik-application/README.adoc index 1d9dd75..f25a352 100644 --- a/authentik-application/README.adoc +++ b/authentik-application/README.adoc @@ -2,7 +2,7 @@ = authentik-application -image::https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square[Version: 0.4.1] +image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] == Maintainers @@ -229,6 +229,11 @@ helm uninstall authentik-application-release | `nil` | +| blueprint.provider.proxy.ingress.annotations +| list +| `[]` +| annotations to ingress for outpost + | blueprint.provider.proxy.ingress.backend | string | `"authentik"` @@ -244,6 +249,11 @@ helm uninstall authentik-application-release | `false` | deploy ingress on application domain for e.g. logout (WIP) +| blueprint.provider.proxy.ingress.tls +| list +| `[]` +| tls to ingress for outpost + | blueprint.provider.proxy.skipPathRegex | string | `""` diff --git a/authentik-application/templates/ingress.yaml b/authentik-application/templates/ingress.yaml index 3a10ce9..0cdde0a 100644 --- a/authentik-application/templates/ingress.yaml +++ b/authentik-application/templates/ingress.yaml @@ -6,6 +6,10 @@ metadata: name: {{ include "authentik-application.fullname" . }} labels: {{- include "authentik-application.labels" . | nindent 4 }} + {{- with .Values.blueprint.provider.proxy.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: rules: - host: {{ .Values.blueprint.provider.proxy.ingress.domain | quote }} @@ -18,4 +22,8 @@ spec: name: {{ .Values.blueprint.provider.proxy.ingress.backend | quote }} port: name: http -{{- end }} \ No newline at end of file + {{- with .Values.blueprint.provider.proxy.ingress.tls }} + tls: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/authentik-application/values.yaml b/authentik-application/values.yaml index 52fc7f6..9db23c1 100644 --- a/authentik-application/values.yaml +++ b/authentik-application/values.yaml @@ -44,6 +44,10 @@ blueprint: domain: # -- service backend to authentik backend: authentik + # -- annotations to ingress for outpost + annotations: [] + # -- tls to ingress for outpost + tls: [] application: # -- application name in menu name: "" -- 2.45.3 From eab82cac05502dc5ae3b342da38e03ce0b9b52d5 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 6 Jul 2024 21:41:48 +0200 Subject: [PATCH 036/256] fix(home-assistant): update AppVersion v2024.7.1 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index a7e339b..24af8c0 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.17 +version: 0.1.18 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.7.0" +appVersion: "2024.7.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 45f4df1..066c85c 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.17-informational?style=flat-square[Version: 0.1.17] +image::https://img.shields.io/badge/Version-0.1.18-informational?style=flat-square[Version: 0.1.18] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.7.0-informational?style=flat-square[AppVersion: 2024.7.0] +image::https://img.shields.io/badge/AppVersion-2024.7.1-informational?style=flat-square[AppVersion: 2024.7.1] == Maintainers .Maintainers -- 2.45.3 From c75447b0314eba2d5da0ca2a61ba8f6d0b671b65 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 16 Jul 2024 13:13:56 +0200 Subject: [PATCH 037/256] fix(home-assistant): update AppVersion v2024.7.2 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 24af8c0..eaafa7f 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.18 +version: 0.1.19 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.7.1" +appVersion: "2024.7.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 066c85c..725e75c 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.18-informational?style=flat-square[Version: 0.1.18] +image::https://img.shields.io/badge/Version-0.1.19-informational?style=flat-square[Version: 0.1.19] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.7.1-informational?style=flat-square[AppVersion: 2024.7.1] +image::https://img.shields.io/badge/AppVersion-2024.7.2-informational?style=flat-square[AppVersion: 2024.7.2] == Maintainers .Maintainers -- 2.45.3 From dac942fc6f893b9a4b6fb03aa40cee67db6b9b9f Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 16 Jul 2024 13:14:44 +0200 Subject: [PATCH 038/256] fix(grampsweb): update AppVersion v24.7.0 --- grampsweb/Chart.yaml | 4 ++-- grampsweb/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index d9d9296..13ef6e3 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.1.12 +version: 0.1.13 # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.6.0" +appVersion: "24.7.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index 90e3ade..7ae6092 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,9 +2,9 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square[Version: 0.1.12] +image::https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square[Version: 0.1.13] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-24.6.0-informational?style=flat-square[AppVersion: 24.6.0] +image::https://img.shields.io/badge/AppVersion-24.7.0-informational?style=flat-square[AppVersion: 24.7.0] == Maintainers .Maintainers -- 2.45.3 From 5706e787d652e41b2581b9f985bd1181e9ea626e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 16 Jul 2024 13:30:30 +0200 Subject: [PATCH 039/256] fix(grampsweb): improve configuration (add MEDIA_PREFIX_TREE) --- grampsweb/Chart.yaml | 2 +- grampsweb/README.adoc | 11 ++++++++--- grampsweb/templates/deployment.yaml | 7 ------- grampsweb/templates/secret.yaml | 9 +++++++++ grampsweb/values.yaml | 4 ++++ 5 files changed, 22 insertions(+), 11 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index 13ef6e3..21deb39 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,7 +3,7 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.1.13 +version: 0.1.14 # renovate: image=ghcr.io/gramps-project/grampsweb appVersion: "24.7.0" maintainers: diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index 7ae6092..de59de3 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,7 +2,7 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square[Version: 0.1.13] +image::https://img.shields.io/badge/Version-0.1.14-informational?style=flat-square[Version: 0.1.14] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-24.7.0-informational?style=flat-square[AppVersion: 24.7.0] == Maintainers @@ -80,7 +80,7 @@ helm uninstall grampsweb-release | gramps.baseURL | string | `"https://gramps.example.org"` -| +| Base URL where the API can be reached (e.g. https://mygramps.mydomain.com/). This is necessary e.g. to build correct passwort reset links | gramps.mail.from | string @@ -112,10 +112,15 @@ helm uninstall grampsweb-release | `nil` | SMTP server username +| gramps.mediaPrefixTree +| bool +| `false` +| whether or not to use a separate subfolder for the media files of each tree. Defaults to False, but strongly recommend to use True in a multi-tree setup + | gramps.tree | string | `"Gramps Web"` -| +| To enable multi-tree support, the TREE config option must be set to a single asterisk `*` | image.pullPolicy | string diff --git a/grampsweb/templates/deployment.yaml b/grampsweb/templates/deployment.yaml index 7c6592f..f3e15ae 100644 --- a/grampsweb/templates/deployment.yaml +++ b/grampsweb/templates/deployment.yaml @@ -36,13 +36,6 @@ spec: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}" imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- with .Values.gramps }} - env: - - name: "GRAMPSWEB_TREE" - value: "{{ .tree }}" - - name: "GRAMPSWEB_BASE_URL" - value: "{{ .baseURL }}" - {{- end }} envFrom: - secretRef: name: {{ include "grampsweb.fullname" . }} diff --git a/grampsweb/templates/secret.yaml b/grampsweb/templates/secret.yaml index ab2b1b0..2baa59e 100644 --- a/grampsweb/templates/secret.yaml +++ b/grampsweb/templates/secret.yaml @@ -6,6 +6,15 @@ metadata: labels: {{- include "grampsweb.labels" . | nindent 4 }} data: + {{- with .Values.gramps.baseURL }} + GRAMPSWEB_BASE_URL: {{ . | b64enc }} + {{- end }} + {{- with .Values.gramps.tree }} + GRAMPSWEB_TREE: {{ . | b64enc }} + {{- end }} + {{- with .Values.gramps.mediaPrefixTree }} + GRAMPSWEB_MEDIA_PREFIX_TREE: {{ . | ternary "TRUE" "FALSE" | b64enc }} + {{- end }} {{- with .Values.gramps.mediaBaseDir }} GRAMPSWEB_MEDIA_BASE_DIR: {{ . | b64enc }} {{- end }} diff --git a/grampsweb/values.yaml b/grampsweb/values.yaml index 0fc804a..a088a88 100644 --- a/grampsweb/values.yaml +++ b/grampsweb/values.yaml @@ -16,8 +16,12 @@ nameOverride: "" fullnameOverride: "" gramps: + # -- To enable multi-tree support, the TREE config option must be set to a single asterisk `*` tree: "Gramps Web" + # -- Base URL where the API can be reached (e.g. https://mygramps.mydomain.com/). This is necessary e.g. to build correct passwort reset links baseURL: "https://gramps.example.org" + # -- whether or not to use a separate subfolder for the media files of each tree. Defaults to False, but strongly recommend to use True in a multi-tree setup + mediaPrefixTree: false mail: # -- SMTP server host (e.g. for sending password reset e-mails) host: -- 2.45.3 From 29ceef56f0c13d12e6a595cce761b5a516a61d6c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 19 Jul 2024 17:28:32 +0200 Subject: [PATCH 040/256] fix(gotosocial): add tracing support --- gotosocial/Chart.yaml | 2 +- gotosocial/README.adoc | 24 ++++++++++++++++++++++-- gotosocial/templates/secret.yaml | 12 ++++++++++++ gotosocial/values.yaml | 11 ++++++++++- 4 files changed, 45 insertions(+), 4 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index d9d1408..ee7c91a 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,7 +3,7 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.1.9 +version: 0.2.0 # renovate: image=docker.io/superseriousbusiness/gotosocial appVersion: "0.16.0" maintainers: diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index 884dc79..15ac1be 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,7 +2,7 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square[Version: 0.1.9] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.16.0-informational?style=flat-square[AppVersion: 0.16.0] == Maintainers @@ -302,6 +302,26 @@ helm uninstall gotosocial-release | `true` | Use SSL for S3 connections. Only set this to 'false' when testing locally. +| gotosocial.tracing.enabled +| bool +| `false` +| Enable OpenTelemetry based tracing support. + +| gotosocial.tracing.endpoint +| string +| `""` +| Endpoint of the trace ingester. When using the gRPC or HTTP based transports, provide the endpoint as a single address/port combination without a protocol scheme. + +| gotosocial.tracing.insecureTransport +| bool +| `false` +| Disable TLS for the gRPC and HTTP transport protocols. + +| gotosocial.tracing.transport +| string +| `"grpc"` +| Set the transport protocol for the tracing system. Can either be "grpc" for OTLP gRPC, or "http" for OTLP HTTP. + | gotosocial.tz | string | `"UTC"` @@ -480,7 +500,7 @@ helm uninstall gotosocial-release | serviceAccount.name | string | `""` -| If not set and create is true, a name is generated using the fullname template +| The name of the service account to use. If not set and create is true, a name is generated using the fullname template | tolerations | list diff --git a/gotosocial/templates/secret.yaml b/gotosocial/templates/secret.yaml index e4d98f5..558f872 100644 --- a/gotosocial/templates/secret.yaml +++ b/gotosocial/templates/secret.yaml @@ -99,4 +99,16 @@ data: {{- end }}{{/* end-with smtp */}} GTS_METRICS_ENABLED: {{ toYaml .metrics.enabled | b64enc }} + + # https://www.w3.org/TR/trace-context/#traceparent-header + GTS_REQUEST_ID_HEADER: {{ "Traceparent" | b64enc }} + {{- with .tracing }} + {{- if .enabled }} + GTS_TRACING_ENABLED: {{ "true" | b64enc}} + GTS_TRACING_TRANSPORT: {{ .transport | b64enc }} + GTS_TRACING_ENDPOINT: {{ .endpoint | b64enc }} + GTS_TRACING_INSECURE_TRANSPORT: {{ toYaml .insecureTransport | b64enc }} + {{- end }}{{/* end-if .tracing.enabled */}} + {{- end }}{{/* end-with .tracing */}} + {{- end }}{{/* end-with .gotosocial */}} diff --git a/gotosocial/values.yaml b/gotosocial/values.yaml index 312ea2c..24977ae 100644 --- a/gotosocial/values.yaml +++ b/gotosocial/values.yaml @@ -174,6 +174,15 @@ gotosocial: enabled: false username: "" password: "" + tracing: + # -- Enable OpenTelemetry based tracing support. + enabled: false + # -- Set the transport protocol for the tracing system. Can either be "grpc" for OTLP gRPC, or "http" for OTLP HTTP. + transport: grpc + # -- Endpoint of the trace ingester. When using the gRPC or HTTP based transports, provide the endpoint as a single address/port combination without a protocol scheme. + endpoint: "" + # -- Disable TLS for the gRPC and HTTP transport protocols. + insecureTransport: false prometheus: servicemonitor: @@ -188,7 +197,7 @@ serviceAccount: # -- Annotations to add to the service account annotations: {} # -- The name of the service account to use. - # -- If not set and create is true, a name is generated using the fullname template + # If not set and create is true, a name is generated using the fullname template name: "" podAnnotations: {} -- 2.45.3 From 3fac9855f10f6eb45afd5d45e712731ccea5064c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 20 Jul 2024 16:59:36 +0200 Subject: [PATCH 041/256] fix(home-assistant): update AppVersion v2024.7.3 (and nats) --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index eaafa7f..169a5dc 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.19 +version: 0.1.20 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.7.2" +appVersion: "2024.7.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 725e75c..63d36ff 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.19-informational?style=flat-square[Version: 0.1.19] +image::https://img.shields.io/badge/Version-0.1.20-informational?style=flat-square[Version: 0.1.20] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.7.2-informational?style=flat-square[AppVersion: 2024.7.2] +image::https://img.shields.io/badge/AppVersion-2024.7.3-informational?style=flat-square[AppVersion: 2024.7.3] == Maintainers .Maintainers @@ -184,7 +184,7 @@ helm uninstall home-assistant-release | nats.image.tag | string -| `"2.10.17-scratch"` +| `"2.10.18-scratch"` | | nats.livenessProbe.tcpSocket.port diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index c5c796a..7253491 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -24,7 +24,7 @@ nats: registry: docker.io repository: library/nats pullPolicy: IfNotPresent - tag: "2.10.17-scratch" + tag: "2.10.18-scratch" service: port: nats: 4222 -- 2.45.3 From 7285edf31c0b5e3459cb99931f06c5ee36ab086f Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 20 Jul 2024 17:00:27 +0200 Subject: [PATCH 042/256] fix(forgejo-runner): update kubectl to 1.30.3 --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 6987468..f8e99da 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.4 +version: 0.2.5 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.0" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index d0e0998..84a1c8b 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] +image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.0-informational?style=flat-square[AppVersion: 3.5.0] == Maintainers @@ -295,7 +295,7 @@ helm uninstall forgejo-runner-release | kubectl.image.tag | string -| `"1.30.2"` +| `"1.30.3"` | | nameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 8b6317d..7ee4169 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -147,7 +147,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.30.2 + tag: 1.30.3 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From 69166898cd1bac31df140585d8811b0c809e923b Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 20 Jul 2024 17:01:15 +0200 Subject: [PATCH 043/256] fix(mautrix-signal): update AppVersion v0.6.3 --- mautrix-signal/Chart.yaml | 4 ++-- mautrix-signal/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index 3d11419..6940270 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.5 +version: 0.0.6 # renovate: image=dock.mau.dev/mautrix/signal -appVersion: "0.6.2" +appVersion: "0.6.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index 60914e2..0ddafe7 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,9 +2,9 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square[Version: 0.0.5] +image::https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square[Version: 0.0.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.2-informational?style=flat-square[AppVersion: 0.6.2] +image::https://img.shields.io/badge/AppVersion-0.6.3-informational?style=flat-square[AppVersion: 0.6.3] == Maintainers .Maintainers -- 2.45.3 From 0a6069e2ec8304d4accfe8f9a7371a924b842eac Mon Sep 17 00:00:00 2001 From: pat-s Date: Sun, 21 Jul 2024 12:44:08 +0200 Subject: [PATCH 044/256] fix(ntfy): add updateStrategy with default 'recreate' --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 7 ++++++- ntfy/templates/deployment.yaml | 4 ++++ ntfy/values.yaml | 3 +++ 4 files changed, 14 insertions(+), 2 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 2277758..7e837a7 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.1.11 +version: 0.1.12 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index a68811c..b996dcd 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square[Version: 0.1.11] +image::https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square[Version: 0.1.12] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -521,6 +521,11 @@ helm uninstall ntfy-release | list | `[]` | + +| updateStrategy.type +| string +| `"Recreate"` +| |=== Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/ntfy/templates/deployment.yaml b/ntfy/templates/deployment.yaml index 8550abe..b959c46 100644 --- a/ntfy/templates/deployment.yaml +++ b/ntfy/templates/deployment.yaml @@ -28,6 +28,10 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.updateStrategy }} + updateStrategy: + {{- toYaml . | nindent 4 }} + {{- end }} serviceAccountName: {{ include "ntfy.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 67badd8..36c773b 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -14,6 +14,9 @@ imagePullSecrets: [] nameOverride: "" fullnameOverride: "" +updateStrategy: + type: Recreate + ntfy: baseURL: "https://ntfy.example.org" listen: -- 2.45.3 From 54b216eca33668f16be39bff410ad4b5e3f5702c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 21 Jul 2024 22:48:52 +0200 Subject: [PATCH 045/256] fix(jellyfin): update AppVersion v10.9.8 --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- jellyfin/templates/deployment.yaml | 6 ++++++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index bc37ed1..e1d1438 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.2.1 +version: 0.2.2 # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.9.7" +appVersion: "10.9.8" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index 97c0aba..965b17a 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] +image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.9.7-informational?style=flat-square[AppVersion: 10.9.7] +image::https://img.shields.io/badge/AppVersion-10.9.8-informational?style=flat-square[AppVersion: 10.9.8] == Maintainers .Maintainers diff --git a/jellyfin/templates/deployment.yaml b/jellyfin/templates/deployment.yaml index e8f61e3..cce06ba 100644 --- a/jellyfin/templates/deployment.yaml +++ b/jellyfin/templates/deployment.yaml @@ -70,6 +70,12 @@ spec: httpGet: path: / port: http + startupProbe: + httpGet: + path: / + port: http + failureThreshold: 60 + periodSeconds: 10 resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: -- 2.45.3 From 3462a1a93b30b34c9f3841a2bb020ebdd3841f60 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 21 Jul 2024 23:03:36 +0200 Subject: [PATCH 046/256] fix(stalwart-mail): update AppVersion v0.8.5 + support probes --- stalwart-mail/Chart.yaml | 4 +-- stalwart-mail/README.adoc | 39 +++++++++++++++++++++++-- stalwart-mail/templates/deployment.yaml | 14 ++++++++- stalwart-mail/values.yaml | 13 +++++++++ 4 files changed, 65 insertions(+), 5 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 41ddf09..87717d8 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.10 +version: 0.0.11 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.8.1" +appVersion: "0.8.5" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index ac015d4..aec8b93 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square[Version: 0.0.10] +image::https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square[Version: 0.0.11] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.8.1-informational?style=flat-square[AppVersion: 0.8.1] +image::https://img.shields.io/badge/AppVersion-0.8.5-informational?style=flat-square[AppVersion: 0.8.5] == Maintainers .Maintainers @@ -159,6 +159,16 @@ helm uninstall stalwart-mail-release | `"internal"` | +| config.server.listener.http.bind[0] +| string +| `"[::]:80"` +| + +| config.server.listener.http.protocol +| string +| `"http"` +| + | config.server.listener.https.bind[0] | string | `"[::]:443"` @@ -439,6 +449,16 @@ helm uninstall stalwart-mail-release | `[]` | +| livenessProbe.httpGet.path +| string +| `"/healthz/live"` +| + +| livenessProbe.httpGet.port +| string +| `"http"` +| + | nameOverride | string | `""` @@ -499,6 +519,16 @@ helm uninstall stalwart-mail-release | `{}` | +| readinessProbe.httpGet.path +| string +| `"/healthz/ready"` +| + +| readinessProbe.httpGet.port +| string +| `"http"` +| + | replicaCount | int | `1` @@ -529,6 +559,11 @@ helm uninstall stalwart-mail-release | `"SingleStack"` | other option is RequireDualStack +| service.ports.http +| int +| `80` +| + | service.ports.https | int | `443` diff --git a/stalwart-mail/templates/deployment.yaml b/stalwart-mail/templates/deployment.yaml index 9aee1cd..b89f5e1 100644 --- a/stalwart-mail/templates/deployment.yaml +++ b/stalwart-mail/templates/deployment.yaml @@ -36,7 +36,7 @@ spec: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - {{- with .Values.image}} + {{- with .Values.image }} image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} {{- end }} @@ -53,6 +53,18 @@ spec: containerPort: {{ $port }} protocol: TCP {{- end }} + {{- with .Values.livenessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.readinessProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.startupProbe }} + livenessProbe: + {{- toYaml . | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: diff --git a/stalwart-mail/values.yaml b/stalwart-mail/values.yaml index 0259502..9932801 100644 --- a/stalwart-mail/values.yaml +++ b/stalwart-mail/values.yaml @@ -54,6 +54,9 @@ config: sieve: bind: ["[::]:4190"] protocol: "managesieve" + http: + protocol: "http" + bind: ["[::]:80"] https: protocol: "http" bind: ["[::]:443"] @@ -163,8 +166,18 @@ service: pop3: 110 pop3s: 995 sieve: 4190 + http: 80 https: 443 +livenessProbe: + httpGet: + path: /healthz/live + port: http +readinessProbe: + httpGet: + path: /healthz/ready + port: http + ingress: enabled: false className: "" -- 2.45.3 From 9fa8402d459ed4c3a098356ebeb7103a9c3c09f9 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 22 Jul 2024 12:05:20 +0200 Subject: [PATCH 047/256] fix(ntfy): typo in indent --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 2 +- ntfy/templates/deployment.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 7e837a7..ea0e1d6 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.1.12 +version: 0.1.13 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index b996dcd..3656189 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square[Version: 0.1.12] +image::https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square[Version: 0.1.13] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers diff --git a/ntfy/templates/deployment.yaml b/ntfy/templates/deployment.yaml index b959c46..16ede25 100644 --- a/ntfy/templates/deployment.yaml +++ b/ntfy/templates/deployment.yaml @@ -30,7 +30,7 @@ spec: {{- end }} {{- with .Values.updateStrategy }} updateStrategy: - {{- toYaml . | nindent 4 }} + {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "ntfy.serviceAccountName" . }} securityContext: -- 2.45.3 From f6823e2b464de97aa1b6fc2001be0704bd5e03e3 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 22 Jul 2024 12:07:10 +0200 Subject: [PATCH 048/256] fix(stalwart-mail): typo in probes --- stalwart-mail/Chart.yaml | 2 +- stalwart-mail/README.adoc | 2 +- stalwart-mail/templates/deployment.yaml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 87717d8..988da0d 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,7 +3,7 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.11 +version: 0.0.12 # renovate: image=docker.io/stalwartlabs/mail-server appVersion: "0.8.5" maintainers: diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index aec8b93..06bc038 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,7 +2,7 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square[Version: 0.0.11] +image::https://img.shields.io/badge/Version-0.0.12-informational?style=flat-square[Version: 0.0.12] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.5-informational?style=flat-square[AppVersion: 0.8.5] == Maintainers diff --git a/stalwart-mail/templates/deployment.yaml b/stalwart-mail/templates/deployment.yaml index b89f5e1..a6c92b1 100644 --- a/stalwart-mail/templates/deployment.yaml +++ b/stalwart-mail/templates/deployment.yaml @@ -58,11 +58,11 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.readinessProbe }} - livenessProbe: + readinessProbe: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.startupProbe }} - livenessProbe: + startupProbe: {{- toYaml . | nindent 12 }} {{- end }} resources: -- 2.45.3 From 8a869bd08d1d2ad36d7078fe6f4758d0dc093055 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 23 Jul 2024 13:57:31 +0200 Subject: [PATCH 049/256] fix(element-call): draft with lk-jwt --- docs/modules/charts/nav.adoc | 1 + docs/modules/charts/pages/element-call.adoc | 1 + element-call/.helmignore | 23 ++ element-call/Chart.yaml | 10 + element-call/README.adoc | 357 ++++++++++++++++++ element-call/_docs.gotmpl | 1 + element-call/templates/_helpers.tpl | 70 ++++ element-call/templates/configmap.yaml | 10 + element-call/templates/deployment.yaml | 76 ++++ element-call/templates/hpa.yaml | 32 ++ element-call/templates/ingress.yaml | 42 +++ element-call/templates/lk-jwt/deployment.yaml | 76 ++++ element-call/templates/lk-jwt/secret.yaml | 12 + element-call/templates/lk-jwt/service.yaml | 16 + .../templates/lk-jwt/serviceaccount.yaml | 15 + element-call/templates/service.yaml | 16 + element-call/templates/serviceaccount.yaml | 15 + element-call/values.yaml | 127 +++++++ 18 files changed, 900 insertions(+) create mode 120000 docs/modules/charts/pages/element-call.adoc create mode 100644 element-call/.helmignore create mode 100644 element-call/Chart.yaml create mode 100644 element-call/README.adoc create mode 100644 element-call/_docs.gotmpl create mode 100644 element-call/templates/_helpers.tpl create mode 100644 element-call/templates/configmap.yaml create mode 100644 element-call/templates/deployment.yaml create mode 100644 element-call/templates/hpa.yaml create mode 100644 element-call/templates/ingress.yaml create mode 100644 element-call/templates/lk-jwt/deployment.yaml create mode 100644 element-call/templates/lk-jwt/secret.yaml create mode 100644 element-call/templates/lk-jwt/service.yaml create mode 100644 element-call/templates/lk-jwt/serviceaccount.yaml create mode 100644 element-call/templates/service.yaml create mode 100644 element-call/templates/serviceaccount.yaml create mode 100644 element-call/values.yaml diff --git a/docs/modules/charts/nav.adoc b/docs/modules/charts/nav.adoc index 95897a7..017ce21 100644 --- a/docs/modules/charts/nav.adoc +++ b/docs/modules/charts/nav.adoc @@ -3,6 +3,7 @@ ** xref:alertmanager-ntfy.adoc[alertmanager-ntfy] ** xref:authentik-application.adoc[authentik-application] ** xref:conduit.adoc[conduit] +** xref:element-call.adoc[element-call] ** xref:forgejo-runner.adoc[forgejo-runner] ** xref:gotosocial.adoc[gotosocial] ** xref:grampsweb.adoc[grampsweb] diff --git a/docs/modules/charts/pages/element-call.adoc b/docs/modules/charts/pages/element-call.adoc new file mode 120000 index 0000000..c551b35 --- /dev/null +++ b/docs/modules/charts/pages/element-call.adoc @@ -0,0 +1 @@ +../../../../element-call/README.adoc \ No newline at end of file diff --git a/element-call/.helmignore b/element-call/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/element-call/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml new file mode 100644 index 0000000..3759519 --- /dev/null +++ b/element-call/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: element-call +description: Run Element-Call and his dependencies +type: application +version: 0.0.1 +# renovate: image=ghcr.io/element-hq/element-call +appVersion: "0.5.18" +maintainers: + - name: WrenIX + url: https://wrenix.eu diff --git a/element-call/README.adoc b/element-call/README.adoc new file mode 100644 index 0000000..f11fb87 --- /dev/null +++ b/element-call/README.adoc @@ -0,0 +1,357 @@ + + += element-call + +image::https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square[Version: 0.0.1] +image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] +image::https://img.shields.io/badge/AppVersion-0.5.18-informational?style=flat-square[AppVersion: 0.5.18] +== Maintainers + +.Maintainers +|=== +| Name | Email | Url + +| WrenIX +| +| +|=== + +== Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's https://helm.sh/docs[documentation] to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +[source,bash] +---- +helm pull oci://codeberg.org/wrenix/helm-charts/element-call +---- + +You can install a chart release using the following command: + +[source,bash] +---- +helm install element-call-release oci://codeberg.org/wrenix/helm-charts/element-call --values values.yaml +---- + +To uninstall a chart release use `helm`'s delete command: + +[source,bash] +---- +helm uninstall element-call-release +---- + +== Values + +.Values +|=== +| Key | Type | Default | Description + +| autoscaling.enabled +| bool +| `false` +| + +| autoscaling.maxReplicas +| int +| `100` +| + +| autoscaling.minReplicas +| int +| `1` +| + +| autoscaling.targetCPUUtilizationPercentage +| int +| `80` +| + +| fullnameOverride +| string +| `""` +| + +| global.image.pullPolicy +| string +| `nil` +| if set it will overwrite all pullPolicy + +| global.image.registry +| string +| `nil` +| if set it will overwrite all registry entries + +| imagePullSecrets +| list +| `[]` +| + +| ingress.annotations +| object +| `{}` +| + +| ingress.className +| string +| `""` +| + +| ingress.enabled +| bool +| `false` +| + +| ingress.tls +| list +| `[]` +| + +| nameOverride +| string +| `""` +| + +| service.call.affinity +| object +| `{}` +| + +| service.call.config +| object +| `{}` +| + +| service.call.image.pullPolicy +| string +| `"IfNotPresent"` +| + +| service.call.image.registry +| string +| `"ghcr.io"` +| + +| service.call.image.repository +| string +| `"element-hq/element-call:v0.5.18"` +| + +| service.call.image.tag +| string +| `nil` +| Overrides the image tag whose default is the chart appVersion. + +| service.call.ingress.host +| string +| `nil` +| + +| service.call.livenessProbe.httpGet.path +| string +| `"/"` +| + +| service.call.livenessProbe.httpGet.port +| string +| `"http"` +| + +| service.call.nodeSelector +| object +| `{}` +| + +| service.call.podAnnotations +| object +| `{}` +| + +| service.call.podLabels +| object +| `{}` +| + +| service.call.podSecurityContext +| object +| `{}` +| + +| service.call.readinessProbe.httpGet.path +| string +| `"/"` +| + +| service.call.readinessProbe.httpGet.port +| string +| `"http"` +| + +| service.call.replicaCount +| int +| `1` +| + +| service.call.resources +| object +| `{}` +| + +| service.call.securityContext +| object +| `{}` +| + +| service.call.serviceAccount.annotations +| object +| `{}` +| + +| service.call.serviceAccount.automount +| bool +| `true` +| + +| service.call.serviceAccount.create +| bool +| `true` +| + +| service.call.serviceAccount.name +| string +| `""` +| + +| service.call.tolerations +| list +| `[]` +| + +| service.lkJWT.affinity +| object +| `{}` +| + +| service.lkJWT.config.key +| string +| `"devkey"` +| + +| service.lkJWT.config.secret +| string +| `"secret"` +| + +| service.lkJWT.config.url +| string +| `""` +| + +| service.lkJWT.image.pullPolicy +| string +| `"IfNotPresent"` +| + +| service.lkJWT.image.registry +| string +| `"ghcr.io"` +| + +| service.lkJWT.image.repository +| string +| `"element-hq/lk-jwt-service"` +| + +| service.lkJWT.image.tag +| string +| `"sha-4a29504"` +| + +| service.lkJWT.ingress.host +| string +| `nil` +| + +| service.lkJWT.livenessProbe.httpGet.path +| string +| `"/healthz"` +| + +| service.lkJWT.livenessProbe.httpGet.port +| string +| `"http"` +| + +| service.lkJWT.nodeSelector +| object +| `{}` +| + +| service.lkJWT.podAnnotations +| object +| `{}` +| + +| service.lkJWT.podLabels +| object +| `{}` +| + +| service.lkJWT.podSecurityContext +| object +| `{}` +| + +| service.lkJWT.readinessProbe.httpGet.path +| string +| `"/healthz"` +| + +| service.lkJWT.readinessProbe.httpGet.port +| string +| `"http"` +| + +| service.lkJWT.replicaCount +| int +| `1` +| + +| service.lkJWT.resources +| object +| `{}` +| + +| service.lkJWT.securityContext +| object +| `{}` +| + +| service.lkJWT.serviceAccount.annotations +| object +| `{}` +| + +| service.lkJWT.serviceAccount.automount +| bool +| `true` +| + +| service.lkJWT.serviceAccount.create +| bool +| `true` +| + +| service.lkJWT.serviceAccount.name +| string +| `""` +| + +| service.lkJWT.tolerations +| list +| `[]` +| +|=== + +Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] + diff --git a/element-call/_docs.gotmpl b/element-call/_docs.gotmpl new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/element-call/_docs.gotmpl @@ -0,0 +1 @@ + diff --git a/element-call/templates/_helpers.tpl b/element-call/templates/_helpers.tpl new file mode 100644 index 0000000..063b922 --- /dev/null +++ b/element-call/templates/_helpers.tpl @@ -0,0 +1,70 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "element-call.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "element-call.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "element-call.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "element-call.labels" -}} +helm.sh/chart: {{ include "element-call.chart" . }} +{{ include "element-call.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "element-call.selectorLabels" -}} +app.kubernetes.io/name: {{ include "element-call.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "element-call.serviceAccountName" -}} +{{- $ := get . "root" }} +{{- $suffix := get . "suffix" }} +{{- with get . "ctx" }} +{{- if .serviceAccount.create }} +{{- if $suffix }} +{{- default (printf "%s-%s" (include "element-call.fullname" $) $suffix) .serviceAccount.name }} +{{- else }} +{{- default (include "element-call.fullname" $) .serviceAccount.name }} +{{- end }} +{{- else }} +{{- default "default" .serviceAccount.name }} +{{- end }} +{{- end }} +{{- end }} diff --git a/element-call/templates/configmap.yaml b/element-call/templates/configmap.yaml new file mode 100644 index 0000000..4e7df01 --- /dev/null +++ b/element-call/templates/configmap.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "element-call.fullname" . }} + labels: + {{- include "element-call.labels" . | nindent 4 }} +data: + "config.json": | + {{- toJson .Values.service.call.config | nindent 4 }} diff --git a/element-call/templates/deployment.yaml b/element-call/templates/deployment.yaml new file mode 100644 index 0000000..695a1a4 --- /dev/null +++ b/element-call/templates/deployment.yaml @@ -0,0 +1,76 @@ +{{- $fullName := include "element-call.fullname" . -}} +{{- with .Values.service.call }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullName }} + labels: + {{- include "element-call.labels" $ | nindent 4 }} + app.kubernetes.io/component: call +spec: + {{- if not $.Values.autoscaling.enabled }} + replicas: {{ .replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "element-call.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: call + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "element-call.labels" $ | nindent 8 }} + app.kubernetes.io/component: call + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with $.Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "element-call.serviceAccountName" (dict "root" $ "ctx" .) }} + securityContext: + {{- toYaml .podSecurityContext | nindent 8 }} + containers: + - name: call + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + resources: + {{- toYaml .resources | nindent 12 }} + volumeMounts: + - mountPath: /app/config.json + name: config + subPath: config.json + volumes: + - name: config + configMap: + name: {{ $fullName }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }}{{/* end-with .service.call */}} diff --git a/element-call/templates/hpa.yaml b/element-call/templates/hpa.yaml new file mode 100644 index 0000000..573a25d --- /dev/null +++ b/element-call/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "element-call.fullname" . }} + labels: + {{- include "element-call.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "element-call.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/element-call/templates/ingress.yaml b/element-call/templates/ingress.yaml new file mode 100644 index 0000000..b3db40b --- /dev/null +++ b/element-call/templates/ingress.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "element-call.fullname" . -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "element-call.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.ingress.className }} + ingressClassName: {{ . }} + {{- end }} + {{- with .Values.ingress.tls }} + tls: + {{- toYaml . | nindent 4 }} + {{- end }} + rules: + - host: {{ .Values.service.call.ingress.host | quote }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ $fullName }} + port: + name: http + - host: {{ .Values.service.lkJWT.ingress.host | quote }} + http: + paths: + - path: /sfu/get + pathType: Exactly + backend: + service: + name: {{ $fullName }}-lk-jwt + port: + name: http +{{- end }} diff --git a/element-call/templates/lk-jwt/deployment.yaml b/element-call/templates/lk-jwt/deployment.yaml new file mode 100644 index 0000000..c504d72 --- /dev/null +++ b/element-call/templates/lk-jwt/deployment.yaml @@ -0,0 +1,76 @@ +{{- $fullName := include "element-call.fullname" . -}} +{{- with .Values.service.lkJWT }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ $fullName }}-lk-jwt + labels: + {{- include "element-call.labels" $ | nindent 4 }} + app.kubernetes.io/component: lk-jwt +spec: + {{- if not $.Values.autoscaling.enabled }} + replicas: {{ .replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "element-call.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: lk-jwt + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "element-call.labels" $ | nindent 8 }} + app.kubernetes.io/component: lk-jwt + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with $.Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "element-call.serviceAccountName" (dict "root" $ "ctx" . "suffix" "lk-jwt") }} + securityContext: + {{- toYaml .podSecurityContext | nindent 8 }} + containers: + - name: lk-jwt + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + env: + - name: "LK_JWT_PORT" + value: "8080" + - name: "LIVEKIT_URL" + value: {{ .config.url }} + envFrom: + - secretRef: + name: {{ $fullName }}-lk-jwt + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }}{{/* end-with .Values.service.lkJWT */}} diff --git a/element-call/templates/lk-jwt/secret.yaml b/element-call/templates/lk-jwt/secret.yaml new file mode 100644 index 0000000..06968fd --- /dev/null +++ b/element-call/templates/lk-jwt/secret.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "element-call.fullname" . }}-lk-jwt + labels: + {{- include "element-call.labels" . | nindent 4 }} +data: + {{- with .Values.service.lkJWT.config }} + LIVEKIT_KEY: {{ .key | b64enc }} + LIVEKIT_SECRET: {{ .secret | b64enc }} + {{- end }} diff --git a/element-call/templates/lk-jwt/service.yaml b/element-call/templates/lk-jwt/service.yaml new file mode 100644 index 0000000..a0f0e38 --- /dev/null +++ b/element-call/templates/lk-jwt/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "element-call.fullname" . }}-lk-jwt + labels: + {{- include "element-call.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + {{- include "element-call.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: lk-jwt diff --git a/element-call/templates/lk-jwt/serviceaccount.yaml b/element-call/templates/lk-jwt/serviceaccount.yaml new file mode 100644 index 0000000..f46447e --- /dev/null +++ b/element-call/templates/lk-jwt/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- with .Values.service.lkJWT }} +{{- if .serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "element-call.serviceAccountName" (dict "root" $ "ctx" . "suffix" "lk-jwt") }} + labels: + {{- include "element-call.labels" $ | nindent 4 }} + {{- with .serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .serviceAccount.automount }} +{{- end }} +{{- end }} diff --git a/element-call/templates/service.yaml b/element-call/templates/service.yaml new file mode 100644 index 0000000..cb76c9e --- /dev/null +++ b/element-call/templates/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "element-call.fullname" . }} + labels: + {{- include "element-call.labels" . | nindent 4 }} +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + {{- include "element-call.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: call diff --git a/element-call/templates/serviceaccount.yaml b/element-call/templates/serviceaccount.yaml new file mode 100644 index 0000000..806d9f0 --- /dev/null +++ b/element-call/templates/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- with .Values.service.call }} +{{- if .serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "element-call.serviceAccountName" (dict "root" $ "ctx" . "suffix" "") }} + labels: + {{- include "element-call.labels" $ | nindent 4 }} + {{- with .serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .serviceAccount.automount }} +{{- end }} +{{- end }} diff --git a/element-call/values.yaml b/element-call/values.yaml new file mode 100644 index 0000000..5da5a53 --- /dev/null +++ b/element-call/values.yaml @@ -0,0 +1,127 @@ +global: + image: + # -- if set it will overwrite all registry entries + registry: + # -- if set it will overwrite all pullPolicy + pullPolicy: + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + + + +ingress: + enabled: false + className: "" + annotations: {} + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +service: + call: + replicaCount: 1 + image: + registry: ghcr.io + repository: element-hq/element-call + pullPolicy: IfNotPresent + # -- Overrides the image tag whose default is the chart appVersion. + tag: + config: {} + ingress: + host: + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: {} + serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + podAnnotations: {} + podLabels: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + nodeSelector: {} + tolerations: [] + affinity: {} + + lkJWT: + replicaCount: 1 + image: + registry: ghcr.io + repository: element-hq/lk-jwt-service + pullPolicy: IfNotPresent + tag: sha-4a29504 + config: + url: "" + key: "devkey" + secret: "secret" + ingress: + host: + livenessProbe: + httpGet: + path: /healthz + port: http + readinessProbe: + httpGet: + path: /healthz + port: http + resources: {} + serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + podAnnotations: {} + podLabels: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + nodeSelector: {} + tolerations: [] + affinity: {} -- 2.45.3 From 514f95ee357666c13bdf909d00a8e16c8bf2e8af Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 23 Jul 2024 15:19:32 +0200 Subject: [PATCH 050/256] fix(element-call): update appVersion --- element-call/README.adoc | 2 +- element-call/templates/ingress.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/element-call/README.adoc b/element-call/README.adoc index f11fb87..4ba80f3 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -134,7 +134,7 @@ helm uninstall element-call-release | service.call.image.repository | string -| `"element-hq/element-call:v0.5.18"` +| `"element-hq/element-call"` | | service.call.image.tag diff --git a/element-call/templates/ingress.yaml b/element-call/templates/ingress.yaml index b3db40b..b31c1e4 100644 --- a/element-call/templates/ingress.yaml +++ b/element-call/templates/ingress.yaml @@ -33,7 +33,7 @@ spec: http: paths: - path: /sfu/get - pathType: Exactly + pathType: Exact backend: service: name: {{ $fullName }}-lk-jwt -- 2.45.3 From 00f54c07ed797a1f9567cb89fe000e5e8718c3d7 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 23 Jul 2024 16:47:05 +0200 Subject: [PATCH 051/256] feat(matrix-sliding-sync): add opentelemetry suppor --- matrix-sliding-sync/Chart.yaml | 2 +- matrix-sliding-sync/README.adoc | 17 ++++++++++++++++- matrix-sliding-sync/templates/secrets.yaml | 11 +++++++++++ matrix-sliding-sync/values.yaml | 4 ++++ 4 files changed, 32 insertions(+), 2 deletions(-) diff --git a/matrix-sliding-sync/Chart.yaml b/matrix-sliding-sync/Chart.yaml index 59301bc..4f519fc 100644 --- a/matrix-sliding-sync/Chart.yaml +++ b/matrix-sliding-sync/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-sliding-sync description: Proxy implementation of MSC3575's sync protocol. icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.1.3 +version: 0.2.0 # renovate: image=ghcr.io/matrix-org/sliding-sync appVersion: "0.99.19" maintainers: diff --git a/matrix-sliding-sync/README.adoc b/matrix-sliding-sync/README.adoc index 8f408c1..29cd261 100644 --- a/matrix-sliding-sync/README.adoc +++ b/matrix-sliding-sync/README.adoc @@ -2,7 +2,7 @@ = matrix-sliding-sync -image::https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square[Version: 0.1.3] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.99.19-informational?style=flat-square[AppVersion: 0.99.19] == Maintainers @@ -87,6 +87,21 @@ helm uninstall matrix-sliding-sync-release | `9100` | +| config.opentelemetry.password +| string +| `nil` +| + +| config.opentelemetry.url +| string +| `nil` +| + +| config.opentelemetry.username +| string +| `nil` +| + | config.postgresql.database | string | `"sliding_sync"` diff --git a/matrix-sliding-sync/templates/secrets.yaml b/matrix-sliding-sync/templates/secrets.yaml index 43b2e59..531e392 100644 --- a/matrix-sliding-sync/templates/secrets.yaml +++ b/matrix-sliding-sync/templates/secrets.yaml @@ -27,5 +27,16 @@ data: {{- with .Values.config.metrics }} SYNCV3_PROM: {{ printf ":%v" . | b64enc }} {{- end }} + {{- with .Values.config.opentelemetry }} + {{- with .url }} + SYNCV3_OTLP_URL: {{ . | b64enc }} + {{- end }} + {{- with .username }} + SYNCV3_OTLP_USERNAME: {{ . | b64enc }} + {{- end }} + {{- with .password }} + SYNCV3_OTLP_PASSWORD: {{ . | b64enc }} + {{- end }} + {{- end }} SYNCV3_LOG_LEVEL: {{ .Values.config.logLevel | b64enc }} SYNCV3_MAX_DB_CONN: {{ toString .Values.config.postgresql.maxConn | b64enc }} diff --git a/matrix-sliding-sync/values.yaml b/matrix-sliding-sync/values.yaml index ecb4e08..f3d494c 100644 --- a/matrix-sliding-sync/values.yaml +++ b/matrix-sliding-sync/values.yaml @@ -27,6 +27,10 @@ config: sslmode: disable maxConn: 0 metrics: 9100 + opentelemetry: + url: + username: + password: logLevel: INFO imagePullSecrets: [] -- 2.45.3 From 1f45a8d4d7826c92dbc1bdd3ef8a6a28c97a091c Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 15 Jul 2024 18:36:24 +0200 Subject: [PATCH 052/256] feat(ntfy): add support to set env and envFrom --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 16 +++++++++++++--- ntfy/templates/deployment.yaml | 7 +++++++ ntfy/values.yaml | 7 +++++++ 4 files changed, 28 insertions(+), 4 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index ea0e1d6..a220ee4 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.1.13 +version: 0.2.0 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 3656189..af49c20 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square[Version: 0.1.13] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -72,6 +72,16 @@ helm uninstall ntfy-release | `80` | +| env +| list +| `[]` +| set env in container for usage Environment variables + +| envFrom +| list +| `[]` +| set envFrom in container for usage of ConfigMaps or Secrets as a bunch of Environment variables + | fullnameOverride | string | `""` @@ -435,7 +445,7 @@ helm uninstall ntfy-release | podSecurityContext | object | `{}` -| +| set securityContext on pod level | prometheus.rules.additionalRules | list @@ -475,7 +485,7 @@ helm uninstall ntfy-release | securityContext | object | `{}` -| +| set securityContext on container level | service.http.port | int diff --git a/ntfy/templates/deployment.yaml b/ntfy/templates/deployment.yaml index 16ede25..9ea830b 100644 --- a/ntfy/templates/deployment.yaml +++ b/ntfy/templates/deployment.yaml @@ -42,9 +42,16 @@ spec: image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}" imagePullPolicy: {{ .Values.image.pullPolicy }} args: [ "serve" ] + {{- with .Values.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} envFrom: - configMapRef: name: {{ include "ntfy.fullname" . }}-env + {{- with .Values.envFrom }} + {{- toYaml . | nindent 12 }} + {{- end }} ports: - name: http containerPort: {{ .Values.service.http.port }} diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 36c773b..1047f8f 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -144,9 +144,16 @@ serviceAccount: podLabels: {} podAnnotations: {} +# -- set env in container for usage Environment variables +env: [] +# -- set envFrom in container for usage of ConfigMaps or Secrets as a bunch of Environment variables +envFrom: [] + +# -- set securityContext on pod level podSecurityContext: {} # fsGroup: 2000 +# -- set securityContext on container level securityContext: {} # capabilities: # drop: -- 2.45.3 From 540393064d6f2737b95cef81b26dde47326fbec4 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 26 Jul 2024 02:21:20 +0200 Subject: [PATCH 053/256] feat(ntfy): add web push support --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 32 ++++++++++++- ntfy/templates/configmap.yaml | 12 ++++- ntfy/templates/deployment.yaml | 2 + ntfy/templates/secret.yaml | 32 +++++++++++++ ntfy/templates/setup/job.yaml | 61 ++++++++++++++++++++++++ ntfy/templates/setup/role.yaml | 22 +++++++++ ntfy/templates/setup/rolebinding.yaml | 19 ++++++++ ntfy/templates/setup/serviceaccount.yaml | 9 ++++ ntfy/values.yaml | 15 ++++++ 10 files changed, 203 insertions(+), 3 deletions(-) create mode 100644 ntfy/templates/secret.yaml create mode 100644 ntfy/templates/setup/job.yaml create mode 100644 ntfy/templates/setup/role.yaml create mode 100644 ntfy/templates/setup/rolebinding.yaml create mode 100644 ntfy/templates/setup/serviceaccount.yaml diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index a220ee4..33ae18b 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.2.0 +version: 0.3.0 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index af49c20..7778348 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -157,6 +157,11 @@ helm uninstall ntfy-release | `[]` | +| kubectl.image +| object +| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.30.3"}` +| image needed for setup (store generated VAPID / WebPush keys) + | nameOverride | string | `""` @@ -392,6 +397,31 @@ helm uninstall ntfy-release | `30` | +| ntfy.webPush.emailAddress +| string +| `""` +| + +| ntfy.webPush.file +| string +| `"/data/webpush.db"` +| + +| ntfy.webPush.keys.create +| bool +| `false` +| + +| ntfy.webPush.keys.private +| string +| `nil` +| + +| ntfy.webPush.keys.public +| string +| `nil` +| + | ntfy.webRoot | string | `"app"` diff --git a/ntfy/templates/configmap.yaml b/ntfy/templates/configmap.yaml index e7bd7d5..87c9066 100644 --- a/ntfy/templates/configmap.yaml +++ b/ntfy/templates/configmap.yaml @@ -83,6 +83,16 @@ data: {{- end }} {{- end }} + # web-push + {{- with .Values.ntfy.webPush }} + {{- with .file }} + NTFY_WEB_PUSH_FILE: {{ . | quote }} + {{- end }} + {{- with .emailAddress }} + NTFY_WEB_PUSH_EMAIL_ADDRESS: {{ . | quote }} + {{- end }} + {{- end }} + {{- with .Values.ntfy.keepaliveInterval }} NTFY_KEEPALIVE_INTERVAL: {{ . | quote }} {{- end }} @@ -131,4 +141,4 @@ data: NTFY_ENABLE_LOGIN: {{ .Values.ntfy.enableLogin | quote }} NTFY_ENABLE_RESERVATIONS: {{ .Values.ntfy.enableReservations | quote }} NTFY_ENABLE_METRICS: {{ .Values.ntfy.metrics.enable | quote }} - NTFY_METRICS_LISTEN_HTTP: ":{{ .Values.ntfy.metrics.port }}" \ No newline at end of file + NTFY_METRICS_LISTEN_HTTP: ":{{ .Values.ntfy.metrics.port }}" diff --git a/ntfy/templates/deployment.yaml b/ntfy/templates/deployment.yaml index 9ea830b..98692e0 100644 --- a/ntfy/templates/deployment.yaml +++ b/ntfy/templates/deployment.yaml @@ -49,6 +49,8 @@ spec: envFrom: - configMapRef: name: {{ include "ntfy.fullname" . }}-env + - secretRef: + name: {{ include "ntfy.fullname" . }}-env {{- with .Values.envFrom }} {{- toYaml . | nindent 12 }} {{- end }} diff --git a/ntfy/templates/secret.yaml b/ntfy/templates/secret.yaml new file mode 100644 index 0000000..32cb8a7 --- /dev/null +++ b/ntfy/templates/secret.yaml @@ -0,0 +1,32 @@ +--- +{{- $fullname := include "ntfy.fullname" . }} +{{- $secretName := printf "%s-env" $fullname }} +{{- $public := .Values.ntfy.webPush.keys.public }} +{{- $private := .Values.ntfy.webPush.keys.private }} + +{{- with (lookup "v1" "Secret" .Release.Namespace $secretName)}} +{{- with get . "data" }} +{{- $public = $public | default (get . "NTFY_WEB_PUSH_PUBLIC_KEY" | b64dec) }} +{{- $private = $private | default (get . "NTFY_WEB_PUSH_PRIVATE_KEY" | b64dec) }} +{{- end }} +{{- end }} + + +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + annotations: + helm.sh/resource-policy: keep + confighash: {{ .Values.ntfy | toYaml | sha256sum | trunc 32 }} + labels: + {{- include "ntfy.labels" . | nindent 4 }} +data: + + # web-push + {{- with $public }} + NTFY_WEB_PUSH_PUBLIC_KEY: {{ . | b64enc }} + {{- end }} + {{- with $private }} + NTFY_WEB_PUSH_PRIVATE_KEY: {{ . | b64enc }} + {{- end }} diff --git a/ntfy/templates/setup/job.yaml b/ntfy/templates/setup/job.yaml new file mode 100644 index 0000000..2050ec8 --- /dev/null +++ b/ntfy/templates/setup/job.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ntfy.webPush.keys.create }} +--- +{{- $fullname := (include "ntfy.fullname" .) }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ $fullname }}-setup + labels: + {{- include "ntfy.labels" . | nindent 4 }} + app.kubernetes.io/component: setup-job +spec: + template: + metadata: + labels: + {{- include "ntfy.labels" . | nindent 8 }} + app.kubernetes.io/component: setup-job + spec: + restartPolicy: "Never" + serviceAccount: {{ $fullname }}-setup + containers: + - name: upload-config + image: "{{ .Values.kubectl.image.registry }}/{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" + command: + - sh + - -c + - | + # check if key already exists + key=$(kubectl get secret {{ $fullname }}-env -o jsonpath="{.data['NTFY_WEB_PUSH_PRIVATE_KEY']}" 2> /dev/null) + [ $? -ne 0 ] && echo "Failed to get existing secret" && exit 1 + [ -n "$key" ] && echo "Config already created, exiting." && exit 0 + # wait for config + while [ ! -f /data/output ]; do + echo "Waiting for config.." + sleep 5; + done + # update secret + public=$(grep -Po 'web-push-public-key: \K[^$]*' /data/output) + private=$(grep -Po 'web-push-private-key: \K[^$]*' /data/output) + kubectl patch secret {{ $fullname }}-env -p '{"data":{"NTFY_WEB_PUSH_PRIVATE_KEY":"'$(echo -n "$private" | base64 -w 0)'","NTFY_WEB_PUSH_PUBLIC_KEY":"'$(echo -n "$public" | base64 -w 0)'"}}' + [ $? -ne 0 ] && echo "Failed to update secret." && exit 1 + echo "VAPID/WebPush successfully setup with public-key: ${public}" + volumeMounts: + - mountPath: /data/ + name: data + readOnly: true + - name: generate-config + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default (printf "v%s" .Chart.AppVersion) }}" + command: + - sh + - -c + - ntfy webpush keys 2> /data/output + volumeMounts: + - mountPath: /data/ + name: data + volumes: + - name: data + emptyDir: {} + parallelism: 1 + completions: 1 + backoffLimit: 1 +{{- end }} diff --git a/ntfy/templates/setup/role.yaml b/ntfy/templates/setup/role.yaml new file mode 100644 index 0000000..23d93da --- /dev/null +++ b/ntfy/templates/setup/role.yaml @@ -0,0 +1,22 @@ +{{- if .Values.ntfy.webPush.keys.create }} +--- +{{- $fullname := (include "ntfy.fullname" .) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ $fullname }}-setup + labels: + {{- include "ntfy.labels" . | nindent 4 }} + app.kubernetes.io/component: setup-job +rules: + - apiGroups: + - "" + resources: + - secrets + resourceNames: + - {{ $fullname }}-env + verbs: + - get + - update + - patch +{{- end }} diff --git a/ntfy/templates/setup/rolebinding.yaml b/ntfy/templates/setup/rolebinding.yaml new file mode 100644 index 0000000..64eab0f --- /dev/null +++ b/ntfy/templates/setup/rolebinding.yaml @@ -0,0 +1,19 @@ +{{- if .Values.ntfy.webPush.keys.create }} +--- +{{- $fullname := (include "ntfy.fullname" .) }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ $fullname }}-setup + labels: + {{- include "ntfy.labels" . | nindent 4 }} + app.kubernetes.io/component: setup-job +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ $fullname }}-setup +subjects: + - kind: ServiceAccount + name: {{ $fullname }}-setup + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/ntfy/templates/setup/serviceaccount.yaml b/ntfy/templates/setup/serviceaccount.yaml new file mode 100644 index 0000000..1b5d727 --- /dev/null +++ b/ntfy/templates/setup/serviceaccount.yaml @@ -0,0 +1,9 @@ +{{- if .Values.ntfy.webPush.keys.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ntfy.fullname" . }}-setup + labels: + {{- include "ntfy.labels" . | nindent 4 }} + app.kubernetes.io/component: setup-job +{{- end }} diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 1047f8f..3644059 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -10,6 +10,14 @@ image: # Overrides the image tag whose default is the chart appVersion. tag: "" +kubectl: + # -- image needed for setup (store generated VAPID / WebPush keys) + image: + registry: docker.io + repository: bitnami/kubectl + pullPolicy: IfNotPresent + tag: 1.30.3 + imagePullSecrets: [] nameOverride: "" fullnameOverride: "" @@ -66,6 +74,13 @@ ntfy: server: domain: null addrPrefix: null + webPush: + keys: + create: false + public: + private: + file: "/data/webpush.db" + emailAddress: "" globalTopicLimit: 15000 visitor: subscriptionLimit: 30 -- 2.45.3 From 98d56f9a32031f5ac95601947f28adede9c515da Mon Sep 17 00:00:00 2001 From: pat-s Date: Fri, 26 Jul 2024 10:14:41 +0200 Subject: [PATCH 054/256] fix(ntfy): updateStrategy move to correct place --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 2 +- ntfy/templates/deployment.yaml | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 33ae18b..8132177 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.3.0 +version: 0.3.1 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 7778348..879e49b 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] +image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers diff --git a/ntfy/templates/deployment.yaml b/ntfy/templates/deployment.yaml index 98692e0..7636ccc 100644 --- a/ntfy/templates/deployment.yaml +++ b/ntfy/templates/deployment.yaml @@ -11,6 +11,10 @@ spec: selector: matchLabels: {{- include "ntfy.selectorLabels" . | nindent 6 }} + strategy: + {{- with .Values.updateStrategy }} + {{- toYaml . | nindent 4 }} + {{- end }} template: metadata: annotations: @@ -28,10 +32,6 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.updateStrategy }} - updateStrategy: - {{- toYaml . | nindent 8 }} - {{- end }} serviceAccountName: {{ include "ntfy.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} -- 2.45.3 From 811b96fdd62a4594c39b7069840d305b710138d4 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 4 Aug 2024 15:07:08 +0200 Subject: [PATCH 055/256] fix(grampsweb): update AppVersion v24.7.1 --- grampsweb/Chart.yaml | 4 ++-- grampsweb/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index 21deb39..d4379b6 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.1.14 +version: 0.1.15 # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.7.0" +appVersion: "24.7.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index de59de3..d4b5a1e 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,9 +2,9 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.1.14-informational?style=flat-square[Version: 0.1.14] +image::https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square[Version: 0.1.15] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-24.7.0-informational?style=flat-square[AppVersion: 24.7.0] +image::https://img.shields.io/badge/AppVersion-24.7.1-informational?style=flat-square[AppVersion: 24.7.1] == Maintainers .Maintainers -- 2.45.3 From 0f4fb68e2e58cd6e6d846440064333753b9288c2 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 4 Aug 2024 15:08:58 +0200 Subject: [PATCH 056/256] fix(home-assistant): update AppVersion v2024.7.1 and zigbee2mqtt --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 169a5dc..36f352a 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.20 +version: 0.1.21 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.7.3" +appVersion: "2024.7.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 63d36ff..8c7fbc7 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.20-informational?style=flat-square[Version: 0.1.20] +image::https://img.shields.io/badge/Version-0.1.21-informational?style=flat-square[Version: 0.1.21] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.7.3-informational?style=flat-square[AppVersion: 2024.7.3] +image::https://img.shields.io/badge/AppVersion-2024.7.4-informational?style=flat-square[AppVersion: 2024.7.4] == Maintainers .Maintainers @@ -384,7 +384,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.tag | string -| `"1.39.0"` +| `"1.39.1"` | | zigbee2mqtt.ingress.hosts diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index 7253491..e14d88c 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.39.0 + tag: 1.39.1 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From 4e92238ebd483773f36fa56e324d41dd6505a29e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 4 Aug 2024 15:13:13 +0200 Subject: [PATCH 057/256] fix(forgejo-runner): update dependencies (docker-in-docker v27.1.1) --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index f8e99da..2f4dbec 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.5 +version: 0.2.6 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.0" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 84a1c8b..70b42c5 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] +image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.0-informational?style=flat-square[AppVersion: 3.5.0] == Maintainers @@ -245,7 +245,7 @@ helm uninstall forgejo-runner-release | dind.image.tag | string -| `"27.0.3-dind"` +| `"27.1.1-dind"` | | fullnameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 7ee4169..2da0d37 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -141,7 +141,7 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.0.3-dind + tag: 27.1.1-dind kubectl: image: registry: docker.io -- 2.45.3 From 46cd9fc3f54e888569b61665add0293edfd5afbe Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 4 Aug 2024 15:14:21 +0200 Subject: [PATCH 058/256] fix(matrix-synapse): update alpine v3.20.2 --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 4 ++-- matrix-synapse/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index c3a0aca..ebbfe87 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.5 +version: 0.2.6 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.101.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 718d700..c69e31f 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] +image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.101.0-informational?style=flat-square[AppVersion: 1.101.0] == Maintainers @@ -569,7 +569,7 @@ helm uninstall matrix-synapse-release | volumePermissions.image.tag | string -| `"3.20.1"` +| `"3.20.2"` | | volumePermissions.resources diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 278f3fe..e7538e8 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -790,7 +790,7 @@ volumePermissions: image: registry: docker.io repository: library/alpine - tag: 3.20.1 + tag: 3.20.2 pullPolicy: Always ## Optionally specify an array of imagePullSecrets. -- 2.45.3 From 9ad82a6ee1c92cb8489c38046d82683de2041449 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 7 Aug 2024 16:16:41 +0200 Subject: [PATCH 059/256] fix(jellyfin): update AppVersion v10.9.9 --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index e1d1438..ec75b6d 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.2.2 +version: 0.2.3 # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.9.8" +appVersion: "10.9.9" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index 965b17a..de793e0 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] +image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.9.8-informational?style=flat-square[AppVersion: 10.9.8] +image::https://img.shields.io/badge/AppVersion-10.9.9-informational?style=flat-square[AppVersion: 10.9.9] == Maintainers .Maintainers -- 2.45.3 From 19702722094b0339afb5e4abee64db7fda2f10d2 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 9 Aug 2024 10:23:40 +0200 Subject: [PATCH 060/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 36f352a..3e65133 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.21 +version: 0.1.22 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.7.4" +appVersion: "2024.8.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 8c7fbc7..a04cb23 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.21-informational?style=flat-square[Version: 0.1.21] +image::https://img.shields.io/badge/Version-0.1.22-informational?style=flat-square[Version: 0.1.22] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.7.4-informational?style=flat-square[AppVersion: 2024.7.4] +image::https://img.shields.io/badge/AppVersion-2024.8.0-informational?style=flat-square[AppVersion: 2024.8.0] == Maintainers .Maintainers -- 2.45.3 From 3cf062a20ef64d51cf81fd7ba1aec03d8f90c2ab Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 9 Aug 2024 10:23:44 +0200 Subject: [PATCH 061/256] fix(postgresql): update appVersion --- postgresql/Chart.yaml | 4 ++-- postgresql/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/postgresql/Chart.yaml b/postgresql/Chart.yaml index fa769ef..53d8be9 100644 --- a/postgresql/Chart.yaml +++ b/postgresql/Chart.yaml @@ -4,9 +4,9 @@ name: "postgresql" description: "A Helm chart for running PostgreSQL (Postgres) database" icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg type: "application" -version: "0.1.9" +version: "0.1.10" # renovate: image=docker.io/library/postgres -appVersion: "16.3-alpine" +appVersion: "16.4-alpine" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/postgresql/README.adoc b/postgresql/README.adoc index 4ab1eb1..f536e5f 100644 --- a/postgresql/README.adoc +++ b/postgresql/README.adoc @@ -2,9 +2,9 @@ = postgresql -image::https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square[Version: 0.1.9] +image::https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square[Version: 0.1.10] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-16.3-alpine-informational?style=flat-square[AppVersion: 16.3-alpine] +image::https://img.shields.io/badge/AppVersion-16.4-alpine-informational?style=flat-square[AppVersion: 16.4-alpine] == Maintainers .Maintainers -- 2.45.3 From 3ee4a6ac9204582c500732998925a45015c4f544 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 12 Aug 2024 13:47:10 +0200 Subject: [PATCH 062/256] fix(stalwart-mail): update AppVersion v0.9.1 (and scrape metrics) --- stalwart-mail/Chart.yaml | 4 +-- stalwart-mail/README.adoc | 39 +++++++++++++++++++-- stalwart-mail/templates/servicemonitor.yaml | 25 +++++++++++++ stalwart-mail/values.yaml | 13 +++++++ 4 files changed, 77 insertions(+), 4 deletions(-) create mode 100644 stalwart-mail/templates/servicemonitor.yaml diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 988da0d..1d53947 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.12 +version: 0.0.13 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.8.5" +appVersion: "0.9.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index 06bc038..a4fd58c 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.12-informational?style=flat-square[Version: 0.0.12] +image::https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square[Version: 0.0.13] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.8.5-informational?style=flat-square[AppVersion: 0.8.5] +image::https://img.shields.io/badge/AppVersion-0.9.1-informational?style=flat-square[AppVersion: 0.9.1] == Maintainers .Maintainers @@ -159,6 +159,21 @@ helm uninstall stalwart-mail-release | `"internal"` | +| config.metrics.prometheus.auth.secret +| string +| `"%{env:METRICS_SECRET}%"` +| + +| config.metrics.prometheus.auth.username +| string +| `"%{env:METRICS_USERNAME}%"` +| + +| config.metrics.prometheus.enable +| bool +| `true` +| + | config.server.listener.http.bind[0] | string | `"[::]:80"` @@ -519,6 +534,16 @@ helm uninstall stalwart-mail-release | `{}` | +| prometheus.servicemonitor.enabled +| bool +| `false` +| + +| prometheus.servicemonitor.labels +| object +| `{}` +| + | readinessProbe.httpGet.path | string | `"/healthz/ready"` @@ -539,6 +564,16 @@ helm uninstall stalwart-mail-release | `{}` | +| secrets.env.METRICS_SECRET +| string +| `"scrape_metrics_password"` +| + +| secrets.env.METRICS_USERNAME +| string +| `"scrape_metrics_user"` +| + | securityContext | object | `{}` diff --git a/stalwart-mail/templates/servicemonitor.yaml b/stalwart-mail/templates/servicemonitor.yaml new file mode 100644 index 0000000..ef8058f --- /dev/null +++ b/stalwart-mail/templates/servicemonitor.yaml @@ -0,0 +1,25 @@ +{{- if and .Values.config.metrics.prometheus.enable .Values.prometheus.servicemonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "stalwart-mail.fullname" . }} + labels: + {{- include "stalwart-mail.labels" . | nindent 4 }} + {{- with .Values.prometheus.servicemonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "stalwart-mail.selectorLabels" . | nindent 6 }} + endpoints: + - port: http + path: "/metrics/prometheus" + basicAuth: + username: + name: {{ include "stalwart-mail.fullname" . }}-env + key: METRICS_USERNAME + password: + name: {{ include "stalwart-mail.fullname" . }}-env + key: METRICS_SECRET +{{- end }} diff --git a/stalwart-mail/values.yaml b/stalwart-mail/values.yaml index 9932801..30ec5c9 100644 --- a/stalwart-mail/values.yaml +++ b/stalwart-mail/values.yaml @@ -117,12 +117,20 @@ config: # -- password for fallback authentfication (use env for store in secrets of kubernetes) # @section -- Authentification secret: "%{env:FALLBACK_ADMIN_SECRET}%" + metrics: + prometheus: + enable: true + auth: + username: "%{env:METRICS_USERNAME}%" + secret: "%{env:METRICS_SECRET}%" secrets: env: # -- password for fallback authentfication (env) # @section -- Authentification FALLBACK_ADMIN_SECRET: supersecret + METRICS_USERNAME: "scrape_metrics_user" + METRICS_SECRET: "scrape_metrics_password" serviceAccount: # Specifies whether a service account should be created @@ -239,6 +247,11 @@ certificate: dnsNames: - "chart-example.local" +prometheus: + servicemonitor: + enabled: false + labels: {} + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little -- 2.45.3 From 0491cc9ea1f0b170d9eff404caf3c9ed74cbfc51 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 03:56:11 +0200 Subject: [PATCH 063/256] fix(mautrix-signal): update AppVersion v0.7.0 --- mautrix-signal/Chart.yaml | 4 ++-- mautrix-signal/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index 6940270..63926cc 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.6 +version: 0.0.7 # renovate: image=dock.mau.dev/mautrix/signal -appVersion: "0.6.3" +appVersion: "0.7.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index 0ddafe7..1d800e0 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,9 +2,9 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square[Version: 0.0.6] +image::https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square[Version: 0.0.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.3-informational?style=flat-square[AppVersion: 0.6.3] +image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] == Maintainers .Maintainers -- 2.45.3 From 1043a091870c413629f875710c4c85599057d85d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 10:43:46 +0200 Subject: [PATCH 064/256] fix(element-call): update AppVersion v0.6.0 --- element-call/Chart.yaml | 4 ++-- element-call/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index 3759519..02b7852 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: 0.0.1 +version: 0.0.2 # renovate: image=ghcr.io/element-hq/element-call -appVersion: "0.5.18" +appVersion: "0.6.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/element-call/README.adoc b/element-call/README.adoc index 4ba80f3..a577219 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -2,9 +2,9 @@ = element-call -image::https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square[Version: 0.0.1] +image::https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square[Version: 0.0.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.5.18-informational?style=flat-square[AppVersion: 0.5.18] +image::https://img.shields.io/badge/AppVersion-0.6.0-informational?style=flat-square[AppVersion: 0.6.0] == Maintainers .Maintainers -- 2.45.3 From 89480023e55d9c968648cea69d5e75e9cbf316b0 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 10:45:15 +0200 Subject: [PATCH 065/256] fix(home-assistant): update AppVersion v2024.8.2 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 3e65133..0a4fb0d 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.22 +version: 0.1.23 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.8.0" +appVersion: "2024.8.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index a04cb23..ec09fff 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.22-informational?style=flat-square[Version: 0.1.22] +image::https://img.shields.io/badge/Version-0.1.23-informational?style=flat-square[Version: 0.1.23] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.8.0-informational?style=flat-square[AppVersion: 2024.8.0] +image::https://img.shields.io/badge/AppVersion-2024.8.2-informational?style=flat-square[AppVersion: 2024.8.2] == Maintainers .Maintainers -- 2.45.3 From ec3560c5271a25edfb5ff3f0cab7f6af3562f917 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 10:46:33 +0200 Subject: [PATCH 066/256] fix(conduit): update well-known nginx --- conduit/Chart.yaml | 2 +- conduit/README.adoc | 4 ++-- conduit/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index a9ffe33..94deeff 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,7 +3,7 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 0.3.3 +version: 0.3.4 # renovate: image=registry.gitlab.com/famedly/conduit/matrix-conduit appVersion: "0.8.0" maintainers: diff --git a/conduit/README.adoc b/conduit/README.adoc index bc9e3a1..e89ea51 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,7 +2,7 @@ = conduit -image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] +image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square[AppVersion: 0.8.0] == Maintainers @@ -349,7 +349,7 @@ helm uninstall conduit-release | wellknown.image.tag | string -| `"1.27.0"` +| `"1.27.1"` | | wellknown.nodeSelector diff --git a/conduit/values.yaml b/conduit/values.yaml index f78092a..816237e 100644 --- a/conduit/values.yaml +++ b/conduit/values.yaml @@ -48,7 +48,7 @@ wellknown: registry: docker.io repository: library/nginx pullPolicy: IfNotPresent - tag: "1.27.0" + tag: "1.27.1" replicaCount: 1 podLabels: {} -- 2.45.3 From e70e63fdded9b894b5723f1e69f31141b0b5c8de Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 10:47:27 +0200 Subject: [PATCH 067/256] fix(ntfy): update kubectl --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 4 ++-- ntfy/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 8132177..4465760 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.3.1 +version: 0.3.2 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 879e49b..b3f3c06 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] +image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -159,7 +159,7 @@ helm uninstall ntfy-release | kubectl.image | object -| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.30.3"}` +| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.0"}` | image needed for setup (store generated VAPID / WebPush keys) | nameOverride diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 3644059..b352db2 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -16,7 +16,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.30.3 + tag: 1.31.0 imagePullSecrets: [] nameOverride: "" -- 2.45.3 From 5af651081b2c8c160feaf075b49299d1c3507f54 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 10:48:17 +0200 Subject: [PATCH 068/256] fix(forgejo-runner): update helper images --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 6 +++--- forgejo-runner/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 2f4dbec..dd8bd74 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.6 +version: 0.2.7 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.0" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 70b42c5..122eed3 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] +image::https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square[Version: 0.2.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.0-informational?style=flat-square[AppVersion: 3.5.0] == Maintainers @@ -245,7 +245,7 @@ helm uninstall forgejo-runner-release | dind.image.tag | string -| `"27.1.1-dind"` +| `"27.1.2-dind"` | | fullnameOverride @@ -295,7 +295,7 @@ helm uninstall forgejo-runner-release | kubectl.image.tag | string -| `"1.30.3"` +| `"1.31.0"` | | nameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 2da0d37..2f7275d 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -141,13 +141,13 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.1.1-dind + tag: 27.1.2-dind kubectl: image: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.30.3 + tag: 1.31.0 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From 7f843275192f8d2668e23ad7b610f8292065c8ed Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 10:52:55 +0200 Subject: [PATCH 069/256] fix(matrix-synapse): update dependencies --- matrix-synapse/Chart.lock | 8 ++++---- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- matrix-synapse/values.yaml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/matrix-synapse/Chart.lock b/matrix-synapse/Chart.lock index f7edde6..12e6b05 100644 --- a/matrix-synapse/Chart.lock +++ b/matrix-synapse/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami - version: 15.1.2 + version: 15.5.22 - name: redis repository: https://charts.bitnami.com/bitnami - version: 19.0.1 -digest: sha256:40b1817950d4e4acf6821c510445ddaafd92e9fbc36efe209f1654b4f019009d -generated: "2024-03-21T15:00:36.134445178+01:00" + version: 20.0.2 +digest: sha256:425e5d35b097df991598f45a6df69b7c63f7ec5ffc4a5a204314398bb257e307 +generated: "2024-08-17T02:33:53.047931205Z" diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index ebbfe87..0db3eb5 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.6 +version: 0.2.7 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.101.0 maintainers: @@ -17,6 +17,6 @@ dependencies: repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled - name: redis - version: ^19.0.0 + version: ^20.0.0 repository: https://charts.bitnami.com/bitnami condition: redis.enabled diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index c69e31f..9ab91f7 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] +image::https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square[Version: 0.2.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.101.0-informational?style=flat-square[AppVersion: 1.101.0] == Maintainers @@ -624,7 +624,7 @@ helm uninstall matrix-synapse-release | wellknown.image.tag | string -| `"1.27.0"` +| `"1.27.1"` | | wellknown.nodeSelector diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index e7538e8..8652644 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -613,7 +613,7 @@ wellknown: image: registry: docker.io repository: library/nginx - tag: 1.27.0 + tag: 1.27.1 pullPolicy: IfNotPresent replicaCount: 1 -- 2.45.3 From fb1ae2cac3ff840d608ebb1e5e6b463e9386452b Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 12:05:11 +0200 Subject: [PATCH 070/256] fix(mautrix-signal): config format of new version --- mautrix-signal/Chart.yaml | 2 +- mautrix-signal/README.adoc | 721 +++++++++++++++++++++++-------------- mautrix-signal/values.yaml | 471 +++++++++++++----------- 3 files changed, 717 insertions(+), 477 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index 63926cc..9c89e70 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.7 +version: 0.0.8 # renovate: image=dock.mau.dev/mautrix/signal appVersion: "0.7.0" maintainers: diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index 1d800e0..9d8f746 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,7 +2,7 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square[Version: 0.0.7] +image::https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square[Version: 0.0.8] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] == Maintainers @@ -90,6 +90,11 @@ helm uninstall mautrix-signal-release | `"http://localhost:29328"` | The address that the homeserver can use to connect to this appservice. +| config.appservice.as_token +| string +| `""` +| + | config.appservice.async_transactions | bool | `false` @@ -110,36 +115,6 @@ helm uninstall mautrix-signal-release | `"signalbot"` | Username of the appservice bot. -| config.appservice.database.max_conn_idle_time -| string -| `nil` -| Maximum connection idle time and lifetime before they're closed. Disabled if null. Parsed with https://pkg.go.dev/time#ParseDuration - -| config.appservice.database.max_conn_lifetime -| string -| `nil` -| - -| config.appservice.database.max_idle_conns -| int -| `2` -| - -| config.appservice.database.max_open_conns -| int -| `20` -| Maximum number of connections. Mostly relevant for Postgres. - -| config.appservice.database.type -| string -| `"postgres"` -| The database type. "sqlite3-fk-wal" and "postgres" are supported. - -| config.appservice.database.uri -| string -| `"postgres://user:password@host/database?sslmode=disable"` -| The database URI. SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. https://github.com/mattn/go-sqlite3#connection-string Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql - | config.appservice.ephemeral_events | bool | `true` @@ -150,6 +125,11 @@ helm uninstall mautrix-signal-release | `"0.0.0.0"` | The hostname and port where this appservice should listen. +| config.appservice.hs_token +| string +| `""` +| + | config.appservice.id | string | `"signal"` @@ -160,215 +140,140 @@ helm uninstall mautrix-signal-release | `29328` | -| config.bridge -| object -| `{"bridge_notices":true,"caption_in_message":false,"command_prefix":"!signal","delivery_receipts":false,"displayname_template":"{{or .ProfileName .PhoneNumber \"Unknown user\"}}","double_puppet_allow_discovery":false,"double_puppet_server_map":{"example.com":"https://example.com"},"encryption":{"allow":false,"allow_key_sharing":false,"appservice":false,"default":false,"delete_keys":{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false},"require":false,"rotation":{"disable_device_change_key_rotation":false,"enable_custom":false,"messages":100,"milliseconds":604800000},"verification_levels":{"receive":"unverified","send":"unverified","share":"cross-signed-tofu"}},"federate_rooms":true,"login_shared_secret_map":{"example.com":"foobar"},"management_room_text":{"additional_help":"","welcome":"Hello, I'm a Signal bridge bot.","welcome_connected":"Use `help` for help.","welcome_unconnected":"Use `help` for help or `login` to log in."},"message_error_notices":true,"message_handling_timeout":{"deadline":"120s","error_after":null},"message_status_events":false,"note_to_self_avatar":"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL","number_in_topic":true,"permissions":{"*":"relay","@admin:example.com":"admin","example.com":"user"},"personal_filtering_spaces":false,"portal_message_buffer":128,"private_chat_portal_meta":"default","provisioning":{"debug_endpoints":false,"prefix":"/_matrix/provision","shared_secret":"generate"},"public_portals":false,"relay":{"admin_only":true,"enabled":false,"message_formats":{"m.audio":"{{ .Sender.Displayname }} sent an audio file","m.emote":"* {{ .Sender.Displayname }} {{ .Message }}","m.file":"{{ .Sender.Displayname }} sent a file","m.image":"{{ .Sender.Displayname }} sent an image","m.location":"{{ .Sender.Displayname }} sent a location","m.notice":"{{ .Sender.Displayname }}: {{ .Message }}","m.text":"{{ .Sender.Displayname }}: {{ .Message }}","m.video":"{{ .Sender.Displayname }} sent a video"}},"resend_bridge_info":false,"sync_direct_chat_list":false,"use_contact_avatars":false,"username_template":"signal_{{.}}"}` -| Bridge config +| config.appservice.public_address +| string +| `nil` +| -| config.bridge.bridge_notices -| bool -| `true` -| Should Matrix m.notice-type messages be bridged? +| config.appservice.username_template +| string +| `"signal_{{.}}"` +| Localpart template of MXIDs for Signal users. {{.}} is replaced with the internal ID of the Signal user. -| config.bridge.caption_in_message +| config.backfill.enabled | bool | `false` -| Send captions in the same message as images. This will send data compatible with both MSC2530. This is currently not supported in most clients. +| + +| config.backfill.max_catchup_messages +| string +| `nil` +| + +| config.backfill.max_initial_messages +| string +| `nil` +| + +| config.backfill.queue.batch_delay +| string +| `nil` +| + +| config.backfill.queue.batch_size +| string +| `nil` +| + +| config.backfill.queue.enabled +| string +| `nil` +| + +| config.backfill.queue.max_batches +| int +| `10` +| + +| config.backfill.queue.max_batches_override.a +| int +| `10` +| + +| config.backfill.threads.max_initial_messages +| string +| `nil` +| + +| config.backfill.unread_hours_threshold +| string +| `nil` +| + +| config.bridge.bridge_matrix_leave +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.bad_credentials.private +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.bad_credentials.relayed +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.bad_credentials.shared_has_users +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.bad_credentials.shared_no_users +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.enabled +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.manual.private +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.manual.relayed +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.manual.shared_has_users +| string +| `nil` +| + +| config.bridge.cleanup_on_logout.manual.shared_no_users +| string +| `nil` +| | config.bridge.command_prefix | string | `"!signal"` | The prefix for commands. Only required in non-management rooms. -| config.bridge.delivery_receipts -| bool -| `false` -| Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal? - -| config.bridge.displayname_template -| string -| `"{{or .ProfileName .PhoneNumber \"Unknown user\"}}"` -| Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. {{.ProfileName}} - The Signal profile name set by the user. {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. {{.PhoneNumber}} - The phone number of the user. {{.UUID}} - The UUID of the Signal user. {{.AboutEmoji}} - The emoji set by the user in their profile. - -| config.bridge.double_puppet_allow_discovery -| bool -| `false` -| Allow using double puppeting from any server with a valid client .well-known file. - -| config.bridge.double_puppet_server_map -| object -| `{"example.com":"https://example.com"}` -| Servers to always allow double puppeting from - -| config.bridge.encryption.allow -| bool -| `false` -| Allow encryption, work in group chat rooms with e2ee enabled - -| config.bridge.encryption.allow_key_sharing -| bool -| `false` -| Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. You must use a client that supports requesting keys from other users to use this feature. - -| config.bridge.encryption.appservice -| bool -| `false` -| Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. - -| config.bridge.encryption.default -| bool -| `false` -| Default to encryption, force-enable encryption in all portals the bridge creates This will cause the bridge bot to be in private chats for the encryption to work properly. - -| config.bridge.encryption.delete_keys -| object -| `{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false}` -| Options for deleting megolm sessions from the bridge. - -| config.bridge.encryption.delete_keys.delete_fully_used_on_decrypt -| bool -| `false` -| Delete fully used keys (index >= max_messages) after decrypting messages. - -| config.bridge.encryption.delete_keys.delete_on_device_delete -| bool -| `false` -| Delete megolm sessions received from a device when the device is deleted. - -| config.bridge.encryption.delete_keys.delete_outbound_on_ack -| bool -| `false` -| Beeper-specific: delete outbound sessions when hungryserv confirms that the user has uploaded the key to key backup. - -| config.bridge.encryption.delete_keys.delete_outdated_inbound -| bool -| `false` -| Delete inbound megolm sessions that don't have the received_at field used for automatic ratcheting and expired session deletion. This is meant as a migration to delete old keys prior to the bridge update. - -| config.bridge.encryption.delete_keys.delete_prev_on_new_session -| bool -| `false` -| Delete previous megolm sessions from same device when receiving a new one. - -| config.bridge.encryption.delete_keys.dont_store_outbound -| bool -| `false` -| Don't store outbound sessions in the inbound table. - -| config.bridge.encryption.delete_keys.periodically_delete_expired -| bool -| `false` -| Periodically delete megolm sessions when 2x max_age has passed since receiving the session. - -| config.bridge.encryption.delete_keys.ratchet_on_decrypt -| bool -| `false` -| Ratchet megolm sessions forward after decrypting messages. - -| config.bridge.encryption.require -| bool -| `false` -| Require encryption, drop any unencrypted messages. - -| config.bridge.encryption.rotation.disable_device_change_key_rotation -| bool -| `false` -| Disable rotating keys when a user's devices change? You should not enable this option unless you understand all the implications. - -| config.bridge.encryption.rotation.enable_custom -| bool -| `false` -| Enable custom Megolm room key rotation settings. Note that these settings will only apply to rooms created after this option is set. - -| config.bridge.encryption.rotation.messages -| int -| `100` -| The maximum number of messages that should be sent with a given a session before changing it. The Matrix spec recommends 100 as the default. - -| config.bridge.encryption.rotation.milliseconds -| int -| `604800000` -| The maximum number of milliseconds a session should be used before changing it. The Matrix spec recommends 604800000 (a week) as the default. - -| config.bridge.encryption.verification_levels.receive -| string -| `"unverified"` -| Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix. - -| config.bridge.encryption.verification_levels.send -| string -| `"unverified"` -| Minimum level that the bridge should accept for incoming Matrix messages. - -| config.bridge.encryption.verification_levels.share -| string -| `"cross-signed-tofu"` -| Minimum level that the bridge should require for accepting key requests. - -| config.bridge.federate_rooms -| bool -| `true` -| Whether or not created rooms should have federation enabled. If false, created portal rooms will never be federated. - -| config.bridge.login_shared_secret_map -| object -| `{"example.com":"foobar"}` -| Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth If set, double puppeting will be enabled automatically for local users instead of users having to find an access token and run `login-matrix` manually. - -| config.bridge.management_room_text.additional_help -| string -| `""` -| Optional extra text sent when joining a management room. - -| config.bridge.management_room_text.welcome -| string -| `"Hello, I'm a Signal bridge bot."` -| Sent when joining a room. - -| config.bridge.management_room_text.welcome_connected -| string -| `"Use `help` for help."` -| Sent when joining a management room and the user is already logged in. - -| config.bridge.management_room_text.welcome_unconnected -| string -| `"Use `help` for help or `login` to log in."` -| Sent when joining a management room and the user is not logged in. - -| config.bridge.message_error_notices -| bool -| `true` -| Whether the bridge should send error notices via m.notice events when a message fails to bridge. - -| config.bridge.message_handling_timeout -| object -| `{"deadline":"120s","error_after":null}` -| Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration Null means there's no enforced timeout. - -| config.bridge.message_handling_timeout.deadline -| string -| `"120s"` -| Drop messages after this timeout. They may still go through if the message got sent to the servers. This is counted from the time the bridge starts handling the message. - -| config.bridge.message_handling_timeout.error_after +| config.bridge.mute_only_on_create | string | `nil` -| Send an error message after this timeout, but keep waiting for the response until the deadline. This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay. If the message is older than this when it reaches the bridge, the message won't be handled at all. +| -| config.bridge.message_status_events -| bool -| `false` -| Whether the bridge should send the message status as a custom com.beeper.message_send_status event. - -| config.bridge.note_to_self_avatar +| config.bridge.permissions."@admin:example.com" | string -| `"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL"` -| Avatar image for the Note to Self room. +| `"admin"` +| -| config.bridge.number_in_topic -| bool -| `true` -| Should the Signal user's phone number be included in the room topic in private chat portal rooms? +| config.bridge.permissions."example.com" +| string +| `"user"` +| + +| config.bridge.permissions.* +| string +| `"relay"` +| | config.bridge.personal_filtering_spaces | bool @@ -380,31 +285,21 @@ helm uninstall mautrix-signal-release | `"default"` | Whether to explicitly set the avatar and room name for private chat portal rooms. If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. If set to `always`, all DM rooms will have explicit names and avatars set. If set to `never`, DM rooms will never have names and avatars set. -| config.bridge.provisioning.debug_endpoints -| bool -| `false` -| Enable debug API at /debug with provisioning authentication. - -| config.bridge.provisioning.prefix -| string -| `"/_matrix/provision"` -| Prefix for the provisioning API paths. - -| config.bridge.provisioning.shared_secret -| string -| `"generate"` -| Shared secret for authentication. If set to "generate", a random secret will be generated, or if set to "disable", the provisioning API will be disabled. - -| config.bridge.public_portals -| bool -| `false` -| Whether or not to make portals of groups that don't need approval of an admin to join by invite link publicly joinable on Matrix. - | config.bridge.relay.admin_only | bool | `true` | Should only admins be allowed to set themselves as relay users? +| config.bridge.relay.default_relays +| string +| `nil` +| + +| config.bridge.relay.displayname_format +| string +| `""` +| + | config.bridge.relay.enabled | bool | `false` @@ -415,25 +310,200 @@ helm uninstall mautrix-signal-release | `{"m.audio":"{{ .Sender.Displayname }} sent an audio file","m.emote":"* {{ .Sender.Displayname }} {{ .Message }}","m.file":"{{ .Sender.Displayname }} sent a file","m.image":"{{ .Sender.Displayname }} sent an image","m.location":"{{ .Sender.Displayname }} sent a location","m.notice":"{{ .Sender.Displayname }}: {{ .Message }}","m.text":"{{ .Sender.Displayname }}: {{ .Message }}","m.video":"{{ .Sender.Displayname }} sent a video"}` | The formats to use when sending messages to Signal via the relaybot. -| config.bridge.resend_bridge_info -| bool -| `false` -| Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. This field will automatically be changed back to false after it, except if the config file is not writable. - -| config.bridge.sync_direct_chat_list -| bool -| `false` -| Should the bridge update the m.direct account data event when double puppeting is enabled. Note that updating the m.direct event is not atomic (except with mautrix-asmux) and is therefore prone to race conditions. - -| config.bridge.use_contact_avatars -| bool -| `false` -| Should avatars from the user's contact list be used? This is not safe on multi-user instances. - -| config.bridge.username_template +| config.bridge.tag_only_on_create | string -| `"signal_{{.}}"` -| Localpart template of MXIDs for Signal users. {{.}} is replaced with the internal ID of the Signal user. +| `nil` +| + +| config.database.max_conn_idle_time +| string +| `nil` +| Maximum connection idle time and lifetime before they're closed. Disabled if null. Parsed with https://pkg.go.dev/time#ParseDuration + +| config.database.max_conn_lifetime +| string +| `nil` +| + +| config.database.max_idle_conns +| int +| `2` +| + +| config.database.max_open_conns +| int +| `20` +| Maximum number of connections. Mostly relevant for Postgres. + +| config.database.type +| string +| `"postgres"` +| The database type. "sqlite3-fk-wal" and "postgres" are supported. + +| config.database.uri +| string +| `"postgres://user:password@host/database?sslmode=disable"` +| The database URI. SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. https://github.com/mattn/go-sqlite3#connection-string Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql + +| config.direct_media.allow_proxy +| bool +| `false` +| + +| config.direct_media.enabled +| bool +| `false` +| + +| config.direct_media.media_id_prefix +| string +| `""` +| + +| config.direct_media.server_key +| string +| `""` +| + +| config.direct_media.server_name +| string +| `""` +| + +| config.direct_media.well_known_response +| string +| `""` +| + +| config.double_puppet.allow_discovery +| bool +| `false` +| Allow using double puppeting from any server with a valid client .well-known file. + +| config.double_puppet.secrets +| object +| `{"example.com":"foobar"}` +| Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth If set, double puppeting will be enabled automatically for local users instead of users having to find an access token and run `login-matrix` manually. + +| config.double_puppet.servers +| object +| `{"example.com":"https://example.com"}` +| Servers to always allow double puppeting from + +| config.encryption.allow +| bool +| `false` +| Allow encryption, work in group chat rooms with e2ee enabled + +| config.encryption.allow_key_sharing +| bool +| `false` +| Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. You must use a client that supports requesting keys from other users to use this feature. + +| config.encryption.appservice +| bool +| `false` +| Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + +| config.encryption.default +| bool +| `false` +| Default to encryption, force-enable encryption in all portals the bridge creates This will cause the bridge bot to be in private chats for the encryption to work properly. + +| config.encryption.delete_keys +| object +| `{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false}` +| Options for deleting megolm sessions from the bridge. + +| config.encryption.delete_keys.delete_fully_used_on_decrypt +| bool +| `false` +| Delete fully used keys (index >= max_messages) after decrypting messages. + +| config.encryption.delete_keys.delete_on_device_delete +| bool +| `false` +| Delete megolm sessions received from a device when the device is deleted. + +| config.encryption.delete_keys.delete_outbound_on_ack +| bool +| `false` +| Beeper-specific: delete outbound sessions when hungryserv confirms that the user has uploaded the key to key backup. + +| config.encryption.delete_keys.delete_outdated_inbound +| bool +| `false` +| Delete inbound megolm sessions that don't have the received_at field used for automatic ratcheting and expired session deletion. This is meant as a migration to delete old keys prior to the bridge update. + +| config.encryption.delete_keys.delete_prev_on_new_session +| bool +| `false` +| Delete previous megolm sessions from same device when receiving a new one. + +| config.encryption.delete_keys.dont_store_outbound +| bool +| `false` +| Don't store outbound sessions in the inbound table. + +| config.encryption.delete_keys.periodically_delete_expired +| bool +| `false` +| Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + +| config.encryption.delete_keys.ratchet_on_decrypt +| bool +| `false` +| Ratchet megolm sessions forward after decrypting messages. + +| config.encryption.pickle_key +| string +| `nil` +| + +| config.encryption.plaintext_mentions +| string +| `nil` +| + +| config.encryption.require +| bool +| `false` +| Require encryption, drop any unencrypted messages. + +| config.encryption.rotation.disable_device_change_key_rotation +| bool +| `false` +| Disable rotating keys when a user's devices change? You should not enable this option unless you understand all the implications. + +| config.encryption.rotation.enable_custom +| bool +| `false` +| Enable custom Megolm room key rotation settings. Note that these settings will only apply to rooms created after this option is set. + +| config.encryption.rotation.messages +| int +| `100` +| The maximum number of messages that should be sent with a given a session before changing it. The Matrix spec recommends 100 as the default. + +| config.encryption.rotation.milliseconds +| int +| `604800000` +| The maximum number of milliseconds a session should be used before changing it. The Matrix spec recommends 604800000 (a week) as the default. + +| config.encryption.verification_levels.receive +| string +| `"unverified"` +| Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix. + +| config.encryption.verification_levels.send +| string +| `"unverified"` +| Minimum level that the bridge should accept for incoming Matrix messages. + +| config.encryption.verification_levels.share +| string +| `"cross-signed-tofu"` +| Minimum level that the bridge should require for accepting key requests. | config.homeserver.address | string @@ -460,6 +530,11 @@ helm uninstall mautrix-signal-release | `0` | How often should the websocket be pinged? Pinging will be disabled if this is zero. +| config.homeserver.public_address +| string +| `nil` +| + | config.homeserver.software | string | `"standard"` @@ -475,6 +550,11 @@ helm uninstall mautrix-signal-release | `false` | Should the bridge use a websocket for connecting to the homeserver? The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, mautrix-asmux (deprecated), and hungryserv (proprietary). +| config.homeserver.websocket_proxy +| string +| `""` +| + | config.logging.min_level | string | `"warn"` @@ -490,6 +570,51 @@ helm uninstall mautrix-signal-release | `"stdout"` | +| config.management_room_text.additional_help +| string +| `""` +| Optional extra text sent when joining a management room. + +| config.management_room_text.welcome +| string +| `"Hello, I'm a Signal bridge bot."` +| Sent when joining a room. + +| config.management_room_text.welcome_connected +| string +| `"Use `help` for help."` +| Sent when joining a management room and the user is already logged in. + +| config.management_room_text.welcome_unconnected +| string +| `"Use `help` for help or `login` to log in."` +| Sent when joining a management room and the user is not logged in. + +| config.matrix.delivery_receipts +| bool +| `false` +| Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal? + +| config.matrix.federate_rooms +| bool +| `true` +| Whether or not created rooms should have federation enabled. If false, created portal rooms will never be federated. + +| config.matrix.message_error_notices +| bool +| `true` +| Whether the bridge should send error notices via m.notice events when a message fails to bridge. + +| config.matrix.message_status_events +| bool +| `false` +| Whether the bridge should send the message status as a custom com.beeper.message_send_status event. + +| config.matrix.sync_direct_chat_list +| bool +| `false` +| Should the bridge update the m.direct account data event when double puppeting is enabled. Note that updating the m.direct event is not atomic (except with mautrix-asmux) and is therefore prone to race conditions. + | config.metrics.enabled | bool | `true` @@ -500,11 +625,81 @@ helm uninstall mautrix-signal-release | `"0.0.0.0:8000"` | IP and port where the metrics listener should be. The path is always /metrics +| config.provisioning.debug_endpoints +| bool +| `false` +| Enable debug API at /debug with provisioning authentication. + +| config.provisioning.prefix +| string +| `"/_matrix/provision"` +| Prefix for the provisioning API paths. + +| config.provisioning.shared_secret +| string +| `"generate"` +| Shared secret for authentication. If set to "generate", a random secret will be generated, or if set to "disable", the provisioning API will be disabled. + +| config.public_media.enabled +| bool +| `false` +| + +| config.public_media.expiry +| int +| `0` +| + +| config.public_media.hash_length +| int +| `0` +| + +| config.public_media.signing_key +| string +| `""` +| + | config.signal.device_name | string | `"mautrix-signal"` | Default device name that shows up in the Signal app. +| config.signal.displayname_template +| string +| `"{{or .ProfileName .PhoneNumber \"Unknown user\"}}"` +| Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. {{.ProfileName}} - The Signal profile name set by the user. {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. {{.PhoneNumber}} - The phone number of the user. {{.UUID}} - The UUID of the Signal user. {{.AboutEmoji}} - The emoji set by the user in their profile. + +| config.signal.location_format +| string +| `"https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s"` +| + +| config.signal.note_to_self_avatar +| string +| `"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL"` +| + +| config.signal.number_in_topic +| bool +| `true` +| Should the Signal user's phone number be included in the room topic in private chat portal rooms? + +| config.signal.sync_contacts_on_startup +| bool +| `true` +| Should the bridge request the user's contact list from the phone on startup? + +| config.signal.use_contact_avatars +| bool +| `false` +| Should avatars from the user's contact list be used? This is not safe on multi-user instances. + +| config.signal.use_outdated_profiles +| bool +| `false` +| Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances. + | fullnameOverride | string | `""` diff --git a/mautrix-signal/values.yaml b/mautrix-signal/values.yaml index a3c57eb..3300993 100644 --- a/mautrix-signal/values.yaml +++ b/mautrix-signal/values.yaml @@ -19,12 +19,98 @@ nameOverride: "" fullnameOverride: "" config: + # Bridge config + bridge: + # -- The prefix for commands. Only required in non-management rooms. + command_prefix: '!signal' + # -- Should the bridge create a space for each logged-in user and add bridged rooms to it? + # Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time. + personal_filtering_spaces: false + # -- Whether to explicitly set the avatar and room name for private chat portal rooms. + # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. + # If set to `always`, all DM rooms will have explicit names and avatars set. + # If set to `never`, DM rooms will never have names and avatars set. + private_chat_portal_meta: default + bridge_matrix_leave: + tag_only_on_create: + mute_only_on_create: + cleanup_on_logout: + enabled: + manual: + private: + relayed: + shared_no_users: + shared_has_users: + bad_credentials: + private: + relayed: + shared_no_users: + shared_has_users: + + # Settings for relay mode + relay: + # -- Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any + # authenticated user into a relaybot for that chat. + enabled: false + # -- Should only admins be allowed to set themselves as relay users? + admin_only: true + default_relays: + # -- The formats to use when sending messages to Signal via the relaybot. + message_formats: + m.text: "{{ .Sender.Displayname }}: {{ .Message }}" + m.notice: "{{ .Sender.Displayname }}: {{ .Message }}" + m.emote: "* {{ .Sender.Displayname }} {{ .Message }}" + m.file: "{{ .Sender.Displayname }} sent a file" + m.image: "{{ .Sender.Displayname }} sent an image" + m.audio: "{{ .Sender.Displayname }} sent an audio file" + m.video: "{{ .Sender.Displayname }} sent a video" + m.location: "{{ .Sender.Displayname }} sent a location" + displayname_format: "" + + # Permissions for using the bridge. + # Permitted values: + # block - + # relay - Talk through the relaybot (if enabled), no access otherwise + # commands - + # user - Access to use the bridge to chat with a Signal account. + # admin - User level and some additional administration tools + # Permitted keys: + # * - All Matrix users + # domain - All users on that homeserver + # mxid - Specific user + permissions: + "*": relay + "example.com": user + "@admin:example.com": admin + + + # Database config. + database: + # -- The database type. "sqlite3-fk-wal" and "postgres" are supported. + type: postgres + # -- The database URI. + # SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. + # https://github.com/mattn/go-sqlite3#connection-string + # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable + # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql + uri: postgres://user:password@host/database?sslmode=disable + # -- Maximum number of connections. Mostly relevant for Postgres. + max_open_conns: 20 + max_idle_conns: 2 + # -- Maximum connection idle time and lifetime before they're closed. Disabled if null. + # Parsed with https://pkg.go.dev/time#ParseDuration + max_conn_idle_time: null + max_conn_lifetime: null + # Homeserver details. homeserver: # -- The address that this appservice can use to connect to the homeserver. address: https://matrix.example.com # -- The domain of the homeserver (also known as server_name, used for MXIDs, etc). domain: example.com + # -- Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? + async_media: false + public_address: # -- What software is the homeserver running? # Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. @@ -35,44 +121,26 @@ config: status_endpoint: null # -- Endpoint for reporting per-message status. message_send_checkpoint_endpoint: null - # -- Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? - async_media: false # -- Should the bridge use a websocket for connecting to the homeserver? # The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, # mautrix-asmux (deprecated), and hungryserv (proprietary). websocket: false + websocket_proxy: "" # -- How often should the websocket be pinged? Pinging will be disabled if this is zero. ping_interval_seconds: 0 + # Application service host/registration related details. # Changing these values requires regeneration of the registration. appservice: # -- The address that the homeserver can use to connect to this appservice. address: http://localhost:29328 - + public_address: # -- The hostname and port where this appservice should listen. hostname: 0.0.0.0 port: 29328 - # Database config. - database: - # -- The database type. "sqlite3-fk-wal" and "postgres" are supported. - type: postgres - # -- The database URI. - # SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. - # https://github.com/mattn/go-sqlite3#connection-string - # Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable - # To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql - uri: postgres://user:password@host/database?sslmode=disable - # -- Maximum number of connections. Mostly relevant for Postgres. - max_open_conns: 20 - max_idle_conns: 2 - # -- Maximum connection idle time and lifetime before they're closed. Disabled if null. - # Parsed with https://pkg.go.dev/time#ParseDuration - max_conn_idle_time: null - max_conn_lifetime: null - # -- The unique ID of this appservice. id: signal # Appservice bot details. @@ -84,57 +152,22 @@ config: displayname: Signal bridge bot avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp + as_token: "" + hs_token: "" + # -- Whether or not to receive ephemeral events via appservice transactions. # Requires MSC2409 support (i.e. Synapse 1.22+). ephemeral_events: true - # -- Should incoming events be handled asynchronously? # This may be necessary for large public instances with lots of messages going through. # However, messages will not be guaranteed to be bridged in the same order they were sent in. async_transactions: false - # Prometheus config. - metrics: - # -- Enable prometheus metrics? - enabled: true - # -- IP and port where the metrics listener should be. The path is always /metrics - listen: 0.0.0.0:8000 - - signal: - # -- Default device name that shows up in the Signal app. - device_name: mautrix-signal - - # -- Bridge config - bridge: # -- Localpart template of MXIDs for Signal users. # {{.}} is replaced with the internal ID of the Signal user. username_template: signal_{{.}} - # -- Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. - # {{.ProfileName}} - The Signal profile name set by the user. - # {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. - # {{.PhoneNumber}} - The phone number of the user. - # {{.UUID}} - The UUID of the Signal user. - # {{.AboutEmoji}} - The emoji set by the user in their profile. - displayname_template: '{{or .ProfileName .PhoneNumber "Unknown user"}}' - # -- Whether to explicitly set the avatar and room name for private chat portal rooms. - # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. - # If set to `always`, all DM rooms will have explicit names and avatars set. - # If set to `never`, DM rooms will never have names and avatars set. - private_chat_portal_meta: default - # -- Should avatars from the user's contact list be used? This is not safe on multi-user instances. - use_contact_avatars: false - # -- Should the Signal user's phone number be included in the room topic in private chat portal rooms? - number_in_topic: true - # -- Avatar image for the Note to Self room. - note_to_self_avatar: mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL - portal_message_buffer: 128 - - # -- Should the bridge create a space for each logged-in user and add bridged rooms to it? - # Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time. - personal_filtering_spaces: false - # -- Should Matrix m.notice-type messages be bridged? - bridge_notices: true + matrix: # -- Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal? delivery_receipts: false # -- Whether the bridge should send the message status as a custom com.beeper.message_send_status event. @@ -145,173 +178,141 @@ config: # Note that updating the m.direct event is not atomic (except with mautrix-asmux) # and is therefore prone to race conditions. sync_direct_chat_list: false - # -- Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run. - # This field will automatically be changed back to false after it, except if the config file is not writable. - resend_bridge_info: false - # -- Whether or not to make portals of groups that don't need approval of an admin to join by invite - # link publicly joinable on Matrix. - public_portals: false - # -- Send captions in the same message as images. This will send data compatible with both MSC2530. - # This is currently not supported in most clients. - caption_in_message: false # -- Whether or not created rooms should have federation enabled. # If false, created portal rooms will never be federated. federate_rooms: true - # -- Servers to always allow double puppeting from - double_puppet_server_map: - example.com: https://example.com + + # Settings for provisioning API + provisioning: + # -- Prefix for the provisioning API paths. + prefix: /_matrix/provision + # -- Shared secret for authentication. If set to "generate", a random secret will be generated, + # or if set to "disable", the provisioning API will be disabled. + shared_secret: generate + # -- Enable debug API at /debug with provisioning authentication. + debug_endpoints: false + + public_media: + enabled: false + signing_key: "" + hash_length: 0 + expiry: 0 + + direct_media: + enabled: false + media_id_prefix: "" + server_name: "" + server_key: "" + allow_proxy: false + well_known_response: "" + + backfill: + enabled: false + max_initial_messages: + max_catchup_messages: + unread_hours_threshold: + threads: + max_initial_messages: + queue: + enabled: + batch_size: + batch_delay: + max_batches: 10 + max_batches_override: + "a": 10 + + double_puppet: # -- Allow using double puppeting from any server with a valid client .well-known file. - double_puppet_allow_discovery: false + allow_discovery: false + # -- Servers to always allow double puppeting from + servers: + example.com: https://example.com # -- Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth # # If set, double puppeting will be enabled automatically for local users # instead of users having to find an access token and run `login-matrix` # manually. - login_shared_secret_map: + secrets: example.com: foobar - # -- Maximum time for handling Matrix events. Duration strings formatted for https://pkg.go.dev/time#ParseDuration - # Null means there's no enforced timeout. - message_handling_timeout: - # -- Send an error message after this timeout, but keep waiting for the response until the deadline. - # This is counted from the origin_server_ts, so the warning time is consistent regardless of the source of delay. - # If the message is older than this when it reaches the bridge, the message won't be handled at all. - error_after: null - # -- Drop messages after this timeout. They may still go through if the message got sent to the servers. - # This is counted from the time the bridge starts handling the message. - deadline: 120s - - # -- The prefix for commands. Only required in non-management rooms. - command_prefix: '!signal' - # Messages sent upon joining a management room. - # Markdown is supported. The defaults are listed below. - management_room_text: - # -- Sent when joining a room. - welcome: "Hello, I'm a Signal bridge bot." - # -- Sent when joining a management room and the user is already logged in. - welcome_connected: "Use `help` for help." - # -- Sent when joining a management room and the user is not logged in. - welcome_unconnected: "Use `help` for help or `login` to log in." - # -- Optional extra text sent when joining a management room. - additional_help: "" - - # End-to-bridge encryption support options. + # End-to-bridge encryption support options. + # + # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. + encryption: + # -- Allow encryption, work in group chat rooms with e2ee enabled + allow: false + # -- Default to encryption, force-enable encryption in all portals the bridge creates + # This will cause the bridge bot to be in private chats for the encryption to work properly. + default: false + # -- Require encryption, drop any unencrypted messages. + require: false + # -- Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. + appservice: false + plaintext_mentions: + pickle_key: + # -- Options for deleting megolm sessions from the bridge. + delete_keys: + # -- Beeper-specific: delete outbound sessions when hungryserv confirms + # that the user has uploaded the key to key backup. + delete_outbound_on_ack: false + # -- Don't store outbound sessions in the inbound table. + dont_store_outbound: false + # -- Ratchet megolm sessions forward after decrypting messages. + ratchet_on_decrypt: false + # -- Delete fully used keys (index >= max_messages) after decrypting messages. + delete_fully_used_on_decrypt: false + # -- Delete previous megolm sessions from same device when receiving a new one. + delete_prev_on_new_session: false + # -- Delete megolm sessions received from a device when the device is deleted. + delete_on_device_delete: false + # -- Periodically delete megolm sessions when 2x max_age has passed since receiving the session. + periodically_delete_expired: false + # -- Delete inbound megolm sessions that don't have the received_at field used for + # automatic ratcheting and expired session deletion. This is meant as a migration + # to delete old keys prior to the bridge update. + delete_outdated_inbound: false + # What level of device verification should be required from users? # - # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info. - encryption: - # -- Allow encryption, work in group chat rooms with e2ee enabled - allow: false - # -- Default to encryption, force-enable encryption in all portals the bridge creates - # This will cause the bridge bot to be in private chats for the encryption to work properly. - default: false - # -- Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. - appservice: false - # -- Require encryption, drop any unencrypted messages. - require: false - # -- Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. - # You must use a client that supports requesting keys from other users to use this feature. - allow_key_sharing: false - # -- Options for deleting megolm sessions from the bridge. - delete_keys: - # -- Beeper-specific: delete outbound sessions when hungryserv confirms - # that the user has uploaded the key to key backup. - delete_outbound_on_ack: false - # -- Don't store outbound sessions in the inbound table. - dont_store_outbound: false - # -- Ratchet megolm sessions forward after decrypting messages. - ratchet_on_decrypt: false - # -- Delete fully used keys (index >= max_messages) after decrypting messages. - delete_fully_used_on_decrypt: false - # -- Delete previous megolm sessions from same device when receiving a new one. - delete_prev_on_new_session: false - # -- Delete megolm sessions received from a device when the device is deleted. - delete_on_device_delete: false - # -- Periodically delete megolm sessions when 2x max_age has passed since receiving the session. - periodically_delete_expired: false - # -- Delete inbound megolm sessions that don't have the received_at field used for - # automatic ratcheting and expired session deletion. This is meant as a migration - # to delete old keys prior to the bridge update. - delete_outdated_inbound: false - # What level of device verification should be required from users? - # - # Valid levels: - # unverified - Send keys to all device in the room. - # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. - # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). - # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. - # Note that creating user signatures from the bridge bot is not currently possible. - # verified - Require manual per-device verification - # (currently only possible by modifying the `trust` column in the `crypto_device` database table). - verification_levels: - # -- Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix. - receive: unverified - # -- Minimum level that the bridge should accept for incoming Matrix messages. - send: unverified - # -- Minimum level that the bridge should require for accepting key requests. - share: cross-signed-tofu - # Options for Megolm room key rotation. These options allow you to - # configure the m.room.encryption event content. See: - # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for - # more information about that event. - rotation: - # -- Enable custom Megolm room key rotation settings. Note that these - # settings will only apply to rooms created after this option is - # set. - enable_custom: false - # -- The maximum number of milliseconds a session should be used - # before changing it. The Matrix spec recommends 604800000 (a week) - # as the default. - milliseconds: 604800000 - # -- The maximum number of messages that should be sent with a given a - # session before changing it. The Matrix spec recommends 100 as the - # default. - messages: 100 + # Valid levels: + # unverified - Send keys to all device in the room. + # cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys. + # cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes). + # cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot. + # Note that creating user signatures from the bridge bot is not currently possible. + # verified - Require manual per-device verification + # (currently only possible by modifying the `trust` column in the `crypto_device` database table). + verification_levels: + # -- Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix. + receive: unverified + # -- Minimum level that the bridge should accept for incoming Matrix messages. + send: unverified + # -- Minimum level that the bridge should require for accepting key requests. + share: cross-signed-tofu + # -- Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. + # You must use a client that supports requesting keys from other users to use this feature. + allow_key_sharing: false + # Options for Megolm room key rotation. These options allow you to + # configure the m.room.encryption event content. See: + # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for + # more information about that event. + rotation: + # -- Enable custom Megolm room key rotation settings. Note that these + # settings will only apply to rooms created after this option is + # set. + enable_custom: false + # -- The maximum number of milliseconds a session should be used + # before changing it. The Matrix spec recommends 604800000 (a week) + # as the default. + milliseconds: 604800000 + # -- The maximum number of messages that should be sent with a given a + # session before changing it. The Matrix spec recommends 100 as the + # default. + messages: 100 - # -- Disable rotating keys when a user's devices change? - # You should not enable this option unless you understand all the implications. - disable_device_change_key_rotation: false + # -- Disable rotating keys when a user's devices change? + # You should not enable this option unless you understand all the implications. + disable_device_change_key_rotation: false - # Settings for provisioning API - provisioning: - # -- Prefix for the provisioning API paths. - prefix: /_matrix/provision - # -- Shared secret for authentication. If set to "generate", a random secret will be generated, - # or if set to "disable", the provisioning API will be disabled. - shared_secret: generate - # -- Enable debug API at /debug with provisioning authentication. - debug_endpoints: false - - # Permissions for using the bridge. - # Permitted values: - # relay - Talk through the relaybot (if enabled), no access otherwise - # user - Access to use the bridge to chat with a Signal account. - # admin - User level and some additional administration tools - # Permitted keys: - # * - All Matrix users - # domain - All users on that homeserver - # mxid - Specific user - permissions: - "*": relay - "example.com": user - "@admin:example.com": admin - - # Settings for relay mode - relay: - # -- Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any - # authenticated user into a relaybot for that chat. - enabled: false - # -- Should only admins be allowed to set themselves as relay users? - admin_only: true - # -- The formats to use when sending messages to Signal via the relaybot. - message_formats: - m.text: "{{ .Sender.Displayname }}: {{ .Message }}" - m.notice: "{{ .Sender.Displayname }}: {{ .Message }}" - m.emote: "* {{ .Sender.Displayname }} {{ .Message }}" - m.file: "{{ .Sender.Displayname }} sent a file" - m.image: "{{ .Sender.Displayname }} sent an image" - m.audio: "{{ .Sender.Displayname }} sent an audio file" - m.video: "{{ .Sender.Displayname }} sent a video" - m.location: "{{ .Sender.Displayname }} sent a location" # Logging config. See https://github.com/tulir/zeroconfig for details. logging: @@ -320,6 +321,50 @@ config: - type: stdout format: json + # Messages sent upon joining a management room. + # Markdown is supported. The defaults are listed below. + management_room_text: + # -- Sent when joining a room. + welcome: "Hello, I'm a Signal bridge bot." + # -- Sent when joining a management room and the user is already logged in. + welcome_connected: "Use `help` for help." + # -- Sent when joining a management room and the user is not logged in. + welcome_unconnected: "Use `help` for help or `login` to log in." + # -- Optional extra text sent when joining a management room. + additional_help: "" + + # Prometheus config. + metrics: + # -- Enable prometheus metrics? + enabled: true + # -- IP and port where the metrics listener should be. The path is always /metrics + listen: 0.0.0.0:8000 + + signal: + # -- Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. + # {{.ProfileName}} - The Signal profile name set by the user. + # {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. + # {{.PhoneNumber}} - The phone number of the user. + # {{.UUID}} - The UUID of the Signal user. + # {{.AboutEmoji}} - The emoji set by the user in their profile. + displayname_template: '{{or .ProfileName .PhoneNumber "Unknown user"}}' + # -- Should avatars from the user's contact list be used? This is not safe on multi-user instances. + use_contact_avatars: false + # -- Should the bridge request the user's contact list from the phone on startup? + sync_contacts_on_startup: true + # -- Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances. + use_outdated_profiles: false + # -- Should the Signal user's phone number be included in the room topic in private chat portal rooms? + number_in_topic: true + # -- Default device name that shows up in the Signal app. + device_name: mautrix-signal + # Avatar image for the Note to Self room. + note_to_self_avatar: mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL + # Format for generating URLs from location messages for sending to Signal. + # Google Maps: 'https://www.google.com/maps/place/%[1]s,%[2]s' + # OpenStreetMap: 'https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s' + location_format: 'https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s' + registration: # token from config.appservice.id # id: -- 2.45.3 From 47589dca298c01c5b5f9569db013ee6980407089 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 12:58:50 +0200 Subject: [PATCH 071/256] fix(mautrix-signal): config format of new version --- mautrix-signal/Chart.yaml | 2 +- mautrix-signal/README.adoc | 188 +++++++++++++++++------------------ mautrix-signal/values.yaml | 196 +++++++++++++++++++++++++------------ 3 files changed, 225 insertions(+), 161 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index 9c89e70..b1ce738 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.8 +version: 0.0.9 # renovate: image=dock.mau.dev/mautrix/signal appVersion: "0.7.0" maintainers: diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index 9d8f746..61370c8 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,7 +2,7 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square[Version: 0.0.8] +image::https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square[Version: 0.0.9] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] == Maintainers @@ -153,102 +153,102 @@ helm uninstall mautrix-signal-release | config.backfill.enabled | bool | `false` -| +| Whether to do backfilling at all. | config.backfill.max_catchup_messages -| string -| `nil` -| +| int +| `500` +| Maximum number of missed messages to backfill after bridge restarts. | config.backfill.max_initial_messages -| string -| `nil` -| +| int +| `50` +| Maximum number of messages to backfill in empty rooms. | config.backfill.queue.batch_delay -| string -| `nil` -| +| int +| `20` +| Delay between batches in seconds. | config.backfill.queue.batch_size -| string -| `nil` -| +| int +| `100` +| Number of messages to backfill in one batch. | config.backfill.queue.enabled -| string -| `nil` -| +| bool +| `false` +| Should the backfill queue be enabled? | config.backfill.queue.max_batches | int -| `10` -| +| `-1` +| Maximum number of batches to backfill per portal. If set to -1, all available messages will be backfilled. -| config.backfill.queue.max_batches_override.a -| int -| `10` -| +| config.backfill.queue.max_batches_override +| object +| `{}` +| Optional network-specific overrides for max batches. Interpretation of this field depends on the network connector. | config.backfill.threads.max_initial_messages -| string -| `nil` -| +| int +| `50` +| Maximum number of messages to backfill in a new thread. | config.backfill.unread_hours_threshold -| string -| `nil` -| +| int +| `720` +| If a backfilled chat is older than this number of hours, mark it as read even if it's unread on the remote network. | config.bridge.bridge_matrix_leave -| string -| `nil` -| +| bool +| `false` +| Should leaving Matrix rooms be bridged as leaving groups on the remote network? | config.bridge.cleanup_on_logout.bad_credentials.private | string -| `nil` +| `"nothing"` | | config.bridge.cleanup_on_logout.bad_credentials.relayed | string -| `nil` +| `"nothing"` | | config.bridge.cleanup_on_logout.bad_credentials.shared_has_users | string -| `nil` +| `"nothing"` | | config.bridge.cleanup_on_logout.bad_credentials.shared_no_users | string -| `nil` +| `"nothing"` | | config.bridge.cleanup_on_logout.enabled -| string -| `nil` -| +| bool +| `false` +| Should cleanup on logout be enabled at all? | config.bridge.cleanup_on_logout.manual.private | string -| `nil` -| +| `"nothing"` +| Action for private portals which will never be shared with other Matrix users. | config.bridge.cleanup_on_logout.manual.relayed | string -| `nil` -| +| `"nothing"` +| Action for portals with a relay user configured. | config.bridge.cleanup_on_logout.manual.shared_has_users | string -| `nil` -| +| `"nothing"` +| Action for portals which have other logged-in Matrix users. | config.bridge.cleanup_on_logout.manual.shared_no_users | string -| `nil` -| +| `"nothing"` +| Action for portals which may be shared, but don't currently have any other Matrix users. | config.bridge.command_prefix | string @@ -256,34 +256,24 @@ helm uninstall mautrix-signal-release | The prefix for commands. Only required in non-management rooms. | config.bridge.mute_only_on_create -| string -| `nil` -| +| bool +| `true` +| Should room mute status only be synced when creating the portal? Like tags, mutes can't currently be synced back to the remote network. -| config.bridge.permissions."@admin:example.com" -| string -| `"admin"` -| - -| config.bridge.permissions."example.com" -| string -| `"user"` -| - -| config.bridge.permissions.* -| string -| `"relay"` -| +| config.bridge.permissions +| object +| `{"*":"relay","@admin:example.com":"admin","example.com":"user"}` +| Permissions for using the bridge. Permitted values: relay - Talk through the relaybot (if enabled), no access otherwise commands - Access to use commands in the bridge, but not login. user - Access to use the bridge with puppeting. admin - Full access, user level with some additional administration tools. Permitted keys: * - All Matrix users domain - All users on that homeserver mxid - Specific user | config.bridge.personal_filtering_spaces | bool -| `false` -| Should the bridge create a space for each logged-in user and add bridged rooms to it? Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time. +| `true` +| Should the bridge create a space for each login containing the rooms that account is in? | config.bridge.private_chat_portal_meta -| string -| `"default"` -| Whether to explicitly set the avatar and room name for private chat portal rooms. If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. If set to `always`, all DM rooms will have explicit names and avatars set. If set to `never`, DM rooms will never have names and avatars set. +| bool +| `false` +| Whether the bridge should set names and avatars explicitly for DM portals. This is only necessary when using clients that don't support MSC4171. | config.bridge.relay.admin_only | bool @@ -291,14 +281,14 @@ helm uninstall mautrix-signal-release | Should only admins be allowed to set themselves as relay users? | config.bridge.relay.default_relays -| string -| `nil` -| +| list +| `[]` +| List of user login IDs which anyone can set as a relay, as long as the relay user is in the room. | config.bridge.relay.displayname_format | string -| `""` -| +| `"{{ .DisambiguatedName }}"` +| For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names. This has all the Sender variables available under message_formats (but without the .Sender prefix). Note that you need to manually remove the displayname from message_formats above. | config.bridge.relay.enabled | bool @@ -307,13 +297,13 @@ helm uninstall mautrix-signal-release | config.bridge.relay.message_formats | object -| `{"m.audio":"{{ .Sender.Displayname }} sent an audio file","m.emote":"* {{ .Sender.Displayname }} {{ .Message }}","m.file":"{{ .Sender.Displayname }} sent a file","m.image":"{{ .Sender.Displayname }} sent an image","m.location":"{{ .Sender.Displayname }} sent a location","m.notice":"{{ .Sender.Displayname }}: {{ .Message }}","m.text":"{{ .Sender.Displayname }}: {{ .Message }}","m.video":"{{ .Sender.Displayname }} sent a video"}` -| The formats to use when sending messages to Signal via the relaybot. +| `{"m.audio":"{{ .Sender.DisambiguatedName }} sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.emote":"* {{ .Sender.DisambiguatedName }} {{ .Message }}","m.file":"{{ .Sender.DisambiguatedName }} sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.image":"{{ .Sender.DisambiguatedName }} sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}","m.location":"{{ .Sender.DisambiguatedName }} sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}","m.notice":"{{ .Sender.DisambiguatedName }}: {{ .Message }}","m.text":"{{ .Sender.DisambiguatedName }}: {{ .Message }}","m.video":"{{ .Sender.DisambiguatedName }} sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}"}` +| The formats to use when sending messages via the relaybot. Available variables: .Sender.UserID - The Matrix user ID of the sender. .Sender.Displayname - The display name of the sender (if set). .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room. .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set, plus the user ID in parentheses if the displayname is not unique. If the displayname is not set, this is just the user ID. .Message - The `formatted_body` field of the message. .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string. .FileName - The name of the file being sent. | config.bridge.tag_only_on_create -| string -| `nil` -| +| bool +| `true` +| Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority. Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone. | config.database.max_conn_idle_time | string @@ -347,48 +337,48 @@ helm uninstall mautrix-signal-release | config.direct_media.allow_proxy | bool -| `false` -| +| `true` +| If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916 media download redirects if the requester supports it. Optionally, you can force redirects and not allow proxying at all by setting this to false. This option does nothing if the remote network does not support media downloads over HTTP. | config.direct_media.enabled | bool | `false` -| +| Should custom mxc:// URIs be used instead of reuploading media? | config.direct_media.media_id_prefix | string -| `""` -| +| `nil` +| Optionally specify a custom prefix for the media ID part of the MXC URI. | config.direct_media.server_key | string | `""` -| +| Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file. This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them. | config.direct_media.server_name | string -| `""` -| +| `"discord-media.example.com"` +| The server name to use for the custom mxc:// URIs. This server name will effectively be a real Matrix server, it just won't implement anything other than media. You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge. | config.direct_media.well_known_response | string -| `""` -| +| `nil` +| Optionally a custom .well-known response. This defaults to `server_name:443` | config.double_puppet.allow_discovery | bool | `false` -| Allow using double puppeting from any server with a valid client .well-known file. +| Whether to allow client API URL discovery for other servers. When using this option, users on other servers can use double puppeting even if their server URLs aren't explicitly added to the servers map above. | config.double_puppet.secrets | object -| `{"example.com":"foobar"}` -| Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth If set, double puppeting will be enabled automatically for local users instead of users having to find an access token and run `login-matrix` manually. +| `{"example.com":"as_token:foobar"}` +| Shared secrets for automatic double puppeting. See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions. | config.double_puppet.servers | object | `{"example.com":"https://example.com"}` -| Servers to always allow double puppeting from +| Servers to always allow double puppeting from. This is only for other servers and should NOT contain the server the bridge is on. | config.encryption.allow | bool @@ -643,22 +633,22 @@ helm uninstall mautrix-signal-release | config.public_media.enabled | bool | `false` -| +| Should public media be enabled at all? The public_address field under the appservice section MUST be set when enabling public media. | config.public_media.expiry | int | `0` -| +| Number of seconds that public media URLs are valid for. If set to 0, URLs will never expire. | config.public_media.hash_length | int -| `0` -| +| `32` +| Length of hash to use for public media URLs. Must be between 0 and 32. | config.public_media.signing_key | string -| `""` -| +| `"generate"` +| A key for signing public media URLs. If set to "generate", a random key will be generated. | config.signal.device_name | string diff --git a/mautrix-signal/values.yaml b/mautrix-signal/values.yaml index 3300993..67e1347 100644 --- a/mautrix-signal/values.yaml +++ b/mautrix-signal/values.yaml @@ -23,29 +23,47 @@ config: bridge: # -- The prefix for commands. Only required in non-management rooms. command_prefix: '!signal' - # -- Should the bridge create a space for each logged-in user and add bridged rooms to it? - # Users who logged in before turning this on should run `!signal sync-space` to create and fill the space for the first time. - personal_filtering_spaces: false - # -- Whether to explicitly set the avatar and room name for private chat portal rooms. - # If set to `default`, this will be enabled in encrypted rooms and disabled in unencrypted rooms. - # If set to `always`, all DM rooms will have explicit names and avatars set. - # If set to `never`, DM rooms will never have names and avatars set. - private_chat_portal_meta: default - bridge_matrix_leave: - tag_only_on_create: - mute_only_on_create: + # -- Should the bridge create a space for each login containing the rooms that account is in? + personal_filtering_spaces: true + # -- Whether the bridge should set names and avatars explicitly for DM portals. + # This is only necessary when using clients that don't support MSC4171. + private_chat_portal_meta: false + + # -- Should leaving Matrix rooms be bridged as leaving groups on the remote network? + bridge_matrix_leave: false + # -- Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority. + # Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone. + tag_only_on_create: true + # -- Should room mute status only be synced when creating the portal? + # Like tags, mutes can't currently be synced back to the remote network. + mute_only_on_create: true + + # What should be done to portal rooms when a user logs out or is logged out? + # Permitted values: + # nothing - Do nothing, let the user stay in the portals + # kick - Remove the user from the portal rooms, but don't delete them + # unbridge - Remove all ghosts in the room and disassociate it from the remote chat + # delete - Remove all ghosts and users from the room (i.e. delete it) cleanup_on_logout: - enabled: + # -- Should cleanup on logout be enabled at all? + enabled: false + # Settings for manual logouts (explicitly initiated by the Matrix user) manual: - private: - relayed: - shared_no_users: - shared_has_users: + # -- Action for private portals which will never be shared with other Matrix users. + private: nothing + # -- Action for portals with a relay user configured. + relayed: nothing + # -- Action for portals which may be shared, but don't currently have any other Matrix users. + shared_no_users: nothing + # -- Action for portals which have other logged-in Matrix users. + shared_has_users: nothing + # Settings for credentials being invalidated (initiated by the remote network, possibly through user action). + # Keys have the same meanings as in the manual section. bad_credentials: - private: - relayed: - shared_no_users: - shared_has_users: + private: nothing + relayed: nothing + shared_no_users: nothing + shared_has_users: nothing # Settings for relay mode relay: @@ -54,26 +72,39 @@ config: enabled: false # -- Should only admins be allowed to set themselves as relay users? admin_only: true - default_relays: - # -- The formats to use when sending messages to Signal via the relaybot. + # -- List of user login IDs which anyone can set as a relay, as long as the relay user is in the room. + default_relays: [] + # -- The formats to use when sending messages via the relaybot. + # Available variables: + # .Sender.UserID - The Matrix user ID of the sender. + # .Sender.Displayname - The display name of the sender (if set). + # .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room. + # .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set, + # plus the user ID in parentheses if the displayname is not unique. + # If the displayname is not set, this is just the user ID. + # .Message - The `formatted_body` field of the message. + # .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string. + # .FileName - The name of the file being sent. message_formats: - m.text: "{{ .Sender.Displayname }}: {{ .Message }}" - m.notice: "{{ .Sender.Displayname }}: {{ .Message }}" - m.emote: "* {{ .Sender.Displayname }} {{ .Message }}" - m.file: "{{ .Sender.Displayname }} sent a file" - m.image: "{{ .Sender.Displayname }} sent an image" - m.audio: "{{ .Sender.Displayname }} sent an audio file" - m.video: "{{ .Sender.Displayname }} sent a video" - m.location: "{{ .Sender.Displayname }} sent a location" - displayname_format: "" + m.text: "{{ .Sender.DisambiguatedName }}: {{ .Message }}" + m.notice: "{{ .Sender.DisambiguatedName }}: {{ .Message }}" + m.emote: "* {{ .Sender.DisambiguatedName }} {{ .Message }}" + m.file: "{{ .Sender.DisambiguatedName }} sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}" + m.image: "{{ .Sender.DisambiguatedName }} sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}" + m.audio: "{{ .Sender.DisambiguatedName }} sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}" + m.video: "{{ .Sender.DisambiguatedName }} sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}" + m.location: "{{ .Sender.DisambiguatedName }} sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}" + # -- For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names. + # This has all the Sender variables available under message_formats (but without the .Sender prefix). + # Note that you need to manually remove the displayname from message_formats above. + displayname_format: "{{ .DisambiguatedName }}" - # Permissions for using the bridge. + # -- Permissions for using the bridge. # Permitted values: - # block - # relay - Talk through the relaybot (if enabled), no access otherwise - # commands - - # user - Access to use the bridge to chat with a Signal account. - # admin - User level and some additional administration tools + # commands - Access to use commands in the bridge, but not login. + # user - Access to use the bridge with puppeting. + # admin - Full access, user level with some additional administration tools. # Permitted keys: # * - All Matrix users # domain - All users on that homeserver @@ -192,48 +223,91 @@ config: # -- Enable debug API at /debug with provisioning authentication. debug_endpoints: false + # Some networks require publicly accessible media download links (e.g. for user avatars when using Discord webhooks). + # These settings control whether the bridge will provide such public media access. public_media: + # -- Should public media be enabled at all? + # The public_address field under the appservice section MUST be set when enabling public media. enabled: false - signing_key: "" - hash_length: 0 + # -- A key for signing public media URLs. + # If set to "generate", a random key will be generated. + signing_key: generate + # -- Number of seconds that public media URLs are valid for. + # If set to 0, URLs will never expire. expiry: 0 + # -- Length of hash to use for public media URLs. Must be between 0 and 32. + hash_length: 32 + # Settings for converting remote media to custom mxc:// URIs instead of reuploading. + # More details can be found at https://docs.mau.fi/bridges/go/discord/direct-media.html direct_media: + # -- Should custom mxc:// URIs be used instead of reuploading media? enabled: false - media_id_prefix: "" - server_name: "" + # -- The server name to use for the custom mxc:// URIs. + # This server name will effectively be a real Matrix server, it just won't implement anything other than media. + # You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge. + server_name: discord-media.example.com + # -- Optionally a custom .well-known response. This defaults to `server_name:443` + well_known_response: + # -- Optionally specify a custom prefix for the media ID part of the MXC URI. + media_id_prefix: + # -- If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916 + # media download redirects if the requester supports it. Optionally, you can force redirects + # and not allow proxying at all by setting this to false. + # This option does nothing if the remote network does not support media downloads over HTTP. + allow_proxy: true + # -- Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file. + # This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them. server_key: "" - allow_proxy: false - well_known_response: "" + # Settings for backfilling messages. + # Note that the exact way settings are applied depends on the network connector. + # See https://docs.mau.fi/bridges/general/backfill.html for more details. backfill: + # -- Whether to do backfilling at all. enabled: false - max_initial_messages: - max_catchup_messages: - unread_hours_threshold: + # -- Maximum number of messages to backfill in empty rooms. + max_initial_messages: 50 + # -- Maximum number of missed messages to backfill after bridge restarts. + max_catchup_messages: 500 + # -- If a backfilled chat is older than this number of hours, + # mark it as read even if it's unread on the remote network. + unread_hours_threshold: 720 + # Settings for backfilling threads within other backfills. threads: - max_initial_messages: + # -- Maximum number of messages to backfill in a new thread. + max_initial_messages: 50 + # Settings for the backwards backfill queue. This only applies when connecting to + # Beeper as standard Matrix servers don't support inserting messages into history. queue: - enabled: - batch_size: - batch_delay: - max_batches: 10 - max_batches_override: - "a": 10 + # -- Should the backfill queue be enabled? + enabled: false + # -- Number of messages to backfill in one batch. + batch_size: 100 + # -- Delay between batches in seconds. + batch_delay: 20 + # -- Maximum number of batches to backfill per portal. + # If set to -1, all available messages will be backfilled. + max_batches: -1 + # -- Optional network-specific overrides for max batches. + # Interpretation of this field depends on the network connector. + max_batches_override: {} + + # Settings for enabling double puppeting double_puppet: - # -- Allow using double puppeting from any server with a valid client .well-known file. - allow_discovery: false - # -- Servers to always allow double puppeting from + # -- Servers to always allow double puppeting from. + # This is only for other servers and should NOT contain the server the bridge is on. servers: example.com: https://example.com - # -- Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth - # - # If set, double puppeting will be enabled automatically for local users - # instead of users having to find an access token and run `login-matrix` - # manually. + # -- Whether to allow client API URL discovery for other servers. When using this option, + # users on other servers can use double puppeting even if their server URLs aren't + # explicitly added to the servers map above. + allow_discovery: false + # -- Shared secrets for automatic double puppeting. + # See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions. secrets: - example.com: foobar + example.com: as_token:foobar # End-to-bridge encryption support options. # -- 2.45.3 From 18321767822aa1c7a7ec80d1abbcc6f6705d256e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 13:18:41 +0200 Subject: [PATCH 072/256] fix(mautrix-signal): drop of metrics (see https://github.com/mautrix/signal/issues/532 --- mautrix-signal/Chart.yaml | 2 +- mautrix-signal/README.adoc | 22 +------------------- mautrix-signal/templates/deployment.yaml | 5 ----- mautrix-signal/templates/service.yaml | 6 ------ mautrix-signal/templates/servicemonitor.yaml | 18 ---------------- mautrix-signal/values.yaml | 12 ----------- 6 files changed, 2 insertions(+), 63 deletions(-) delete mode 100644 mautrix-signal/templates/servicemonitor.yaml diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index b1ce738..10ce145 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.9 +version: 0.0.10 # renovate: image=dock.mau.dev/mautrix/signal appVersion: "0.7.0" maintainers: diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index 61370c8..620c447 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,7 +2,7 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square[Version: 0.0.9] +image::https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square[Version: 0.0.10] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] == Maintainers @@ -605,16 +605,6 @@ helm uninstall mautrix-signal-release | `false` | Should the bridge update the m.direct account data event when double puppeting is enabled. Note that updating the m.direct event is not atomic (except with mautrix-asmux) and is therefore prone to race conditions. -| config.metrics.enabled -| bool -| `true` -| Enable prometheus metrics? - -| config.metrics.listen -| string -| `"0.0.0.0:8000"` -| IP and port where the metrics listener should be. The path is always /metrics - | config.provisioning.debug_endpoints | bool | `false` @@ -835,16 +825,6 @@ helm uninstall mautrix-signal-release | `{}` | -| prometheus.servicemonitor.enabled -| bool -| `false` -| - -| prometheus.servicemonitor.labels -| object -| `{}` -| - | readinessProbe.httpGet.path | string | `"/_matrix/mau/ready"` diff --git a/mautrix-signal/templates/deployment.yaml b/mautrix-signal/templates/deployment.yaml index 31f6add..dacb6e6 100644 --- a/mautrix-signal/templates/deployment.yaml +++ b/mautrix-signal/templates/deployment.yaml @@ -43,11 +43,6 @@ spec: - name: http containerPort: {{ .Values.config.appservice.port }} protocol: TCP - {{- if .Values.config.metrics.enabled }} - - name: metrics - containerPort: {{ regexSplit ":" .Values.config.metrics.listen -1 | last }} - protocol: TCP - {{- end }} livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} readinessProbe: diff --git a/mautrix-signal/templates/service.yaml b/mautrix-signal/templates/service.yaml index d5bfdd1..1f9e3a7 100644 --- a/mautrix-signal/templates/service.yaml +++ b/mautrix-signal/templates/service.yaml @@ -15,10 +15,4 @@ spec: targetPort: http protocol: TCP name: http - {{- if .Values.config.metrics.enabled }} - - port: {{ regexSplit ":" .Values.config.metrics.listen -1 | last }} - targetPort: metrics - protocol: TCP - name: metrics - {{- end }} {{- end }} diff --git a/mautrix-signal/templates/servicemonitor.yaml b/mautrix-signal/templates/servicemonitor.yaml deleted file mode 100644 index c60d257..0000000 --- a/mautrix-signal/templates/servicemonitor.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if and .Values.prometheus.servicemonitor.enabled ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "mautrix-signal.fullname" . }} - labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} - {{- with .Values.prometheus.servicemonitor.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - matchLabels: - {{- include "mautrix-signal.selectorLabels" . | nindent 6 }} - endpoints: - - port: metrics - path: /metrics -{{- end }} diff --git a/mautrix-signal/values.yaml b/mautrix-signal/values.yaml index 67e1347..175c41b 100644 --- a/mautrix-signal/values.yaml +++ b/mautrix-signal/values.yaml @@ -407,13 +407,6 @@ config: # -- Optional extra text sent when joining a management room. additional_help: "" - # Prometheus config. - metrics: - # -- Enable prometheus metrics? - enabled: true - # -- IP and port where the metrics listener should be. The path is always /metrics - listen: 0.0.0.0:8000 - signal: # -- Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. # {{.ProfileName}} - The Signal profile name set by the user. @@ -575,8 +568,3 @@ persistence: accessMode: ReadWriteOnce # -- size size: 10Gi - -prometheus: - servicemonitor: - enabled: false - labels: {} -- 2.45.3 From ee252d89250b51dfbdb5c82a437f3640a13765cd Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 17 Aug 2024 17:43:27 +0200 Subject: [PATCH 073/256] fix(gotosocial): add configuration options for instance --- gotosocial/Chart.yaml | 2 +- gotosocial/README.adoc | 47 +++++++++++++- gotosocial/templates/secret.yaml | 16 +++++ gotosocial/values.yaml | 101 +++++++++++++++++++++++++++++++ 4 files changed, 164 insertions(+), 2 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index ee7c91a..28384ea 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,7 +3,7 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.2.0 +version: 0.2.1 # renovate: image=docker.io/superseriousbusiness/gotosocial appVersion: "0.16.0" maintainers: diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index 15ac1be..2a139d0 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,7 +2,7 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.16.0-informational?style=flat-square[AppVersion: 0.16.0] == Maintainers @@ -167,6 +167,51 @@ helm uninstall gotosocial-release | `"localhost"` | +| gotosocial.instance.deliverToSharedInboxes +| bool +| `true` +| This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually. Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances). See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery + +| gotosocial.instance.expose.peers +| bool +| `false` +| Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint. + +| gotosocial.instance.expose.publicTimeline +| bool +| `false` +| This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually. Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances). See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery + +| gotosocial.instance.expose.suspended +| bool +| `false` +| Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint. WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers. See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots + +| gotosocial.instance.expose.suspendedWeb +| bool +| `false` +| Allow unauthenticated users to view /about/suspended, showing the HTML rendered list of instances that this instance blocks/suspends. + +| gotosocial.instance.federation.mode +| string +| `"blocklist"` +| Federation mode to use for this instance. "blocklist" -- open federation by default. Only instances that are explicitly blocked will be denied (unless they are also explicitly allowed). "allowlist" -- closed federation by default. Only instances that are explicitly allowed will be able to interact with this instance. For more details on blocklist and allowlist modes, check the documentation at: https://docs.gotosocial.org/en/latest/admin/federation_modes Options: ["blocklist", "allowlist"] + +| gotosocial.instance.federation.spamFilter +| bool +| `false` +| Enable spam filtering heuristics for messages entering your instance via the federation API. Regardless of what you set here, basic checks for message relevancy will still be performed, but you can try enabling this setting if you are being spammed with unwanted messages from other instances, and want to more strictly filter out spam messages. THIS IS CURRENTLY AN EXPERIMENTAL SETTING, AND MAY FILTER OUT LEGITIMATE MESSAGES, OR FAIL TO FILTER OUT SPAMMY MESSAGES. It is recommended to only enable this setting when the fediverse is in the midst of a spam wave, and you need to batten down the hatches to keep your instance usable. The decision of whether a message counts as spam or not is made based on the following heuristics, in order, where receiver = the account on your instance that received a message in their inbox, and requester = the account on a remote instance that sent the message. First, basic relevancy checks 1. Receiver follows requester. Return OK. 2. Statusable doesn't mention receiver. Return NotRelevant. If instance-federation-spam-filter = false, then return OK now. Otherwise check: 3. Receiver is locked and is followed by requester. Return OK. 4. Five or more people are mentioned. Return Spam. 5. Receiver follow (requests) a mentioned account. Return OK. 6. Statusable has a media attachment. Return Spam. 7. Statusable contains non-mention, non-hashtag links. Return Spam. Messages identified as spam will be dropped from your instance, and not inserted into the database, or into home timelines or notifications. + +| gotosocial.instance.injectMastodonVersion +| bool +| `false` +| This flag will inject a Mastodon version into the version field that is included in /api/v1/instance. This version is often used by Mastodon clients to do API feature detection. By injecting a Mastodon compatible version, it is possible to cajole those clients to behave correctly with GoToSocial. + +| gotosocial.instance.languages +| list +| `[]` +| BCP47 language tags to indicate preferred languages of users on this instance. If you provide these, you should provide these in order from most-preferred to least-preferred, but note that leaving out a language from this array doesn't mean it can't be used on this instance, it only means it won't be advertised as a preferred instance language. It is valid to provide no entries here; your instance will then have no particular preferred language. See here for commonly-used tags: https://en.wikipedia.org/wiki/IETF_language_tag#List_of_common_primary_language_subtags See here for all current tags: https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry Example: ["nl", "en-gb", "fr"] + | gotosocial.landingPageUser | string | `""` diff --git a/gotosocial/templates/secret.yaml b/gotosocial/templates/secret.yaml index 558f872..08f345b 100644 --- a/gotosocial/templates/secret.yaml +++ b/gotosocial/templates/secret.yaml @@ -42,6 +42,22 @@ data: {{- end }}{{/* end-with .database */}} {{- end }}{{/* end-else-if sqlite */}} + {{- with .instance }} + GTS_INSTANCE_LANGUAGES: {{ .languages | join "," | b64enc }} + {{- with .federation }} + GTS_INSTANCE_FEDERATION_MODE: {{ .mode | b64enc }} + GTS_INSTANCE_FEDERATION_SPAM_FILTER: {{ toYaml .spamFilter | b64enc }} + {{- end }}{{/* end-with federation */}} + {{- with .expose }} + GTS_INSTANCE_EXPOSE_PEERS: {{ toYaml .peers | b64enc }} + GTS_INSTANCE_EXPOSE_SUSPENDED: {{ toYaml .suspended | b64enc }} + GTS_INSTANCE_EXPOSE_SUSPENDED_WEB: {{ toYaml .suspendedWeb | b64enc }} + GTS_INSTANCE_EXPOSE_PUBLIC_TIMELINE: {{ toYaml .publicTimeline | b64enc }} + {{- end }}{{/* end-with expose */}} + GTS_INSTANCE_DELIVER_TO_SHARED_INBOXES: {{ toYaml .deliverToSharedInboxes | b64enc }} + GTS_INSTANCE_INJECT_MASTODON_VERSION: {{ toYaml .injectMastodonVersion | b64enc }} + {{- end }}{{/* end-with instance */}} + {{- with .accounts }} GTS_ACCOUNTS_REGISTRATION_OPEN: {{ toYaml .registrationOpen | b64enc }} GTS_ACCOUNTS_APPROVAL_REQUIRED: {{ toYaml .approvalRequired | b64enc }} diff --git a/gotosocial/values.yaml b/gotosocial/values.yaml index 24977ae..11260c5 100644 --- a/gotosocial/values.yaml +++ b/gotosocial/values.yaml @@ -52,6 +52,107 @@ gotosocial: # If this is left empty, just the host certificates will be used. # If filled in, the certificate will be loaded and added to host certificates. tlsCACert: "" + + instance: + # -- BCP47 language tags to indicate preferred languages of users on this instance. + # + # If you provide these, you should provide these in order from most-preferred to least-preferred, + # but note that leaving out a language from this array doesn't mean it can't be used on this instance, + # it only means it won't be advertised as a preferred instance language. + # + # It is valid to provide no entries here; your instance will then have no particular preferred language. + # + # See here for commonly-used tags: https://en.wikipedia.org/wiki/IETF_language_tag#List_of_common_primary_language_subtags + # See here for all current tags: https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry + # + # Example: ["nl", "en-gb", "fr"] + languages: [] + federation: + # -- Federation mode to use for this instance. + # + # "blocklist" -- open federation by default. Only instances that are explicitly + # blocked will be denied (unless they are also explicitly allowed). + # + # "allowlist" -- closed federation by default. Only instances that are explicitly + # allowed will be able to interact with this instance. + # + # For more details on blocklist and allowlist modes, check the documentation at: + # https://docs.gotosocial.org/en/latest/admin/federation_modes + # + # Options: ["blocklist", "allowlist"] + mode: "blocklist" + # -- Enable spam filtering heuristics for messages entering your instance + # via the federation API. Regardless of what you set here, basic checks + # for message relevancy will still be performed, but you can try enabling + # this setting if you are being spammed with unwanted messages from other + # instances, and want to more strictly filter out spam messages. + # + # THIS IS CURRENTLY AN EXPERIMENTAL SETTING, AND MAY FILTER OUT LEGITIMATE + # MESSAGES, OR FAIL TO FILTER OUT SPAMMY MESSAGES. It is recommended to + # only enable this setting when the fediverse is in the midst of a spam + # wave, and you need to batten down the hatches to keep your instance usable. + # + # The decision of whether a message counts as spam or not is made based on + # the following heuristics, in order, where receiver = the account on your + # instance that received a message in their inbox, and requester = the + # account on a remote instance that sent the message. + # + # First, basic relevancy checks + # + # 1. Receiver follows requester. Return OK. + # 2. Statusable doesn't mention receiver. Return NotRelevant. + # + # If instance-federation-spam-filter = false, then return OK now. + # Otherwise check: + # + # 3. Receiver is locked and is followed by requester. Return OK. + # 4. Five or more people are mentioned. Return Spam. + # 5. Receiver follow (requests) a mentioned account. Return OK. + # 6. Statusable has a media attachment. Return Spam. + # 7. Statusable contains non-mention, non-hashtag links. Return Spam. + # + # Messages identified as spam will be dropped from your instance, and not + # inserted into the database, or into home timelines or notifications. + spamFilter: false + expose: + # -- Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order + # to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated + # users (members of the instance) will still be able to query the endpoint. + peers: false + # -- Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order + # to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated + # users (members of the instance) will still be able to query the endpoint. + # + # WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers. + # See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots + suspended: false + # -- Allow unauthenticated users to view /about/suspended, + # showing the HTML rendered list of instances that this instance blocks/suspends. + suspendedWeb: false + # -- This flag tweaks whether GoToSocial will deliver ActivityPub messages + # to the shared inbox of a recipient, if one is available, instead of delivering + # each message to each actor who should receive a message individually. + # + # Shared inbox delivery can significantly reduce network load when delivering + # to multiple recipients share an inbox (eg., on large Mastodon instances). + # + # See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery + publicTimeline: false + # -- This flag tweaks whether GoToSocial will deliver ActivityPub messages + # to the shared inbox of a recipient, if one is available, instead of delivering + # each message to each actor who should receive a message individually. + # + # Shared inbox delivery can significantly reduce network load when delivering + # to multiple recipients share an inbox (eg., on large Mastodon instances). + # + # See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery + deliverToSharedInboxes: true + # -- This flag will inject a Mastodon version into the version field that + # is included in /api/v1/instance. This version is often used by Mastodon clients + # to do API feature detection. By injecting a Mastodon compatible version, it is + # possible to cajole those clients to behave correctly with GoToSocial. + injectMastodonVersion: false + accounts: # -- Do we want people to be able to just submit sign up requests, or do we want invite only? registrationOpen: true -- 2.45.3 From 2022282bd65446b9727df46139ad4fec2249937d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 19 Aug 2024 10:51:39 +0200 Subject: [PATCH 074/256] fix(alertmanager-matrix): update appVersion --- alertmanager-matrix/Chart.yaml | 4 ++-- alertmanager-matrix/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/alertmanager-matrix/Chart.yaml b/alertmanager-matrix/Chart.yaml index f2a3e46..078ad62 100644 --- a/alertmanager-matrix/Chart.yaml +++ b/alertmanager-matrix/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: alertmanager-matrix description: Service for managing and receiving Alertmanager alerts on Matrix type: application -version: 0.1.8 +version: 0.1.9 # renovate: image=docker.io/silkeh/alertmanager_matrix -appVersion: "0.4.3" +appVersion: "0.5.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/alertmanager-matrix/README.adoc b/alertmanager-matrix/README.adoc index 91636ca..5e347ba 100644 --- a/alertmanager-matrix/README.adoc +++ b/alertmanager-matrix/README.adoc @@ -2,9 +2,9 @@ = alertmanager-matrix -image::https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square[Version: 0.1.8] +image::https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square[Version: 0.1.9] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.4.3-informational?style=flat-square[AppVersion: 0.4.3] +image::https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square[AppVersion: 0.5.0] == Maintainers .Maintainers -- 2.45.3 From 9dac131ffd4c5b22dce883cc15220808ce6d6c02 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 22 Aug 2024 19:22:17 +0200 Subject: [PATCH 075/256] fix(jellyfin): add networkpolicy support --- jellyfin/Chart.yaml | 2 +- jellyfin/README.adoc | 22 ++++++++++++++++++++- jellyfin/templates/networkpolicy.yaml | 28 +++++++++++++++++++++++++++ jellyfin/values.yaml | 11 +++++++++++ 4 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 jellyfin/templates/networkpolicy.yaml diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index ec75b6d..ba1cded 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,7 +3,7 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.2.3 +version: 0.3.0 # renovate: image=ghcr.io/jellyfin/jellyfin appVersion: "10.9.9" maintainers: diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index de793e0..388636e 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,7 +2,7 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] +image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-10.9.9-informational?style=flat-square[AppVersion: 10.9.9] == Maintainers @@ -182,6 +182,26 @@ helm uninstall jellyfin-release | `""` | +| networkPolicy.egress.enabled +| bool +| `true` +| activate egress no networkpolicy + +| networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| networkPolicy.enabled +| bool +| `false` +| + +| networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller, prometheus) + | nodeSelector | object | `{}` diff --git a/jellyfin/templates/networkpolicy.yaml b/jellyfin/templates/networkpolicy.yaml new file mode 100644 index 0000000..ea76391 --- /dev/null +++ b/jellyfin/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "jellyfin.fullname" . }} + labels: + {{- include "jellyfin.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "jellyfin.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + ingress: + - ports: + - port: {{ .Values.service.port }} + protocol: TCP + from: + {{- toYaml .Values.networkPolicy.ingress.http | nindent 8 }} + {{- with .Values.networkPolicy.egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} diff --git a/jellyfin/values.yaml b/jellyfin/values.yaml index b221226..d668303 100644 --- a/jellyfin/values.yaml +++ b/jellyfin/values.yaml @@ -84,6 +84,17 @@ grafana: grafana_dashboard: "1" annotations: {} +networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller, prometheus) + http: [] + egress: + # -- activate egress no networkpolicy + enabled: true + # -- egress rules + extra: [] + ingress: enabled: false className: "" -- 2.45.3 From 49bcbf41304ac4f0f465039f284ea87fa2c32aa9 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 22 Aug 2024 20:02:29 +0200 Subject: [PATCH 076/256] fix(miniserve): add networkpolicy support --- miniserve/Chart.yaml | 2 +- miniserve/README.adoc | 22 +++++++++++++++++++- miniserve/templates/networkpolicy.yaml | 28 ++++++++++++++++++++++++++ miniserve/values.yaml | 11 ++++++++++ 4 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 miniserve/templates/networkpolicy.yaml diff --git a/miniserve/Chart.yaml b/miniserve/Chart.yaml index f59675e..99ec735 100644 --- a/miniserve/Chart.yaml +++ b/miniserve/Chart.yaml @@ -3,7 +3,7 @@ name: miniserve description: A Helm chart for Kubernetes icon: https://raw.githubusercontent.com/svenstaro/miniserve/master/data/logo.svg type: application -version: 0.3.7 +version: 0.4.0 # renovate: image=docker.io/svenstaro/miniserve appVersion: "0.27.0" maintainers: diff --git a/miniserve/README.adoc b/miniserve/README.adoc index 12b3675..85049b5 100644 --- a/miniserve/README.adoc +++ b/miniserve/README.adoc @@ -2,7 +2,7 @@ = miniserve -image::https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square[Version: 0.3.7] +image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.27.0-informational?style=flat-square[AppVersion: 0.27.0] == Maintainers @@ -277,6 +277,26 @@ helm uninstall miniserve-release | `""` | +| networkPolicy.egress.enabled +| bool +| `true` +| activate egress no networkpolicy + +| networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| networkPolicy.enabled +| bool +| `false` +| + +| networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller) + | nodeSelector | object | `{}` diff --git a/miniserve/templates/networkpolicy.yaml b/miniserve/templates/networkpolicy.yaml new file mode 100644 index 0000000..2df2ebf --- /dev/null +++ b/miniserve/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "miniserve.fullname" . }} + labels: + {{- include "miniserve.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "miniserve.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + ingress: + - ports: + - port: {{ .Values.service.port }} + protocol: TCP + from: + {{- toYaml .Values.networkPolicy.ingress.http | nindent 8 }} + {{- with .Values.networkPolicy.egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} diff --git a/miniserve/values.yaml b/miniserve/values.yaml index f2ff6e6..9ae54d7 100644 --- a/miniserve/values.yaml +++ b/miniserve/values.yaml @@ -126,6 +126,17 @@ service: type: ClusterIP port: 8080 +networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller) + http: [] + egress: + # -- activate egress no networkpolicy + enabled: true + # -- egress rules + extra: [] + ingress: enabled: false className: "" -- 2.45.3 From c66c4f77be8c9e9c1f6aae8ee4db8188c5396a87 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 22 Aug 2024 20:23:21 +0200 Subject: [PATCH 077/256] fix(speedtest-exporter): add networkpolicy support --- speedtest-exporter/Chart.yaml | 2 +- speedtest-exporter/README.adoc | 22 ++++++++++++++- .../templates/networkpolicy.yaml | 28 +++++++++++++++++++ speedtest-exporter/values.yaml | 11 ++++++++ 4 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 speedtest-exporter/templates/networkpolicy.yaml diff --git a/speedtest-exporter/Chart.yaml b/speedtest-exporter/Chart.yaml index 5eeccd4..869ba45 100644 --- a/speedtest-exporter/Chart.yaml +++ b/speedtest-exporter/Chart.yaml @@ -3,7 +3,7 @@ name: speedtest-exporter description: icon: https://b.cdnst.net/images/favicons/favicon-180.png type: application -version: 0.1.1 +version: 0.2.0 # renovate: image=ghcr.io/miguelndecarvalho/speedtest-exporter appVersion: "3.5.4" maintainers: diff --git a/speedtest-exporter/README.adoc b/speedtest-exporter/README.adoc index 68fa28c..18c62b9 100644 --- a/speedtest-exporter/README.adoc +++ b/speedtest-exporter/README.adoc @@ -2,7 +2,7 @@ = speedtest-exporter -image::https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square[Version: 0.1.1] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.4-informational?style=flat-square[AppVersion: 3.5.4] == Maintainers @@ -192,6 +192,26 @@ helm uninstall speedtest-exporter-release | `""` | +| networkPolicy.egress.enabled +| bool +| `false` +| activate egress no networkpolicy + +| networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| networkPolicy.enabled +| bool +| `false` +| + +| networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller, prometheus) + | nodeSelector | object | `{}` diff --git a/speedtest-exporter/templates/networkpolicy.yaml b/speedtest-exporter/templates/networkpolicy.yaml new file mode 100644 index 0000000..cb011b3 --- /dev/null +++ b/speedtest-exporter/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "speedtest-exporter.fullname" . }} + labels: + {{- include "speedtest-exporter.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "speedtest-exporter.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + ingress: + - ports: + - port: 9798 + protocol: TCP + from: + {{- toYaml .Values.networkPolicy.ingress.http | nindent 8 }} + {{- with .Values.networkPolicy.egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} diff --git a/speedtest-exporter/values.yaml b/speedtest-exporter/values.yaml index 4dc6d65..e85daa6 100644 --- a/speedtest-exporter/values.yaml +++ b/speedtest-exporter/values.yaml @@ -71,6 +71,17 @@ grafana: grafana_dashboard: "1" annotations: {} +networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller, prometheus) + http: [] + egress: + # -- activate egress no networkpolicy + enabled: false + # -- egress rules + extra: [] + ingress: enabled: false className: "" -- 2.45.3 From fbcc720a424a40941ab4e8e77096089205d89a95 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 22 Aug 2024 20:44:29 +0200 Subject: [PATCH 078/256] fix(ntfy): add networkpolicy support --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 32 +++++++++++++++++++++- ntfy/templates/deployment.yaml | 2 ++ ntfy/templates/networkpolicy.yaml | 44 +++++++++++++++++++++++++++++++ ntfy/values.yaml | 15 +++++++++++ 5 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 ntfy/templates/networkpolicy.yaml diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 4465760..20e2081 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.3.2 +version: 0.4.0 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index b3f3c06..12e646e 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] +image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -167,6 +167,36 @@ helm uninstall ntfy-release | `""` | +| networkPolicy.egress.enabled +| bool +| `true` +| activate egress no networkpolicy + +| networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| networkPolicy.enabled +| bool +| `false` +| + +| networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller) + +| networkPolicy.ingress.metrics +| list +| `[]` +| ingress for metrics port (e.g. prometheus) + +| networkPolicy.ingress.smtp +| list +| `[]` +| ingress for smtp + | nodeSelector | object | `{}` diff --git a/ntfy/templates/deployment.yaml b/ntfy/templates/deployment.yaml index 7636ccc..3e16e91 100644 --- a/ntfy/templates/deployment.yaml +++ b/ntfy/templates/deployment.yaml @@ -63,9 +63,11 @@ spec: containerPort: {{ .Values.ntfy.metrics.port }} protocol: TCP {{- end }} + {{- if .Values.service.smtp.enabled }} - name: smtp containerPort: {{ .Values.service.smtp.port }} protocol: TCP + {{- end }} livenessProbe: httpGet: path: /v1/health diff --git a/ntfy/templates/networkpolicy.yaml b/ntfy/templates/networkpolicy.yaml new file mode 100644 index 0000000..a6c1a75 --- /dev/null +++ b/ntfy/templates/networkpolicy.yaml @@ -0,0 +1,44 @@ +{{- if .Values.networkPolicy.enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "ntfy.fullname" . }} + labels: + {{- include "ntfy.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "ntfy.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + ingress: + {{- with .Values.networkPolicy.ingress.http }} + - ports: + - port: {{ $.Values.service.http.port }} + protocol: TCP + from: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if and .Values.ntfy.metrics.enable .Values.networkPolicy.ingress.metrics }} + - ports: + - port: {{ .Values.ntfy.metrics.port }} + protocol: TCP + from: + {{- toYaml .Values.networkPolicy.ingress.metrics | nindent 8 }} + {{- end }} + {{- if and .Values.service.smtp.enabled .Values.networkPolicy.ingress.smtp }} + - ports: + - port: {{ .Values.service.smtp.port }} + protocol: TCP + from: + {{- toYaml .Values.networkPolicy.ingress.smtp | nindent 8 }} + {{- end }} + {{- with .Values.networkPolicy.egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} diff --git a/ntfy/values.yaml b/ntfy/values.yaml index b352db2..7a592a8 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -187,6 +187,21 @@ service: type: LoadBalancer port: 25 +networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller) + http: [] + # -- ingress for metrics port (e.g. prometheus) + metrics: [] + # -- ingress for smtp + smtp: [] + egress: + # -- activate egress no networkpolicy + enabled: true + # -- egress rules + extra: [] + ingress: enabled: false className: "" -- 2.45.3 From f4f5a52ffaad4c58d38e8b4c5252e1bc8fd1282e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 22 Aug 2024 20:57:27 +0200 Subject: [PATCH 079/256] fix(grampsweb): add networkpolicy support --- grampsweb/Chart.yaml | 2 +- grampsweb/README.adoc | 22 +++++++++++++++++++- grampsweb/templates/networkpolicy.yaml | 28 ++++++++++++++++++++++++++ grampsweb/values.yaml | 11 ++++++++++ 4 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 grampsweb/templates/networkpolicy.yaml diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index d4379b6..0bb216c 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,7 +3,7 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.1.15 +version: 0.2.0 # renovate: image=ghcr.io/gramps-project/grampsweb appVersion: "24.7.1" maintainers: diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index d4b5a1e..ab55169 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,7 +2,7 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square[Version: 0.1.15] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-24.7.1-informational?style=flat-square[AppVersion: 24.7.1] == Maintainers @@ -187,6 +187,26 @@ helm uninstall grampsweb-release | `""` | +| networkPolicy.egress.enabled +| bool +| `true` +| activate egress no networkpolicy + +| networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| networkPolicy.enabled +| bool +| `false` +| + +| networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller) + | nodeSelector | object | `{}` diff --git a/grampsweb/templates/networkpolicy.yaml b/grampsweb/templates/networkpolicy.yaml new file mode 100644 index 0000000..cec8c65 --- /dev/null +++ b/grampsweb/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "grampsweb.fullname" . }} + labels: + {{- include "grampsweb.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "grampsweb.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + ingress: + - ports: + - port: {{ .Values.service.port }} + protocol: TCP + from: + {{- toYaml .Values.networkPolicy.ingress.http | nindent 8 }} + {{- with .Values.networkPolicy.egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} diff --git a/grampsweb/values.yaml b/grampsweb/values.yaml index a088a88..5427161 100644 --- a/grampsweb/values.yaml +++ b/grampsweb/values.yaml @@ -90,6 +90,17 @@ service: type: ClusterIP port: 5000 +networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller) + http: [] + egress: + # -- activate egress no networkpolicy + enabled: true + # -- egress rules + extra: [] + ingress: enabled: false className: "" -- 2.45.3 From 24bbbe0bec9a38587e2b1f0c0ca35b99a8fa242d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 22 Aug 2024 21:27:11 +0200 Subject: [PATCH 080/256] fix(headscale-ui): update appVersion --- headscale-ui/Chart.yaml | 2 +- headscale-ui/README.adoc | 27 ++++++++++++++++- headscale-ui/templates/networkpolicy.yaml | 37 +++++++++++++++++++++++ headscale-ui/values.yaml | 12 ++++++++ 4 files changed, 76 insertions(+), 2 deletions(-) create mode 100644 headscale-ui/templates/networkpolicy.yaml diff --git a/headscale-ui/Chart.yaml b/headscale-ui/Chart.yaml index 962ad45..5ce6be0 100644 --- a/headscale-ui/Chart.yaml +++ b/headscale-ui/Chart.yaml @@ -3,7 +3,7 @@ name: headscale-ui description: A simple Headscale web UI for small-scale deployments. icon: https://raw.githubusercontent.com/gurucomputing/headscale-ui/master/static/favicon.png type: application -version: 0.1.5 +version: 0.2.0 # renovate: image=ghcr.io/gurucomputing/headscale-ui appVersion: "2024.02.24-beta1" maintainers: diff --git a/headscale-ui/README.adoc b/headscale-ui/README.adoc index 847af6a..cf34c93 100644 --- a/headscale-ui/README.adoc +++ b/headscale-ui/README.adoc @@ -2,7 +2,7 @@ = headscale-ui -image::https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square[Version: 0.1.5] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2024.02.24-beta1-informational?style=flat-square[AppVersion: 2024.02.24-beta1] == Maintainers @@ -152,6 +152,31 @@ helm uninstall headscale-ui-release | `""` | +| networkPolicy.egress.enabled +| bool +| `true` +| activate egress no networkpolicy + +| networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| networkPolicy.enabled +| bool +| `false` +| + +| networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller) + +| networkPolicy.ingress.https +| list +| `[]` +| + | nodeSelector | object | `{}` diff --git a/headscale-ui/templates/networkpolicy.yaml b/headscale-ui/templates/networkpolicy.yaml new file mode 100644 index 0000000..0a01ab1 --- /dev/null +++ b/headscale-ui/templates/networkpolicy.yaml @@ -0,0 +1,37 @@ +{{- if .Values.networkPolicy.enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "headscale-ui.fullname" . }} + labels: + {{- include "headscale-ui.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "headscale-ui.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + ingress: + {{- with .Values.networkPolicy.ingress.http }} + - ports: + - port: {{ $.Values.service.port.http }} + protocol: TCP + from: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.networkPolicy.ingress.https }} + - ports: + - port: {{ $.Values.service.port.https }} + protocol: TCP + from: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.networkPolicy.egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} diff --git a/headscale-ui/values.yaml b/headscale-ui/values.yaml index c0f8a23..47015d1 100644 --- a/headscale-ui/values.yaml +++ b/headscale-ui/values.yaml @@ -47,6 +47,18 @@ service: http: 8080 https: 8443 +networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller) + http: [] + https: [] + egress: + # -- activate egress no networkpolicy + enabled: true + # -- egress rules + extra: [] + ingress: enabled: false className: "" -- 2.45.3 From 6f18af3d0124040d0dd8dfdb7d455339444bc4eb Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 22 Aug 2024 21:41:36 +0200 Subject: [PATCH 081/256] fix(headscale): add networkpolicy support --- headscale/Chart.yaml | 2 +- headscale/README.adoc | 37 ++++++++++++++++++- headscale/templates/networkpolicy.yaml | 51 ++++++++++++++++++++++++++ headscale/values.yaml | 22 +++++++++++ 4 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 headscale/templates/networkpolicy.yaml diff --git a/headscale/Chart.yaml b/headscale/Chart.yaml index 5878996..3224f12 100644 --- a/headscale/Chart.yaml +++ b/headscale/Chart.yaml @@ -3,7 +3,7 @@ name: headscale description: An open source, self-hosted implementation of the Tailscale control server. icon: https://raw.githubusercontent.com/juanfont/headscale/56a7b1e34952c3e0306a134b2be9b4277f5d8d6e/docs/logo/headscale3-dots.svg type: application -version: 0.3.4 +version: 0.4.0 # renovate: image=docker.io/headscale/headscale appVersion: "0.22.3" maintainers: diff --git a/headscale/README.adoc b/headscale/README.adoc index bda3a3f..af1405c 100644 --- a/headscale/README.adoc +++ b/headscale/README.adoc @@ -2,7 +2,7 @@ = headscale -image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] +image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.22.3-informational?style=flat-square[AppVersion: 0.22.3] == Maintainers @@ -272,6 +272,41 @@ helm uninstall headscale-release | `""` | +| networkPolicy.egress.enabled +| bool +| `false` +| activate egress no networkpolicy + +| networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| networkPolicy.enabled +| bool +| `false` +| + +| networkPolicy.ingress.derp +| list +| `[{"ipBlock":{"cidr":"0.0.0.0/0"}},{"ipBlock":{"cidr":"::/0"}}]` +| ingress for derp + +| networkPolicy.ingress.grpc +| list +| `[]` +| ingress for grpc port + +| networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller) + +| networkPolicy.ingress.metrics +| list +| `[]` +| ingress for metrics port (e.g. prometheus) + | nodeSelector | object | `{}` diff --git a/headscale/templates/networkpolicy.yaml b/headscale/templates/networkpolicy.yaml new file mode 100644 index 0000000..c908973 --- /dev/null +++ b/headscale/templates/networkpolicy.yaml @@ -0,0 +1,51 @@ +{{- if .Values.networkPolicy.enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "headscale.fullname" . }} + labels: + {{- include "headscale.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "headscale.selectorLabels" . | nindent 6 }} + policyTypes: + - Ingress + {{- if .Values.networkPolicy.egress.enabled }} + - Egress + {{- end }} + ingress: + {{- with .Values.networkPolicy.ingress.http }} + - ports: + - port: {{ $.Values.service.port.http }} + protocol: TCP + from: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.networkPolicy.ingress.metrics }} + - ports: + - port: {{ $.Values.service.port.metrics }} + protocol: TCP + from: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.networkPolicy.ingress.grpc }} + - ports: + - port: {{ $.Values.service.port.grpc }} + protocol: TCP + from: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.networkPolicy.ingress.derp }} + - ports: + - port: {{ $.Values.service.derp.port }} + protocol: TCP + from: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.networkPolicy.egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} diff --git a/headscale/values.yaml b/headscale/values.yaml index 6de3d02..63cf39e 100644 --- a/headscale/values.yaml +++ b/headscale/values.yaml @@ -160,6 +160,28 @@ service: annotations: port: 3478 +networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller) + http: [] + # -- ingress for metrics port (e.g. prometheus) + metrics: [] + # -- ingress for grpc port + grpc: [] + # -- ingress for derp + derp: + - ipBlock: + cidr: 0.0.0.0/0 + - ipBlock: + cidr: ::/0 + + egress: + # -- activate egress no networkpolicy + enabled: false + # -- egress rules + extra: [] + ingress: enabled: false className: "" -- 2.45.3 From d9944d6c3fddf54a3541d35c3fe94c7eb7b2c894 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 23 Aug 2024 09:47:15 +0200 Subject: [PATCH 082/256] fix(matrix-synapse): add cors to well-known --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 2 +- matrix-synapse/files/well-known/nginx.conf | 15 +++++++++++++++ matrix-synapse/templates/wellknown/configmap.yaml | 1 + .../templates/wellknown/deployment.yaml | 9 ++++++++- 5 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 matrix-synapse/files/well-known/nginx.conf diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 0db3eb5..57b1229 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.7 +version: 0.2.8 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.101.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 9ab91f7..760e03f 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square[Version: 0.2.7] +image::https://img.shields.io/badge/Version-0.2.8-informational?style=flat-square[Version: 0.2.8] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.101.0-informational?style=flat-square[AppVersion: 1.101.0] == Maintainers diff --git a/matrix-synapse/files/well-known/nginx.conf b/matrix-synapse/files/well-known/nginx.conf new file mode 100644 index 0000000..c31b073 --- /dev/null +++ b/matrix-synapse/files/well-known/nginx.conf @@ -0,0 +1,15 @@ +server { + listen 80; + listen [::]:80; + server_name localhost; + + location / { + add_header Access-Control-Allow-Origin "*"; + root /usr/share/nginx/html; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } +} diff --git a/matrix-synapse/templates/wellknown/configmap.yaml b/matrix-synapse/templates/wellknown/configmap.yaml index b977b5a..a8d1e76 100644 --- a/matrix-synapse/templates/wellknown/configmap.yaml +++ b/matrix-synapse/templates/wellknown/configmap.yaml @@ -20,4 +20,5 @@ data: {{- else }} {{- dict "m.homeserver" (dict "base_url" (printf "https://%s/" (.Values.publicServerName | default .Values.serverName))) | toJson | nindent 4 }} {{- end }} + {{- (.Files.Glob "files/well-known/*" ).AsConfig | nindent 2 }} {{- end -}}{{/* end-if .wellknown.enabled */}} diff --git a/matrix-synapse/templates/wellknown/deployment.yaml b/matrix-synapse/templates/wellknown/deployment.yaml index e4f62d2..7c3dc27 100644 --- a/matrix-synapse/templates/wellknown/deployment.yaml +++ b/matrix-synapse/templates/wellknown/deployment.yaml @@ -55,7 +55,14 @@ spec: {{- toYaml .Values.wellknown.resources | nindent 12 }} volumeMounts: - name: "data" - mountPath: "/usr/share/nginx/html/.well-known/matrix/" + mountPath: "/usr/share/nginx/html/.well-known/matrix/client" + subPath: "client" + - name: "data" + mountPath: "/usr/share/nginx/html/.well-known/matrix/server" + subPath: "server" + - name: "data" + mountPath: "/etc/nginx/conf.d/default.conf" + subPath: "nginx.conf" {{- with .Values.wellknown.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} -- 2.45.3 From b9234328e95039c30a0f4c91894957bcc5d22ffd Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 23 Aug 2024 15:16:47 +0200 Subject: [PATCH 083/256] fix(element-call): improve auto-restart, optional lk-jwt and networkpolicy --- element-call/Chart.yaml | 2 +- element-call/README.adoc | 47 ++++++++++++++++++- element-call/templates/ingress.yaml | 4 ++ element-call/templates/lk-jwt/deployment.yaml | 7 ++- .../templates/lk-jwt/networkpolicy.yaml | 31 ++++++++++++ element-call/templates/lk-jwt/secret.yaml | 2 + element-call/templates/lk-jwt/service.yaml | 3 ++ .../templates/lk-jwt/serviceaccount.yaml | 2 +- element-call/templates/networkpolicy.yaml | 31 ++++++++++++ element-call/values.yaml | 25 ++++++++-- 10 files changed, 146 insertions(+), 8 deletions(-) create mode 100644 element-call/templates/lk-jwt/networkpolicy.yaml create mode 100644 element-call/templates/networkpolicy.yaml diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index 02b7852..251e45b 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: 0.0.2 +version: 0.1.0 # renovate: image=ghcr.io/element-hq/element-call appVersion: "0.6.0" maintainers: diff --git a/element-call/README.adoc b/element-call/README.adoc index a577219..d036a29 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -2,7 +2,7 @@ = element-call -image::https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square[Version: 0.0.2] +image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.6.0-informational?style=flat-square[AppVersion: 0.6.0] == Maintainers @@ -157,6 +157,26 @@ helm uninstall element-call-release | `"http"` | +| service.call.networkPolicy.egress.enabled +| bool +| `true` +| activate egress no networkpolicy + +| service.call.networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| service.call.networkPolicy.enabled +| bool +| `false` +| + +| service.call.networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller) + | service.call.nodeSelector | object | `{}` @@ -247,6 +267,11 @@ helm uninstall element-call-release | `""` | +| service.lkJWT.enabled +| bool +| `true` +| + | service.lkJWT.image.pullPolicy | string | `"IfNotPresent"` @@ -282,6 +307,26 @@ helm uninstall element-call-release | `"http"` | +| service.lkJWT.networkPolicy.egress.enabled +| bool +| `false` +| activate egress no networkpolicy + +| service.lkJWT.networkPolicy.egress.extra +| list +| `[]` +| egress rules + +| service.lkJWT.networkPolicy.enabled +| bool +| `false` +| + +| service.lkJWT.networkPolicy.ingress.http +| list +| `[]` +| ingress for http port (e.g. ingress-controller) + | service.lkJWT.nodeSelector | object | `{}` diff --git a/element-call/templates/ingress.yaml b/element-call/templates/ingress.yaml index b31c1e4..cced22b 100644 --- a/element-call/templates/ingress.yaml +++ b/element-call/templates/ingress.yaml @@ -29,9 +29,12 @@ spec: name: {{ $fullName }} port: name: http + {{- if .Values.service.lkJWT.enabled }} + {{- if (eq .Values.service.lkJWT.ingress.host .Values.service.call.ingress.host)}} - host: {{ .Values.service.lkJWT.ingress.host | quote }} http: paths: + {{- end }} - path: /sfu/get pathType: Exact backend: @@ -39,4 +42,5 @@ spec: name: {{ $fullName }}-lk-jwt port: name: http + {{- end }} {{- end }} diff --git a/element-call/templates/lk-jwt/deployment.yaml b/element-call/templates/lk-jwt/deployment.yaml index c504d72..037ef4f 100644 --- a/element-call/templates/lk-jwt/deployment.yaml +++ b/element-call/templates/lk-jwt/deployment.yaml @@ -1,5 +1,6 @@ {{- $fullName := include "element-call.fullname" . -}} {{- with .Values.service.lkJWT }} +{{- if .enabled }} apiVersion: apps/v1 kind: Deployment metadata: @@ -17,10 +18,11 @@ spec: app.kubernetes.io/component: lk-jwt template: metadata: - {{- with .podAnnotations }} annotations: + secret-env-hash: {{ include (print $.Template.BasePath "/lk-jwt/secret.yaml") $ | sha256sum }} + {{- with .podAnnotations }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} labels: {{- include "element-call.labels" $ | nindent 8 }} app.kubernetes.io/component: lk-jwt @@ -73,4 +75,5 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} +{{- end }}{{/* end-if .enabled */}} {{- end }}{{/* end-with .Values.service.lkJWT */}} diff --git a/element-call/templates/lk-jwt/networkpolicy.yaml b/element-call/templates/lk-jwt/networkpolicy.yaml new file mode 100644 index 0000000..b04dbb7 --- /dev/null +++ b/element-call/templates/lk-jwt/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- with .Values.service.lkJWT.networkPolicy }} +{{- if and $.Values.service.lkJWT.enabled .enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "element-call.fullname" $ }}-lk-jwt + labels: + {{- include "element-call.labels" $ | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "element-call.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: lk-jwt + policyTypes: + - Ingress + {{- if .egress.enabled }} + - Egress + {{- end }} + ingress: + - ports: + - port: 8080 + protocol: TCP + from: + {{- toYaml .ingress.http | nindent 8 }} + {{- with .egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/element-call/templates/lk-jwt/secret.yaml b/element-call/templates/lk-jwt/secret.yaml index 06968fd..771f342 100644 --- a/element-call/templates/lk-jwt/secret.yaml +++ b/element-call/templates/lk-jwt/secret.yaml @@ -1,3 +1,4 @@ +{{- if .Values.service.lkJWT.enabled }} --- apiVersion: v1 kind: Secret @@ -10,3 +11,4 @@ data: LIVEKIT_KEY: {{ .key | b64enc }} LIVEKIT_SECRET: {{ .secret | b64enc }} {{- end }} +{{- end }} diff --git a/element-call/templates/lk-jwt/service.yaml b/element-call/templates/lk-jwt/service.yaml index a0f0e38..90f602a 100644 --- a/element-call/templates/lk-jwt/service.yaml +++ b/element-call/templates/lk-jwt/service.yaml @@ -1,3 +1,5 @@ +{{- if .Values.service.lkJWT.enabled }} +--- apiVersion: v1 kind: Service metadata: @@ -14,3 +16,4 @@ spec: selector: {{- include "element-call.selectorLabels" . | nindent 4 }} app.kubernetes.io/component: lk-jwt +{{- end }} diff --git a/element-call/templates/lk-jwt/serviceaccount.yaml b/element-call/templates/lk-jwt/serviceaccount.yaml index f46447e..4ce35f4 100644 --- a/element-call/templates/lk-jwt/serviceaccount.yaml +++ b/element-call/templates/lk-jwt/serviceaccount.yaml @@ -1,5 +1,5 @@ {{- with .Values.service.lkJWT }} -{{- if .serviceAccount.create -}} +{{- if and .enabled .serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/element-call/templates/networkpolicy.yaml b/element-call/templates/networkpolicy.yaml new file mode 100644 index 0000000..3aab727 --- /dev/null +++ b/element-call/templates/networkpolicy.yaml @@ -0,0 +1,31 @@ +{{- with .Values.service.call.networkPolicy }} +{{- if .enabled }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "element-call.fullname" $ }} + labels: + {{- include "element-call.labels" $ | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "element-call.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: call + policyTypes: + - Ingress + {{- if .egress.enabled }} + - Egress + {{- end }} + ingress: + - ports: + - port: 8080 + protocol: TCP + from: + {{- toYaml .ingress.http | nindent 8 }} + {{- with .egress }} + egress: + {{- toYaml .extra | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/element-call/values.yaml b/element-call/values.yaml index 5da5a53..a2ebc4c 100644 --- a/element-call/values.yaml +++ b/element-call/values.yaml @@ -3,14 +3,12 @@ global: # -- if set it will overwrite all registry entries registry: # -- if set it will overwrite all pullPolicy - pullPolicy: + pullPolicy: imagePullSecrets: [] nameOverride: "" fullnameOverride: "" - - ingress: enabled: false className: "" @@ -39,6 +37,16 @@ service: config: {} ingress: host: + networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller) + http: [] + egress: + # -- activate egress no networkpolicy + enabled: true + # -- egress rules + extra: [] livenessProbe: httpGet: path: / @@ -77,6 +85,7 @@ service: affinity: {} lkJWT: + enabled: true replicaCount: 1 image: registry: ghcr.io @@ -89,6 +98,16 @@ service: secret: "secret" ingress: host: + networkPolicy: + enabled: false + ingress: + # -- ingress for http port (e.g. ingress-controller) + http: [] + egress: + # -- activate egress no networkpolicy + enabled: false + # -- egress rules + extra: [] livenessProbe: httpGet: path: /healthz -- 2.45.3 From 4e67ed133e1f3009a579963784373a2c1d895c30 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 23 Aug 2024 19:09:49 +0200 Subject: [PATCH 084/256] -a(matrix-synapse): support well-known for element --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 7 ++++++- matrix-synapse/templates/ingress.yaml | 12 ++++++++++++ matrix-synapse/templates/wellknown/configmap.yaml | 4 +++- matrix-synapse/templates/wellknown/deployment.yaml | 3 +++ matrix-synapse/values.yaml | 4 ++++ 6 files changed, 29 insertions(+), 3 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 57b1229..ace2cc5 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.8 +version: 0.3.0 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.101.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 760e03f..d14171f 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.2.8-informational?style=flat-square[Version: 0.2.8] +image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.101.0-informational?style=flat-square[AppVersion: 1.101.0] == Maintainers @@ -597,6 +597,11 @@ helm uninstall matrix-synapse-release | `80` | +| wellknown.element +| object +| `{}` +| Data to serve on .well-known/element/element.json call: widget_url: https://call.element.io + | wellknown.enabled | bool | `false` diff --git a/matrix-synapse/templates/ingress.yaml b/matrix-synapse/templates/ingress.yaml index 8ec00ea..b23731f 100644 --- a/matrix-synapse/templates/ingress.yaml +++ b/matrix-synapse/templates/ingress.yaml @@ -176,6 +176,18 @@ spec: serviceName: {{ $wkName }} servicePort: {{ $.Values.wellknown.service.port | default 80 }} {{- end }} + - path: /.well-known/element + backend: + {{- if $v1Ingress }} + service: + name: {{ $wkName }} + port: + number: {{ $.Values.wellknown.service.port | default 80 }} + pathType: Prefix + {{- else }} + serviceName: {{ $wkName }} + servicePort: {{ $.Values.wellknown.service.port | default 80 }} + {{- end }} {{- else }} - path: /.well-known/matrix backend: diff --git a/matrix-synapse/templates/wellknown/configmap.yaml b/matrix-synapse/templates/wellknown/configmap.yaml index a8d1e76..beb5158 100644 --- a/matrix-synapse/templates/wellknown/configmap.yaml +++ b/matrix-synapse/templates/wellknown/configmap.yaml @@ -20,5 +20,7 @@ data: {{- else }} {{- dict "m.homeserver" (dict "base_url" (printf "https://%s/" (.Values.publicServerName | default .Values.serverName))) | toJson | nindent 4 }} {{- end }} - {{- (.Files.Glob "files/well-known/*" ).AsConfig | nindent 2 }} + element.json: |- + {{- toJson .Values.wellknown.element | nindent 4 }} + {{- (.Files.Glob "files/well-known/nginx.conf" ).AsConfig | nindent 2 }} {{- end -}}{{/* end-if .wellknown.enabled */}} diff --git a/matrix-synapse/templates/wellknown/deployment.yaml b/matrix-synapse/templates/wellknown/deployment.yaml index 7c3dc27..de2ef39 100644 --- a/matrix-synapse/templates/wellknown/deployment.yaml +++ b/matrix-synapse/templates/wellknown/deployment.yaml @@ -60,6 +60,9 @@ spec: - name: "data" mountPath: "/usr/share/nginx/html/.well-known/matrix/server" subPath: "server" + - name: "data" + mountPath: "/usr/share/nginx/html/.well-known/element/element.json" + subPath: "element.json" - name: "data" mountPath: "/etc/nginx/conf.d/default.conf" subPath: "nginx.conf" diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 8652644..457e331 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -641,6 +641,10 @@ wellknown: # m.homeserver: # base_url: https://matrix.example.com client: {} + # -- Data to serve on .well-known/element/element.json + # call: + # widget_url: https://call.element.io + element: {} ## This configuration is for setting up the internally provided Postgres server, ## if you instead want to use an existing server, then you may want to set -- 2.45.3 From ed89909ed70763f18d50c52ca960eb2f0c344814 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 05:50:57 +0200 Subject: [PATCH 085/256] fix(mautrix-signal): improve display_name template --- mautrix-signal/Chart.yaml | 2 +- mautrix-signal/README.adoc | 4 ++-- mautrix-signal/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index 10ce145..790873f 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.10 +version: 0.0.11 # renovate: image=dock.mau.dev/mautrix/signal appVersion: "0.7.0" maintainers: diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index 620c447..8ecff95 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,7 +2,7 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.10-informational?style=flat-square[Version: 0.0.10] +image::https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square[Version: 0.0.11] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] == Maintainers @@ -647,7 +647,7 @@ helm uninstall mautrix-signal-release | config.signal.displayname_template | string -| `"{{or .ProfileName .PhoneNumber \"Unknown user\"}}"` +| `"{{ printf \"%s (%s) %s\" (or .ProfileName .ContactName \"Unknown user\") (or .PhoneNumber \"Unknown number\" (or .AboutEmoji \"\")}}"` | Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. {{.ProfileName}} - The Signal profile name set by the user. {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. {{.PhoneNumber}} - The phone number of the user. {{.UUID}} - The UUID of the Signal user. {{.AboutEmoji}} - The emoji set by the user in their profile. | config.signal.location_format diff --git a/mautrix-signal/values.yaml b/mautrix-signal/values.yaml index 175c41b..c54fb47 100644 --- a/mautrix-signal/values.yaml +++ b/mautrix-signal/values.yaml @@ -414,7 +414,7 @@ config: # {{.PhoneNumber}} - The phone number of the user. # {{.UUID}} - The UUID of the Signal user. # {{.AboutEmoji}} - The emoji set by the user in their profile. - displayname_template: '{{or .ProfileName .PhoneNumber "Unknown user"}}' + displayname_template: '{{ printf "%s (%s) %s" (or .ProfileName .ContactName "Unknown user") (or .PhoneNumber "Unknown number" (or .AboutEmoji "")}}' # -- Should avatars from the user's contact list be used? This is not safe on multi-user instances. use_contact_avatars: false # -- Should the bridge request the user's contact list from the phone on startup? -- 2.45.3 From 81a09c95aeddc4e76fc839baa6095dab8033a6c8 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 05:51:20 +0200 Subject: [PATCH 086/256] fix(grampsweb): update appVersion --- grampsweb/Chart.yaml | 4 ++-- grampsweb/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index 0bb216c..b35a266 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.2.0 +version: 0.2.1 # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.7.1" +appVersion: "24.8.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index ab55169..ba178ea 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,9 +2,9 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-24.7.1-informational?style=flat-square[AppVersion: 24.7.1] +image::https://img.shields.io/badge/AppVersion-24.8.0-informational?style=flat-square[AppVersion: 24.8.0] == Maintainers .Maintainers -- 2.45.3 From 04e0d1136cfd63a0b5235a3c280c0cd73a76a839 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 05:57:19 +0200 Subject: [PATCH 087/256] fix(element-call): update appVersion --- element-call/Chart.yaml | 4 ++-- element-call/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index 251e45b..76dd68b 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: 0.1.0 +version: 0.1.1 # renovate: image=ghcr.io/element-hq/element-call -appVersion: "0.6.0" +appVersion: "0.6.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/element-call/README.adoc b/element-call/README.adoc index d036a29..7828972 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -2,9 +2,9 @@ = element-call -image::https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square[Version: 0.1.0] +image::https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square[Version: 0.1.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.0-informational?style=flat-square[AppVersion: 0.6.0] +image::https://img.shields.io/badge/AppVersion-0.6.1-informational?style=flat-square[AppVersion: 0.6.1] == Maintainers .Maintainers -- 2.45.3 From 32baf525084bb560e16e01d234e2d4484f345573 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 05:57:22 +0200 Subject: [PATCH 088/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index dd8bd74..7673b5c 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.7 +version: 0.2.8 # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "3.5.0" +appVersion: "3.5.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 122eed3..d562f38 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,9 +2,9 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square[Version: 0.2.7] +image::https://img.shields.io/badge/Version-0.2.8-informational?style=flat-square[Version: 0.2.8] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-3.5.0-informational?style=flat-square[AppVersion: 3.5.0] +image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers .Maintainers -- 2.45.3 From 7164c92c804bc0397c551810b61e466382688304 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 05:57:24 +0200 Subject: [PATCH 089/256] fix(hydrogen-web): update appVersion --- hydrogen-web/Chart.yaml | 4 ++-- hydrogen-web/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/hydrogen-web/Chart.yaml b/hydrogen-web/Chart.yaml index e871ab7..94ba1f4 100644 --- a/hydrogen-web/Chart.yaml +++ b/hydrogen-web/Chart.yaml @@ -3,9 +3,9 @@ name: hydrogen-web description: A Helm Chart to install hydrogen-web (a nextgen Matrix Webclient) icon: https://raw.githubusercontent.com/element-hq/hydrogen-web/master/src/platform/web/assets/icon.svg type: application -version: 0.1.6 +version: 0.1.7 # renovate: image=ghcr.io/element-hq/hydrogen-web -appVersion: "0.4.1" +appVersion: "0.5.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/hydrogen-web/README.adoc b/hydrogen-web/README.adoc index a1f15c3..2ad1976 100644 --- a/hydrogen-web/README.adoc +++ b/hydrogen-web/README.adoc @@ -2,9 +2,9 @@ = hydrogen-web -image::https://img.shields.io/badge/Version-0.1.6-informational?style=flat-square[Version: 0.1.6] +image::https://img.shields.io/badge/Version-0.1.7-informational?style=flat-square[Version: 0.1.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.4.1-informational?style=flat-square[AppVersion: 0.4.1] +image::https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square[AppVersion: 0.5.0] == Maintainers .Maintainers -- 2.45.3 From 07653a06a6009b666d982ef7027ada3538334f36 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 05:57:26 +0200 Subject: [PATCH 090/256] fix(matrix-authentication-service): update appVersion --- matrix-authentication-service/Chart.yaml | 4 ++-- matrix-authentication-service/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-authentication-service/Chart.yaml b/matrix-authentication-service/Chart.yaml index 84de472..a9b0c67 100644 --- a/matrix-authentication-service/Chart.yaml +++ b/matrix-authentication-service/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-authentication-service description: OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861) icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.0.4 +version: 0.0.5 # renovate: image=ghcr.io/matrix-org/matrix-authentication-service -appVersion: "0.9.0" +appVersion: "0.10.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-authentication-service/README.adoc b/matrix-authentication-service/README.adoc index 7d5742c..6b6f741 100644 --- a/matrix-authentication-service/README.adoc +++ b/matrix-authentication-service/README.adoc @@ -2,9 +2,9 @@ = matrix-authentication-service -image::https://img.shields.io/badge/Version-0.0.4-informational?style=flat-square[Version: 0.0.4] +image::https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square[Version: 0.0.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square[AppVersion: 0.9.0] +image::https://img.shields.io/badge/AppVersion-0.10.0-informational?style=flat-square[AppVersion: 0.10.0] == Maintainers .Maintainers -- 2.45.3 From e1755dc3e5f4a5f3db13495b0c7359d1d5601ee6 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 05:57:29 +0200 Subject: [PATCH 091/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index ace2cc5..24885ad 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.0 +version: 0.3.1 # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.101.0 +appVersion: 1.113.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index d14171f..da019db 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,9 +2,9 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] +image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.101.0-informational?style=flat-square[AppVersion: 1.101.0] +image::https://img.shields.io/badge/AppVersion-1.113.0-informational?style=flat-square[AppVersion: 1.113.0] == Maintainers .Maintainers -- 2.45.3 From 77036c3301b337be4e710fc109f9e1c26509e5ad Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 06:11:30 +0200 Subject: [PATCH 092/256] fix(matrix-sliding-sync): add grafana dashboard --- matrix-sliding-sync/Chart.yaml | 2 +- matrix-sliding-sync/README.adoc | 17 +- .../grafana_dashboards/sliding-sync.json | 2120 +++++++++++++++++ .../configmap_grafana_dashboards.yaml | 18 + matrix-sliding-sync/values.yaml | 7 + 5 files changed, 2162 insertions(+), 2 deletions(-) create mode 100644 matrix-sliding-sync/grafana_dashboards/sliding-sync.json create mode 100644 matrix-sliding-sync/templates/configmap_grafana_dashboards.yaml diff --git a/matrix-sliding-sync/Chart.yaml b/matrix-sliding-sync/Chart.yaml index 4f519fc..c9f2534 100644 --- a/matrix-sliding-sync/Chart.yaml +++ b/matrix-sliding-sync/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-sliding-sync description: Proxy implementation of MSC3575's sync protocol. icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.0 +version: 0.2.1 # renovate: image=ghcr.io/matrix-org/sliding-sync appVersion: "0.99.19" maintainers: diff --git a/matrix-sliding-sync/README.adoc b/matrix-sliding-sync/README.adoc index 29cd261..6ee9361 100644 --- a/matrix-sliding-sync/README.adoc +++ b/matrix-sliding-sync/README.adoc @@ -2,7 +2,7 @@ = matrix-sliding-sync -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.99.19-informational?style=flat-square[AppVersion: 0.99.19] == Maintainers @@ -157,6 +157,21 @@ helm uninstall matrix-sliding-sync-release | `nil` | if set it will overwrite all registry entries +| grafana.dashboards.annotations +| object +| `{}` +| + +| grafana.dashboards.enabled +| bool +| `false` +| + +| grafana.dashboards.labels.grafana_dashboard +| string +| `"1"` +| + | image.pullPolicy | string | `"IfNotPresent"` diff --git a/matrix-sliding-sync/grafana_dashboards/sliding-sync.json b/matrix-sliding-sync/grafana_dashboards/sliding-sync.json new file mode 100644 index 0000000..639f914 --- /dev/null +++ b/matrix-sliding-sync/grafana_dashboards/sliding-sync.json @@ -0,0 +1,2120 @@ +{ + "__inputs": [], + "__elements": {}, + "__requires": [ + { + "type": "grafana", + "id": "grafana", + "name": "Grafana", + "version": "10.4.1" + }, + { + "type": "panel", + "id": "heatmap", + "name": "Heatmap", + "version": "" + }, + { + "type": "datasource", + "id": "prometheus", + "name": "Prometheus", + "version": "1.0.0" + }, + { + "type": "panel", + "id": "timeseries", + "name": "Time series", + "version": "" + } + ], + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "target": { + "limit": 100, + "matchAny": false, + "tags": [], + "type": "dashboard" + }, + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 1, + "id": null, + "links": [], + "liveNow": false, + "panels": [ + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 14, + "panels": [], + "title": "Sliding Sync API", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "Actively syncing clients i.e the connection hasn't expired yet. ", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "conns" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "Expired Connections (full buffer)" + }, + "properties": [ + { + "id": "custom.axisPlacement", + "value": "right" + }, + { + "id": "custom.lineStyle", + "value": { + "dash": [ + 0, + 10 + ], + "fill": "dot" + } + }, + { + "id": "color", + "value": { + "fixedColor": "purple", + "mode": "fixed" + } + }, + { + "id": "custom.showPoints", + "value": "always" + }, + { + "id": "custom.lineWidth", + "value": 0 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Expired Connections (timed out)" + }, + "properties": [ + { + "id": "custom.axisPlacement", + "value": "right" + }, + { + "id": "color", + "value": { + "fixedColor": "blue", + "mode": "fixed" + } + }, + { + "id": "custom.showPoints", + "value": "always" + }, + { + "id": "custom.fillOpacity", + "value": 0 + }, + { + "id": "custom.lineWidth", + "value": 0 + } + ] + } + ] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 1 + }, + "id": 6, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "9.5.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "disableTextWrap": false, + "editorMode": "builder", + "exemplar": false, + "expr": "sum(sliding_sync_api_num_active_conns)", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "Active Connections", + "range": true, + "refId": "A", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "increase(sliding_sync_api_expiry_conn_buffer_full[5m])", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": false, + "legendFormat": "Expired Connections (full buffer)", + "range": true, + "refId": "B", + "useBackend": false + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "increase(sliding_sync_api_expiry_conn_timed_out[5m])", + "fullMetaSearch": false, + "hide": false, + "includeNullMetadata": true, + "legendFormat": "Expired Connections (timed out)", + "range": true, + "refId": "C", + "useBackend": false + } + ], + "title": "# active sliding sync connections", + "transformations": [ + { + "id": "renameByRegex", + "options": { + "regex": "sliding-sync-api-(.*)", + "renamePattern": "$1" + } + } + ], + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "The number of devices blocked on an initial v2 sync. This number should never remain >0 for more than 15 minutes, unless there is a flood of new users to the system.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "conns" + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 1 + }, + "id": 166, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "9.5.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "disableTextWrap": false, + "editorMode": "builder", + "exemplar": false, + "expr": "sliding_sync_api_num_devices_pending_ensure_polling", + "fullMetaSearch": false, + "includeNullMetadata": true, + "instant": false, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "EnsurePolling calls outstanding", + "transformations": [ + { + "id": "renameByRegex", + "options": { + "regex": "sliding-sync-api-(.*)", + "renamePattern": "$1" + } + } + ], + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "Excludes time waiting for live updates. Excludes initial requests.", + "fieldConfig": { + "defaults": { + "color": { + "fixedColor": "red", + "mode": "palette-classic", + "seriesBy": "max" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineStyle": { + "fill": "solid" + }, + "lineWidth": 0, + "pointSize": 4, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": true, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "links": [], + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + }, + "unit": "s" + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "99%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "dark-red", + "mode": "fixed" + } + }, + { + "id": "custom.fillOpacity", + "value": 35 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "95%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "orange", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "50%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "green", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "25%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "semi-dark-blue", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "75%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "yellow", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Request rate" + }, + "properties": [ + { + "id": "custom.axisPlacement", + "value": "right" + }, + { + "id": "unit", + "value": "hertz" + }, + { + "id": "custom.fillOpacity", + "value": 0 + }, + { + "id": "color", + "value": { + "fixedColor": "purple", + "mode": "fixed" + } + }, + { + "id": "custom.showPoints", + "value": "always" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "90%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "super-light-orange", + "mode": "fixed" + } + } + ] + }, + { + "__systemRef": "hideSeriesFrom", + "matcher": { + "id": "byNames", + "options": { + "mode": "exclude", + "names": [ + "Request rate" + ], + "prefix": "All except:", + "readOnly": true + } + }, + "properties": [ + { + "id": "custom.hideFrom", + "value": { + "legend": false, + "tooltip": false, + "viz": true + } + } + ] + } + ] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 9 + }, + "id": 152, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.2.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum by(le) (rate(sliding_sync_api_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "99%", + "range": true, + "refId": "99" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum by(le) (rate(sliding_sync_api_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "90%", + "range": true, + "refId": "90" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.75, sum by(le) (rate(sliding_sync_api_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "75%", + "range": true, + "refId": "75" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.5, sum by(le) (rate(sliding_sync_api_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "50%", + "range": true, + "refId": "50" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.25, sum by(le) (rate(sliding_sync_api_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "25%", + "range": true, + "refId": "25" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "exemplar": false, + "expr": "sum(rate(sliding_sync_api_process_duration_secs_count{initial=\"0\"}[$window_size]))", + "hide": false, + "instant": false, + "legendFormat": "Request rate", + "range": true, + "refId": "A" + } + ], + "title": "API processing time quantiles", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 9 + }, + "id": 157, + "options": { + "calculate": false, + "cellGap": 1, + "color": { + "exponent": 0.5, + "fill": "dark-orange", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 64 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto" + }, + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": true + }, + "yAxis": { + "axisPlacement": "left", + "reverse": false + } + }, + "pluginVersion": "10.4.1", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "builder", + "expr": "sum(rate(sliding_sync_api_setup_duration_secs_bucket{}[$__rate_interval])) by (le)", + "format": "heatmap", + "legendFormat": "{{le}}", + "range": true, + "refId": "A" + } + ], + "title": "Request setup times", + "type": "heatmap" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "Requests take more that 50s. This is our best proxy for \"how many people's requests are wedged\". Should be a flat 0.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "line" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 17 + }, + "id": 159, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "disableTextWrap": false, + "editorMode": "builder", + "expr": "sum(increase(sliding_sync_api_slow_requests[5m]))", + "fullMetaSearch": false, + "includeNullMetadata": true, + "legendFormat": "__auto", + "range": true, + "refId": "A", + "useBackend": false + } + ], + "title": "Slow requests", + "type": "timeseries" + }, + { + "cards": {}, + "color": { + "cardColor": "#b4ff00", + "colorScale": "sqrt", + "colorScheme": "interpolateOranges", + "exponent": 0.5, + "mode": "spectrum" + }, + "dataFormat": "tsbuckets", + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "If this goes high, it may indicate poor DB performance when querying.", + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 17 + }, + "heatmap": {}, + "hideZeroBuckets": true, + "highlightCards": true, + "id": 10, + "legend": { + "show": true + }, + "options": { + "calculate": false, + "calculation": {}, + "cellGap": 2, + "cellValues": {}, + "color": { + "exponent": 0.5, + "fill": "#b4ff00", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 128 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto" + }, + "showValue": "never", + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": true + }, + "yAxis": { + "axisPlacement": "left", + "reverse": false, + "unit": "dtdurations" + } + }, + "pluginVersion": "10.4.1", + "reverseYBuckets": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "sum(increase(sliding_sync_api_process_duration_secs_bucket{initial=\"1\"}[$__rate_interval])) by (le)", + "format": "heatmap", + "legendFormat": "{{le}}", + "range": true, + "refId": "A" + } + ], + "title": "Time taken to process initial sliding sync requests", + "tooltip": { + "show": true, + "showHistogram": true + }, + "type": "heatmap", + "xAxis": { + "show": true + }, + "yAxis": { + "format": "dtdurations", + "logBase": 1, + "show": true + }, + "yBucketBound": "auto" + }, + { + "cards": {}, + "color": { + "cardColor": "#b4ff00", + "colorScale": "sqrt", + "colorScheme": "interpolateOranges", + "exponent": 0.5, + "mode": "spectrum" + }, + "dataFormat": "tsbuckets", + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "Excludes live streaming blocks. If this goes high, it may indicate poor DB performance when querying.", + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 25 + }, + "heatmap": {}, + "hideZeroBuckets": true, + "highlightCards": true, + "id": 15, + "legend": { + "show": true + }, + "options": { + "calculate": false, + "calculation": {}, + "cellGap": 2, + "cellValues": { + "decimals": 3 + }, + "color": { + "exponent": 0.5, + "fill": "#b4ff00", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 128 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto" + }, + "showValue": "never", + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "min": "0", + "reverse": false, + "unit": "dtdurations" + } + }, + "pluginVersion": "10.4.1", + "reverseYBuckets": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "sum(rate(sliding_sync_api_process_duration_secs_bucket{initial=\"0\"}[$__rate_interval])) by (le)", + "format": "heatmap", + "interval": "", + "legendFormat": "{{le}}", + "range": true, + "refId": "A" + } + ], + "title": "Time taken to process changes (ranges/filter/sorting/etc) in sliding sync requests", + "tooltip": { + "show": true, + "showHistogram": false + }, + "tooltipDecimals": 3, + "type": "heatmap", + "xAxis": { + "show": true + }, + "xBucketSize": "", + "yAxis": { + "format": "dtdurations", + "logBase": 1, + "min": "0", + "show": true + }, + "yBucketBound": "auto" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 33 + }, + "id": 12, + "panels": [], + "title": "V2 Poller", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "Number of /sync connections to upstream homeserver. Generally always goes up, unless users log out and invalidate the access_token being used.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + } + ] + }, + "unit": "pollers", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 34 + }, + "id": 4, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "9.5.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "exemplar": false, + "expr": "sliding_sync_poller_num_pollers{}", + "instant": false, + "legendFormat": "{{pod}}", + "range": true, + "refId": "A" + } + ], + "title": "# v2 pollers", + "type": "timeseries" + }, + { + "cards": {}, + "color": { + "cardColor": "#b4ff00", + "colorScale": "sqrt", + "colorScheme": "interpolateOranges", + "exponent": 0.5, + "mode": "spectrum" + }, + "dataFormat": "tsbuckets", + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "The higher this is, the bigger the latency from sending events -> receiving events. Excludes initial /sync requests", + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + }, + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 34 + }, + "heatmap": {}, + "hideZeroBuckets": true, + "highlightCards": true, + "id": 8, + "legend": { + "show": false + }, + "options": { + "calculate": false, + "calculation": {}, + "cellGap": 2, + "cellValues": {}, + "color": { + "exponent": 0.5, + "fill": "#b4ff00", + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 128 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": false + }, + "rowsFrame": { + "layout": "auto" + }, + "showValue": "never", + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": false + }, + "yAxis": { + "axisPlacement": "left", + "reverse": false, + "unit": "dtdurations" + } + }, + "pluginVersion": "10.3.3", + "reverseYBuckets": false, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "sum(increase(sliding_sync_poller_process_duration_secs_bucket{initial=\"0\"}[$__rate_interval])) by (le)", + "format": "heatmap", + "legendFormat": "{{le}}", + "range": true, + "refId": "A" + } + ], + "title": "Time taken to process sync v2 responses", + "tooltip": { + "show": true, + "showHistogram": false + }, + "type": "heatmap", + "xAxis": { + "show": true + }, + "yAxis": { + "format": "dtdurations", + "logBase": 1, + "show": true + }, + "yBucketBound": "auto" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "If this drops too low, this means pollers are blocked on something (DB conns, executor, etc)", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "axisSoftMin": 0, + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "area" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "red" + }, + { + "color": "green", + "value": 0.75 + } + ] + }, + "unit": "percentunit", + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 42 + }, + "id": 165, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "sliding_sync_poller_num_outstanding_sync_v2_reqs{}/sliding_sync_poller_num_pollers{}", + "legendFormat": "{{pod}}", + "range": true, + "refId": "A" + } + ], + "title": "Ratio of pollers waiting for v2 response", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "If this number drops to 0, this indicates something is blocking all pollers from doing work. This number will scale with the number of pollers on the process.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "axisSoftMin": 0, + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 12, + "y": 42 + }, + "id": 167, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "rate(sliding_sync_poller_total_num_polls{}[5m])", + "legendFormat": "{{pod}}", + "range": true, + "refId": "A" + } + ], + "title": "Rate of poll loop iterations", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "NB: Proxy requests a timeline limit of 50.\n\nTODO: make it clear how many syncs were limited", + "fieldConfig": { + "defaults": { + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "scaleDistribution": { + "type": "linear" + } + }, + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 50 + }, + "id": 16, + "options": { + "calculate": false, + "cellGap": 1, + "cellValues": {}, + "color": { + "exponent": 0.5, + "fill": "dark-orange", + "min": 0, + "mode": "scheme", + "reverse": false, + "scale": "exponential", + "scheme": "Oranges", + "steps": 64 + }, + "exemplars": { + "color": "rgba(255,0,255,0.7)" + }, + "filterValues": { + "le": 1e-9 + }, + "legend": { + "show": true + }, + "rowsFrame": { + "layout": "auto", + "value": "v2 syncs" + }, + "tooltip": { + "mode": "single", + "showColorScale": false, + "yHistogram": true + }, + "yAxis": { + "axisLabel": "timeline events", + "axisPlacement": "left", + "max": "50", + "reverse": false + } + }, + "pluginVersion": "10.3.3", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "sum(rate(sliding_sync_poller_timeline_size_bucket{limited=\"unlimited\"}[$__rate_interval])) by (le)", + "format": "heatmap", + "legendFormat": "{{limited}}", + "range": true, + "refId": "A" + } + ], + "title": "Timeline size of unlimited pollers", + "type": "heatmap" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "Updates from v2 pollers sent to pubsub. Abnormal spikes could be from spam or lack of duplicate suppression in the proxy.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + }, + { + "color": "red", + "value": 80 + } + ] + }, + "unitScale": true + }, + "overrides": [] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 50 + }, + "id": 2, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "sum by (payload_type) (rate(sliding_sync_poller_num_payloads{}[$window_size]))", + "legendFormat": "{{payload_type}}", + "range": true, + "refId": "A" + } + ], + "title": "Payload Rate", + "type": "timeseries" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "description": "Excludes time waiting for v2 sync requests. Excludes initial polls.", + "fieldConfig": { + "defaults": { + "color": { + "fixedColor": "red", + "mode": "palette-classic", + "seriesBy": "max" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "drawStyle": "line", + "fillOpacity": 10, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineStyle": { + "fill": "solid" + }, + "lineWidth": 0, + "pointSize": 4, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": true, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "links": [], + "mappings": [], + "min": 0, + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green" + } + ] + }, + "unit": "s", + "unitScale": true + }, + "overrides": [ + { + "matcher": { + "id": "byName", + "options": "99%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "dark-red", + "mode": "fixed" + } + }, + { + "id": "custom.fillOpacity", + "value": 35 + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "95%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "orange", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "50%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "green", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "25%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "semi-dark-blue", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "75%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "yellow", + "mode": "fixed" + } + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "Poll rate" + }, + "properties": [ + { + "id": "custom.axisPlacement", + "value": "right" + }, + { + "id": "unit", + "value": "hertz" + }, + { + "id": "custom.fillOpacity", + "value": 0 + }, + { + "id": "color", + "value": { + "fixedColor": "purple", + "mode": "fixed" + } + }, + { + "id": "custom.showPoints", + "value": "always" + } + ] + }, + { + "matcher": { + "id": "byName", + "options": "90%" + }, + "properties": [ + { + "id": "color", + "value": { + "fixedColor": "super-light-orange", + "mode": "fixed" + } + } + ] + } + ] + }, + "gridPos": { + "h": 9, + "w": 12, + "x": 12, + "y": 59 + }, + "id": 153, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "multi", + "sort": "desc" + } + }, + "pluginVersion": "9.2.2", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.99, sum by(le) (rate(sliding_sync_poller_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "intervalFactor": 1, + "legendFormat": "99%", + "range": true, + "refId": "99" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.90, sum by(le) (rate(sliding_sync_poller_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "90%", + "range": true, + "refId": "90" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.75, sum by(le) (rate(sliding_sync_poller_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "75%", + "range": true, + "refId": "75" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.5, sum by(le) (rate(sliding_sync_poller_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "50%", + "range": true, + "refId": "50" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "histogram_quantile(0.25, sum by(le) (rate(sliding_sync_poller_process_duration_secs_bucket{initial=\"0\"}[$window_size])))", + "format": "time_series", + "hide": false, + "intervalFactor": 1, + "legendFormat": "25%", + "range": true, + "refId": "25" + }, + { + "datasource": { + "type": "prometheus", + "uid": "$datasource" + }, + "editorMode": "code", + "expr": "sum(rate(sliding_sync_poller_process_duration_secs_count{initial=\"0\"}[$window_size]))", + "hide": false, + "legendFormat": "Poll rate", + "range": true, + "refId": "A" + } + ], + "title": "Poller processing time quantiles", + "type": "timeseries" + } + ], + "refresh": "", + "schemaVersion": 39, + "tags": [], + "templating": { + "list": [ + { + "auto": true, + "auto_count": 100, + "auto_min": "30s", + "current": { + "selected": true, + "text": "auto", + "value": "$__auto_interval_window_size" + }, + "description": "Window to use for aggregating buckets/moving averages", + "hide": 0, + "label": "Window size", + "name": "window_size", + "options": [ + { + "selected": true, + "text": "auto", + "value": "$__auto_interval_window_size" + }, + { + "selected": false, + "text": "30s", + "value": "30s" + }, + { + "selected": false, + "text": "1m", + "value": "1m" + }, + { + "selected": false, + "text": "2m", + "value": "2m" + }, + { + "selected": false, + "text": "5m", + "value": "5m" + }, + { + "selected": false, + "text": "10m", + "value": "10m" + }, + { + "selected": false, + "text": "15m", + "value": "15m" + }, + { + "selected": false, + "text": "30m", + "value": "30m" + }, + { + "selected": false, + "text": "1h", + "value": "1h" + }, + { + "selected": false, + "text": "2h", + "value": "2h" + } + ], + "query": "30s,1m,2m,5m,10m,15m,30m,1h,2h", + "queryValue": "", + "refresh": 2, + "skipUrlSync": false, + "type": "interval" + }, + { + "current": { + "selected": false, + "text": "Prometheus", + "value": "c433c715-0878-4d85-877c-465ce5b8cac4" + }, + "hide": 0, + "includeAll": false, + "multi": false, + "name": "datasource", + "options": [], + "query": "prometheus", + "queryValue": "", + "refresh": 1, + "regex": "", + "skipUrlSync": false, + "type": "datasource" + } + ] + }, + "time": { + "from": "now-1h", + "to": "now" + }, + "timepicker": {}, + "timezone": "", + "title": "Sliding Sync", + "uid": "slidingsync", + "version": 27, + "weekStart": "" + } \ No newline at end of file diff --git a/matrix-sliding-sync/templates/configmap_grafana_dashboards.yaml b/matrix-sliding-sync/templates/configmap_grafana_dashboards.yaml new file mode 100644 index 0000000..46043ed --- /dev/null +++ b/matrix-sliding-sync/templates/configmap_grafana_dashboards.yaml @@ -0,0 +1,18 @@ +{{- if .Values.grafana.dashboards.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "matrix-sliding-sync.fullname" . }}-grafana-db + labels: + {{- include "matrix-sliding-sync.labels" $ | nindent 4 }} + {{- with .Values.grafana.dashboards.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.grafana.dashboards.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +data: + {{- ($.Files.Glob "grafana_dashboards/*.json" ).AsConfig | nindent 2 }} +{{- end }} diff --git a/matrix-sliding-sync/values.yaml b/matrix-sliding-sync/values.yaml index f3d494c..0440fc2 100644 --- a/matrix-sliding-sync/values.yaml +++ b/matrix-sliding-sync/values.yaml @@ -53,6 +53,13 @@ prometheus: enabled: false labels: {} +grafana: + dashboards: + enabled: false + labels: + grafana_dashboard: "1" + annotations: {} + podAnnotations: {} podLabels: {} -- 2.45.3 From 8c843f6648faef55cfb235103e7b419c1de62927 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 25 Aug 2024 06:37:51 +0200 Subject: [PATCH 093/256] fix(ntfy): update grafana dashboard --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 2 +- .../ntfy-1679170350783.json | 108 ++++++++++-------- 3 files changed, 64 insertions(+), 48 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 20e2081..adbfa69 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.4.0 +version: 0.4.1 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 12e646e..9dab51e 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] +image::https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square[Version: 0.4.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers diff --git a/ntfy/grafana_dashboards/ntfy-1679170350783.json b/ntfy/grafana_dashboards/ntfy-1679170350783.json index 72a68bc..711ac5c 100644 --- a/ntfy/grafana_dashboards/ntfy-1679170350783.json +++ b/ntfy/grafana_dashboards/ntfy-1679170350783.json @@ -1,31 +1,4 @@ { - "__elements": {}, - "__requires": [ - { - "type": "grafana", - "id": "grafana", - "name": "Grafana", - "version": "9.4.3" - }, - { - "type": "datasource", - "id": "prometheus", - "name": "Prometheus", - "version": "1.0.0" - }, - { - "type": "panel", - "id": "stat", - "name": "Stat", - "version": "" - }, - { - "type": "panel", - "id": "timeseries", - "name": "Time series", - "version": "" - } - ], "annotations": { "list": [ { @@ -51,7 +24,6 @@ "editable": true, "fiscalYearStartMonth": 0, "graphTooltip": 0, - "id": null, "links": [], "liveNow": false, "panels": [ @@ -103,6 +75,7 @@ "graphMode": "none", "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "last" @@ -110,9 +83,11 @@ "fields": "", "values": false }, - "textMode": "auto" + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "9.4.3", + "pluginVersion": "11.1.4", "targets": [ { "datasource": { @@ -164,6 +139,7 @@ "graphMode": "none", "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "last" @@ -171,9 +147,11 @@ "fields": "", "values": false }, - "textMode": "auto" + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "9.4.3", + "pluginVersion": "11.1.4", "targets": [ { "datasource": { @@ -225,6 +203,7 @@ "graphMode": "none", "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "last" @@ -232,9 +211,11 @@ "fields": "", "values": false }, - "textMode": "auto" + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "9.4.3", + "pluginVersion": "11.1.4", "targets": [ { "datasource": { @@ -291,6 +272,7 @@ "graphMode": "none", "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "last" @@ -298,9 +280,11 @@ "fields": "", "values": false }, - "textMode": "auto" + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "9.4.3", + "pluginVersion": "11.1.4", "targets": [ { "datasource": { @@ -353,6 +337,7 @@ "graphMode": "none", "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "last" @@ -360,9 +345,11 @@ "fields": "", "values": false }, - "textMode": "auto" + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "9.4.3", + "pluginVersion": "11.1.4", "targets": [ { "datasource": { @@ -415,6 +402,7 @@ "graphMode": "none", "justifyMode": "auto", "orientation": "auto", + "percentChangeColorMode": "standard", "reduceOptions": { "calcs": [ "last" @@ -422,9 +410,11 @@ "fields": "", "values": false }, - "textMode": "auto" + "showPercentChange": false, + "textMode": "auto", + "wideLayout": true }, - "pluginVersion": "9.4.3", + "pluginVersion": "11.1.4", "targets": [ { "datasource": { @@ -463,6 +453,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -476,6 +467,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -567,6 +559,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -580,6 +573,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -695,6 +689,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -708,6 +703,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -787,6 +783,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -800,6 +797,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -880,6 +878,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -893,6 +892,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -972,6 +972,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -985,6 +986,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1052,7 +1054,6 @@ } ], "title": "Attachments: Total cache size", - "transformations": [], "type": "timeseries" }, { @@ -1066,6 +1067,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1079,6 +1081,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1170,6 +1173,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1183,6 +1187,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1262,6 +1267,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1275,6 +1281,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1366,6 +1373,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1379,6 +1387,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1470,6 +1479,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1483,6 +1493,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1574,6 +1585,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1587,6 +1599,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1680,6 +1693,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1693,6 +1707,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1772,6 +1787,7 @@ "mode": "palette-classic" }, "custom": { + "axisBorderShow": false, "axisCenteredZero": false, "axisColorMode": "text", "axisLabel": "", @@ -1785,6 +1801,7 @@ "tooltip": false, "viz": false }, + "insertNulls": false, "lineInterpolation": "linear", "lineWidth": 1, "pointSize": 5, @@ -1857,8 +1874,7 @@ ], "refresh": "1m", "revision": 1, - "schemaVersion": 38, - "style": "dark", + "schemaVersion": 39, "tags": [], "templating": { "list": [ @@ -1866,7 +1882,7 @@ "current": { "selected": false, "text": "Prometheus", - "value": "Prometheus" + "value": "prometheus" }, "hide": 0, "includeAll": false, @@ -1890,6 +1906,6 @@ "timezone": "", "title": "ntfy", "uid": "TO6HgexVz", - "version": 2, + "version": 1, "weekStart": "" -} \ No newline at end of file +} -- 2.45.3 From 1217a5e74f5c21daf90ba0fd13a79cf8240de31a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 1 Sep 2024 12:58:35 +0200 Subject: [PATCH 094/256] fix(home-assistant): update home-assistent and nats/mqtt --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 0a4fb0d..2ff5815 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.23 +version: 0.1.24 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.8.2" +appVersion: "2024.8.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index ec09fff..0256b24 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.23-informational?style=flat-square[Version: 0.1.23] +image::https://img.shields.io/badge/Version-0.1.24-informational?style=flat-square[Version: 0.1.24] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.8.2-informational?style=flat-square[AppVersion: 2024.8.2] +image::https://img.shields.io/badge/AppVersion-2024.8.3-informational?style=flat-square[AppVersion: 2024.8.3] == Maintainers .Maintainers @@ -184,7 +184,7 @@ helm uninstall home-assistant-release | nats.image.tag | string -| `"2.10.18-scratch"` +| `"2.10.20-scratch"` | | nats.livenessProbe.tcpSocket.port diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index e14d88c..ff9a6a2 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -24,7 +24,7 @@ nats: registry: docker.io repository: library/nats pullPolicy: IfNotPresent - tag: "2.10.18-scratch" + tag: "2.10.20-scratch" service: port: nats: 4222 -- 2.45.3 From e3855f01992280db38bc449b7ac84ce4cd63f683 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 1 Sep 2024 12:59:11 +0200 Subject: [PATCH 095/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index ba1cded..f527bde 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.3.0 +version: 0.3.1 # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.9.9" +appVersion: "10.9.10" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index 388636e..feba9a6 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] +image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.9.9-informational?style=flat-square[AppVersion: 10.9.9] +image::https://img.shields.io/badge/AppVersion-10.9.10-informational?style=flat-square[AppVersion: 10.9.10] == Maintainers .Maintainers -- 2.45.3 From 18e0ef8747a00833045929f650079cda4e7690d6 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 1 Sep 2024 12:59:49 +0200 Subject: [PATCH 096/256] fix(forgejo-runner): update dind --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 7673b5c..d617fd0 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.8 +version: 0.2.9 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index d562f38..6c8b312 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.8-informational?style=flat-square[Version: 0.2.8] +image::https://img.shields.io/badge/Version-0.2.9-informational?style=flat-square[Version: 0.2.9] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers @@ -245,7 +245,7 @@ helm uninstall forgejo-runner-release | dind.image.tag | string -| `"27.1.2-dind"` +| `"27.2.0-dind"` | | fullnameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 2f7275d..c51cae6 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -141,7 +141,7 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.1.2-dind + tag: 27.2.0-dind kubectl: image: registry: docker.io -- 2.45.3 From 75ddac6bd2b942f4c1661d23c728f5a00d0d0954 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 3 Sep 2024 12:03:33 +0200 Subject: [PATCH 097/256] fix(home-assistant): update zigbee2mqtt --- home-assistant/Chart.yaml | 2 +- home-assistant/README.adoc | 4 ++-- home-assistant/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 2ff5815..81dd336 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.24 +version: 0.1.25 # renovate: image=ghcr.io/home-assistant/home-assistant appVersion: "2024.8.3" maintainers: diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 0256b24..080cf19 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,7 +2,7 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.24-informational?style=flat-square[Version: 0.1.24] +image::https://img.shields.io/badge/Version-0.1.25-informational?style=flat-square[Version: 0.1.25] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2024.8.3-informational?style=flat-square[AppVersion: 2024.8.3] == Maintainers @@ -384,7 +384,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.tag | string -| `"1.39.1"` +| `"1.40.0"` | | zigbee2mqtt.ingress.hosts diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index ff9a6a2..a9abcf0 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.39.1 + tag: 1.40.0 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From 0b9d6c262cf3880a70b55bd45d08baa31ec3d210 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 3 Sep 2024 12:05:35 +0200 Subject: [PATCH 098/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 24885ad..785de57 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.1 +version: 0.3.2 # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.113.0 +appVersion: 1.114.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index da019db..1e74483 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,9 +2,9 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] +image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.113.0-informational?style=flat-square[AppVersion: 1.113.0] +image::https://img.shields.io/badge/AppVersion-1.114.0-informational?style=flat-square[AppVersion: 1.114.0] == Maintainers .Maintainers -- 2.45.3 From 6b4e02e43b58c91cf69018c79278cee43b00301b Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 3 Sep 2024 12:06:28 +0200 Subject: [PATCH 099/256] fix(element-call): update appVersion --- element-call/Chart.yaml | 4 ++-- element-call/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index 76dd68b..d405b14 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: 0.1.1 +version: 0.1.2 # renovate: image=ghcr.io/element-hq/element-call -appVersion: "0.6.1" +appVersion: "0.6.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/element-call/README.adoc b/element-call/README.adoc index 7828972..4fa9b82 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -2,9 +2,9 @@ = element-call -image::https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square[Version: 0.1.1] +image::https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square[Version: 0.1.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.1-informational?style=flat-square[AppVersion: 0.6.1] +image::https://img.shields.io/badge/AppVersion-0.6.3-informational?style=flat-square[AppVersion: 0.6.3] == Maintainers .Maintainers -- 2.45.3 From 4a8bcb00fc5d6c80d32286c6689291e1481a580d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 4 Sep 2024 16:55:30 +0200 Subject: [PATCH 100/256] fix(element-call): update appVersion --- element-call/Chart.yaml | 4 ++-- element-call/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index d405b14..7ee146b 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: 0.1.2 +version: 0.1.3 # renovate: image=ghcr.io/element-hq/element-call -appVersion: "0.6.3" +appVersion: "0.6.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/element-call/README.adoc b/element-call/README.adoc index 4fa9b82..7d919ad 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -2,9 +2,9 @@ = element-call -image::https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square[Version: 0.1.2] +image::https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square[Version: 0.1.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.3-informational?style=flat-square[AppVersion: 0.6.3] +image::https://img.shields.io/badge/AppVersion-0.6.4-informational?style=flat-square[AppVersion: 0.6.4] == Maintainers .Maintainers -- 2.45.3 From 90c324572db95176069916a574b96531a73c6054 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 4 Sep 2024 16:55:34 +0200 Subject: [PATCH 101/256] fix(matrix-authentication-service): update appVersion --- matrix-authentication-service/Chart.yaml | 4 ++-- matrix-authentication-service/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-authentication-service/Chart.yaml b/matrix-authentication-service/Chart.yaml index a9b0c67..773a85e 100644 --- a/matrix-authentication-service/Chart.yaml +++ b/matrix-authentication-service/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-authentication-service description: OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861) icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.0.5 +version: 0.0.6 # renovate: image=ghcr.io/matrix-org/matrix-authentication-service -appVersion: "0.10.0" +appVersion: "0.11.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-authentication-service/README.adoc b/matrix-authentication-service/README.adoc index 6b6f741..a7e4d5d 100644 --- a/matrix-authentication-service/README.adoc +++ b/matrix-authentication-service/README.adoc @@ -2,9 +2,9 @@ = matrix-authentication-service -image::https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square[Version: 0.0.5] +image::https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square[Version: 0.0.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.10.0-informational?style=flat-square[AppVersion: 0.10.0] +image::https://img.shields.io/badge/AppVersion-0.11.0-informational?style=flat-square[AppVersion: 0.11.0] == Maintainers .Maintainers -- 2.45.3 From f8d6c2191b7813c900e1a542b80890720d3dd09d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 5 Sep 2024 12:57:21 +0200 Subject: [PATCH 102/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 81dd336..0a18dd5 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.25 +version: 0.1.26 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.8.3" +appVersion: "2024.9.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 080cf19..d7518a9 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.25-informational?style=flat-square[Version: 0.1.25] +image::https://img.shields.io/badge/Version-0.1.26-informational?style=flat-square[Version: 0.1.26] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.8.3-informational?style=flat-square[AppVersion: 2024.8.3] +image::https://img.shields.io/badge/AppVersion-2024.9.0-informational?style=flat-square[AppVersion: 2024.9.0] == Maintainers .Maintainers -- 2.45.3 From 8791b1de95245008c70882892d69ea307db11a70 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 9 Sep 2024 15:54:56 +0200 Subject: [PATCH 103/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index f527bde..09bcbc6 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.3.1 +version: 0.3.2 # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.9.10" +appVersion: "10.9.11" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index feba9a6..bb6114c 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] +image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.9.10-informational?style=flat-square[AppVersion: 10.9.10] +image::https://img.shields.io/badge/AppVersion-10.9.11-informational?style=flat-square[AppVersion: 10.9.11] == Maintainers .Maintainers -- 2.45.3 From 87c9b27aea26e0803507ec6609359c5eb4e0a8d8 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 9 Sep 2024 15:56:25 +0200 Subject: [PATCH 104/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 0a18dd5..56fd827 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.26 +version: 0.1.27 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.9.0" +appVersion: "2024.9.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index d7518a9..459007c 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.26-informational?style=flat-square[Version: 0.1.26] +image::https://img.shields.io/badge/Version-0.1.27-informational?style=flat-square[Version: 0.1.27] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.9.0-informational?style=flat-square[AppVersion: 2024.9.0] +image::https://img.shields.io/badge/AppVersion-2024.9.1-informational?style=flat-square[AppVersion: 2024.9.1] == Maintainers .Maintainers @@ -384,7 +384,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.tag | string -| `"1.40.0"` +| `"1.40.1"` | | zigbee2mqtt.ingress.hosts diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index a9abcf0..6a7b3eb 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.40.0 + tag: 1.40.1 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From f0ab2a70610a7d0ec5ecf54e92ab41eb219c1c45 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:55:08 +0200 Subject: [PATCH 105/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 56fd827..e01c435 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.27 +version: 0.1.28 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.9.1" +appVersion: "2024.9.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 459007c..ccd04d2 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.27-informational?style=flat-square[Version: 0.1.27] +image::https://img.shields.io/badge/Version-0.1.28-informational?style=flat-square[Version: 0.1.28] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.9.1-informational?style=flat-square[AppVersion: 2024.9.1] +image::https://img.shields.io/badge/AppVersion-2024.9.2-informational?style=flat-square[AppVersion: 2024.9.2] == Maintainers .Maintainers -- 2.45.3 From 8b5ba6c6419c8093292522fd7b239fa99cc0a16a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:55:11 +0200 Subject: [PATCH 106/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 785de57..810d59b 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.2 +version: 0.3.3 # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.114.0 +appVersion: 1.115.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 1e74483..8334c4b 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,9 +2,9 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] +image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.114.0-informational?style=flat-square[AppVersion: 1.114.0] +image::https://img.shields.io/badge/AppVersion-1.115.0-informational?style=flat-square[AppVersion: 1.115.0] == Maintainers .Maintainers -- 2.45.3 From 6a8adae8347c5e6ca107b2e175e2a290c6e08430 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:55:13 +0200 Subject: [PATCH 107/256] fix(mautrix-signal): update appVersion --- mautrix-signal/Chart.yaml | 4 ++-- mautrix-signal/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index 790873f..a809c5d 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.11 +version: 0.0.12 # renovate: image=dock.mau.dev/mautrix/signal -appVersion: "0.7.0" +appVersion: "0.7.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index 8ecff95..fd86794 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,9 +2,9 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square[Version: 0.0.11] +image::https://img.shields.io/badge/Version-0.0.12-informational?style=flat-square[Version: 0.0.12] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square[AppVersion: 0.7.0] +image::https://img.shields.io/badge/AppVersion-0.7.1-informational?style=flat-square[AppVersion: 0.7.1] == Maintainers .Maintainers -- 2.45.3 From 26cdda5bee1e433dc1a901cfe20b14be6cd304d1 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:55:16 +0200 Subject: [PATCH 108/256] fix(miniserve): update appVersion --- miniserve/Chart.yaml | 4 ++-- miniserve/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/miniserve/Chart.yaml b/miniserve/Chart.yaml index 99ec735..687b13d 100644 --- a/miniserve/Chart.yaml +++ b/miniserve/Chart.yaml @@ -3,9 +3,9 @@ name: miniserve description: A Helm chart for Kubernetes icon: https://raw.githubusercontent.com/svenstaro/miniserve/master/data/logo.svg type: application -version: 0.4.0 +version: 0.4.1 # renovate: image=docker.io/svenstaro/miniserve -appVersion: "0.27.0" +appVersion: "0.27.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/miniserve/README.adoc b/miniserve/README.adoc index 85049b5..cb06853 100644 --- a/miniserve/README.adoc +++ b/miniserve/README.adoc @@ -2,9 +2,9 @@ = miniserve -image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] +image::https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square[Version: 0.4.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.27.0-informational?style=flat-square[AppVersion: 0.27.0] +image::https://img.shields.io/badge/AppVersion-0.27.1-informational?style=flat-square[AppVersion: 0.27.1] == Maintainers .Maintainers -- 2.45.3 From 632b4234f9496f622b109acc9454def1b56bed31 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:55:19 +0200 Subject: [PATCH 109/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 4 ++-- stalwart-mail/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 1d53947..d33405e 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.13 +version: 0.0.14 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.9.1" +appVersion: "0.9.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index a4fd58c..ca4c906 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square[Version: 0.0.13] +image::https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square[Version: 0.0.14] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.9.1-informational?style=flat-square[AppVersion: 0.9.1] +image::https://img.shields.io/badge/AppVersion-0.9.4-informational?style=flat-square[AppVersion: 0.9.4] == Maintainers .Maintainers -- 2.45.3 From e1d631b12187695310103beb4a9bed89c1d67661 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:56:59 +0200 Subject: [PATCH 110/256] fix(ntfy): update kubectl --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 4 ++-- ntfy/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index adbfa69..4e95664 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.4.1 +version: 0.4.2 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 9dab51e..8ead8e0 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square[Version: 0.4.1] +image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -159,7 +159,7 @@ helm uninstall ntfy-release | kubectl.image | object -| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.0"}` +| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.1"}` | image needed for setup (store generated VAPID / WebPush keys) | nameOverride diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 7a592a8..59e5c4a 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -16,7 +16,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.0 + tag: 1.31.1 imagePullSecrets: [] nameOverride: "" -- 2.45.3 From a3b537a5b88413ee7ffaaf2a9bd152ff6b716838 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:57:39 +0200 Subject: [PATCH 111/256] fix(forgejo-runner): update kubectl and dind --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 6 +++--- forgejo-runner/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index d617fd0..a3c5243 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.9 +version: 0.2.10 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 6c8b312..4b79c1b 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.9-informational?style=flat-square[Version: 0.2.9] +image::https://img.shields.io/badge/Version-0.2.10-informational?style=flat-square[Version: 0.2.10] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers @@ -245,7 +245,7 @@ helm uninstall forgejo-runner-release | dind.image.tag | string -| `"27.2.0-dind"` +| `"27.2.1-dind"` | | fullnameOverride @@ -295,7 +295,7 @@ helm uninstall forgejo-runner-release | kubectl.image.tag | string -| `"1.31.0"` +| `"1.31.1"` | | nameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index c51cae6..04e4bf7 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -141,13 +141,13 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.2.0-dind + tag: 27.2.1-dind kubectl: image: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.0 + tag: 1.31.1 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From f80f70e7d37198f33ff30ddc6afba14cc4804559 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 12:58:27 +0200 Subject: [PATCH 112/256] fix(matrix-synapse): update alpine helper --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 4 ++-- matrix-synapse/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 810d59b..a6932cf 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.3 +version: 0.3.4 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.115.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 8334c4b..d838e42 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] +image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.115.0-informational?style=flat-square[AppVersion: 1.115.0] == Maintainers @@ -569,7 +569,7 @@ helm uninstall matrix-synapse-release | volumePermissions.image.tag | string -| `"3.20.2"` +| `"3.20.3"` | | volumePermissions.resources diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 457e331..3f9f812 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -794,7 +794,7 @@ volumePermissions: image: registry: docker.io repository: library/alpine - tag: 3.20.2 + tag: 3.20.3 pullPolicy: Always ## Optionally specify an array of imagePullSecrets. -- 2.45.3 From c713bbdf9026afebccf30afcf8553a62273fb47c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 13:21:33 +0200 Subject: [PATCH 113/256] fix(miniserve): update appVersion --- miniserve/Chart.yaml | 4 ++-- miniserve/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/miniserve/Chart.yaml b/miniserve/Chart.yaml index 687b13d..ce99ae8 100644 --- a/miniserve/Chart.yaml +++ b/miniserve/Chart.yaml @@ -3,9 +3,9 @@ name: miniserve description: A Helm chart for Kubernetes icon: https://raw.githubusercontent.com/svenstaro/miniserve/master/data/logo.svg type: application -version: 0.4.1 +version: 0.4.2 # renovate: image=docker.io/svenstaro/miniserve -appVersion: "0.27.1" +appVersion: "0.28.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/miniserve/README.adoc b/miniserve/README.adoc index cb06853..cd2b98f 100644 --- a/miniserve/README.adoc +++ b/miniserve/README.adoc @@ -2,9 +2,9 @@ = miniserve -image::https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square[Version: 0.4.1] +image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.27.1-informational?style=flat-square[AppVersion: 0.27.1] +image::https://img.shields.io/badge/AppVersion-0.28.0-informational?style=flat-square[AppVersion: 0.28.0] == Maintainers .Maintainers -- 2.45.3 From bd2b407c77830e7f4d934b75669f506d8c3afc3e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 18 Sep 2024 15:58:15 +0200 Subject: [PATCH 114/256] fix(ntfy): grafana dashboards --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 2 +- .../ntfy-1679170350783.json | 26 ++++++++++++++----- 3 files changed, 22 insertions(+), 8 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 4e95664..a23aa7f 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.4.2 +version: 0.4.3 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 8ead8e0..12ade52 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] +image::https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square[Version: 0.4.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers diff --git a/ntfy/grafana_dashboards/ntfy-1679170350783.json b/ntfy/grafana_dashboards/ntfy-1679170350783.json index 711ac5c..1a1470e 100644 --- a/ntfy/grafana_dashboards/ntfy-1679170350783.json +++ b/ntfy/grafana_dashboards/ntfy-1679170350783.json @@ -87,7 +87,7 @@ "textMode": "auto", "wideLayout": true }, - "pluginVersion": "11.1.4", + "pluginVersion": "11.2.0", "targets": [ { "datasource": { @@ -151,7 +151,7 @@ "textMode": "auto", "wideLayout": true }, - "pluginVersion": "11.1.4", + "pluginVersion": "11.2.0", "targets": [ { "datasource": { @@ -215,7 +215,7 @@ "textMode": "auto", "wideLayout": true }, - "pluginVersion": "11.1.4", + "pluginVersion": "11.2.0", "targets": [ { "datasource": { @@ -284,7 +284,7 @@ "textMode": "auto", "wideLayout": true }, - "pluginVersion": "11.1.4", + "pluginVersion": "11.2.0", "targets": [ { "datasource": { @@ -349,7 +349,7 @@ "textMode": "auto", "wideLayout": true }, - "pluginVersion": "11.1.4", + "pluginVersion": "11.2.0", "targets": [ { "datasource": { @@ -414,7 +414,7 @@ "textMode": "auto", "wideLayout": true }, - "pluginVersion": "11.1.4", + "pluginVersion": "11.2.0", "targets": [ { "datasource": { @@ -459,6 +459,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -565,6 +566,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -695,6 +697,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -789,6 +792,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -884,6 +888,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -978,6 +983,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1073,6 +1079,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1179,6 +1186,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1273,6 +1281,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1379,6 +1388,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1485,6 +1495,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1591,6 +1602,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1699,6 +1711,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", @@ -1793,6 +1806,7 @@ "axisLabel": "", "axisPlacement": "auto", "barAlignment": 0, + "barWidthFactor": 0.6, "drawStyle": "line", "fillOpacity": 0, "gradientMode": "none", -- 2.45.3 From f27b3fa9e7339386aa426c88a6ad1bc0639bcc83 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 21 Sep 2024 13:39:14 +0200 Subject: [PATCH 115/256] fix(element-call): update appVersion --- element-call/Chart.yaml | 4 ++-- element-call/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index 7ee146b..0ae61a2 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: 0.1.3 +version: 0.1.4 # renovate: image=ghcr.io/element-hq/element-call -appVersion: "0.6.4" +appVersion: "0.6.6" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/element-call/README.adoc b/element-call/README.adoc index 7d919ad..039bb69 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -2,9 +2,9 @@ = element-call -image::https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square[Version: 0.1.3] +image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.4-informational?style=flat-square[AppVersion: 0.6.4] +image::https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square[AppVersion: 0.6.6] == Maintainers .Maintainers -- 2.45.3 From 2fc63308da0f2b114d11314745279319198e65e7 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 21 Sep 2024 16:58:42 +0200 Subject: [PATCH 116/256] fix(forgejo-runner): update dependencies --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index a3c5243..a36fd56 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.10 +version: 0.2.11 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 4b79c1b..b8961a1 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.10-informational?style=flat-square[Version: 0.2.10] +image::https://img.shields.io/badge/Version-0.2.11-informational?style=flat-square[Version: 0.2.11] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers @@ -245,7 +245,7 @@ helm uninstall forgejo-runner-release | dind.image.tag | string -| `"27.2.1-dind"` +| `"27.3.1-dind"` | | fullnameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 04e4bf7..ca6224b 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -141,7 +141,7 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.2.1-dind + tag: 27.3.1-dind kubectl: image: registry: docker.io -- 2.45.3 From 19e361b9f5b83a0b45bce0f7a23e2b2a9f7cd797 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 28 Sep 2024 17:50:35 +0200 Subject: [PATCH 117/256] fix(home-assistant): update AppVersion and deps --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index e01c435..a19958d 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.28 +version: 0.1.29 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.9.2" +appVersion: "2024.9.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index ccd04d2..7cd55c3 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.28-informational?style=flat-square[Version: 0.1.28] +image::https://img.shields.io/badge/Version-0.1.29-informational?style=flat-square[Version: 0.1.29] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.9.2-informational?style=flat-square[AppVersion: 2024.9.2] +image::https://img.shields.io/badge/AppVersion-2024.9.3-informational?style=flat-square[AppVersion: 2024.9.3] == Maintainers .Maintainers @@ -184,7 +184,7 @@ helm uninstall home-assistant-release | nats.image.tag | string -| `"2.10.20-scratch"` +| `"2.10.21-scratch"` | | nats.livenessProbe.tcpSocket.port diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index 6a7b3eb..34d3832 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -24,7 +24,7 @@ nats: registry: docker.io repository: library/nats pullPolicy: IfNotPresent - tag: "2.10.20-scratch" + tag: "2.10.21-scratch" service: port: nats: 4222 -- 2.45.3 From 54755bc90c3b3d93da4f356e5cb6f957db9588a8 Mon Sep 17 00:00:00 2001 From: Alexey Pavlunin Date: Fri, 27 Sep 2024 10:59:06 +0300 Subject: [PATCH 118/256] fix(forgejo-runner): fix secrets creation, adding envs from values --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 7 ++++++- forgejo-runner/templates/deployment.yaml | 3 +++ forgejo-runner/templates/jobs.yaml | 1 + forgejo-runner/templates/secrets.yaml | 1 + forgejo-runner/values.yaml | 8 ++++++++ 6 files changed, 20 insertions(+), 2 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index a36fd56..e460511 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.11 +version: 0.2.12 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index b8961a1..35a6fe8 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.11-informational?style=flat-square[Version: 0.2.11] +image::https://img.shields.io/badge/Version-0.2.12-informational?style=flat-square[Version: 0.2.12] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers @@ -248,6 +248,11 @@ helm uninstall forgejo-runner-release | `"27.3.1-dind"` | +| extraEnvVars +| list +| `[]` +| Additional environment variables to be set on runner container Example: extraEnvVars: - name: FOO value: "bar" + | fullnameOverride | string | `""` diff --git a/forgejo-runner/templates/deployment.yaml b/forgejo-runner/templates/deployment.yaml index 61166f4..f7a6a60 100644 --- a/forgejo-runner/templates/deployment.yaml +++ b/forgejo-runner/templates/deployment.yaml @@ -66,6 +66,9 @@ spec: value: /certs/client - name: DOCKER_TLS_VERIFY value: "1" + {{- with .Values.extraEnvVars }} + {{- toYaml . | nindent 12 }} + {{- end }} volumeMounts: - name: runner-configfile mountPath: /etc/runner diff --git a/forgejo-runner/templates/jobs.yaml b/forgejo-runner/templates/jobs.yaml index 50ba4d0..5f66027 100644 --- a/forgejo-runner/templates/jobs.yaml +++ b/forgejo-runner/templates/jobs.yaml @@ -60,6 +60,7 @@ metadata: name: {{ $secretName }} annotations: helm.sh/resource-policy: keep + "helm.sh/hook": "pre-install,pre-upgrade" type: Opaque --- apiVersion: v1 diff --git a/forgejo-runner/templates/secrets.yaml b/forgejo-runner/templates/secrets.yaml index ce511ab..6d9b249 100644 --- a/forgejo-runner/templates/secrets.yaml +++ b/forgejo-runner/templates/secrets.yaml @@ -7,5 +7,6 @@ metadata: {{- include "forgejo-runner.labels" . | nindent 4 }} annotations: config-hash: {{ toYaml .Values.runner.config.file | sha256sum }} + "helm.sh/hook": "pre-install,pre-upgrade" data: config.yaml: {{ toYaml .Values.runner.config.file | b64enc }} diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index ca6224b..2abfc83 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -212,3 +212,11 @@ nodeSelector: {} tolerations: [] affinity: {} + +# -- Additional environment variables to be set on runner container +# Example: +# extraEnvVars: +# - name: FOO +# value: "bar" +# +extraEnvVars: [] -- 2.45.3 From f99e88a37073cd911a8a56fe8de3719edcdbe9e1 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 30 Sep 2024 19:57:42 +0200 Subject: [PATCH 119/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 4 ++-- stalwart-mail/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index d33405e..27d304b 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/home/apple-touch-icon.png type: application -version: 0.0.14 +version: 0.0.15 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.9.4" +appVersion: "0.10.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index ca4c906..d7b10a2 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square[Version: 0.0.14] +image::https://img.shields.io/badge/Version-0.0.15-informational?style=flat-square[Version: 0.0.15] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.9.4-informational?style=flat-square[AppVersion: 0.9.4] +image::https://img.shields.io/badge/AppVersion-0.10.1-informational?style=flat-square[AppVersion: 0.10.1] == Maintainers .Maintainers -- 2.45.3 From 69bf19be1ef5a8c8eedc511c4494acda5ae6f389 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 30 Sep 2024 21:06:12 +0200 Subject: [PATCH 120/256] fix(forgejo-runner): do not delete configfile secret (hook without resource-policy) --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 2 +- forgejo-runner/templates/secrets.yaml | 1 - 3 files changed, 2 insertions(+), 3 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index e460511..e662fd6 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.12 +version: 0.2.13 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 35a6fe8..5d690b9 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.12-informational?style=flat-square[Version: 0.2.12] +image::https://img.shields.io/badge/Version-0.2.13-informational?style=flat-square[Version: 0.2.13] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers diff --git a/forgejo-runner/templates/secrets.yaml b/forgejo-runner/templates/secrets.yaml index 6d9b249..ce511ab 100644 --- a/forgejo-runner/templates/secrets.yaml +++ b/forgejo-runner/templates/secrets.yaml @@ -7,6 +7,5 @@ metadata: {{- include "forgejo-runner.labels" . | nindent 4 }} annotations: config-hash: {{ toYaml .Values.runner.config.file | sha256sum }} - "helm.sh/hook": "pre-install,pre-upgrade" data: config.yaml: {{ toYaml .Values.runner.config.file | b64enc }} -- 2.45.3 From a6ab540830ccb888ee39f4a0f50fda01dd01b6cf Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 30 Sep 2024 21:19:24 +0200 Subject: [PATCH 121/256] fix(forgejo-runner): do not delete config secret (hook with resource-policy only delete) --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 2 +- forgejo-runner/templates/jobs.yaml | 7 ++++--- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index e662fd6..4b33137 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.13 +version: 0.2.14 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 5d690b9..cda3c52 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.13-informational?style=flat-square[Version: 0.2.13] +image::https://img.shields.io/badge/Version-0.2.14-informational?style=flat-square[Version: 0.2.14] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers diff --git a/forgejo-runner/templates/jobs.yaml b/forgejo-runner/templates/jobs.yaml index 5f66027..923d55b 100644 --- a/forgejo-runner/templates/jobs.yaml +++ b/forgejo-runner/templates/jobs.yaml @@ -56,12 +56,13 @@ subjects: --- apiVersion: v1 kind: Secret +type: Opaque metadata: name: {{ $secretName }} annotations: - helm.sh/resource-policy: keep - "helm.sh/hook": "pre-install,pre-upgrade" -type: Opaque + "helm.sh/resource-policy": keep + "helm.sh/hook-delete-policy": "hook-failed" + "helm.sh/hook": "pre-install" --- apiVersion: v1 kind: Secret -- 2.45.3 From c30caa376340defac429c30a6893e5f7974b3a49 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 1 Oct 2024 14:37:59 +0200 Subject: [PATCH 122/256] fix(matrix-synapse): update to v1.116.0 --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index a6932cf..9ddf41e 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.4 +version: 0.3.5 # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.115.0 +appVersion: 1.116.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index d838e42..0da46f4 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,9 +2,9 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] +image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.115.0-informational?style=flat-square[AppVersion: 1.115.0] +image::https://img.shields.io/badge/AppVersion-1.116.0-informational?style=flat-square[AppVersion: 1.116.0] == Maintainers .Maintainers -- 2.45.3 From ce6eea5496ac49b27e9b1ef2a9e6f3a476f418c2 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 1 Oct 2024 15:17:44 +0200 Subject: [PATCH 123/256] fix(postgresql): use for major update pgautoupgrade --- postgresql/Chart.yaml | 4 +-- postgresql/README.adoc | 44 +++++++++++++++++++++++++-- postgresql/templates/statefulset.yaml | 24 +++++++++++++-- postgresql/values.yaml | 25 +++++++++++++-- 4 files changed, 88 insertions(+), 9 deletions(-) diff --git a/postgresql/Chart.yaml b/postgresql/Chart.yaml index 53d8be9..c1f0079 100644 --- a/postgresql/Chart.yaml +++ b/postgresql/Chart.yaml @@ -4,9 +4,9 @@ name: "postgresql" description: "A Helm chart for running PostgreSQL (Postgres) database" icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg type: "application" -version: "0.1.10" +version: "0.2.0" # renovate: image=docker.io/library/postgres -appVersion: "16.4-alpine" +appVersion: "17.0-alpine" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/postgresql/README.adoc b/postgresql/README.adoc index f536e5f..74cbb7a 100644 --- a/postgresql/README.adoc +++ b/postgresql/README.adoc @@ -2,9 +2,9 @@ = postgresql -image::https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square[Version: 0.1.10] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-16.4-alpine-informational?style=flat-square[AppVersion: 16.4-alpine] +image::https://img.shields.io/badge/AppVersion-17.0-alpine-informational?style=flat-square[AppVersion: 17.0-alpine] == Maintainers .Maintainers @@ -52,11 +52,51 @@ helm uninstall postgresql-release | `{}` | +| autoupgrade.enabled +| bool +| `true` +| + +| autoupgrade.image.pullPolicy +| string +| `"IfNotPresent"` +| + +| autoupgrade.image.registry +| string +| `"docker.io"` +| + +| autoupgrade.image.repository +| string +| `"pgautoupgrade/pgautoupgrade"` +| + +| autoupgrade.image.tag +| string +| `"17-alpine"` +| + +| autoupgrade.securityContext +| object +| `{}` +| + | fullnameOverride | string | `""` | +| global.image.pullPolicy +| string +| `nil` +| if set it will overwrite all pullPolicy + +| global.image.registry +| string +| `nil` +| if set it will overwrite all registry entries + | image.pullPolicy | string | `"IfNotPresent"` diff --git a/postgresql/templates/statefulset.yaml b/postgresql/templates/statefulset.yaml index 389d628..5c2f284 100644 --- a/postgresql/templates/statefulset.yaml +++ b/postgresql/templates/statefulset.yaml @@ -29,12 +29,32 @@ spec: serviceAccountName: {{ include "postgresql.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- with .Values.autoupgrade }} + {{- if .enabled }} + initContainers: + - name: upgrade + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + env: + - name: "PGAUTO_ONESHOT" + value: "yes" + volumeMounts: + - name: "data" + mountPath: "/var/lib/postgresql/data" + {{- end }}{{/* end-if autoupgrade.enabled */}} + {{- end }}{{/* end-with autoupgrade */}} containers: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} env: - name: "POSTGRES_PASSWORD" value: {{ .Values.postgres.password | quote }} diff --git a/postgresql/values.yaml b/postgresql/values.yaml index df2c333..139fc70 100644 --- a/postgresql/values.yaml +++ b/postgresql/values.yaml @@ -1,6 +1,9 @@ -# Default values for postgresql. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. +global: + image: + # -- if set it will overwrite all registry entries + registry: + # -- if set it will overwrite all pullPolicy + pullPolicy: image: registry: docker.io @@ -115,3 +118,19 @@ job: # owner: "existing_user_which_will_get_grant" # additionalParams: "" # Optional databases: {} + +autoupgrade: + enabled: true + image: + registry: docker.io + repository: pgautoupgrade/pgautoupgrade + pullPolicy: IfNotPresent + tag: "17-alpine" + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 -- 2.45.3 From b530414bdd637d376d6336da24ee6d76d2ee6bef Mon Sep 17 00:00:00 2001 From: tectux Date: Sat, 5 Oct 2024 18:40:33 +0000 Subject: [PATCH 124/256] fix(conduit) labels so that service can find pod fix #184 (close #185) --- conduit/Chart.yaml | 2 +- conduit/README.adoc | 2 +- conduit/templates/wellknown/deployment.yaml | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index 94deeff..7f04d8f 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,7 +3,7 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 0.3.4 +version: 0.3.5 # renovate: image=registry.gitlab.com/famedly/conduit/matrix-conduit appVersion: "0.8.0" maintainers: diff --git a/conduit/README.adoc b/conduit/README.adoc index e89ea51..aceed9c 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,7 +2,7 @@ = conduit -image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] +image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square[AppVersion: 0.8.0] == Maintainers diff --git a/conduit/templates/wellknown/deployment.yaml b/conduit/templates/wellknown/deployment.yaml index eded4fc..421a093 100644 --- a/conduit/templates/wellknown/deployment.yaml +++ b/conduit/templates/wellknown/deployment.yaml @@ -24,6 +24,7 @@ spec: {{- with .Values.wellknown.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} + type: wellknown spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: -- 2.45.3 From 22bdadf94691c30f1a565a63a4c22a9372811475 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 6 Oct 2024 14:06:23 +0200 Subject: [PATCH 125/256] fix(home-assistant): update AppVersion and zigbee2mqtt --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index a19958d..2c7cbb8 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.29 +version: 0.1.30 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.9.3" +appVersion: "2024.10.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 7cd55c3..fdaff9e 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.29-informational?style=flat-square[Version: 0.1.29] +image::https://img.shields.io/badge/Version-0.1.30-informational?style=flat-square[Version: 0.1.30] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.9.3-informational?style=flat-square[AppVersion: 2024.9.3] +image::https://img.shields.io/badge/AppVersion-2024.10.1-informational?style=flat-square[AppVersion: 2024.10.1] == Maintainers .Maintainers @@ -384,7 +384,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.tag | string -| `"1.40.1"` +| `"1.40.2"` | | zigbee2mqtt.ingress.hosts diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index 34d3832..50cd339 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.40.1 + tag: 1.40.2 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From af8f5968ac3dab77bd870d32d4993510d59ba025 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 6 Oct 2024 14:08:15 +0200 Subject: [PATCH 126/256] fix(matrix-synapse): update nginx for well-known --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 4 ++-- matrix-synapse/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 9ddf41e..663158c 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.5 +version: 0.3.6 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.116.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 0da46f4..a483ba0 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5] +image::https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square[Version: 0.3.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.116.0-informational?style=flat-square[AppVersion: 1.116.0] == Maintainers @@ -629,7 +629,7 @@ helm uninstall matrix-synapse-release | wellknown.image.tag | string -| `"1.27.1"` +| `"1.27.2"` | | wellknown.nodeSelector diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 3f9f812..c6356b3 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -613,7 +613,7 @@ wellknown: image: registry: docker.io repository: library/nginx - tag: 1.27.1 + tag: 1.27.2 pullPolicy: IfNotPresent replicaCount: 1 -- 2.45.3 From 9958ceb79f1eb45c22a788d70d42af8cd8a635b3 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 6 Oct 2024 14:12:44 +0200 Subject: [PATCH 127/256] fix(conduit): use docker.io because of well tagged container images --- conduit/Chart.yaml | 4 ++-- conduit/README.adoc | 6 +++--- conduit/values.yaml | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index 7f04d8f..519a205 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,8 +3,8 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 0.3.5 -# renovate: image=registry.gitlab.com/famedly/conduit/matrix-conduit +version: 0.3.6 +# renovate: image=docker.io/matrixconduit/matrix-conduit appVersion: "0.8.0" maintainers: - name: WrenIX diff --git a/conduit/README.adoc b/conduit/README.adoc index aceed9c..43edaa1 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,7 +2,7 @@ = conduit -image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5] +image::https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square[Version: 0.3.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square[AppVersion: 0.8.0] == Maintainers @@ -144,12 +144,12 @@ helm uninstall conduit-release | image.registry | string -| `"registry.gitlab.com"` +| `"docker.io"` | | image.repository | string -| `"famedly/conduit/matrix-conduit"` +| `"matrixconduit/matrix-conduit"` | | image.tag diff --git a/conduit/values.yaml b/conduit/values.yaml index 816237e..ea27974 100644 --- a/conduit/values.yaml +++ b/conduit/values.yaml @@ -5,8 +5,8 @@ replicaCount: 1 image: - registry: registry.gitlab.com - repository: famedly/conduit/matrix-conduit + registry: docker.io + repository: matrixconduit/matrix-conduit pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. tag: "" -- 2.45.3 From b44b87338ee659391edf187b2f47391a36370125 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 6 Oct 2024 14:19:23 +0200 Subject: [PATCH 128/256] fix(conduit): update nginx for well-known --- conduit/Chart.yaml | 2 +- conduit/README.adoc | 4 ++-- conduit/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index 519a205..5013d9a 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,7 +3,7 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 0.3.6 +version: 0.3.7 # renovate: image=docker.io/matrixconduit/matrix-conduit appVersion: "0.8.0" maintainers: diff --git a/conduit/README.adoc b/conduit/README.adoc index 43edaa1..3aa417f 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,7 +2,7 @@ = conduit -image::https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square[Version: 0.3.6] +image::https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square[Version: 0.3.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square[AppVersion: 0.8.0] == Maintainers @@ -349,7 +349,7 @@ helm uninstall conduit-release | wellknown.image.tag | string -| `"1.27.1"` +| `"1.27.2"` | | wellknown.nodeSelector diff --git a/conduit/values.yaml b/conduit/values.yaml index ea27974..d9cfd97 100644 --- a/conduit/values.yaml +++ b/conduit/values.yaml @@ -48,7 +48,7 @@ wellknown: registry: docker.io repository: library/nginx pullPolicy: IfNotPresent - tag: "1.27.1" + tag: "1.27.2" replicaCount: 1 podLabels: {} -- 2.45.3 From d3df54a036a17740d1d11dbcb92b4168a016e154 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 10 Oct 2024 23:17:04 +0200 Subject: [PATCH 129/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 6 +++--- stalwart-mail/README.adoc | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 27d304b..a171122 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -1,11 +1,11 @@ apiVersion: v2 name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) -icon: https://stalw.art/home/apple-touch-icon.png +icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.15 +version: 0.0.16 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.10.1" +appVersion: "0.10.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index d7b10a2..9be3f67 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.15-informational?style=flat-square[Version: 0.0.15] +image::https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square[Version: 0.0.16] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.10.1-informational?style=flat-square[AppVersion: 0.10.1] +image::https://img.shields.io/badge/AppVersion-0.10.4-informational?style=flat-square[AppVersion: 0.10.4] == Maintainers .Maintainers -- 2.45.3 From 0f400688df1541895bab5fce06b8fdf9fced51ec Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 10 Oct 2024 23:18:39 +0200 Subject: [PATCH 130/256] fix(gotosocial): no empty values in secret --- gotosocial/Chart.yaml | 2 +- gotosocial/README.adoc | 2 +- gotosocial/templates/secret.yaml | 24 ++++++++++++++++++------ 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index 28384ea..549bde6 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,7 +3,7 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.2.1 +version: 0.2.2 # renovate: image=docker.io/superseriousbusiness/gotosocial appVersion: "0.16.0" maintainers: diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index 2a139d0..fd3837d 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,7 +2,7 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] +image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.16.0-informational?style=flat-square[AppVersion: 0.16.0] == Maintainers diff --git a/gotosocial/templates/secret.yaml b/gotosocial/templates/secret.yaml index 08f345b..070a6f6 100644 --- a/gotosocial/templates/secret.yaml +++ b/gotosocial/templates/secret.yaml @@ -12,7 +12,9 @@ data: TZ: {{ .tz | b64enc }} GTS_APPLICATION_NAME: {{ .applicationName | b64enc }} - GTS_LANDING_PAGE_USER: {{ .landingPageUser | b64enc }} + {{- with .landingPageUser }} + GTS_LANDING_PAGE_USER: {{ . | b64enc }} + {{- end }} GTS_HOST: {{ .host | b64enc }} GTS_ACCOUNT_DOMAIN: {{ .accountDomain | b64enc }} @@ -43,7 +45,9 @@ data: {{- end }}{{/* end-else-if sqlite */}} {{- with .instance }} - GTS_INSTANCE_LANGUAGES: {{ .languages | join "," | b64enc }} + {{- with .languages }} + GTS_INSTANCE_LANGUAGES: {{ . | join "," | b64enc }} + {{- end }} {{- with .federation }} GTS_INSTANCE_FEDERATION_MODE: {{ .mode | b64enc }} GTS_INSTANCE_FEDERATION_SPAM_FILTER: {{ toYaml .spamFilter | b64enc }} @@ -106,11 +110,19 @@ data: {{- end }}{{/* end-with oidc */}} {{- with .smtp }} - GTS_SMTP_HOST: {{ .host | default "" | b64enc }} + {{- with .host }} + GTS_SMTP_HOST: {{ . | b64enc }} + {{- end }} GTS_SMTP_PORT: {{ toYaml .port | b64enc }} - GTS_SMTP_USERNAME: {{ .username | default "" | b64enc }} - GTS_SMTP_PASSWORD: {{ .password | default "" | b64enc }} - GTS_SMTP_FROM: {{ .from | default "" | b64enc }} + {{- with .username }} + GTS_SMTP_USERNAME: {{ . | b64enc }} + {{- end }} + {{- with .password }} + GTS_SMTP_PASSWORD: {{ . | b64enc }} + {{- end }} + {{- with .from }} + GTS_SMTP_FROM: {{ . | b64enc }} + {{- end }} GTS_SMTP_DISCLOSE_RECIPIENTS: {{ toYaml .discloseRecipients | b64enc }} {{- end }}{{/* end-with smtp */}} -- 2.45.3 From 6c3deba125971803ab7c96dfe0d8267befb8f5b9 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 11 Oct 2024 23:13:46 +0200 Subject: [PATCH 131/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 2c7cbb8..67bf9d8 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.30 +version: 0.1.31 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.10.1" +appVersion: "2024.10.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index fdaff9e..5d9348a 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.30-informational?style=flat-square[Version: 0.1.30] +image::https://img.shields.io/badge/Version-0.1.31-informational?style=flat-square[Version: 0.1.31] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.10.1-informational?style=flat-square[AppVersion: 2024.10.1] +image::https://img.shields.io/badge/AppVersion-2024.10.2-informational?style=flat-square[AppVersion: 2024.10.2] == Maintainers .Maintainers -- 2.45.3 From 7df49a6afa1e9d722837dd211d69224630c93759 Mon Sep 17 00:00:00 2001 From: tectux Date: Sat, 5 Oct 2024 15:37:56 +0000 Subject: [PATCH 132/256] fix(conduit): wellknown custom deployment --- conduit/Chart.yaml | 4 +- conduit/README.adoc | 48 +++++++++++++-------- conduit/ci/empty-values.yaml | 0 conduit/ci/well-known-values.yaml | 22 ++++++++++ conduit/templates/deployment.yaml | 6 ++- conduit/templates/ingress.yaml | 9 ++++ conduit/templates/wellknown/configmap.yaml | 9 ++-- conduit/templates/wellknown/deployment.yaml | 14 +++--- conduit/values.yaml | 43 ++++++++++++++++-- 9 files changed, 120 insertions(+), 35 deletions(-) create mode 100644 conduit/ci/empty-values.yaml create mode 100644 conduit/ci/well-known-values.yaml diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index 5013d9a..54a8c3a 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,9 +3,9 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 0.3.7 +version: 1.0.0 # renovate: image=docker.io/matrixconduit/matrix-conduit -appVersion: "0.8.0" +appVersion: "0.9.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/conduit/README.adoc b/conduit/README.adoc index 3aa417f..564a85e 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,9 +2,9 @@ = conduit -image::https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square[Version: 0.3.7] +image::https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square[Version: 1.0.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.8.0-informational?style=flat-square[AppVersion: 0.8.0] +image::https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square[AppVersion: 0.9.0] == Maintainers .Maintainers @@ -127,10 +127,15 @@ helm uninstall conduit-release | `"matrix.org"` | -| conduit.wellKnownClient +| conduit.wellKnown.client | string -| `"your.server.name"` -| +| `""` +| client well-known configuration in conduit + +| conduit.wellKnown.server +| string +| `"https://your.server.name"` +| server well-known configuration in conduit | fullnameOverride | string @@ -307,15 +312,10 @@ helm uninstall conduit-release | `{}` | -| wellknown.client."m.homeserver".base_url -| string -| `"https://your.server.name/"` -| - -| wellknown.client."org.matrix.msc3575.proxy".url -| string -| `"https://your.server.name/"` -| +| wellknown.client +| object +| `{"m.homeserver":{"base_url":"https://your.server.name/"},"org.matrix.msc3575.proxy":{"url":"https://your.server.name/"}}` +| client entry in well-known | wellknown.containerPort | int @@ -324,7 +324,7 @@ helm uninstall conduit-release | wellknown.enabled | bool -| `true` +| `false` | | wellknown.env @@ -352,6 +352,11 @@ helm uninstall conduit-release | `"1.27.2"` | +| wellknown.nginxServerConf +| string +| `"server {\n listen {{ .containerPort }};\n server_name localhost;\n\n location /.well-known/matrix/server {\n return 200 {{ toJson .server | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n }\n\n location /.well-known/matrix/client {\n return 200 {{ toJson .client | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n add_header \"Access-Control-Allow-Origin\" *;\n }\n\n location / {\n # return 200 'Welcome to the your.server.name conduit server!';\n # types { } default_type \"text/plain; charset=utf-8\";\n return 404;\n }\n\n location /nginx_health {\n return 200 'OK';\n types { } default_type \"text/plain; charset=utf-8\";\n }\n}"` +| nginx config + | wellknown.nodeSelector | object | `{}` @@ -382,15 +387,20 @@ helm uninstall conduit-release | `{}` | +| wellknown.rewriteRoot +| bool +| `false` +| if ingress is enabled: specifies whether ingress should redirect the `/`-Location to the wellknown server + | wellknown.securityContext | object | `{}` | -| wellknown.server."m.server" -| string -| `"your.server.name:443"` -| +| wellknown.server +| object +| `{"m.server":"your.server.name:443"}` +| server entry in well-known | wellknown.service.annotations | object diff --git a/conduit/ci/empty-values.yaml b/conduit/ci/empty-values.yaml new file mode 100644 index 0000000..e69de29 diff --git a/conduit/ci/well-known-values.yaml b/conduit/ci/well-known-values.yaml new file mode 100644 index 0000000..0982dd2 --- /dev/null +++ b/conduit/ci/well-known-values.yaml @@ -0,0 +1,22 @@ +conduit: + server_name: test.wrenix.eu + wellKnown: + server: "overwritten-test:443" + client: "https://overwritten-test" + +wellknown: + enabled: true + +ingress: + enabled: true + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + hosts: + - host: test.wrenix.eu + paths: + - path: / + pathType: Prefix + tls: + - secretName: test + hosts: + - test.wrenix.eu diff --git a/conduit/templates/deployment.yaml b/conduit/templates/deployment.yaml index 2145ec5..8c10770 100644 --- a/conduit/templates/deployment.yaml +++ b/conduit/templates/deployment.yaml @@ -97,10 +97,14 @@ spec: - name: "CONDUIT_REGISTRATION_TOKEN" value: {{ . | quote }} {{- end }} - {{- with .Values.conduit.wellKnownClient }} + {{- with .Values.conduit.wellKnown.client }} - name: "CONDUIT_WELL_KNOWN_CLIENT" value: {{ . | quote }} {{- end }} + {{- with .Values.conduit.wellKnown.server }} + - name: "CONDUIT_WELL_KNOWN_SERVER" + value: {{ . | quote }} + {{- end }} volumeMounts: - name: "data" mountPath: "/var/lib/matrix-conduit" diff --git a/conduit/templates/ingress.yaml b/conduit/templates/ingress.yaml index 1962e8b..851dbf3 100644 --- a/conduit/templates/ingress.yaml +++ b/conduit/templates/ingress.yaml @@ -76,5 +76,14 @@ spec: name: {{ include "conduit.fullname" . }}-wellknown port: name: http + {{- if .Values.wellknown.rewriteRoot }} + - path: / + pathType: Exact + backend: + service: + name: {{ include "conduit.fullname" . }}-wellknown + port: + name: http + {{- end }} {{- end }} {{- end }} diff --git a/conduit/templates/wellknown/configmap.yaml b/conduit/templates/wellknown/configmap.yaml index 868c59c..d902f1e 100644 --- a/conduit/templates/wellknown/configmap.yaml +++ b/conduit/templates/wellknown/configmap.yaml @@ -2,10 +2,11 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "conduit.fullname" . }}-wellknown + name: {{ include "conduit.fullname" . }}-nginx-wellknown labels: {{- include "conduit.labels" . | nindent 4 }} data: - server: {{ toJson .Values.wellknown.server | quote }} - client: {{ toJson .Values.wellknown.client | quote }} -{{- end }} \ No newline at end of file + {{- with .Values.wellknown}} + default.conf: {{ tpl .nginxServerConf . | toYaml | nindent 4 }} + {{- end }} +{{- end }} diff --git a/conduit/templates/wellknown/deployment.yaml b/conduit/templates/wellknown/deployment.yaml index 421a093..9ccd0c7 100644 --- a/conduit/templates/wellknown/deployment.yaml +++ b/conduit/templates/wellknown/deployment.yaml @@ -47,17 +47,19 @@ spec: protocol: TCP livenessProbe: httpGet: - path: / + path: /nginx_health port: http readinessProbe: httpGet: - path: / + path: /nginx_health port: http resources: {{- toYaml .Values.wellknown.resources | nindent 12 }} volumeMounts: - - name: "data" - mountPath: "/usr/share/nginx/html/.well-known/matrix/" + - name: "wellknown-nginx-conf" + mountPath: "/etc/nginx/conf.d/default.conf" + subPath: default.conf + readOnly: true {{- with .Values.wellknown.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -71,7 +73,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} volumes: - - name: "data" + - name: "wellknown-nginx-conf" configMap: - name: {{ include "conduit.fullname" . }}-wellknown + name: {{ include "conduit.fullname" . }}-nginx-wellknown {{- end }} diff --git a/conduit/values.yaml b/conduit/values.yaml index d9cfd97..2a39fbc 100644 --- a/conduit/values.yaml +++ b/conduit/values.yaml @@ -40,10 +40,14 @@ conduit: # log: "warn,rocket=off,_=off,sled=off" log: registrationToken: - wellKnownClient: "your.server.name" + wellKnown: + # -- client well-known configuration in conduit + client: "" + # -- server well-known configuration in conduit + server: "https://your.server.name" wellknown: - enabled: true + enabled: false image: registry: docker.io repository: library/nginx @@ -67,15 +71,48 @@ wellknown: port: 8080 annotations: {} - # TO EDIT: + # -- if ingress is enabled: specifies whether ingress should redirect the `/`-Location to the wellknown server + rewriteRoot: false + + # -- server entry in well-known server: "m.server": "your.server.name:443" + # -- client entry in well-known client: "m.homeserver": "base_url": "https://your.server.name/" "org.matrix.msc3575.proxy": "url": "https://your.server.name/" + # -- nginx config + nginxServerConf: |- + server { + listen {{ .containerPort }}; + server_name localhost; + + location /.well-known/matrix/server { + return 200 {{ toJson .server | quote }}; + types { } default_type "application/json; charset=utf-8"; + } + + location /.well-known/matrix/client { + return 200 {{ toJson .client | quote }}; + types { } default_type "application/json; charset=utf-8"; + add_header "Access-Control-Allow-Origin" *; + } + + location / { + # return 200 'Welcome to the your.server.name conduit server!'; + # types { } default_type "text/plain; charset=utf-8"; + return 404; + } + + location /nginx_health { + return 200 'OK'; + types { } default_type "text/plain; charset=utf-8"; + } + } + podLabels: {} podAnnotations: {} -- 2.45.3 From a4e242c9d520f2c9d6e5a45e23489234bfe6b82d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 16 Oct 2024 18:33:56 +0200 Subject: [PATCH 133/256] fix(mautrix-signal): update appVersion --- mautrix-signal/Chart.yaml | 4 ++-- mautrix-signal/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml index a809c5d..c24f8bf 100644 --- a/mautrix-signal/Chart.yaml +++ b/mautrix-signal/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: mautrix-signal description: A Matrix-Signal puppeting bridge. type: application -version: 0.0.12 +version: 0.0.13 # renovate: image=dock.mau.dev/mautrix/signal -appVersion: "0.7.1" +appVersion: "0.7.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-signal/README.adoc b/mautrix-signal/README.adoc index fd86794..34729a8 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-signal/README.adoc @@ -2,9 +2,9 @@ = mautrix-signal -image::https://img.shields.io/badge/Version-0.0.12-informational?style=flat-square[Version: 0.0.12] +image::https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square[Version: 0.0.13] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.7.1-informational?style=flat-square[AppVersion: 0.7.1] +image::https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-square[AppVersion: 0.7.2] == Maintainers .Maintainers -- 2.45.3 From a79136028cc60fe114a017ab9aa03cec2e149911 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 16 Oct 2024 18:34:36 +0200 Subject: [PATCH 134/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 4 ++-- stalwart-mail/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index a171122..d1675a3 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.16 +version: 0.0.17 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.10.4" +appVersion: "0.10.5" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index 9be3f67..daaa07a 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square[Version: 0.0.16] +image::https://img.shields.io/badge/Version-0.0.17-informational?style=flat-square[Version: 0.0.17] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.10.4-informational?style=flat-square[AppVersion: 0.10.4] +image::https://img.shields.io/badge/AppVersion-0.10.5-informational?style=flat-square[AppVersion: 0.10.5] == Maintainers .Maintainers -- 2.45.3 From c19794de4afe47e4f4e637fc0fb2c307f67d124b Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 16 Oct 2024 18:35:32 +0200 Subject: [PATCH 135/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 663158c..7b9a44d 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.6 +version: 0.3.7 # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.116.0 +appVersion: 1.117.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index a483ba0..78fdb47 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,9 +2,9 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square[Version: 0.3.6] +image::https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square[Version: 0.3.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.116.0-informational?style=flat-square[AppVersion: 1.116.0] +image::https://img.shields.io/badge/AppVersion-1.117.0-informational?style=flat-square[AppVersion: 1.117.0] == Maintainers .Maintainers -- 2.45.3 From e22b40e8e4dc7018df55c5cd5cebd7461fdf2f36 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 16 Oct 2024 18:36:07 +0200 Subject: [PATCH 136/256] fix(gotosocial): update appVersion --- gotosocial/Chart.yaml | 4 ++-- gotosocial/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index 549bde6..0d8ed5f 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,9 +3,9 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.2.2 +version: 0.2.3 # renovate: image=docker.io/superseriousbusiness/gotosocial -appVersion: "0.16.0" +appVersion: "0.17.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index fd3837d..e7d9f26 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,9 +2,9 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] +image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.16.0-informational?style=flat-square[AppVersion: 0.16.0] +image::https://img.shields.io/badge/AppVersion-0.17.0-informational?style=flat-square[AppVersion: 0.17.0] == Maintainers .Maintainers -- 2.45.3 From 48c65fe19f6fd60ad2ce84f9044f6af8900e2ed5 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 16 Oct 2024 19:10:01 +0200 Subject: [PATCH 137/256] fix(home-assistant): add podmonitor (with given bearerTokenSecret) --- home-assistant/Chart.yaml | 2 +- home-assistant/README.adoc | 17 ++++++++++++++++- home-assistant/templates/deployment.yaml | 4 ++-- home-assistant/templates/podmonitor.yaml | 21 +++++++++++++++++++++ home-assistant/templates/service.yaml | 2 +- home-assistant/values.yaml | 6 ++++++ 6 files changed, 47 insertions(+), 5 deletions(-) create mode 100644 home-assistant/templates/podmonitor.yaml diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 67bf9d8..3d76f34 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.1.31 +version: 0.2.0 # renovate: image=ghcr.io/home-assistant/home-assistant appVersion: "2024.10.2" maintainers: diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 5d9348a..f549738 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,7 +2,7 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.1.31-informational?style=flat-square[Version: 0.1.31] +image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2024.10.2-informational?style=flat-square[AppVersion: 2024.10.2] == Maintainers @@ -282,6 +282,21 @@ helm uninstall home-assistant-release | `{}` | +| prometheus.podmonitor.bearerTokenSecret +| object +| `{}` +| + +| prometheus.podmonitor.enabled +| bool +| `false` +| + +| prometheus.podmonitor.labels +| object +| `{}` +| + | readinessProbe.httpGet.path | string | `"/"` diff --git a/home-assistant/templates/deployment.yaml b/home-assistant/templates/deployment.yaml index d7a8c3d..7424548 100644 --- a/home-assistant/templates/deployment.yaml +++ b/home-assistant/templates/deployment.yaml @@ -11,7 +11,7 @@ spec: selector: matchLabels: {{- include "home-assistant.selectorLabels" . | nindent 6 }} - type: main + app.kubernetes.io/component: home-assistant template: metadata: {{- with .Values.podAnnotations }} @@ -20,7 +20,7 @@ spec: {{- end }} labels: {{- include "home-assistant.labels" . | nindent 8 }} - type: main + app.kubernetes.io/component: home-assistant {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/home-assistant/templates/podmonitor.yaml b/home-assistant/templates/podmonitor.yaml new file mode 100644 index 0000000..1ef9aa6 --- /dev/null +++ b/home-assistant/templates/podmonitor.yaml @@ -0,0 +1,21 @@ +{{- if .Values.prometheus.podmonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: {{ include "home-assistant.fullname" . }} + labels: + {{- include "home-assistant.labels" . | nindent 4 }} + {{- with .Values.prometheus.podmonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "home-assistant.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: home-assistant + podMetricsEndpoints: + - port: http + path: "/api/prometheus" + bearerTokenSecret: + {{- toYaml .Values.prometheus.podmonitor.bearerTokenSecret | nindent 8 }} +{{- end }} diff --git a/home-assistant/templates/service.yaml b/home-assistant/templates/service.yaml index 116e90a..c7e68dd 100644 --- a/home-assistant/templates/service.yaml +++ b/home-assistant/templates/service.yaml @@ -8,7 +8,7 @@ spec: type: {{ .Values.service.type }} selector: {{- include "home-assistant.selectorLabels" . | nindent 4 }} - type: main + app.kubernetes.io/component: home-assistant ports: - port: {{ .Values.service.port }} targetPort: http diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index 50cd339..dcd5839 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -61,6 +61,12 @@ zigbee2mqtt: serial: port: /dev/ttyACM0 +prometheus: + podmonitor: + enabled: false + labels: {} + bearerTokenSecret: {} + persistence: enabled: false annotations: {} -- 2.45.3 From 34635afd4b5aaeedce42b784a9b6e46f44439d7e Mon Sep 17 00:00:00 2001 From: Calle Englund Date: Sat, 12 Oct 2024 00:52:43 +0200 Subject: [PATCH 138/256] feat(forgejo-runner): add hpa behavior support Allows customizing HPA behaviors when autoscaling is enabled. --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 7 ++++++- forgejo-runner/templates/hpa.yaml | 4 ++++ forgejo-runner/values.yaml | 15 +++++++++++++++ 4 files changed, 26 insertions(+), 2 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 4b33137..17dc7be 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.2.14 +version: 0.3.0 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index cda3c52..9d1ef98 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.2.14-informational?style=flat-square[Version: 0.2.14] +image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers @@ -208,6 +208,11 @@ helm uninstall forgejo-runner-release | `{}` | +| autoscaling.behavior +| object +| `{}` +| behavior of HPA Example: scaleDown: stabilizationWindowSeconds: 300 policies: - type: Pods value: 1 periodSeconds: 60 scaleUp: stabilizationWindowSeconds: 0 policies: - type: Pods value: 1 periodSeconds: 60 + | autoscaling.enabled | bool | `false` diff --git a/forgejo-runner/templates/hpa.yaml b/forgejo-runner/templates/hpa.yaml index c221811..6779bfb 100644 --- a/forgejo-runner/templates/hpa.yaml +++ b/forgejo-runner/templates/hpa.yaml @@ -12,6 +12,10 @@ spec: name: {{ include "forgejo-runner.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} + {{- with .Values.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} metrics: {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} - type: Resource diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 2abfc83..b541353 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -191,6 +191,21 @@ autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 + # -- behavior of HPA + # Example: + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 60 + # scaleUp: + # stabilizationWindowSeconds: 0 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 60 + behavior: {} targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80 -- 2.45.3 From 24cbc8c2db4e3faa8ed8569eebe737d113f418f1 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 22 Oct 2024 10:37:24 +0200 Subject: [PATCH 139/256] fix(home-assistant): update home-assistent and nats/mqtt --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 6 +++--- home-assistant/values.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 3d76f34..01dd5c0 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.2.0 +version: 0.2.1 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.10.2" +appVersion: "2024.10.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index f549738..b536747 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.10.2-informational?style=flat-square[AppVersion: 2024.10.2] +image::https://img.shields.io/badge/AppVersion-2024.10.3-informational?style=flat-square[AppVersion: 2024.10.3] == Maintainers .Maintainers @@ -184,7 +184,7 @@ helm uninstall home-assistant-release | nats.image.tag | string -| `"2.10.21-scratch"` +| `"2.10.22-scratch"` | | nats.livenessProbe.tcpSocket.port diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index dcd5839..61da8e0 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -24,7 +24,7 @@ nats: registry: docker.io repository: library/nats pullPolicy: IfNotPresent - tag: "2.10.21-scratch" + tag: "2.10.22-scratch" service: port: nats: 4222 -- 2.45.3 From 83d2cdd1fd84a648efe2ab8319a7ed03aa3cde76 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 22 Oct 2024 10:37:56 +0200 Subject: [PATCH 140/256] fix(hydrogen-web): update appVersion --- hydrogen-web/Chart.yaml | 4 ++-- hydrogen-web/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/hydrogen-web/Chart.yaml b/hydrogen-web/Chart.yaml index 94ba1f4..33de903 100644 --- a/hydrogen-web/Chart.yaml +++ b/hydrogen-web/Chart.yaml @@ -3,9 +3,9 @@ name: hydrogen-web description: A Helm Chart to install hydrogen-web (a nextgen Matrix Webclient) icon: https://raw.githubusercontent.com/element-hq/hydrogen-web/master/src/platform/web/assets/icon.svg type: application -version: 0.1.7 +version: 0.1.8 # renovate: image=ghcr.io/element-hq/hydrogen-web -appVersion: "0.5.0" +appVersion: "0.5.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/hydrogen-web/README.adoc b/hydrogen-web/README.adoc index 2ad1976..fc1a2e4 100644 --- a/hydrogen-web/README.adoc +++ b/hydrogen-web/README.adoc @@ -2,9 +2,9 @@ = hydrogen-web -image::https://img.shields.io/badge/Version-0.1.7-informational?style=flat-square[Version: 0.1.7] +image::https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square[Version: 0.1.8] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square[AppVersion: 0.5.0] +image::https://img.shields.io/badge/AppVersion-0.5.1-informational?style=flat-square[AppVersion: 0.5.1] == Maintainers .Maintainers -- 2.45.3 From ec4f5a9235e171166dbdc3e59fda91789bba8226 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 22 Oct 2024 10:38:14 +0200 Subject: [PATCH 141/256] fix(gotosocial): update appVersion --- gotosocial/Chart.yaml | 4 ++-- gotosocial/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index 0d8ed5f..0010d48 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,9 +3,9 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.2.3 +version: 0.2.4 # renovate: image=docker.io/superseriousbusiness/gotosocial -appVersion: "0.17.0" +appVersion: "0.17.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index e7d9f26..e19341b 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,9 +2,9 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] +image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.17.0-informational?style=flat-square[AppVersion: 0.17.0] +image::https://img.shields.io/badge/AppVersion-0.17.1-informational?style=flat-square[AppVersion: 0.17.1] == Maintainers .Maintainers -- 2.45.3 From 65ea3b95eb222ea41b8051da83ce3b5f90c44d4f Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 30 Oct 2024 19:59:24 +0100 Subject: [PATCH 142/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 17dc7be..5b97763 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.3.0 +version: 0.3.1 # renovate: image=code.forgejo.org/forgejo/runner appVersion: "3.5.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 9d1ef98..cf13474 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square[Version: 0.3.0] +image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] == Maintainers @@ -305,7 +305,7 @@ helm uninstall forgejo-runner-release | kubectl.image.tag | string -| `"1.31.1"` +| `"1.31.2"` | | nameOverride diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index b541353..bb065f2 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -147,7 +147,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.1 + tag: 1.31.2 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From d9c98abb3cd7bcdc2c0e0b32d9295001e1be01cb Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 30 Oct 2024 19:59:37 +0100 Subject: [PATCH 143/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 01dd5c0..ed5d0c2 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.2.1 +version: 0.2.2 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.10.3" +appVersion: "2024.10.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index b536747..1827a9f 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] +image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.10.3-informational?style=flat-square[AppVersion: 2024.10.3] +image::https://img.shields.io/badge/AppVersion-2024.10.4-informational?style=flat-square[AppVersion: 2024.10.4] == Maintainers .Maintainers -- 2.45.3 From 31c8844c6ab1e004d05dfa5e2940bdaa774fba85 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 30 Oct 2024 19:59:40 +0100 Subject: [PATCH 144/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index 09bcbc6..eea4f91 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.3.2 +version: 0.3.3 # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.9.11" +appVersion: "10.10.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index bb6114c..c6cf52d 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] +image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.9.11-informational?style=flat-square[AppVersion: 10.9.11] +image::https://img.shields.io/badge/AppVersion-10.10.0-informational?style=flat-square[AppVersion: 10.10.0] == Maintainers .Maintainers -- 2.45.3 From 6423fe0d6c8a60f1912fa79672e8aacb8304044e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 30 Oct 2024 19:59:42 +0100 Subject: [PATCH 145/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 7b9a44d..3ae081e 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.7 +version: 0.3.8 # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.117.0 +appVersion: 1.118.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 78fdb47..9851e70 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,9 +2,9 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square[Version: 0.3.7] +image::https://img.shields.io/badge/Version-0.3.8-informational?style=flat-square[Version: 0.3.8] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.117.0-informational?style=flat-square[AppVersion: 1.117.0] +image::https://img.shields.io/badge/AppVersion-1.118.0-informational?style=flat-square[AppVersion: 1.118.0] == Maintainers .Maintainers -- 2.45.3 From ebf8a3eba28f6c0413426420226b1a3f5482bc62 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 30 Oct 2024 19:59:44 +0100 Subject: [PATCH 146/256] fix(ntfy): update appVersion --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 4 ++-- ntfy/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index a23aa7f..b8721e9 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.4.3 +version: 0.4.4 # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 12ade52..987cb13 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square[Version: 0.4.3] +image::https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square[Version: 0.4.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -159,7 +159,7 @@ helm uninstall ntfy-release | kubectl.image | object -| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.1"}` +| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.2"}` | image needed for setup (store generated VAPID / WebPush keys) | nameOverride diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 59e5c4a..9898644 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -16,7 +16,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.1 + tag: 1.31.2 imagePullSecrets: [] nameOverride: "" -- 2.45.3 From d33ebc16e3d186aaf0804e8c03fd5f4904c1dd08 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 1 Nov 2024 19:31:39 +0100 Subject: [PATCH 147/256] fix(matrix-synapse): adjust helm-hook for signing-key job --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 8 ++++---- matrix-synapse/templates/signing-key/job.yaml | 20 ++++++++++++++++--- matrix-synapse/values.yaml | 8 ++++---- 4 files changed, 26 insertions(+), 12 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 3ae081e..7769841 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.8 +version: 0.3.9 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.118.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 9851e70..8ebc57d 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.8-informational?style=flat-square[Version: 0.3.8] +image::https://img.shields.io/badge/Version-0.3.9-informational?style=flat-square[Version: 0.3.9] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.118.0-informational?style=flat-square[AppVersion: 1.118.0] == Maintainers @@ -407,10 +407,10 @@ helm uninstall matrix-synapse-release | `false` | -| signingkey.job.annotations +| signingkey.annotations | object -| `{}` -| +| `{"helm.sh/hook":"pre-install,pre-upgrade","helm.sh/hook-delete-policy":"before-hook-creation,hook-succeeded"}` +| Annotations to apply to the job and rbac for signing-key. | signingkey.job.enabled | bool diff --git a/matrix-synapse/templates/signing-key/job.yaml b/matrix-synapse/templates/signing-key/job.yaml index 6b8e7b6..c9a9979 100644 --- a/matrix-synapse/templates/signing-key/job.yaml +++ b/matrix-synapse/templates/signing-key/job.yaml @@ -14,7 +14,9 @@ metadata: {{- include "matrix-synapse.labels" . | nindent 4 }} app.kubernetes.io/component: signingkey-job annotations: - helm.sh/resource-policy: keep + "helm.sh/resource-policy": keep + "helm.sh/hook-delete-policy": "hook-failed" + "helm.sh/hook": "pre-install" type: Opaque --- apiVersion: v1 @@ -24,6 +26,10 @@ metadata: labels: {{- include "matrix-synapse.labels" . | nindent 4 }} app.kubernetes.io/component: signingkey-job + {{- with .Values.signingkey.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -32,6 +38,10 @@ metadata: labels: {{- include "matrix-synapse.labels" . | nindent 4 }} app.kubernetes.io/component: signingkey-job + {{- with .Values.signingkey.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} rules: - apiGroups: - "" @@ -51,6 +61,10 @@ metadata: labels: {{- include "matrix-synapse.labels" . | nindent 4 }} app.kubernetes.io/component: signingkey-job + {{- with .Values.signingkey.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -67,10 +81,10 @@ metadata: labels: {{- include "matrix-synapse.labels" . | nindent 4 }} app.kubernetes.io/component: signingkey-job + {{- with .Values.signingkey.annotations }} annotations: - {{- with .Values.signingkey.job.annotations }} {{- toYaml . | nindent 4 }} - {{- end }} + {{- end }} spec: ttlSecondsAfterFinished: 0 template: diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index c6356b3..151d7f9 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -36,6 +36,10 @@ publicServerName: ## The source of the signing key used by Synapse in federation. ## signingkey: + # -- Annotations to apply to the job and rbac for signing-key. + annotations: + "helm.sh/hook": "pre-install,pre-upgrade" + "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded" ## Enable a Kubernetes job to generate and store a signing key if one does not ## exist. ## If you have already run a Matrix server at some point on your domain then @@ -50,10 +54,6 @@ signingkey: job: enabled: true - ## Annotations to apply to the signing-key-job. - ## - annotations: {} - publishImage: registry: docker.io repository: bitnami/kubectl -- 2.45.3 From ecd791d0cdc66c4f3f438867ba88cc26e223dac4 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 1 Nov 2024 19:34:36 +0100 Subject: [PATCH 148/256] fix(matrix-synapse): upgrade postgresql - BREAKING CHANGES --- matrix-synapse/Chart.lock | 8 ++++---- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/matrix-synapse/Chart.lock b/matrix-synapse/Chart.lock index 12e6b05..b6363b9 100644 --- a/matrix-synapse/Chart.lock +++ b/matrix-synapse/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami - version: 15.5.22 + version: 16.0.0 - name: redis repository: https://charts.bitnami.com/bitnami - version: 20.0.2 -digest: sha256:425e5d35b097df991598f45a6df69b7c63f7ec5ffc4a5a204314398bb257e307 -generated: "2024-08-17T02:33:53.047931205Z" + version: 20.1.6 +digest: sha256:1e6f035c85e4d2b287318dc4f92bccf8ded11cb65c8a8ed84f30fe2acf407761 +generated: "2024-10-02T13:03:54.305028309Z" diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 7769841..44bf3b1 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.3.9 +version: 1.0.0 # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.118.0 maintainers: @@ -13,7 +13,7 @@ maintainers: dependencies: - name: postgresql - version: ^15.0.0 + version: ^16.0.0 repository: https://charts.bitnami.com/bitnami condition: postgresql.enabled - name: redis diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 8ebc57d..5d5e290 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-0.3.9-informational?style=flat-square[Version: 0.3.9] +image::https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square[Version: 1.0.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.118.0-informational?style=flat-square[AppVersion: 1.118.0] == Maintainers -- 2.45.3 From d350facac33bbd71a7c7d2bcb5f98f25202b185e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 1 Nov 2024 19:42:35 +0100 Subject: [PATCH 149/256] fix(grampsweb): update appVersion --- grampsweb/Chart.yaml | 4 ++-- grampsweb/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index b35a266..9c7da33 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.2.1 +version: 0.2.2 # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.8.0" +appVersion: "24.10.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index ba178ea..497fb6b 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,9 +2,9 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] +image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-24.8.0-informational?style=flat-square[AppVersion: 24.8.0] +image::https://img.shields.io/badge/AppVersion-24.10.0-informational?style=flat-square[AppVersion: 24.10.0] == Maintainers .Maintainers -- 2.45.3 From 84c91354892650461aac6498a7ac50bc13902622 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 1 Nov 2024 19:43:49 +0100 Subject: [PATCH 150/256] fix(home-assistant): update zigbee2mqtt --- home-assistant/Chart.yaml | 2 +- home-assistant/README.adoc | 4 ++-- home-assistant/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index ed5d0c2..de4ae1b 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi type: application -version: 0.2.2 +version: 0.2.3 # renovate: image=ghcr.io/home-assistant/home-assistant appVersion: "2024.10.4" maintainers: diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 1827a9f..0792440 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,7 +2,7 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] +image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2024.10.4-informational?style=flat-square[AppVersion: 2024.10.4] == Maintainers @@ -399,7 +399,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.tag | string -| `"1.40.2"` +| `"1.41.0"` | | zigbee2mqtt.ingress.hosts diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index 61da8e0..f765128 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.40.2 + tag: 1.41.0 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From 2ee0926c9387b4ae70834fdc835861d9fd2985e4 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 1 Nov 2024 19:45:12 +0100 Subject: [PATCH 151/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 5b97763..39d9e6f 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.3.1 +version: 0.3.2 # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "3.5.1" +appVersion: "4.0.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index cf13474..6800450 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,9 +2,9 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square[Version: 0.3.1] +image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-3.5.1-informational?style=flat-square[AppVersion: 3.5.1] +image::https://img.shields.io/badge/AppVersion-4.0.1-informational?style=flat-square[AppVersion: 4.0.1] == Maintainers .Maintainers -- 2.45.3 From 8e9066c8b4ceeb4e55f66fbb7bfc2143bab8425c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 1 Nov 2024 22:11:21 +0100 Subject: [PATCH 152/256] fix(alertmanager-matrix): change registry for support arm64 (own build) --- alertmanager-matrix/Chart.yaml | 2 +- alertmanager-matrix/README.adoc | 6 +++--- alertmanager-matrix/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/alertmanager-matrix/Chart.yaml b/alertmanager-matrix/Chart.yaml index 078ad62..b130833 100644 --- a/alertmanager-matrix/Chart.yaml +++ b/alertmanager-matrix/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: alertmanager-matrix description: Service for managing and receiving Alertmanager alerts on Matrix type: application -version: 0.1.9 +version: 0.1.10 # renovate: image=docker.io/silkeh/alertmanager_matrix appVersion: "0.5.0" maintainers: diff --git a/alertmanager-matrix/README.adoc b/alertmanager-matrix/README.adoc index 5e347ba..1c44122 100644 --- a/alertmanager-matrix/README.adoc +++ b/alertmanager-matrix/README.adoc @@ -2,7 +2,7 @@ = alertmanager-matrix -image::https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square[Version: 0.1.9] +image::https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square[Version: 0.1.10] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square[AppVersion: 0.5.0] == Maintainers @@ -214,12 +214,12 @@ helm uninstall alertmanager-matrix-release | image.registry | string -| `"docker.io"` +| `"registry.gitlab.com"` | | image.repository | string -| `"silkeh/alertmanager_matrix"` +| `"wrenix/alertmanager_matrix"` | | image.tag diff --git a/alertmanager-matrix/values.yaml b/alertmanager-matrix/values.yaml index e3cb5b1..e2e14ab 100644 --- a/alertmanager-matrix/values.yaml +++ b/alertmanager-matrix/values.yaml @@ -5,8 +5,8 @@ replicaCount: 1 image: - registry: docker.io - repository: silkeh/alertmanager_matrix + registry: registry.gitlab.com + repository: wrenix/alertmanager_matrix pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. # latest with current: -- 2.45.3 From dad41dade7c29847251b51ba856ccaa0377c06e1 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 6 Nov 2024 11:23:00 +0100 Subject: [PATCH 153/256] fix(gotosocial): update appVersion --- gotosocial/Chart.yaml | 4 ++-- gotosocial/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index 0010d48..2fb8f24 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,9 +3,9 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.2.4 +version: 0.2.5 # renovate: image=docker.io/superseriousbusiness/gotosocial -appVersion: "0.17.1" +appVersion: "0.17.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index e19341b..791d66a 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,9 +2,9 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] +image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.17.1-informational?style=flat-square[AppVersion: 0.17.1] +image::https://img.shields.io/badge/AppVersion-0.17.2-informational?style=flat-square[AppVersion: 0.17.2] == Maintainers .Maintainers -- 2.45.3 From 702e8cd796fea52a588350924ef89f677d49d859 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 6 Nov 2024 11:23:03 +0100 Subject: [PATCH 154/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index eea4f91..f74de2f 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.3.3 +version: 0.3.4 # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.10.0" +appVersion: "10.10.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index c6cf52d..99aed48 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] +image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.10.0-informational?style=flat-square[AppVersion: 10.10.0] +image::https://img.shields.io/badge/AppVersion-10.10.1-informational?style=flat-square[AppVersion: 10.10.1] == Maintainers .Maintainers -- 2.45.3 From 6eb0c854cf5dc8b65e3b7fae43a6be59ea6da4df Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 6 Nov 2024 22:38:14 +0100 Subject: [PATCH 155/256] fix(gotosocial): update appVersion --- README.md | 28 ++++++++ README.md.gotmpl | 61 ++++++++++++++++ gotosocial/Chart.yaml | 4 +- gotosocial/README.adoc | 4 +- gotosocial/README.md | 157 +++++++++++++++++++++++++++++++++++++++++ publish.sh | 7 +- 6 files changed, 254 insertions(+), 7 deletions(-) create mode 100644 README.md create mode 100644 README.md.gotmpl create mode 100644 gotosocial/README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..44274ac --- /dev/null +++ b/README.md @@ -0,0 +1,28 @@ ++++ +title = "Helm Chart" +template = "docs/section.html" +sort_by = "weight" +weight = 5 ++++ + +# Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/ +``` + +You can install a chart release using the following command: + +```bash +helm install oci://codeberg.org/wrenix/helm-charts/ --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall +``` diff --git a/README.md.gotmpl b/README.md.gotmpl new file mode 100644 index 0000000..dd93d2c --- /dev/null +++ b/README.md.gotmpl @@ -0,0 +1,61 @@ ++++ +title = {{ .Name | quote }} +{{ if .Description }} +description = {{.Description | quote }} +{{ end }} + +weight = 30 +sort_by = "weight" +template = "docs/page.html" + +[extra] +toc = true ++++ + +{{- define "chart.prerequirements" }} +{{- end }} + +{{ template "chart.header" . }} +{{ template "chart.deprecationWarning" . }} + +{{ template "chart.badgesSection" . }} + +{{ template "chart.description" . }} + +{{ template "chart.homepageLine" . }} + +{{ template "chart.maintainersSection" . }} + +{{ template "chart.sourcesSection" . }} + + + +{{ template "chart.prerequirements" . }} + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/{{ .Name }} +``` + +You can install a chart release using the following command: + +```bash +helm install {{ .Name }}-release oci://codeberg.org/wrenix/helm-charts/{{ .Name }} --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall {{ .Name }}-release +``` + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index 2fb8f24..9720d3b 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,9 +3,9 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.2.5 +version: 0.2.6 # renovate: image=docker.io/superseriousbusiness/gotosocial -appVersion: "0.17.2" +appVersion: "0.17.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index 791d66a..6eeb531 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,9 +2,9 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] +image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.17.2-informational?style=flat-square[AppVersion: 0.17.2] +image::https://img.shields.io/badge/AppVersion-0.17.3-informational?style=flat-square[AppVersion: 0.17.3] == Maintainers .Maintainers diff --git a/gotosocial/README.md b/gotosocial/README.md new file mode 100644 index 0000000..ffa48be --- /dev/null +++ b/gotosocial/README.md @@ -0,0 +1,157 @@ ++++ +title = "gotosocial" + +description = "With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to!" + +weight = 30 +sort_by = "weight" +template = "docs/page.html" + +[extra] +toc = true ++++ + +# gotosocial + +![Version: 0.2.6](https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.17.3](https://img.shields.io/badge/AppVersion-0.17.3-informational?style=flat-square) + +With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/gotosocial +``` + +You can install a chart release using the following command: + +```bash +helm install gotosocial-release oci://codeberg.org/wrenix/helm-charts/gotosocial --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall gotosocial-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| gotosocial.accountDomain | string | `""` | | +| gotosocial.accounts.allowCustomCSS | bool | `false` | Allow accounts on this instance to set custom CSS for their profile pages and statuses. Enabling this setting will allow accounts to upload custom CSS via the /user settings page, which will then be rendered on the web view of the account's profile and statuses. For instances with public sign ups, it is **HIGHLY RECOMMENDED** to leave this setting on 'false', since setting it to true allows malicious accounts to make their profile pages misleading, unusable or even dangerous to visitors. In other words, you should only enable this setting if you trust the users on your instance not to produce harmful CSS. Regardless of what this value is set to, any uploaded CSS will not be federated to other instances, it will only be shown on profiles and statuses on *this* instance. | +| gotosocial.accounts.approvalRequired | bool | `true` | Do sign up requests require approval from an admin/moderator before an account can sign in/use the server? | +| gotosocial.accounts.customCSSLength | int | `10000` | If accounts-allow-custom-css is true, this is the permitted length in characters for CSS uploaded by accounts on this instance. No effect if accounts-allow-custom-css is false. | +| gotosocial.accounts.reasonRequired | bool | `true` | Are sign up requests required to submit a reason for the request (eg., an explanation of why they want to join the instance)? | +| gotosocial.accounts.registrationOpen | bool | `true` | Do we want people to be able to just submit sign up requests, or do we want invite only? | +| gotosocial.applicationName | string | `"gotosocial"` | | +| gotosocial.database.address | string | `""` | Database address or parameters. For Postgres, this should be the address or socket at which the database can be reached. | +| gotosocial.database.database | string | `"gotosocial"` | Name of the database to use within the provided database type. | +| gotosocial.database.password | string | `""` | Password to use for the database connection | +| gotosocial.database.port | int | `5432` | Port for database connection. | +| gotosocial.database.tlsCACert | string | `""` | Path to a CA certificate on the host machine for db certificate validation. If this is left empty, just the host certificates will be used. If filled in, the certificate will be loaded and added to host certificates. | +| gotosocial.database.tlsMode | string | `"disabled"` | Disable, enable, or require SSL/TLS connection to the database. If "disable" then no TLS connection will be attempted. If "enable" then TLS will be tried, but the database certificate won't be checked (for self-signed certs). If "require" then TLS will be required to make a connection, and a valid certificate must be presented. | +| gotosocial.database.type | string | `"sqlite"` | Database type. Options: ["postgres","sqlite"] | +| gotosocial.database.username | string | `""` | Username for the database connection. | +| gotosocial.host | string | `"localhost"` | | +| gotosocial.instance.deliverToSharedInboxes | bool | `true` | This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually. Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances). See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery | +| gotosocial.instance.expose.peers | bool | `false` | Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=open in order to see a list of instances that this instance 'peers' with. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint. | +| gotosocial.instance.expose.publicTimeline | bool | `false` | This flag tweaks whether GoToSocial will deliver ActivityPub messages to the shared inbox of a recipient, if one is available, instead of delivering each message to each actor who should receive a message individually. Shared inbox delivery can significantly reduce network load when delivering to multiple recipients share an inbox (eg., on large Mastodon instances). See: https://www.w3.org/TR/activitypub/#shared-inbox-delivery | +| gotosocial.instance.expose.suspended | bool | `false` | Allow unauthenticated users to make queries to /api/v1/instance/peers?filter=suspended in order to see a list of instances that this instance blocks/suspends. Even if set to 'false', then authenticated users (members of the instance) will still be able to query the endpoint. WARNING: Setting this variable to 'true' may result in your instance being scraped by blocklist scrapers. See: https://docs.gotosocial.org/en/latest/admin/domain_blocks/#block-announce-bots | +| gotosocial.instance.expose.suspendedWeb | bool | `false` | Allow unauthenticated users to view /about/suspended, showing the HTML rendered list of instances that this instance blocks/suspends. | +| gotosocial.instance.federation.mode | string | `"blocklist"` | Federation mode to use for this instance. "blocklist" -- open federation by default. Only instances that are explicitly blocked will be denied (unless they are also explicitly allowed). "allowlist" -- closed federation by default. Only instances that are explicitly allowed will be able to interact with this instance. For more details on blocklist and allowlist modes, check the documentation at: https://docs.gotosocial.org/en/latest/admin/federation_modes Options: ["blocklist", "allowlist"] | +| gotosocial.instance.federation.spamFilter | bool | `false` | Enable spam filtering heuristics for messages entering your instance via the federation API. Regardless of what you set here, basic checks for message relevancy will still be performed, but you can try enabling this setting if you are being spammed with unwanted messages from other instances, and want to more strictly filter out spam messages. THIS IS CURRENTLY AN EXPERIMENTAL SETTING, AND MAY FILTER OUT LEGITIMATE MESSAGES, OR FAIL TO FILTER OUT SPAMMY MESSAGES. It is recommended to only enable this setting when the fediverse is in the midst of a spam wave, and you need to batten down the hatches to keep your instance usable. The decision of whether a message counts as spam or not is made based on the following heuristics, in order, where receiver = the account on your instance that received a message in their inbox, and requester = the account on a remote instance that sent the message. First, basic relevancy checks 1. Receiver follows requester. Return OK. 2. Statusable doesn't mention receiver. Return NotRelevant. If instance-federation-spam-filter = false, then return OK now. Otherwise check: 3. Receiver is locked and is followed by requester. Return OK. 4. Five or more people are mentioned. Return Spam. 5. Receiver follow (requests) a mentioned account. Return OK. 6. Statusable has a media attachment. Return Spam. 7. Statusable contains non-mention, non-hashtag links. Return Spam. Messages identified as spam will be dropped from your instance, and not inserted into the database, or into home timelines or notifications. | +| gotosocial.instance.injectMastodonVersion | bool | `false` | This flag will inject a Mastodon version into the version field that is included in /api/v1/instance. This version is often used by Mastodon clients to do API feature detection. By injecting a Mastodon compatible version, it is possible to cajole those clients to behave correctly with GoToSocial. | +| gotosocial.instance.languages | list | `[]` | BCP47 language tags to indicate preferred languages of users on this instance. If you provide these, you should provide these in order from most-preferred to least-preferred, but note that leaving out a language from this array doesn't mean it can't be used on this instance, it only means it won't be advertised as a preferred instance language. It is valid to provide no entries here; your instance will then have no particular preferred language. See here for commonly-used tags: https://en.wikipedia.org/wiki/IETF_language_tag#List_of_common_primary_language_subtags See here for all current tags: https://www.iana.org/assignments/language-subtag-registry/language-subtag-registry Example: ["nl", "en-gb", "fr"] | +| gotosocial.landingPageUser | string | `""` | | +| gotosocial.metrics.auth.enabled | bool | `false` | | +| gotosocial.metrics.auth.password | string | `""` | | +| gotosocial.metrics.auth.username | string | `""` | | +| gotosocial.metrics.enabled | bool | `true` | | +| gotosocial.oidc.adminGroups | list | `["admins"]` | If the returned ID token contains a 'groups' claim that matches one of the groups in oidc-admin-groups, then this user will be granted admin rights on the GtS instance | +| gotosocial.oidc.clientID | string | `""` | The ID for this client as registered with the OIDC provider. | +| gotosocial.oidc.clientSecret | string | `""` | The secret for this client as registered with the OIDC provider. | +| gotosocial.oidc.enabled | bool | `false` | Enable authentication with external OIDC provider. If set to true, then the other OIDC options must be set as well. If this is set to false, then the standard internal oauth flow will be used, where users sign in to GtS with username/password. | +| gotosocial.oidc.idpName | string | `""` | Name of the oidc idp (identity provider). This will be shown to users when they log in. | +| gotosocial.oidc.issuer | string | `""` | The OIDC issuer URI. This is where GtS will redirect users to for login. Typically this will look like a standard web URL. | +| gotosocial.oidc.linkExisting | bool | `false` | Link OIDC authenticated users to existing ones based on their email address. This is mostly intended for migration purposes if you were running previous versions of GTS which only correlated users with their email address. Should be set to false for most usecases. | +| gotosocial.oidc.scopes | list | `["openid","email","profile","groups"]` | Scopes to request from the OIDC provider. The returned values will be used to populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required. 'profile' is used to extract a username for the newly created user. 'groups' is optional and can be used to determine if a user is an admin based on oidc-admin-groups. | +| gotosocial.oidc.skipVerification | bool | `false` | Skip the normal verification flow of tokens returned from the OIDC provider, ie., don't check the expiry or signature. This should only be used in debugging or testing, never ever in a production environment as it's extremely unsafe! | +| gotosocial.smtp.discloseRecipients | bool | `false` | If true, when an email is sent that has multiple recipients, each recipient will be included in the To field, so that each recipient can see who else got the email, and they can 'reply all' to the other recipients if they want to. If false, email will be sent to Undisclosed Recipients, and each recipient will not be able to see who else received the email. It might be useful to change this setting to 'true' if you want to be able to discuss new moderation reports with other admins by 'replying-all' to the notification email. | +| gotosocial.smtp.from | string | `""` | 'From' address for sent emails. | +| gotosocial.smtp.host | string | `""` | The hostname of the smtp server you want to use. If this is not set, smtp will not be used to send emails, and you can ignore the other settings. | +| gotosocial.smtp.password | string | `""` | Password to use when authenticating with the smtp server. This should have been provided to you by your smtp host. | +| gotosocial.smtp.port | int | `0` | Port to use to connect to the smtp server. | +| gotosocial.smtp.username | string | `""` | Username to use when authenticating with the smtp server. This should have been provided to you by your smtp host. This is often, but not always, an email address. | +| gotosocial.storage.backend | string | `"local"` | Type of storage backend to use. Examples: ["local", "s3"] Default: "local" (storage on local disk) | +| gotosocial.storage.s3.accessKey | string | `""` | Access key part of the S3 credentials. Consider setting this value using environment variables to avoid leaking it via the config file Only required when running with the s3 storage backend. | +| gotosocial.storage.s3.bucket | string | `""` | Name of the storage bucket. If you have already encoded your bucket name in the storage-s3-endpoint, this value will be used as a directory containing your data. The bucket must exist prior to starting GoToSocial Only required when running with the s3 storage backend. | +| gotosocial.storage.s3.endpoint | string | `""` | API endpoint of the S3 compatible service. Only required when running with the s3 storage backend. GoToSocial uses "DNS-style" when accessing buckets. If you are using Scaleways object storage, please remove the "bucket name" from the endpoint address | +| gotosocial.storage.s3.proxy | bool | `false` | If data stored in S3 should be proxied through GoToSocial instead of redirecting to a presigned URL. | +| gotosocial.storage.s3.secretKey | string | `""` | Secret key part of the S3 credentials. Consider setting this value using environment variables to avoid leaking it via the config file Only required when running with the s3 storage backend. | +| gotosocial.storage.s3.useSSL | bool | `true` | Use SSL for S3 connections. Only set this to 'false' when testing locally. | +| gotosocial.tracing.enabled | bool | `false` | Enable OpenTelemetry based tracing support. | +| gotosocial.tracing.endpoint | string | `""` | Endpoint of the trace ingester. When using the gRPC or HTTP based transports, provide the endpoint as a single address/port combination without a protocol scheme. | +| gotosocial.tracing.insecureTransport | bool | `false` | Disable TLS for the gRPC and HTTP transport protocols. | +| gotosocial.tracing.transport | string | `"grpc"` | Set the transport protocol for the tracing system. Can either be "grpc" for OTLP gRPC, or "http" for OTLP HTTP. | +| gotosocial.tz | string | `"UTC"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"docker.io"` | | +| image.repository | string | `"superseriousbusiness/gotosocial"` | | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | accessMode | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"10Gi"` | size | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `8080` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.automount | bool | `true` | Automatically mount a ServiceAccount's API credentials? | +| serviceAccount.create | bool | `false` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + diff --git a/publish.sh b/publish.sh index b42943b..b676584 100755 --- a/publish.sh +++ b/publish.sh @@ -5,9 +5,6 @@ COMMIT_SCOPE=${2:-fix} COMMIT_MESSAGE=${1:-"update appVersion"} -helm-docs -t ./README.adoc.gotmpl -t _docs.gotmpl -o README.adoc - -./docs/modules/charts/generate.sh ct lint # || exit 1 @@ -50,6 +47,10 @@ for p in * ; do continue; fi fi + + helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}" + helm-docs -t ./README.adoc.gotmpl -t _docs.gotmpl -o README.adoc -g "${p}" + helm package "${p}" helm push "${p}-${v}.tgz" "${HELM_REPO}"; -- 2.45.3 From d8c1b296f5284d88768da35143694e0b0c33aae8 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 6 Nov 2024 22:50:54 +0100 Subject: [PATCH 156/256] fix(home-assistant): update appVersion --- README.md | 15 ++-- README.md.gotmpl | 15 +--- home-assistant/Chart.yaml | 5 +- home-assistant/README.adoc | 4 +- home-assistant/README.md | 120 ++++++++++++++++++++++++++++ home-assistant/artifacthub-repo.yml | 1 + publish.sh | 9 ++- 7 files changed, 145 insertions(+), 24 deletions(-) create mode 100644 home-assistant/README.md create mode 100644 home-assistant/artifacthub-repo.yml diff --git a/README.md b/README.md index 44274ac..bf954b6 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,12 @@ -+++ -title = "Helm Chart" -template = "docs/section.html" -sort_by = "weight" -weight = 5 -+++ +--- +title: "Helm-Charts" +weight: 1 +cascade: + - url: /:sections/:title/ +url: /:sections +--- -# Usage +## Usage Helm must be installed and setup to your kubernetes cluster to use the charts. Refer to Helm's [documentation](https://helm.sh/docs) to get started. diff --git a/README.md.gotmpl b/README.md.gotmpl index dd93d2c..ffed287 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -1,16 +1,9 @@ -+++ -title = {{ .Name | quote }} +--- +title: {{ .Name | quote }} {{ if .Description }} -description = {{.Description | quote }} +description: {{.Description | quote }} {{ end }} - -weight = 30 -sort_by = "weight" -template = "docs/page.html" - -[extra] -toc = true -+++ +--- {{- define "chart.prerequirements" }} {{- end }} diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index de4ae1b..31ba2ae 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -1,10 +1,11 @@ apiVersion: v2 name: home-assistant description: Home Assistant with tooling to run on an k3s pi +icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.3 +version: 0.2.4 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.10.4" +appVersion: "2024.11.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 0792440..07cca64 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] +image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.10.4-informational?style=flat-square[AppVersion: 2024.10.4] +image::https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square[AppVersion: 2024.11.0] == Maintainers .Maintainers diff --git a/home-assistant/README.md b/home-assistant/README.md new file mode 100644 index 0000000..37246e0 --- /dev/null +++ b/home-assistant/README.md @@ -0,0 +1,120 @@ +--- +title: "home-assistant" + +description: "Home Assistant with tooling to run on an k3s pi" + +--- + +# home-assistant + +![Version: 0.2.4](https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) + +Home Assistant with tooling to run on an k3s pi + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/home-assistant +``` + +You can install a chart release using the following command: + +```bash +helm install home-assistant-release oci://codeberg.org/wrenix/helm-charts/home-assistant --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall home-assistant-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"home-assistant/home-assistant"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.path | string | `"/"` | | +| livenessProbe.httpGet.port | string | `"http"` | | +| nameOverride | string | `""` | | +| nats.enabled | bool | `true` | | +| nats.image.pullPolicy | string | `"IfNotPresent"` | | +| nats.image.registry | string | `"docker.io"` | | +| nats.image.repository | string | `"library/nats"` | | +| nats.image.tag | string | `"2.10.22-scratch"` | | +| nats.livenessProbe.tcpSocket.port | string | `"nats"` | | +| nats.readinessProbe.tcpSocket.port | string | `"nats"` | | +| nats.resources.limits.cpu | string | `"100m"` | | +| nats.resources.limits.memory | string | `"128Mi"` | | +| nats.resources.requests.cpu | string | `"100m"` | | +| nats.resources.requests.memory | string | `"128Mi"` | | +| nats.service.port.mqtt | int | `1883` | | +| nats.service.port.nats | int | `4222` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `false` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | | +| persistence.size | string | `"1Gi"` | | +| persistence.storageClass | string | `nil` | data Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| prometheus.podmonitor.bearerTokenSecret | object | `{}` | | +| prometheus.podmonitor.enabled | bool | `false` | | +| prometheus.podmonitor.labels | object | `{}` | | +| readinessProbe.httpGet.path | string | `"/"` | | +| readinessProbe.httpGet.port | string | `"http"` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | +| zigbee2mqtt.config.homeassistant | bool | `true` | | +| zigbee2mqtt.config.serial.port | string | `"/dev/ttyACM0"` | | +| zigbee2mqtt.device | string | `"/dev/ttyACM0"` | | +| zigbee2mqtt.enabled | bool | `true` | | +| zigbee2mqtt.image.pullPolicy | string | `"IfNotPresent"` | | +| zigbee2mqtt.image.registry | string | `"docker.io"` | | +| zigbee2mqtt.image.repository | string | `"koenkk/zigbee2mqtt"` | | +| zigbee2mqtt.image.tag | string | `"1.41.0"` | | +| zigbee2mqtt.ingress.hosts | list | `[]` | | +| zigbee2mqtt.securityContext.privileged | bool | `true` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/home-assistant/artifacthub-repo.yml b/home-assistant/artifacthub-repo.yml new file mode 100644 index 0000000..c801df4 --- /dev/null +++ b/home-assistant/artifacthub-repo.yml @@ -0,0 +1 @@ +repositoryID: a2209d76-d5e9-4809-ac29-536b59035c65 diff --git a/publish.sh b/publish.sh index b676584..a0644cf 100755 --- a/publish.sh +++ b/publish.sh @@ -1,6 +1,7 @@ #/bin/sh -HELM_REPO=${HELM_REPO:-oci://codeberg.org/wrenix/helm-charts} +HELM_REPO=${HELM_REPO:-codeberg.org/wrenix/helm-charts} +HELM_REPO_URL="oci://${HELM_REPO}" COMMIT_SCOPE=${2:-fix} COMMIT_MESSAGE=${1:-"update appVersion"} @@ -52,7 +53,11 @@ for p in * ; do helm-docs -t ./README.adoc.gotmpl -t _docs.gotmpl -o README.adoc -g "${p}" helm package "${p}" - helm push "${p}-${v}.tgz" "${HELM_REPO}"; + helm push "${p}-${v}.tgz" "${HELM_REPO_URL}"; + + oras push "${HELM_REPO}/${p}:artifacthub.io" \ + --config /dev/null:application/vnd.cncf.artifacthub.config.v1+yaml \ + "${p}/artifacthub-repo.yml":application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml git add "${p}/" "docs/modules/charts/nav.adoc" "docs/modules/charts/pages/${p}.adoc" git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}" -- 2.45.3 From d75dcd14119b1ca6592043e06c1d67bea63adb48 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 8 Nov 2024 15:40:34 +0100 Subject: [PATCH 157/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 4 +- stalwart-mail/README.adoc | 4 +- stalwart-mail/README.md | 220 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 224 insertions(+), 4 deletions(-) create mode 100644 stalwart-mail/README.md diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index d1675a3..6ed4192 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.17 +version: 0.0.18 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.10.5" +appVersion: "0.10.6" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc index daaa07a..a8bbc16 100644 --- a/stalwart-mail/README.adoc +++ b/stalwart-mail/README.adoc @@ -2,9 +2,9 @@ = stalwart-mail -image::https://img.shields.io/badge/Version-0.0.17-informational?style=flat-square[Version: 0.0.17] +image::https://img.shields.io/badge/Version-0.0.18-informational?style=flat-square[Version: 0.0.18] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.10.5-informational?style=flat-square[AppVersion: 0.10.5] +image::https://img.shields.io/badge/AppVersion-0.10.6-informational?style=flat-square[AppVersion: 0.10.6] == Maintainers .Maintainers diff --git a/stalwart-mail/README.md b/stalwart-mail/README.md new file mode 100644 index 0000000..f1d859a --- /dev/null +++ b/stalwart-mail/README.md @@ -0,0 +1,220 @@ +--- +title: "stalwart-mail" + +description: "Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP)" + +--- + +# stalwart-mail + +![Version: 0.0.18](https://img.shields.io/badge/Version-0.0.18-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.10.6](https://img.shields.io/badge/AppVersion-0.10.6-informational?style=flat-square) + +Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + += Alpha + +WARNING +==== +We stop working on this Helm-Chart. +There are still many breaking change like: + +* https://github.com/stalwartlabs/mail-server/issues/211[storage.fts in toml configuration has two meanings] + +We hope that stalward mail-server becomes more stable. + +==== + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/stalwart-mail +``` + +You can install a chart release using the following command: + +```bash +helm install stalwart-mail-release oci://codeberg.org/wrenix/helm-charts/stalwart-mail --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall stalwart-mail-release +``` + +## Values + +### DKIM + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| config.auth.dkim.sign | list | `[{"if":"listener != 'smtp'","then":"['rsa', 'ed25519']"},{"else":false}]` | auth rule for signing with dkim | +| config.auth.dkim.verify | string | `"relaxed"` | verify of dkim signature (relaxed, strict, disable) | + +### Authentification + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| config.authentication.fallback-admin.secret | string | `"%{env:FALLBACK_ADMIN_SECRET}%"` | password for fallback authentfication (use env for store in secrets of kubernetes) | +| config.authentication.fallback-admin.user | string | `"admin"` | username for fallback authentfication | +| secrets.env.FALLBACK_ADMIN_SECRET | string | `"supersecret"` | password for fallback authentfication (env) | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| certificate.certmanager.dnsNames[0] | string | `"chart-example.local"` | | +| certificate.certmanager.enabled | bool | `true` | | +| certificate.certmanager.issuerRef.group | string | `"cert-manager.io"` | | +| certificate.certmanager.issuerRef.kind | string | `"ClusterIssuer"` | | +| certificate.certmanager.issuerRef.name | string | `"letsencrypt-prod"` | | +| certificate.secretName | string | `nil` | not needed if certmanager is used | +| config.directory.internal.store | string | `"rocksdb"` | | +| config.directory.internal.type | string | `"internal"` | | +| config.metrics.prometheus.auth.secret | string | `"%{env:METRICS_SECRET}%"` | | +| config.metrics.prometheus.auth.username | string | `"%{env:METRICS_USERNAME}%"` | | +| config.metrics.prometheus.enable | bool | `true` | | +| config.server.listener.http.bind[0] | string | `"[::]:80"` | | +| config.server.listener.http.protocol | string | `"http"` | | +| config.server.listener.https.bind[0] | string | `"[::]:443"` | | +| config.server.listener.https.protocol | string | `"http"` | | +| config.server.listener.https.tls.implicit | bool | `true` | | +| config.server.listener.imap.bind[0] | string | `"[::]:143"` | | +| config.server.listener.imap.protocol | string | `"imap"` | | +| config.server.listener.imaptls.bind[0] | string | `"[::]:993"` | | +| config.server.listener.imaptls.protocol | string | `"imap"` | | +| config.server.listener.imaptls.tls.implicit | bool | `true` | | +| config.server.listener.pop3.bind[0] | string | `"[::]:110"` | | +| config.server.listener.pop3.protocol | string | `"pop3"` | | +| config.server.listener.pop3s.bind[0] | string | `"[::]:995"` | | +| config.server.listener.pop3s.protocol | string | `"pop3"` | | +| config.server.listener.pop3s.tls.implicit | bool | `true` | | +| config.server.listener.sieve.bind[0] | string | `"[::]:4190"` | | +| config.server.listener.sieve.protocol | string | `"managesieve"` | | +| config.server.listener.smtp.bind[0] | string | `"[::]:25"` | | +| config.server.listener.smtp.protocol | string | `"smtp"` | | +| config.server.listener.submission.bind[0] | string | `"[::]:587"` | | +| config.server.listener.submission.protocol | string | `"smtp"` | | +| config.server.listener.submissions.bind[0] | string | `"[::]:465"` | | +| config.server.listener.submissions.protocol | string | `"smtp"` | | +| config.server.listener.submissions.tls.implicit | bool | `true` | | +| config.storage.blob | string | `"rocksdb"` | | +| config.storage.data | string | `"rocksdb"` | | +| config.storage.directory | string | `"internal"` | | +| config.storage.fts | string | `"rocksdb"` | | +| config.storage.lookup | string | `"rocksdb"` | | +| config.store.rocksdb.compression | string | `"lz4"` | | +| config.store.rocksdb.path | string | `"/data"` | | +| config.store.rocksdb.type | string | `"rocksdb"` | | +| config.tracer.otel.enable | bool | `false` | | +| config.tracer.otel.endpoint | string | `"https://127.0.0.1/otel"` | | +| config.tracer.otel.headers | list | `[]` | headers for usage with http (e.g. 'Authorization: ') | +| config.tracer.otel.level | string | `"info"` | | +| config.tracer.otel.transport | string | `"grpc"` | grpc or http | +| config.tracer.otel.type | string | `"open-telemetry"` | | +| config.tracer.stdout.ansi | bool | `false` | | +| config.tracer.stdout.enable | bool | `true` | | +| config.tracer.stdout.level | string | `"info"` | | +| config.tracer.stdout.type | string | `"stdout"` | | +| env | list | `[]` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"docker.io"` | | +| image.repository | string | `"stalwartlabs/mail-server"` | | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.path | string | `"/healthz/live"` | | +| livenessProbe.httpGet.port | string | `"http"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | accessMode | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"10Gi"` | size | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| readinessProbe.httpGet.path | string | `"/healthz/ready"` | | +| readinessProbe.httpGet.port | string | `"http"` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| secrets.env.METRICS_SECRET | string | `"scrape_metrics_password"` | | +| secrets.env.METRICS_USERNAME | string | `"scrape_metrics_user"` | | +| securityContext | object | `{}` | | +| service.annotations | object | `{}` | | +| service.ipFamilies[0] | string | `"IPv4"` | | +| service.ipFamilyPolicy | string | `"SingleStack"` | other option is RequireDualStack | +| service.ports.http | int | `80` | | +| service.ports.https | int | `443` | | +| service.ports.imap | int | `143` | | +| service.ports.imaptls | int | `993` | | +| service.ports.pop3 | int | `110` | | +| service.ports.pop3s | int | `995` | | +| service.ports.sieve | int | `4190` | | +| service.ports.smtp | int | `25` | | +| service.ports.submission | int | `587` | | +| service.ports.submissions | int | `465` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `false` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| traefik.enabled | bool | `false` | | +| traefik.ports.https.entrypoint | string | `"websecure"` | | +| traefik.ports.https.match | string | `nil` | | +| traefik.ports.https.passthroughTLS | bool | `true` | | +| traefik.ports.https.proxyProtocol | bool | `true` | | +| traefik.ports.imaptls.entrypoint | string | `"imaps"` | | +| traefik.ports.imaptls.match | string | `nil` | | +| traefik.ports.imaptls.passthroughTLS | bool | `true` | | +| traefik.ports.imaptls.proxyProtocol | bool | `true` | | +| traefik.ports.pop3s.entrypoint | string | `"pop3s"` | | +| traefik.ports.pop3s.match | string | `nil` | | +| traefik.ports.pop3s.passthroughTLS | bool | `true` | | +| traefik.ports.pop3s.proxyProtocol | bool | `true` | | +| traefik.ports.sieve.entrypoint | string | `"sieve"` | | +| traefik.ports.sieve.match | string | `nil` | | +| traefik.ports.sieve.passthroughTLS | bool | `true` | | +| traefik.ports.sieve.proxyProtocol | bool | `true` | | +| traefik.ports.smtp.entrypoint | string | `"smtp"` | | +| traefik.ports.smtp.match | string | `nil` | | +| traefik.ports.smtp.proxyProtocol | bool | `true` | | +| traefik.ports.submissions.entrypoint | string | `"smtps"` | | +| traefik.ports.submissions.match | string | `nil` | | +| traefik.ports.submissions.passthroughTLS | bool | `true` | | +| traefik.ports.submissions.proxyProtocol | bool | `true` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + -- 2.45.3 From 1d57a623fc3e356a239ae12ade7384d8c3ef3a7c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 8 Nov 2024 15:43:25 +0100 Subject: [PATCH 158/256] chore: add debug output on publish.sh --- publish.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/publish.sh b/publish.sh index a0644cf..69b1f23 100755 --- a/publish.sh +++ b/publish.sh @@ -49,16 +49,20 @@ for p in * ; do fi fi + echo "update docs" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}" helm-docs -t ./README.adoc.gotmpl -t _docs.gotmpl -o README.adoc -g "${p}" + echo "package and push helm-chart" helm package "${p}" helm push "${p}-${v}.tgz" "${HELM_REPO_URL}"; + echo "update artifacthub.io" oras push "${HELM_REPO}/${p}:artifacthub.io" \ --config /dev/null:application/vnd.cncf.artifacthub.config.v1+yaml \ "${p}/artifacthub-repo.yml":application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml + echo "push to git" git add "${p}/" "docs/modules/charts/nav.adoc" "docs/modules/charts/pages/${p}.adoc" git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}" git tag "${tag}" --no-sign; -- 2.45.3 From 50633fccbd4d6e0d48c8cd9686c98a7d4a213bcb Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 11:16:30 +0100 Subject: [PATCH 159/256] fix(home-assistant): update AppVersion to v2024.11.1 --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- home-assistant/README.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 31ba2ae..d41d167 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.4 +version: 0.2.5 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.11.0" +appVersion: "2024.11.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 07cca64..67841a2 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] +image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square[AppVersion: 2024.11.0] +image::https://img.shields.io/badge/AppVersion-2024.11.1-informational?style=flat-square[AppVersion: 2024.11.1] == Maintainers .Maintainers diff --git a/home-assistant/README.md b/home-assistant/README.md index 37246e0..642f7ee 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.4](https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.2.5](https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.1](https://img.shields.io/badge/AppVersion-2024.11.1-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From 16b3a74e747b597e6a9681b2220c598eb5433965 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:14:44 +0100 Subject: [PATCH 160/256] fix(authentik-application): add README in markdown --- authentik-application/Chart.yaml | 2 +- authentik-application/README.adoc | 2 +- authentik-application/README.md | 145 ++++++++++++++++++++++++++++++ 3 files changed, 147 insertions(+), 2 deletions(-) create mode 100644 authentik-application/README.md diff --git a/authentik-application/Chart.yaml b/authentik-application/Chart.yaml index f0d9780..4820932 100644 --- a/authentik-application/Chart.yaml +++ b/authentik-application/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: authentik-application description: "A Chart to deploy a secret for the authentik blueprint-sidecar." type: application -version: 0.4.2 +version: "0.4.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/authentik-application/README.adoc b/authentik-application/README.adoc index f25a352..71f4efc 100644 --- a/authentik-application/README.adoc +++ b/authentik-application/README.adoc @@ -2,7 +2,7 @@ = authentik-application -image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] +image::https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square[Version: 0.4.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] == Maintainers diff --git a/authentik-application/README.md b/authentik-application/README.md new file mode 100644 index 0000000..83d2f8b --- /dev/null +++ b/authentik-application/README.md @@ -0,0 +1,145 @@ +--- +title: "authentik-application" + +description: "A Chart to deploy a secret for the authentik blueprint-sidecar." + +--- + +# authentik-application + +![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +A Chart to deploy a secret for the authentik blueprint-sidecar. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Pre-Requirement +Usage of https://github.com/goauthentik/helm/pull/146 + +## or manual: +Install authentik with this `values.yaml`: +```yaml +serviceAccount: + create: true + +additionalContainers: + - name: sidecar-blueprints + image: "ghcr.io/kiwigrid/k8s-sidecar:1.25.1" + env: + - name: "FOLDER" + value: "/blueprints/sidecar" + - name: "LABEL" + value: "goauthentik_blueprint" + - name: "LABEL_VALUE" + value: "1" + # - name: "NAMESPACE" + # value: "ALL" + - name: "RESOURCE" + value: "both" + - name: "UNIQUE_FILENAMES" + value: "true" + volumeMounts: + - name: sidecar-blueprints + mountPath: /blueprints/sidecar + +volumeMounts: + - name: sidecar-blueprints + mountPath: /blueprints/sidecar + +volumes: + - name: sidecar-blueprints + emptyDir: {} +``` + +And create an Role and bind them on to the ServiceAccount to read secrets: +```yaml +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: authentik-blueprint-sidecar +rules: + - apiGroups: [""] + resources: ["configmaps", "secrets"] + verbs: ["get", "watch", "list"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: authentik-blueprint-sidecar +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: authentik-blueprint-sidecar +subjects: + - kind: ServiceAccount + name: authentik +``` + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/authentik-application +``` + +You can install a chart release using the following command: + +```bash +helm install authentik-application-release oci://codeberg.org/wrenix/helm-charts/authentik-application --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall authentik-application-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| blueprint.application.bindPolicyID | string | `nil` | uuid for bindPolicyID for group - if not set generated on secret for be stable (or groups: [] filled) | +| blueprint.application.description | string | `""` | description of application | +| blueprint.application.group | string | `""` | put this application in authentik in group | +| blueprint.application.icon | string | `""` | icon of application (url) | +| blueprint.application.launchURL | string | `""` | | +| blueprint.application.name | string | `""` | application name in menu | +| blueprint.application.openInNewTab | bool | `false` | open application in new tab | +| blueprint.application.policyEngineMode | string | `"any"` | | +| blueprint.application.publisher | string | `""` | publisher of application | +| blueprint.application.slug | string | `"app-name"` | application slug | +| blueprint.authentik.domain | string | `"https://auth.wrenix.eu"` | domain to authentik, used in generated url (like issuer) | +| blueprint.groups | string | `nil` | authentik groups created / give access to this application disable any groups by set groups: [] (to a slice) example: - slug: "app: grafana-admin" parent: "app: infra" bindID: uuid | +| blueprint.labels | object | `{"goauthentik_blueprint":"1"}` | label of generated secret with blueprint | +| blueprint.provider.authorizationFlow | string | `"default-provider-authorization-implicit-consent"` | | +| blueprint.provider.enabled | bool | `true` | creat an provider for authentification (otherwise just a like in menu is created) | +| blueprint.provider.name | string | `""` | | +| blueprint.provider.oidc.clientID | string | `nil` | client id - generated if secret enabled | +| blueprint.provider.oidc.clientSecret | string | `nil` | client secret - generated if secret enabled | +| blueprint.provider.oidc.clientType | string | `"confidential"` | | +| blueprint.provider.oidc.redirectURL | string | `""` | | +| blueprint.provider.oidc.scopes | string | `nil` | Scope | +| blueprint.provider.oidc.signingKey | string | `""` | Need for non-curve / RSA | +| blueprint.provider.proxy.cookieDomain | string | `""` | | +| blueprint.provider.proxy.externalHost | string | `nil` | | +| blueprint.provider.proxy.ingress.annotations | list | `[]` | annotations to ingress for outpost | +| blueprint.provider.proxy.ingress.backend | string | `"authentik"` | service backend to authentik | +| blueprint.provider.proxy.ingress.domain | string | `nil` | domain of application (where outpost should be deployed) | +| blueprint.provider.proxy.ingress.enabled | bool | `false` | deploy ingress on application domain for e.g. logout (WIP) | +| blueprint.provider.proxy.ingress.tls | list | `[]` | tls to ingress for outpost | +| blueprint.provider.proxy.skipPathRegex | string | `""` | | +| blueprint.provider.saml | string | `nil` | | +| blueprint.provider.type | string | `"oidc"` | type of application connection, current support: oidc, saml and proxy | +| secret.labels | object | `{}` | label of secret to store generated secret | +| secret.name | string | `""` | name of secret to store generated secret (like clientI) | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + -- 2.45.3 From 7239373db2cab232e1b9c53f1dc657878ab8898a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:14:49 +0100 Subject: [PATCH 161/256] fix(element-call): add README in markdown --- element-call/Chart.yaml | 2 +- element-call/README.adoc | 2 +- element-call/README.md | 118 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 120 insertions(+), 2 deletions(-) create mode 100644 element-call/README.md diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index 0ae61a2..cb205e1 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: 0.1.4 +version: "0.1.5" # renovate: image=ghcr.io/element-hq/element-call appVersion: "0.6.6" maintainers: diff --git a/element-call/README.adoc b/element-call/README.adoc index 039bb69..6cd058b 100644 --- a/element-call/README.adoc +++ b/element-call/README.adoc @@ -2,7 +2,7 @@ = element-call -image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4] +image::https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square[Version: 0.1.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square[AppVersion: 0.6.6] == Maintainers diff --git a/element-call/README.md b/element-call/README.md new file mode 100644 index 0000000..4d0966d --- /dev/null +++ b/element-call/README.md @@ -0,0 +1,118 @@ +--- +title: "element-call" + +description: "Run Element-Call and his dependencies" + +--- + +# element-call + +![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.6.6](https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square) + +Run Element-Call and his dependencies + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/element-call +``` + +You can install a chart release using the following command: + +```bash +helm install element-call-release oci://codeberg.org/wrenix/helm-charts/element-call --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall element-call-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| service.call.affinity | object | `{}` | | +| service.call.config | object | `{}` | | +| service.call.image.pullPolicy | string | `"IfNotPresent"` | | +| service.call.image.registry | string | `"ghcr.io"` | | +| service.call.image.repository | string | `"element-hq/element-call"` | | +| service.call.image.tag | string | `nil` | Overrides the image tag whose default is the chart appVersion. | +| service.call.ingress.host | string | `nil` | | +| service.call.livenessProbe.httpGet.path | string | `"/"` | | +| service.call.livenessProbe.httpGet.port | string | `"http"` | | +| service.call.networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | +| service.call.networkPolicy.egress.extra | list | `[]` | egress rules | +| service.call.networkPolicy.enabled | bool | `false` | | +| service.call.networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller) | +| service.call.nodeSelector | object | `{}` | | +| service.call.podAnnotations | object | `{}` | | +| service.call.podLabels | object | `{}` | | +| service.call.podSecurityContext | object | `{}` | | +| service.call.readinessProbe.httpGet.path | string | `"/"` | | +| service.call.readinessProbe.httpGet.port | string | `"http"` | | +| service.call.replicaCount | int | `1` | | +| service.call.resources | object | `{}` | | +| service.call.securityContext | object | `{}` | | +| service.call.serviceAccount.annotations | object | `{}` | | +| service.call.serviceAccount.automount | bool | `true` | | +| service.call.serviceAccount.create | bool | `true` | | +| service.call.serviceAccount.name | string | `""` | | +| service.call.tolerations | list | `[]` | | +| service.lkJWT.affinity | object | `{}` | | +| service.lkJWT.config.key | string | `"devkey"` | | +| service.lkJWT.config.secret | string | `"secret"` | | +| service.lkJWT.config.url | string | `""` | | +| service.lkJWT.enabled | bool | `true` | | +| service.lkJWT.image.pullPolicy | string | `"IfNotPresent"` | | +| service.lkJWT.image.registry | string | `"ghcr.io"` | | +| service.lkJWT.image.repository | string | `"element-hq/lk-jwt-service"` | | +| service.lkJWT.image.tag | string | `"sha-4a29504"` | | +| service.lkJWT.ingress.host | string | `nil` | | +| service.lkJWT.livenessProbe.httpGet.path | string | `"/healthz"` | | +| service.lkJWT.livenessProbe.httpGet.port | string | `"http"` | | +| service.lkJWT.networkPolicy.egress.enabled | bool | `false` | activate egress no networkpolicy | +| service.lkJWT.networkPolicy.egress.extra | list | `[]` | egress rules | +| service.lkJWT.networkPolicy.enabled | bool | `false` | | +| service.lkJWT.networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller) | +| service.lkJWT.nodeSelector | object | `{}` | | +| service.lkJWT.podAnnotations | object | `{}` | | +| service.lkJWT.podLabels | object | `{}` | | +| service.lkJWT.podSecurityContext | object | `{}` | | +| service.lkJWT.readinessProbe.httpGet.path | string | `"/healthz"` | | +| service.lkJWT.readinessProbe.httpGet.port | string | `"http"` | | +| service.lkJWT.replicaCount | int | `1` | | +| service.lkJWT.resources | object | `{}` | | +| service.lkJWT.securityContext | object | `{}` | | +| service.lkJWT.serviceAccount.annotations | object | `{}` | | +| service.lkJWT.serviceAccount.automount | bool | `true` | | +| service.lkJWT.serviceAccount.create | bool | `true` | | +| service.lkJWT.serviceAccount.name | string | `""` | | +| service.lkJWT.tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + -- 2.45.3 From 0335bfdb1294eb6929a1ef33be84221033cdd625 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:14:52 +0100 Subject: [PATCH 162/256] fix(gotosocial): add README in markdown --- gotosocial/Chart.yaml | 2 +- gotosocial/README.adoc | 2 +- gotosocial/README.md | 16 +++++----------- 3 files changed, 7 insertions(+), 13 deletions(-) diff --git a/gotosocial/Chart.yaml b/gotosocial/Chart.yaml index 9720d3b..455042a 100644 --- a/gotosocial/Chart.yaml +++ b/gotosocial/Chart.yaml @@ -3,7 +3,7 @@ name: gotosocial description: With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! icon: https://docs.gotosocial.org/en/latest/assets/sloth.png type: application -version: 0.2.6 +version: "0.2.7" # renovate: image=docker.io/superseriousbusiness/gotosocial appVersion: "0.17.3" maintainers: diff --git a/gotosocial/README.adoc b/gotosocial/README.adoc index 6eeb531..d1d3127 100644 --- a/gotosocial/README.adoc +++ b/gotosocial/README.adoc @@ -2,7 +2,7 @@ = gotosocial -image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] +image::https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square[Version: 0.2.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.17.3-informational?style=flat-square[AppVersion: 0.17.3] == Maintainers diff --git a/gotosocial/README.md b/gotosocial/README.md index ffa48be..51d55e1 100644 --- a/gotosocial/README.md +++ b/gotosocial/README.md @@ -1,19 +1,13 @@ -+++ -title = "gotosocial" +--- +title: "gotosocial" -description = "With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to!" +description: "With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to!" -weight = 30 -sort_by = "weight" -template = "docs/page.html" - -[extra] -toc = true -+++ +--- # gotosocial -![Version: 0.2.6](https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.17.3](https://img.shields.io/badge/AppVersion-0.17.3-informational?style=flat-square) +![Version: 0.2.7](https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.17.3](https://img.shields.io/badge/AppVersion-0.17.3-informational?style=flat-square) With GoToSocial, you can keep in touch with your friends, post, read, and share images and articles. All without being tracked or advertised to! -- 2.45.3 From 7c926ac43280bb0c717a4aed4e6147818f8e532b Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:14:55 +0100 Subject: [PATCH 163/256] fix(grampsweb): add README in markdown --- grampsweb/Chart.yaml | 2 +- grampsweb/README.adoc | 2 +- grampsweb/README.md | 102 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 104 insertions(+), 2 deletions(-) create mode 100644 grampsweb/README.md diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index 9c7da33..eb69956 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,7 +3,7 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: 0.2.2 +version: "0.2.3" # renovate: image=ghcr.io/gramps-project/grampsweb appVersion: "24.10.0" maintainers: diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index 497fb6b..f2a8a2b 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,7 +2,7 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] +image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-24.10.0-informational?style=flat-square[AppVersion: 24.10.0] == Maintainers diff --git a/grampsweb/README.md b/grampsweb/README.md new file mode 100644 index 0000000..3ae1274 --- /dev/null +++ b/grampsweb/README.md @@ -0,0 +1,102 @@ +--- +title: "grampsweb" + +description: "A Helm chart for gramps web" + +--- + +# grampsweb + +![Version: 0.2.3](https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 24.10.0](https://img.shields.io/badge/AppVersion-24.10.0-informational?style=flat-square) + +A Helm chart for gramps web + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/grampsweb +``` + +You can install a chart release using the following command: + +```bash +helm install grampsweb-release oci://codeberg.org/wrenix/helm-charts/grampsweb --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall grampsweb-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| gramps.baseURL | string | `"https://gramps.example.org"` | Base URL where the API can be reached (e.g. https://mygramps.mydomain.com/). This is necessary e.g. to build correct passwort reset links | +| gramps.mail.from | string | `nil` | "From" address for automated e-mails | +| gramps.mail.host | string | `nil` | SMTP server host (e.g. for sending password reset e-mails) | +| gramps.mail.password | string | `nil` | SMTP server password | +| gramps.mail.port | int | `465` | SMTP server port. | +| gramps.mail.useTLS | bool | `true` | Boolean, whether to use TLS for sending e-mails. Defaults to true. When using STARTTLS, set this to false and use a port different from 25. | +| gramps.mail.username | string | `nil` | SMTP server username | +| gramps.mediaPrefixTree | bool | `false` | whether or not to use a separate subfolder for the media files of each tree. Defaults to False, but strongly recommend to use True in a multi-tree setup | +| gramps.tree | string | `"Gramps Web"` | To enable multi-tree support, the TREE config option must be set to a single asterisk `*` | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"gramps-project/grampsweb"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | +| networkPolicy.egress.extra | list | `[]` | egress rules | +| networkPolicy.enabled | bool | `false` | | +| networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller) | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"5Gi"` | | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `5000` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 27564187fd9a6d0d89978f6c1ab3a77cf45814fd Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:00 +0100 Subject: [PATCH 164/256] fix(hydrogen-web): add README in markdown --- hydrogen-web/Chart.yaml | 2 +- hydrogen-web/README.adoc | 2 +- hydrogen-web/README.md | 86 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 88 insertions(+), 2 deletions(-) create mode 100644 hydrogen-web/README.md diff --git a/hydrogen-web/Chart.yaml b/hydrogen-web/Chart.yaml index 33de903..b06ec87 100644 --- a/hydrogen-web/Chart.yaml +++ b/hydrogen-web/Chart.yaml @@ -3,7 +3,7 @@ name: hydrogen-web description: A Helm Chart to install hydrogen-web (a nextgen Matrix Webclient) icon: https://raw.githubusercontent.com/element-hq/hydrogen-web/master/src/platform/web/assets/icon.svg type: application -version: 0.1.8 +version: "0.1.9" # renovate: image=ghcr.io/element-hq/hydrogen-web appVersion: "0.5.1" maintainers: diff --git a/hydrogen-web/README.adoc b/hydrogen-web/README.adoc index fc1a2e4..21a65e4 100644 --- a/hydrogen-web/README.adoc +++ b/hydrogen-web/README.adoc @@ -2,7 +2,7 @@ = hydrogen-web -image::https://img.shields.io/badge/Version-0.1.8-informational?style=flat-square[Version: 0.1.8] +image::https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square[Version: 0.1.9] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.5.1-informational?style=flat-square[AppVersion: 0.5.1] == Maintainers diff --git a/hydrogen-web/README.md b/hydrogen-web/README.md new file mode 100644 index 0000000..cc3ee37 --- /dev/null +++ b/hydrogen-web/README.md @@ -0,0 +1,86 @@ +--- +title: "hydrogen-web" + +description: "A Helm Chart to install hydrogen-web (a nextgen Matrix Webclient)" + +--- + +# hydrogen-web + +![Version: 0.1.9](https://img.shields.io/badge/Version-0.1.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.1](https://img.shields.io/badge/AppVersion-0.5.1-informational?style=flat-square) + +A Helm Chart to install hydrogen-web (a nextgen Matrix Webclient) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/hydrogen-web +``` + +You can install a chart release using the following command: + +```bash +helm install hydrogen-web-release oci://codeberg.org/wrenix/helm-charts/hydrogen-web --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall hydrogen-web-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| hydrogen.bugReportEndpointUrl" | string | `"https://element.io/bugreports/submit"` | | +| hydrogen.defaultHomeServer | string | `"matrix.org"` | | +| hydrogen.defaultTheme.dark | string | `"element-dark"` | | +| hydrogen.defaultTheme.light | string | `"element-light"` | | +| hydrogen.push.appId | string | `"io.element.hydrogen.web"` | | +| hydrogen.push.applicationServerKey | string | `"BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM"` | | +| hydrogen.push.gatewayUrl | string | `"https://matrix.org"` | | +| hydrogen.themeManifests[0] | string | `"assets/theme-element.json"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"ghcr.io/element-hq/hydrogen-web"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `8080` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 8bd352a9d7de04726899e8f4b95a13f8cb4d3043 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:03 +0100 Subject: [PATCH 165/256] fix(jellyfin): add README in markdown --- jellyfin/Chart.yaml | 2 +- jellyfin/README.adoc | 2 +- jellyfin/README.md | 102 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 104 insertions(+), 2 deletions(-) create mode 100644 jellyfin/README.md diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index f74de2f..24c0f44 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,7 +3,7 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: 0.3.4 +version: "0.3.5" # renovate: image=ghcr.io/jellyfin/jellyfin appVersion: "10.10.1" maintainers: diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index 99aed48..0756342 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,7 +2,7 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.3.4-informational?style=flat-square[Version: 0.3.4] +image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-10.10.1-informational?style=flat-square[AppVersion: 10.10.1] == Maintainers diff --git a/jellyfin/README.md b/jellyfin/README.md new file mode 100644 index 0000000..36df80e --- /dev/null +++ b/jellyfin/README.md @@ -0,0 +1,102 @@ +--- +title: "jellyfin" + +description: "The Free Software Media System" + +--- + +# jellyfin + +![Version: 0.3.5](https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.1](https://img.shields.io/badge/AppVersion-10.10.1-informational?style=flat-square) + +The Free Software Media System + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/jellyfin +``` + +You can install a chart release using the following command: + +```bash +helm install jellyfin-release oci://codeberg.org/wrenix/helm-charts/jellyfin --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall jellyfin-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| config.enabled | bool | `false` | | +| config.image | object | `{"pullPolicy":"IfNotPresent","registry":"ghcr.io","repository":"tomwright/dasel","tag":"2.8.1"}` | image to patch config | +| config.metrics | bool | `false` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"jellyfin/jellyfin"` | | +| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | +| networkPolicy.egress.extra | list | `[]` | egress rules | +| networkPolicy.enabled | bool | `false` | | +| networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller, prometheus) | +| nodeSelector | object | `{}` | | +| persistence.config.hostPath | string | `nil` | | +| persistence.config.nfs.path | string | `"/"` | | +| persistence.config.nfs.server | string | `nil` | | +| persistence.config.pvc.enabled | bool | `false` | | +| persistence.media.hostPath | string | `nil` | | +| persistence.media.nfs.path | string | `"/"` | | +| persistence.media.nfs.server | string | `nil` | | +| persistence.media.pvc.enabled | bool | `false` | | +| persistence.media.readOnly | bool | `true` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `8096` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 32a8cc40cfc61e801dac22be171677bb87be9524 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:05 +0100 Subject: [PATCH 166/256] fix(matrix-authentication-service): add README in markdown --- matrix-authentication-service/Chart.yaml | 2 +- matrix-authentication-service/README.adoc | 2 +- matrix-authentication-service/README.md | 170 ++++++++++++++++++++++ 3 files changed, 172 insertions(+), 2 deletions(-) create mode 100644 matrix-authentication-service/README.md diff --git a/matrix-authentication-service/Chart.yaml b/matrix-authentication-service/Chart.yaml index 773a85e..e9792db 100644 --- a/matrix-authentication-service/Chart.yaml +++ b/matrix-authentication-service/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-authentication-service description: OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861) icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.0.6 +version: "0.0.7" # renovate: image=ghcr.io/matrix-org/matrix-authentication-service appVersion: "0.11.0" maintainers: diff --git a/matrix-authentication-service/README.adoc b/matrix-authentication-service/README.adoc index a7e4d5d..263cb2b 100644 --- a/matrix-authentication-service/README.adoc +++ b/matrix-authentication-service/README.adoc @@ -2,7 +2,7 @@ = matrix-authentication-service -image::https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square[Version: 0.0.6] +image::https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square[Version: 0.0.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.11.0-informational?style=flat-square[AppVersion: 0.11.0] == Maintainers diff --git a/matrix-authentication-service/README.md b/matrix-authentication-service/README.md new file mode 100644 index 0000000..d29c6e3 --- /dev/null +++ b/matrix-authentication-service/README.md @@ -0,0 +1,170 @@ +--- +title: "matrix-authentication-service" + +description: "OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861)" + +--- + +# matrix-authentication-service + +![Version: 0.0.7](https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.0](https://img.shields.io/badge/AppVersion-0.11.0-informational?style=flat-square) + +OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/matrix-authentication-service +``` + +You can install a chart release using the following command: + +```bash +helm install matrix-authentication-service-release oci://codeberg.org/wrenix/helm-charts/matrix-authentication-service --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall matrix-authentication-service-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| config.branding.imprint | string | `nil` | | +| config.branding.logo_uri | string | `nil` | | +| config.branding.policy_uri | string | `nil` | | +| config.branding.service_name | string | `nil` | | +| config.branding.tos_uri | string | `nil` | | +| config.clients | list | `[]` | | +| config.database.connect_timeout | int | `30` | | +| config.database.database | string | `"sliding_sync"` | | +| config.database.host | string | `"localhost"` | | +| config.database.idle_timeout | int | `600` | | +| config.database.max_connections | int | `10` | | +| config.database.max_lifetime | int | `1800` | | +| config.database.min_connections | int | `0` | | +| config.database.password | string | `"secret"` | | +| config.database.port | int | `5432` | | +| config.database.username | string | `"sliding_sync"` | | +| config.email.from | string | `"\"Authentication Service\" "` | | +| config.email.reply_to | string | `"\"Authentication Service\" "` | | +| config.email.transport | string | `"blackhole"` | | +| config.experimental.access_token_ttl | int | `300` | | +| config.experimental.compat_token_ttl | int | `300` | | +| config.http.issuer | string | `"http://[::]:8080/"` | | +| config.http.listeners[0].binds[0].address | string | `"[::]:8080"` | | +| config.http.listeners[0].name | string | `"http"` | | +| config.http.listeners[0].proxy_protocol | bool | `false` | | +| config.http.listeners[0].resources[0].name | string | `"discovery"` | | +| config.http.listeners[0].resources[1].name | string | `"human"` | | +| config.http.listeners[0].resources[2].name | string | `"oauth"` | | +| config.http.listeners[0].resources[3].name | string | `"compat"` | | +| config.http.listeners[0].resources[4].name | string | `"graphql"` | | +| config.http.listeners[0].resources[4].playground | bool | `true` | | +| config.http.listeners[0].resources[5].name | string | `"assets"` | | +| config.http.listeners[0].resources[5].path | string | `"/usr/local/share/mas-cli/assets/"` | | +| config.http.listeners[1].binds[0].address | string | `"[::]:8081"` | | +| config.http.listeners[1].name | string | `"internal"` | | +| config.http.listeners[1].resources[0].name | string | `"health"` | | +| config.http.listeners[2].binds[0].address | string | `"[::]:9100"` | | +| config.http.listeners[2].name | string | `"metrics"` | | +| config.http.listeners[2].resources[0].name | string | `"prometheus"` | | +| config.http.public_base | string | `"http://[::]:8080/"` | | +| config.http.trusted_proxies[0] | string | `"192.128.0.0/16"` | | +| config.http.trusted_proxies[1] | string | `"172.16.0.0/12"` | | +| config.http.trusted_proxies[2] | string | `"10.0.0.0/10"` | | +| config.http.trusted_proxies[3] | string | `"127.0.0.1/8"` | | +| config.http.trusted_proxies[4] | string | `"fd00::/8"` | | +| config.http.trusted_proxies[5] | string | `"::1/128"` | | +| config.matrix.endpoint | string | `"http://localhost:8008/"` | | +| config.matrix.homeserver | string | `"localhost:8008"` | | +| config.matrix.secret | string | `"kPnqGbK9hmSRK41DZTgVJxfKVAiLrY6G"` | | +| config.passwords.enabled | bool | `true` | | +| config.passwords.schemes[0].algorithm | string | `"argon2id"` | | +| config.passwords.schemes[0].version | int | `1` | | +| config.policy.authorization_grant_entrypoint | string | `"authorization_grant/violation"` | | +| config.policy.client_registration_entrypoint | string | `"client_registration/violation"` | | +| config.policy.data | string | `nil` | | +| config.policy.email_entrypoint | string | `"email/violation"` | | +| config.policy.password_entrypoint | string | `"password/violation"` | | +| config.policy.register_entrypoint | string | `"register/violation"` | | +| config.policy.wasm_module | string | `"/usr/local/share/mas-cli/policy.wasm"` | | +| config.secrets.encryption | string | `nil` | | +| config.secrets.keys | list | `[]` | | +| config.telemetry.metrics.exporter | string | `"prometheus"` | | +| config.telemetry.sentry.dsn | string | `nil` | | +| config.telemetry.tracing.exporter | string | `"none"` | | +| config.telemetry.tracing.propagators | list | `[]` | | +| config.templates.assets_manifest | string | `"/usr/local/share/mas-cli/manifest.json"` | | +| config.templates.path | string | `"/usr/local/share/mas-cli/templates/"` | | +| config.templates.translations_path | string | `"/usr/local/share/mas-cli/translations/"` | | +| config.upstream_oauth2.providers | list | `[]` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"matrix-org/matrix-authentication-service"` | | +| image.tag | string | `nil` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"auth.matrix.chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/l"` | | +| ingress.hosts[0].paths[0].pathType | string | `"Prefix"` | | +| ingress.hosts[1].host | string | `"matrix.chart-example.local"` | | +| ingress.hosts[1].paths[0].path | string | `"/_matrix/client/v3/login"` | | +| ingress.hosts[1].paths[0].pathType | string | `"Exact"` | | +| ingress.hosts[1].paths[1].path | string | `"/_matrix/client/v3/logout"` | | +| ingress.hosts[1].paths[1].pathType | string | `"Exact"` | | +| ingress.hosts[1].paths[2].path | string | `"/_matrix/client/v3/refresh"` | | +| ingress.hosts[1].paths[2].pathType | string | `"Exact"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.path | string | `"/health"` | | +| livenessProbe.httpGet.port | string | `"internal"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext.fsGroup | int | `1000` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| readinessProbe.httpGet.path | string | `"/health"` | | +| readinessProbe.httpGet.port | string | `"internal"` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext.capabilities.drop[0] | string | `"ALL"` | | +| securityContext.readOnlyRootFilesystem | bool | `true` | | +| securityContext.runAsNonRoot | bool | `true` | | +| securityContext.runAsUser | int | `1000` | | +| service.port.http | int | `8080` | | +| service.port.metrics | int | `9100` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 86755ddff632bf128c3b852a5dc9b0993dd53411 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:09 +0100 Subject: [PATCH 167/256] fix(matrix-sliding-sync): add README in markdown --- matrix-sliding-sync/Chart.yaml | 2 +- matrix-sliding-sync/README.adoc | 2 +- matrix-sliding-sync/README.md | 108 ++++++++++++++++++++++++++++++++ 3 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 matrix-sliding-sync/README.md diff --git a/matrix-sliding-sync/Chart.yaml b/matrix-sliding-sync/Chart.yaml index c9f2534..06c81bd 100644 --- a/matrix-sliding-sync/Chart.yaml +++ b/matrix-sliding-sync/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-sliding-sync description: Proxy implementation of MSC3575's sync protocol. icon: https://matrix.org/images/matrix-logo.svg type: application -version: 0.2.1 +version: "0.2.2" # renovate: image=ghcr.io/matrix-org/sliding-sync appVersion: "0.99.19" maintainers: diff --git a/matrix-sliding-sync/README.adoc b/matrix-sliding-sync/README.adoc index 6ee9361..37179ba 100644 --- a/matrix-sliding-sync/README.adoc +++ b/matrix-sliding-sync/README.adoc @@ -2,7 +2,7 @@ = matrix-sliding-sync -image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] +image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.99.19-informational?style=flat-square[AppVersion: 0.99.19] == Maintainers diff --git a/matrix-sliding-sync/README.md b/matrix-sliding-sync/README.md new file mode 100644 index 0000000..422c3f3 --- /dev/null +++ b/matrix-sliding-sync/README.md @@ -0,0 +1,108 @@ +--- +title: "matrix-sliding-sync" + +description: "Proxy implementation of MSC3575's sync protocol." + +--- + +# matrix-sliding-sync + +![Version: 0.2.2](https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.99.19](https://img.shields.io/badge/AppVersion-0.99.19-informational?style=flat-square) + +Proxy implementation of MSC3575's sync protocol. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/matrix-sliding-sync +``` + +You can install a chart release using the following command: + +```bash +helm install matrix-sliding-sync-release oci://codeberg.org/wrenix/helm-charts/matrix-sliding-sync --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall matrix-sliding-sync-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| config.homeserver | string | `"http://localhost:8008"` | | +| config.logLevel | string | `"INFO"` | | +| config.metrics | int | `9100` | | +| config.opentelemetry.password | string | `nil` | | +| config.opentelemetry.url | string | `nil` | | +| config.opentelemetry.username | string | `nil` | | +| config.postgresql.database | string | `"sliding_sync"` | | +| config.postgresql.host | string | `"localhost"` | | +| config.postgresql.maxConn | int | `0` | | +| config.postgresql.password | string | `"secret"` | | +| config.postgresql.port | int | `5432` | | +| config.postgresql.sslmode | string | `"disable"` | | +| config.postgresql.username | string | `"sliding_sync"` | | +| config.syncSecret | string | `nil` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"matrix-org/sliding-sync"` | | +| image.tag | string | `nil` | Overrides the image tag whose default is the chart appVersion. | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.tcpSocket.port | string | `"http"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext.fsGroup | int | `2000` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| readinessProbe.tcpSocket.port | string | `"http"` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext.capabilities.drop[0] | string | `"ALL"` | | +| securityContext.readOnlyRootFilesystem | bool | `true` | | +| securityContext.runAsNonRoot | bool | `true` | | +| securityContext.runAsUser | int | `1000` | | +| service.port | int | `8008` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 5f946e11e607b9fc00524acfd6d4cbf3f743be55 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:11 +0100 Subject: [PATCH 168/256] fix(matrix-synapse): add README in markdown --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.adoc | 2 +- matrix-synapse/README.md | 279 +++++++++++++++++++++++++++++++++++++ 3 files changed, 281 insertions(+), 2 deletions(-) create mode 100644 matrix-synapse/README.md diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 44bf3b1..b8fdaa6 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: 1.0.0 +version: "1.0.1" # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.118.0 maintainers: diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 5d5e290..5e88f45 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,7 +2,7 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square[Version: 1.0.0] +image::https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square[Version: 1.0.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-1.118.0-informational?style=flat-square[AppVersion: 1.118.0] == Maintainers diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md new file mode 100644 index 0000000..aa19029 --- /dev/null +++ b/matrix-synapse/README.md @@ -0,0 +1,279 @@ +--- +title: "matrix-synapse" + +description: "Matrix reference homeserver" + +--- + +# matrix-synapse + +![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.118.0](https://img.shields.io/badge/AppVersion-1.118.0-informational?style=flat-square) + +Matrix reference homeserver + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/matrix-synapse +``` + +You can install a chart release using the following command: + +```bash +helm install matrix-synapse-release oci://codeberg.org/wrenix/helm-charts/matrix-synapse --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall matrix-synapse-release +``` + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.bitnami.com/bitnami | postgresql | ^16.0.0 | +| https://charts.bitnami.com/bitnami | redis | ^20.0.0 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| config.bindAddresses | list | `["::"]` | The bind addresses to use for the default listeners | +| config.extraListeners | list | `[]` | | +| config.extraMainListenerTypes | list | `[]` | | +| config.reportStats | bool | `false` | | +| config.trustedKeyServers | list | `[{"server_name":"matrix.org"}]` | A set of trusted servers to contact if another server doesn't respond to a signing key request. | +| config.useStructuredLogging | bool | `false` | | +| externalPostgresql.database | string | `"synapse"` | | +| externalPostgresql.extraArgs | object | `{}` | Extra arguments for the database connection ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config | +| externalPostgresql.options | object | `{}` | set extra configuration ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config e.g. txn_limit, allow_unsafe_locale | +| externalPostgresql.port | int | `5432` | | +| externalPostgresql.username | string | `"synapse"` | | +| externalRedis.port | int | `6379` | | +| extraConfig | object | `{}` | | +| extraLoggers | object | `{}` | | +| extraSecrets | object | `{}` | | +| fullnameOverride | string | `nil` | Override the full name of the installed chart. | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"element-hq/synapse"` | | +| image.tag | string | `nil` | Overrides the image tag whose default is the chart appVersion. | +| ingress.annotations | object | `{}` | | +| ingress.csHosts | list | `[]` | | +| ingress.csPaths | list | `[]` | | +| ingress.enabled | bool | `true` | | +| ingress.hosts | list | `[]` | | +| ingress.includeServerName | bool | `true` | | +| ingress.includeUnderscoreSynapse | bool | `true` | | +| ingress.paths | list | `[]` | | +| ingress.tls | list | `[]` | | +| ingress.traefikPaths | bool | `false` | | +| ingress.wkHosts | list | `[]` | | +| nameOverride | string | `nil` | Override part of the installed name, will still keep release name. | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"10Gi"` | | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| postgresql.auth.database | string | `"synapse"` | | +| postgresql.auth.password | string | `"synapse"` | | +| postgresql.auth.username | string | `"synapse"` | | +| postgresql.enabled | bool | `true` | | +| postgresql.extraArgs | object | `{}` | Extra arguments for the database connection ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config | +| postgresql.options | object | `{}` | set extra configuration ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config e.g. txn_limit, allow_unsafe_locale | +| postgresql.primary.initdb.args | string | `"--lc-collate=C --lc-ctype=C"` | | +| postgresql.primary.persistence.size | string | `"16Gi"` | | +| prometheus.podmonitor.enabled | bool | `false` | | +| prometheus.podmonitor.labels | object | `{}` | | +| prometheus.rules.additionalRules | list | `[]` | | +| prometheus.rules.defaults.enabled | bool | `true` | | +| prometheus.rules.enabled | bool | `false` | | +| prometheus.rules.labels | object | `{}` | | +| publicServerName | string | `nil` | The public Matrix server name, this will be used for any public URLs in config as well as for client API links in the ingress. | +| redis.architecture | string | `"standalone"` | | +| redis.auth.enabled | bool | `true` | | +| redis.auth.password | string | `"synapse"` | | +| redis.enabled | bool | `true` | | +| redis.master.kind | string | `"Deployment"` | | +| redis.master.persistence.enabled | bool | `false` | | +| redis.master.service.port | int | `6379` | | +| serverName | string | `nil` | The Matrix domain name, this is what will be used for the domain part in your MXIDs. | +| service.port | int | `8008` | | +| service.targetPort | string | `"http"` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `false` | | +| signingkey.annotations | object | `{"helm.sh/hook":"pre-install,pre-upgrade","helm.sh/hook-delete-policy":"before-hook-creation,hook-succeeded"}` | Annotations to apply to the job and rbac for signing-key. | +| signingkey.job.enabled | bool | `true` | | +| signingkey.job.publishImage.pullPolicy | string | `"IfNotPresent"` | | +| signingkey.job.publishImage.registry | string | `"docker.io"` | | +| signingkey.job.publishImage.repository | string | `"bitnami/kubectl"` | | +| signingkey.job.publishImage.tag | string | `"latest"` | | +| signingkey.resources | object | `{}` | | +| synapse.affinity | object | `{}` | | +| synapse.annotations | object | `{}` | | +| synapse.extraCommands | list | `[]` | | +| synapse.extraEnv | list | `[]` | | +| synapse.extraVolumeMounts | list | `[]` | | +| synapse.extraVolumes | list | `[]` | | +| synapse.labels | object | `{}` | | +| synapse.livenessProbe.httpGet.path | string | `"/health"` | | +| synapse.livenessProbe.httpGet.port | string | `"http"` | | +| synapse.nodeSelector | object | `{}` | | +| synapse.podSecurityContext | object | `{}` | | +| synapse.readinessProbe.httpGet.path | string | `"/health"` | | +| synapse.readinessProbe.httpGet.port | string | `"http"` | | +| synapse.resources | object | `{}` | | +| synapse.securityContext | object | `{}` | | +| synapse.startupProbe.failureThreshold | int | `12` | | +| synapse.startupProbe.httpGet.path | string | `"/health"` | | +| synapse.startupProbe.httpGet.port | string | `"http"` | | +| synapse.strategy.type | string | `"RollingUpdate"` | | +| synapse.tolerations | list | `[]` | | +| volumePermissions.enabled | bool | `false` | | +| volumePermissions.gid | int | `666` | | +| volumePermissions.image.pullPolicy | string | `"Always"` | | +| volumePermissions.image.registry | string | `"docker.io"` | | +| volumePermissions.image.repository | string | `"library/alpine"` | | +| volumePermissions.image.tag | string | `"3.20.3"` | | +| volumePermissions.resources | object | `{}` | | +| volumePermissions.uid | int | `666` | | +| wellknown.affinity | object | `{}` | | +| wellknown.client | object | `{}` | Data to serve on .well-known/matrix/client. m.homeserver: base_url: https://matrix.example.com | +| wellknown.containerPort | int | `80` | | +| wellknown.element | object | `{}` | Data to serve on .well-known/element/element.json call: widget_url: https://call.element.io | +| wellknown.enabled | bool | `false` | | +| wellknown.env | list | `[]` | | +| wellknown.image.pullPolicy | string | `"IfNotPresent"` | | +| wellknown.image.registry | string | `"docker.io"` | | +| wellknown.image.repository | string | `"library/nginx"` | | +| wellknown.image.tag | string | `"1.27.2"` | | +| wellknown.nodeSelector | object | `{}` | | +| wellknown.podAnnotations | list | `[]` | | +| wellknown.podLabels | object | `{}` | | +| wellknown.podSecurityContext | object | `{}` | | +| wellknown.replicaCount | int | `1` | | +| wellknown.resources | object | `{}` | | +| wellknown.securityContext | object | `{}` | | +| wellknown.server | object | `{}` | The host and port combo to serve on .well-known/matrix/server. m.server: matrix.example.com:443 | +| wellknown.service.annotations | object | `{}` | | +| wellknown.service.port | int | `8080` | | +| wellknown.service.type | string | `"ClusterIP"` | | +| wellknown.tolerations | list | `[]` | | +| workers.appservice.enabled | bool | `false` | | +| workers.appservice.generic | bool | `true` | | +| workers.appservice.name | string | `"appservices"` | | +| workers.default.affinity | object | `{}` | | +| workers.default.annotations | object | `{}` | | +| workers.default.extraCommands | list | `[]` | | +| workers.default.extraEnv | list | `[]` | | +| workers.default.livenessProbe.httpGet.path | string | `"/health"` | | +| workers.default.livenessProbe.httpGet.port | string | `"metrics"` | | +| workers.default.nodeSelector | object | `{}` | | +| workers.default.podSecurityContext | object | `{}` | | +| workers.default.readinessProbe.httpGet.path | string | `"/health"` | | +| workers.default.readinessProbe.httpGet.port | string | `"metrics"` | | +| workers.default.replicaCount | int | `1` | | +| workers.default.resources | object | `{}` | | +| workers.default.securityContext | object | `{}` | | +| workers.default.startupProbe.failureThreshold | int | `6` | | +| workers.default.startupProbe.httpGet.path | string | `"/health"` | | +| workers.default.startupProbe.httpGet.port | string | `"metrics"` | | +| workers.default.strategy.type | string | `"RollingUpdate"` | | +| workers.default.tolerations | list | `[]` | | +| workers.default.volumeMounts | list | `[]` | | +| workers.default.volumes | list | `[]` | | +| workers.federation_sender.enabled | bool | `false` | | +| workers.frontend_proxy.csPaths[0] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/keys/upload"` | | +| workers.frontend_proxy.enabled | bool | `false` | | +| workers.frontend_proxy.listeners[0] | string | `"client"` | | +| workers.generic_worker.csPaths[0] | string | `"/_matrix/client/(api/v1|r0|v3)/events$"` | | +| workers.generic_worker.csPaths[10] | string | `"/_matrix/client/(r0|v3|unstable)/account/3pid$"` | | +| workers.generic_worker.csPaths[11] | string | `"/_matrix/client/(r0|v3|unstable)/account/whoami$"` | | +| workers.generic_worker.csPaths[12] | string | `"/_matrix/client/(r0|v3|unstable)/devices$"` | | +| workers.generic_worker.csPaths[13] | string | `"/_matrix/client/versions$"` | | +| workers.generic_worker.csPaths[14] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$"` | | +| workers.generic_worker.csPaths[15] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/"` | | +| workers.generic_worker.csPaths[16] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$"` | | +| workers.generic_worker.csPaths[17] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/search$"` | | +| workers.generic_worker.csPaths[18] | string | `"/_matrix/client/(r0|v3|unstable)/keys/query$"` | | +| workers.generic_worker.csPaths[19] | string | `"/_matrix/client/(r0|v3|unstable)/keys/changes$"` | | +| workers.generic_worker.csPaths[1] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$"` | | +| workers.generic_worker.csPaths[20] | string | `"/_matrix/client/(r0|v3|unstable)/keys/claim$"` | | +| workers.generic_worker.csPaths[21] | string | `"/_matrix/client/(r0|v3|unstable)/room_keys/"` | | +| workers.generic_worker.csPaths[22] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/login$"` | | +| workers.generic_worker.csPaths[23] | string | `"/_matrix/client/(r0|v3|unstable)/register$"` | | +| workers.generic_worker.csPaths[24] | string | `"/_matrix/client/v1/register/m.login.registration_token/validity$"` | | +| workers.generic_worker.csPaths[25] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact"` | | +| workers.generic_worker.csPaths[26] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send"` | | +| workers.generic_worker.csPaths[27] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/"` | | +| workers.generic_worker.csPaths[28] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$"` | | +| workers.generic_worker.csPaths[29] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/join/"` | | +| workers.generic_worker.csPaths[2] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$"` | | +| workers.generic_worker.csPaths[30] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/profile/"` | | +| workers.generic_worker.csPaths[31] | string | `"/_matrix/client/(r0|v3|unstable)/user_directory/search"` | | +| workers.generic_worker.csPaths[3] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$"` | | +| workers.generic_worker.csPaths[4] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/"` | | +| workers.generic_worker.csPaths[5] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$"` | | +| workers.generic_worker.csPaths[6] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$"` | | +| workers.generic_worker.csPaths[7] | string | `"/_matrix/client/v1/rooms/.*/hierarchy$"` | | +| workers.generic_worker.csPaths[8] | string | `"/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$"` | | +| workers.generic_worker.csPaths[9] | string | `"/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$"` | | +| workers.generic_worker.enabled | bool | `false` | | +| workers.generic_worker.generic | bool | `true` | | +| workers.generic_worker.listeners[0] | string | `"client"` | | +| workers.generic_worker.listeners[1] | string | `"federation"` | | +| workers.generic_worker.paths[0] | string | `"/_matrix/federation/v1/event/"` | | +| workers.generic_worker.paths[10] | string | `"/_matrix/federation/(v1|v2)/send_leave/"` | | +| workers.generic_worker.paths[11] | string | `"/_matrix/federation/(v1|v2)/invite/"` | | +| workers.generic_worker.paths[12] | string | `"/_matrix/federation/v1/event_auth/"` | | +| workers.generic_worker.paths[13] | string | `"/_matrix/federation/v1/exchange_third_party_invite/"` | | +| workers.generic_worker.paths[14] | string | `"/_matrix/federation/v1/user/devices/"` | | +| workers.generic_worker.paths[15] | string | `"/_matrix/key/v2/query"` | | +| workers.generic_worker.paths[16] | string | `"/_matrix/federation/v1/hierarchy/"` | | +| workers.generic_worker.paths[17] | string | `"/_matrix/federation/v1/send/"` | | +| workers.generic_worker.paths[1] | string | `"/_matrix/federation/v1/state/"` | | +| workers.generic_worker.paths[2] | string | `"/_matrix/federation/v1/state_ids/"` | | +| workers.generic_worker.paths[3] | string | `"/_matrix/federation/v1/backfill/"` | | +| workers.generic_worker.paths[4] | string | `"/_matrix/federation/v1/get_missing_events/"` | | +| workers.generic_worker.paths[5] | string | `"/_matrix/federation/v1/publicRooms"` | | +| workers.generic_worker.paths[6] | string | `"/_matrix/federation/v1/query/"` | | +| workers.generic_worker.paths[7] | string | `"/_matrix/federation/v1/make_join/"` | | +| workers.generic_worker.paths[8] | string | `"/_matrix/federation/v1/make_leave/"` | | +| workers.generic_worker.paths[9] | string | `"/_matrix/federation/(v1|v2)/send_join/"` | | +| workers.media_repository.csPaths[0] | string | `"/_matrix/media/.*"` | | +| workers.media_repository.csPaths[1] | string | `"/_synapse/admin/v1/purge_media_cache$"` | | +| workers.media_repository.csPaths[2] | string | `"/_synapse/admin/v1/room/.*/media"` | | +| workers.media_repository.csPaths[3] | string | `"/_synapse/admin/v1/user/.*/media"` | | +| workers.media_repository.csPaths[4] | string | `"/_synapse/admin/v1/media/"` | | +| workers.media_repository.csPaths[5] | string | `"/_synapse/admin/v1/quarantine_media/"` | | +| workers.media_repository.csPaths[6] | string | `"/_synapse/admin/v1/users/.*/media$"` | | +| workers.media_repository.enabled | bool | `false` | | +| workers.media_repository.listeners[0] | string | `"media"` | | +| workers.media_repository.paths[0] | string | `"/_matrix/media/.*"` | | +| workers.pusher.enabled | bool | `false` | | +| workers.user_dir.csPaths[0] | string | `"/_matrix/client/(api/v1|r0|v3|unstable)/user_directory/search$"` | | +| workers.user_dir.enabled | bool | `false` | | +| workers.user_dir.listeners[0] | string | `"client"` | | +| workers.user_dir.name | string | `"userdir"` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 99db5b44efa9b1b920e3cbf448c7f29dab8b6fc5 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:14 +0100 Subject: [PATCH 169/256] fix(miniserve): add README in markdown --- miniserve/Chart.yaml | 2 +- miniserve/README.adoc | 2 +- miniserve/README.md | 119 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 121 insertions(+), 2 deletions(-) create mode 100644 miniserve/README.md diff --git a/miniserve/Chart.yaml b/miniserve/Chart.yaml index ce99ae8..fd683b0 100644 --- a/miniserve/Chart.yaml +++ b/miniserve/Chart.yaml @@ -3,7 +3,7 @@ name: miniserve description: A Helm chart for Kubernetes icon: https://raw.githubusercontent.com/svenstaro/miniserve/master/data/logo.svg type: application -version: 0.4.2 +version: "0.4.3" # renovate: image=docker.io/svenstaro/miniserve appVersion: "0.28.0" maintainers: diff --git a/miniserve/README.adoc b/miniserve/README.adoc index cd2b98f..c0f3d20 100644 --- a/miniserve/README.adoc +++ b/miniserve/README.adoc @@ -2,7 +2,7 @@ = miniserve -image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] +image::https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square[Version: 0.4.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.28.0-informational?style=flat-square[AppVersion: 0.28.0] == Maintainers diff --git a/miniserve/README.md b/miniserve/README.md new file mode 100644 index 0000000..dc33a2b --- /dev/null +++ b/miniserve/README.md @@ -0,0 +1,119 @@ +--- +title: "miniserve" + +description: "A Helm chart for Kubernetes" + +--- + +# miniserve + +![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.28.0](https://img.shields.io/badge/AppVersion-0.28.0-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/miniserve +``` + +You can install a chart release using the following command: + +```bash +helm install miniserve-release oci://codeberg.org/wrenix/helm-charts/miniserve --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall miniserve-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| data.args | list | `[]` | used for commandline flags | +| data.auth | string | `""` | Set authentication. Currently supported formats: username:password, username:sha256:hash, username:sha512:hash (e.g. joe:123, joe:sha256:a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3) | +| data.colorScheme | string | `"squirrel"` | Default color scheme | +| data.colorSchemeDark | string | `"archlinux"` | Default color scheme | +| data.dirsFirst | bool | `true` | List directories first | +| data.enable.tar | bool | `false` | Enable uncompressed tar archive generation | +| data.enable.tarGZ | bool | `false` | Enable gz-compressed tar archive generation | +| data.enable.zip | bool | `false` | Enable zip archive generation WARNING: Zipping large directories can result in out-of-memory exception because zip generation is done in memory and cannot be sent on the fly | +| data.hidden | bool | `false` | Show hidden files | +| data.hideThemeSelector | bool | `false` | Hide theme selector | +| data.hideVersionFooter | bool | `true` | Hide version footer | +| data.index | string | `"index.html"` | Normally, when miniserve serves a directory, it creates a listing for that directory. However, if a directory contains this file, miniserve will serve that file instead. | +| data.noSymlinks | bool | `false` | Hide symlinks in listing and prevent them from being followed | +| data.path | string | `"/data"` | Which path to serve | +| data.prettyURLs | bool | `false` | Activate Pretty URLs mode | +| data.qrcode | bool | `false` | Enable QR code display | +| data.readme | bool | `false` | Enable README.md rendering in directories | +| data.routePrefix | string | `""` | Use a specific route prefix | +| data.showSymlinkInfo | bool | `false` | Visualize symlinks in directory listing | +| data.showWGETFooter | bool | `true` | If enabled, display a wget command to recursively download the current directory | +| data.spa | bool | `false` | Activate SPA (Single Page Application) mode | +| data.title | string | `""` | Shown instead of host in page title and heading | +| data.upload.allowedDir | string | `""` | Enable file uploading (and optionally specify for which directory) | +| data.upload.mediaType | string | `""` | Specify uploadable media types: possible values image, audio, video | +| data.upload.mkdir | bool | `false` | Enable creating directories | +| data.upload.overwriteFiles | bool | `false` | Enable overriding existing files during file upload | +| data.upload.rawMediaType | string | `""` | Directly specify the uploadable media type expression | +| data.verbose | bool | `false` | Be verbose, includes emitting access logs | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"docker.io/svenstaro/miniserve"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | +| networkPolicy.egress.extra | list | `[]` | egress rules | +| networkPolicy.enabled | bool | `false` | | +| networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller) | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `false` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | | +| persistence.size | string | `"1Gi"` | | +| persistence.storageClass | string | `nil` | data Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources.limits.memory | string | `"256Mi"` | | +| resources.requests.cpu | string | `"80m"` | | +| resources.requests.memory | string | `"128Mi"` | | +| securityContext | object | `{}` | | +| service.port | int | `8080` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From ce5a2c0fdb000fe9e0e8a3883add453b60dd0b30 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:16 +0100 Subject: [PATCH 170/256] fix(monitoring): add README in markdown --- monitoring/Chart.yaml | 2 +- monitoring/README.adoc | 2 +- monitoring/README.md | 73 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+), 2 deletions(-) create mode 100644 monitoring/README.md diff --git a/monitoring/Chart.yaml b/monitoring/Chart.yaml index b9a7c26..f6afb12 100644 --- a/monitoring/Chart.yaml +++ b/monitoring/Chart.yaml @@ -3,7 +3,7 @@ name: monitoring description: Deploy helper for probes and scrapeconfig of prometheus-operator icon: https://prometheus.io/assets/favicons/android-chrome-192x192.png type: application -version: 0.2.0 +version: "0.2.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/monitoring/README.adoc b/monitoring/README.adoc index 8747c51..3ccba34 100644 --- a/monitoring/README.adoc +++ b/monitoring/README.adoc @@ -2,7 +2,7 @@ = monitoring -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] == Maintainers diff --git a/monitoring/README.md b/monitoring/README.md new file mode 100644 index 0000000..5378712 --- /dev/null +++ b/monitoring/README.md @@ -0,0 +1,73 @@ +--- +title: "monitoring" + +description: "Deploy helper for probes and scrapeconfig of prometheus-operator" + +--- + +# monitoring + +![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +Deploy helper for probes and scrapeconfig of prometheus-operator + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/monitoring +``` + +You can install a chart release using the following command: + +```bash +helm install monitoring-release oci://codeberg.org/wrenix/helm-charts/monitoring --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall monitoring-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| prober | list | `[{"ipv4":true,"ipv6":true,"name":"local","spec":{"path":"/probe","url":"prometheus-blackbox-exporter:9115"}}]` | prober for each the following probes are created (multiside probes) | +| prober[0] | object | `{"ipv4":true,"ipv6":true,"name":"local","spec":{"path":"/probe","url":"prometheus-blackbox-exporter:9115"}}` | name of prober | +| prober[0].ipv4 | bool | `true` | use this prober for ipv4 probes (default: true) | +| prober[0].ipv6 | bool | `true` | use this prober for ipv6 probes (default: true) | +| prober[0].spec | object | `{"path":"/probe","url":"prometheus-blackbox-exporter:9115"}` | spec of prober (like url, path, scheme ...) | +| probes[0] | object | `{"groups":{"framasoft":["framasoft.org","degooglisons-internet.org","framapiaf.org","framatube.org"]},"ipv4":true,"ipv6":true,"module":"http_2xx","name":"http"}` | probe module (suffix with _ipv4 and ipv6 if enabled) | +| probes[0].groups | object | `{"framasoft":["framasoft.org","degooglisons-internet.org","framapiaf.org","framatube.org"]}` | groups with targets | +| probes[0].ipv4 | bool | `true` | setup one for ipv4 (see module and his suffix - default: true) | +| probes[0].ipv6 | bool | `true` | setup one for ipv6 (see module and his suffix - default: true) | +| probes[0].name | string | `"http"` | name of probe | +| probes[1].groups | object | `{"digitalcourage":["digitalcourage.de","nuudel.digitalcourage.de","digitalcourage.social"]}` | groups with targets | +| probes[1].ipv4 | bool | `true` | setup one for ipv4 (see module and his suffix - default: true) | +| probes[1].ipv6 | bool | `false` | setup one for ipv6 (see module and his suffix - default: true) | +| probes[1].module | string | `"http_2xx"` | | +| probes[1].name | string | `"http-ipv4"` | name of probe | +| prometheus.probe.labels | object | `{"prometheus":"default"}` | labels on Probe | +| prometheus.scrape.labels | object | `{"prometheus":"default"}` | labels on ScrapeConfig | +| scrapes[0] | object | `{"groups":{"de":["ber.de.local:9100","fra.de.local:9100","ham.de.local:9100"],"ie":["dub.ie.local:9100","ork.ie.local:9100"]},"name":"nodes"}` | name of scrape | +| scrapes[0].groups | object | `{"de":["ber.de.local:9100","fra.de.local:9100","ham.de.local:9100"],"ie":["dub.ie.local:9100","ork.ie.local:9100"]}` | groups with targets | +| scrapes[1].auth.password | string | `nil` | basic auth password | +| scrapes[1].auth.token | string | `nil` | bearer token | +| scrapes[1].auth.username | string | `nil` | basic auth username | +| scrapes[1].groups | object | `{"de":["fra.de.s3.local:9000","ham.de.s3.local:9000"],"ie":["dub.ie.s3.local:9000"]}` | groups with targets | +| scrapes[1].metricsPath | string | `"/minio/v2/metrics/node"` | metric path on scrape | +| scrapes[1].name | string | `"minio"` | | +| scrapes[1].scheme | string | `"http"` | schema on scrape | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 4a22a672c518a8e8cff5e6e63793ca00a4083b82 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:19 +0100 Subject: [PATCH 171/256] fix(ntfy): add README in markdown --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 2 +- ntfy/README.md | 157 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 159 insertions(+), 2 deletions(-) create mode 100644 ntfy/README.md diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index b8721e9..2cacbf0 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: 0.4.4 +version: "0.4.5" # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 987cb13..67269d2 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square[Version: 0.4.4] +image::https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square[Version: 0.4.5] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers diff --git a/ntfy/README.md b/ntfy/README.md new file mode 100644 index 0000000..b8348bf --- /dev/null +++ b/ntfy/README.md @@ -0,0 +1,157 @@ +--- +title: "ntfy" + +description: "A Helm chart for Kubernetes" + +--- + +# ntfy + +![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/ntfy +``` + +You can install a chart release using the following command: + +```bash +helm install ntfy-release oci://codeberg.org/wrenix/helm-charts/ntfy --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall ntfy-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| env | list | `[]` | set env in container for usage Environment variables | +| envFrom | list | `[]` | set envFrom in container for usage of ConfigMaps or Secrets as a bunch of Environment variables | +| fullnameOverride | string | `""` | | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.repository | string | `"binwiederhier/ntfy"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.2"}` | image needed for setup (store generated VAPID / WebPush keys) | +| nameOverride | string | `""` | | +| networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | +| networkPolicy.egress.extra | list | `[]` | egress rules | +| networkPolicy.enabled | bool | `false` | | +| networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller) | +| networkPolicy.ingress.metrics | list | `[]` | ingress for metrics port (e.g. prometheus) | +| networkPolicy.ingress.smtp | list | `[]` | ingress for smtp | +| nodeSelector | object | `{}` | | +| ntfy.attachment.cacheDir | string | `nil` | | +| ntfy.attachment.expireDuration | string | `"3h"` | | +| ntfy.attachment.sizeLimit.file | string | `"15M"` | | +| ntfy.attachment.sizeLimit.total | string | `"5G"` | | +| ntfy.auth.defaultAccess | string | `"read-write"` | | +| ntfy.auth.file | string | `nil` | | +| ntfy.auth.startupQueries | string | `nil` | | +| ntfy.baseURL | string | `"https://ntfy.example.org"` | | +| ntfy.behindProxy | bool | `true` | | +| ntfy.cache.batch.size | int | `0` | | +| ntfy.cache.batch.timeout | string | `"0s"` | | +| ntfy.cache.duration | string | `"12h"` | | +| ntfy.cache.file | string | `nil` | | +| ntfy.cache.startupQueries | string | `nil` | | +| ntfy.enableLogin | bool | `false` | | +| ntfy.enableReservations | bool | `false` | | +| ntfy.enableSignup | bool | `false` | | +| ntfy.firebaseKeyFile | string | `nil` | | +| ntfy.globalTopicLimit | int | `15000` | | +| ntfy.keepaliveInterval | string | `"45s"` | | +| ntfy.listen.certFile | string | `nil` | | +| ntfy.listen.http | string | `":80"` | | +| ntfy.listen.https | string | `nil` | | +| ntfy.listen.keyFile | string | `nil` | | +| ntfy.listen.unix | string | `nil` | | +| ntfy.listen.unixMode | string | `nil` | | +| ntfy.managerInterval | string | `"1m"` | | +| ntfy.metrics.enable | bool | `true` | | +| ntfy.metrics.port | int | `9000` | | +| ntfy.smtp.sender.addr | string | `nil` | | +| ntfy.smtp.sender.from | string | `nil` | | +| ntfy.smtp.sender.pass | string | `nil` | | +| ntfy.smtp.sender.user | string | `nil` | | +| ntfy.smtp.server.addrPrefix | string | `nil` | | +| ntfy.smtp.server.domain | string | `nil` | | +| ntfy.upstreamBaseURL | string | `"https://ntfy.sh"` | | +| ntfy.visitor.attachment.dailyBandwidthLimit | string | `"500M"` | | +| ntfy.visitor.attachment.totalSizeLimit | string | `"100M"` | | +| ntfy.visitor.email.limitBurst | int | `16` | | +| ntfy.visitor.email.limitReplenish | string | `"1h"` | | +| ntfy.visitor.request.limitBurst | int | `60` | | +| ntfy.visitor.request.limitExemptHosts | string | `""` | | +| ntfy.visitor.request.limitReplenish | string | `"5s"` | | +| ntfy.visitor.subscriberRateLimiting | bool | `false` | | +| ntfy.visitor.subscriptionLimit | int | `30` | | +| ntfy.webPush.emailAddress | string | `""` | | +| ntfy.webPush.file | string | `"/data/webpush.db"` | | +| ntfy.webPush.keys.create | bool | `false` | | +| ntfy.webPush.keys.private | string | `nil` | | +| ntfy.webPush.keys.public | string | `nil` | | +| ntfy.webRoot | string | `"app"` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `false` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Create a PV on Node with given hostPath storageClass has to be manual | +| persistence.size | string | `"1Gi"` | | +| persistence.storageClass | string | `nil` | data Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | set securityContext on pod level | +| prometheus.rules.additionalRules | list | `[]` | | +| prometheus.rules.enabled | bool | `false` | | +| prometheus.rules.labels | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | set securityContext on container level | +| service.http.port | int | `80` | | +| service.http.type | string | `"ClusterIP"` | | +| service.smtp.enabled | bool | `false` | | +| service.smtp.port | int | `25` | | +| service.smtp.type | string | `"LoadBalancer"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| updateStrategy.type | string | `"Recreate"` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 4e6beb2b62f9b51fbe8995c0e45671f103d48ed6 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:21 +0100 Subject: [PATCH 172/256] fix(postgresql): add README in markdown --- postgresql/Chart.yaml | 2 +- postgresql/README.adoc | 2 +- postgresql/README.md | 90 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 92 insertions(+), 2 deletions(-) create mode 100644 postgresql/README.md diff --git a/postgresql/Chart.yaml b/postgresql/Chart.yaml index c1f0079..49b3dab 100644 --- a/postgresql/Chart.yaml +++ b/postgresql/Chart.yaml @@ -4,7 +4,7 @@ name: "postgresql" description: "A Helm chart for running PostgreSQL (Postgres) database" icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg type: "application" -version: "0.2.0" +version: "0.2.1" # renovate: image=docker.io/library/postgres appVersion: "17.0-alpine" maintainers: diff --git a/postgresql/README.adoc b/postgresql/README.adoc index 74cbb7a..0fa7a1e 100644 --- a/postgresql/README.adoc +++ b/postgresql/README.adoc @@ -2,7 +2,7 @@ = postgresql -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-17.0-alpine-informational?style=flat-square[AppVersion: 17.0-alpine] == Maintainers diff --git a/postgresql/README.md b/postgresql/README.md new file mode 100644 index 0000000..509d5ee --- /dev/null +++ b/postgresql/README.md @@ -0,0 +1,90 @@ +--- +title: "postgresql" + +description: "A Helm chart for running PostgreSQL (Postgres) database" + +--- + +# postgresql + +![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 17.0-alpine](https://img.shields.io/badge/AppVersion-17.0--alpine-informational?style=flat-square) + +A Helm chart for running PostgreSQL (Postgres) database + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/postgresql +``` + +You can install a chart release using the following command: + +```bash +helm install postgresql-release oci://codeberg.org/wrenix/helm-charts/postgresql --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall postgresql-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoupgrade.enabled | bool | `true` | | +| autoupgrade.image.pullPolicy | string | `"IfNotPresent"` | | +| autoupgrade.image.registry | string | `"docker.io"` | | +| autoupgrade.image.repository | string | `"pgautoupgrade/pgautoupgrade"` | | +| autoupgrade.image.tag | string | `"17-alpine"` | | +| autoupgrade.securityContext | object | `{}` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"docker.io"` | | +| image.repository | string | `"library/postgres"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| job.annotations | object | `{"helm.sh/hook":"post-install,post-upgrade","helm.sh/hook-delete-policy":"before-hook-creation,hook-succeeded"}` | Annotations (usefull to delete job by helm afterwards) | +| job.databases | object | `{}` | Bootstrap databases into postgresql server. When databases already exists, they will stay untouched. databases: "name_of_database": owner: "existing_user_which_will_get_grant" additionalParams: "" # Optional | +| job.enabled | bool | `true` | Enable database bootstrapping. | +| job.retries | int | `60` | Amount of retries while waiting for postgresql server is available. | +| job.users | object | `{}` | Bootstrap users into postgresql server. When users already exists, they will stay untouched. users: username: RandomPassword0#" | +| job.wait | int | `5` | Time to wait in each wait in each iteration until postgresql server is available. | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"1Gi"` | | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| postgres.password | string | `"SUPERSTRONGPW"` | Database password. | +| postgres.user | string | `"postgres"` | Database user. | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `5432` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `false` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 5bc85aca1edad7156666f4cba7337b577105d092 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:15:24 +0100 Subject: [PATCH 173/256] fix(speedtest-exporter): add README in markdown --- speedtest-exporter/Chart.yaml | 2 +- speedtest-exporter/README.adoc | 2 +- speedtest-exporter/README.md | 98 ++++++++++++++++++++++++++++++++++ 3 files changed, 100 insertions(+), 2 deletions(-) create mode 100644 speedtest-exporter/README.md diff --git a/speedtest-exporter/Chart.yaml b/speedtest-exporter/Chart.yaml index 869ba45..6f0c203 100644 --- a/speedtest-exporter/Chart.yaml +++ b/speedtest-exporter/Chart.yaml @@ -3,7 +3,7 @@ name: speedtest-exporter description: icon: https://b.cdnst.net/images/favicons/favicon-180.png type: application -version: 0.2.0 +version: "0.2.1" # renovate: image=ghcr.io/miguelndecarvalho/speedtest-exporter appVersion: "3.5.4" maintainers: diff --git a/speedtest-exporter/README.adoc b/speedtest-exporter/README.adoc index 18c62b9..3c767c6 100644 --- a/speedtest-exporter/README.adoc +++ b/speedtest-exporter/README.adoc @@ -2,7 +2,7 @@ = speedtest-exporter -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] +image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-3.5.4-informational?style=flat-square[AppVersion: 3.5.4] == Maintainers diff --git a/speedtest-exporter/README.md b/speedtest-exporter/README.md new file mode 100644 index 0000000..0c88a0f --- /dev/null +++ b/speedtest-exporter/README.md @@ -0,0 +1,98 @@ +--- +title: "speedtest-exporter" + +--- + +# speedtest-exporter + +![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.5.4](https://img.shields.io/badge/AppVersion-3.5.4-informational?style=flat-square) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/speedtest-exporter +``` + +You can install a chart release using the following command: + +```bash +helm install speedtest-exporter-release oci://codeberg.org/wrenix/helm-charts/speedtest-exporter --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall speedtest-exporter-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| config.cacheFor | int | `0` | cache result for seconds | +| config.server | string | `nil` | speedtest-serverid | +| config.timeout | int | `90` | timeout of speedtest | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"miguelndecarvalho/speedtest-exporter"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.path | string | `"/"` | | +| livenessProbe.httpGet.port | string | `"http"` | | +| nameOverride | string | `""` | | +| networkPolicy.egress.enabled | bool | `false` | activate egress no networkpolicy | +| networkPolicy.egress.extra | list | `[]` | egress rules | +| networkPolicy.enabled | bool | `false` | | +| networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller, prometheus) | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.interval | string | `"1h"` | interval | +| prometheus.servicemonitor.labels | object | `{}` | | +| prometheus.servicemonitor.scrapeTimeout | string | `"2m"` | scrape timeout | +| readinessProbe.httpGet.path | string | `"/"` | | +| readinessProbe.httpGet.port | string | `"http"` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 0d12449bd8725d9c4caa85b34224667285e28cb0 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:24:16 +0100 Subject: [PATCH 174/256] fix(alertmanager-matrix): add README in markdown --- alertmanager-matrix/Chart.yaml | 2 +- alertmanager-matrix/README.adoc | 2 +- alertmanager-matrix/README.md | 110 ++++++++++++++++++++++++++++++++ 3 files changed, 112 insertions(+), 2 deletions(-) create mode 100644 alertmanager-matrix/README.md diff --git a/alertmanager-matrix/Chart.yaml b/alertmanager-matrix/Chart.yaml index b130833..2195783 100644 --- a/alertmanager-matrix/Chart.yaml +++ b/alertmanager-matrix/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: alertmanager-matrix description: Service for managing and receiving Alertmanager alerts on Matrix type: application -version: 0.1.10 +version: "0.1.11" # renovate: image=docker.io/silkeh/alertmanager_matrix appVersion: "0.5.0" maintainers: diff --git a/alertmanager-matrix/README.adoc b/alertmanager-matrix/README.adoc index 1c44122..55dd37b 100644 --- a/alertmanager-matrix/README.adoc +++ b/alertmanager-matrix/README.adoc @@ -2,7 +2,7 @@ = alertmanager-matrix -image::https://img.shields.io/badge/Version-0.1.10-informational?style=flat-square[Version: 0.1.10] +image::https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square[Version: 0.1.11] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square[AppVersion: 0.5.0] == Maintainers diff --git a/alertmanager-matrix/README.md b/alertmanager-matrix/README.md new file mode 100644 index 0000000..ddb4ed3 --- /dev/null +++ b/alertmanager-matrix/README.md @@ -0,0 +1,110 @@ +--- +title: "alertmanager-matrix" + +description: "Service for managing and receiving Alertmanager alerts on Matrix" + +--- + +# alertmanager-matrix + +![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0](https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square) + +Service for managing and receiving Alertmanager alerts on Matrix + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/alertmanager-matrix +``` + +You can install a chart release using the following command: + +```bash +helm install alertmanager-matrix-release oci://codeberg.org/wrenix/helm-charts/alertmanager-matrix --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall alertmanager-matrix-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| bot.alertmanager | string | `"http://localhost:9093"` | | +| bot.colors.alert | string | `"black"` | | +| bot.colors.critical | string | `"red"` | | +| bot.colors.error | string | `"red"` | | +| bot.colors.info | string | `"blue"` | | +| bot.colors.information | string | `"blue"` | | +| bot.colors.resolved | string | `"green"` | | +| bot.colors.silenced | string | `"gray"` | | +| bot.colors.warning | string | `"orange"` | | +| bot.icons.alert | string | `"🔔️"` | | +| bot.icons.critical | string | `"🚨"` | | +| bot.icons.error | string | `"🚨"` | | +| bot.icons.info | string | `"ℹ️"` | | +| bot.icons.information | string | `"ℹ️"` | | +| bot.icons.resolved | string | `"✅"` | | +| bot.icons.silenced | string | `"🔕"` | | +| bot.icons.warning | string | `"⚠️"` | | +| bot.matrix.homeserver | string | `"http://localhost:8008"` | | +| bot.matrix.rooms[0] | string | `"!not_existing:matrix.org"` | | +| bot.matrix.rooms[1] | string | `"!also_not_existing:matrix.org"` | | +| bot.matrix.token | string | `"SECRET_TOKEN"` | | +| bot.matrix.userID | string | `"bot"` | | +| bot.messageType | string | `"m.notice"` | | +| bot.showLabels | bool | `false` | | +| bot.template.html | string | `"{{ range .Alerts }}\n \n {{.StatusString|icon}}\n {{.StatusString|upper}}\n {{.AlertName}}:\n \n {{.Summary}}\n {{if ne .Fingerprint \"\"}}\n ({{.Fingerprint}})\n {{end}}\n {{if $.ShowLabels}}\n
\n Labels:\n {{.LabelString}}\n {{end}}\n
\n{{- end -}}\n"` | | +| bot.template.text | string | `"{{ range .Alerts }}\n {{- .StatusString|icon}} {{ .StatusString|upper }}{{ .AlertName }}: {{ .Summary }} {{ if ne .Fingerprint \"\" -}}\n ({{.Fingerprint}})\n {{- end}}\n {{- if $.ShowLabels -}}\n , labels:\n {{- .LabelString}}\n {{- end }}\n{{ end -}}\n"` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"registry.gitlab.com"` | | +| image.repository | string | `"wrenix/alertmanager_matrix"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| logging.additionalFilters | list | `[]` | Add other filters to Flow | +| logging.dedot | string | `nil` | if an filter (here or global) for dedot is active - for disable set `null` | +| logging.enabled | bool | `false` | Deploy Flow for logging-operator | +| logging.globalOutputRefs | list | `["default"]` | Flows globalOutputRefs for use of ClusterOutputs | +| logging.localOutputRefs | list | `[]` | Flows localOutputRefs for use of Outputs | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `4051` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From d8004bcb81da6985f89154126445c5223853818d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:24:32 +0100 Subject: [PATCH 175/256] fix(conduit): add README in markdown --- conduit/Chart.yaml | 2 +- conduit/README.adoc | 2 +- conduit/README.md | 122 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 124 insertions(+), 2 deletions(-) create mode 100644 conduit/README.md diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index 54a8c3a..b9c8857 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,7 +3,7 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: 1.0.0 +version: "1.0.1" # renovate: image=docker.io/matrixconduit/matrix-conduit appVersion: "0.9.0" maintainers: diff --git a/conduit/README.adoc b/conduit/README.adoc index 564a85e..dbc045d 100644 --- a/conduit/README.adoc +++ b/conduit/README.adoc @@ -2,7 +2,7 @@ = conduit -image::https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square[Version: 1.0.0] +image::https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square[Version: 1.0.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square[AppVersion: 0.9.0] == Maintainers diff --git a/conduit/README.md b/conduit/README.md new file mode 100644 index 0000000..16a14dd --- /dev/null +++ b/conduit/README.md @@ -0,0 +1,122 @@ +--- +title: "conduit" + +description: "Conduit is a simple, fast and reliable chat server powered by Matrix." + +--- + +# conduit + +![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.0](https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square) + +Conduit is a simple, fast and reliable chat server powered by Matrix. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/conduit +``` + +You can install a chart release using the following command: + +```bash +helm install conduit-release oci://codeberg.org/wrenix/helm-charts/conduit --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall conduit-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| conduit.allowEncryption | bool | `true` | | +| conduit.allowFederation | bool | `true` | | +| conduit.allowRegistration | bool | `false` | | +| conduit.allowRoomCreation | bool | `true` | | +| conduit.allowUnstableRoomVersions | bool | `true` | | +| conduit.log | string | `nil` | | +| conduit.maxConcurrentRequests | string | `nil` | | +| conduit.maxRequestSize | string | `"20000000"` | in bytes default 20 MB | +| conduit.registrationToken | string | `nil` | | +| conduit.server_name | string | `"your.server.name"` | | +| conduit.trustedServers[0] | string | `"matrix.org"` | | +| conduit.wellKnown.client | string | `""` | client well-known configuration in conduit | +| conduit.wellKnown.server | string | `"https://your.server.name"` | server well-known configuration in conduit | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"docker.io"` | | +| image.repository | string | `"matrixconduit/matrix-conduit"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"1Gi"` | | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `6167` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| wellknown.affinity | object | `{}` | | +| wellknown.client | object | `{"m.homeserver":{"base_url":"https://your.server.name/"},"org.matrix.msc3575.proxy":{"url":"https://your.server.name/"}}` | client entry in well-known | +| wellknown.containerPort | int | `80` | | +| wellknown.enabled | bool | `false` | | +| wellknown.env | list | `[]` | | +| wellknown.image.pullPolicy | string | `"IfNotPresent"` | | +| wellknown.image.registry | string | `"docker.io"` | | +| wellknown.image.repository | string | `"library/nginx"` | | +| wellknown.image.tag | string | `"1.27.2"` | | +| wellknown.nginxServerConf | string | `"server {\n listen {{ .containerPort }};\n server_name localhost;\n\n location /.well-known/matrix/server {\n return 200 {{ toJson .server | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n }\n\n location /.well-known/matrix/client {\n return 200 {{ toJson .client | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n add_header \"Access-Control-Allow-Origin\" *;\n }\n\n location / {\n # return 200 'Welcome to the your.server.name conduit server!';\n # types { } default_type \"text/plain; charset=utf-8\";\n return 404;\n }\n\n location /nginx_health {\n return 200 'OK';\n types { } default_type \"text/plain; charset=utf-8\";\n }\n}"` | nginx config | +| wellknown.nodeSelector | object | `{}` | | +| wellknown.podAnnotations | list | `[]` | | +| wellknown.podLabels | object | `{}` | | +| wellknown.podSecurityContext | object | `{}` | | +| wellknown.replicaCount | int | `1` | | +| wellknown.resources | object | `{}` | | +| wellknown.rewriteRoot | bool | `false` | if ingress is enabled: specifies whether ingress should redirect the `/`-Location to the wellknown server | +| wellknown.securityContext | object | `{}` | | +| wellknown.server | object | `{"m.server":"your.server.name:443"}` | server entry in well-known | +| wellknown.service.annotations | object | `{}` | | +| wellknown.service.port | int | `8080` | | +| wellknown.service.type | string | `"ClusterIP"` | | +| wellknown.tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) -- 2.45.3 From 92acda05be2e9cae7dd2c6afdee005a1a5f4a893 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:24:34 +0100 Subject: [PATCH 176/256] fix(forgejo-runner): add README in markdown --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 2 +- forgejo-runner/README.md | 152 +++++++++++++++++++++++++++++++++++++ 3 files changed, 154 insertions(+), 2 deletions(-) create mode 100644 forgejo-runner/README.md diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 39d9e6f..0e2aa64 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: 0.3.2 +version: "0.3.3" # renovate: image=code.forgejo.org/forgejo/runner appVersion: "4.0.1" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 6800450..56e496f 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square[Version: 0.3.2] +image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-4.0.1-informational?style=flat-square[AppVersion: 4.0.1] == Maintainers diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md new file mode 100644 index 0000000..8f2101d --- /dev/null +++ b/forgejo-runner/README.md @@ -0,0 +1,152 @@ +--- +title: "forgejo-runner" + +description: "Deploy runner for an forgejo instance (default codeberg.org)" + +--- + +# forgejo-runner + +![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.0.1](https://img.shields.io/badge/AppVersion-4.0.1-informational?style=flat-square) + +Deploy runner for an forgejo instance (default codeberg.org) + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +== Accessing docker socket inside job containers + +To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`): + +[source,yaml] +---- +runner: + config: + create: true + existingSecret: "" + file: + log: + level: "info" + runner: + file: ".runner" + capacity: 1 + envs: + A_TEST_ENV_NAME_1: null + A_TEST_ENV_NAME_2: null + DOCKER_HOST: tcp://127.0.0.1:2376 + DOCKER_TLS_VERIFY: 1 + DOCKER_CERT_PATH: /certs/client + container: + network: host + enable_ipv6: false + privileged: false + options: -v /certs/client:/certs/client + valid_volumes: + - /certs/client + +---- + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/forgejo-runner +``` + +You can install a chart release using the following command: + +```bash +helm install forgejo-runner-release oci://codeberg.org/wrenix/helm-charts/forgejo-runner --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall forgejo-runner-release +``` + +## Values + +### Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| runner.config.file.cache.dir | string | `""` | The directory to store the cache data. If it's empty, the cache data will be stored in $HOME/.cache/actcache. | +| runner.config.file.cache.enabled | bool | `true` | Enable cache server to use actions/cache. | +| runner.config.file.cache.external_server | string | `""` | The external cache server URL. Valid only when enable is true. If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself. The URL should generally end with "/". | +| runner.config.file.cache.host | string | `""` | The host of the cache server. It's not for the address to listen, but the address to connect from job containers. So 0.0.0.0 is a bad choice, leave it empty to detect automatically. | +| runner.config.file.cache.port | int | `0` | The port of the cache server. 0 means to use a random available port. | +| runner.config.file.container.docker_host | string | `""` | overrides the docker client host with the specified one. If it's empty, act_runner will find an available docker host automatically. If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work. | +| runner.config.file.container.enable_ipv6 | bool | `false` | Whether to create networks with IPv6 enabled. Requires the Docker daemon to be set up accordingly. Only takes effect if "network" is set to "". | +| runner.config.file.container.force_pull | bool | `false` | Pull docker image(s) even if already present | +| runner.config.file.container.network | string | `""` | Specifies the network to which the container will connect. Could be host, bridge or the name of a custom network. If it's empty, create a network automatically. | +| runner.config.file.container.options | string | `nil` | And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`). | +| runner.config.file.container.privileged | bool | `false` | And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`). | +| runner.config.file.container.valid_volumes | list | `[]` | Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: valid_volumes: - data - /src/*.json If you want to allow any volume, please use the following configuration: valid_volumes: - '**' | +| runner.config.file.container.workdir_parent | string | `nil` | The parent directory of a job's working directory. If it's empty, /workspace will be used. | +| runner.config.file.host.workdir_parent | string | `nil` | The parent directory of a job's working directory. If it's empty, $HOME/.cache/act/ will be used. | +| runner.config.file.log.level | string | `"info"` | The level of logging, can be trace, debug, info, warn, error, fatal | +| runner.config.file.runner.capacity | int | `1` | Execute how many tasks concurrently at the same time. | +| runner.config.file.runner.env_file | string | `".env"` | Extra environment variables to run jobs from a file. It will be ignored if it's empty or the file doesn't exist. | +| runner.config.file.runner.envs | object | `{"A_TEST_ENV_NAME_1":"a_test_env_value_1","A_TEST_ENV_NAME_2":"a_test_env_value_2"}` | Extra environment variables to run jobs. | +| runner.config.file.runner.fetch_interval | string | `"2s"` | The interval for fetching the job from the Forgejo instance. | +| runner.config.file.runner.fetch_timeout | string | `"5s"` | The timeout for fetching the job from the Forgejo instance. | +| runner.config.file.runner.file | string | `".runner"` | Runner config which contains id and token of this runner (autogenerate with create) | +| runner.config.file.runner.insecure | bool | `false` | Whether skip verifying the TLS certificate of the Forgejo instance. | +| runner.config.file.runner.labels | list | `[]` | The labels of a runner are used to determine which jobs the runner can run, and how to run them. Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"] If it's empty when registering, it will ask for inputting labels. If it's empty when execute `deamon`, will use labels in `.runner` file. | +| runner.config.file.runner.timeout | string | `"3h"` | The timeout for a job to be finished. Please note that the Forgejo instance also has a timeout (3h by default) for the job. So the job could be stopped by the Forgejo instance if it's timeout is shorter than this. | + +### Other Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.behavior | object | `{}` | behavior of HPA Example: scaleDown: stabilizationWindowSeconds: 300 policies: - type: Pods value: 1 periodSeconds: 60 scaleUp: stabilizationWindowSeconds: 0 policies: - type: Pods value: 1 periodSeconds: 60 | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| dind.image.pullPolicy | string | `"IfNotPresent"` | | +| dind.image.registry | string | `"docker.io"` | | +| dind.image.repository | string | `"library/docker"` | | +| dind.image.tag | string | `"27.3.1-dind"` | | +| extraEnvVars | list | `[]` | Additional environment variables to be set on runner container Example: extraEnvVars: - name: FOO value: "bar" | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"code.forgejo.org"` | | +| image.repository | string | `"forgejo/runner"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| kubectl.image.pullPolicy | string | `"IfNotPresent"` | | +| kubectl.image.registry | string | `"docker.io"` | | +| kubectl.image.repository | string | `"bitnami/kubectl"` | | +| kubectl.image.tag | string | `"1.31.2"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| runner.config.create | bool | `true` | | +| runner.config.existingSecret | string | `""` | use existingSecret instatt | +| runner.config.instance | string | `"https://codeberg.org"` | | +| runner.config.name | string | `nil` | | +| runner.config.token | string | `nil` | | +| securityContext.privileged | bool | `true` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + -- 2.45.3 From 101feb46a631eee1a88968993e184898dd372219 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 13 Nov 2024 19:29:09 +0100 Subject: [PATCH 177/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.adoc | 4 ++-- matrix-synapse/README.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index b8fdaa6..e5f3c65 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.1" +version: "1.0.2" # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.118.0 +appVersion: 1.119.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc index 5e88f45..f9b57bb 100644 --- a/matrix-synapse/README.adoc +++ b/matrix-synapse/README.adoc @@ -2,9 +2,9 @@ = matrix-synapse -image::https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square[Version: 1.0.1] +image::https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square[Version: 1.0.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.118.0-informational?style=flat-square[AppVersion: 1.118.0] +image::https://img.shields.io/badge/AppVersion-1.119.0-informational?style=flat-square[AppVersion: 1.119.0] == Maintainers .Maintainers diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index aa19029..01cf440 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.118.0](https://img.shields.io/badge/AppVersion-1.118.0-informational?style=flat-square) +![Version: 1.0.2](https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.119.0](https://img.shields.io/badge/AppVersion-1.119.0-informational?style=flat-square) Matrix reference homeserver -- 2.45.3 From 3c3c09dd2cea726ce78dbb9cf2e0a3a60f832378 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 12 Nov 2024 12:41:26 +0100 Subject: [PATCH 178/256] feat(mautrix)!: move mautrix-signal to a generic helm-chart for mautrix --- .../.helmignore | 0 mautrix-bridge/Chart.yaml | 8 + .../README.adoc | 28 +-- mautrix-bridge/README.md | 225 ++++++++++++++++++ mautrix-bridge/_docs.gotmpl | 5 + .../templates/NOTES.txt | 8 +- .../templates/_helpers.tpl | 20 +- .../templates/deployment.yaml | 16 +- .../templates/hpa.yaml | 6 +- .../templates/ingress.yaml | 4 +- .../templates/pvc.yaml | 4 +- .../templates/secrets.yaml | 4 +- .../templates/service.yaml | 6 +- .../templates/serviceaccount.yaml | 4 +- .../templates/tests/test-connection.yaml | 6 +- mautrix-bridge/values-signal.yaml | 52 ++++ mautrix-bridge/values-slack.yaml | 39 +++ .../values.yaml | 5 +- mautrix-signal/Chart.yaml | 10 - mautrix-signal/_docs.gotmpl | 14 -- 20 files changed, 379 insertions(+), 85 deletions(-) rename {mautrix-signal => mautrix-bridge}/.helmignore (100%) create mode 100644 mautrix-bridge/Chart.yaml rename {mautrix-signal => mautrix-bridge}/README.adoc (97%) create mode 100644 mautrix-bridge/README.md create mode 100644 mautrix-bridge/_docs.gotmpl rename {mautrix-signal => mautrix-bridge}/templates/NOTES.txt (86%) rename {mautrix-signal => mautrix-bridge}/templates/_helpers.tpl (74%) rename {mautrix-signal => mautrix-bridge}/templates/deployment.yaml (86%) rename {mautrix-signal => mautrix-bridge}/templates/hpa.yaml (84%) rename {mautrix-signal => mautrix-bridge}/templates/ingress.yaml (94%) rename {mautrix-signal => mautrix-bridge}/templates/pvc.yaml (84%) rename {mautrix-signal => mautrix-bridge}/templates/secrets.yaml (92%) rename {mautrix-signal => mautrix-bridge}/templates/service.yaml (65%) rename {mautrix-signal => mautrix-bridge}/templates/serviceaccount.yaml (70%) rename {mautrix-signal => mautrix-bridge}/templates/tests/test-connection.yaml (53%) create mode 100644 mautrix-bridge/values-signal.yaml create mode 100644 mautrix-bridge/values-slack.yaml rename {mautrix-signal => mautrix-bridge}/values.yaml (99%) delete mode 100644 mautrix-signal/Chart.yaml delete mode 100644 mautrix-signal/_docs.gotmpl diff --git a/mautrix-signal/.helmignore b/mautrix-bridge/.helmignore similarity index 100% rename from mautrix-signal/.helmignore rename to mautrix-bridge/.helmignore diff --git a/mautrix-bridge/Chart.yaml b/mautrix-bridge/Chart.yaml new file mode 100644 index 0000000..4a99de6 --- /dev/null +++ b/mautrix-bridge/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v2 +name: mautrix-bridge +description: A Matrix puppeting bridge mautrix. +type: application +version: 0.0.13 +maintainers: + - name: WrenIX + url: https://wrenix.eu diff --git a/mautrix-signal/README.adoc b/mautrix-bridge/README.adoc similarity index 97% rename from mautrix-signal/README.adoc rename to mautrix-bridge/README.adoc index 34729a8..0261fc1 100644 --- a/mautrix-signal/README.adoc +++ b/mautrix-bridge/README.adoc @@ -1,10 +1,9 @@ -= mautrix-signal += mautrix-bridge image::https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square[Version: 0.0.13] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-square[AppVersion: 0.7.2] == Maintainers .Maintainers @@ -16,18 +15,9 @@ image::https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-sq | |=== -= Alpha - -WARNING -==== -We stop working on this Helm-Chart. -There are still many breaking change like: - -* https://github.com/stalwartlabs/mail-server/issues/211[storage.fts in toml configuration has two meanings] - -We hope that stalward mail-server becomes more stable. - -==== +For use of the bridge: +* **signal**, use the `./values-signal.yaml` +* **slack**, use the `./values-slack.yaml` == Usage @@ -37,21 +27,21 @@ Once Helm has been set up correctly, fetch the charts as follows: [source,bash] ---- -helm pull oci://codeberg.org/wrenix/helm-charts/mautrix-signal +helm pull oci://codeberg.org/wrenix/helm-charts/mautrix-bridge ---- You can install a chart release using the following command: [source,bash] ---- -helm install mautrix-signal-release oci://codeberg.org/wrenix/helm-charts/mautrix-signal --values values.yaml +helm install mautrix-bridge-release oci://codeberg.org/wrenix/helm-charts/mautrix-bridge --values values.yaml ---- To uninstall a chart release use `helm`'s delete command: [source,bash] ---- -helm uninstall mautrix-signal-release +helm uninstall mautrix-bridge-release ---- == Values @@ -252,7 +242,7 @@ helm uninstall mautrix-signal-release | config.bridge.command_prefix | string -| `"!signal"` +| `"!bridge"` | The prefix for commands. Only required in non-management rooms. | config.bridge.mute_only_on_create @@ -707,7 +697,7 @@ helm uninstall mautrix-signal-release | image.repository | string -| `"mautrix/signal"` +| `""` | | image.tag diff --git a/mautrix-bridge/README.md b/mautrix-bridge/README.md new file mode 100644 index 0000000..449ac9d --- /dev/null +++ b/mautrix-bridge/README.md @@ -0,0 +1,225 @@ +--- +title: "mautrix-bridge" + +description: "A Matrix puppeting bridge mautrix." + +--- + +# mautrix-bridge + +![Version: 0.0.13](https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) + +A Matrix puppeting bridge mautrix. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +For use of the bridge: +* **signal**, use the `./values-signal.yaml` +* **slack**, use the `./values-slack.yaml` + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/mautrix-bridge +``` + +You can install a chart release using the following command: + +```bash +helm install mautrix-bridge-release oci://codeberg.org/wrenix/helm-charts/mautrix-bridge --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall mautrix-bridge-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| config.appservice.address | string | `"http://localhost:29328"` | The address that the homeserver can use to connect to this appservice. | +| config.appservice.as_token | string | `""` | | +| config.appservice.async_transactions | bool | `false` | Should incoming events be handled asynchronously? This may be necessary for large public instances with lots of messages going through. However, messages will not be guaranteed to be bridged in the same order they were sent in. | +| config.appservice.bot.avatar | string | `"mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp"` | | +| config.appservice.bot.displayname | string | `"Signal bridge bot"` | Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty to leave display name/avatar as-is. | +| config.appservice.bot.username | string | `"signalbot"` | Username of the appservice bot. | +| config.appservice.ephemeral_events | bool | `true` | Whether or not to receive ephemeral events via appservice transactions. Requires MSC2409 support (i.e. Synapse 1.22+). | +| config.appservice.hostname | string | `"0.0.0.0"` | The hostname and port where this appservice should listen. | +| config.appservice.hs_token | string | `""` | | +| config.appservice.id | string | `"signal"` | The unique ID of this appservice. | +| config.appservice.port | int | `29328` | | +| config.appservice.public_address | string | `nil` | | +| config.appservice.username_template | string | `"signal_{{.}}"` | Localpart template of MXIDs for Signal users. {{.}} is replaced with the internal ID of the Signal user. | +| config.backfill.enabled | bool | `false` | Whether to do backfilling at all. | +| config.backfill.max_catchup_messages | int | `500` | Maximum number of missed messages to backfill after bridge restarts. | +| config.backfill.max_initial_messages | int | `50` | Maximum number of messages to backfill in empty rooms. | +| config.backfill.queue.batch_delay | int | `20` | Delay between batches in seconds. | +| config.backfill.queue.batch_size | int | `100` | Number of messages to backfill in one batch. | +| config.backfill.queue.enabled | bool | `false` | Should the backfill queue be enabled? | +| config.backfill.queue.max_batches | int | `-1` | Maximum number of batches to backfill per portal. If set to -1, all available messages will be backfilled. | +| config.backfill.queue.max_batches_override | object | `{}` | Optional network-specific overrides for max batches. Interpretation of this field depends on the network connector. | +| config.backfill.threads.max_initial_messages | int | `50` | Maximum number of messages to backfill in a new thread. | +| config.backfill.unread_hours_threshold | int | `720` | If a backfilled chat is older than this number of hours, mark it as read even if it's unread on the remote network. | +| config.bridge.bridge_matrix_leave | bool | `false` | Should leaving Matrix rooms be bridged as leaving groups on the remote network? | +| config.bridge.cleanup_on_logout.bad_credentials.private | string | `"nothing"` | | +| config.bridge.cleanup_on_logout.bad_credentials.relayed | string | `"nothing"` | | +| config.bridge.cleanup_on_logout.bad_credentials.shared_has_users | string | `"nothing"` | | +| config.bridge.cleanup_on_logout.bad_credentials.shared_no_users | string | `"nothing"` | | +| config.bridge.cleanup_on_logout.enabled | bool | `false` | Should cleanup on logout be enabled at all? | +| config.bridge.cleanup_on_logout.manual.private | string | `"nothing"` | Action for private portals which will never be shared with other Matrix users. | +| config.bridge.cleanup_on_logout.manual.relayed | string | `"nothing"` | Action for portals with a relay user configured. | +| config.bridge.cleanup_on_logout.manual.shared_has_users | string | `"nothing"` | Action for portals which have other logged-in Matrix users. | +| config.bridge.cleanup_on_logout.manual.shared_no_users | string | `"nothing"` | Action for portals which may be shared, but don't currently have any other Matrix users. | +| config.bridge.command_prefix | string | `"!bridge"` | The prefix for commands. Only required in non-management rooms. | +| config.bridge.mute_only_on_create | bool | `true` | Should room mute status only be synced when creating the portal? Like tags, mutes can't currently be synced back to the remote network. | +| config.bridge.permissions | object | `{"*":"relay","@admin:example.com":"admin","example.com":"user"}` | Permissions for using the bridge. Permitted values: relay - Talk through the relaybot (if enabled), no access otherwise commands - Access to use commands in the bridge, but not login. user - Access to use the bridge with puppeting. admin - Full access, user level with some additional administration tools. Permitted keys: * - All Matrix users domain - All users on that homeserver mxid - Specific user | +| config.bridge.personal_filtering_spaces | bool | `true` | Should the bridge create a space for each login containing the rooms that account is in? | +| config.bridge.private_chat_portal_meta | bool | `false` | Whether the bridge should set names and avatars explicitly for DM portals. This is only necessary when using clients that don't support MSC4171. | +| config.bridge.relay.admin_only | bool | `true` | Should only admins be allowed to set themselves as relay users? | +| config.bridge.relay.default_relays | list | `[]` | List of user login IDs which anyone can set as a relay, as long as the relay user is in the room. | +| config.bridge.relay.displayname_format | string | `"{{ .DisambiguatedName }}"` | For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names. This has all the Sender variables available under message_formats (but without the .Sender prefix). Note that you need to manually remove the displayname from message_formats above. | +| config.bridge.relay.enabled | bool | `false` | Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any authenticated user into a relaybot for that chat. | +| config.bridge.relay.message_formats | object | `{"m.audio":"{{ .Sender.DisambiguatedName }} sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.emote":"* {{ .Sender.DisambiguatedName }} {{ .Message }}","m.file":"{{ .Sender.DisambiguatedName }} sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.image":"{{ .Sender.DisambiguatedName }} sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}","m.location":"{{ .Sender.DisambiguatedName }} sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}","m.notice":"{{ .Sender.DisambiguatedName }}: {{ .Message }}","m.text":"{{ .Sender.DisambiguatedName }}: {{ .Message }}","m.video":"{{ .Sender.DisambiguatedName }} sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}"}` | The formats to use when sending messages via the relaybot. Available variables: .Sender.UserID - The Matrix user ID of the sender. .Sender.Displayname - The display name of the sender (if set). .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room. .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set, plus the user ID in parentheses if the displayname is not unique. If the displayname is not set, this is just the user ID. .Message - The `formatted_body` field of the message. .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string. .FileName - The name of the file being sent. | +| config.bridge.tag_only_on_create | bool | `true` | Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority. Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone. | +| config.database.max_conn_idle_time | string | `nil` | Maximum connection idle time and lifetime before they're closed. Disabled if null. Parsed with https://pkg.go.dev/time#ParseDuration | +| config.database.max_conn_lifetime | string | `nil` | | +| config.database.max_idle_conns | int | `2` | | +| config.database.max_open_conns | int | `20` | Maximum number of connections. Mostly relevant for Postgres. | +| config.database.type | string | `"postgres"` | The database type. "sqlite3-fk-wal" and "postgres" are supported. | +| config.database.uri | string | `"postgres://user:password@host/database?sslmode=disable"` | The database URI. SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. https://github.com/mattn/go-sqlite3#connection-string Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql | +| config.direct_media.allow_proxy | bool | `true` | If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916 media download redirects if the requester supports it. Optionally, you can force redirects and not allow proxying at all by setting this to false. This option does nothing if the remote network does not support media downloads over HTTP. | +| config.direct_media.enabled | bool | `false` | Should custom mxc:// URIs be used instead of reuploading media? | +| config.direct_media.media_id_prefix | string | `nil` | Optionally specify a custom prefix for the media ID part of the MXC URI. | +| config.direct_media.server_key | string | `""` | Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file. This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them. | +| config.direct_media.server_name | string | `"discord-media.example.com"` | The server name to use for the custom mxc:// URIs. This server name will effectively be a real Matrix server, it just won't implement anything other than media. You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge. | +| config.direct_media.well_known_response | string | `nil` | Optionally a custom .well-known response. This defaults to `server_name:443` | +| config.double_puppet.allow_discovery | bool | `false` | Whether to allow client API URL discovery for other servers. When using this option, users on other servers can use double puppeting even if their server URLs aren't explicitly added to the servers map above. | +| config.double_puppet.secrets | object | `{"example.com":"as_token:foobar"}` | Shared secrets for automatic double puppeting. See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions. | +| config.double_puppet.servers | object | `{"example.com":"https://example.com"}` | Servers to always allow double puppeting from. This is only for other servers and should NOT contain the server the bridge is on. | +| config.encryption.allow | bool | `false` | Allow encryption, work in group chat rooms with e2ee enabled | +| config.encryption.allow_key_sharing | bool | `false` | Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. You must use a client that supports requesting keys from other users to use this feature. | +| config.encryption.appservice | bool | `false` | Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. | +| config.encryption.default | bool | `false` | Default to encryption, force-enable encryption in all portals the bridge creates This will cause the bridge bot to be in private chats for the encryption to work properly. | +| config.encryption.delete_keys | object | `{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false}` | Options for deleting megolm sessions from the bridge. | +| config.encryption.delete_keys.delete_fully_used_on_decrypt | bool | `false` | Delete fully used keys (index >= max_messages) after decrypting messages. | +| config.encryption.delete_keys.delete_on_device_delete | bool | `false` | Delete megolm sessions received from a device when the device is deleted. | +| config.encryption.delete_keys.delete_outbound_on_ack | bool | `false` | Beeper-specific: delete outbound sessions when hungryserv confirms that the user has uploaded the key to key backup. | +| config.encryption.delete_keys.delete_outdated_inbound | bool | `false` | Delete inbound megolm sessions that don't have the received_at field used for automatic ratcheting and expired session deletion. This is meant as a migration to delete old keys prior to the bridge update. | +| config.encryption.delete_keys.delete_prev_on_new_session | bool | `false` | Delete previous megolm sessions from same device when receiving a new one. | +| config.encryption.delete_keys.dont_store_outbound | bool | `false` | Don't store outbound sessions in the inbound table. | +| config.encryption.delete_keys.periodically_delete_expired | bool | `false` | Periodically delete megolm sessions when 2x max_age has passed since receiving the session. | +| config.encryption.delete_keys.ratchet_on_decrypt | bool | `false` | Ratchet megolm sessions forward after decrypting messages. | +| config.encryption.pickle_key | string | `nil` | | +| config.encryption.plaintext_mentions | string | `nil` | | +| config.encryption.require | bool | `false` | Require encryption, drop any unencrypted messages. | +| config.encryption.rotation.disable_device_change_key_rotation | bool | `false` | Disable rotating keys when a user's devices change? You should not enable this option unless you understand all the implications. | +| config.encryption.rotation.enable_custom | bool | `false` | Enable custom Megolm room key rotation settings. Note that these settings will only apply to rooms created after this option is set. | +| config.encryption.rotation.messages | int | `100` | The maximum number of messages that should be sent with a given a session before changing it. The Matrix spec recommends 100 as the default. | +| config.encryption.rotation.milliseconds | int | `604800000` | The maximum number of milliseconds a session should be used before changing it. The Matrix spec recommends 604800000 (a week) as the default. | +| config.encryption.verification_levels.receive | string | `"unverified"` | Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix. | +| config.encryption.verification_levels.send | string | `"unverified"` | Minimum level that the bridge should accept for incoming Matrix messages. | +| config.encryption.verification_levels.share | string | `"cross-signed-tofu"` | Minimum level that the bridge should require for accepting key requests. | +| config.homeserver.address | string | `"https://matrix.example.com"` | The address that this appservice can use to connect to the homeserver. | +| config.homeserver.async_media | bool | `false` | Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? | +| config.homeserver.domain | string | `"example.com"` | The domain of the homeserver (also known as server_name, used for MXIDs, etc). | +| config.homeserver.message_send_checkpoint_endpoint | string | `nil` | Endpoint for reporting per-message status. | +| config.homeserver.ping_interval_seconds | int | `0` | How often should the websocket be pinged? Pinging will be disabled if this is zero. | +| config.homeserver.public_address | string | `nil` | | +| config.homeserver.software | string | `"standard"` | What software is the homeserver running? Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. | +| config.homeserver.status_endpoint | string | `nil` | The URL to push real-time bridge status to. If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes. The bridge will use the appservice as_token to authorize requests. | +| config.homeserver.websocket | bool | `false` | Should the bridge use a websocket for connecting to the homeserver? The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, mautrix-asmux (deprecated), and hungryserv (proprietary). | +| config.homeserver.websocket_proxy | string | `""` | | +| config.logging.min_level | string | `"warn"` | | +| config.logging.writers[0].format | string | `"json"` | | +| config.logging.writers[0].type | string | `"stdout"` | | +| config.management_room_text.additional_help | string | `""` | Optional extra text sent when joining a management room. | +| config.management_room_text.welcome | string | `"Hello, I'm a Signal bridge bot."` | Sent when joining a room. | +| config.management_room_text.welcome_connected | string | `"Use `help` for help."` | Sent when joining a management room and the user is already logged in. | +| config.management_room_text.welcome_unconnected | string | `"Use `help` for help or `login` to log in."` | Sent when joining a management room and the user is not logged in. | +| config.matrix.delivery_receipts | bool | `false` | Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal? | +| config.matrix.federate_rooms | bool | `true` | Whether or not created rooms should have federation enabled. If false, created portal rooms will never be federated. | +| config.matrix.message_error_notices | bool | `true` | Whether the bridge should send error notices via m.notice events when a message fails to bridge. | +| config.matrix.message_status_events | bool | `false` | Whether the bridge should send the message status as a custom com.beeper.message_send_status event. | +| config.matrix.sync_direct_chat_list | bool | `false` | Should the bridge update the m.direct account data event when double puppeting is enabled. Note that updating the m.direct event is not atomic (except with mautrix-asmux) and is therefore prone to race conditions. | +| config.provisioning.debug_endpoints | bool | `false` | Enable debug API at /debug with provisioning authentication. | +| config.provisioning.prefix | string | `"/_matrix/provision"` | Prefix for the provisioning API paths. | +| config.provisioning.shared_secret | string | `"generate"` | Shared secret for authentication. If set to "generate", a random secret will be generated, or if set to "disable", the provisioning API will be disabled. | +| config.public_media.enabled | bool | `false` | Should public media be enabled at all? The public_address field under the appservice section MUST be set when enabling public media. | +| config.public_media.expiry | int | `0` | Number of seconds that public media URLs are valid for. If set to 0, URLs will never expire. | +| config.public_media.hash_length | int | `32` | Length of hash to use for public media URLs. Must be between 0 and 32. | +| config.public_media.signing_key | string | `"generate"` | A key for signing public media URLs. If set to "generate", a random key will be generated. | +| config.signal.device_name | string | `"mautrix-signal"` | Default device name that shows up in the Signal app. | +| config.signal.displayname_template | string | `"{{ printf \"%s (%s) %s\" (or .ProfileName .ContactName \"Unknown user\") (or .PhoneNumber \"Unknown number\" (or .AboutEmoji \"\")}}"` | Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. {{.ProfileName}} - The Signal profile name set by the user. {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. {{.PhoneNumber}} - The phone number of the user. {{.UUID}} - The UUID of the Signal user. {{.AboutEmoji}} - The emoji set by the user in their profile. | +| config.signal.location_format | string | `"https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s"` | | +| config.signal.note_to_self_avatar | string | `"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL"` | | +| config.signal.number_in_topic | bool | `true` | Should the Signal user's phone number be included in the room topic in private chat portal rooms? | +| config.signal.sync_contacts_on_startup | bool | `true` | Should the bridge request the user's contact list from the phone on startup? | +| config.signal.use_contact_avatars | bool | `false` | Should avatars from the user's contact list be used? This is not safe on multi-user instances. | +| config.signal.use_outdated_profiles | bool | `false` | Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances. | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"dock.mau.dev"` | | +| image.repository | string | `""` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.path | string | `"/_matrix/mau/live"` | | +| livenessProbe.httpGet.port | string | `"http"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | accessMode | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"10Gi"` | size | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| readinessProbe.httpGet.path | string | `"/_matrix/mau/ready"` | | +| readinessProbe.httpGet.port | string | `"http"` | | +| registration."de.sorunome.msc2409.push_ephemeral" | bool | `true` | | +| registration.namespaces.users[0].exclusive | bool | `true` | | +| registration.namespaces.users[0].regex | string | `"^@signalbot:example.org$"` | | +| registration.namespaces.users[1].exclusive | bool | `true` | | +| registration.namespaces.users[1].regex | string | `"^@signal_.*:example.org$"` | | +| registration.push_ephemeral | bool | `true` | | +| registration.rate_limited | bool | `false` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `false` | | +| serviceAccount.create | bool | `false` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + diff --git a/mautrix-bridge/_docs.gotmpl b/mautrix-bridge/_docs.gotmpl new file mode 100644 index 0000000..97820d7 --- /dev/null +++ b/mautrix-bridge/_docs.gotmpl @@ -0,0 +1,5 @@ +{{ define "chart.prerequirements" -}} +For use of the bridge: +* **signal**, use the `./values-signal.yaml` +* **slack**, use the `./values-slack.yaml` +{{ end }} diff --git a/mautrix-signal/templates/NOTES.txt b/mautrix-bridge/templates/NOTES.txt similarity index 86% rename from mautrix-signal/templates/NOTES.txt rename to mautrix-bridge/templates/NOTES.txt index d1e86ce..3041f61 100644 --- a/mautrix-signal/templates/NOTES.txt +++ b/mautrix-bridge/templates/NOTES.txt @@ -6,16 +6,16 @@ {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mautrix-signal.fullname" . }}) + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mautrix-bridge.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") echo http://$NODE_IP:$NODE_PORT {{- else if contains "LoadBalancer" .Values.service.type }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mautrix-signal.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mautrix-signal.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "mautrix-bridge.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mautrix-bridge.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mautrix-signal.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mautrix-bridge.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") echo "Visit http://127.0.0.1:8080 to use your application" kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT diff --git a/mautrix-signal/templates/_helpers.tpl b/mautrix-bridge/templates/_helpers.tpl similarity index 74% rename from mautrix-signal/templates/_helpers.tpl rename to mautrix-bridge/templates/_helpers.tpl index 4d2b93f..e4f9350 100644 --- a/mautrix-signal/templates/_helpers.tpl +++ b/mautrix-bridge/templates/_helpers.tpl @@ -1,7 +1,7 @@ {{/* Expand the name of the chart. */}} -{{- define "mautrix-signal.name" -}} +{{- define "mautrix-bridge.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -10,7 +10,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "mautrix-signal.fullname" -}} +{{- define "mautrix-bridge.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -26,16 +26,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "mautrix-signal.chart" -}} +{{- define "mautrix-bridge.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "mautrix-signal.labels" -}} -helm.sh/chart: {{ include "mautrix-signal.chart" . }} -{{ include "mautrix-signal.selectorLabels" . }} +{{- define "mautrix-bridge.labels" -}} +helm.sh/chart: {{ include "mautrix-bridge.chart" . }} +{{ include "mautrix-bridge.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -45,17 +45,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "mautrix-signal.selectorLabels" -}} -app.kubernetes.io/name: {{ include "mautrix-signal.name" . }} +{{- define "mautrix-bridge.selectorLabels" -}} +app.kubernetes.io/name: {{ include "mautrix-bridge.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "mautrix-signal.serviceAccountName" -}} +{{- define "mautrix-bridge.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} -{{- default (include "mautrix-signal.fullname" .) .Values.serviceAccount.name }} +{{- default (include "mautrix-bridge.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} diff --git a/mautrix-signal/templates/deployment.yaml b/mautrix-bridge/templates/deployment.yaml similarity index 86% rename from mautrix-signal/templates/deployment.yaml rename to mautrix-bridge/templates/deployment.yaml index dacb6e6..0d798c2 100644 --- a/mautrix-signal/templates/deployment.yaml +++ b/mautrix-bridge/templates/deployment.yaml @@ -1,16 +1,16 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "mautrix-signal.fullname" . }} + name: {{ include "mautrix-bridge.fullname" . }} labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} + {{- include "mautrix-bridge.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: - {{- include "mautrix-signal.selectorLabels" . | nindent 6 }} + {{- include "mautrix-bridge.selectorLabels" . | nindent 6 }} template: metadata: annotations: @@ -19,7 +19,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} labels: - {{- include "mautrix-signal.labels" . | nindent 8 }} + {{- include "mautrix-bridge.labels" . | nindent 8 }} {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} @@ -28,7 +28,7 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "mautrix-signal.serviceAccountName" . }} + serviceAccountName: {{ include "mautrix-bridge.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: @@ -36,7 +36,7 @@ spec: securityContext: {{- toYaml .Values.securityContext | nindent 12 }} {{- with .Values.image }} - image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag }}" imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} {{- end }} ports: @@ -64,7 +64,7 @@ spec: volumes: - name: config secret: - secretName: {{ include "mautrix-signal.fullname" . }} + secretName: {{ include "mautrix-bridge.fullname" . }} items: - key: config.yaml path: config.yaml @@ -78,7 +78,7 @@ spec: path: {{ .Values.persistence.hostPath | quote }} {{- else }}{{/* else .persistence.hostPath */}} persistentVolumeClaim: - claimName: {{ coalesce .Values.persistence.existingClaim (include "mautrix-signal.fullname" .) }} + claimName: {{ coalesce .Values.persistence.existingClaim (include "mautrix-bridge.fullname" .) }} {{- end }}{{/* end-else .persistence.hostPath */}} {{- else }}{{/* else .persistence.enabled */}} emptyDir: {} diff --git a/mautrix-signal/templates/hpa.yaml b/mautrix-bridge/templates/hpa.yaml similarity index 84% rename from mautrix-signal/templates/hpa.yaml rename to mautrix-bridge/templates/hpa.yaml index 79085d1..9eeec5b 100644 --- a/mautrix-signal/templates/hpa.yaml +++ b/mautrix-bridge/templates/hpa.yaml @@ -2,14 +2,14 @@ apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: - name: {{ include "mautrix-signal.fullname" . }} + name: {{ include "mautrix-bridge.fullname" . }} labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} + {{- include "mautrix-bridge.labels" . | nindent 4 }} spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment - name: {{ include "mautrix-signal.fullname" . }} + name: {{ include "mautrix-bridge.fullname" . }} minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: diff --git a/mautrix-signal/templates/ingress.yaml b/mautrix-bridge/templates/ingress.yaml similarity index 94% rename from mautrix-signal/templates/ingress.yaml rename to mautrix-bridge/templates/ingress.yaml index 3f43dfe..3ebc28e 100644 --- a/mautrix-signal/templates/ingress.yaml +++ b/mautrix-bridge/templates/ingress.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- $fullName := include "mautrix-signal.fullname" . -}} +{{- $fullName := include "mautrix-bridge.fullname" . -}} {{- $svcPort := .Values.service.port -}} {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} @@ -17,7 +17,7 @@ kind: Ingress metadata: name: {{ $fullName }} labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} + {{- include "mautrix-bridge.labels" . | nindent 4 }} {{- with .Values.ingress.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/mautrix-signal/templates/pvc.yaml b/mautrix-bridge/templates/pvc.yaml similarity index 84% rename from mautrix-signal/templates/pvc.yaml rename to mautrix-bridge/templates/pvc.yaml index ebf1997..52ddf3d 100644 --- a/mautrix-signal/templates/pvc.yaml +++ b/mautrix-bridge/templates/pvc.yaml @@ -8,9 +8,9 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: - name: {{ template "mautrix-signal.fullname" $ }} + name: {{ template "mautrix-bridge.fullname" $ }} labels: - {{- include "mautrix-signal.labels" $ | nindent 4 }} + {{- include "mautrix-bridge.labels" $ | nindent 4 }} {{- with .annotations }} annotations: {{ toYaml . | indent 4 }} diff --git a/mautrix-signal/templates/secrets.yaml b/mautrix-bridge/templates/secrets.yaml similarity index 92% rename from mautrix-signal/templates/secrets.yaml rename to mautrix-bridge/templates/secrets.yaml index e802f45..f024ead 100644 --- a/mautrix-signal/templates/secrets.yaml +++ b/mautrix-bridge/templates/secrets.yaml @@ -1,5 +1,5 @@ --- -{{ $secretName := include "mautrix-signal.fullname" . }} +{{ $secretName := include "mautrix-bridge.fullname" . }} {{- $asToken := get .Values.config.appservice "as_token" }} {{- $hsToken := get .Values.config.appservice "hs_token" }} {{- $senderLocalpart := false }} @@ -20,7 +20,7 @@ kind: Secret metadata: name: {{ $secretName }} labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} + {{- include "mautrix-bridge.labels" . | nindent 4 }} type: Opaque data: as_token: {{ $asToken | b64enc }} diff --git a/mautrix-signal/templates/service.yaml b/mautrix-bridge/templates/service.yaml similarity index 65% rename from mautrix-signal/templates/service.yaml rename to mautrix-bridge/templates/service.yaml index 1f9e3a7..541a761 100644 --- a/mautrix-signal/templates/service.yaml +++ b/mautrix-bridge/templates/service.yaml @@ -2,14 +2,14 @@ apiVersion: v1 kind: Service metadata: - name: {{ include "mautrix-signal.fullname" . }} + name: {{ include "mautrix-bridge.fullname" . }} labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} + {{- include "mautrix-bridge.labels" . | nindent 4 }} spec: type: {{ .Values.service.type }} publishNotReadyAddresses: true selector: - {{- include "mautrix-signal.selectorLabels" . | nindent 4 }} + {{- include "mautrix-bridge.selectorLabels" . | nindent 4 }} ports: - port: {{ .Values.config.appservice.port }} targetPort: http diff --git a/mautrix-signal/templates/serviceaccount.yaml b/mautrix-bridge/templates/serviceaccount.yaml similarity index 70% rename from mautrix-signal/templates/serviceaccount.yaml rename to mautrix-bridge/templates/serviceaccount.yaml index 147935d..9940f45 100644 --- a/mautrix-signal/templates/serviceaccount.yaml +++ b/mautrix-bridge/templates/serviceaccount.yaml @@ -2,9 +2,9 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "mautrix-signal.serviceAccountName" . }} + name: {{ include "mautrix-bridge.serviceAccountName" . }} labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} + {{- include "mautrix-bridge.labels" . | nindent 4 }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/mautrix-signal/templates/tests/test-connection.yaml b/mautrix-bridge/templates/tests/test-connection.yaml similarity index 53% rename from mautrix-signal/templates/tests/test-connection.yaml rename to mautrix-bridge/templates/tests/test-connection.yaml index c82b1bd..ae40be7 100644 --- a/mautrix-signal/templates/tests/test-connection.yaml +++ b/mautrix-bridge/templates/tests/test-connection.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: Pod metadata: - name: "{{ include "mautrix-signal.fullname" . }}-test-connection" + name: "{{ include "mautrix-bridge.fullname" . }}-test-connection" labels: - {{- include "mautrix-signal.labels" . | nindent 4 }} + {{- include "mautrix-bridge.labels" . | nindent 4 }} annotations: "helm.sh/hook": test spec: @@ -11,5 +11,5 @@ spec: - name: wget image: busybox command: ['wget'] - args: ['{{ include "mautrix-signal.fullname" . }}:{{ .Values.service.port }}'] + args: ['{{ include "mautrix-bridge.fullname" . }}:{{ .Values.service.port }}'] restartPolicy: Never diff --git a/mautrix-bridge/values-signal.yaml b/mautrix-bridge/values-signal.yaml new file mode 100644 index 0000000..4751c30 --- /dev/null +++ b/mautrix-bridge/values-signal.yaml @@ -0,0 +1,52 @@ +image: + repository: mautrix/signal + tag: "v0.7.2" + +config: + bridge: + command_prefix: '!signal' + database: + uri: postgres://user:password@host/maturix-signal?sslmode=disable + appservice: + id: signal + bot: + username: signalbot + displayname: Signal bridge bot + avatar: mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp + username_template: signal_{{.}} + + management_room_text: + welcome: "Hello, I'm a Signal bridge bot." + + signal: + # -- Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. + # {{.ProfileName}} - The Signal profile name set by the user. + # {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. + # {{.PhoneNumber}} - The phone number of the user. + # {{.UUID}} - The UUID of the Signal user. + # {{.AboutEmoji}} - The emoji set by the user in their profile. + displayname_template: '{{ printf "%s (%s) %s" (or .ProfileName .ContactName "Unknown user") (or .PhoneNumber "Unknown number" (or .AboutEmoji "")}}' + # -- Should avatars from the user's contact list be used? This is not safe on multi-user instances. + use_contact_avatars: false + # -- Should the bridge request the user's contact list from the phone on startup? + sync_contacts_on_startup: true + # -- Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances. + use_outdated_profiles: false + # -- Should the Signal user's phone number be included in the room topic in private chat portal rooms? + number_in_topic: true + # -- Default device name that shows up in the Signal app. + device_name: mautrix-signal + # Avatar image for the Note to Self room. + note_to_self_avatar: mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL + # Format for generating URLs from location messages for sending to Signal. + # Google Maps: 'https://www.google.com/maps/place/%[1]s,%[2]s' + # OpenStreetMap: 'https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s' + location_format: 'https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s' + +registration: + namespaces: + users: + - regex: ^@signalbot:example.org$ + exclusive: true + - regex: ^@signal_.*:example.org$ + exclusive: true diff --git a/mautrix-bridge/values-slack.yaml b/mautrix-bridge/values-slack.yaml new file mode 100644 index 0000000..2117acf --- /dev/null +++ b/mautrix-bridge/values-slack.yaml @@ -0,0 +1,39 @@ +image: + repository: mautrix/slack + tag: "v0.1.2" + +config: + bridge: + command_prefix: '!slack' + database: + uri: postgres://user:password@host/mautrix-slack?sslmode=disable + appservice: + id: slack + bot: + username: slackbot + displayname: "Slack bridge bot" + avatar: "mxc://maunium.net/pVtzLmChZejGxLqmXtQjFxem" + username_template: slack_{{.}} + + management_room_text: + welcome: "Hello, I'm a Slack bridge bot." + + slack: + displayname_template: '{{or .Profile.DisplayName .Profile.RealName .Name}}{{if .IsBot}} (bot){{end}}' + channel_name_template: '{{if and .IsChannel (not .IsPrivate)}}#{{end}}{{.Name}}{{if .IsNoteToSelf}} (you){{end}}' + team_name_template: "{{ .Name }}" + custom_emoji_reactions: true + workspace_avatar_in_rooms: false + participant_sync_count: 5 + participant_sync_only_on_create: true + mute_channels_by_default: false + backfill: + conversation_count: -1 + +registration: + namespaces: + users: + - regex: ^@slackbot:example.org$ + exclusive: true + - regex: ^@slack_.*:example.org$ + exclusive: true diff --git a/mautrix-signal/values.yaml b/mautrix-bridge/values.yaml similarity index 99% rename from mautrix-signal/values.yaml rename to mautrix-bridge/values.yaml index c54fb47..e7a25ea 100644 --- a/mautrix-signal/values.yaml +++ b/mautrix-bridge/values.yaml @@ -9,8 +9,7 @@ replicaCount: 1 image: registry: dock.mau.dev - repository: mautrix/signal - # Overrides the image tag whose default is the chart appVersion. + repository: "" tag: "" pullPolicy: IfNotPresent @@ -22,7 +21,7 @@ config: # Bridge config bridge: # -- The prefix for commands. Only required in non-management rooms. - command_prefix: '!signal' + command_prefix: '!bridge' # -- Should the bridge create a space for each login containing the rooms that account is in? personal_filtering_spaces: true # -- Whether the bridge should set names and avatars explicitly for DM portals. diff --git a/mautrix-signal/Chart.yaml b/mautrix-signal/Chart.yaml deleted file mode 100644 index c24f8bf..0000000 --- a/mautrix-signal/Chart.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v2 -name: mautrix-signal -description: A Matrix-Signal puppeting bridge. -type: application -version: 0.0.13 -# renovate: image=dock.mau.dev/mautrix/signal -appVersion: "0.7.2" -maintainers: - - name: WrenIX - url: https://wrenix.eu diff --git a/mautrix-signal/_docs.gotmpl b/mautrix-signal/_docs.gotmpl deleted file mode 100644 index 61d69af..0000000 --- a/mautrix-signal/_docs.gotmpl +++ /dev/null @@ -1,14 +0,0 @@ -{{ define "chart.prerequirements" -}} -= Alpha - -WARNING -==== -We stop working on this Helm-Chart. -There are still many breaking change like: - -* https://github.com/stalwartlabs/mail-server/issues/211[storage.fts in toml configuration has two meanings] - -We hope that stalward mail-server becomes more stable. - -==== -{{ end }} -- 2.45.3 From 3b4b6961dbfe0bcec76b34bf28e816ceb8af074e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 15 Nov 2024 17:58:00 +0100 Subject: [PATCH 179/256] fix(postgresql): update appVersion --- postgresql/Chart.yaml | 4 ++-- postgresql/README.adoc | 4 ++-- postgresql/README.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/postgresql/Chart.yaml b/postgresql/Chart.yaml index 49b3dab..d6ba6bc 100644 --- a/postgresql/Chart.yaml +++ b/postgresql/Chart.yaml @@ -4,9 +4,9 @@ name: "postgresql" description: "A Helm chart for running PostgreSQL (Postgres) database" icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg type: "application" -version: "0.2.1" +version: "0.2.2" # renovate: image=docker.io/library/postgres -appVersion: "17.0-alpine" +appVersion: "17.1-alpine" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/postgresql/README.adoc b/postgresql/README.adoc index 0fa7a1e..0303a36 100644 --- a/postgresql/README.adoc +++ b/postgresql/README.adoc @@ -2,9 +2,9 @@ = postgresql -image::https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square[Version: 0.2.1] +image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-17.0-alpine-informational?style=flat-square[AppVersion: 17.0-alpine] +image::https://img.shields.io/badge/AppVersion-17.1-alpine-informational?style=flat-square[AppVersion: 17.1-alpine] == Maintainers .Maintainers diff --git a/postgresql/README.md b/postgresql/README.md index 509d5ee..419489b 100644 --- a/postgresql/README.md +++ b/postgresql/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for running PostgreSQL (Postgres) database" # postgresql -![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 17.0-alpine](https://img.shields.io/badge/AppVersion-17.0--alpine-informational?style=flat-square) +![Version: 0.2.2](https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 17.1-alpine](https://img.shields.io/badge/AppVersion-17.1--alpine-informational?style=flat-square) A Helm chart for running PostgreSQL (Postgres) database -- 2.45.3 From bcef18fc3638acd95c66567b0ab0acb840bd9716 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 18 Nov 2024 14:56:22 +0100 Subject: [PATCH 180/256] fix(home-assistant): update appVersion --- grampsweb/Chart.yaml | 4 ++-- grampsweb/README.adoc | 4 ++-- grampsweb/README.md | 2 +- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.adoc | 4 ++-- home-assistant/README.md | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index eb69956..10f4b92 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: "0.2.3" +version: "0.2.4" # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.10.0" +appVersion: "24.11.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc index f2a8a2b..0613b81 100644 --- a/grampsweb/README.adoc +++ b/grampsweb/README.adoc @@ -2,9 +2,9 @@ = grampsweb -image::https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square[Version: 0.2.3] +image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-24.10.0-informational?style=flat-square[AppVersion: 24.10.0] +image::https://img.shields.io/badge/AppVersion-24.11.0-informational?style=flat-square[AppVersion: 24.11.0] == Maintainers .Maintainers diff --git a/grampsweb/README.md b/grampsweb/README.md index 3ae1274..9a5867a 100644 --- a/grampsweb/README.md +++ b/grampsweb/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for gramps web" # grampsweb -![Version: 0.2.3](https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 24.10.0](https://img.shields.io/badge/AppVersion-24.10.0-informational?style=flat-square) +![Version: 0.2.4](https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 24.11.0](https://img.shields.io/badge/AppVersion-24.11.0-informational?style=flat-square) A Helm chart for gramps web diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index d41d167..fa3c65c 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.5 +version: 0.2.6 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.11.1" +appVersion: "2024.11.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc index 67841a2..2b039c1 100644 --- a/home-assistant/README.adoc +++ b/home-assistant/README.adoc @@ -2,9 +2,9 @@ = home-assistant -image::https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square[Version: 0.2.5] +image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.11.1-informational?style=flat-square[AppVersion: 2024.11.1] +image::https://img.shields.io/badge/AppVersion-2024.11.2-informational?style=flat-square[AppVersion: 2024.11.2] == Maintainers .Maintainers diff --git a/home-assistant/README.md b/home-assistant/README.md index 642f7ee..10e7c9f 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.5](https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.1](https://img.shields.io/badge/AppVersion-2024.11.1-informational?style=flat-square) +![Version: 0.2.6](https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.2](https://img.shields.io/badge/AppVersion-2024.11.2-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From 4f25dbc235e35432e85e75636e09be5710670a8e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 18 Nov 2024 14:56:29 +0100 Subject: [PATCH 181/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- jellyfin/README.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index 24c0f44..0848d72 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: "0.3.5" +version: "0.3.6" # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.10.1" +appVersion: "10.10.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index 0756342..ba92f60 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square[Version: 0.3.5] +image::https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square[Version: 0.3.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.10.1-informational?style=flat-square[AppVersion: 10.10.1] +image::https://img.shields.io/badge/AppVersion-10.10.2-informational?style=flat-square[AppVersion: 10.10.2] == Maintainers .Maintainers diff --git a/jellyfin/README.md b/jellyfin/README.md index 36df80e..e6b3507 100644 --- a/jellyfin/README.md +++ b/jellyfin/README.md @@ -7,7 +7,7 @@ description: "The Free Software Media System" # jellyfin -![Version: 0.3.5](https://img.shields.io/badge/Version-0.3.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.1](https://img.shields.io/badge/AppVersion-10.10.1-informational?style=flat-square) +![Version: 0.3.6](https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.2](https://img.shields.io/badge/AppVersion-10.10.2-informational?style=flat-square) The Free Software Media System -- 2.45.3 From 2d624653a8df0396ba4aa0a69c35e8d0ac1c1ff0 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 18 Nov 2024 15:01:52 +0100 Subject: [PATCH 182/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.adoc | 13 +++++++++---- forgejo-runner/README.md | 5 +++-- forgejo-runner/values.yaml | 11 +++++++---- 4 files changed, 21 insertions(+), 12 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 0e2aa64..cb24bdc 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.3.3" +version: "0.4.0" # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "4.0.1" +appVersion: "5.0.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 56e496f..4024835 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,9 +2,9 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square[Version: 0.3.3] +image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-4.0.1-informational?style=flat-square[AppVersion: 4.0.1] +image::https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square[AppVersion: 5.0.0] == Maintainers .Maintainers @@ -106,8 +106,8 @@ helm uninstall forgejo-runner-release | runner.config.file.container.docker_host | string -| `""` -| overrides the docker client host with the specified one. If it's empty, act_runner will find an available docker host automatically. If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work. +| `"-"` +| overrides the docker client host with the specified one. If "-", an available docker host will automatically be found. If empty, an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock). Otherwise the specified docker host will be used and an error will be returned if it doesn't work. | runner.config.file.container.enable_ipv6 | bool @@ -149,6 +149,11 @@ helm uninstall forgejo-runner-release | `nil` | The parent directory of a job's working directory. If it's empty, $HOME/.cache/act/ will be used. +| runner.config.file.log.job_level +| string +| `"info"` +| The level of logging for jobs, can be trace, debug, info, earn, error, fatal + | runner.config.file.log.level | string | `"info"` diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index 8f2101d..e66d543 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.0.1](https://img.shields.io/badge/AppVersion-4.0.1-informational?style=flat-square) +![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) @@ -82,7 +82,7 @@ helm uninstall forgejo-runner-release | runner.config.file.cache.external_server | string | `""` | The external cache server URL. Valid only when enable is true. If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself. The URL should generally end with "/". | | runner.config.file.cache.host | string | `""` | The host of the cache server. It's not for the address to listen, but the address to connect from job containers. So 0.0.0.0 is a bad choice, leave it empty to detect automatically. | | runner.config.file.cache.port | int | `0` | The port of the cache server. 0 means to use a random available port. | -| runner.config.file.container.docker_host | string | `""` | overrides the docker client host with the specified one. If it's empty, act_runner will find an available docker host automatically. If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work. | +| runner.config.file.container.docker_host | string | `"-"` | overrides the docker client host with the specified one. If "-", an available docker host will automatically be found. If empty, an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock). Otherwise the specified docker host will be used and an error will be returned if it doesn't work. | | runner.config.file.container.enable_ipv6 | bool | `false` | Whether to create networks with IPv6 enabled. Requires the Docker daemon to be set up accordingly. Only takes effect if "network" is set to "". | | runner.config.file.container.force_pull | bool | `false` | Pull docker image(s) even if already present | | runner.config.file.container.network | string | `""` | Specifies the network to which the container will connect. Could be host, bridge or the name of a custom network. If it's empty, create a network automatically. | @@ -91,6 +91,7 @@ helm uninstall forgejo-runner-release | runner.config.file.container.valid_volumes | list | `[]` | Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: valid_volumes: - data - /src/*.json If you want to allow any volume, please use the following configuration: valid_volumes: - '**' | | runner.config.file.container.workdir_parent | string | `nil` | The parent directory of a job's working directory. If it's empty, /workspace will be used. | | runner.config.file.host.workdir_parent | string | `nil` | The parent directory of a job's working directory. If it's empty, $HOME/.cache/act/ will be used. | +| runner.config.file.log.job_level | string | `"info"` | The level of logging for jobs, can be trace, debug, info, earn, error, fatal | | runner.config.file.log.level | string | `"info"` | The level of logging, can be trace, debug, info, warn, error, fatal | | runner.config.file.runner.capacity | int | `1` | Execute how many tasks concurrently at the same time. | | runner.config.file.runner.env_file | string | `".env"` | Extra environment variables to run jobs from a file. It will be ignored if it's empty or the file doesn't exist. | diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index bb065f2..4c73930 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -30,6 +30,9 @@ runner: # -- The level of logging, can be trace, debug, info, warn, error, fatal # @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) level: "info" + # -- The level of logging for jobs, can be trace, debug, info, earn, error, fatal + # @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) + job_level: info runner: # -- Runner config which contains id and token of this runner (autogenerate with create) # @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) @@ -122,11 +125,11 @@ runner: # @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) valid_volumes: [] # -- overrides the docker client host with the specified one. - # If it's empty, act_runner will find an available docker host automatically. - # If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers. - # If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work. + # If "-", an available docker host will automatically be found. + # If empty, an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock). + # Otherwise the specified docker host will be used and an error will be returned if it doesn't work. # @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) - docker_host: "" + docker_host: "-" # -- Pull docker image(s) even if already present # @section -- Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) force_pull: false -- 2.45.3 From a7b0cfb92c1e41373811a032dbbe610329a2cafd Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 18 Nov 2024 15:15:16 +0100 Subject: [PATCH 183/256] fix(mautrix-bridge): update appVersion --- mautrix-bridge/Chart.yaml | 2 +- mautrix-bridge/README.adoc | 6 +++--- mautrix-bridge/README.md | 6 +++--- mautrix-bridge/_docs.gotmpl | 4 ++-- .../signal/values.yaml} | 2 +- .../{values-slack.yaml => bridge-values/slack/values.yaml} | 2 +- 6 files changed, 11 insertions(+), 11 deletions(-) rename mautrix-bridge/{values-signal.yaml => bridge-values/signal/values.yaml} (99%) rename mautrix-bridge/{values-slack.yaml => bridge-values/slack/values.yaml} (98%) diff --git a/mautrix-bridge/Chart.yaml b/mautrix-bridge/Chart.yaml index 4a99de6..07aae71 100644 --- a/mautrix-bridge/Chart.yaml +++ b/mautrix-bridge/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mautrix-bridge description: A Matrix puppeting bridge mautrix. type: application -version: 0.0.13 +version: 0.0.14 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-bridge/README.adoc b/mautrix-bridge/README.adoc index 0261fc1..d5b46f5 100644 --- a/mautrix-bridge/README.adoc +++ b/mautrix-bridge/README.adoc @@ -2,7 +2,7 @@ = mautrix-bridge -image::https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square[Version: 0.0.13] +image::https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square[Version: 0.0.14] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] == Maintainers @@ -16,8 +16,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat |=== For use of the bridge: -* **signal**, use the `./values-signal.yaml` -* **slack**, use the `./values-slack.yaml` +* **signal**, use the `./bridge-values/signal/values.yaml` +* **slack**, use the `./bridge-values/slack/values.yaml` == Usage diff --git a/mautrix-bridge/README.md b/mautrix-bridge/README.md index 449ac9d..25c00c6 100644 --- a/mautrix-bridge/README.md +++ b/mautrix-bridge/README.md @@ -7,7 +7,7 @@ description: "A Matrix puppeting bridge mautrix." # mautrix-bridge -![Version: 0.0.13](https://img.shields.io/badge/Version-0.0.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) A Matrix puppeting bridge mautrix. @@ -18,8 +18,8 @@ A Matrix puppeting bridge mautrix. | WrenIX | | | For use of the bridge: -* **signal**, use the `./values-signal.yaml` -* **slack**, use the `./values-slack.yaml` +* **signal**, use the `./bridge-values/signal/values.yaml` +* **slack**, use the `./bridge-values/slack/values.yaml` ## Usage diff --git a/mautrix-bridge/_docs.gotmpl b/mautrix-bridge/_docs.gotmpl index 97820d7..867fd60 100644 --- a/mautrix-bridge/_docs.gotmpl +++ b/mautrix-bridge/_docs.gotmpl @@ -1,5 +1,5 @@ {{ define "chart.prerequirements" -}} For use of the bridge: -* **signal**, use the `./values-signal.yaml` -* **slack**, use the `./values-slack.yaml` +* **signal**, use the `./bridge-values/signal/values.yaml` +* **slack**, use the `./bridge-values/slack/values.yaml` {{ end }} diff --git a/mautrix-bridge/values-signal.yaml b/mautrix-bridge/bridge-values/signal/values.yaml similarity index 99% rename from mautrix-bridge/values-signal.yaml rename to mautrix-bridge/bridge-values/signal/values.yaml index 4751c30..71e00a5 100644 --- a/mautrix-bridge/values-signal.yaml +++ b/mautrix-bridge/bridge-values/signal/values.yaml @@ -1,6 +1,6 @@ image: repository: mautrix/signal - tag: "v0.7.2" + tag: "v0.7.3" config: bridge: diff --git a/mautrix-bridge/values-slack.yaml b/mautrix-bridge/bridge-values/slack/values.yaml similarity index 98% rename from mautrix-bridge/values-slack.yaml rename to mautrix-bridge/bridge-values/slack/values.yaml index 2117acf..2db34d6 100644 --- a/mautrix-bridge/values-slack.yaml +++ b/mautrix-bridge/bridge-values/slack/values.yaml @@ -1,6 +1,6 @@ image: repository: mautrix/slack - tag: "v0.1.2" + tag: "v0.1.3" config: bridge: -- 2.45.3 From 24900e0048ba36f3789e5812bf4a68de452e6d73 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 20 Nov 2024 23:09:50 +0100 Subject: [PATCH 184/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/_docs.gotmpl | 12 ++++++++---- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index cb24bdc..4021236 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.0" +version: "0.4.1" # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "5.0.0" +appVersion: "5.0.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/_docs.gotmpl b/forgejo-runner/_docs.gotmpl index 87225e0..7df525c 100644 --- a/forgejo-runner/_docs.gotmpl +++ b/forgejo-runner/_docs.gotmpl @@ -1,11 +1,15 @@ {{ define "chart.prerequirements" -}} -== Accessing docker socket inside job containers +{{< callout type="warning" >}} +Me, wrenix, switch to woodpecker and maybe does not test every change. +{{< /callout >}} + +## Accessing docker socket inside job containers To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`): -[source,yaml] ----- +``` yaml {filename="values.yaml"} {{ .Files.Get "values-dind-bypass.yaml" }} ----- +``` + {{ end }} -- 2.45.3 From dde49d45cd40b04cbc9705d17dd53f49a1b1b18a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 20 Nov 2024 23:09:53 +0100 Subject: [PATCH 185/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 4 ++-- jellyfin/README.adoc | 4 ++-- jellyfin/README.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index 0848d72..486f1c2 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: "0.3.6" +version: "0.3.7" # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.10.2" +appVersion: "10.10.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc index ba92f60..c9946bb 100644 --- a/jellyfin/README.adoc +++ b/jellyfin/README.adoc @@ -2,9 +2,9 @@ = jellyfin -image::https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square[Version: 0.3.6] +image::https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square[Version: 0.3.7] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.10.2-informational?style=flat-square[AppVersion: 10.10.2] +image::https://img.shields.io/badge/AppVersion-10.10.3-informational?style=flat-square[AppVersion: 10.10.3] == Maintainers .Maintainers diff --git a/jellyfin/README.md b/jellyfin/README.md index e6b3507..f814921 100644 --- a/jellyfin/README.md +++ b/jellyfin/README.md @@ -7,7 +7,7 @@ description: "The Free Software Media System" # jellyfin -![Version: 0.3.6](https://img.shields.io/badge/Version-0.3.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.2](https://img.shields.io/badge/AppVersion-10.10.2-informational?style=flat-square) +![Version: 0.3.7](https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.3](https://img.shields.io/badge/AppVersion-10.10.3-informational?style=flat-square) The Free Software Media System -- 2.45.3 From 4604e5fe6da0dcb8bdbb62f00f8669c795361fc7 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 20 Nov 2024 23:24:36 +0100 Subject: [PATCH 186/256] chore(forgejo-runner): doc syntax --- forgejo-runner/README.adoc | 15 +++++++++------ forgejo-runner/README.md | 13 ++++++++----- forgejo-runner/_docs.gotmpl | 3 ++- publish.sh | 7 ++++++- 4 files changed, 25 insertions(+), 13 deletions(-) diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 4024835..86fd72f 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,9 +2,9 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] +image::https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square[Version: 0.4.1] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square[AppVersion: 5.0.0] +image::https://img.shields.io/badge/AppVersion-5.0.1-informational?style=flat-square[AppVersion: 5.0.1] == Maintainers .Maintainers @@ -16,12 +16,15 @@ image::https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-sq | |=== -== Accessing docker socket inside job containers +{{< callout type="warning" >}} +Me, wrenix, switch to woodpecker and maybe does not test every change. +{{< /callout >}} + +## Accessing docker socket inside job containers To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`): -[source,yaml] ----- +``` yaml {filename="values.yaml"} runner: config: create: true @@ -46,7 +49,7 @@ runner: valid_volumes: - /certs/client ----- +``` == Usage diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index e66d543..81fa6ee 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square) +![Version: 0.4.1](https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.1](https://img.shields.io/badge/AppVersion-5.0.1-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) @@ -17,12 +17,15 @@ Deploy runner for an forgejo instance (default codeberg.org) | ---- | ------ | --- | | WrenIX | | | -== Accessing docker socket inside job containers +{{< callout type="warning" >}} +Me, wrenix, switch to woodpecker and maybe does not test every change. +{{< /callout >}} + +## Accessing docker socket inside job containers To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`): -[source,yaml] ----- +``` yaml {filename="values.yaml"} runner: config: create: true @@ -47,7 +50,7 @@ runner: valid_volumes: - /certs/client ----- +``` ## Usage diff --git a/forgejo-runner/_docs.gotmpl b/forgejo-runner/_docs.gotmpl index 7df525c..42e2cf5 100644 --- a/forgejo-runner/_docs.gotmpl +++ b/forgejo-runner/_docs.gotmpl @@ -1,8 +1,9 @@ {{ define "chart.prerequirements" -}} +{{` {{< callout type="warning" >}} Me, wrenix, switch to woodpecker and maybe does not test every change. {{< /callout >}} - +`}} ## Accessing docker socket inside job containers To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`): diff --git a/publish.sh b/publish.sh index 69b1f23..3cd653f 100755 --- a/publish.sh +++ b/publish.sh @@ -40,7 +40,8 @@ for p in * ; do if [ "$tag" == "$lastTag" ]; then echo "changed helmchart should create new pkg - diff line count has:" echo $(git diff "${lastTag}" -- "${p}" | wc -l); - exit 1 + echo + continue; fi else echo "nothing todo" @@ -49,6 +50,7 @@ for p in * ; do fi fi + set -e echo "update docs" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}" helm-docs -t ./README.adoc.gotmpl -t _docs.gotmpl -o README.adoc -g "${p}" @@ -58,15 +60,18 @@ for p in * ; do helm push "${p}-${v}.tgz" "${HELM_REPO_URL}"; echo "update artifacthub.io" + set +e oras push "${HELM_REPO}/${p}:artifacthub.io" \ --config /dev/null:application/vnd.cncf.artifacthub.config.v1+yaml \ "${p}/artifacthub-repo.yml":application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml echo "push to git" + set -e git add "${p}/" "docs/modules/charts/nav.adoc" "docs/modules/charts/pages/${p}.adoc" git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}" git tag "${tag}" --no-sign; git push --tags origin main; + set +e echo done -- 2.45.3 From aba9ed1241a7471445211eaa22139a120b87fa0b Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 21 Nov 2024 16:39:42 +0100 Subject: [PATCH 187/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/README.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 4021236..c880296 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.1" +version: "0.4.2" # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "5.0.1" +appVersion: "5.0.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index 86fd72f..b6f4980 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,9 +2,9 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square[Version: 0.4.1] +image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-5.0.1-informational?style=flat-square[AppVersion: 5.0.1] +image::https://img.shields.io/badge/AppVersion-5.0.2-informational?style=flat-square[AppVersion: 5.0.2] == Maintainers .Maintainers diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index 81fa6ee..9b6547d 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.1](https://img.shields.io/badge/Version-0.4.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.1](https://img.shields.io/badge/AppVersion-5.0.1-informational?style=flat-square) +![Version: 0.4.2](https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.2](https://img.shields.io/badge/AppVersion-5.0.2-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) -- 2.45.3 From 0d4554f5457185edd8e906ab61d62f64562eef6c Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 21 Nov 2024 16:41:46 +0100 Subject: [PATCH 188/256] fix(forgejo-runner): update kubectl to v1.31.3 --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.adoc | 4 ++-- forgejo-runner/README.md | 4 ++-- forgejo-runner/values.yaml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index c880296..552f223 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.2" +version: "0.4.3" # renovate: image=code.forgejo.org/forgejo/runner appVersion: "5.0.2" maintainers: diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc index b6f4980..5222872 100644 --- a/forgejo-runner/README.adoc +++ b/forgejo-runner/README.adoc @@ -2,7 +2,7 @@ = forgejo-runner -image::https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square[Version: 0.4.2] +image::https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square[Version: 0.4.3] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-5.0.2-informational?style=flat-square[AppVersion: 5.0.2] == Maintainers @@ -313,7 +313,7 @@ helm uninstall forgejo-runner-release | kubectl.image.tag | string -| `"1.31.2"` +| `"1.31.3"` | | nameOverride diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index 9b6547d..b10ee77 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.2](https://img.shields.io/badge/Version-0.4.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.2](https://img.shields.io/badge/AppVersion-5.0.2-informational?style=flat-square) +![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.2](https://img.shields.io/badge/AppVersion-5.0.2-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) @@ -130,7 +130,7 @@ helm uninstall forgejo-runner-release | kubectl.image.pullPolicy | string | `"IfNotPresent"` | | | kubectl.image.registry | string | `"docker.io"` | | | kubectl.image.repository | string | `"bitnami/kubectl"` | | -| kubectl.image.tag | string | `"1.31.2"` | | +| kubectl.image.tag | string | `"1.31.3"` | | | nameOverride | string | `""` | | | nodeSelector | object | `{}` | | | podAnnotations | object | `{}` | | diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 4c73930..84a18b5 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -150,7 +150,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.2 + tag: 1.31.3 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From 8dc748c9d170bb7b06f6b1eb635e49a39802046a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 21 Nov 2024 16:42:09 +0100 Subject: [PATCH 189/256] fix(ntfy): update kubectl to v1.31.3 --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 4 ++-- ntfy/README.md | 4 ++-- ntfy/values.yaml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 2cacbf0..60fe69a 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: "0.4.5" +version: "0.4.6" # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc index 67269d2..5c77215 100644 --- a/ntfy/README.adoc +++ b/ntfy/README.adoc @@ -2,7 +2,7 @@ = ntfy -image::https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square[Version: 0.4.5] +image::https://img.shields.io/badge/Version-0.4.6-informational?style=flat-square[Version: 0.4.6] image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] == Maintainers @@ -159,7 +159,7 @@ helm uninstall ntfy-release | kubectl.image | object -| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.2"}` +| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.3"}` | image needed for setup (store generated VAPID / WebPush keys) | nameOverride diff --git a/ntfy/README.md b/ntfy/README.md index b8348bf..d16f434 100644 --- a/ntfy/README.md +++ b/ntfy/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # ntfy -![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) +![Version: 0.4.6](https://img.shields.io/badge/Version-0.4.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) A Helm chart for Kubernetes @@ -65,7 +65,7 @@ helm uninstall ntfy-release | ingress.hosts[0].paths[0].path | string | `"/"` | | | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | | ingress.tls | list | `[]` | | -| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.2"}` | image needed for setup (store generated VAPID / WebPush keys) | +| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.3"}` | image needed for setup (store generated VAPID / WebPush keys) | | nameOverride | string | `""` | | | networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | | networkPolicy.egress.extra | list | `[]` | egress rules | diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 9898644..410cde1 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -16,7 +16,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.2 + tag: 1.31.3 imagePullSecrets: [] nameOverride: "" -- 2.45.3 From f1c3954586d01b8838fb200f1e9de4376b5852dd Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 21 Nov 2024 16:45:16 +0100 Subject: [PATCH 190/256] chore(global): drop asciidoc support --- README.adoc | 26 ------ README.adoc.gotmpl | 87 ------------------- docs/antora.yml | 8 -- docs/modules/ROOT/nav.adoc | 1 - docs/modules/ROOT/pages/index.adoc | 1 - docs/modules/charts/generate.sh | 16 ---- docs/modules/charts/nav.adoc | 24 ----- .../charts/pages/alertmanager-matrix.adoc | 1 - .../charts/pages/alertmanager-ntfy.adoc | 1 - .../charts/pages/authentik-application.adoc | 1 - docs/modules/charts/pages/conduit.adoc | 1 - docs/modules/charts/pages/element-call.adoc | 1 - docs/modules/charts/pages/forgejo-runner.adoc | 1 - docs/modules/charts/pages/gotosocial.adoc | 1 - docs/modules/charts/pages/grampsweb.adoc | 1 - docs/modules/charts/pages/headscale-ui.adoc | 1 - docs/modules/charts/pages/headscale.adoc | 1 - docs/modules/charts/pages/home-assistant.adoc | 1 - docs/modules/charts/pages/hydrogen-web.adoc | 1 - docs/modules/charts/pages/jellyfin.adoc | 1 - .../pages/matrix-authentication-service.adoc | 1 - .../charts/pages/matrix-sliding-sync.adoc | 1 - docs/modules/charts/pages/matrix-synapse.adoc | 1 - docs/modules/charts/pages/mautrix-signal.adoc | 1 - docs/modules/charts/pages/miniserve.adoc | 1 - docs/modules/charts/pages/monitoring.adoc | 1 - docs/modules/charts/pages/ntfy.adoc | 1 - docs/modules/charts/pages/postgresql.adoc | 1 - .../charts/pages/speedtest-exporter.adoc | 1 - docs/modules/charts/pages/stalwart-mail.adoc | 1 - publish.sh | 4 +- 31 files changed, 2 insertions(+), 188 deletions(-) delete mode 100644 README.adoc delete mode 100644 README.adoc.gotmpl delete mode 100644 docs/antora.yml delete mode 100644 docs/modules/ROOT/nav.adoc delete mode 120000 docs/modules/ROOT/pages/index.adoc delete mode 100755 docs/modules/charts/generate.sh delete mode 100644 docs/modules/charts/nav.adoc delete mode 120000 docs/modules/charts/pages/alertmanager-matrix.adoc delete mode 120000 docs/modules/charts/pages/alertmanager-ntfy.adoc delete mode 120000 docs/modules/charts/pages/authentik-application.adoc delete mode 120000 docs/modules/charts/pages/conduit.adoc delete mode 120000 docs/modules/charts/pages/element-call.adoc delete mode 120000 docs/modules/charts/pages/forgejo-runner.adoc delete mode 120000 docs/modules/charts/pages/gotosocial.adoc delete mode 120000 docs/modules/charts/pages/grampsweb.adoc delete mode 120000 docs/modules/charts/pages/headscale-ui.adoc delete mode 120000 docs/modules/charts/pages/headscale.adoc delete mode 120000 docs/modules/charts/pages/home-assistant.adoc delete mode 120000 docs/modules/charts/pages/hydrogen-web.adoc delete mode 120000 docs/modules/charts/pages/jellyfin.adoc delete mode 120000 docs/modules/charts/pages/matrix-authentication-service.adoc delete mode 120000 docs/modules/charts/pages/matrix-sliding-sync.adoc delete mode 120000 docs/modules/charts/pages/matrix-synapse.adoc delete mode 120000 docs/modules/charts/pages/mautrix-signal.adoc delete mode 120000 docs/modules/charts/pages/miniserve.adoc delete mode 120000 docs/modules/charts/pages/monitoring.adoc delete mode 120000 docs/modules/charts/pages/ntfy.adoc delete mode 120000 docs/modules/charts/pages/postgresql.adoc delete mode 120000 docs/modules/charts/pages/speedtest-exporter.adoc delete mode 120000 docs/modules/charts/pages/stalwart-mail.adoc diff --git a/README.adoc b/README.adoc deleted file mode 100644 index 1203432..0000000 --- a/README.adoc +++ /dev/null @@ -1,26 +0,0 @@ -= helm-charts - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/ ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install oci://codeberg.org/wrenix/helm-charts/ --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall ----- diff --git a/README.adoc.gotmpl b/README.adoc.gotmpl deleted file mode 100644 index 05424bd..0000000 --- a/README.adoc.gotmpl +++ /dev/null @@ -1,87 +0,0 @@ -{{ define "chart.header" }}= {{ .Name }} -{{ end }} -{{ define "chart.versionBadge" }} -image::https://img.shields.io/badge/Version-{{ .Version | replace "-" "--" }}-informational?style=flat-square[Version: {{ .Version }}]{{end}} -{{ define "chart.typeBadge" }} -image::https://img.shields.io/badge/Version-{{ .Type }}-informational?style=flat-square[Type: {{ .Type }}]{{end}} -{{ define "chart.appVersionBadge" }}{{- if (ne .AppVersion "") }} -image::https://img.shields.io/badge/AppVersion-{{ .AppVersion }}-informational?style=flat-square[AppVersion: {{ .AppVersion }}]{{ end }}{{end}} -{{ define "chart.maintainersHeader" }}== Maintainers{{ end }} -{{ define "chart.maintainersTable" }}.Maintainers -|=== -| Name | Email | Url - {{- range .Maintainers }} - -| {{ .Name }} -| {{ if .Email }}<{{ .Email }}>{{ end }} -| {{ if .Url }}<{{ .Url }}>{{ end }} - {{- end }} -|=== -{{ end }} -{{ define "chart.valuesHeader" }}== Values{{ end }} -{{ define "chart.valuesTable" -}} -{{- if .Sections.Sections -}} -{{- range .Sections.Sections }} -.Values {{.SectionName }} -{{ template "chart.valuesOneTable" .SectionItems }} -{{- end }}{{/* range sections*/}} -{{- if .Sections.DefaultSection.SectionItems -}} -.Values {{.Sections.DefaultSection.SectionName }} -{{ template "chart.valuesOneTable" .Sections.DefaultSection.SectionItems }} -{{- end }}{{/* end default section */}} -{{- else }}{{/* if no sections */}} -.Values -{{ template "chart.valuesOneTable" .Values }} -{{- end }} -{{ end }}{{/* end chart.valuesTable */}} -{{ define "chart.valuesOneTable" -}} -|=== -| Key | Type | Default | Description - {{- range . }} - -| {{ .Key }} -| {{ .Type }} -| {{ if .Default }}{{ .Default }}{{ else }}{{ .AutoDefault }}{{ end }} -| {{ if .Description }}{{ .Description }}{{ else }}{{ .AutoDescription }}{{ end }} - {{- end }} -|=== -{{ end }}{{/* end chart.valuesOneTable */}} - -{{- define "chart.prerequirements" -}}{{- end -}} - -{{ template "chart.header" . }} -{{ template "chart.deprecationWarning" . }} - -{{ template "chart.badgesSection" . }} -{{ template "chart.maintainersSection" . }} - -{{ template "chart.prerequirements" . }} - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/{{ template "chart.name" . }} ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install {{ template "chart.name" . }}-release oci://codeberg.org/wrenix/helm-charts/{{ template "chart.name" . }} --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall {{ template "chart.name" . }}-release ----- - -{{ template "chart.valuesSection" . }} - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/docs/antora.yml b/docs/antora.yml deleted file mode 100644 index 1bbd506..0000000 --- a/docs/antora.yml +++ /dev/null @@ -1,8 +0,0 @@ -name: wrenix-helm -title: "WrenIX's Helm charts" -version: - main: latest - -nav: - - modules/ROOT/nav.adoc - - modules/charts/nav.adoc diff --git a/docs/modules/ROOT/nav.adoc b/docs/modules/ROOT/nav.adoc deleted file mode 100644 index 5d67faa..0000000 --- a/docs/modules/ROOT/nav.adoc +++ /dev/null @@ -1 +0,0 @@ -* xref:index.adoc[Home] diff --git a/docs/modules/ROOT/pages/index.adoc b/docs/modules/ROOT/pages/index.adoc deleted file mode 120000 index 2cfd4f7..0000000 --- a/docs/modules/ROOT/pages/index.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../README.adoc \ No newline at end of file diff --git a/docs/modules/charts/generate.sh b/docs/modules/charts/generate.sh deleted file mode 100755 index 8be5646..0000000 --- a/docs/modules/charts/generate.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -ROOT_DIR="./docs/modules/charts/" - -rm "${ROOT_DIR}/pages/"*".adoc" - -echo "* charts" > "${ROOT_DIR}/nav.adoc" -for name in * ; do - if \ - [ ! -d $name ] || \ - [ ! -f $name/Chart.yaml ] \ - ; then - continue; - fi - ln -sf "../../../../${name}/README.adoc" "${ROOT_DIR}/pages/${name}.adoc"; - echo "** xref:${name}.adoc[${name}]" >> "${ROOT_DIR}/nav.adoc" -done diff --git a/docs/modules/charts/nav.adoc b/docs/modules/charts/nav.adoc deleted file mode 100644 index 017ce21..0000000 --- a/docs/modules/charts/nav.adoc +++ /dev/null @@ -1,24 +0,0 @@ -* charts -** xref:alertmanager-matrix.adoc[alertmanager-matrix] -** xref:alertmanager-ntfy.adoc[alertmanager-ntfy] -** xref:authentik-application.adoc[authentik-application] -** xref:conduit.adoc[conduit] -** xref:element-call.adoc[element-call] -** xref:forgejo-runner.adoc[forgejo-runner] -** xref:gotosocial.adoc[gotosocial] -** xref:grampsweb.adoc[grampsweb] -** xref:headscale.adoc[headscale] -** xref:headscale-ui.adoc[headscale-ui] -** xref:home-assistant.adoc[home-assistant] -** xref:hydrogen-web.adoc[hydrogen-web] -** xref:jellyfin.adoc[jellyfin] -** xref:matrix-authentication-service.adoc[matrix-authentication-service] -** xref:matrix-sliding-sync.adoc[matrix-sliding-sync] -** xref:matrix-synapse.adoc[matrix-synapse] -** xref:mautrix-signal.adoc[mautrix-signal] -** xref:miniserve.adoc[miniserve] -** xref:monitoring.adoc[monitoring] -** xref:ntfy.adoc[ntfy] -** xref:postgresql.adoc[postgresql] -** xref:speedtest-exporter.adoc[speedtest-exporter] -** xref:stalwart-mail.adoc[stalwart-mail] diff --git a/docs/modules/charts/pages/alertmanager-matrix.adoc b/docs/modules/charts/pages/alertmanager-matrix.adoc deleted file mode 120000 index ff1eee6..0000000 --- a/docs/modules/charts/pages/alertmanager-matrix.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../alertmanager-matrix/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/alertmanager-ntfy.adoc b/docs/modules/charts/pages/alertmanager-ntfy.adoc deleted file mode 120000 index e2a0a08..0000000 --- a/docs/modules/charts/pages/alertmanager-ntfy.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../alertmanager-ntfy/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/authentik-application.adoc b/docs/modules/charts/pages/authentik-application.adoc deleted file mode 120000 index 70e47ed..0000000 --- a/docs/modules/charts/pages/authentik-application.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../authentik-application/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/conduit.adoc b/docs/modules/charts/pages/conduit.adoc deleted file mode 120000 index 6875802..0000000 --- a/docs/modules/charts/pages/conduit.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../conduit/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/element-call.adoc b/docs/modules/charts/pages/element-call.adoc deleted file mode 120000 index c551b35..0000000 --- a/docs/modules/charts/pages/element-call.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../element-call/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/forgejo-runner.adoc b/docs/modules/charts/pages/forgejo-runner.adoc deleted file mode 120000 index 0eb60e0..0000000 --- a/docs/modules/charts/pages/forgejo-runner.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../forgejo-runner/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/gotosocial.adoc b/docs/modules/charts/pages/gotosocial.adoc deleted file mode 120000 index 3bff7d2..0000000 --- a/docs/modules/charts/pages/gotosocial.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../gotosocial/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/grampsweb.adoc b/docs/modules/charts/pages/grampsweb.adoc deleted file mode 120000 index a22b6d5..0000000 --- a/docs/modules/charts/pages/grampsweb.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../grampsweb/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/headscale-ui.adoc b/docs/modules/charts/pages/headscale-ui.adoc deleted file mode 120000 index bcac646..0000000 --- a/docs/modules/charts/pages/headscale-ui.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../headscale-ui/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/headscale.adoc b/docs/modules/charts/pages/headscale.adoc deleted file mode 120000 index ae41e9a..0000000 --- a/docs/modules/charts/pages/headscale.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../headscale/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/home-assistant.adoc b/docs/modules/charts/pages/home-assistant.adoc deleted file mode 120000 index d31bc71..0000000 --- a/docs/modules/charts/pages/home-assistant.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../home-assistant/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/hydrogen-web.adoc b/docs/modules/charts/pages/hydrogen-web.adoc deleted file mode 120000 index bfe8227..0000000 --- a/docs/modules/charts/pages/hydrogen-web.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../hydrogen-web/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/jellyfin.adoc b/docs/modules/charts/pages/jellyfin.adoc deleted file mode 120000 index 90b210f..0000000 --- a/docs/modules/charts/pages/jellyfin.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../jellyfin/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/matrix-authentication-service.adoc b/docs/modules/charts/pages/matrix-authentication-service.adoc deleted file mode 120000 index 7f372d3..0000000 --- a/docs/modules/charts/pages/matrix-authentication-service.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../matrix-authentication-service/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/matrix-sliding-sync.adoc b/docs/modules/charts/pages/matrix-sliding-sync.adoc deleted file mode 120000 index abf59a4..0000000 --- a/docs/modules/charts/pages/matrix-sliding-sync.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../matrix-sliding-sync/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/matrix-synapse.adoc b/docs/modules/charts/pages/matrix-synapse.adoc deleted file mode 120000 index 88889a5..0000000 --- a/docs/modules/charts/pages/matrix-synapse.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../matrix-synapse/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/mautrix-signal.adoc b/docs/modules/charts/pages/mautrix-signal.adoc deleted file mode 120000 index 1376c24..0000000 --- a/docs/modules/charts/pages/mautrix-signal.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../mautrix-signal/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/miniserve.adoc b/docs/modules/charts/pages/miniserve.adoc deleted file mode 120000 index c268382..0000000 --- a/docs/modules/charts/pages/miniserve.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../miniserve/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/monitoring.adoc b/docs/modules/charts/pages/monitoring.adoc deleted file mode 120000 index 5852e47..0000000 --- a/docs/modules/charts/pages/monitoring.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../monitoring/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/ntfy.adoc b/docs/modules/charts/pages/ntfy.adoc deleted file mode 120000 index b037d84..0000000 --- a/docs/modules/charts/pages/ntfy.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../ntfy/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/postgresql.adoc b/docs/modules/charts/pages/postgresql.adoc deleted file mode 120000 index 05240d6..0000000 --- a/docs/modules/charts/pages/postgresql.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../postgresql/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/speedtest-exporter.adoc b/docs/modules/charts/pages/speedtest-exporter.adoc deleted file mode 120000 index 76661ca..0000000 --- a/docs/modules/charts/pages/speedtest-exporter.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../speedtest-exporter/README.adoc \ No newline at end of file diff --git a/docs/modules/charts/pages/stalwart-mail.adoc b/docs/modules/charts/pages/stalwart-mail.adoc deleted file mode 120000 index 36173e1..0000000 --- a/docs/modules/charts/pages/stalwart-mail.adoc +++ /dev/null @@ -1 +0,0 @@ -../../../../stalwart-mail/README.adoc \ No newline at end of file diff --git a/publish.sh b/publish.sh index 3cd653f..9851df7 100755 --- a/publish.sh +++ b/publish.sh @@ -53,7 +53,7 @@ for p in * ; do set -e echo "update docs" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}" - helm-docs -t ./README.adoc.gotmpl -t _docs.gotmpl -o README.adoc -g "${p}" + rm "${p}/README.adoc" echo "package and push helm-chart" helm package "${p}" @@ -67,7 +67,7 @@ for p in * ; do echo "push to git" set -e - git add "${p}/" "docs/modules/charts/nav.adoc" "docs/modules/charts/pages/${p}.adoc" + git add "${p}/" git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}" git tag "${tag}" --no-sign; git push --tags origin main; -- 2.45.3 From 330095207ec5218a5cad2b03eee71762f90d2405 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 21 Nov 2024 17:38:07 +0100 Subject: [PATCH 191/256] chore(ci): improve publish.sh script --- publish.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/publish.sh b/publish.sh index 9851df7..99f92f3 100755 --- a/publish.sh +++ b/publish.sh @@ -12,6 +12,7 @@ ct lint # || exit 1 for p in * ; do if \ [ ! -d $p ] || \ + [ $p == docs ] || \ [ ! -f $p/Chart.yaml ] \ ; then continue @@ -54,16 +55,20 @@ for p in * ; do echo "update docs" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}" rm "${p}/README.adoc" + echo echo "package and push helm-chart" helm package "${p}" helm push "${p}-${v}.tgz" "${HELM_REPO_URL}"; + oras tag "${HELM_REPO}/${p}:${v}" "${v%\.[0-9]*}" "${v%\.[0-9]*\.[0-9]*}" "latest" + echo echo "update artifacthub.io" set +e oras push "${HELM_REPO}/${p}:artifacthub.io" \ --config /dev/null:application/vnd.cncf.artifacthub.config.v1+yaml \ "${p}/artifacthub-repo.yml":application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml + echo echo "push to git" set -e -- 2.45.3 From 2b846996510750d8178e615df86fc6de6c7b6f2e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 21 Sep 2024 17:11:35 +0200 Subject: [PATCH 192/256] fix(headscale)!: update to v0.23.0 with breaking changes --- headscale-ui/Chart.yaml | 4 +- headscale-ui/README.adoc | 251 -------------- headscale-ui/README.md | 87 +++++ headscale/Chart.yaml | 6 +- headscale/README.adoc | 491 ---------------------------- headscale/README.md | 145 ++++++++ headscale/templates/deployment.yaml | 3 +- headscale/templates/jobs.yaml | 69 ++-- headscale/templates/secret.yaml | 2 +- headscale/values.yaml | 33 +- publish.sh | 2 +- 11 files changed, 299 insertions(+), 794 deletions(-) delete mode 100644 headscale-ui/README.adoc create mode 100644 headscale-ui/README.md delete mode 100644 headscale/README.adoc create mode 100644 headscale/README.md diff --git a/headscale-ui/Chart.yaml b/headscale-ui/Chart.yaml index 5ce6be0..f8a7fe6 100644 --- a/headscale-ui/Chart.yaml +++ b/headscale-ui/Chart.yaml @@ -3,9 +3,9 @@ name: headscale-ui description: A simple Headscale web UI for small-scale deployments. icon: https://raw.githubusercontent.com/gurucomputing/headscale-ui/master/static/favicon.png type: application -version: 0.2.0 +version: 0.2.1 # renovate: image=ghcr.io/gurucomputing/headscale-ui -appVersion: "2024.02.24-beta1" +appVersion: "2024.10.10" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/headscale-ui/README.adoc b/headscale-ui/README.adoc deleted file mode 100644 index cf34c93..0000000 --- a/headscale-ui/README.adoc +++ /dev/null @@ -1,251 +0,0 @@ - - -= headscale-ui - -image::https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square[Version: 0.2.0] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.02.24-beta1-informational?style=flat-square[AppVersion: 2024.02.24-beta1] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/headscale-ui ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install headscale-ui-release oci://codeberg.org/wrenix/helm-charts/headscale-ui --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall headscale-ui-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| fullnameOverride -| string -| `""` -| - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"ghcr.io"` -| - -| image.repository -| string -| `"gurucomputing/headscale-ui"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| nameOverride -| string -| `""` -| - -| networkPolicy.egress.enabled -| bool -| `true` -| activate egress no networkpolicy - -| networkPolicy.egress.extra -| list -| `[]` -| egress rules - -| networkPolicy.enabled -| bool -| `false` -| - -| networkPolicy.ingress.http -| list -| `[]` -| ingress for http port (e.g. ingress-controller) - -| networkPolicy.ingress.https -| list -| `[]` -| - -| nodeSelector -| object -| `{}` -| - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.port.http -| int -| `8080` -| - -| service.port.https -| int -| `8443` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/headscale-ui/README.md b/headscale-ui/README.md new file mode 100644 index 0000000..87cf2d0 --- /dev/null +++ b/headscale-ui/README.md @@ -0,0 +1,87 @@ +--- +title: "headscale-ui" + +description: "A simple Headscale web UI for small-scale deployments." + +--- + +# headscale-ui + +![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.10.10](https://img.shields.io/badge/AppVersion-2024.10.10-informational?style=flat-square) + +A simple Headscale web UI for small-scale deployments. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/headscale-ui +``` + +You can install a chart release using the following command: + +```bash +helm install headscale-ui-release oci://codeberg.org/wrenix/helm-charts/headscale-ui --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall headscale-ui-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"gurucomputing/headscale-ui"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | +| networkPolicy.egress.extra | list | `[]` | egress rules | +| networkPolicy.enabled | bool | `false` | | +| networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller) | +| networkPolicy.ingress.https | list | `[]` | | +| nodeSelector | object | `{}` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port.http | int | `8080` | | +| service.port.https | int | `8443` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/headscale/Chart.yaml b/headscale/Chart.yaml index 3224f12..b461907 100644 --- a/headscale/Chart.yaml +++ b/headscale/Chart.yaml @@ -3,9 +3,9 @@ name: headscale description: An open source, self-hosted implementation of the Tailscale control server. icon: https://raw.githubusercontent.com/juanfont/headscale/56a7b1e34952c3e0306a134b2be9b4277f5d8d6e/docs/logo/headscale3-dots.svg type: application -version: 0.4.0 -# renovate: image=docker.io/headscale/headscale -appVersion: "0.22.3" +version: 1.0.0 +# renovate: image=ghcr.io/headscale/headscale +appVersion: "0.23.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/headscale/README.adoc b/headscale/README.adoc deleted file mode 100644 index af1405c..0000000 --- a/headscale/README.adoc +++ /dev/null @@ -1,491 +0,0 @@ - - -= headscale - -image::https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square[Version: 0.4.0] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.22.3-informational?style=flat-square[AppVersion: 0.22.3] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/headscale ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install headscale-release oci://codeberg.org/wrenix/helm-charts/headscale --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall headscale-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| fullnameOverride -| string -| `""` -| - -| headscale.certmanager.dnsNames[0] -| string -| `"example.com"` -| - -| headscale.certmanager.enabled -| bool -| `true` -| - -| headscale.certmanager.issuerRef.group -| string -| `"cert-manager.io"` -| - -| headscale.certmanager.issuerRef.kind -| string -| `"ClusterIssuer"` -| - -| headscale.certmanager.issuerRef.name -| string -| `"letsencrypt-prod"` -| - -| headscale.config.db_path -| string -| `"/var/lib/headscale/db.sqlite"` -| - -| headscale.config.db_type -| string -| `"sqlite3"` -| - -| headscale.config.derp.paths -| list -| `[]` -| - -| headscale.config.derp.server.enabled -| bool -| `true` -| - -| headscale.config.derp.server.region_code -| string -| `"headscale"` -| - -| headscale.config.derp.server.region_id -| int -| `999` -| - -| headscale.config.derp.server.region_name -| string -| `"Headscale Embedded DERP"` -| - -| headscale.config.derp.server.stun_listen_addr -| string -| `"0.0.0.0:3478"` -| - -| headscale.config.derp.update_frequency -| string -| `"24h"` -| - -| headscale.config.derp.urls -| list -| `[]` -| - -| headscale.config.disable_check_updates -| bool -| `true` -| - -| headscale.config.grpc_listen_addr -| string -| `":50443"` -| - -| headscale.config.listen_addr -| string -| `":8080"` -| - -| headscale.config.metrics_listen_addr -| string -| `":9090"` -| - -| headscale.config.noise.private_key_path -| string -| `"/etc/headscale/secrets/noise.key"` -| - -| headscale.config.private_key_path -| string -| `"/etc/headscale/secrets/wireguard.key"` -| - -| headscale.config.server_url -| string -| `"http://127.0.0.1:8080"` -| - -| headscale.config.tls_cert_path -| string -| `"/etc/headscale/certs/tls.crt"` -| - -| headscale.config.tls_key_path -| string -| `"/etc/headscale/certs/tls.key"` -| - -| headscale.keys.create -| bool -| `true` -| Create a new private key, if not exists - -| headscale.keys.existingSecret -| string -| `""` -| Use an existing secret - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"ghcr.io"` -| - -| image.repository -| string -| `"juanfont/headscale"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| nameOverride -| string -| `""` -| - -| networkPolicy.egress.enabled -| bool -| `false` -| activate egress no networkpolicy - -| networkPolicy.egress.extra -| list -| `[]` -| egress rules - -| networkPolicy.enabled -| bool -| `false` -| - -| networkPolicy.ingress.derp -| list -| `[{"ipBlock":{"cidr":"0.0.0.0/0"}},{"ipBlock":{"cidr":"::/0"}}]` -| ingress for derp - -| networkPolicy.ingress.grpc -| list -| `[]` -| ingress for grpc port - -| networkPolicy.ingress.http -| list -| `[]` -| ingress for http port (e.g. ingress-controller) - -| networkPolicy.ingress.metrics -| list -| `[]` -| ingress for metrics port (e.g. prometheus) - -| nodeSelector -| object -| `{}` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `false` -| - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Create a PV on Node with given hostPath storageClass has to be manual - -| persistence.size -| string -| `"1Gi"` -| - -| persistence.storageClass -| string -| `nil` -| data Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| prometheus.rules.additionalRules -| list -| `[]` -| - -| prometheus.rules.defaults.enabled -| bool -| `true` -| - -| prometheus.rules.defaults.filter -| string -| `""` -| - -| prometheus.rules.defaults.lastUpdates.critical -| int -| `3600` -| - -| prometheus.rules.defaults.lastUpdates.info -| int -| `300` -| - -| prometheus.rules.defaults.lastUpdates.warning -| int -| `600` -| - -| prometheus.rules.enabled -| bool -| `false` -| - -| prometheus.rules.labels -| object -| `{}` -| - -| prometheus.servicemonitor.enabled -| bool -| `false` -| - -| prometheus.servicemonitor.labels -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.annotations -| string -| `nil` -| - -| service.derp.annotations -| string -| `nil` -| - -| service.derp.port -| int -| `3478` -| - -| service.derp.type -| string -| `"LoadBalancer"` -| - -| service.port.grpc -| int -| `50443` -| - -| service.port.http -| int -| `8080` -| - -| service.port.metrics -| int -| `9090` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/headscale/README.md b/headscale/README.md new file mode 100644 index 0000000..3e80569 --- /dev/null +++ b/headscale/README.md @@ -0,0 +1,145 @@ +--- +title: "headscale" + +description: "An open source, self-hosted implementation of the Tailscale control server." + +--- + +# headscale + +![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.23.0](https://img.shields.io/badge/AppVersion-0.23.0-informational?style=flat-square) + +An open source, self-hosted implementation of the Tailscale control server. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/headscale +``` + +You can install a chart release using the following command: + +```bash +helm install headscale-release oci://codeberg.org/wrenix/helm-charts/headscale --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall headscale-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| headscale.certmanager.dnsNames[0] | string | `"example.com"` | | +| headscale.certmanager.enabled | bool | `true` | | +| headscale.certmanager.issuerRef.group | string | `"cert-manager.io"` | | +| headscale.certmanager.issuerRef.kind | string | `"ClusterIssuer"` | | +| headscale.certmanager.issuerRef.name | string | `"letsencrypt-prod"` | | +| headscale.config.database.postgres.host | string | `"localhost"` | | +| headscale.config.database.postgres.name | string | `"headscale"` | | +| headscale.config.database.postgres.pass | string | `"bar"` | | +| headscale.config.database.postgres.port | int | `5432` | | +| headscale.config.database.postgres.user | string | `"foo"` | | +| headscale.config.database.sqlite.path | string | `"/var/lib/headscale/db.sqlite"` | | +| headscale.config.database.type | string | `"sqlite"` | | +| headscale.config.derp.paths | list | `[]` | | +| headscale.config.derp.server.enabled | bool | `true` | | +| headscale.config.derp.server.private_key_path | string | `"/etc/headscale/secrets/derp.key"` | | +| headscale.config.derp.server.region_code | string | `"headscale"` | | +| headscale.config.derp.server.region_id | int | `999` | | +| headscale.config.derp.server.region_name | string | `"Headscale Embedded DERP"` | | +| headscale.config.derp.server.stun_listen_addr | string | `"0.0.0.0:3478"` | | +| headscale.config.derp.update_frequency | string | `"24h"` | | +| headscale.config.derp.urls | list | `[]` | | +| headscale.config.disable_check_updates | bool | `true` | | +| headscale.config.dns.base_domain | string | `"example.com"` | | +| headscale.config.grpc_listen_addr | string | `":50443"` | | +| headscale.config.listen_addr | string | `":8080"` | | +| headscale.config.metrics_listen_addr | string | `":9090"` | | +| headscale.config.noise.private_key_path | string | `"/etc/headscale/secrets/noise.key"` | | +| headscale.config.prefixes.allocation | string | `"sequential"` | | +| headscale.config.prefixes.v4 | string | `"100.64.0.0/10"` | | +| headscale.config.prefixes.v6 | string | `"fd7a:115c:a1e0::/48"` | | +| headscale.config.private_key_path | string | `"/etc/headscale/secrets/wireguard.key"` | | +| headscale.config.server_url | string | `"http://127.0.0.1:8080"` | | +| headscale.config.tls_cert_path | string | `"/etc/headscale/certs/tls.crt"` | | +| headscale.config.tls_key_path | string | `"/etc/headscale/certs/tls.key"` | | +| headscale.keys.create | bool | `true` | Create a new private key, if not exists | +| headscale.keys.existingSecret | string | `""` | Use an existing secret | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"ghcr.io"` | | +| image.repository | string | `"juanfont/headscale"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| networkPolicy.egress.enabled | bool | `false` | activate egress no networkpolicy | +| networkPolicy.egress.extra | list | `[]` | egress rules | +| networkPolicy.enabled | bool | `false` | | +| networkPolicy.ingress.derp | list | `[{"ipBlock":{"cidr":"0.0.0.0/0"}},{"ipBlock":{"cidr":"::/0"}}]` | ingress for derp | +| networkPolicy.ingress.grpc | list | `[]` | ingress for grpc port | +| networkPolicy.ingress.http | list | `[]` | ingress for http port (e.g. ingress-controller) | +| networkPolicy.ingress.metrics | list | `[]` | ingress for metrics port (e.g. prometheus) | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `false` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Create a PV on Node with given hostPath storageClass has to be manual | +| persistence.size | string | `"1Gi"` | | +| persistence.storageClass | string | `nil` | data Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| prometheus.rules.additionalRules | list | `[]` | | +| prometheus.rules.defaults.enabled | bool | `true` | | +| prometheus.rules.defaults.filter | string | `""` | | +| prometheus.rules.defaults.lastUpdates.critical | int | `3600` | | +| prometheus.rules.defaults.lastUpdates.info | int | `300` | | +| prometheus.rules.defaults.lastUpdates.warning | int | `600` | | +| prometheus.rules.enabled | bool | `false` | | +| prometheus.rules.labels | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.annotations | string | `nil` | | +| service.derp.annotations | string | `nil` | | +| service.derp.port | int | `3478` | | +| service.derp.type | string | `"LoadBalancer"` | | +| service.port.grpc | int | `50443` | | +| service.port.http | int | `8080` | | +| service.port.metrics | int | `9090` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/headscale/templates/deployment.yaml b/headscale/templates/deployment.yaml index 981420f..be2b749 100644 --- a/headscale/templates/deployment.yaml +++ b/headscale/templates/deployment.yaml @@ -40,7 +40,6 @@ spec: {{- end }} imagePullPolicy: {{ .Values.image.pullPolicy }} args: - - "headscale" - "serve" ports: - name: http @@ -110,6 +109,8 @@ spec: path: "wireguard.key" - key: "noise.key" path: "noise.key" + - key: "derp.key" + path: "derp.key" {{- if .Values.headscale.certmanager.enabled }} - name: certs secret: diff --git a/headscale/templates/jobs.yaml b/headscale/templates/jobs.yaml index 92d46de..f848d1c 100644 --- a/headscale/templates/jobs.yaml +++ b/headscale/templates/jobs.yaml @@ -76,34 +76,10 @@ spec: spec: restartPolicy: "Never" serviceAccount: {{ $name }} - containers: - - name: upload-key - image: bitnami/kubectl - command: - - sh - - -c - - | - # check if key already exists - key=$(kubectl get secret {{ $secretName }} -o jsonpath="{.data['wireguard.key']}" 2> /dev/null) - [ $? -ne 0 ] && echo "Failed to get existing secret" && exit 1 - [ -n "$key" ] && echo "Key already created, exiting." && exit 0 - # wait for wireguard key - while [ ! -f /etc/headscale/secrets/wireguard.key ]; do - echo "Waiting for wireguard key.." - sleep 5; - done - # update secret - kubectl patch secret {{ $secretName }} -p "{\"data\":{\"wireguard.key\":\"$(base64 /etc/headscale/secrets/wireguard.key | tr -d '\n')\"}}" - kubectl patch secret {{ $secretName }} -p "{\"data\":{\"noise.key\":\"$(base64 /etc/headscale/secrets/noise.key | tr -d '\n')\"}}" - [ $? -ne 0 ] && echo "Failed to update secret." && exit 1 - echo "Signing key successfully created." - volumeMounts: - - mountPath: /etc/headscale/secrets - name: secrets - readOnly: true + initContainers: - name: generate-key {{- with .Values.image }} - image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" + image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}-debug" {{- end }} imagePullPolicy: {{ .Values.image.pullPolicy }} command: @@ -111,16 +87,49 @@ spec: - -c - | set -e - /bin/headscale generate private-key | tail -1 | sed 's/privkey://' > /etc/headscale/secrets/wireguard.key - chown 1001:1001 /etc/headscale/secrets/wireguard.key - /bin/headscale generate private-key | tail -1 | sed 's/privkey://' > /etc/headscale/secrets/noise.key - chown 1001:1001 /etc/headscale/secrets/noise.key + echo "generate private-keys" + headscale generate private-key --output json > /etc/headscale/secrets/wireguard.json + headscale generate private-key --output json > /etc/headscale/secrets/noise.json + headscale generate private-key --output json > /etc/headscale/secrets/derp.json + ls /etc/headscale/secrets/ volumeMounts: - name: config mountPath: "/etc/headscale" readOnly: true - mountPath: "/etc/headscale/secrets" name: secrets + containers: + - name: upload-key + image: bitnami/kubectl + command: + - sh + - -c + - | + # check if key already exists + key=$(kubectl get secret {{ $secretName }} -o jsonpath="{.data}" 2> /dev/null) + [ $? -ne 0 ] && echo "Failed to get existing secret" && exit 1 + if ! echo $key | jq -e 'has("wireguard.key")' 2> /dev/null ; then + echo "store wireguard.key" + kubectl patch secret {{ $secretName }} -p "{\"data\":{\"wireguard.key\":\"$(jq -r '.["private_key"] | split(":")[1] | @base64' /etc/headscale/secrets/wireguard.json)\"}}" + fi + if ! echo $key | jq -e 'has("noise.key")' 2> /dev/null ; then + echo "store noise.key" + kubectl patch secret {{ $secretName }} -p "{\"data\":{\"noise.key\":\"$(jq -r '.["private_key"] | @base64' /etc/headscale/secrets/noise.json)\"}}" + elif ! echo $key | jq -e '.["noise.key"] |@base64d | contains("privkey")' 2> /dev/null ; then + echo "patch noise.key" + newKey="privkey:$(echo $key | jq -r '.["noise.key"]|@base64d')" + kubectl patch secret {{ $secretName }} -p "{\"data\":{\"noise.key\":\"$(echo $newKey | base64 -w0)\"}}" + fi + if ! echo $key | jq -e 'has("derp.key")' 2> /dev/null ; then + echo "store derp.key" + kubectl patch secret {{ $secretName }} -p "{\"data\":{\"derp.key\":\"$(jq -r '.["private_key"] | @base64' /etc/headscale/secrets/derp.json)\"}}" + fi + [ $? -ne 0 ] && echo "Failed to update secret." && exit 1 + echo "Signing key successfully created." + volumeMounts: + - mountPath: /etc/headscale/secrets + name: secrets + readOnly: true volumes: - name: config secret: diff --git a/headscale/templates/secret.yaml b/headscale/templates/secret.yaml index 5963e2c..467ea1f 100644 --- a/headscale/templates/secret.yaml +++ b/headscale/templates/secret.yaml @@ -4,7 +4,7 @@ kind: Secret metadata: name: {{ include "headscale.fullname" . }} annotations: - "helm.sh/hook": "pre-install" + "helm.sh/hook": "pre-install,pre-upgrade" config-hash: {{ toYaml .Values.headscale.config | sha256sum | trunc 32 }} type: Opaque stringData: diff --git a/headscale/values.yaml b/headscale/values.yaml index 63cf39e..d90e827 100644 --- a/headscale/values.yaml +++ b/headscale/values.yaml @@ -36,21 +36,20 @@ headscale: grpc_listen_addr: ":50443" server_url: http://127.0.0.1:8080 + disable_check_updates: true # SQLite config - db_type: sqlite3 - - # For production: - db_path: /var/lib/headscale/db.sqlite - - # # Postgres config - # If using a Unix socket to connect to Postgres, set the socket path in the 'host' field and leave 'port' blank. - # db_type: postgres - # db_host: localhost - # db_port: 5432 - # db_name: headscale - # db_user: foo - # db_pass: bar + database: + type: sqlite + sqlite: + # For production: + path: /var/lib/headscale/db.sqlite + postgres: + host: localhost + port: 5432 + name: headscale + user: foo + pass: bar private_key_path: "/etc/headscale/secrets/wireguard.key" noise: private_key_path: "/etc/headscale/secrets/noise.key" @@ -59,6 +58,10 @@ headscale: ## Use already defined certificates: tls_cert_path: "/etc/headscale/certs/tls.crt" tls_key_path: "/etc/headscale/certs/tls.key" + prefixes: + v6: fd7a:115c:a1e0::/48 + v4: 100.64.0.0/10 + allocation: sequential derp: server: enabled: true @@ -66,12 +69,14 @@ headscale: region_code: "headscale" region_name: "Headscale Embedded DERP" stun_listen_addr: "0.0.0.0:3478" + private_key_path: "/etc/headscale/secrets/derp.key" urls: [] # - https://controlplane.tailscale.com/derpmap/default paths: [] # auto_update_enabled: true update_frequency: 24h - disable_check_updates: true + dns: + base_domain: example.com prometheus: servicemonitor: diff --git a/publish.sh b/publish.sh index 99f92f3..c281d2d 100755 --- a/publish.sh +++ b/publish.sh @@ -54,7 +54,7 @@ for p in * ; do set -e echo "update docs" helm-docs -t ./README.md.gotmpl -t _docs.gotmpl -o README.md -g "${p}" - rm "${p}/README.adoc" + rm -f "${p}/README.adoc" echo echo "package and push helm-chart" -- 2.45.3 From f59683cf4b5f66d348370a2d8660a678be86150d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 21 Nov 2024 21:42:14 +0100 Subject: [PATCH 193/256] chore(ci): improve publish.sh script --- publish.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/publish.sh b/publish.sh index c281d2d..d0596e5 100755 --- a/publish.sh +++ b/publish.sh @@ -71,9 +71,9 @@ for p in * ; do echo echo "push to git" - set -e git add "${p}/" git commit -m "${COMMIT_SCOPE}(${p}): ${COMMIT_MESSAGE}" + set -e git tag "${tag}" --no-sign; git push --tags origin main; set +e -- 2.45.3 From 441c4f64a9ccf120cb254a6259d9a29e953b654d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 21 Nov 2024 21:50:18 +0100 Subject: [PATCH 194/256] fix(alertmanager-ntfy): update appVersion --- alertmanager-ntfy/Chart.yaml | 6 +- alertmanager-ntfy/README.adoc | 301 ---------------------------------- alertmanager-ntfy/README.md | 97 +++++++++++ alertmanager-ntfy/values.yaml | 2 +- 4 files changed, 101 insertions(+), 305 deletions(-) delete mode 100644 alertmanager-ntfy/README.adoc create mode 100644 alertmanager-ntfy/README.md diff --git a/alertmanager-ntfy/Chart.yaml b/alertmanager-ntfy/Chart.yaml index 2a3dd8a..5b2e5e1 100644 --- a/alertmanager-ntfy/Chart.yaml +++ b/alertmanager-ntfy/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: alertmanager-ntfy description: Receiver for alertmanager to forward to ntfy.sh type: application -version: 0.1.4 -# renovate: image=docker.io/xenrox/ntfy-alertmanager -appVersion: "0.3.0" +version: 0.1.5 +# renovate: image=codeberg.org/xenrox/ntfy-alertmanager +appVersion: "0.4.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/alertmanager-ntfy/README.adoc b/alertmanager-ntfy/README.adoc deleted file mode 100644 index 8da8363..0000000 --- a/alertmanager-ntfy/README.adoc +++ /dev/null @@ -1,301 +0,0 @@ - - -= alertmanager-ntfy - -image::https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square[Version: 0.1.4] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.3.0-informational?style=flat-square[AppVersion: 0.3.0] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/alertmanager-ntfy ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install alertmanager-ntfy-release oci://codeberg.org/wrenix/helm-charts/alertmanager-ntfy --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall alertmanager-ntfy-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| fullnameOverride -| string -| `""` -| - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"docker.io"` -| - -| image.repository -| string -| `"xenrox/ntfy-alertmanager"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| nameOverride -| string -| `""` -| - -| nodeSelector -| object -| `{}` -| - -| ntfyAlertmanager.labels.entries[0].label -| string -| `"severity"` -| - -| ntfyAlertmanager.labels.entries[0].priority -| int -| `5` -| - -| ntfyAlertmanager.labels.entries[0].tags[0] -| string -| `"rotating_light"` -| - -| ntfyAlertmanager.labels.entries[0].value -| string -| `"critical"` -| - -| ntfyAlertmanager.labels.entries[1].label -| string -| `"severity"` -| - -| ntfyAlertmanager.labels.entries[1].priority -| int -| `1` -| - -| ntfyAlertmanager.labels.entries[1].value -| string -| `"info"` -| - -| ntfyAlertmanager.labels.entries[2].label -| string -| `"instance"` -| - -| ntfyAlertmanager.labels.entries[2].tags[0] -| string -| `"computer"` -| - -| ntfyAlertmanager.labels.entries[2].tags[1] -| string -| `"example"` -| - -| ntfyAlertmanager.labels.entries[2].value -| string -| `"example.com"` -| - -| ntfyAlertmanager.labels.order[0] -| string -| `"severity"` -| - -| ntfyAlertmanager.labels.order[1] -| string -| `"instance"` -| - -| ntfyAlertmanager.logLevel -| string -| `"info"` -| - -| ntfyAlertmanager.ntfy.topic -| string -| `"https://ntfy.sh/alertmanager-alerts"` -| - -| ntfyAlertmanager.port -| int -| `80` -| - -| ntfyAlertmanager.resolved.tags[0] -| string -| `"resolved"` -| - -| ntfyAlertmanager.resolved.tags[1] -| string -| `"partying_face"` -| - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.port -| int -| `80` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/alertmanager-ntfy/README.md b/alertmanager-ntfy/README.md new file mode 100644 index 0000000..d36a0f3 --- /dev/null +++ b/alertmanager-ntfy/README.md @@ -0,0 +1,97 @@ +--- +title: "alertmanager-ntfy" + +description: "Receiver for alertmanager to forward to ntfy.sh" + +--- + +# alertmanager-ntfy + +![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.4.0](https://img.shields.io/badge/AppVersion-0.4.0-informational?style=flat-square) + +Receiver for alertmanager to forward to ntfy.sh + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/alertmanager-ntfy +``` + +You can install a chart release using the following command: + +```bash +helm install alertmanager-ntfy-release oci://codeberg.org/wrenix/helm-charts/alertmanager-ntfy --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall alertmanager-ntfy-release +``` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| fullnameOverride | string | `""` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"codeberg.org"` | | +| image.repository | string | `"xenrox/ntfy-alertmanager"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| ntfyAlertmanager.labels.entries[0].label | string | `"severity"` | | +| ntfyAlertmanager.labels.entries[0].priority | int | `5` | | +| ntfyAlertmanager.labels.entries[0].tags[0] | string | `"rotating_light"` | | +| ntfyAlertmanager.labels.entries[0].value | string | `"critical"` | | +| ntfyAlertmanager.labels.entries[1].label | string | `"severity"` | | +| ntfyAlertmanager.labels.entries[1].priority | int | `1` | | +| ntfyAlertmanager.labels.entries[1].value | string | `"info"` | | +| ntfyAlertmanager.labels.entries[2].label | string | `"instance"` | | +| ntfyAlertmanager.labels.entries[2].tags[0] | string | `"computer"` | | +| ntfyAlertmanager.labels.entries[2].tags[1] | string | `"example"` | | +| ntfyAlertmanager.labels.entries[2].value | string | `"example.com"` | | +| ntfyAlertmanager.labels.order[0] | string | `"severity"` | | +| ntfyAlertmanager.labels.order[1] | string | `"instance"` | | +| ntfyAlertmanager.logLevel | string | `"info"` | | +| ntfyAlertmanager.ntfy.topic | string | `"https://ntfy.sh/alertmanager-alerts"` | | +| ntfyAlertmanager.port | int | `80` | | +| ntfyAlertmanager.resolved.tags[0] | string | `"resolved"` | | +| ntfyAlertmanager.resolved.tags[1] | string | `"partying_face"` | | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| replicaCount | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/alertmanager-ntfy/values.yaml b/alertmanager-ntfy/values.yaml index 870a7ce..405a4d0 100644 --- a/alertmanager-ntfy/values.yaml +++ b/alertmanager-ntfy/values.yaml @@ -5,7 +5,7 @@ replicaCount: 1 image: - registry: docker.io + registry: codeberg.org repository: xenrox/ntfy-alertmanager pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. -- 2.45.3 From 3bc284a797650403f2cad11cf2774841458bfb27 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 22 Nov 2024 15:21:11 +0100 Subject: [PATCH 195/256] fix(element-call): update appVersion --- element-call/Chart.yaml | 4 +- element-call/README.adoc | 402 --------------------------------------- element-call/README.md | 2 +- 3 files changed, 3 insertions(+), 405 deletions(-) delete mode 100644 element-call/README.adoc diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index cb205e1..e8e8825 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: "0.1.5" +version: "0.1.6" # renovate: image=ghcr.io/element-hq/element-call -appVersion: "0.6.6" +appVersion: "0.7.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/element-call/README.adoc b/element-call/README.adoc deleted file mode 100644 index 6cd058b..0000000 --- a/element-call/README.adoc +++ /dev/null @@ -1,402 +0,0 @@ - - -= element-call - -image::https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square[Version: 0.1.5] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square[AppVersion: 0.6.6] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/element-call ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install element-call-release oci://codeberg.org/wrenix/helm-charts/element-call --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall element-call-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| fullnameOverride -| string -| `""` -| - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.tls -| list -| `[]` -| - -| nameOverride -| string -| `""` -| - -| service.call.affinity -| object -| `{}` -| - -| service.call.config -| object -| `{}` -| - -| service.call.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| service.call.image.registry -| string -| `"ghcr.io"` -| - -| service.call.image.repository -| string -| `"element-hq/element-call"` -| - -| service.call.image.tag -| string -| `nil` -| Overrides the image tag whose default is the chart appVersion. - -| service.call.ingress.host -| string -| `nil` -| - -| service.call.livenessProbe.httpGet.path -| string -| `"/"` -| - -| service.call.livenessProbe.httpGet.port -| string -| `"http"` -| - -| service.call.networkPolicy.egress.enabled -| bool -| `true` -| activate egress no networkpolicy - -| service.call.networkPolicy.egress.extra -| list -| `[]` -| egress rules - -| service.call.networkPolicy.enabled -| bool -| `false` -| - -| service.call.networkPolicy.ingress.http -| list -| `[]` -| ingress for http port (e.g. ingress-controller) - -| service.call.nodeSelector -| object -| `{}` -| - -| service.call.podAnnotations -| object -| `{}` -| - -| service.call.podLabels -| object -| `{}` -| - -| service.call.podSecurityContext -| object -| `{}` -| - -| service.call.readinessProbe.httpGet.path -| string -| `"/"` -| - -| service.call.readinessProbe.httpGet.port -| string -| `"http"` -| - -| service.call.replicaCount -| int -| `1` -| - -| service.call.resources -| object -| `{}` -| - -| service.call.securityContext -| object -| `{}` -| - -| service.call.serviceAccount.annotations -| object -| `{}` -| - -| service.call.serviceAccount.automount -| bool -| `true` -| - -| service.call.serviceAccount.create -| bool -| `true` -| - -| service.call.serviceAccount.name -| string -| `""` -| - -| service.call.tolerations -| list -| `[]` -| - -| service.lkJWT.affinity -| object -| `{}` -| - -| service.lkJWT.config.key -| string -| `"devkey"` -| - -| service.lkJWT.config.secret -| string -| `"secret"` -| - -| service.lkJWT.config.url -| string -| `""` -| - -| service.lkJWT.enabled -| bool -| `true` -| - -| service.lkJWT.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| service.lkJWT.image.registry -| string -| `"ghcr.io"` -| - -| service.lkJWT.image.repository -| string -| `"element-hq/lk-jwt-service"` -| - -| service.lkJWT.image.tag -| string -| `"sha-4a29504"` -| - -| service.lkJWT.ingress.host -| string -| `nil` -| - -| service.lkJWT.livenessProbe.httpGet.path -| string -| `"/healthz"` -| - -| service.lkJWT.livenessProbe.httpGet.port -| string -| `"http"` -| - -| service.lkJWT.networkPolicy.egress.enabled -| bool -| `false` -| activate egress no networkpolicy - -| service.lkJWT.networkPolicy.egress.extra -| list -| `[]` -| egress rules - -| service.lkJWT.networkPolicy.enabled -| bool -| `false` -| - -| service.lkJWT.networkPolicy.ingress.http -| list -| `[]` -| ingress for http port (e.g. ingress-controller) - -| service.lkJWT.nodeSelector -| object -| `{}` -| - -| service.lkJWT.podAnnotations -| object -| `{}` -| - -| service.lkJWT.podLabels -| object -| `{}` -| - -| service.lkJWT.podSecurityContext -| object -| `{}` -| - -| service.lkJWT.readinessProbe.httpGet.path -| string -| `"/healthz"` -| - -| service.lkJWT.readinessProbe.httpGet.port -| string -| `"http"` -| - -| service.lkJWT.replicaCount -| int -| `1` -| - -| service.lkJWT.resources -| object -| `{}` -| - -| service.lkJWT.securityContext -| object -| `{}` -| - -| service.lkJWT.serviceAccount.annotations -| object -| `{}` -| - -| service.lkJWT.serviceAccount.automount -| bool -| `true` -| - -| service.lkJWT.serviceAccount.create -| bool -| `true` -| - -| service.lkJWT.serviceAccount.name -| string -| `""` -| - -| service.lkJWT.tolerations -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] - diff --git a/element-call/README.md b/element-call/README.md index 4d0966d..7e8806e 100644 --- a/element-call/README.md +++ b/element-call/README.md @@ -7,7 +7,7 @@ description: "Run Element-Call and his dependencies" # element-call -![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.6.6](https://img.shields.io/badge/AppVersion-0.6.6-informational?style=flat-square) +![Version: 0.1.6](https://img.shields.io/badge/Version-0.1.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.7.0](https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square) Run Element-Call and his dependencies -- 2.45.3 From 3294de9ddffbeb5debfc288592deb12ff18411f3 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 22 Nov 2024 15:21:34 +0100 Subject: [PATCH 196/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 +- home-assistant/README.adoc | 416 ------------------------------------- home-assistant/README.md | 2 +- 3 files changed, 3 insertions(+), 419 deletions(-) delete mode 100644 home-assistant/README.adoc diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index fa3c65c..1f00635 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.6 +version: 0.2.7 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.11.2" +appVersion: "2024.11.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.adoc b/home-assistant/README.adoc deleted file mode 100644 index 2b039c1..0000000 --- a/home-assistant/README.adoc +++ /dev/null @@ -1,416 +0,0 @@ - - -= home-assistant - -image::https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square[Version: 0.2.6] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2024.11.2-informational?style=flat-square[AppVersion: 2024.11.2] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/home-assistant ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install home-assistant-release oci://codeberg.org/wrenix/helm-charts/home-assistant --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall home-assistant-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| fullnameOverride -| string -| `""` -| - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"ghcr.io"` -| - -| image.repository -| string -| `"home-assistant/home-assistant"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| livenessProbe.httpGet.path -| string -| `"/"` -| - -| livenessProbe.httpGet.port -| string -| `"http"` -| - -| nameOverride -| string -| `""` -| - -| nats.enabled -| bool -| `true` -| - -| nats.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| nats.image.registry -| string -| `"docker.io"` -| - -| nats.image.repository -| string -| `"library/nats"` -| - -| nats.image.tag -| string -| `"2.10.22-scratch"` -| - -| nats.livenessProbe.tcpSocket.port -| string -| `"nats"` -| - -| nats.readinessProbe.tcpSocket.port -| string -| `"nats"` -| - -| nats.resources.limits.cpu -| string -| `"100m"` -| - -| nats.resources.limits.memory -| string -| `"128Mi"` -| - -| nats.resources.requests.cpu -| string -| `"100m"` -| - -| nats.resources.requests.memory -| string -| `"128Mi"` -| - -| nats.service.port.mqtt -| int -| `1883` -| - -| nats.service.port.nats -| int -| `4222` -| - -| nodeSelector -| object -| `{}` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `false` -| - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| - -| persistence.size -| string -| `"1Gi"` -| - -| persistence.storageClass -| string -| `nil` -| data Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| prometheus.podmonitor.bearerTokenSecret -| object -| `{}` -| - -| prometheus.podmonitor.enabled -| bool -| `false` -| - -| prometheus.podmonitor.labels -| object -| `{}` -| - -| readinessProbe.httpGet.path -| string -| `"/"` -| - -| readinessProbe.httpGet.port -| string -| `"http"` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.port -| int -| `80` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| Annotations to add to the service account - -| serviceAccount.create -| bool -| `true` -| Specifies whether a service account should be created - -| serviceAccount.name -| string -| `""` -| If not set and create is true, a name is generated using the fullname template - -| tolerations -| list -| `[]` -| - -| volumeMounts -| list -| `[]` -| - -| volumes -| list -| `[]` -| - -| zigbee2mqtt.config.homeassistant -| bool -| `true` -| - -| zigbee2mqtt.config.serial.port -| string -| `"/dev/ttyACM0"` -| - -| zigbee2mqtt.device -| string -| `"/dev/ttyACM0"` -| - -| zigbee2mqtt.enabled -| bool -| `true` -| - -| zigbee2mqtt.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| zigbee2mqtt.image.registry -| string -| `"docker.io"` -| - -| zigbee2mqtt.image.repository -| string -| `"koenkk/zigbee2mqtt"` -| - -| zigbee2mqtt.image.tag -| string -| `"1.41.0"` -| - -| zigbee2mqtt.ingress.hosts -| list -| `[]` -| - -| zigbee2mqtt.securityContext.privileged -| bool -| `true` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/home-assistant/README.md b/home-assistant/README.md index 10e7c9f..f68f6b7 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.6](https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.2](https://img.shields.io/badge/AppVersion-2024.11.2-informational?style=flat-square) +![Version: 0.2.7](https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.3](https://img.shields.io/badge/AppVersion-2024.11.3-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From 8971235de6cfc7f92199376267da4a7518d28a33 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 26 Nov 2024 11:32:23 +0100 Subject: [PATCH 197/256] fix(postgresql): update appVersion --- postgresql/Chart.yaml | 4 +- postgresql/README.adoc | 266 ----------------------------------------- postgresql/README.md | 2 +- 3 files changed, 3 insertions(+), 269 deletions(-) delete mode 100644 postgresql/README.adoc diff --git a/postgresql/Chart.yaml b/postgresql/Chart.yaml index d6ba6bc..904d0b0 100644 --- a/postgresql/Chart.yaml +++ b/postgresql/Chart.yaml @@ -4,9 +4,9 @@ name: "postgresql" description: "A Helm chart for running PostgreSQL (Postgres) database" icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg type: "application" -version: "0.2.2" +version: "0.2.3" # renovate: image=docker.io/library/postgres -appVersion: "17.1-alpine" +appVersion: "17.2-alpine" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/postgresql/README.adoc b/postgresql/README.adoc deleted file mode 100644 index 0303a36..0000000 --- a/postgresql/README.adoc +++ /dev/null @@ -1,266 +0,0 @@ - - -= postgresql - -image::https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square[Version: 0.2.2] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-17.1-alpine-informational?style=flat-square[AppVersion: 17.1-alpine] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/postgresql ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install postgresql-release oci://codeberg.org/wrenix/helm-charts/postgresql --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall postgresql-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoupgrade.enabled -| bool -| `true` -| - -| autoupgrade.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| autoupgrade.image.registry -| string -| `"docker.io"` -| - -| autoupgrade.image.repository -| string -| `"pgautoupgrade/pgautoupgrade"` -| - -| autoupgrade.image.tag -| string -| `"17-alpine"` -| - -| autoupgrade.securityContext -| object -| `{}` -| - -| fullnameOverride -| string -| `""` -| - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"docker.io"` -| - -| image.repository -| string -| `"library/postgres"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| job.annotations -| object -| `{"helm.sh/hook":"post-install,post-upgrade","helm.sh/hook-delete-policy":"before-hook-creation,hook-succeeded"}` -| Annotations (usefull to delete job by helm afterwards) - -| job.databases -| object -| `{}` -| Bootstrap databases into postgresql server. When databases already exists, they will stay untouched. databases: "name_of_database": owner: "existing_user_which_will_get_grant" additionalParams: "" # Optional - -| job.enabled -| bool -| `true` -| Enable database bootstrapping. - -| job.retries -| int -| `60` -| Amount of retries while waiting for postgresql server is available. - -| job.users -| object -| `{}` -| Bootstrap users into postgresql server. When users already exists, they will stay untouched. users: username: RandomPassword0#" - -| job.wait -| int -| `5` -| Time to wait in each wait in each iteration until postgresql server is available. - -| nameOverride -| string -| `""` -| - -| nodeSelector -| object -| `{}` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `true` -| - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Do not create an PVC, direct use hostPath in Pod - -| persistence.size -| string -| `"1Gi"` -| - -| persistence.storageClass -| string -| `nil` -| Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| postgres.password -| string -| `"SUPERSTRONGPW"` -| Database password. - -| postgres.user -| string -| `"postgres"` -| Database user. - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.port -| int -| `5432` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `false` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/postgresql/README.md b/postgresql/README.md index 419489b..7c7f5ac 100644 --- a/postgresql/README.md +++ b/postgresql/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for running PostgreSQL (Postgres) database" # postgresql -![Version: 0.2.2](https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 17.1-alpine](https://img.shields.io/badge/AppVersion-17.1--alpine-informational?style=flat-square) +![Version: 0.2.3](https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 17.2-alpine](https://img.shields.io/badge/AppVersion-17.2--alpine-informational?style=flat-square) A Helm chart for running PostgreSQL (Postgres) database -- 2.45.3 From 74f448cb9a553d56b7ca01020d0360fa42a95b74 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 30 Nov 2024 00:19:14 +0100 Subject: [PATCH 198/256] fix(conduit): update appVersion --- conduit/Chart.yaml | 2 +- conduit/README.adoc | 426 -------------------------------------------- conduit/README.md | 4 +- conduit/values.yaml | 2 +- 4 files changed, 4 insertions(+), 430 deletions(-) delete mode 100644 conduit/README.adoc diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index b9c8857..f08ac21 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -3,7 +3,7 @@ name: conduit description: Conduit is a simple, fast and reliable chat server powered by Matrix. icon: https://conduit.rs/conduit.svg type: application -version: "1.0.1" +version: "1.0.2" # renovate: image=docker.io/matrixconduit/matrix-conduit appVersion: "0.9.0" maintainers: diff --git a/conduit/README.adoc b/conduit/README.adoc deleted file mode 100644 index dbc045d..0000000 --- a/conduit/README.adoc +++ /dev/null @@ -1,426 +0,0 @@ - - -= conduit - -image::https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square[Version: 1.0.1] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square[AppVersion: 0.9.0] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/conduit ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install conduit-release oci://codeberg.org/wrenix/helm-charts/conduit --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall conduit-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| conduit.allowEncryption -| bool -| `true` -| - -| conduit.allowFederation -| bool -| `true` -| - -| conduit.allowRegistration -| bool -| `false` -| - -| conduit.allowRoomCreation -| bool -| `true` -| - -| conduit.allowUnstableRoomVersions -| bool -| `true` -| - -| conduit.log -| string -| `nil` -| - -| conduit.maxConcurrentRequests -| string -| `nil` -| - -| conduit.maxRequestSize -| string -| `"20000000"` -| in bytes default 20 MB - -| conduit.registrationToken -| string -| `nil` -| - -| conduit.server_name -| string -| `"your.server.name"` -| - -| conduit.trustedServers[0] -| string -| `"matrix.org"` -| - -| conduit.wellKnown.client -| string -| `""` -| client well-known configuration in conduit - -| conduit.wellKnown.server -| string -| `"https://your.server.name"` -| server well-known configuration in conduit - -| fullnameOverride -| string -| `""` -| - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"docker.io"` -| - -| image.repository -| string -| `"matrixconduit/matrix-conduit"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| nameOverride -| string -| `""` -| - -| nodeSelector -| object -| `{}` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `true` -| - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Do not create an PVC, direct use hostPath in Pod - -| persistence.size -| string -| `"1Gi"` -| - -| persistence.storageClass -| string -| `nil` -| Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.port -| int -| `6167` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| - -| wellknown.affinity -| object -| `{}` -| - -| wellknown.client -| object -| `{"m.homeserver":{"base_url":"https://your.server.name/"},"org.matrix.msc3575.proxy":{"url":"https://your.server.name/"}}` -| client entry in well-known - -| wellknown.containerPort -| int -| `80` -| - -| wellknown.enabled -| bool -| `false` -| - -| wellknown.env -| list -| `[]` -| - -| wellknown.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| wellknown.image.registry -| string -| `"docker.io"` -| - -| wellknown.image.repository -| string -| `"library/nginx"` -| - -| wellknown.image.tag -| string -| `"1.27.2"` -| - -| wellknown.nginxServerConf -| string -| `"server {\n listen {{ .containerPort }};\n server_name localhost;\n\n location /.well-known/matrix/server {\n return 200 {{ toJson .server | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n }\n\n location /.well-known/matrix/client {\n return 200 {{ toJson .client | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n add_header \"Access-Control-Allow-Origin\" *;\n }\n\n location / {\n # return 200 'Welcome to the your.server.name conduit server!';\n # types { } default_type \"text/plain; charset=utf-8\";\n return 404;\n }\n\n location /nginx_health {\n return 200 'OK';\n types { } default_type \"text/plain; charset=utf-8\";\n }\n}"` -| nginx config - -| wellknown.nodeSelector -| object -| `{}` -| - -| wellknown.podAnnotations -| list -| `[]` -| - -| wellknown.podLabels -| object -| `{}` -| - -| wellknown.podSecurityContext -| object -| `{}` -| - -| wellknown.replicaCount -| int -| `1` -| - -| wellknown.resources -| object -| `{}` -| - -| wellknown.rewriteRoot -| bool -| `false` -| if ingress is enabled: specifies whether ingress should redirect the `/`-Location to the wellknown server - -| wellknown.securityContext -| object -| `{}` -| - -| wellknown.server -| object -| `{"m.server":"your.server.name:443"}` -| server entry in well-known - -| wellknown.service.annotations -| object -| `{}` -| - -| wellknown.service.port -| int -| `8080` -| - -| wellknown.service.type -| string -| `"ClusterIP"` -| - -| wellknown.tolerations -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/conduit/README.md b/conduit/README.md index 16a14dd..077d31e 100644 --- a/conduit/README.md +++ b/conduit/README.md @@ -7,7 +7,7 @@ description: "Conduit is a simple, fast and reliable chat server powered by Matr # conduit -![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.0](https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square) +![Version: 1.0.2](https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.0](https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square) Conduit is a simple, fast and reliable chat server powered by Matrix. @@ -103,7 +103,7 @@ helm uninstall conduit-release | wellknown.image.pullPolicy | string | `"IfNotPresent"` | | | wellknown.image.registry | string | `"docker.io"` | | | wellknown.image.repository | string | `"library/nginx"` | | -| wellknown.image.tag | string | `"1.27.2"` | | +| wellknown.image.tag | string | `"1.27.3"` | | | wellknown.nginxServerConf | string | `"server {\n listen {{ .containerPort }};\n server_name localhost;\n\n location /.well-known/matrix/server {\n return 200 {{ toJson .server | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n }\n\n location /.well-known/matrix/client {\n return 200 {{ toJson .client | quote }};\n types { } default_type \"application/json; charset=utf-8\";\n add_header \"Access-Control-Allow-Origin\" *;\n }\n\n location / {\n # return 200 'Welcome to the your.server.name conduit server!';\n # types { } default_type \"text/plain; charset=utf-8\";\n return 404;\n }\n\n location /nginx_health {\n return 200 'OK';\n types { } default_type \"text/plain; charset=utf-8\";\n }\n}"` | nginx config | | wellknown.nodeSelector | object | `{}` | | | wellknown.podAnnotations | list | `[]` | | diff --git a/conduit/values.yaml b/conduit/values.yaml index 2a39fbc..9e45997 100644 --- a/conduit/values.yaml +++ b/conduit/values.yaml @@ -52,7 +52,7 @@ wellknown: registry: docker.io repository: library/nginx pullPolicy: IfNotPresent - tag: "1.27.2" + tag: "1.27.3" replicaCount: 1 podLabels: {} -- 2.45.3 From 994721a8a422e37d76ba3645ab0eacb3db27e69d Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 30 Nov 2024 00:19:17 +0100 Subject: [PATCH 199/256] fix(element-call): update appVersion --- element-call/Chart.yaml | 4 ++-- element-call/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/element-call/Chart.yaml b/element-call/Chart.yaml index e8e8825..9f27a48 100644 --- a/element-call/Chart.yaml +++ b/element-call/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: element-call description: Run Element-Call and his dependencies type: application -version: "0.1.6" +version: "0.1.7" # renovate: image=ghcr.io/element-hq/element-call -appVersion: "0.7.0" +appVersion: "0.7.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/element-call/README.md b/element-call/README.md index 7e8806e..1c85841 100644 --- a/element-call/README.md +++ b/element-call/README.md @@ -7,7 +7,7 @@ description: "Run Element-Call and his dependencies" # element-call -![Version: 0.1.6](https://img.shields.io/badge/Version-0.1.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.7.0](https://img.shields.io/badge/AppVersion-0.7.0-informational?style=flat-square) +![Version: 0.1.7](https://img.shields.io/badge/Version-0.1.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.7.1](https://img.shields.io/badge/AppVersion-0.7.1-informational?style=flat-square) Run Element-Call and his dependencies -- 2.45.3 From 910947134ca4550d291f7b3e3e17ac2958f314eb Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 30 Nov 2024 00:19:20 +0100 Subject: [PATCH 200/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 +- forgejo-runner/README.adoc | 421 ------------------------------------- forgejo-runner/README.md | 2 +- 3 files changed, 3 insertions(+), 424 deletions(-) delete mode 100644 forgejo-runner/README.adoc diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 552f223..5728f82 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.3" +version: "0.4.4" # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "5.0.2" +appVersion: "5.0.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.adoc b/forgejo-runner/README.adoc deleted file mode 100644 index 5222872..0000000 --- a/forgejo-runner/README.adoc +++ /dev/null @@ -1,421 +0,0 @@ - - -= forgejo-runner - -image::https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square[Version: 0.4.3] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-5.0.2-informational?style=flat-square[AppVersion: 5.0.2] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -{{< callout type="warning" >}} -Me, wrenix, switch to woodpecker and maybe does not test every change. -{{< /callout >}} - -## Accessing docker socket inside job containers - -To access the docker socket inside the job containers, the following example values may be used (see `values-dind-bypass.yaml`): - -``` yaml {filename="values.yaml"} -runner: - config: - create: true - existingSecret: "" - file: - log: - level: "info" - runner: - file: ".runner" - capacity: 1 - envs: - A_TEST_ENV_NAME_1: null - A_TEST_ENV_NAME_2: null - DOCKER_HOST: tcp://127.0.0.1:2376 - DOCKER_TLS_VERIFY: 1 - DOCKER_CERT_PATH: /certs/client - container: - network: host - enable_ipv6: false - privileged: false - options: -v /certs/client:/certs/client - valid_volumes: - - /certs/client - -``` - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/forgejo-runner ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install forgejo-runner-release oci://codeberg.org/wrenix/helm-charts/forgejo-runner --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall forgejo-runner-release ----- - -== Values - -.Values Configuration yaml of runner (see: https://code.forgejo.org/forgejo/runner/src/branch/main/internal/pkg/config/config.example.yaml) -|=== -| Key | Type | Default | Description - -| runner.config.file.cache.dir -| string -| `""` -| The directory to store the cache data. If it's empty, the cache data will be stored in $HOME/.cache/actcache. - -| runner.config.file.cache.enabled -| bool -| `true` -| Enable cache server to use actions/cache. - -| runner.config.file.cache.external_server -| string -| `""` -| The external cache server URL. Valid only when enable is true. If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself. The URL should generally end with "/". - -| runner.config.file.cache.host -| string -| `""` -| The host of the cache server. It's not for the address to listen, but the address to connect from job containers. So 0.0.0.0 is a bad choice, leave it empty to detect automatically. - -| runner.config.file.cache.port -| int -| `0` -| The port of the cache server. 0 means to use a random available port. - -| runner.config.file.container.docker_host -| string -| `"-"` -| overrides the docker client host with the specified one. If "-", an available docker host will automatically be found. If empty, an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock). Otherwise the specified docker host will be used and an error will be returned if it doesn't work. - -| runner.config.file.container.enable_ipv6 -| bool -| `false` -| Whether to create networks with IPv6 enabled. Requires the Docker daemon to be set up accordingly. Only takes effect if "network" is set to "". - -| runner.config.file.container.force_pull -| bool -| `false` -| Pull docker image(s) even if already present - -| runner.config.file.container.network -| string -| `""` -| Specifies the network to which the container will connect. Could be host, bridge or the name of a custom network. If it's empty, create a network automatically. - -| runner.config.file.container.options -| string -| `nil` -| And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`). - -| runner.config.file.container.privileged -| bool -| `false` -| And other options to be used when the container is started (eg, `--add-host=my.forgejo.url:host-gateway`). - -| runner.config.file.container.valid_volumes -| list -| `[]` -| Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: valid_volumes: - data - /src/*.json If you want to allow any volume, please use the following configuration: valid_volumes: - '**' - -| runner.config.file.container.workdir_parent -| string -| `nil` -| The parent directory of a job's working directory. If it's empty, /workspace will be used. - -| runner.config.file.host.workdir_parent -| string -| `nil` -| The parent directory of a job's working directory. If it's empty, $HOME/.cache/act/ will be used. - -| runner.config.file.log.job_level -| string -| `"info"` -| The level of logging for jobs, can be trace, debug, info, earn, error, fatal - -| runner.config.file.log.level -| string -| `"info"` -| The level of logging, can be trace, debug, info, warn, error, fatal - -| runner.config.file.runner.capacity -| int -| `1` -| Execute how many tasks concurrently at the same time. - -| runner.config.file.runner.env_file -| string -| `".env"` -| Extra environment variables to run jobs from a file. It will be ignored if it's empty or the file doesn't exist. - -| runner.config.file.runner.envs -| object -| `{"A_TEST_ENV_NAME_1":"a_test_env_value_1","A_TEST_ENV_NAME_2":"a_test_env_value_2"}` -| Extra environment variables to run jobs. - -| runner.config.file.runner.fetch_interval -| string -| `"2s"` -| The interval for fetching the job from the Forgejo instance. - -| runner.config.file.runner.fetch_timeout -| string -| `"5s"` -| The timeout for fetching the job from the Forgejo instance. - -| runner.config.file.runner.file -| string -| `".runner"` -| Runner config which contains id and token of this runner (autogenerate with create) - -| runner.config.file.runner.insecure -| bool -| `false` -| Whether skip verifying the TLS certificate of the Forgejo instance. - -| runner.config.file.runner.labels -| list -| `[]` -| The labels of a runner are used to determine which jobs the runner can run, and how to run them. Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"] If it's empty when registering, it will ask for inputting labels. If it's empty when execute `deamon`, will use labels in `.runner` file. - -| runner.config.file.runner.timeout -| string -| `"3h"` -| The timeout for a job to be finished. Please note that the Forgejo instance also has a timeout (3h by default) for the job. So the job could be stopped by the Forgejo instance if it's timeout is shorter than this. -|=== -.Values Other Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.behavior -| object -| `{}` -| behavior of HPA Example: scaleDown: stabilizationWindowSeconds: 300 policies: - type: Pods value: 1 periodSeconds: 60 scaleUp: stabilizationWindowSeconds: 0 policies: - type: Pods value: 1 periodSeconds: 60 - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| dind.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| dind.image.registry -| string -| `"docker.io"` -| - -| dind.image.repository -| string -| `"library/docker"` -| - -| dind.image.tag -| string -| `"27.3.1-dind"` -| - -| extraEnvVars -| list -| `[]` -| Additional environment variables to be set on runner container Example: extraEnvVars: - name: FOO value: "bar" - -| fullnameOverride -| string -| `""` -| - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"code.forgejo.org"` -| - -| image.repository -| string -| `"forgejo/runner"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| kubectl.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| kubectl.image.registry -| string -| `"docker.io"` -| - -| kubectl.image.repository -| string -| `"bitnami/kubectl"` -| - -| kubectl.image.tag -| string -| `"1.31.3"` -| - -| nameOverride -| string -| `""` -| - -| nodeSelector -| object -| `{}` -| - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| runner.config.create -| bool -| `true` -| - -| runner.config.existingSecret -| string -| `""` -| use existingSecret instatt - -| runner.config.instance -| string -| `"https://codeberg.org"` -| - -| runner.config.name -| string -| `nil` -| - -| runner.config.token -| string -| `nil` -| - -| securityContext.privileged -| bool -| `true` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.automount -| bool -| `true` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| - -| volumeMounts -| list -| `[]` -| - -| volumes -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] - diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index b10ee77..e3a36b4 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.2](https://img.shields.io/badge/AppVersion-5.0.2-informational?style=flat-square) +![Version: 0.4.4](https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.3](https://img.shields.io/badge/AppVersion-5.0.3-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) -- 2.45.3 From 8dc0ef5abbcdae0faef79332fd4d5fe9695f2687 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 30 Nov 2024 00:19:23 +0100 Subject: [PATCH 201/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 +- matrix-synapse/README.adoc | 1176 ------------------------------------ matrix-synapse/README.md | 4 +- matrix-synapse/values.yaml | 2 +- 4 files changed, 5 insertions(+), 1181 deletions(-) delete mode 100644 matrix-synapse/README.adoc diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index e5f3c65..8cdc1b9 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.2" +version: "1.0.3" # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.119.0 +appVersion: 1.120.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.adoc b/matrix-synapse/README.adoc deleted file mode 100644 index f9b57bb..0000000 --- a/matrix-synapse/README.adoc +++ /dev/null @@ -1,1176 +0,0 @@ - - -= matrix-synapse - -image::https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square[Version: 1.0.2] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-1.119.0-informational?style=flat-square[AppVersion: 1.119.0] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/matrix-synapse ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install matrix-synapse-release oci://codeberg.org/wrenix/helm-charts/matrix-synapse --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall matrix-synapse-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| config.bindAddresses -| list -| `["::"]` -| The bind addresses to use for the default listeners - -| config.extraListeners -| list -| `[]` -| - -| config.extraMainListenerTypes -| list -| `[]` -| - -| config.reportStats -| bool -| `false` -| - -| config.trustedKeyServers -| list -| `[{"server_name":"matrix.org"}]` -| A set of trusted servers to contact if another server doesn't respond to a signing key request. - -| config.useStructuredLogging -| bool -| `false` -| - -| externalPostgresql.database -| string -| `"synapse"` -| - -| externalPostgresql.extraArgs -| object -| `{}` -| Extra arguments for the database connection ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config - -| externalPostgresql.options -| object -| `{}` -| set extra configuration ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config e.g. txn_limit, allow_unsafe_locale - -| externalPostgresql.port -| int -| `5432` -| - -| externalPostgresql.username -| string -| `"synapse"` -| - -| externalRedis.port -| int -| `6379` -| - -| extraConfig -| object -| `{}` -| - -| extraLoggers -| object -| `{}` -| - -| extraSecrets -| object -| `{}` -| - -| fullnameOverride -| string -| `nil` -| Override the full name of the installed chart. - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| grafana.dashboards.annotations -| object -| `{}` -| - -| grafana.dashboards.enabled -| bool -| `false` -| - -| grafana.dashboards.labels.grafana_dashboard -| string -| `"1"` -| - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"ghcr.io"` -| - -| image.repository -| string -| `"element-hq/synapse"` -| - -| image.tag -| string -| `nil` -| Overrides the image tag whose default is the chart appVersion. - -| ingress.annotations -| object -| `{}` -| - -| ingress.csHosts -| list -| `[]` -| - -| ingress.csPaths -| list -| `[]` -| - -| ingress.enabled -| bool -| `true` -| - -| ingress.hosts -| list -| `[]` -| - -| ingress.includeServerName -| bool -| `true` -| - -| ingress.includeUnderscoreSynapse -| bool -| `true` -| - -| ingress.paths -| list -| `[]` -| - -| ingress.tls -| list -| `[]` -| - -| ingress.traefikPaths -| bool -| `false` -| - -| ingress.wkHosts -| list -| `[]` -| - -| nameOverride -| string -| `nil` -| Override part of the installed name, will still keep release name. - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `true` -| - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Do not create an PVC, direct use hostPath in Pod - -| persistence.size -| string -| `"10Gi"` -| - -| persistence.storageClass -| string -| `nil` -| Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| postgresql.auth.database -| string -| `"synapse"` -| - -| postgresql.auth.password -| string -| `"synapse"` -| - -| postgresql.auth.username -| string -| `"synapse"` -| - -| postgresql.enabled -| bool -| `true` -| - -| postgresql.extraArgs -| object -| `{}` -| Extra arguments for the database connection ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config - -| postgresql.options -| object -| `{}` -| set extra configuration ref: https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md#synapse-config e.g. txn_limit, allow_unsafe_locale - -| postgresql.primary.initdb.args -| string -| `"--lc-collate=C --lc-ctype=C"` -| - -| postgresql.primary.persistence.size -| string -| `"16Gi"` -| - -| prometheus.podmonitor.enabled -| bool -| `false` -| - -| prometheus.podmonitor.labels -| object -| `{}` -| - -| prometheus.rules.additionalRules -| list -| `[]` -| - -| prometheus.rules.defaults.enabled -| bool -| `true` -| - -| prometheus.rules.enabled -| bool -| `false` -| - -| prometheus.rules.labels -| object -| `{}` -| - -| publicServerName -| string -| `nil` -| The public Matrix server name, this will be used for any public URLs in config as well as for client API links in the ingress. - -| redis.architecture -| string -| `"standalone"` -| - -| redis.auth.enabled -| bool -| `true` -| - -| redis.auth.password -| string -| `"synapse"` -| - -| redis.enabled -| bool -| `true` -| - -| redis.master.kind -| string -| `"Deployment"` -| - -| redis.master.persistence.enabled -| bool -| `false` -| - -| redis.master.service.port -| int -| `6379` -| - -| serverName -| string -| `nil` -| The Matrix domain name, this is what will be used for the domain part in your MXIDs. - -| service.port -| int -| `8008` -| - -| service.targetPort -| string -| `"http"` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `false` -| - -| signingkey.annotations -| object -| `{"helm.sh/hook":"pre-install,pre-upgrade","helm.sh/hook-delete-policy":"before-hook-creation,hook-succeeded"}` -| Annotations to apply to the job and rbac for signing-key. - -| signingkey.job.enabled -| bool -| `true` -| - -| signingkey.job.publishImage.pullPolicy -| string -| `"IfNotPresent"` -| - -| signingkey.job.publishImage.registry -| string -| `"docker.io"` -| - -| signingkey.job.publishImage.repository -| string -| `"bitnami/kubectl"` -| - -| signingkey.job.publishImage.tag -| string -| `"latest"` -| - -| signingkey.resources -| object -| `{}` -| - -| synapse.affinity -| object -| `{}` -| - -| synapse.annotations -| object -| `{}` -| - -| synapse.extraCommands -| list -| `[]` -| - -| synapse.extraEnv -| list -| `[]` -| - -| synapse.extraVolumeMounts -| list -| `[]` -| - -| synapse.extraVolumes -| list -| `[]` -| - -| synapse.labels -| object -| `{}` -| - -| synapse.livenessProbe.httpGet.path -| string -| `"/health"` -| - -| synapse.livenessProbe.httpGet.port -| string -| `"http"` -| - -| synapse.nodeSelector -| object -| `{}` -| - -| synapse.podSecurityContext -| object -| `{}` -| - -| synapse.readinessProbe.httpGet.path -| string -| `"/health"` -| - -| synapse.readinessProbe.httpGet.port -| string -| `"http"` -| - -| synapse.resources -| object -| `{}` -| - -| synapse.securityContext -| object -| `{}` -| - -| synapse.startupProbe.failureThreshold -| int -| `12` -| - -| synapse.startupProbe.httpGet.path -| string -| `"/health"` -| - -| synapse.startupProbe.httpGet.port -| string -| `"http"` -| - -| synapse.strategy.type -| string -| `"RollingUpdate"` -| - -| synapse.tolerations -| list -| `[]` -| - -| volumePermissions.enabled -| bool -| `false` -| - -| volumePermissions.gid -| int -| `666` -| - -| volumePermissions.image.pullPolicy -| string -| `"Always"` -| - -| volumePermissions.image.registry -| string -| `"docker.io"` -| - -| volumePermissions.image.repository -| string -| `"library/alpine"` -| - -| volumePermissions.image.tag -| string -| `"3.20.3"` -| - -| volumePermissions.resources -| object -| `{}` -| - -| volumePermissions.uid -| int -| `666` -| - -| wellknown.affinity -| object -| `{}` -| - -| wellknown.client -| object -| `{}` -| Data to serve on .well-known/matrix/client. m.homeserver: base_url: https://matrix.example.com - -| wellknown.containerPort -| int -| `80` -| - -| wellknown.element -| object -| `{}` -| Data to serve on .well-known/element/element.json call: widget_url: https://call.element.io - -| wellknown.enabled -| bool -| `false` -| - -| wellknown.env -| list -| `[]` -| - -| wellknown.image.pullPolicy -| string -| `"IfNotPresent"` -| - -| wellknown.image.registry -| string -| `"docker.io"` -| - -| wellknown.image.repository -| string -| `"library/nginx"` -| - -| wellknown.image.tag -| string -| `"1.27.2"` -| - -| wellknown.nodeSelector -| object -| `{}` -| - -| wellknown.podAnnotations -| list -| `[]` -| - -| wellknown.podLabels -| object -| `{}` -| - -| wellknown.podSecurityContext -| object -| `{}` -| - -| wellknown.replicaCount -| int -| `1` -| - -| wellknown.resources -| object -| `{}` -| - -| wellknown.securityContext -| object -| `{}` -| - -| wellknown.server -| object -| `{}` -| The host and port combo to serve on .well-known/matrix/server. m.server: matrix.example.com:443 - -| wellknown.service.annotations -| object -| `{}` -| - -| wellknown.service.port -| int -| `8080` -| - -| wellknown.service.type -| string -| `"ClusterIP"` -| - -| wellknown.tolerations -| list -| `[]` -| - -| workers.appservice.enabled -| bool -| `false` -| - -| workers.appservice.generic -| bool -| `true` -| - -| workers.appservice.name -| string -| `"appservices"` -| - -| workers.default.affinity -| object -| `{}` -| - -| workers.default.annotations -| object -| `{}` -| - -| workers.default.extraCommands -| list -| `[]` -| - -| workers.default.extraEnv -| list -| `[]` -| - -| workers.default.livenessProbe.httpGet.path -| string -| `"/health"` -| - -| workers.default.livenessProbe.httpGet.port -| string -| `"metrics"` -| - -| workers.default.nodeSelector -| object -| `{}` -| - -| workers.default.podSecurityContext -| object -| `{}` -| - -| workers.default.readinessProbe.httpGet.path -| string -| `"/health"` -| - -| workers.default.readinessProbe.httpGet.port -| string -| `"metrics"` -| - -| workers.default.replicaCount -| int -| `1` -| - -| workers.default.resources -| object -| `{}` -| - -| workers.default.securityContext -| object -| `{}` -| - -| workers.default.startupProbe.failureThreshold -| int -| `6` -| - -| workers.default.startupProbe.httpGet.path -| string -| `"/health"` -| - -| workers.default.startupProbe.httpGet.port -| string -| `"metrics"` -| - -| workers.default.strategy.type -| string -| `"RollingUpdate"` -| - -| workers.default.tolerations -| list -| `[]` -| - -| workers.default.volumeMounts -| list -| `[]` -| - -| workers.default.volumes -| list -| `[]` -| - -| workers.federation_sender.enabled -| bool -| `false` -| - -| workers.frontend_proxy.csPaths[0] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/keys/upload"` -| - -| workers.frontend_proxy.enabled -| bool -| `false` -| - -| workers.frontend_proxy.listeners[0] -| string -| `"client"` -| - -| workers.generic_worker.csPaths[0] -| string -| `"/_matrix/client/(api/v1|r0|v3)/events$"` -| - -| workers.generic_worker.csPaths[10] -| string -| `"/_matrix/client/(r0|v3|unstable)/account/3pid$"` -| - -| workers.generic_worker.csPaths[11] -| string -| `"/_matrix/client/(r0|v3|unstable)/account/whoami$"` -| - -| workers.generic_worker.csPaths[12] -| string -| `"/_matrix/client/(r0|v3|unstable)/devices$"` -| - -| workers.generic_worker.csPaths[13] -| string -| `"/_matrix/client/versions$"` -| - -| workers.generic_worker.csPaths[14] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$"` -| - -| workers.generic_worker.csPaths[15] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/"` -| - -| workers.generic_worker.csPaths[16] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$"` -| - -| workers.generic_worker.csPaths[17] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/search$"` -| - -| workers.generic_worker.csPaths[18] -| string -| `"/_matrix/client/(r0|v3|unstable)/keys/query$"` -| - -| workers.generic_worker.csPaths[19] -| string -| `"/_matrix/client/(r0|v3|unstable)/keys/changes$"` -| - -| workers.generic_worker.csPaths[1] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$"` -| - -| workers.generic_worker.csPaths[20] -| string -| `"/_matrix/client/(r0|v3|unstable)/keys/claim$"` -| - -| workers.generic_worker.csPaths[21] -| string -| `"/_matrix/client/(r0|v3|unstable)/room_keys/"` -| - -| workers.generic_worker.csPaths[22] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/login$"` -| - -| workers.generic_worker.csPaths[23] -| string -| `"/_matrix/client/(r0|v3|unstable)/register$"` -| - -| workers.generic_worker.csPaths[24] -| string -| `"/_matrix/client/v1/register/m.login.registration_token/validity$"` -| - -| workers.generic_worker.csPaths[25] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact"` -| - -| workers.generic_worker.csPaths[26] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send"` -| - -| workers.generic_worker.csPaths[27] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/"` -| - -| workers.generic_worker.csPaths[28] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$"` -| - -| workers.generic_worker.csPaths[29] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/join/"` -| - -| workers.generic_worker.csPaths[2] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$"` -| - -| workers.generic_worker.csPaths[30] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/profile/"` -| - -| workers.generic_worker.csPaths[31] -| string -| `"/_matrix/client/(r0|v3|unstable)/user_directory/search"` -| - -| workers.generic_worker.csPaths[3] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$"` -| - -| workers.generic_worker.csPaths[4] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/"` -| - -| workers.generic_worker.csPaths[5] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$"` -| - -| workers.generic_worker.csPaths[6] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$"` -| - -| workers.generic_worker.csPaths[7] -| string -| `"/_matrix/client/v1/rooms/.*/hierarchy$"` -| - -| workers.generic_worker.csPaths[8] -| string -| `"/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$"` -| - -| workers.generic_worker.csPaths[9] -| string -| `"/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$"` -| - -| workers.generic_worker.enabled -| bool -| `false` -| - -| workers.generic_worker.generic -| bool -| `true` -| - -| workers.generic_worker.listeners[0] -| string -| `"client"` -| - -| workers.generic_worker.listeners[1] -| string -| `"federation"` -| - -| workers.generic_worker.paths[0] -| string -| `"/_matrix/federation/v1/event/"` -| - -| workers.generic_worker.paths[10] -| string -| `"/_matrix/federation/(v1|v2)/send_leave/"` -| - -| workers.generic_worker.paths[11] -| string -| `"/_matrix/federation/(v1|v2)/invite/"` -| - -| workers.generic_worker.paths[12] -| string -| `"/_matrix/federation/v1/event_auth/"` -| - -| workers.generic_worker.paths[13] -| string -| `"/_matrix/federation/v1/exchange_third_party_invite/"` -| - -| workers.generic_worker.paths[14] -| string -| `"/_matrix/federation/v1/user/devices/"` -| - -| workers.generic_worker.paths[15] -| string -| `"/_matrix/key/v2/query"` -| - -| workers.generic_worker.paths[16] -| string -| `"/_matrix/federation/v1/hierarchy/"` -| - -| workers.generic_worker.paths[17] -| string -| `"/_matrix/federation/v1/send/"` -| - -| workers.generic_worker.paths[1] -| string -| `"/_matrix/federation/v1/state/"` -| - -| workers.generic_worker.paths[2] -| string -| `"/_matrix/federation/v1/state_ids/"` -| - -| workers.generic_worker.paths[3] -| string -| `"/_matrix/federation/v1/backfill/"` -| - -| workers.generic_worker.paths[4] -| string -| `"/_matrix/federation/v1/get_missing_events/"` -| - -| workers.generic_worker.paths[5] -| string -| `"/_matrix/federation/v1/publicRooms"` -| - -| workers.generic_worker.paths[6] -| string -| `"/_matrix/federation/v1/query/"` -| - -| workers.generic_worker.paths[7] -| string -| `"/_matrix/federation/v1/make_join/"` -| - -| workers.generic_worker.paths[8] -| string -| `"/_matrix/federation/v1/make_leave/"` -| - -| workers.generic_worker.paths[9] -| string -| `"/_matrix/federation/(v1|v2)/send_join/"` -| - -| workers.media_repository.csPaths[0] -| string -| `"/_matrix/media/.*"` -| - -| workers.media_repository.csPaths[1] -| string -| `"/_synapse/admin/v1/purge_media_cache$"` -| - -| workers.media_repository.csPaths[2] -| string -| `"/_synapse/admin/v1/room/.*/media"` -| - -| workers.media_repository.csPaths[3] -| string -| `"/_synapse/admin/v1/user/.*/media"` -| - -| workers.media_repository.csPaths[4] -| string -| `"/_synapse/admin/v1/media/"` -| - -| workers.media_repository.csPaths[5] -| string -| `"/_synapse/admin/v1/quarantine_media/"` -| - -| workers.media_repository.csPaths[6] -| string -| `"/_synapse/admin/v1/users/.*/media$"` -| - -| workers.media_repository.enabled -| bool -| `false` -| - -| workers.media_repository.listeners[0] -| string -| `"media"` -| - -| workers.media_repository.paths[0] -| string -| `"/_matrix/media/.*"` -| - -| workers.pusher.enabled -| bool -| `false` -| - -| workers.user_dir.csPaths[0] -| string -| `"/_matrix/client/(api/v1|r0|v3|unstable)/user_directory/search$"` -| - -| workers.user_dir.enabled -| bool -| `false` -| - -| workers.user_dir.listeners[0] -| string -| `"client"` -| - -| workers.user_dir.name -| string -| `"userdir"` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index 01cf440..6401309 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.2](https://img.shields.io/badge/Version-1.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.119.0](https://img.shields.io/badge/AppVersion-1.119.0-informational?style=flat-square) +![Version: 1.0.3](https://img.shields.io/badge/Version-1.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.120.0](https://img.shields.io/badge/AppVersion-1.120.0-informational?style=flat-square) Matrix reference homeserver @@ -166,7 +166,7 @@ helm uninstall matrix-synapse-release | wellknown.image.pullPolicy | string | `"IfNotPresent"` | | | wellknown.image.registry | string | `"docker.io"` | | | wellknown.image.repository | string | `"library/nginx"` | | -| wellknown.image.tag | string | `"1.27.2"` | | +| wellknown.image.tag | string | `"1.27.3"` | | | wellknown.nodeSelector | object | `{}` | | | wellknown.podAnnotations | list | `[]` | | | wellknown.podLabels | object | `{}` | | diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 151d7f9..96a88d5 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -613,7 +613,7 @@ wellknown: image: registry: docker.io repository: library/nginx - tag: 1.27.2 + tag: 1.27.3 pullPolicy: IfNotPresent replicaCount: 1 -- 2.45.3 From 9a8fba28eeb9003ad4b96ccde04f9e975d495a13 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 4 Dec 2024 00:14:45 +0100 Subject: [PATCH 202/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 2 +- home-assistant/README.md | 4 ++-- home-assistant/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 1f00635..781e0f9 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,7 +3,7 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.7 +version: 0.2.8 # renovate: image=ghcr.io/home-assistant/home-assistant appVersion: "2024.11.3" maintainers: diff --git a/home-assistant/README.md b/home-assistant/README.md index f68f6b7..ac29e65 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.7](https://img.shields.io/badge/Version-0.2.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.3](https://img.shields.io/badge/AppVersion-2024.11.3-informational?style=flat-square) +![Version: 0.2.8](https://img.shields.io/badge/Version-0.2.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.3](https://img.shields.io/badge/AppVersion-2024.11.3-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi @@ -113,7 +113,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.pullPolicy | string | `"IfNotPresent"` | | | zigbee2mqtt.image.registry | string | `"docker.io"` | | | zigbee2mqtt.image.repository | string | `"koenkk/zigbee2mqtt"` | | -| zigbee2mqtt.image.tag | string | `"1.41.0"` | | +| zigbee2mqtt.image.tag | string | `"1.42.0"` | | | zigbee2mqtt.ingress.hosts | list | `[]` | | | zigbee2mqtt.securityContext.privileged | bool | `true` | | diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index f765128..ad0c253 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.41.0 + tag: 1.42.0 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From ef1353514070eb0a056f1ff88cdfb18c83ff29ca Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 4 Dec 2024 00:14:51 +0100 Subject: [PATCH 203/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 8cdc1b9..860c947 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.3" +version: "1.0.4" # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.120.0 +appVersion: 1.120.2 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index 6401309..0c15575 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.3](https://img.shields.io/badge/Version-1.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.120.0](https://img.shields.io/badge/AppVersion-1.120.0-informational?style=flat-square) +![Version: 1.0.4](https://img.shields.io/badge/Version-1.0.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.120.2](https://img.shields.io/badge/AppVersion-1.120.2-informational?style=flat-square) Matrix reference homeserver -- 2.45.3 From e12fb35a846b49f3bdbd175a90b224b4abe18c85 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 6 Dec 2024 23:32:39 +0100 Subject: [PATCH 204/256] fix(home-assistant): update --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 781e0f9..5781bf5 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.8 +version: 0.2.9 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.11.3" +appVersion: "2024.12.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index ac29e65..5c8e09d 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.8](https://img.shields.io/badge/Version-0.2.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.3](https://img.shields.io/badge/AppVersion-2024.11.3-informational?style=flat-square) +![Version: 0.2.9](https://img.shields.io/badge/Version-0.2.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.1](https://img.shields.io/badge/AppVersion-2024.12.1-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From ebb3dd435e5f3ae968cf91db70cfb36fbe86604a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 6 Dec 2024 23:32:44 +0100 Subject: [PATCH 205/256] fix(matrix-synapse): update --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.md | 4 ++-- matrix-synapse/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 860c947..91d1511 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.4" +version: "1.0.5" # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.120.2 maintainers: diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index 0c15575..4846c70 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.4](https://img.shields.io/badge/Version-1.0.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.120.2](https://img.shields.io/badge/AppVersion-1.120.2-informational?style=flat-square) +![Version: 1.0.5](https://img.shields.io/badge/Version-1.0.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.120.2](https://img.shields.io/badge/AppVersion-1.120.2-informational?style=flat-square) Matrix reference homeserver @@ -154,7 +154,7 @@ helm uninstall matrix-synapse-release | volumePermissions.image.pullPolicy | string | `"Always"` | | | volumePermissions.image.registry | string | `"docker.io"` | | | volumePermissions.image.repository | string | `"library/alpine"` | | -| volumePermissions.image.tag | string | `"3.20.3"` | | +| volumePermissions.image.tag | string | `"3.21.0"` | | | volumePermissions.resources | object | `{}` | | | volumePermissions.uid | int | `666` | | | wellknown.affinity | object | `{}` | | diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 96a88d5..7d4042f 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -794,7 +794,7 @@ volumePermissions: image: registry: docker.io repository: library/alpine - tag: 3.20.3 + tag: 3.21.0 pullPolicy: Always ## Optionally specify an array of imagePullSecrets. -- 2.45.3 From 16145e25489192959be460cd7568b814a6e0d4c2 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 8 Dec 2024 22:29:01 +0100 Subject: [PATCH 206/256] fix(grampsweb): update appVersion --- grampsweb/Chart.yaml | 4 +- grampsweb/README.adoc | 326 ------------------------------------------ grampsweb/README.md | 2 +- 3 files changed, 3 insertions(+), 329 deletions(-) delete mode 100644 grampsweb/README.adoc diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index 10f4b92..ec0590c 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: "0.2.4" +version: "0.2.5" # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.11.0" +appVersion: "24.12.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.adoc b/grampsweb/README.adoc deleted file mode 100644 index 0613b81..0000000 --- a/grampsweb/README.adoc +++ /dev/null @@ -1,326 +0,0 @@ - - -= grampsweb - -image::https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square[Version: 0.2.4] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-24.11.0-informational?style=flat-square[AppVersion: 24.11.0] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/grampsweb ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install grampsweb-release oci://codeberg.org/wrenix/helm-charts/grampsweb --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall grampsweb-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| fullnameOverride -| string -| `""` -| - -| gramps.baseURL -| string -| `"https://gramps.example.org"` -| Base URL where the API can be reached (e.g. https://mygramps.mydomain.com/). This is necessary e.g. to build correct passwort reset links - -| gramps.mail.from -| string -| `nil` -| "From" address for automated e-mails - -| gramps.mail.host -| string -| `nil` -| SMTP server host (e.g. for sending password reset e-mails) - -| gramps.mail.password -| string -| `nil` -| SMTP server password - -| gramps.mail.port -| int -| `465` -| SMTP server port. - -| gramps.mail.useTLS -| bool -| `true` -| Boolean, whether to use TLS for sending e-mails. Defaults to true. When using STARTTLS, set this to false and use a port different from 25. - -| gramps.mail.username -| string -| `nil` -| SMTP server username - -| gramps.mediaPrefixTree -| bool -| `false` -| whether or not to use a separate subfolder for the media files of each tree. Defaults to False, but strongly recommend to use True in a multi-tree setup - -| gramps.tree -| string -| `"Gramps Web"` -| To enable multi-tree support, the TREE config option must be set to a single asterisk `*` - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"ghcr.io"` -| - -| image.repository -| string -| `"gramps-project/grampsweb"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| nameOverride -| string -| `""` -| - -| networkPolicy.egress.enabled -| bool -| `true` -| activate egress no networkpolicy - -| networkPolicy.egress.extra -| list -| `[]` -| egress rules - -| networkPolicy.enabled -| bool -| `false` -| - -| networkPolicy.ingress.http -| list -| `[]` -| ingress for http port (e.g. ingress-controller) - -| nodeSelector -| object -| `{}` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `true` -| - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Do not create an PVC, direct use hostPath in Pod - -| persistence.size -| string -| `"5Gi"` -| - -| persistence.storageClass -| string -| `nil` -| Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.port -| int -| `5000` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.automount -| bool -| `true` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| - -| volumeMounts -| list -| `[]` -| - -| volumes -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/grampsweb/README.md b/grampsweb/README.md index 9a5867a..c773d6f 100644 --- a/grampsweb/README.md +++ b/grampsweb/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for gramps web" # grampsweb -![Version: 0.2.4](https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 24.11.0](https://img.shields.io/badge/AppVersion-24.11.0-informational?style=flat-square) +![Version: 0.2.5](https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 24.12.1](https://img.shields.io/badge/AppVersion-24.12.1-informational?style=flat-square) A Helm chart for gramps web -- 2.45.3 From e97206fa9643d724c62e109b74351f6967524330 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 8 Dec 2024 22:29:04 +0100 Subject: [PATCH 207/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 4 +- stalwart-mail/README.adoc | 809 -------------------------------------- stalwart-mail/README.md | 2 +- 3 files changed, 3 insertions(+), 812 deletions(-) delete mode 100644 stalwart-mail/README.adoc diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 6ed4192..79ee075 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.18 +version: 0.0.19 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.10.6" +appVersion: "0.10.7" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.adoc b/stalwart-mail/README.adoc deleted file mode 100644 index a8bbc16..0000000 --- a/stalwart-mail/README.adoc +++ /dev/null @@ -1,809 +0,0 @@ - - -= stalwart-mail - -image::https://img.shields.io/badge/Version-0.0.18-informational?style=flat-square[Version: 0.0.18] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-0.10.6-informational?style=flat-square[AppVersion: 0.10.6] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -= Alpha - -WARNING -==== -We stop working on this Helm-Chart. -There are still many breaking change like: - -* https://github.com/stalwartlabs/mail-server/issues/211[storage.fts in toml configuration has two meanings] - -We hope that stalward mail-server becomes more stable. - -==== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/stalwart-mail ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install stalwart-mail-release oci://codeberg.org/wrenix/helm-charts/stalwart-mail --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall stalwart-mail-release ----- - -== Values - -.Values DKIM -|=== -| Key | Type | Default | Description - -| config.auth.dkim.sign -| list -| `[{"if":"listener != 'smtp'","then":"['rsa', 'ed25519']"},{"else":false}]` -| auth rule for signing with dkim - -| config.auth.dkim.verify -| string -| `"relaxed"` -| verify of dkim signature (relaxed, strict, disable) -|=== - -.Values Authentification -|=== -| Key | Type | Default | Description - -| config.authentication.fallback-admin.secret -| string -| `"%{env:FALLBACK_ADMIN_SECRET}%"` -| password for fallback authentfication (use env for store in secrets of kubernetes) - -| config.authentication.fallback-admin.user -| string -| `"admin"` -| username for fallback authentfication - -| secrets.env.FALLBACK_ADMIN_SECRET -| string -| `"supersecret"` -| password for fallback authentfication (env) -|=== -.Values Other Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| certificate.certmanager.dnsNames[0] -| string -| `"chart-example.local"` -| - -| certificate.certmanager.enabled -| bool -| `true` -| - -| certificate.certmanager.issuerRef.group -| string -| `"cert-manager.io"` -| - -| certificate.certmanager.issuerRef.kind -| string -| `"ClusterIssuer"` -| - -| certificate.certmanager.issuerRef.name -| string -| `"letsencrypt-prod"` -| - -| certificate.secretName -| string -| `nil` -| not needed if certmanager is used - -| config.directory.internal.store -| string -| `"rocksdb"` -| - -| config.directory.internal.type -| string -| `"internal"` -| - -| config.metrics.prometheus.auth.secret -| string -| `"%{env:METRICS_SECRET}%"` -| - -| config.metrics.prometheus.auth.username -| string -| `"%{env:METRICS_USERNAME}%"` -| - -| config.metrics.prometheus.enable -| bool -| `true` -| - -| config.server.listener.http.bind[0] -| string -| `"[::]:80"` -| - -| config.server.listener.http.protocol -| string -| `"http"` -| - -| config.server.listener.https.bind[0] -| string -| `"[::]:443"` -| - -| config.server.listener.https.protocol -| string -| `"http"` -| - -| config.server.listener.https.tls.implicit -| bool -| `true` -| - -| config.server.listener.imap.bind[0] -| string -| `"[::]:143"` -| - -| config.server.listener.imap.protocol -| string -| `"imap"` -| - -| config.server.listener.imaptls.bind[0] -| string -| `"[::]:993"` -| - -| config.server.listener.imaptls.protocol -| string -| `"imap"` -| - -| config.server.listener.imaptls.tls.implicit -| bool -| `true` -| - -| config.server.listener.pop3.bind[0] -| string -| `"[::]:110"` -| - -| config.server.listener.pop3.protocol -| string -| `"pop3"` -| - -| config.server.listener.pop3s.bind[0] -| string -| `"[::]:995"` -| - -| config.server.listener.pop3s.protocol -| string -| `"pop3"` -| - -| config.server.listener.pop3s.tls.implicit -| bool -| `true` -| - -| config.server.listener.sieve.bind[0] -| string -| `"[::]:4190"` -| - -| config.server.listener.sieve.protocol -| string -| `"managesieve"` -| - -| config.server.listener.smtp.bind[0] -| string -| `"[::]:25"` -| - -| config.server.listener.smtp.protocol -| string -| `"smtp"` -| - -| config.server.listener.submission.bind[0] -| string -| `"[::]:587"` -| - -| config.server.listener.submission.protocol -| string -| `"smtp"` -| - -| config.server.listener.submissions.bind[0] -| string -| `"[::]:465"` -| - -| config.server.listener.submissions.protocol -| string -| `"smtp"` -| - -| config.server.listener.submissions.tls.implicit -| bool -| `true` -| - -| config.storage.blob -| string -| `"rocksdb"` -| - -| config.storage.data -| string -| `"rocksdb"` -| - -| config.storage.directory -| string -| `"internal"` -| - -| config.storage.fts -| string -| `"rocksdb"` -| - -| config.storage.lookup -| string -| `"rocksdb"` -| - -| config.store.rocksdb.compression -| string -| `"lz4"` -| - -| config.store.rocksdb.path -| string -| `"/data"` -| - -| config.store.rocksdb.type -| string -| `"rocksdb"` -| - -| config.tracer.otel.enable -| bool -| `false` -| - -| config.tracer.otel.endpoint -| string -| `"https://127.0.0.1/otel"` -| - -| config.tracer.otel.headers -| list -| `[]` -| headers for usage with http (e.g. 'Authorization: ') - -| config.tracer.otel.level -| string -| `"info"` -| - -| config.tracer.otel.transport -| string -| `"grpc"` -| grpc or http - -| config.tracer.otel.type -| string -| `"open-telemetry"` -| - -| config.tracer.stdout.ansi -| bool -| `false` -| - -| config.tracer.stdout.enable -| bool -| `true` -| - -| config.tracer.stdout.level -| string -| `"info"` -| - -| config.tracer.stdout.type -| string -| `"stdout"` -| - -| env -| list -| `[]` -| - -| fullnameOverride -| string -| `""` -| - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"docker.io"` -| - -| image.repository -| string -| `"stalwartlabs/mail-server"` -| - -| image.tag -| string -| `""` -| Overrides the image tag whose default is the chart appVersion. - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| livenessProbe.httpGet.path -| string -| `"/healthz/live"` -| - -| livenessProbe.httpGet.port -| string -| `"http"` -| - -| nameOverride -| string -| `""` -| - -| nodeSelector -| object -| `{}` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| accessMode - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `true` -| Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Do not create an PVC, direct use hostPath in Pod - -| persistence.size -| string -| `"10Gi"` -| size - -| persistence.storageClass -| string -| `nil` -| Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| prometheus.servicemonitor.enabled -| bool -| `false` -| - -| prometheus.servicemonitor.labels -| object -| `{}` -| - -| readinessProbe.httpGet.path -| string -| `"/healthz/ready"` -| - -| readinessProbe.httpGet.port -| string -| `"http"` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| secrets.env.METRICS_SECRET -| string -| `"scrape_metrics_password"` -| - -| secrets.env.METRICS_USERNAME -| string -| `"scrape_metrics_user"` -| - -| securityContext -| object -| `{}` -| - -| service.annotations -| object -| `{}` -| - -| service.ipFamilies[0] -| string -| `"IPv4"` -| - -| service.ipFamilyPolicy -| string -| `"SingleStack"` -| other option is RequireDualStack - -| service.ports.http -| int -| `80` -| - -| service.ports.https -| int -| `443` -| - -| service.ports.imap -| int -| `143` -| - -| service.ports.imaptls -| int -| `993` -| - -| service.ports.pop3 -| int -| `110` -| - -| service.ports.pop3s -| int -| `995` -| - -| service.ports.sieve -| int -| `4190` -| - -| service.ports.smtp -| int -| `25` -| - -| service.ports.submission -| int -| `587` -| - -| service.ports.submissions -| int -| `465` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.automount -| bool -| `true` -| - -| serviceAccount.create -| bool -| `false` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| - -| traefik.enabled -| bool -| `false` -| - -| traefik.ports.https.entrypoint -| string -| `"websecure"` -| - -| traefik.ports.https.match -| string -| `nil` -| - -| traefik.ports.https.passthroughTLS -| bool -| `true` -| - -| traefik.ports.https.proxyProtocol -| bool -| `true` -| - -| traefik.ports.imaptls.entrypoint -| string -| `"imaps"` -| - -| traefik.ports.imaptls.match -| string -| `nil` -| - -| traefik.ports.imaptls.passthroughTLS -| bool -| `true` -| - -| traefik.ports.imaptls.proxyProtocol -| bool -| `true` -| - -| traefik.ports.pop3s.entrypoint -| string -| `"pop3s"` -| - -| traefik.ports.pop3s.match -| string -| `nil` -| - -| traefik.ports.pop3s.passthroughTLS -| bool -| `true` -| - -| traefik.ports.pop3s.proxyProtocol -| bool -| `true` -| - -| traefik.ports.sieve.entrypoint -| string -| `"sieve"` -| - -| traefik.ports.sieve.match -| string -| `nil` -| - -| traefik.ports.sieve.passthroughTLS -| bool -| `true` -| - -| traefik.ports.sieve.proxyProtocol -| bool -| `true` -| - -| traefik.ports.smtp.entrypoint -| string -| `"smtp"` -| - -| traefik.ports.smtp.match -| string -| `nil` -| - -| traefik.ports.smtp.proxyProtocol -| bool -| `true` -| - -| traefik.ports.submissions.entrypoint -| string -| `"smtps"` -| - -| traefik.ports.submissions.match -| string -| `nil` -| - -| traefik.ports.submissions.passthroughTLS -| bool -| `true` -| - -| traefik.ports.submissions.proxyProtocol -| bool -| `true` -| - -| volumeMounts -| list -| `[]` -| - -| volumes -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] - diff --git a/stalwart-mail/README.md b/stalwart-mail/README.md index f1d859a..e57b3bb 100644 --- a/stalwart-mail/README.md +++ b/stalwart-mail/README.md @@ -7,7 +7,7 @@ description: "Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One M # stalwart-mail -![Version: 0.0.18](https://img.shields.io/badge/Version-0.0.18-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.10.6](https://img.shields.io/badge/AppVersion-0.10.6-informational?style=flat-square) +![Version: 0.0.19](https://img.shields.io/badge/Version-0.0.19-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.10.7](https://img.shields.io/badge/AppVersion-0.10.7-informational?style=flat-square) Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) -- 2.45.3 From 874545454213409b9eab24ed23334ee0571d84be Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 11 Dec 2024 13:18:49 +0100 Subject: [PATCH 208/256] fix(home-assistant): update --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 4 ++-- home-assistant/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 5781bf5..d4bcec0 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.9 +version: 0.2.10 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.12.1" +appVersion: "2024.12.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index 5c8e09d..bb562d2 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.9](https://img.shields.io/badge/Version-0.2.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.1](https://img.shields.io/badge/AppVersion-2024.12.1-informational?style=flat-square) +![Version: 0.2.10](https://img.shields.io/badge/Version-0.2.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.2](https://img.shields.io/badge/AppVersion-2024.12.2-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi @@ -70,7 +70,7 @@ helm uninstall home-assistant-release | nats.image.pullPolicy | string | `"IfNotPresent"` | | | nats.image.registry | string | `"docker.io"` | | | nats.image.repository | string | `"library/nats"` | | -| nats.image.tag | string | `"2.10.22-scratch"` | | +| nats.image.tag | string | `"2.10.23-scratch"` | | | nats.livenessProbe.tcpSocket.port | string | `"nats"` | | | nats.readinessProbe.tcpSocket.port | string | `"nats"` | | | nats.resources.limits.cpu | string | `"100m"` | | diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index ad0c253..3656a95 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -24,7 +24,7 @@ nats: registry: docker.io repository: library/nats pullPolicy: IfNotPresent - tag: "2.10.22-scratch" + tag: "2.10.23-scratch" service: port: nats: 4222 -- 2.45.3 From c01b429f5246c4f9630cbce9c27fcc745b39e532 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 11 Dec 2024 13:20:49 +0100 Subject: [PATCH 209/256] fix(forgejo-runner): update dependencies --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.md | 6 +++--- forgejo-runner/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 5728f82..b890c37 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.4" +version: "0.4.5" # renovate: image=code.forgejo.org/forgejo/runner appVersion: "5.0.3" maintainers: diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index e3a36b4..c54b285 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.4](https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.3](https://img.shields.io/badge/AppVersion-5.0.3-informational?style=flat-square) +![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.3](https://img.shields.io/badge/AppVersion-5.0.3-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) @@ -119,7 +119,7 @@ helm uninstall forgejo-runner-release | dind.image.pullPolicy | string | `"IfNotPresent"` | | | dind.image.registry | string | `"docker.io"` | | | dind.image.repository | string | `"library/docker"` | | -| dind.image.tag | string | `"27.3.1-dind"` | | +| dind.image.tag | string | `"27.4.0-dind"` | | | extraEnvVars | list | `[]` | Additional environment variables to be set on runner container Example: extraEnvVars: - name: FOO value: "bar" | | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | @@ -130,7 +130,7 @@ helm uninstall forgejo-runner-release | kubectl.image.pullPolicy | string | `"IfNotPresent"` | | | kubectl.image.registry | string | `"docker.io"` | | | kubectl.image.repository | string | `"bitnami/kubectl"` | | -| kubectl.image.tag | string | `"1.31.3"` | | +| kubectl.image.tag | string | `"1.31.4"` | | | nameOverride | string | `""` | | | nodeSelector | object | `{}` | | | podAnnotations | object | `{}` | | diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 84a18b5..2003933 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -144,13 +144,13 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.3.1-dind + tag: 27.4.0-dind kubectl: image: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.3 + tag: 1.31.4 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From b3fd15e30f5c3d83671297b0a667fa1506000578 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 11 Dec 2024 13:20:56 +0100 Subject: [PATCH 210/256] fix(ntfy): update dependencies --- ntfy/Chart.yaml | 2 +- ntfy/README.adoc | 601 ----------------------------------------------- ntfy/README.md | 4 +- ntfy/values.yaml | 2 +- 4 files changed, 4 insertions(+), 605 deletions(-) delete mode 100644 ntfy/README.adoc diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 60fe69a..02c1304 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: "0.4.6" +version: "0.4.7" # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.adoc b/ntfy/README.adoc deleted file mode 100644 index 5c77215..0000000 --- a/ntfy/README.adoc +++ /dev/null @@ -1,601 +0,0 @@ - - -= ntfy - -image::https://img.shields.io/badge/Version-0.4.6-informational?style=flat-square[Version: 0.4.6] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square[AppVersion: 2.11.0] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/ntfy ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install ntfy-release oci://codeberg.org/wrenix/helm-charts/ntfy --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall ntfy-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| env -| list -| `[]` -| set env in container for usage Environment variables - -| envFrom -| list -| `[]` -| set envFrom in container for usage of ConfigMaps or Secrets as a bunch of Environment variables - -| fullnameOverride -| string -| `""` -| - -| grafana.dashboards.annotations -| object -| `{}` -| - -| grafana.dashboards.enabled -| bool -| `false` -| - -| grafana.dashboards.labels.grafana_dashboard -| string -| `"1"` -| - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.repository -| string -| `"binwiederhier/ntfy"` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| kubectl.image -| object -| `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.3"}` -| image needed for setup (store generated VAPID / WebPush keys) - -| nameOverride -| string -| `""` -| - -| networkPolicy.egress.enabled -| bool -| `true` -| activate egress no networkpolicy - -| networkPolicy.egress.extra -| list -| `[]` -| egress rules - -| networkPolicy.enabled -| bool -| `false` -| - -| networkPolicy.ingress.http -| list -| `[]` -| ingress for http port (e.g. ingress-controller) - -| networkPolicy.ingress.metrics -| list -| `[]` -| ingress for metrics port (e.g. prometheus) - -| networkPolicy.ingress.smtp -| list -| `[]` -| ingress for smtp - -| nodeSelector -| object -| `{}` -| - -| ntfy.attachment.cacheDir -| string -| `nil` -| - -| ntfy.attachment.expireDuration -| string -| `"3h"` -| - -| ntfy.attachment.sizeLimit.file -| string -| `"15M"` -| - -| ntfy.attachment.sizeLimit.total -| string -| `"5G"` -| - -| ntfy.auth.defaultAccess -| string -| `"read-write"` -| - -| ntfy.auth.file -| string -| `nil` -| - -| ntfy.auth.startupQueries -| string -| `nil` -| - -| ntfy.baseURL -| string -| `"https://ntfy.example.org"` -| - -| ntfy.behindProxy -| bool -| `true` -| - -| ntfy.cache.batch.size -| int -| `0` -| - -| ntfy.cache.batch.timeout -| string -| `"0s"` -| - -| ntfy.cache.duration -| string -| `"12h"` -| - -| ntfy.cache.file -| string -| `nil` -| - -| ntfy.cache.startupQueries -| string -| `nil` -| - -| ntfy.enableLogin -| bool -| `false` -| - -| ntfy.enableReservations -| bool -| `false` -| - -| ntfy.enableSignup -| bool -| `false` -| - -| ntfy.firebaseKeyFile -| string -| `nil` -| - -| ntfy.globalTopicLimit -| int -| `15000` -| - -| ntfy.keepaliveInterval -| string -| `"45s"` -| - -| ntfy.listen.certFile -| string -| `nil` -| - -| ntfy.listen.http -| string -| `":80"` -| - -| ntfy.listen.https -| string -| `nil` -| - -| ntfy.listen.keyFile -| string -| `nil` -| - -| ntfy.listen.unix -| string -| `nil` -| - -| ntfy.listen.unixMode -| string -| `nil` -| - -| ntfy.managerInterval -| string -| `"1m"` -| - -| ntfy.metrics.enable -| bool -| `true` -| - -| ntfy.metrics.port -| int -| `9000` -| - -| ntfy.smtp.sender.addr -| string -| `nil` -| - -| ntfy.smtp.sender.from -| string -| `nil` -| - -| ntfy.smtp.sender.pass -| string -| `nil` -| - -| ntfy.smtp.sender.user -| string -| `nil` -| - -| ntfy.smtp.server.addrPrefix -| string -| `nil` -| - -| ntfy.smtp.server.domain -| string -| `nil` -| - -| ntfy.upstreamBaseURL -| string -| `"https://ntfy.sh"` -| - -| ntfy.visitor.attachment.dailyBandwidthLimit -| string -| `"500M"` -| - -| ntfy.visitor.attachment.totalSizeLimit -| string -| `"100M"` -| - -| ntfy.visitor.email.limitBurst -| int -| `16` -| - -| ntfy.visitor.email.limitReplenish -| string -| `"1h"` -| - -| ntfy.visitor.request.limitBurst -| int -| `60` -| - -| ntfy.visitor.request.limitExemptHosts -| string -| `""` -| - -| ntfy.visitor.request.limitReplenish -| string -| `"5s"` -| - -| ntfy.visitor.subscriberRateLimiting -| bool -| `false` -| - -| ntfy.visitor.subscriptionLimit -| int -| `30` -| - -| ntfy.webPush.emailAddress -| string -| `""` -| - -| ntfy.webPush.file -| string -| `"/data/webpush.db"` -| - -| ntfy.webPush.keys.create -| bool -| `false` -| - -| ntfy.webPush.keys.private -| string -| `nil` -| - -| ntfy.webPush.keys.public -| string -| `nil` -| - -| ntfy.webRoot -| string -| `"app"` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `false` -| - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Create a PV on Node with given hostPath storageClass has to be manual - -| persistence.size -| string -| `"1Gi"` -| - -| persistence.storageClass -| string -| `nil` -| data Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| set securityContext on pod level - -| prometheus.rules.additionalRules -| list -| `[]` -| - -| prometheus.rules.enabled -| bool -| `false` -| - -| prometheus.rules.labels -| object -| `{}` -| - -| prometheus.servicemonitor.enabled -| bool -| `false` -| - -| prometheus.servicemonitor.labels -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| set securityContext on container level - -| service.http.port -| int -| `80` -| - -| service.http.type -| string -| `"ClusterIP"` -| - -| service.smtp.enabled -| bool -| `false` -| - -| service.smtp.port -| int -| `25` -| - -| service.smtp.type -| string -| `"LoadBalancer"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| - -| updateStrategy.type -| string -| `"Recreate"` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/ntfy/README.md b/ntfy/README.md index d16f434..73c3c18 100644 --- a/ntfy/README.md +++ b/ntfy/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # ntfy -![Version: 0.4.6](https://img.shields.io/badge/Version-0.4.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) +![Version: 0.4.7](https://img.shields.io/badge/Version-0.4.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) A Helm chart for Kubernetes @@ -65,7 +65,7 @@ helm uninstall ntfy-release | ingress.hosts[0].paths[0].path | string | `"/"` | | | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | | ingress.tls | list | `[]` | | -| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.3"}` | image needed for setup (store generated VAPID / WebPush keys) | +| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.4"}` | image needed for setup (store generated VAPID / WebPush keys) | | nameOverride | string | `""` | | | networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | | networkPolicy.egress.extra | list | `[]` | egress rules | diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 410cde1..bf99387 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -16,7 +16,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.3 + tag: 1.31.4 imagePullSecrets: [] nameOverride: "" -- 2.45.3 From 2407101ec0439e50306c6f8641fb635fdc4ebc24 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 12 Dec 2024 22:33:45 +0100 Subject: [PATCH 211/256] feat(pretix): init --- pretix/.gitignore | 1 + pretix/.helmignore | 23 ++ pretix/Chart.lock | 9 + pretix/Chart.yaml | 25 ++ pretix/README.md | 280 ++++++++++++++++++ pretix/ci/all-values.yaml | 10 + pretix/ci/empty-values.yaml | 0 pretix/templates/NOTES.txt | 22 ++ pretix/templates/_helpers.tpl | 62 ++++ .../configmap_grafana_dashboards.yaml | 14 + pretix/templates/cronjob.yaml | 84 ++++++ pretix/templates/deployment.yaml | 101 +++++++ pretix/templates/hpa.yaml | 32 ++ pretix/templates/ingress.yaml | 43 +++ pretix/templates/job-migrate.yaml | 81 +++++ pretix/templates/prometheus-rules.yaml | 29 ++ pretix/templates/pvc.yaml | 29 ++ pretix/templates/secrets.yaml | 13 + pretix/templates/service.yaml | 20 ++ pretix/templates/serviceaccount.yaml | 13 + pretix/templates/servicemonitor.yaml | 36 +++ pretix/templates/tests/test-connection.yaml | 15 + pretix/values.yaml | 224 ++++++++++++++ 23 files changed, 1166 insertions(+) create mode 100644 pretix/.gitignore create mode 100644 pretix/.helmignore create mode 100644 pretix/Chart.lock create mode 100644 pretix/Chart.yaml create mode 100644 pretix/README.md create mode 100644 pretix/ci/all-values.yaml create mode 100644 pretix/ci/empty-values.yaml create mode 100644 pretix/templates/NOTES.txt create mode 100644 pretix/templates/_helpers.tpl create mode 100644 pretix/templates/configmap_grafana_dashboards.yaml create mode 100644 pretix/templates/cronjob.yaml create mode 100644 pretix/templates/deployment.yaml create mode 100644 pretix/templates/hpa.yaml create mode 100644 pretix/templates/ingress.yaml create mode 100644 pretix/templates/job-migrate.yaml create mode 100644 pretix/templates/prometheus-rules.yaml create mode 100644 pretix/templates/pvc.yaml create mode 100644 pretix/templates/secrets.yaml create mode 100644 pretix/templates/service.yaml create mode 100644 pretix/templates/serviceaccount.yaml create mode 100644 pretix/templates/servicemonitor.yaml create mode 100644 pretix/templates/tests/test-connection.yaml create mode 100644 pretix/values.yaml diff --git a/pretix/.gitignore b/pretix/.gitignore new file mode 100644 index 0000000..948259a --- /dev/null +++ b/pretix/.gitignore @@ -0,0 +1 @@ +charts/*.tgz diff --git a/pretix/.helmignore b/pretix/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/pretix/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/pretix/Chart.lock b/pretix/Chart.lock new file mode 100644 index 0000000..9498c2b --- /dev/null +++ b/pretix/Chart.lock @@ -0,0 +1,9 @@ +dependencies: +- name: postgresql + repository: oci://docker.io/bitnamicharts + version: 16.3.0 +- name: redis + repository: oci://docker.io/bitnamicharts + version: 20.5.0 +digest: sha256:7126a34c5cb99dc7bf96ee997009392d629bd6d0e57af288eec2d73b548a5d47 +generated: "2024-12-12T23:28:46.938657955+01:00" diff --git a/pretix/Chart.yaml b/pretix/Chart.yaml new file mode 100644 index 0000000..fc952b2 --- /dev/null +++ b/pretix/Chart.yaml @@ -0,0 +1,25 @@ +apiVersion: v2 +name: pretix +description: Reinventing ticket presales, one ticket at a time. +type: application +version: 0.1.0 +# renovate: image=docker.io/pretix/standalone +appVersion: "2024.11.0" +keywords: + - event-tickets +maintainers: + - name: WrenIX + url: https://wrenix.eu +sources: + - https://github.com/pretix/pretix + - https://codeberg.org/wrenix/helm-charts/src/branch/main/pretix + - https://hub.docker.com/r/pretix/standalone +dependencies: + - name: postgresql + version: "16.3.0" + repository: "oci://docker.io/bitnamicharts" + condition: postgresql.enabled + - name: redis + version: "20.5.0" + repository: "oci://docker.io/bitnamicharts" + condition: redis.enabled diff --git a/pretix/README.md b/pretix/README.md new file mode 100644 index 0000000..26580c1 --- /dev/null +++ b/pretix/README.md @@ -0,0 +1,280 @@ +--- +title: "pretix" + +description: "Reinventing ticket presales, one ticket at a time." + +--- + +# pretix + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) + +Reinventing ticket presales, one ticket at a time. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Source Code + +* +* +* + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/pretix +``` + +You can install a chart release using the following command: + +```bash +helm install pretix-release oci://codeberg.org/wrenix/helm-charts/pretix --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall pretix-release +``` + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| oci://docker.io/bitnamicharts | postgresql | 16.3.0 | +| oci://docker.io/bitnamicharts | redis | 20.5.0 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| cronSchedule | string | `"*/30 * * * *"` | | +| env.PRETIX_CELERY_BACKEND | string | `"redis://pretix-redis-master/1"` | | +| env.PRETIX_CELERY_BROKER | string | `"redis://pretix-redis-master/2"` | | +| env.PRETIX_DATABASE_BACKEND | string | `"postgresql"` | | +| env.PRETIX_DATABASE_HOST | string | `"pretix-postgresql"` | | +| env.PRETIX_DATABASE_NAME | string | `"pretix"` | | +| env.PRETIX_DATABASE_PASSWORD | string | `"pretix"` | | +| env.PRETIX_DATABASE_USER | string | `"pretix"` | | +| env.PRETIX_MAIL_FROM | string | `"test@example.com"` | | +| env.PRETIX_MAIL_HOST | string | `nil` | | +| env.PRETIX_MAIL_PASSWORD | string | `nil` | | +| env.PRETIX_MAIL_PORT | int | `587` | | +| env.PRETIX_MAIL_TLS | bool | `true` | | +| env.PRETIX_MAIL_USER | string | `nil` | | +| env.PRETIX_METRICS_ENABLED | bool | `false` | | +| env.PRETIX_METRICS_PASSPHRASE | string | `"pretix"` | | +| env.PRETIX_METRICS_USER | string | `"pretix"` | | +| env.PRETIX_PRETIX_CURRENCY | string | `"EUR"` | | +| env.PRETIX_PRETIX_DATADIR | string | `"/data"` | | +| env.PRETIX_PRETIX_INSTANCE_NAME | string | `"Pretix Helm"` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | string | `"on"` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | string | `"on"` | | +| env.PRETIX_PRETIX_URL | string | `"http://localhost"` | | +| env.PRETIX_REDIS_LOCATION | string | `"redis://pretix-redis-master/0"` | | +| env.PRETIX_REDIS_SESSIONS | bool | `true` | | +| fullnameOverride | string | `""` | | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"docker.io"` | | +| image.repository | string | `"pretix/standalone"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.httpHeaders[0].name | string | `"host"` | | +| livenessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | | +| livenessProbe.httpGet.path | string | `"/healthcheck/"` | | +| livenessProbe.httpGet.port | string | `"http"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"5Gi"` | | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| postgresql.auth.database | string | `"pretix"` | | +| postgresql.auth.password | string | `"pretix"` | | +| postgresql.auth.postgresPassword | string | `"supersecureadminpassword"` | | +| postgresql.auth.username | string | `"pretix"` | | +| postgresql.enabled | bool | `true` | | +| prometheus.rules.additionalRules | list | `[]` | | +| prometheus.rules.enabled | bool | `false` | | +| prometheus.rules.labels | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | broken, Host need to be localhost on request (instatt of ip) needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003 | +| prometheus.servicemonitor.interval | string | `nil` | interval | +| prometheus.servicemonitor.labels | object | `{}` | | +| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout | +| readinessProbe.httpGet.httpHeaders[0].name | string | `"host"` | | +| readinessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | | +| readinessProbe.httpGet.path | string | `"/healthcheck/"` | | +| readinessProbe.httpGet.port | string | `"http"` | | +| redis.architecture | string | `"standalone"` | | +| redis.auth.enabled | bool | `false` | | +| redis.enabled | bool | `true` | | +| replicas.taskworker | int | `1` | | +| replicas.web | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) +# pretix + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) + +Reinventing ticket presales, one ticket at a time. + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + +## Source Code + +* +* +* + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| oci://docker.io/bitnamicharts | postgresql | 16.3.0 | +| oci://docker.io/bitnamicharts | redis | 20.5.0 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| affinity | object | `{}` | | +| autoscaling.enabled | bool | `false` | | +| autoscaling.maxReplicas | int | `100` | | +| autoscaling.minReplicas | int | `1` | | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| cronSchedule | string | `"*/30 * * * *"` | | +| env.PRETIX_CELERY_BACKEND | string | `"redis://pretix-redis-master/1"` | | +| env.PRETIX_CELERY_BROKER | string | `"redis://pretix-redis-master/2"` | | +| env.PRETIX_DATABASE_BACKEND | string | `"postgresql"` | | +| env.PRETIX_DATABASE_HOST | string | `"pretix-postgresql"` | | +| env.PRETIX_DATABASE_NAME | string | `"pretix"` | | +| env.PRETIX_DATABASE_PASSWORD | string | `"pretix"` | | +| env.PRETIX_DATABASE_USER | string | `"pretix"` | | +| env.PRETIX_MAIL_FROM | string | `"test@example.com"` | | +| env.PRETIX_MAIL_HOST | string | `nil` | | +| env.PRETIX_MAIL_PASSWORD | string | `nil` | | +| env.PRETIX_MAIL_PORT | int | `587` | | +| env.PRETIX_MAIL_TLS | bool | `true` | | +| env.PRETIX_MAIL_USER | string | `nil` | | +| env.PRETIX_METRICS_ENABLED | bool | `false` | | +| env.PRETIX_METRICS_PASSPHRASE | string | `"pretix"` | | +| env.PRETIX_METRICS_USER | string | `"pretix"` | | +| env.PRETIX_PRETIX_CURRENCY | string | `"EUR"` | | +| env.PRETIX_PRETIX_DATADIR | string | `"/data"` | | +| env.PRETIX_PRETIX_INSTANCE_NAME | string | `"Pretix Helm"` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | string | `"on"` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | string | `"on"` | | +| env.PRETIX_PRETIX_URL | string | `"http://localhost"` | | +| env.PRETIX_REDIS_LOCATION | string | `"redis://pretix-redis-master/0"` | | +| env.PRETIX_REDIS_SESSIONS | bool | `true` | | +| fullnameOverride | string | `""` | | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| image.registry | string | `"docker.io"` | | +| image.repository | string | `"pretix/standalone"` | | +| image.tag | string | `""` | | +| imagePullSecrets | list | `[]` | | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.hosts[0].host | string | `"chart-example.local"` | | +| ingress.hosts[0].paths[0].path | string | `"/"` | | +| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | +| ingress.tls | list | `[]` | | +| livenessProbe.httpGet.httpHeaders[0].name | string | `"host"` | | +| livenessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | | +| livenessProbe.httpGet.path | string | `"/healthcheck/"` | | +| livenessProbe.httpGet.port | string | `"http"` | | +| nameOverride | string | `""` | | +| nodeSelector | object | `{}` | | +| persistence.accessMode | string | `"ReadWriteOnce"` | | +| persistence.annotations | object | `{}` | | +| persistence.enabled | bool | `true` | | +| persistence.existingClaim | string | `nil` | A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound | +| persistence.hostPath | string | `nil` | Do not create an PVC, direct use hostPath in Pod | +| persistence.size | string | `"5Gi"` | | +| persistence.storageClass | string | `nil` | Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) | +| podAnnotations | object | `{}` | | +| podLabels | object | `{}` | | +| podSecurityContext | object | `{}` | | +| postgresql.auth.database | string | `"pretix"` | | +| postgresql.auth.password | string | `"pretix"` | | +| postgresql.auth.postgresPassword | string | `"supersecureadminpassword"` | | +| postgresql.auth.username | string | `"pretix"` | | +| postgresql.enabled | bool | `true` | | +| prometheus.rules.additionalRules | list | `[]` | | +| prometheus.rules.enabled | bool | `false` | | +| prometheus.rules.labels | object | `{}` | | +| prometheus.servicemonitor.enabled | bool | `false` | broken, Host need to be localhost on request (instatt of ip) needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003 | +| prometheus.servicemonitor.interval | string | `nil` | interval | +| prometheus.servicemonitor.labels | object | `{}` | | +| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout | +| readinessProbe.httpGet.httpHeaders[0].name | string | `"host"` | | +| readinessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | | +| readinessProbe.httpGet.path | string | `"/healthcheck/"` | | +| readinessProbe.httpGet.port | string | `"http"` | | +| redis.architecture | string | `"standalone"` | | +| redis.auth.enabled | bool | `false` | | +| redis.enabled | bool | `true` | | +| replicas.taskworker | int | `1` | | +| replicas.web | int | `1` | | +| resources | object | `{}` | | +| securityContext | object | `{}` | | +| service.port | int | `80` | | +| service.type | string | `"ClusterIP"` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tolerations | list | `[]` | | +| volumeMounts | list | `[]` | | +| volumes | list | `[]` | | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/pretix/ci/all-values.yaml b/pretix/ci/all-values.yaml new file mode 100644 index 0000000..a79e60c --- /dev/null +++ b/pretix/ci/all-values.yaml @@ -0,0 +1,10 @@ +env: + a: a + +persistence: + enabled: true + +ingress: + enabled: true + annotations: + a: a diff --git a/pretix/ci/empty-values.yaml b/pretix/ci/empty-values.yaml new file mode 100644 index 0000000..e69de29 diff --git a/pretix/templates/NOTES.txt b/pretix/templates/NOTES.txt new file mode 100644 index 0000000..2215ad7 --- /dev/null +++ b/pretix/templates/NOTES.txt @@ -0,0 +1,22 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pretix.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch its status by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pretix.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pretix.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pretix.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/pretix/templates/_helpers.tpl b/pretix/templates/_helpers.tpl new file mode 100644 index 0000000..f482705 --- /dev/null +++ b/pretix/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "pretix.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "pretix.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "pretix.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "pretix.labels" -}} +helm.sh/chart: {{ include "pretix.chart" . }} +{{ include "pretix.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "pretix.selectorLabels" -}} +app.kubernetes.io/name: {{ include "pretix.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "pretix.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "pretix.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/pretix/templates/configmap_grafana_dashboards.yaml b/pretix/templates/configmap_grafana_dashboards.yaml new file mode 100644 index 0000000..d9ff230 --- /dev/null +++ b/pretix/templates/configmap_grafana_dashboards.yaml @@ -0,0 +1,14 @@ +{{- if .Values.grafana.dashboards.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "pretix.fullname" . }}-grafana-dashboards + labels: + {{- include "pretix.labels" . | nindent 4 }} + {{- toYaml .Values.grafana.dashboards.labels | nindent 4 }} + annotations: + {{- toYaml .Values.grafana.dashboards.annotations | nindent 4 }} +data: + {{- (.Files.Glob "grafana_dashboards/*.json" ).AsConfig | nindent 2 }} +{{- end }} diff --git a/pretix/templates/cronjob.yaml b/pretix/templates/cronjob.yaml new file mode 100644 index 0000000..8ddfe27 --- /dev/null +++ b/pretix/templates/cronjob.yaml @@ -0,0 +1,84 @@ +apiVersion: batch/v1 +kind: CronJob +metadata: + name: {{ include "pretix.fullname" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} +spec: + schedule: {{ .Values.cronSchedule | quote }} + jobTemplate: + spec: + template: + metadata: + annotations: + checksum/secret: {{ toYaml $.Values.env | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 12 }} + {{- end }} + labels: + {{- include "pretix.labels" . | nindent 12 }} + app.kubernetes.io/component: cronjob + {{- with .Values.podLabels }} + {{- toYaml . | nindent 12 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 12 }} + {{- end }} + serviceAccountName: {{ include "pretix.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 12 }} + restartPolicy: OnFailure + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 16 }} + {{- with .Values.image }} + image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" + imagePullPolicy: {{ .pullPolicy }} + {{- end }} + envFrom: + - secretRef: + name: {{ include "pretix.fullname" . }} + env: + # Migrations are handled by helm hooks in pretix-migrate.yaml + - name: AUTOMIGRATE + value: "skip" + command: [ "pretix" ] + args: [ "cron" ] + resources: + {{- toYaml .Values.resources | nindent 16 }} + volumeMounts: + - name: pretix-data + mountPath: /data + {{- with .Values.volumeMounts }} + {{- toYaml . | nindent 16 }} + {{- end }} + volumes: + - name: pretix-data + {{- if .Values.persistence.hostPath }} + hostPath: + type: Directory + path: {{ .Values.persistence.hostPath | quote }} + {{- else if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ with .Values.persistence.existingClaim }}{{ . }}{{- else }}{{ template "pretix.fullname" . }}{{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- with .Values.volumes }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 12 }} + {{- end }} diff --git a/pretix/templates/deployment.yaml b/pretix/templates/deployment.yaml new file mode 100644 index 0000000..20dc63d --- /dev/null +++ b/pretix/templates/deployment.yaml @@ -0,0 +1,101 @@ +{{- range $component := list "web" "taskworker" }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "pretix.fullname" $ }}-{{ $component }} + labels: + {{- include "pretix.labels" $ | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + {{- if not $.Values.autoscaling.enabled }} + replicas: {{ get $.Values.replicas $component }} + {{- end }} + selector: + matchLabels: + {{- include "pretix.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: {{ $component }} + template: + metadata: + annotations: + checksum/secret: {{ toYaml $.Values.env | sha256sum }} + {{- with $.Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "pretix.labels" $ | nindent 8 }} + app.kubernetes.io/component: {{ $component }} + {{- with $.Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with $.Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "pretix.serviceAccountName" $ }} + securityContext: + {{- toYaml $.Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ $.Chart.Name }} + securityContext: + {{- toYaml $.Values.securityContext | nindent 12 }} + {{- with $.Values.image }} + image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" + imagePullPolicy: {{ .pullPolicy }} + {{- end }} + env: + # Migrations are handled by helm hooks in pretix-migrate.yaml + - name: AUTOMIGRATE + value: "skip" + envFrom: + - secretRef: + name: {{ include "pretix.fullname" $ }} + command: [ "pretix" ] + args: [ {{ $component | quote }} ] + {{- if (eq $component "web") }} + ports: + - name: http + containerPort: {{ $.Values.service.port }} + protocol: TCP + livenessProbe: + {{- toYaml $.Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml $.Values.readinessProbe | nindent 12 }} + {{- end }} + resources: + {{- toYaml $.Values.resources | nindent 12 }} + volumeMounts: + - name: pretix-data + mountPath: /data + {{- with $.Values.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: pretix-data + {{- if $.Values.persistence.hostPath }} + hostPath: + type: Directory + path: {{ $.Values.persistence.hostPath | quote }} + {{- else if $.Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ with $.Values.persistence.existingClaim }}{{ . }}{{- else }}{{ template "pretix.fullname" $ }}{{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- with $.Values.volumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $.Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $.Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with $.Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/pretix/templates/hpa.yaml b/pretix/templates/hpa.yaml new file mode 100644 index 0000000..6ad556c --- /dev/null +++ b/pretix/templates/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "pretix.fullname" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "pretix.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/pretix/templates/ingress.yaml b/pretix/templates/ingress.yaml new file mode 100644 index 0000000..7ab4d99 --- /dev/null +++ b/pretix/templates/ingress.yaml @@ -0,0 +1,43 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "pretix.fullname" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.ingress.className }} + ingressClassName: {{ . }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- with .pathType }} + pathType: {{ . }} + {{- end }} + backend: + service: + name: {{ include "pretix.fullname" $ }}-web + port: + name: http + {{- end }} + {{- end }} +{{- end }} diff --git a/pretix/templates/job-migrate.yaml b/pretix/templates/job-migrate.yaml new file mode 100644 index 0000000..aabb446 --- /dev/null +++ b/pretix/templates/job-migrate.yaml @@ -0,0 +1,81 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "pretix.fullname" . }}-migrate + labels: + {{- include "pretix.labels" . | nindent 4 }} + annotations: + helm.sh/hook: post-install,post-upgrade + helm.sh/hook-weight: "5" + helm.sh/hook-delete-policy: hook-succeeded +spec: + template: + metadata: + annotations: + checksum/secret: {{ toYaml .Values.env | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "pretix.labels" . | nindent 8 }} + app.kubernetes.io/component: cronjob + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "pretix.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + restartPolicy: OnFailure + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + {{- with .Values.image }} + image: "{{ .registry }}/{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}" + imagePullPolicy: {{ .pullPolicy }} + {{- end }} + envFrom: + - secretRef: + name: {{ include "pretix.fullname" . }} + command: [ "pretix" ] + args: [ "migrate" ] + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: pretix-data + mountPath: /data + {{- with .Values.volumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + volumes: + - name: pretix-data + {{- if .Values.persistence.hostPath }} + hostPath: + type: Directory + path: {{ .Values.persistence.hostPath | quote }} + {{- else if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ with .Values.persistence.existingClaim }}{{ . }}{{- else }}{{ template "pretix.fullname" . }}{{- end }} + {{- else }} + emptyDir: {} + {{- end }} + {{- with .Values.volumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/pretix/templates/prometheus-rules.yaml b/pretix/templates/prometheus-rules.yaml new file mode 100644 index 0000000..b229eb7 --- /dev/null +++ b/pretix/templates/prometheus-rules.yaml @@ -0,0 +1,29 @@ +{{- if and .Values.prometheus.rules.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ include "pretix.fullname" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} + {{- with .Values.prometheus.rules.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + groups: + - name: {{ template "pretix.fullname" . }}-Additional + rules: + - alert: "pretix: error in task" + expr: rate(pretix_task_runs_total{status!="success"}[1h])!=0 + for: 5m + labels: + severity: critical + annotations: + {{` + summary: "pretix task of {{ $labels.instance }} has an error on {{ $labels.task_name }} in the last hour" + `}} + {{- with .Values.prometheus.rules.additionalRules }} + - name: {{ template "pretix.fullname" $ }}-Additional + rules: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/pretix/templates/pvc.yaml b/pretix/templates/pvc.yaml new file mode 100644 index 0000000..3f694e5 --- /dev/null +++ b/pretix/templates/pvc.yaml @@ -0,0 +1,29 @@ +{{- if and + .Values.persistence.enabled + (not .Values.persistence.hostPath) + (not .Values.persistence.existingClaim) +}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ template "pretix.fullname" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} + {{- with .Values.persistence.annotations }} + annotations: + {{ toYaml . | indent 4 }} + {{- end }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- with .Values.persistence.storageClass }} + {{- if (eq "-" .) }} + storageClassName: "" + {{- else }} + storageClassName: {{ . | quote }} + {{- end }} + {{- end }} +{{- end -}} diff --git a/pretix/templates/secrets.yaml b/pretix/templates/secrets.yaml new file mode 100644 index 0000000..6c377e0 --- /dev/null +++ b/pretix/templates/secrets.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "pretix.fullname" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} + annotations: + checksum/secret: {{ toYaml $.Values.env | sha256sum }} +data: + {{- range $name, $value := .Values.env }} + {{ $name }}: {{ toYaml $value | b64enc }} + {{- end }} diff --git a/pretix/templates/service.yaml b/pretix/templates/service.yaml new file mode 100644 index 0000000..2dff661 --- /dev/null +++ b/pretix/templates/service.yaml @@ -0,0 +1,20 @@ +{{- range $component := list "web" "taskworker" }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "pretix.fullname" $ }}-{{ $component }} + labels: + {{- include "pretix.labels" $ | nindent 4 }} + app.kubernetes.io/component: {{ $component }} +spec: + type: {{ $.Values.service.type }} + selector: + {{- include "pretix.selectorLabels" $ | nindent 4 }} + app.kubernetes.io/component: {{ $component }} + ports: + - port: {{ $.Values.service.port }} + targetPort: http + protocol: TCP + name: http +{{- end }} diff --git a/pretix/templates/serviceaccount.yaml b/pretix/templates/serviceaccount.yaml new file mode 100644 index 0000000..108fb1b --- /dev/null +++ b/pretix/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "pretix.serviceAccountName" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/pretix/templates/servicemonitor.yaml b/pretix/templates/servicemonitor.yaml new file mode 100644 index 0000000..9c167fd --- /dev/null +++ b/pretix/templates/servicemonitor.yaml @@ -0,0 +1,36 @@ +{{- if and .Values.prometheus.servicemonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "pretix.fullname" . }} + labels: + {{- include "pretix.labels" . | nindent 4 }} + {{- with .Values.prometheus.servicemonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "pretix.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: web + endpoints: + - port: http + path: "/metrics" + enableHttp2: false + basicAuth: + username: + name: {{ include "pretix.fullname" . }} + key: PRETIX_METRICS_USER + password: + name: {{ include "pretix.fullname" . }} + key: PRETIX_METRICS_PASSPHRASE + {{- with .Values.prometheus.servicemonitor }} + {{- with .interval }} + interval: {{ . }} + {{- end }} + {{- with .scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} + {{- end }} +{{- end }} + diff --git a/pretix/templates/tests/test-connection.yaml b/pretix/templates/tests/test-connection.yaml new file mode 100644 index 0000000..904e9ba --- /dev/null +++ b/pretix/templates/tests/test-connection.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "pretix.fullname" . }}-test-connection" + labels: + {{- include "pretix.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "pretix.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never diff --git a/pretix/values.yaml b/pretix/values.yaml new file mode 100644 index 0000000..406460d --- /dev/null +++ b/pretix/values.yaml @@ -0,0 +1,224 @@ +# Default values for pretix. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ +replicas: + web: 1 + taskworker: 1 + +# This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/ +image: + registry: docker.io + repository: pretix/standalone + # This sets the pull policy for images. + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +cronSchedule: "*/30 * * * *" + +env: + PRETIX_PRETIX_INSTANCE_NAME: Pretix Helm + PRETIX_PRETIX_URL: http://localhost + PRETIX_PRETIX_CURRENCY: EUR + PRETIX_PRETIX_DATADIR: /data + PRETIX_PRETIX_TRUST_X_FORWARDED_FOR: on + PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO: on + PRETIX_MAIL_FROM: test@example.com + PRETIX_MAIL_HOST: + PRETIX_MAIL_USER: + PRETIX_MAIL_PASSWORD: + PRETIX_MAIL_PORT: 587 + PRETIX_MAIL_TLS: True + PRETIX_DATABASE_BACKEND: postgresql + PRETIX_DATABASE_NAME: pretix + PRETIX_DATABASE_USER: pretix + PRETIX_DATABASE_PASSWORD: pretix + PRETIX_DATABASE_HOST: pretix-postgresql + PRETIX_REDIS_LOCATION: redis://pretix-redis-master/0 + PRETIX_REDIS_SESSIONS: true + PRETIX_CELERY_BACKEND: redis://pretix-redis-master/1 + PRETIX_CELERY_BROKER: redis://pretix-redis-master/2 + PRETIX_METRICS_ENABLED: false + PRETIX_METRICS_USER: pretix + PRETIX_METRICS_PASSPHRASE: pretix + +# This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +imagePullSecrets: [] +# This is to override the chart name. +nameOverride: "" +fullnameOverride: "" + +#This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# This is for setting Kubernetes Annotations to a Pod. +# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +podAnnotations: {} + +# This is for setting Kubernetes Labels to a Pod. +# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +## Enable persistence using Persistent Volume Claims +## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ +## +persistence: + enabled: true + annotations: {} + # -- Persistent Volume Storage Class + # If defined, storageClassName: + # If set to "-", storageClassName: "", which disables dynamic provisioning + # If undefined (the default) or set to null, no storageClassName spec is + # set, choosing the default provisioner. (gp2 on AWS, standard on + # GKE, AWS & OpenStack) + # + storageClass: + + # -- A manually managed Persistent Volume and Claim + # Requires persistence.enabled: true + # If defined, PVC must be created manually before volume will be bound + existingClaim: + + # -- Do not create an PVC, direct use hostPath in Pod + hostPath: + accessMode: ReadWriteOnce + size: 5Gi + +# This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ +service: + # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + type: ClusterIP + # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports + port: 80 + +prometheus: + servicemonitor: + # -- broken, Host need to be localhost on request (instatt of ip) + # needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003 + enabled: false + labels: {} + # -- interval + interval: + # -- scrape timeout + scrapeTimeout: + rules: + enabled: false + labels: {} + # current no default alertrules are provided + additionalRules: [] + +grafana: + dashboards: + enabled: false + labels: + grafana_dashboard: "1" + annotations: {} + +# This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/ +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +# This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ +livenessProbe: + httpGet: + path: /healthcheck/ + port: http + httpHeaders: + - name: "host" + value: localhost +readinessProbe: + httpGet: + path: /healthcheck/ + port: http + httpHeaders: + - name: "host" + value: localhost + +#This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/ +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} + + +postgresql: + enabled: true + auth: + database: pretix + username: pretix + password: pretix + postgresPassword: supersecureadminpassword + +redis: + enabled: true + architecture: standalone + auth: + enabled: false -- 2.45.3 From 3b45ef423f2dfac325801116339c1a0a3764fcbd Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 17 Dec 2024 14:18:55 +0100 Subject: [PATCH 212/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index b890c37..8a0fee0 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.5" +version: "0.4.6" # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "5.0.3" +appVersion: "5.0.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index c54b285..66eb3ac 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.3](https://img.shields.io/badge/AppVersion-5.0.3-informational?style=flat-square) +![Version: 0.4.6](https://img.shields.io/badge/Version-0.4.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.4](https://img.shields.io/badge/AppVersion-5.0.4-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) -- 2.45.3 From 4b5e489ab422d9ad8b53f725216bf12ec619cbaf Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 17 Dec 2024 14:19:05 +0100 Subject: [PATCH 213/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index d4bcec0..853fa12 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.10 +version: 0.2.11 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.12.2" +appVersion: "2024.12.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index bb562d2..29e42d8 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.10](https://img.shields.io/badge/Version-0.2.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.2](https://img.shields.io/badge/AppVersion-2024.12.2-informational?style=flat-square) +![Version: 0.2.11](https://img.shields.io/badge/Version-0.2.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.3](https://img.shields.io/badge/AppVersion-2024.12.3-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From ceb661a790edfbaae120e97189949c39a813a0c9 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 17 Dec 2024 14:19:08 +0100 Subject: [PATCH 214/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.lock | 12 ++++++------ matrix-synapse/Chart.yaml | 12 ++++++------ matrix-synapse/README.md | 6 +++--- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/matrix-synapse/Chart.lock b/matrix-synapse/Chart.lock index b6363b9..090b707 100644 --- a/matrix-synapse/Chart.lock +++ b/matrix-synapse/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql - repository: https://charts.bitnami.com/bitnami - version: 16.0.0 + repository: oci://docker.io/bitnamicharts + version: 16.3.1 - name: redis - repository: https://charts.bitnami.com/bitnami - version: 20.1.6 -digest: sha256:1e6f035c85e4d2b287318dc4f92bccf8ded11cb65c8a8ed84f30fe2acf407761 -generated: "2024-10-02T13:03:54.305028309Z" + repository: oci://docker.io/bitnamicharts + version: 20.6.0 +digest: sha256:3120275674c549a4083939646d931cfb718447511da021bd7b46cb0fed1dbefb +generated: "2024-12-17T14:14:44.769791567+01:00" diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 91d1511..3666f99 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,19 +4,19 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.5" +version: "1.0.6" # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.120.2 +appVersion: 1.121.1 maintainers: - name: WrenIX url: https://wrenix.eu dependencies: - name: postgresql - version: ^16.0.0 - repository: https://charts.bitnami.com/bitnami + version: "^16.3.1" + repository: "oci://docker.io/bitnamicharts" condition: postgresql.enabled - name: redis - version: ^20.0.0 - repository: https://charts.bitnami.com/bitnami + version: "20.6.0" + repository: "oci://docker.io/bitnamicharts" condition: redis.enabled diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index 4846c70..dc7f7cf 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.5](https://img.shields.io/badge/Version-1.0.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.120.2](https://img.shields.io/badge/AppVersion-1.120.2-informational?style=flat-square) +![Version: 1.0.6](https://img.shields.io/badge/Version-1.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) Matrix reference homeserver @@ -43,8 +43,8 @@ helm uninstall matrix-synapse-release | Repository | Name | Version | |------------|------|---------| -| https://charts.bitnami.com/bitnami | postgresql | ^16.0.0 | -| https://charts.bitnami.com/bitnami | redis | ^20.0.0 | +| oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | +| oci://docker.io/bitnamicharts | redis | 20.6.0 | ## Values -- 2.45.3 From 1807f781d9b01adb3b74d72090b5f931fa4529e2 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 17 Dec 2024 14:19:11 +0100 Subject: [PATCH 215/256] fix(pretix): update appVersion --- pretix/Chart.lock | 8 ++++---- pretix/Chart.yaml | 6 +++--- pretix/README.md | 12 ++++++------ 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/pretix/Chart.lock b/pretix/Chart.lock index 9498c2b..308c0e5 100644 --- a/pretix/Chart.lock +++ b/pretix/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://docker.io/bitnamicharts - version: 16.3.0 + version: 16.3.2 - name: redis repository: oci://docker.io/bitnamicharts - version: 20.5.0 -digest: sha256:7126a34c5cb99dc7bf96ee997009392d629bd6d0e57af288eec2d73b548a5d47 -generated: "2024-12-12T23:28:46.938657955+01:00" + version: 20.6.0 +digest: sha256:0c91ccf00207fb231290572b9e516212e5bf518511d3b887409111ea568b61c9 +generated: "2024-12-17T14:17:08.440769741+01:00" diff --git a/pretix/Chart.yaml b/pretix/Chart.yaml index fc952b2..bdd8ef1 100644 --- a/pretix/Chart.yaml +++ b/pretix/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: pretix description: Reinventing ticket presales, one ticket at a time. type: application -version: 0.1.0 +version: 0.1.1 # renovate: image=docker.io/pretix/standalone appVersion: "2024.11.0" keywords: @@ -16,10 +16,10 @@ sources: - https://hub.docker.com/r/pretix/standalone dependencies: - name: postgresql - version: "16.3.0" + version: "^16.3.1" repository: "oci://docker.io/bitnamicharts" condition: postgresql.enabled - name: redis - version: "20.5.0" + version: "20.6.0" repository: "oci://docker.io/bitnamicharts" condition: redis.enabled diff --git a/pretix/README.md b/pretix/README.md index 26580c1..c81e383 100644 --- a/pretix/README.md +++ b/pretix/README.md @@ -7,7 +7,7 @@ description: "Reinventing ticket presales, one ticket at a time." # pretix -![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -49,8 +49,8 @@ helm uninstall pretix-release | Repository | Name | Version | |------------|------|---------| -| oci://docker.io/bitnamicharts | postgresql | 16.3.0 | -| oci://docker.io/bitnamicharts | redis | 20.5.0 | +| oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | +| oci://docker.io/bitnamicharts | redis | 20.6.0 | ## Values @@ -154,7 +154,7 @@ helm uninstall pretix-release Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) # pretix -![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -174,8 +174,8 @@ Reinventing ticket presales, one ticket at a time. | Repository | Name | Version | |------------|------|---------| -| oci://docker.io/bitnamicharts | postgresql | 16.3.0 | -| oci://docker.io/bitnamicharts | redis | 20.5.0 | +| oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | +| oci://docker.io/bitnamicharts | redis | 20.6.0 | ## Values -- 2.45.3 From de664fc68b3401f55a21232acba25fe204d601b3 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 17 Dec 2024 17:40:26 +0100 Subject: [PATCH 216/256] fix(mautrix-bridge): update mautrix-bridge --- mautrix-bridge/Chart.yaml | 2 +- mautrix-bridge/README.adoc | 920 ------------------ mautrix-bridge/README.md | 2 +- .../bridge-values/signal/values.yaml | 2 +- .../bridge-values/slack/values.yaml | 2 +- 5 files changed, 4 insertions(+), 924 deletions(-) delete mode 100644 mautrix-bridge/README.adoc diff --git a/mautrix-bridge/Chart.yaml b/mautrix-bridge/Chart.yaml index 07aae71..1ac228b 100644 --- a/mautrix-bridge/Chart.yaml +++ b/mautrix-bridge/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mautrix-bridge description: A Matrix puppeting bridge mautrix. type: application -version: 0.0.14 +version: 0.0.15 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-bridge/README.adoc b/mautrix-bridge/README.adoc deleted file mode 100644 index d5b46f5..0000000 --- a/mautrix-bridge/README.adoc +++ /dev/null @@ -1,920 +0,0 @@ - - -= mautrix-bridge - -image::https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square[Version: 0.0.14] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -For use of the bridge: -* **signal**, use the `./bridge-values/signal/values.yaml` -* **slack**, use the `./bridge-values/slack/values.yaml` - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/mautrix-bridge ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install mautrix-bridge-release oci://codeberg.org/wrenix/helm-charts/mautrix-bridge --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall mautrix-bridge-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| config.appservice.address -| string -| `"http://localhost:29328"` -| The address that the homeserver can use to connect to this appservice. - -| config.appservice.as_token -| string -| `""` -| - -| config.appservice.async_transactions -| bool -| `false` -| Should incoming events be handled asynchronously? This may be necessary for large public instances with lots of messages going through. However, messages will not be guaranteed to be bridged in the same order they were sent in. - -| config.appservice.bot.avatar -| string -| `"mxc://maunium.net/wPJgTQbZOtpBFmDNkiNEMDUp"` -| - -| config.appservice.bot.displayname -| string -| `"Signal bridge bot"` -| Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty to leave display name/avatar as-is. - -| config.appservice.bot.username -| string -| `"signalbot"` -| Username of the appservice bot. - -| config.appservice.ephemeral_events -| bool -| `true` -| Whether or not to receive ephemeral events via appservice transactions. Requires MSC2409 support (i.e. Synapse 1.22+). - -| config.appservice.hostname -| string -| `"0.0.0.0"` -| The hostname and port where this appservice should listen. - -| config.appservice.hs_token -| string -| `""` -| - -| config.appservice.id -| string -| `"signal"` -| The unique ID of this appservice. - -| config.appservice.port -| int -| `29328` -| - -| config.appservice.public_address -| string -| `nil` -| - -| config.appservice.username_template -| string -| `"signal_{{.}}"` -| Localpart template of MXIDs for Signal users. {{.}} is replaced with the internal ID of the Signal user. - -| config.backfill.enabled -| bool -| `false` -| Whether to do backfilling at all. - -| config.backfill.max_catchup_messages -| int -| `500` -| Maximum number of missed messages to backfill after bridge restarts. - -| config.backfill.max_initial_messages -| int -| `50` -| Maximum number of messages to backfill in empty rooms. - -| config.backfill.queue.batch_delay -| int -| `20` -| Delay between batches in seconds. - -| config.backfill.queue.batch_size -| int -| `100` -| Number of messages to backfill in one batch. - -| config.backfill.queue.enabled -| bool -| `false` -| Should the backfill queue be enabled? - -| config.backfill.queue.max_batches -| int -| `-1` -| Maximum number of batches to backfill per portal. If set to -1, all available messages will be backfilled. - -| config.backfill.queue.max_batches_override -| object -| `{}` -| Optional network-specific overrides for max batches. Interpretation of this field depends on the network connector. - -| config.backfill.threads.max_initial_messages -| int -| `50` -| Maximum number of messages to backfill in a new thread. - -| config.backfill.unread_hours_threshold -| int -| `720` -| If a backfilled chat is older than this number of hours, mark it as read even if it's unread on the remote network. - -| config.bridge.bridge_matrix_leave -| bool -| `false` -| Should leaving Matrix rooms be bridged as leaving groups on the remote network? - -| config.bridge.cleanup_on_logout.bad_credentials.private -| string -| `"nothing"` -| - -| config.bridge.cleanup_on_logout.bad_credentials.relayed -| string -| `"nothing"` -| - -| config.bridge.cleanup_on_logout.bad_credentials.shared_has_users -| string -| `"nothing"` -| - -| config.bridge.cleanup_on_logout.bad_credentials.shared_no_users -| string -| `"nothing"` -| - -| config.bridge.cleanup_on_logout.enabled -| bool -| `false` -| Should cleanup on logout be enabled at all? - -| config.bridge.cleanup_on_logout.manual.private -| string -| `"nothing"` -| Action for private portals which will never be shared with other Matrix users. - -| config.bridge.cleanup_on_logout.manual.relayed -| string -| `"nothing"` -| Action for portals with a relay user configured. - -| config.bridge.cleanup_on_logout.manual.shared_has_users -| string -| `"nothing"` -| Action for portals which have other logged-in Matrix users. - -| config.bridge.cleanup_on_logout.manual.shared_no_users -| string -| `"nothing"` -| Action for portals which may be shared, but don't currently have any other Matrix users. - -| config.bridge.command_prefix -| string -| `"!bridge"` -| The prefix for commands. Only required in non-management rooms. - -| config.bridge.mute_only_on_create -| bool -| `true` -| Should room mute status only be synced when creating the portal? Like tags, mutes can't currently be synced back to the remote network. - -| config.bridge.permissions -| object -| `{"*":"relay","@admin:example.com":"admin","example.com":"user"}` -| Permissions for using the bridge. Permitted values: relay - Talk through the relaybot (if enabled), no access otherwise commands - Access to use commands in the bridge, but not login. user - Access to use the bridge with puppeting. admin - Full access, user level with some additional administration tools. Permitted keys: * - All Matrix users domain - All users on that homeserver mxid - Specific user - -| config.bridge.personal_filtering_spaces -| bool -| `true` -| Should the bridge create a space for each login containing the rooms that account is in? - -| config.bridge.private_chat_portal_meta -| bool -| `false` -| Whether the bridge should set names and avatars explicitly for DM portals. This is only necessary when using clients that don't support MSC4171. - -| config.bridge.relay.admin_only -| bool -| `true` -| Should only admins be allowed to set themselves as relay users? - -| config.bridge.relay.default_relays -| list -| `[]` -| List of user login IDs which anyone can set as a relay, as long as the relay user is in the room. - -| config.bridge.relay.displayname_format -| string -| `"{{ .DisambiguatedName }}"` -| For networks that support per-message displaynames (i.e. Slack and Discord), the template for those names. This has all the Sender variables available under message_formats (but without the .Sender prefix). Note that you need to manually remove the displayname from message_formats above. - -| config.bridge.relay.enabled -| bool -| `false` -| Whether relay mode should be allowed. If allowed, `!wa set-relay` can be used to turn any authenticated user into a relaybot for that chat. - -| config.bridge.relay.message_formats -| object -| `{"m.audio":"{{ .Sender.DisambiguatedName }} sent an audio file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.emote":"* {{ .Sender.DisambiguatedName }} {{ .Message }}","m.file":"{{ .Sender.DisambiguatedName }} sent a file{{ if .Caption }}: {{ .Caption }}{{ end }}","m.image":"{{ .Sender.DisambiguatedName }} sent an image{{ if .Caption }}: {{ .Caption }}{{ end }}","m.location":"{{ .Sender.DisambiguatedName }} sent a location{{ if .Caption }}: {{ .Caption }}{{ end }}","m.notice":"{{ .Sender.DisambiguatedName }}: {{ .Message }}","m.text":"{{ .Sender.DisambiguatedName }}: {{ .Message }}","m.video":"{{ .Sender.DisambiguatedName }} sent a video{{ if .Caption }}: {{ .Caption }}{{ end }}"}` -| The formats to use when sending messages via the relaybot. Available variables: .Sender.UserID - The Matrix user ID of the sender. .Sender.Displayname - The display name of the sender (if set). .Sender.RequiresDisambiguation - Whether the sender's name may be confused with the name of another user in the room. .Sender.DisambiguatedName - The disambiguated name of the sender. This will be the displayname if set, plus the user ID in parentheses if the displayname is not unique. If the displayname is not set, this is just the user ID. .Message - The `formatted_body` field of the message. .Caption - The `formatted_body` field of the message, if it's a caption. Otherwise an empty string. .FileName - The name of the file being sent. - -| config.bridge.tag_only_on_create -| bool -| `true` -| Should room tags only be synced when creating the portal? Tags mean things like favorite/pin and archive/low priority. Tags currently can't be synced back to the remote network, so a continuous sync means tagging from Matrix will be undone. - -| config.database.max_conn_idle_time -| string -| `nil` -| Maximum connection idle time and lifetime before they're closed. Disabled if null. Parsed with https://pkg.go.dev/time#ParseDuration - -| config.database.max_conn_lifetime -| string -| `nil` -| - -| config.database.max_idle_conns -| int -| `2` -| - -| config.database.max_open_conns -| int -| `20` -| Maximum number of connections. Mostly relevant for Postgres. - -| config.database.type -| string -| `"postgres"` -| The database type. "sqlite3-fk-wal" and "postgres" are supported. - -| config.database.uri -| string -| `"postgres://user:password@host/database?sslmode=disable"` -| The database URI. SQLite: A raw file path is supported, but `file:?_txlock=immediate` is recommended. https://github.com/mattn/go-sqlite3#connection-string Postgres: Connection string. For example, postgres://user:password@host/database?sslmode=disable To connect via Unix socket, use something like postgres:///dbname?host=/var/run/postgresql - -| config.direct_media.allow_proxy -| bool -| `true` -| If the remote network supports media downloads over HTTP, then the bridge will use MSC3860/MSC3916 media download redirects if the requester supports it. Optionally, you can force redirects and not allow proxying at all by setting this to false. This option does nothing if the remote network does not support media downloads over HTTP. - -| config.direct_media.enabled -| bool -| `false` -| Should custom mxc:// URIs be used instead of reuploading media? - -| config.direct_media.media_id_prefix -| string -| `nil` -| Optionally specify a custom prefix for the media ID part of the MXC URI. - -| config.direct_media.server_key -| string -| `""` -| Matrix server signing key to make the federation tester pass, same format as synapse's .signing.key file. This key is also used to sign the mxc:// URIs to ensure only the bridge can generate them. - -| config.direct_media.server_name -| string -| `"discord-media.example.com"` -| The server name to use for the custom mxc:// URIs. This server name will effectively be a real Matrix server, it just won't implement anything other than media. You must either set up .well-known delegation from this domain to the bridge, or proxy the domain directly to the bridge. - -| config.direct_media.well_known_response -| string -| `nil` -| Optionally a custom .well-known response. This defaults to `server_name:443` - -| config.double_puppet.allow_discovery -| bool -| `false` -| Whether to allow client API URL discovery for other servers. When using this option, users on other servers can use double puppeting even if their server URLs aren't explicitly added to the servers map above. - -| config.double_puppet.secrets -| object -| `{"example.com":"as_token:foobar"}` -| Shared secrets for automatic double puppeting. See https://docs.mau.fi/bridges/general/double-puppeting.html for instructions. - -| config.double_puppet.servers -| object -| `{"example.com":"https://example.com"}` -| Servers to always allow double puppeting from. This is only for other servers and should NOT contain the server the bridge is on. - -| config.encryption.allow -| bool -| `false` -| Allow encryption, work in group chat rooms with e2ee enabled - -| config.encryption.allow_key_sharing -| bool -| `false` -| Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled. You must use a client that supports requesting keys from other users to use this feature. - -| config.encryption.appservice -| bool -| `false` -| Whether to use MSC2409/MSC3202 instead of /sync long polling for receiving encryption-related data. - -| config.encryption.default -| bool -| `false` -| Default to encryption, force-enable encryption in all portals the bridge creates This will cause the bridge bot to be in private chats for the encryption to work properly. - -| config.encryption.delete_keys -| object -| `{"delete_fully_used_on_decrypt":false,"delete_on_device_delete":false,"delete_outbound_on_ack":false,"delete_outdated_inbound":false,"delete_prev_on_new_session":false,"dont_store_outbound":false,"periodically_delete_expired":false,"ratchet_on_decrypt":false}` -| Options for deleting megolm sessions from the bridge. - -| config.encryption.delete_keys.delete_fully_used_on_decrypt -| bool -| `false` -| Delete fully used keys (index >= max_messages) after decrypting messages. - -| config.encryption.delete_keys.delete_on_device_delete -| bool -| `false` -| Delete megolm sessions received from a device when the device is deleted. - -| config.encryption.delete_keys.delete_outbound_on_ack -| bool -| `false` -| Beeper-specific: delete outbound sessions when hungryserv confirms that the user has uploaded the key to key backup. - -| config.encryption.delete_keys.delete_outdated_inbound -| bool -| `false` -| Delete inbound megolm sessions that don't have the received_at field used for automatic ratcheting and expired session deletion. This is meant as a migration to delete old keys prior to the bridge update. - -| config.encryption.delete_keys.delete_prev_on_new_session -| bool -| `false` -| Delete previous megolm sessions from same device when receiving a new one. - -| config.encryption.delete_keys.dont_store_outbound -| bool -| `false` -| Don't store outbound sessions in the inbound table. - -| config.encryption.delete_keys.periodically_delete_expired -| bool -| `false` -| Periodically delete megolm sessions when 2x max_age has passed since receiving the session. - -| config.encryption.delete_keys.ratchet_on_decrypt -| bool -| `false` -| Ratchet megolm sessions forward after decrypting messages. - -| config.encryption.pickle_key -| string -| `nil` -| - -| config.encryption.plaintext_mentions -| string -| `nil` -| - -| config.encryption.require -| bool -| `false` -| Require encryption, drop any unencrypted messages. - -| config.encryption.rotation.disable_device_change_key_rotation -| bool -| `false` -| Disable rotating keys when a user's devices change? You should not enable this option unless you understand all the implications. - -| config.encryption.rotation.enable_custom -| bool -| `false` -| Enable custom Megolm room key rotation settings. Note that these settings will only apply to rooms created after this option is set. - -| config.encryption.rotation.messages -| int -| `100` -| The maximum number of messages that should be sent with a given a session before changing it. The Matrix spec recommends 100 as the default. - -| config.encryption.rotation.milliseconds -| int -| `604800000` -| The maximum number of milliseconds a session should be used before changing it. The Matrix spec recommends 604800000 (a week) as the default. - -| config.encryption.verification_levels.receive -| string -| `"unverified"` -| Minimum level for which the bridge should send keys to when bridging messages from Signal to Matrix. - -| config.encryption.verification_levels.send -| string -| `"unverified"` -| Minimum level that the bridge should accept for incoming Matrix messages. - -| config.encryption.verification_levels.share -| string -| `"cross-signed-tofu"` -| Minimum level that the bridge should require for accepting key requests. - -| config.homeserver.address -| string -| `"https://matrix.example.com"` -| The address that this appservice can use to connect to the homeserver. - -| config.homeserver.async_media -| bool -| `false` -| Does the homeserver support https://github.com/matrix-org/matrix-spec-proposals/pull/2246? - -| config.homeserver.domain -| string -| `"example.com"` -| The domain of the homeserver (also known as server_name, used for MXIDs, etc). - -| config.homeserver.message_send_checkpoint_endpoint -| string -| `nil` -| Endpoint for reporting per-message status. - -| config.homeserver.ping_interval_seconds -| int -| `0` -| How often should the websocket be pinged? Pinging will be disabled if this is zero. - -| config.homeserver.public_address -| string -| `nil` -| - -| config.homeserver.software -| string -| `"standard"` -| What software is the homeserver running? Standard Matrix homeservers like Synapse, Dendrite and Conduit should just use "standard" here. - -| config.homeserver.status_endpoint -| string -| `nil` -| The URL to push real-time bridge status to. If set, the bridge will make POST requests to this URL whenever a user's Signal connection state changes. The bridge will use the appservice as_token to authorize requests. - -| config.homeserver.websocket -| bool -| `false` -| Should the bridge use a websocket for connecting to the homeserver? The server side is currently not documented anywhere and is only implemented by mautrix-wsproxy, mautrix-asmux (deprecated), and hungryserv (proprietary). - -| config.homeserver.websocket_proxy -| string -| `""` -| - -| config.logging.min_level -| string -| `"warn"` -| - -| config.logging.writers[0].format -| string -| `"json"` -| - -| config.logging.writers[0].type -| string -| `"stdout"` -| - -| config.management_room_text.additional_help -| string -| `""` -| Optional extra text sent when joining a management room. - -| config.management_room_text.welcome -| string -| `"Hello, I'm a Signal bridge bot."` -| Sent when joining a room. - -| config.management_room_text.welcome_connected -| string -| `"Use `help` for help."` -| Sent when joining a management room and the user is already logged in. - -| config.management_room_text.welcome_unconnected -| string -| `"Use `help` for help or `login` to log in."` -| Sent when joining a management room and the user is not logged in. - -| config.matrix.delivery_receipts -| bool -| `false` -| Should the bridge send a read receipt from the bridge bot when a message has been sent to Signal? - -| config.matrix.federate_rooms -| bool -| `true` -| Whether or not created rooms should have federation enabled. If false, created portal rooms will never be federated. - -| config.matrix.message_error_notices -| bool -| `true` -| Whether the bridge should send error notices via m.notice events when a message fails to bridge. - -| config.matrix.message_status_events -| bool -| `false` -| Whether the bridge should send the message status as a custom com.beeper.message_send_status event. - -| config.matrix.sync_direct_chat_list -| bool -| `false` -| Should the bridge update the m.direct account data event when double puppeting is enabled. Note that updating the m.direct event is not atomic (except with mautrix-asmux) and is therefore prone to race conditions. - -| config.provisioning.debug_endpoints -| bool -| `false` -| Enable debug API at /debug with provisioning authentication. - -| config.provisioning.prefix -| string -| `"/_matrix/provision"` -| Prefix for the provisioning API paths. - -| config.provisioning.shared_secret -| string -| `"generate"` -| Shared secret for authentication. If set to "generate", a random secret will be generated, or if set to "disable", the provisioning API will be disabled. - -| config.public_media.enabled -| bool -| `false` -| Should public media be enabled at all? The public_address field under the appservice section MUST be set when enabling public media. - -| config.public_media.expiry -| int -| `0` -| Number of seconds that public media URLs are valid for. If set to 0, URLs will never expire. - -| config.public_media.hash_length -| int -| `32` -| Length of hash to use for public media URLs. Must be between 0 and 32. - -| config.public_media.signing_key -| string -| `"generate"` -| A key for signing public media URLs. If set to "generate", a random key will be generated. - -| config.signal.device_name -| string -| `"mautrix-signal"` -| Default device name that shows up in the Signal app. - -| config.signal.displayname_template -| string -| `"{{ printf \"%s (%s) %s\" (or .ProfileName .ContactName \"Unknown user\") (or .PhoneNumber \"Unknown number\" (or .AboutEmoji \"\")}}"` -| Displayname template for Signal users. This is also used as the room name in DMs if private_chat_portal_meta is enabled. {{.ProfileName}} - The Signal profile name set by the user. {{.ContactName}} - The name for the user from your phone's contact list. This is not safe on multi-user instances. {{.PhoneNumber}} - The phone number of the user. {{.UUID}} - The UUID of the Signal user. {{.AboutEmoji}} - The emoji set by the user in their profile. - -| config.signal.location_format -| string -| `"https://www.openstreetmap.org/?mlat=%[1]s&mlon=%[2]s"` -| - -| config.signal.note_to_self_avatar -| string -| `"mxc://maunium.net/REBIVrqjZwmaWpssCZpBlmlL"` -| - -| config.signal.number_in_topic -| bool -| `true` -| Should the Signal user's phone number be included in the room topic in private chat portal rooms? - -| config.signal.sync_contacts_on_startup -| bool -| `true` -| Should the bridge request the user's contact list from the phone on startup? - -| config.signal.use_contact_avatars -| bool -| `false` -| Should avatars from the user's contact list be used? This is not safe on multi-user instances. - -| config.signal.use_outdated_profiles -| bool -| `false` -| Should the bridge sync ghost user info even if profile fetching fails? This is not safe on multi-user instances. - -| fullnameOverride -| string -| `""` -| - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"dock.mau.dev"` -| - -| image.repository -| string -| `""` -| - -| image.tag -| string -| `""` -| - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| livenessProbe.httpGet.path -| string -| `"/_matrix/mau/live"` -| - -| livenessProbe.httpGet.port -| string -| `"http"` -| - -| nameOverride -| string -| `""` -| - -| nodeSelector -| object -| `{}` -| - -| persistence.accessMode -| string -| `"ReadWriteOnce"` -| accessMode - -| persistence.annotations -| object -| `{}` -| - -| persistence.enabled -| bool -| `true` -| Enable persistence using Persistent Volume Claims ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - -| persistence.existingClaim -| string -| `nil` -| A manually managed Persistent Volume and Claim Requires persistence.enabled: true If defined, PVC must be created manually before volume will be bound - -| persistence.hostPath -| string -| `nil` -| Do not create an PVC, direct use hostPath in Pod - -| persistence.size -| string -| `"10Gi"` -| size - -| persistence.storageClass -| string -| `nil` -| Persistent Volume Storage Class If defined, storageClassName: If set to "-", storageClassName: "", which disables dynamic provisioning If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner. (gp2 on AWS, standard on GKE, AWS & OpenStack) - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| readinessProbe.httpGet.path -| string -| `"/_matrix/mau/ready"` -| - -| readinessProbe.httpGet.port -| string -| `"http"` -| - -| registration."de.sorunome.msc2409.push_ephemeral" -| bool -| `true` -| - -| registration.namespaces.users[0].exclusive -| bool -| `true` -| - -| registration.namespaces.users[0].regex -| string -| `"^@signalbot:example.org$"` -| - -| registration.namespaces.users[1].exclusive -| bool -| `true` -| - -| registration.namespaces.users[1].regex -| string -| `"^@signal_.*:example.org$"` -| - -| registration.push_ephemeral -| bool -| `true` -| - -| registration.rate_limited -| bool -| `false` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.automount -| bool -| `false` -| - -| serviceAccount.create -| bool -| `false` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| - -| volumeMounts -| list -| `[]` -| - -| volumes -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] - diff --git a/mautrix-bridge/README.md b/mautrix-bridge/README.md index 25c00c6..0a31bdd 100644 --- a/mautrix-bridge/README.md +++ b/mautrix-bridge/README.md @@ -7,7 +7,7 @@ description: "A Matrix puppeting bridge mautrix." # mautrix-bridge -![Version: 0.0.14](https://img.shields.io/badge/Version-0.0.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.0.15](https://img.shields.io/badge/Version-0.0.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) A Matrix puppeting bridge mautrix. diff --git a/mautrix-bridge/bridge-values/signal/values.yaml b/mautrix-bridge/bridge-values/signal/values.yaml index 71e00a5..eddff59 100644 --- a/mautrix-bridge/bridge-values/signal/values.yaml +++ b/mautrix-bridge/bridge-values/signal/values.yaml @@ -1,6 +1,6 @@ image: repository: mautrix/signal - tag: "v0.7.3" + tag: "v0.7.4" config: bridge: diff --git a/mautrix-bridge/bridge-values/slack/values.yaml b/mautrix-bridge/bridge-values/slack/values.yaml index 2db34d6..2057b0f 100644 --- a/mautrix-bridge/bridge-values/slack/values.yaml +++ b/mautrix-bridge/bridge-values/slack/values.yaml @@ -1,6 +1,6 @@ image: repository: mautrix/slack - tag: "v0.1.3" + tag: "v0.1.4" config: bridge: -- 2.45.3 From ece35cce9c479735bb1ba2616e17aa1f35455dc1 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 23 Dec 2024 12:03:17 +0100 Subject: [PATCH 217/256] fix(forgejo-runner): update dependencies --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.md | 6 +++--- forgejo-runner/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 8a0fee0..88d94e4 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.6" +version: "0.4.7" # renovate: image=code.forgejo.org/forgejo/runner appVersion: "5.0.4" maintainers: diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index 66eb3ac..3871194 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.6](https://img.shields.io/badge/Version-0.4.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.4](https://img.shields.io/badge/AppVersion-5.0.4-informational?style=flat-square) +![Version: 0.4.7](https://img.shields.io/badge/Version-0.4.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.4](https://img.shields.io/badge/AppVersion-5.0.4-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) @@ -119,7 +119,7 @@ helm uninstall forgejo-runner-release | dind.image.pullPolicy | string | `"IfNotPresent"` | | | dind.image.registry | string | `"docker.io"` | | | dind.image.repository | string | `"library/docker"` | | -| dind.image.tag | string | `"27.4.0-dind"` | | +| dind.image.tag | string | `"27.4.1-dind"` | | | extraEnvVars | list | `[]` | Additional environment variables to be set on runner container Example: extraEnvVars: - name: FOO value: "bar" | | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | @@ -130,7 +130,7 @@ helm uninstall forgejo-runner-release | kubectl.image.pullPolicy | string | `"IfNotPresent"` | | | kubectl.image.registry | string | `"docker.io"` | | | kubectl.image.repository | string | `"bitnami/kubectl"` | | -| kubectl.image.tag | string | `"1.31.4"` | | +| kubectl.image.tag | string | `"1.32.0"` | | | nameOverride | string | `""` | | | nodeSelector | object | `{}` | | | podAnnotations | object | `{}` | | diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 2003933..cb0b17f 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -144,13 +144,13 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.4.0-dind + tag: 27.4.1-dind kubectl: image: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.4 + tag: 1.32.0 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From 8d6d7560a87f1aed7522fc5e492d2abfa3145fcb Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 23 Dec 2024 12:04:19 +0100 Subject: [PATCH 218/256] fix(ntfy): update dependencies --- ntfy/Chart.yaml | 2 +- ntfy/README.md | 4 ++-- ntfy/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 02c1304..032b8cf 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: "0.4.7" +version: "0.4.8" # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.md b/ntfy/README.md index 73c3c18..b88c448 100644 --- a/ntfy/README.md +++ b/ntfy/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # ntfy -![Version: 0.4.7](https://img.shields.io/badge/Version-0.4.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) +![Version: 0.4.8](https://img.shields.io/badge/Version-0.4.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) A Helm chart for Kubernetes @@ -65,7 +65,7 @@ helm uninstall ntfy-release | ingress.hosts[0].paths[0].path | string | `"/"` | | | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | | ingress.tls | list | `[]` | | -| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.31.4"}` | image needed for setup (store generated VAPID / WebPush keys) | +| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.32.0"}` | image needed for setup (store generated VAPID / WebPush keys) | | nameOverride | string | `""` | | | networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | | networkPolicy.egress.extra | list | `[]` | egress rules | diff --git a/ntfy/values.yaml b/ntfy/values.yaml index bf99387..10e51ec 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -16,7 +16,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.31.4 + tag: 1.32.0 imagePullSecrets: [] nameOverride: "" -- 2.45.3 From 742b680c63604d43be41824042d325d06c29f5c7 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 23 Dec 2024 12:04:56 +0100 Subject: [PATCH 219/256] fix(home-assistant): update dependencies --- home-assistant/Chart.yaml | 2 +- home-assistant/README.md | 4 ++-- home-assistant/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 853fa12..dc6a3bf 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,7 +3,7 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.11 +version: 0.2.12 # renovate: image=ghcr.io/home-assistant/home-assistant appVersion: "2024.12.3" maintainers: diff --git a/home-assistant/README.md b/home-assistant/README.md index 29e42d8..cbf9f4b 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.11](https://img.shields.io/badge/Version-0.2.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.3](https://img.shields.io/badge/AppVersion-2024.12.3-informational?style=flat-square) +![Version: 0.2.12](https://img.shields.io/badge/Version-0.2.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.3](https://img.shields.io/badge/AppVersion-2024.12.3-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi @@ -70,7 +70,7 @@ helm uninstall home-assistant-release | nats.image.pullPolicy | string | `"IfNotPresent"` | | | nats.image.registry | string | `"docker.io"` | | | nats.image.repository | string | `"library/nats"` | | -| nats.image.tag | string | `"2.10.23-scratch"` | | +| nats.image.tag | string | `"2.10.24-scratch"` | | | nats.livenessProbe.tcpSocket.port | string | `"nats"` | | | nats.readinessProbe.tcpSocket.port | string | `"nats"` | | | nats.resources.limits.cpu | string | `"100m"` | | diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index 3656a95..a3e051c 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -24,7 +24,7 @@ nats: registry: docker.io repository: library/nats pullPolicy: IfNotPresent - tag: "2.10.23-scratch" + tag: "2.10.24-scratch" service: port: nats: 4222 -- 2.45.3 From ef6a0315aff3a65a281a4278c5565000984d944f Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 23 Dec 2024 12:07:24 +0100 Subject: [PATCH 220/256] fix(matrix-synapse): update redis and postgresql --- matrix-synapse/Chart.lock | 8 ++++---- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.md | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/matrix-synapse/Chart.lock b/matrix-synapse/Chart.lock index 090b707..72aca1a 100644 --- a/matrix-synapse/Chart.lock +++ b/matrix-synapse/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://docker.io/bitnamicharts - version: 16.3.1 + version: 16.3.4 - name: redis repository: oci://docker.io/bitnamicharts - version: 20.6.0 -digest: sha256:3120275674c549a4083939646d931cfb718447511da021bd7b46cb0fed1dbefb -generated: "2024-12-17T14:14:44.769791567+01:00" + version: 20.6.1 +digest: sha256:665df7526ab6a366a2d588fd0269eafb28b8b798e16e2df0c61b43095aa97219 +generated: "2024-12-23T12:06:19.941471462+01:00" diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 3666f99..7a5263d 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.6" +version: "1.0.7" # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.121.1 maintainers: @@ -17,6 +17,6 @@ dependencies: repository: "oci://docker.io/bitnamicharts" condition: postgresql.enabled - name: redis - version: "20.6.0" + version: "20.6.1" repository: "oci://docker.io/bitnamicharts" condition: redis.enabled diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index dc7f7cf..802a8cd 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.6](https://img.shields.io/badge/Version-1.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) +![Version: 1.0.7](https://img.shields.io/badge/Version-1.0.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) Matrix reference homeserver @@ -44,7 +44,7 @@ helm uninstall matrix-synapse-release | Repository | Name | Version | |------------|------|---------| | oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | -| oci://docker.io/bitnamicharts | redis | 20.6.0 | +| oci://docker.io/bitnamicharts | redis | 20.6.1 | ## Values -- 2.45.3 From 5dc32f9722258d7247bc0f144bc153e21eb56f07 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 23 Dec 2024 12:07:33 +0100 Subject: [PATCH 221/256] fix(pretix): update redis and postgresql --- pretix/Chart.lock | 8 ++++---- pretix/Chart.yaml | 4 ++-- pretix/README.md | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/pretix/Chart.lock b/pretix/Chart.lock index 308c0e5..ea43fe0 100644 --- a/pretix/Chart.lock +++ b/pretix/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://docker.io/bitnamicharts - version: 16.3.2 + version: 16.3.4 - name: redis repository: oci://docker.io/bitnamicharts - version: 20.6.0 -digest: sha256:0c91ccf00207fb231290572b9e516212e5bf518511d3b887409111ea568b61c9 -generated: "2024-12-17T14:17:08.440769741+01:00" + version: 20.6.1 +digest: sha256:665df7526ab6a366a2d588fd0269eafb28b8b798e16e2df0c61b43095aa97219 +generated: "2024-12-23T12:06:39.521620501+01:00" diff --git a/pretix/Chart.yaml b/pretix/Chart.yaml index bdd8ef1..6b5833e 100644 --- a/pretix/Chart.yaml +++ b/pretix/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: pretix description: Reinventing ticket presales, one ticket at a time. type: application -version: 0.1.1 +version: 0.1.2 # renovate: image=docker.io/pretix/standalone appVersion: "2024.11.0" keywords: @@ -20,6 +20,6 @@ dependencies: repository: "oci://docker.io/bitnamicharts" condition: postgresql.enabled - name: redis - version: "20.6.0" + version: "20.6.1" repository: "oci://docker.io/bitnamicharts" condition: redis.enabled diff --git a/pretix/README.md b/pretix/README.md index c81e383..62bb464 100644 --- a/pretix/README.md +++ b/pretix/README.md @@ -7,7 +7,7 @@ description: "Reinventing ticket presales, one ticket at a time." # pretix -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -50,7 +50,7 @@ helm uninstall pretix-release | Repository | Name | Version | |------------|------|---------| | oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | -| oci://docker.io/bitnamicharts | redis | 20.6.0 | +| oci://docker.io/bitnamicharts | redis | 20.6.1 | ## Values @@ -154,7 +154,7 @@ helm uninstall pretix-release Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) # pretix -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -175,7 +175,7 @@ Reinventing ticket presales, one ticket at a time. | Repository | Name | Version | |------------|------|---------| | oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | -| oci://docker.io/bitnamicharts | redis | 20.6.0 | +| oci://docker.io/bitnamicharts | redis | 20.6.1 | ## Values -- 2.45.3 From 033e49c5c0da32eaed1b7d51ee1872a69ccdc738 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 23 Dec 2024 12:09:16 +0100 Subject: [PATCH 222/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index dc6a3bf..92ab999 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.12 +version: 0.2.13 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.12.3" +appVersion: "2024.12.5" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index cbf9f4b..17dc2aa 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.12](https://img.shields.io/badge/Version-0.2.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.3](https://img.shields.io/badge/AppVersion-2024.12.3-informational?style=flat-square) +![Version: 0.2.13](https://img.shields.io/badge/Version-0.2.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.5](https://img.shields.io/badge/AppVersion-2024.12.5-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From 6ca7741a915e5fcd8c9a018d38954a5bf70296c8 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 3 Jan 2025 13:42:52 +0100 Subject: [PATCH 223/256] fix(grampsweb): update appVersion --- grampsweb/Chart.yaml | 4 ++-- grampsweb/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/grampsweb/Chart.yaml b/grampsweb/Chart.yaml index ec0590c..14b651e 100644 --- a/grampsweb/Chart.yaml +++ b/grampsweb/Chart.yaml @@ -3,9 +3,9 @@ name: grampsweb description: A Helm chart for gramps web icon: https://raw.githubusercontent.com/gramps-project/Gramps.js/main/images/icon512.png type: application -version: "0.2.5" +version: "0.2.6" # renovate: image=ghcr.io/gramps-project/grampsweb -appVersion: "24.12.1" +appVersion: "24.12.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/grampsweb/README.md b/grampsweb/README.md index c773d6f..7d4b0d4 100644 --- a/grampsweb/README.md +++ b/grampsweb/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for gramps web" # grampsweb -![Version: 0.2.5](https://img.shields.io/badge/Version-0.2.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 24.12.1](https://img.shields.io/badge/AppVersion-24.12.1-informational?style=flat-square) +![Version: 0.2.6](https://img.shields.io/badge/Version-0.2.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 24.12.2](https://img.shields.io/badge/AppVersion-24.12.2-informational?style=flat-square) A Helm chart for gramps web -- 2.45.3 From fc7a229fcc550e27e7b597bdebecc3e847d4e2d3 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 3 Jan 2025 14:18:54 +0100 Subject: [PATCH 224/256] feat(autopush): init - WIP --- autopush/.gitignore | 2 + autopush/.helmignore | 22 ++ autopush/Chart.lock | 6 + autopush/Chart.yaml | 17 ++ autopush/README.md | 149 ++++++++++ autopush/_docs.gotmpl | 15 + autopush/ci/ct-empty-values.yaml | 0 autopush/ci/ct-monitor-values.yaml | 6 + autopush/container/Containerfile | 15 + autopush/container/requirements.txt | 1 + autopush/container/setup.py | 5 + autopush/templates/_helpers.tpl | 93 ++++++ .../templates/autoconnect/deployment.yaml | 91 ++++++ autopush/templates/autoconnect/service.yaml | 22 ++ .../templates/autoendpoint/deployment.yaml | 88 ++++++ autopush/templates/autoendpoint/service.yaml | 22 ++ autopush/templates/ingress.yaml | 41 +++ autopush/templates/secret.yaml | 45 +++ autopush/templates/serviceaccount.yaml | 13 + autopush/templates/servicemonitor.yaml | 17 ++ autopush/values.yaml | 279 ++++++++++++++++++ 21 files changed, 949 insertions(+) create mode 100644 autopush/.gitignore create mode 100644 autopush/.helmignore create mode 100644 autopush/Chart.lock create mode 100644 autopush/Chart.yaml create mode 100644 autopush/README.md create mode 100644 autopush/_docs.gotmpl create mode 100644 autopush/ci/ct-empty-values.yaml create mode 100644 autopush/ci/ct-monitor-values.yaml create mode 100644 autopush/container/Containerfile create mode 100644 autopush/container/requirements.txt create mode 100644 autopush/container/setup.py create mode 100644 autopush/templates/_helpers.tpl create mode 100644 autopush/templates/autoconnect/deployment.yaml create mode 100644 autopush/templates/autoconnect/service.yaml create mode 100644 autopush/templates/autoendpoint/deployment.yaml create mode 100644 autopush/templates/autoendpoint/service.yaml create mode 100644 autopush/templates/ingress.yaml create mode 100644 autopush/templates/secret.yaml create mode 100644 autopush/templates/serviceaccount.yaml create mode 100644 autopush/templates/servicemonitor.yaml create mode 100644 autopush/values.yaml diff --git a/autopush/.gitignore b/autopush/.gitignore new file mode 100644 index 0000000..31014c3 --- /dev/null +++ b/autopush/.gitignore @@ -0,0 +1,2 @@ +charts/*.tgz +values_test.yaml diff --git a/autopush/.helmignore b/autopush/.helmignore new file mode 100644 index 0000000..50af031 --- /dev/null +++ b/autopush/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/autopush/Chart.lock b/autopush/Chart.lock new file mode 100644 index 0000000..50a66e1 --- /dev/null +++ b/autopush/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: redis + repository: oci://docker.io/bitnamicharts + version: 20.6.1 +digest: sha256:c792eb1f889b58718def58d4bb80d370a1f5ddfc093e5902ab3d87441a4a769f +generated: "2025-01-03T14:55:39.364820359+01:00" diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml new file mode 100644 index 0000000..b6fb901 --- /dev/null +++ b/autopush/Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v2 +name: autopush +description: A Helm chart for Kubernetes +icon: +type: application +version: 0.0.1 +# renovate: image=docker.io/mozilla-services/autopush-rs +appVersion: "1.72.2" +maintainers: + - name: WrenIX + url: https://wrenix.eu + +dependencies: + - name: redis + version: "20.6.1" + repository: "oci://docker.io/bitnamicharts" + condition: redis.internal diff --git a/autopush/README.md b/autopush/README.md new file mode 100644 index 0000000..c5fa170 --- /dev/null +++ b/autopush/README.md @@ -0,0 +1,149 @@ +--- +title: "autopush" + +description: "A Helm chart for Kubernetes" + +--- + +# autopush + +![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) + +A Helm chart for Kubernetes + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| WrenIX | | | + += Beta + +WARNING +==== +We let it run in production, but it is not stable / complete. + +TODOs: + - [ ] official container with redis backend, see: https://github.com/mozilla-services/autopush-rs/pull/813 + - [ ] automatical create CRYPT_KEY (instatt of key) + - [ ] better ingress / host name support + - [ ] Improve monitoring with alerts and grafana dashboard + +==== + +## Usage + +Helm must be installed and setup to your kubernetes cluster to use the charts. +Refer to Helm's [documentation](https://helm.sh/docs) to get started. +Once Helm has been set up correctly, fetch the charts as follows: + +```bash +helm pull oci://codeberg.org/wrenix/helm-charts/autopush +``` + +You can install a chart release using the following command: + +```bash +helm install autopush-release oci://codeberg.org/wrenix/helm-charts/autopush --values values.yaml +``` + +To uninstall a chart release use `helm`'s delete command: + +```bash +helm uninstall autopush-release +``` + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| oci://docker.io/bitnamicharts | redis | 20.6.1 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| autoconnect.affinity | object | `{}` | | +| autoconnect.image.pullPolicy | string | `"IfNotPresent"` | | +| autoconnect.image.registry | string | `"codeberg.org"` | | +| autoconnect.image.repository | string | `"wrenix/autopush/autoconnect"` | | +| autoconnect.image.tag | string | `"latest"` | | +| autoconnect.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| autoconnect.nodeSelector | object | `{}` | | +| autoconnect.podAnnotations | object | `{}` | This is for setting Kubernetes Annotations to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ | +| autoconnect.podLabels | object | `{}` | This is for setting Kubernetes Labels to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ | +| autoconnect.podSecurityContext | object | `{}` | | +| autoconnect.readinessProbe.httpGet.path | string | `"/health"` | | +| autoconnect.readinessProbe.httpGet.port | string | `"http"` | | +| autoconnect.replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ | +| autoconnect.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | +| autoconnect.securityContext | object | `{}` | securityContext capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 | +| autoconnect.service.port | int | `80` | | +| autoconnect.service.type | string | `"ClusterIP"` | | +| autoconnect.tolerations | list | `[]` | | +| autoconnect.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | +| autoendpoint.affinity | object | `{}` | | +| autoendpoint.image.pullPolicy | string | `"IfNotPresent"` | | +| autoendpoint.image.registry | string | `"codeberg.org"` | | +| autoendpoint.image.repository | string | `"wrenix/autopush/autoendpoint"` | | +| autoendpoint.image.tag | string | `"latest"` | | +| autoendpoint.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| autoendpoint.nodeSelector | object | `{}` | | +| autoendpoint.podAnnotations | object | `{}` | | +| autoendpoint.podLabels | object | `{}` | | +| autoendpoint.podSecurityContext | object | `{}` | | +| autoendpoint.readinessProbe.httpGet.path | string | `"/health"` | | +| autoendpoint.readinessProbe.httpGet.port | string | `"http"` | | +| autoendpoint.replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ | +| autoendpoint.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | +| autoendpoint.securityContext | object | `{}` | | +| autoendpoint.service.port | int | `80` | | +| autoendpoint.service.type | string | `"ClusterIP"` | | +| autoendpoint.tolerations | list | `[]` | | +| autoendpoint.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | +| config.cryptoKey | string | `""` | run https://github.com/mozilla-services/autopush-rs/blob/master/scripts/fernet_key.py | +| config.logs.backtrace | bool | `false` | enable backtrace of autopush | +| config.logs.level | string | `"warn"` | set log level of autopush | +| fullnameOverride | string | `""` | | +| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | +| global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| imagePullSecrets | list | `[]` | This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ | +| ingress.annotations | object | `{}` | | +| ingress.className | string | `""` | | +| ingress.enabled | bool | `false` | | +| ingress.host | string | `"chart-example.local"` | | +| ingress.tls | list | `[]` | | +| nameOverride | string | `""` | This is to override the chart name. | +| prometheus.enabled | bool | `true` | start statsd sidecar and configure | +| prometheus.image.pullPolicy | string | `"IfNotPresent"` | | +| prometheus.image.registry | string | `"docker.io"` | | +| prometheus.image.repository | string | `"prom/statsd-exporter"` | | +| prometheus.image.tag | string | `"v0.28.0"` | | +| prometheus.livenessProbe | object | `{"httpGet":{"path":"/","port":"metrics"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| prometheus.readinessProbe.httpGet.path | string | `"/"` | | +| prometheus.readinessProbe.httpGet.port | string | `"metrics"` | | +| prometheus.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | +| prometheus.securityContext | object | `{}` | securityContext capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 | +| prometheus.servicemonitor.enabled | bool | `false` | | +| prometheus.servicemonitor.labels | object | `{}` | | +| prometheus.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | +| redis.architecture | string | `"standalone"` | | +| redis.auth.enabled | bool | `true` | | +| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | +| redis.auth.password | string | `"autopush"` | XXX Change me! | +| redis.dbid | int | `0` | Database ID for non-default database | +| redis.external.existingSecretPasswordKey | string | `"redis-password"` | Password key to be retrieved from existing secret | +| redis.external.host | string | `"redis"` | | +| redis.external.port | int | `6379` | | +| redis.internal | bool | `true` | | +| redis.master.kind | string | `"Deployment"` | | +| redis.master.persistence.enabled | bool | `false` | | +| redis.master.service.port | int | `6379` | | +| serviceAccount.annotations | object | `{}` | | +| serviceAccount.automount | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| volumes | list | `[]` | Additional volumes on the output Deployment definition. - name: foo secret: secretName: mysecret optional: false | + +Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) + diff --git a/autopush/_docs.gotmpl b/autopush/_docs.gotmpl new file mode 100644 index 0000000..fb13262 --- /dev/null +++ b/autopush/_docs.gotmpl @@ -0,0 +1,15 @@ +{{ define "chart.prerequirements" -}} += Beta + +WARNING +==== +We let it run in production, but it is not stable / complete. + +TODOs: + - [ ] official container with redis backend, see: https://github.com/mozilla-services/autopush-rs/pull/813 + - [ ] automatical create CRYPT_KEY (instatt of key) + - [ ] better ingress / host name support + - [ ] Improve monitoring with alerts and grafana dashboard + +==== +{{ end }} diff --git a/autopush/ci/ct-empty-values.yaml b/autopush/ci/ct-empty-values.yaml new file mode 100644 index 0000000..e69de29 diff --git a/autopush/ci/ct-monitor-values.yaml b/autopush/ci/ct-monitor-values.yaml new file mode 100644 index 0000000..f589e9d --- /dev/null +++ b/autopush/ci/ct-monitor-values.yaml @@ -0,0 +1,6 @@ +prometheus: + enabled: true + servicemonitor: + enabled: true + labels: + prometheus: default diff --git a/autopush/container/Containerfile b/autopush/container/Containerfile new file mode 100644 index 0000000..1535ff5 --- /dev/null +++ b/autopush/container/Containerfile @@ -0,0 +1,15 @@ +FROM python:3.8-slim + +# Set the working directory +WORKDIR /app + +# Copy the requirements file +COPY requirements.txt . + +# Install any needed packages +RUN pip install -r requirements.txt + +# Copy the application code into the container +COPY setup.py setup.py + +CMD ["python", "setup.py"] diff --git a/autopush/container/requirements.txt b/autopush/container/requirements.txt new file mode 100644 index 0000000..0d38bc5 --- /dev/null +++ b/autopush/container/requirements.txt @@ -0,0 +1 @@ +cryptography diff --git a/autopush/container/setup.py b/autopush/container/setup.py new file mode 100644 index 0000000..3cbdcd2 --- /dev/null +++ b/autopush/container/setup.py @@ -0,0 +1,5 @@ +#!/bin/env python3 +from cryptography.fernet import Fernet + +if __name__ == '__main__': + print(Fernet.generate_key().decode("UTF-8")) diff --git a/autopush/templates/_helpers.tpl b/autopush/templates/_helpers.tpl new file mode 100644 index 0000000..237e348 --- /dev/null +++ b/autopush/templates/_helpers.tpl @@ -0,0 +1,93 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "autopush.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "autopush.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "autopush.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "autopush.labels" -}} +helm.sh/chart: {{ include "autopush.chart" . }} +{{ include "autopush.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "autopush.selectorLabels" -}} +app.kubernetes.io/name: {{ include "autopush.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "autopush.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "autopush.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Prometheus-sidecar +*/}} +{{- define "autopush.containerPrometheus" -}} +{{- with .Values.prometheus }} +{{- if .enabled }} +- name: statsd-exporter + securityContext: + {{- toYaml .securityContext | nindent 4 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + ports: + - name: metrics + containerPort: 9102 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 4 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 4 }} + resources: + {{- toYaml .resources | nindent 4 }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/autopush/templates/autoconnect/deployment.yaml b/autopush/templates/autoconnect/deployment.yaml new file mode 100644 index 0000000..0f1f3bb --- /dev/null +++ b/autopush/templates/autoconnect/deployment.yaml @@ -0,0 +1,91 @@ +{{- with .Values.autoconnect }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "autopush.fullname" $ }}-autoconnect + labels: + {{- include "autopush.labels" $ | nindent 4 }} +spec: + replicas: {{ .replicaCount }} + selector: + matchLabels: + {{- include "autopush.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: autoconnect + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "autopush.labels" $ | nindent 8 }} + app.kubernetes.io/component: autoconnect + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "autopush.serviceAccountName" $ }} + securityContext: + {{- toYaml .podSecurityContext | nindent 8 }} + containers: + - name: autoconnect + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + envFrom: + - secretRef: + name: {{ include "autopush.fullname" $ }}-env + env: + - name: "AUTOCONNECT__DB_DSN" + {{- if $.Values.redis.auth.enabled }} + value: "redis://:$(REDIS_HOST_PASSWORD)@$(REDIS_HOST)" + {{- else }} + value: "redis://$(REDIS_HOST)" + {{- end }} + - name: "AUTOCONNECT__CRYPTO_KEY" + valueFrom: + secretKeyRef: + name: {{ include "autopush.fullname" $ }}-env + key: "CRYPTO_KEY" + ports: + - name: http + containerPort: 8080 + protocol: TCP + - name: router + containerPort: 8081 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- include "autopush.containerPrometheus" $ | nindent 8 }} + {{- with .volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/autopush/templates/autoconnect/service.yaml b/autopush/templates/autoconnect/service.yaml new file mode 100644 index 0000000..2a54f55 --- /dev/null +++ b/autopush/templates/autoconnect/service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "autopush.fullname" . }}-autoconnect + labels: + {{- include "autopush.labels" . | nindent 4 }} +spec: + type: {{ .Values.autoconnect.service.type }} + selector: + {{- include "autopush.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: autoconnect + ports: + - port: {{ .Values.autoconnect.service.port }} + targetPort: http + protocol: TCP + name: http + {{- if .Values.prometheus.enabled }} + - port: 9100 + targetPort: metrics + protocol: TCP + name: metrics + {{- end }} diff --git a/autopush/templates/autoendpoint/deployment.yaml b/autopush/templates/autoendpoint/deployment.yaml new file mode 100644 index 0000000..f738b48 --- /dev/null +++ b/autopush/templates/autoendpoint/deployment.yaml @@ -0,0 +1,88 @@ +{{- with .Values.autoendpoint }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "autopush.fullname" $ }}-autoendpoint + labels: + {{- include "autopush.labels" $ | nindent 4 }} +spec: + replicas: {{ .replicaCount }} + selector: + matchLabels: + {{- include "autopush.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: autoendpoint + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "autopush.labels" $ | nindent 8 }} + app.kubernetes.io/component: autoendpoint + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "autopush.serviceAccountName" $ }} + securityContext: + {{- toYaml .podSecurityContext | nindent 8 }} + containers: + - name: autoendpoint + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + envFrom: + - secretRef: + name: {{ include "autopush.fullname" $ }}-env + env: + - name: "AUTOEND__DB_DSN" + {{- if $.Values.redis.auth.enabled }} + value: "redis://:$(REDIS_HOST_PASSWORD)@$(REDIS_HOST)" + {{- else }} + value: "redis://$(REDIS_HOST)" + {{- end }} + - name: "AUTOEND__CRYPTO_KEYS" + valueFrom: + secretKeyRef: + name: {{ include "autopush.fullname" $ }}-env + key: "CRYPTO_KEY" + ports: + - name: http + containerPort: 8000 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- include "autopush.containerPrometheus" $ | nindent 8 }} + {{- with .volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/autopush/templates/autoendpoint/service.yaml b/autopush/templates/autoendpoint/service.yaml new file mode 100644 index 0000000..ef7abb3 --- /dev/null +++ b/autopush/templates/autoendpoint/service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "autopush.fullname" . }}-autoendpoint + labels: + {{- include "autopush.labels" . | nindent 4 }} +spec: + type: {{ .Values.autoendpoint.service.type }} + selector: + {{- include "autopush.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: autoendpoint + ports: + - port: {{ .Values.autoendpoint.service.port }} + targetPort: http + protocol: TCP + name: http + {{- if .Values.prometheus.enabled }} + - port: 9100 + targetPort: metrics + protocol: TCP + name: metrics + {{- end }} diff --git a/autopush/templates/ingress.yaml b/autopush/templates/ingress.yaml new file mode 100644 index 0000000..d53ba34 --- /dev/null +++ b/autopush/templates/ingress.yaml @@ -0,0 +1,41 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "autopush.fullname" . }} + labels: + {{- include "autopush.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- with .Values.ingress.className }} + ingressClassName: {{ . }} + {{- end }} + {{- with .Values.ingress.tls }} + tls: + {{- toYaml . | nindent 4 }} + {{- end }} + rules: + - host: {{ .Values.ingress.host | quote }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-autoconnect + port: + name: http + - host: {{ printf "updates.%s" .Values.ingress.host | quote }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-autoendpoint + port: + name: http +{{- end }} diff --git a/autopush/templates/secret.yaml b/autopush/templates/secret.yaml new file mode 100644 index 0000000..46fe7f1 --- /dev/null +++ b/autopush/templates/secret.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "autopush.fullname" . }}-env + annotations: + "helm.sh/hook": "pre-install,pre-upgrade" +type: Opaque +data: + {{/* GLOBAL */}} + RUST_BACKTRACE: {{ ternary "1" "0" .Values.config.logs.backtrace | b64enc }} + RUST_LOG: {{ .Values.config.logs.level | b64enc }} + {{- with .Values.redis }} + {{- if .auth.enabled }} + {{- with .auth.password }} + REDIS_HOST_PASSWORD: {{ . | b64enc }} + {{- end }} + {{- end }} + {{- if .internal }} + REDIS_HOST: {{ printf "%s-redis-master:%.0f/%.0f" (include "autopush.fullname" $) .master.service.port .dbid | b64enc }} + {{- else }} + REDIS_HOST: {{ printf "%s:%s/$.0f" .external.host .external.port .dbid | b64enc }} + {{- end }} + {{- end }} + CRYPTO_KEY: {{ printf "[%s]" .Values.config.cryptoKey | b64enc }} + {{/* autoconnect */}} + {{- if .Values.ingress.tls }} + AUTOCONNECT__ENDPOINT_SCHEME: {{ "https" | b64enc }} + AUTOCONNECT__ENDPOINT_PORT: {{ "443" | b64enc }} + {{- else }} + AUTOCONNECT__ENDPOINT_SCHEME: {{ "http" | b64enc }} + AUTOCONNECT__ENDPOINT_PORT: {{ "80" | b64enc }} + {{- end }} + AUTOCONNECT__ENDPOINT_HOSTNAME: {{ printf "updates.%s" .Values.ingress.host | b64enc }} + AUTOCONNECT__ROUTER_HOSTNAME: {{ printf "%s-autoconnect" (include "autopush.fullname" .) | b64enc }} + {{- if .Values.prometheus.enabled }} + AUTOCONNECT__STATSD_HOST: {{ "127.0.0.1" | b64enc}} + AUTOCONNECT__STATSD_PORT: {{ "9125" | b64enc }} + {{- end }} + {{/* autoendpoint */}} + AUTOEND__HOST: {{ "::" | b64enc }} + {{- if .Values.prometheus.enabled }} + AUTOEND__STATSD_HOST: {{ "127.0.0.1" | b64enc }} + AUTOEND__STATSD_PORT: {{ "9125" | b64enc }} + {{- end }} diff --git a/autopush/templates/serviceaccount.yaml b/autopush/templates/serviceaccount.yaml new file mode 100644 index 0000000..f341e97 --- /dev/null +++ b/autopush/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "autopush.serviceAccountName" . }} + labels: + {{- include "autopush.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/autopush/templates/servicemonitor.yaml b/autopush/templates/servicemonitor.yaml new file mode 100644 index 0000000..87b7f82 --- /dev/null +++ b/autopush/templates/servicemonitor.yaml @@ -0,0 +1,17 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.servicemonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "autopush.fullname" . }} + labels: + {{- include "autopush.labels" . | nindent 4 }} + {{- with .Values.prometheus.servicemonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "autopush.selectorLabels" . | nindent 6 }} + endpoints: + - port: metrics +{{- end }} diff --git a/autopush/values.yaml b/autopush/values.yaml new file mode 100644 index 0000000..ac0fabc --- /dev/null +++ b/autopush/values.yaml @@ -0,0 +1,279 @@ +global: + image: + # -- if set it will overwrite all registry entries + registry: + # -- if set it will overwrite all pullPolicy + pullPolicy: + +# -- This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +imagePullSecrets: [] +# -- This is to override the chart name. +nameOverride: "" +fullnameOverride: "" + + + + +config: + logs: + # -- set log level of autopush + level: warn + # -- enable backtrace of autopush + backtrace: false + # -- run https://github.com/mozilla-services/autopush-rs/blob/master/scripts/fernet_key.py + cryptoKey: "" + +prometheus: + # -- start statsd sidecar and configure + enabled: true + + servicemonitor: + enabled: false + labels: {} + + image: + registry: docker.io + repository: prom/statsd-exporter + pullPolicy: IfNotPresent + tag: v0.28.0 + + # -- securityContext + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + securityContext: {} + + # -- We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + resources: {} + + # -- This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + livenessProbe: + httpGet: + path: / + port: metrics + readinessProbe: + httpGet: + path: / + port: metrics + + # -- Additional volumeMounts on the output Deployment definition. + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + volumeMounts: [] + +## This configuration is for the internal Redis that's deployed for use with +## workers/sharding, for an external Redis server you want to set enabled to +## false and configure the externalRedis block. +## +redis: + internal: true + # -- Database ID for non-default database + dbid: 0 + + auth: + enabled: true + # -- XXX Change me! + password: autopush + + # -- Or use existing secret with "redis-password" key instead of static password + existingSecret: + external: + host: redis + port: 6379 + + # -- Password key to be retrieved from existing secret + existingSecretPasswordKey: redis-password + + + architecture: standalone + master: + kind: Deployment + persistence: + enabled: false + service: + port: 6379 + + + +autoconnect: + # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ + replicaCount: 1 + image: + registry: codeberg.org + repository: wrenix/autopush/autoconnect + pullPolicy: IfNotPresent + tag: latest + # -- This is for setting Kubernetes Annotations to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + podAnnotations: {} + # -- This is for setting Kubernetes Labels to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + podLabels: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + podSecurityContext: {} + # fsGroup: 2000 + + # -- securityContext + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + securityContext: {} + + # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ + service: + # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + type: ClusterIP + # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports + port: 80 + + # -- We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + resources: {} + + # -- This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + livenessProbe: + httpGet: + path: /health + port: http + readinessProbe: + httpGet: + path: /health + port: http + + # -- Additional volumeMounts on the output Deployment definition. + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + volumeMounts: [] + +autoendpoint: + # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ + replicaCount: 1 + image: + registry: codeberg.org + repository: wrenix/autopush/autoendpoint + pullPolicy: IfNotPresent + tag: latest + + # This is for setting Kubernetes Annotations to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + podAnnotations: {} + # This is for setting Kubernetes Labels to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + podLabels: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ + service: + # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + type: ClusterIP + # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports + port: 80 + + # -- We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + resources: {} + + # -- This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + livenessProbe: + httpGet: + path: /health + port: http + readinessProbe: + httpGet: + path: /health + port: http + + # -- Additional volumeMounts on the output Deployment definition. + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + volumeMounts: [] + + +#This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/ +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + host: chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + + +# -- Additional volumes on the output Deployment definition. +# - name: foo +# secret: +# secretName: mysecret +# optional: false +volumes: [] -- 2.45.3 From 6f78c0c59221c93e2a132fadbf2c62085eeb5901 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 6 Jan 2025 19:53:34 +0100 Subject: [PATCH 225/256] fix(home-assistant): update AppVersion and deps --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 4 ++-- home-assistant/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 92ab999..595443c 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.13 +version: 0.2.14 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2024.12.5" +appVersion: "2025.1.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index 17dc2aa..2b81108 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.13](https://img.shields.io/badge/Version-0.2.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.12.5](https://img.shields.io/badge/AppVersion-2024.12.5-informational?style=flat-square) +![Version: 0.2.14](https://img.shields.io/badge/Version-0.2.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.0](https://img.shields.io/badge/AppVersion-2025.1.0-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi @@ -113,7 +113,7 @@ helm uninstall home-assistant-release | zigbee2mqtt.image.pullPolicy | string | `"IfNotPresent"` | | | zigbee2mqtt.image.registry | string | `"docker.io"` | | | zigbee2mqtt.image.repository | string | `"koenkk/zigbee2mqtt"` | | -| zigbee2mqtt.image.tag | string | `"1.42.0"` | | +| zigbee2mqtt.image.tag | string | `"2.0.0"` | | | zigbee2mqtt.ingress.hosts | list | `[]` | | | zigbee2mqtt.securityContext.privileged | bool | `true` | | diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index a3e051c..ac3519b 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -50,7 +50,7 @@ zigbee2mqtt: registry: docker.io repository: koenkk/zigbee2mqtt pullPolicy: IfNotPresent - tag: 1.42.0 + tag: 2.0.0 device: /dev/ttyACM0 securityContext: privileged: true -- 2.45.3 From 68a9192f1122e21bce91203484ffa2c42787cdef Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 6 Jan 2025 19:55:30 +0100 Subject: [PATCH 226/256] fix(autopush): update python on helper --- autopush/Chart.yaml | 2 +- autopush/README.md | 2 +- autopush/container/Containerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index b6fb901..b6bc30c 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.1 +version: 0.0.2 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index c5fa170..c0ff0a4 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.1](https://img.shields.io/badge/Version-0.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes diff --git a/autopush/container/Containerfile b/autopush/container/Containerfile index 1535ff5..25167df 100644 --- a/autopush/container/Containerfile +++ b/autopush/container/Containerfile @@ -1,4 +1,4 @@ -FROM python:3.8-slim +FROM python:3.13-slim # Set the working directory WORKDIR /app -- 2.45.3 From 947486dc81f6c485be76338acf09cf1ebc1ed395 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 6 Jan 2025 19:56:08 +0100 Subject: [PATCH 227/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 4 ++-- stalwart-mail/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 79ee075..23a65d9 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.19 +version: 0.0.20 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.10.7" +appVersion: "0.11.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.md b/stalwart-mail/README.md index e57b3bb..8e21e27 100644 --- a/stalwart-mail/README.md +++ b/stalwart-mail/README.md @@ -7,7 +7,7 @@ description: "Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One M # stalwart-mail -![Version: 0.0.19](https://img.shields.io/badge/Version-0.0.19-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.10.7](https://img.shields.io/badge/AppVersion-0.10.7-informational?style=flat-square) +![Version: 0.0.20](https://img.shields.io/badge/Version-0.0.20-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.1](https://img.shields.io/badge/AppVersion-0.11.1-informational?style=flat-square) Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) -- 2.45.3 From a88e6e86017b8f6c13a9c487399e764578111bc6 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 7 Jan 2025 12:36:15 +0100 Subject: [PATCH 228/256] fix(home-assistant): new config for helmchart --- home-assistant/Chart.yaml | 2 +- home-assistant/README.md | 4 ++-- home-assistant/templates/zigbee2mqtt/configmap.yaml | 4 +++- home-assistant/values.yaml | 3 ++- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 595443c..2df0e1c 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,7 +3,7 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.2.14 +version: 0.3.0 # renovate: image=ghcr.io/home-assistant/home-assistant appVersion: "2025.1.0" maintainers: diff --git a/home-assistant/README.md b/home-assistant/README.md index 2b81108..9b41b52 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.2.14](https://img.shields.io/badge/Version-0.2.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.0](https://img.shields.io/badge/AppVersion-2025.1.0-informational?style=flat-square) +![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.0](https://img.shields.io/badge/AppVersion-2025.1.0-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi @@ -106,7 +106,7 @@ helm uninstall home-assistant-release | tolerations | list | `[]` | | | volumeMounts | list | `[]` | | | volumes | list | `[]` | | -| zigbee2mqtt.config.homeassistant | bool | `true` | | +| zigbee2mqtt.config.homeassistant.enabled | bool | `true` | | | zigbee2mqtt.config.serial.port | string | `"/dev/ttyACM0"` | | | zigbee2mqtt.device | string | `"/dev/ttyACM0"` | | | zigbee2mqtt.enabled | bool | `true` | | diff --git a/home-assistant/templates/zigbee2mqtt/configmap.yaml b/home-assistant/templates/zigbee2mqtt/configmap.yaml index 3e09a29..94705ab 100644 --- a/home-assistant/templates/zigbee2mqtt/configmap.yaml +++ b/home-assistant/templates/zigbee2mqtt/configmap.yaml @@ -10,7 +10,9 @@ data: ZIGBEE2MQTT_CONFIG_ADVANCED_LOG_OUTPUT: '["console"]' {{- with .Values.zigbee2mqtt.config }} {{- with .homeassistant }} - ZIGBEE2MQTT_CONFIG_HOMEASSISTANT: {{ . | quote }} + {{- with .enabled }} + ZIGBEE2MQTT_CONFIG_HOMEASSISTANT_ENABLED: {{ . | quote }} + {{- end }} {{- end }} {{- range $key, $value := .serial}} ZIGBEE2MQTT_CONFIG_SERIAL_{{ $key | upper }}: {{ $value | quote }} diff --git a/home-assistant/values.yaml b/home-assistant/values.yaml index ac3519b..8afd727 100644 --- a/home-assistant/values.yaml +++ b/home-assistant/values.yaml @@ -57,7 +57,8 @@ zigbee2mqtt: ingress: hosts: [] config: - homeassistant: true + homeassistant: + enabled: true serial: port: /dev/ttyACM0 -- 2.45.3 From c6d73fc92c92ce12725c745d0716537588a593f7 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 7 Jan 2025 13:48:58 +0100 Subject: [PATCH 229/256] fix(autopush): add autoend endpoint_url again --- autopush/Chart.yaml | 2 +- autopush/README.md | 2 +- autopush/templates/secret.yaml | 5 +++++ 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index b6bc30c..eacdf2c 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.2 +version: 0.0.3 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index c0ff0a4..f0613d5 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.2](https://img.shields.io/badge/Version-0.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.3](https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes diff --git a/autopush/templates/secret.yaml b/autopush/templates/secret.yaml index 46fe7f1..54d5f0f 100644 --- a/autopush/templates/secret.yaml +++ b/autopush/templates/secret.yaml @@ -39,6 +39,11 @@ data: {{- end }} {{/* autoendpoint */}} AUTOEND__HOST: {{ "::" | b64enc }} + {{- if .Values.ingress.tls }} + AUTOEND__ENDPOINT_URL: {{ printf "https://updates.%s" .Values.ingress.host | b64enc }} + {{- else }} + AUTOEND__ENDPOINT_URL: {{ printf "http://updates.%s" .Values.ingress.host | b64enc }} + {{- end }} {{- if .Values.prometheus.enabled }} AUTOEND__STATSD_HOST: {{ "127.0.0.1" | b64enc }} AUTOEND__STATSD_PORT: {{ "9125" | b64enc }} -- 2.45.3 From 7813b1540de5fdcf26c203d4699239b84d17a41b Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 7 Jan 2025 15:42:47 +0100 Subject: [PATCH 230/256] fix(stalwart-mail): add default allowed-ip for health-check --- stalwart-mail/Chart.yaml | 2 +- stalwart-mail/README.md | 3 ++- stalwart-mail/values.yaml | 2 ++ 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 23a65d9..63d66d0 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,7 +3,7 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.20 +version: 0.0.21 # renovate: image=docker.io/stalwartlabs/mail-server appVersion: "0.11.1" maintainers: diff --git a/stalwart-mail/README.md b/stalwart-mail/README.md index 8e21e27..9407581 100644 --- a/stalwart-mail/README.md +++ b/stalwart-mail/README.md @@ -7,7 +7,7 @@ description: "Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One M # stalwart-mail -![Version: 0.0.20](https://img.shields.io/badge/Version-0.0.20-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.1](https://img.shields.io/badge/AppVersion-0.11.1-informational?style=flat-square) +![Version: 0.0.21](https://img.shields.io/badge/Version-0.0.21-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.1](https://img.shields.io/badge/AppVersion-0.11.1-informational?style=flat-square) Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) @@ -89,6 +89,7 @@ helm uninstall stalwart-mail-release | config.metrics.prometheus.auth.secret | string | `"%{env:METRICS_SECRET}%"` | | | config.metrics.prometheus.auth.username | string | `"%{env:METRICS_USERNAME}%"` | | | config.metrics.prometheus.enable | bool | `true` | | +| config.server.allowed-ip."10.42.0.1/16" | string | `""` | | | config.server.listener.http.bind[0] | string | `"[::]:80"` | | | config.server.listener.http.protocol | string | `"http"` | | | config.server.listener.https.bind[0] | string | `"[::]:443"` | | diff --git a/stalwart-mail/values.yaml b/stalwart-mail/values.yaml index 30ec5c9..29efe2e 100644 --- a/stalwart-mail/values.yaml +++ b/stalwart-mail/values.yaml @@ -62,6 +62,8 @@ config: bind: ["[::]:443"] tls: implicit: true + allowed-ip: + "10.42.0.1/16": "" storage: data: "rocksdb" -- 2.45.3 From 527147cf8edf9562f372d49e71c122f28834243e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 7 Jan 2025 15:43:29 +0100 Subject: [PATCH 231/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 2df0e1c..072d21d 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.3.0 +version: 0.3.1 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2025.1.0" +appVersion: "2025.1.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index 9b41b52..9680429 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.0](https://img.shields.io/badge/AppVersion-2025.1.0-informational?style=flat-square) +![Version: 0.3.1](https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.1](https://img.shields.io/badge/AppVersion-2025.1.1-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From 59d61d8fe95ea8ea8acd023869b428fa6d8f5c75 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 7 Jan 2025 15:45:21 +0100 Subject: [PATCH 232/256] fix(matrix-synapse): update helper --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.md | 4 ++-- matrix-synapse/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 7a5263d..927b794 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.7" +version: "1.0.8" # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.121.1 maintainers: diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index 802a8cd..fa040f3 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.7](https://img.shields.io/badge/Version-1.0.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) +![Version: 1.0.8](https://img.shields.io/badge/Version-1.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) Matrix reference homeserver @@ -154,7 +154,7 @@ helm uninstall matrix-synapse-release | volumePermissions.image.pullPolicy | string | `"Always"` | | | volumePermissions.image.registry | string | `"docker.io"` | | | volumePermissions.image.repository | string | `"library/alpine"` | | -| volumePermissions.image.tag | string | `"3.21.0"` | | +| volumePermissions.image.tag | string | `"3.21.1"` | | | volumePermissions.resources | object | `{}` | | | volumePermissions.uid | int | `666` | | | wellknown.affinity | object | `{}` | | diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 7d4042f..3661bab 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -794,7 +794,7 @@ volumePermissions: image: registry: docker.io repository: library/alpine - tag: 3.21.0 + tag: 3.21.1 pullPolicy: Always ## Optionally specify an array of imagePullSecrets. -- 2.45.3 From 1dd3eeb6b2a400281d32ab462c0bbaec35dfa2d0 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 8 Jan 2025 22:18:21 +0100 Subject: [PATCH 233/256] fix(authentik-application): redirect_uris --- authentik-application/Chart.yaml | 2 +- authentik-application/README.adoc | 284 ------------------ authentik-application/README.md | 2 +- .../files/provider/oidc.yaml.gotmpl | 3 +- 4 files changed, 4 insertions(+), 287 deletions(-) delete mode 100644 authentik-application/README.adoc diff --git a/authentik-application/Chart.yaml b/authentik-application/Chart.yaml index 4820932..487396c 100644 --- a/authentik-application/Chart.yaml +++ b/authentik-application/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: authentik-application description: "A Chart to deploy a secret for the authentik blueprint-sidecar." type: application -version: "0.4.3" +version: "0.4.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/authentik-application/README.adoc b/authentik-application/README.adoc deleted file mode 100644 index 71f4efc..0000000 --- a/authentik-application/README.adoc +++ /dev/null @@ -1,284 +0,0 @@ - - -= authentik-application - -image::https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square[Version: 0.4.3] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -## Pre-Requirement -Usage of https://github.com/goauthentik/helm/pull/146 - -## or manual: -Install authentik with this `values.yaml`: -```yaml -serviceAccount: - create: true - -additionalContainers: - - name: sidecar-blueprints - image: "ghcr.io/kiwigrid/k8s-sidecar:1.25.1" - env: - - name: "FOLDER" - value: "/blueprints/sidecar" - - name: "LABEL" - value: "goauthentik_blueprint" - - name: "LABEL_VALUE" - value: "1" - # - name: "NAMESPACE" - # value: "ALL" - - name: "RESOURCE" - value: "both" - - name: "UNIQUE_FILENAMES" - value: "true" - volumeMounts: - - name: sidecar-blueprints - mountPath: /blueprints/sidecar - -volumeMounts: - - name: sidecar-blueprints - mountPath: /blueprints/sidecar - -volumes: - - name: sidecar-blueprints - emptyDir: {} -``` - -And create an Role and bind them on to the ServiceAccount to read secrets: -```yaml ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: authentik-blueprint-sidecar -rules: - - apiGroups: [""] - resources: ["configmaps", "secrets"] - verbs: ["get", "watch", "list"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: authentik-blueprint-sidecar -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: authentik-blueprint-sidecar -subjects: - - kind: ServiceAccount - name: authentik -``` - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/authentik-application ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install authentik-application-release oci://codeberg.org/wrenix/helm-charts/authentik-application --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall authentik-application-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| blueprint.application.bindPolicyID -| string -| `nil` -| uuid for bindPolicyID for group - if not set generated on secret for be stable (or groups: [] filled) - -| blueprint.application.description -| string -| `""` -| description of application - -| blueprint.application.group -| string -| `""` -| put this application in authentik in group - -| blueprint.application.icon -| string -| `""` -| icon of application (url) - -| blueprint.application.launchURL -| string -| `""` -| - -| blueprint.application.name -| string -| `""` -| application name in menu - -| blueprint.application.openInNewTab -| bool -| `false` -| open application in new tab - -| blueprint.application.policyEngineMode -| string -| `"any"` -| - -| blueprint.application.publisher -| string -| `""` -| publisher of application - -| blueprint.application.slug -| string -| `"app-name"` -| application slug - -| blueprint.authentik.domain -| string -| `"https://auth.wrenix.eu"` -| domain to authentik, used in generated url (like issuer) - -| blueprint.groups -| string -| `nil` -| authentik groups created / give access to this application disable any groups by set groups: [] (to a slice) example: - slug: "app: grafana-admin" parent: "app: infra" bindID: uuid - -| blueprint.labels -| object -| `{"goauthentik_blueprint":"1"}` -| label of generated secret with blueprint - -| blueprint.provider.authorizationFlow -| string -| `"default-provider-authorization-implicit-consent"` -| - -| blueprint.provider.enabled -| bool -| `true` -| creat an provider for authentification (otherwise just a like in menu is created) - -| blueprint.provider.name -| string -| `""` -| - -| blueprint.provider.oidc.clientID -| string -| `nil` -| client id - generated if secret enabled - -| blueprint.provider.oidc.clientSecret -| string -| `nil` -| client secret - generated if secret enabled - -| blueprint.provider.oidc.clientType -| string -| `"confidential"` -| - -| blueprint.provider.oidc.redirectURL -| string -| `""` -| - -| blueprint.provider.oidc.scopes -| string -| `nil` -| Scope - -| blueprint.provider.oidc.signingKey -| string -| `""` -| Need for non-curve / RSA - -| blueprint.provider.proxy.cookieDomain -| string -| `""` -| - -| blueprint.provider.proxy.externalHost -| string -| `nil` -| - -| blueprint.provider.proxy.ingress.annotations -| list -| `[]` -| annotations to ingress for outpost - -| blueprint.provider.proxy.ingress.backend -| string -| `"authentik"` -| service backend to authentik - -| blueprint.provider.proxy.ingress.domain -| string -| `nil` -| domain of application (where outpost should be deployed) - -| blueprint.provider.proxy.ingress.enabled -| bool -| `false` -| deploy ingress on application domain for e.g. logout (WIP) - -| blueprint.provider.proxy.ingress.tls -| list -| `[]` -| tls to ingress for outpost - -| blueprint.provider.proxy.skipPathRegex -| string -| `""` -| - -| blueprint.provider.saml -| string -| `nil` -| - -| blueprint.provider.type -| string -| `"oidc"` -| type of application connection, current support: oidc, saml and proxy - -| secret.labels -| object -| `{}` -| label of secret to store generated secret - -| secret.name -| string -| `""` -| name of secret to store generated secret (like clientI) -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] - diff --git a/authentik-application/README.md b/authentik-application/README.md index 83d2f8b..d030537 100644 --- a/authentik-application/README.md +++ b/authentik-application/README.md @@ -7,7 +7,7 @@ description: "A Chart to deploy a secret for the authentik blueprint-sidecar." # authentik-application -![Version: 0.4.3](https://img.shields.io/badge/Version-0.4.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.4.4](https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) A Chart to deploy a secret for the authentik blueprint-sidecar. diff --git a/authentik-application/files/provider/oidc.yaml.gotmpl b/authentik-application/files/provider/oidc.yaml.gotmpl index 6468f57..9c7d82d 100644 --- a/authentik-application/files/provider/oidc.yaml.gotmpl +++ b/authentik-application/files/provider/oidc.yaml.gotmpl @@ -26,7 +26,8 @@ client_type: {{ .clientType | quote }} client_id: {{ $clientID | quote }} client_secret: {{ $clientSecret | quote }} - redirect_uris: {{ .redirectURL }} + redirect_uris: + - {{ .redirectURL | quote }} {{- with .tokenDuration }} access_token_validity: {{ . | quote }} {{- end }} -- 2.45.3 From 50d64e2bfbfd984031ce6637d369b9c916cf1ac8 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 8 Jan 2025 22:33:17 +0100 Subject: [PATCH 234/256] fix(authentik-application): invalidation_flow on oidc --- authentik-application/Chart.yaml | 2 +- authentik-application/README.md | 3 ++- authentik-application/files/provider/oidc.yaml.gotmpl | 4 +++- authentik-application/values.yaml | 1 + 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/authentik-application/Chart.yaml b/authentik-application/Chart.yaml index 487396c..8a96b3e 100644 --- a/authentik-application/Chart.yaml +++ b/authentik-application/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: authentik-application description: "A Chart to deploy a secret for the authentik blueprint-sidecar." type: application -version: "0.4.4" +version: "0.4.5" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/authentik-application/README.md b/authentik-application/README.md index d030537..c91ec39 100644 --- a/authentik-application/README.md +++ b/authentik-application/README.md @@ -7,7 +7,7 @@ description: "A Chart to deploy a secret for the authentik blueprint-sidecar." # authentik-application -![Version: 0.4.4](https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) A Chart to deploy a secret for the authentik blueprint-sidecar. @@ -121,6 +121,7 @@ helm uninstall authentik-application-release | blueprint.labels | object | `{"goauthentik_blueprint":"1"}` | label of generated secret with blueprint | | blueprint.provider.authorizationFlow | string | `"default-provider-authorization-implicit-consent"` | | | blueprint.provider.enabled | bool | `true` | creat an provider for authentification (otherwise just a like in menu is created) | +| blueprint.provider.invalidationFlow | string | `"default-provider-invalidation-flow"` | | | blueprint.provider.name | string | `""` | | | blueprint.provider.oidc.clientID | string | `nil` | client id - generated if secret enabled | | blueprint.provider.oidc.clientSecret | string | `nil` | client secret - generated if secret enabled | diff --git a/authentik-application/files/provider/oidc.yaml.gotmpl b/authentik-application/files/provider/oidc.yaml.gotmpl index 9c7d82d..cc80565 100644 --- a/authentik-application/files/provider/oidc.yaml.gotmpl +++ b/authentik-application/files/provider/oidc.yaml.gotmpl @@ -22,12 +22,14 @@ state: present attrs: authorization_flow: !Find [authentik_flows.flow, [slug, {{ .Values.blueprint.provider.authorizationFlow }}]] + invalidation_flow: !Find [authentik_flows.flow, [slug, {{ .Values.blueprint.provider.invalidationFlow }}]] {{- with .Values.blueprint.provider.oidc }} client_type: {{ .clientType | quote }} client_id: {{ $clientID | quote }} client_secret: {{ $clientSecret | quote }} redirect_uris: - - {{ .redirectURL | quote }} + - matching_mode: "strict" + url: {{ .redirectURL | quote }} {{- with .tokenDuration }} access_token_validity: {{ . | quote }} {{- end }} diff --git a/authentik-application/values.yaml b/authentik-application/values.yaml index 9db23c1..b3199e5 100644 --- a/authentik-application/values.yaml +++ b/authentik-application/values.yaml @@ -16,6 +16,7 @@ blueprint: enabled: true name: "" authorizationFlow: "default-provider-authorization-implicit-consent" + invalidationFlow: "default-provider-invalidation-flow" # -- type of application connection, current support: oidc, saml and proxy type: "oidc" oidc: -- 2.45.3 From b37f6fe61547d36a094ea10043ee0050b6f35686 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 15 Jan 2025 22:06:38 +0100 Subject: [PATCH 235/256] fix(matrix-synapse): update dependencies --- matrix-synapse/Chart.lock | 8 ++++---- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.md | 6 +++--- matrix-synapse/values.yaml | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/matrix-synapse/Chart.lock b/matrix-synapse/Chart.lock index 72aca1a..d7dc37a 100644 --- a/matrix-synapse/Chart.lock +++ b/matrix-synapse/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://docker.io/bitnamicharts - version: 16.3.4 + version: 16.4.3 - name: redis repository: oci://docker.io/bitnamicharts - version: 20.6.1 -digest: sha256:665df7526ab6a366a2d588fd0269eafb28b8b798e16e2df0c61b43095aa97219 -generated: "2024-12-23T12:06:19.941471462+01:00" + version: 20.6.3 +digest: sha256:dd37b0663f93a21ea0d23e5041b48efef3cef63a051f2942eb095d1b95e63d7d +generated: "2025-01-15T22:06:14.404148475+01:00" diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index 927b794..c6c09a3 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.8" +version: "1.0.9" # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.121.1 maintainers: @@ -17,6 +17,6 @@ dependencies: repository: "oci://docker.io/bitnamicharts" condition: postgresql.enabled - name: redis - version: "20.6.1" + version: "20.6.3" repository: "oci://docker.io/bitnamicharts" condition: redis.enabled diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index fa040f3..467866e 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.8](https://img.shields.io/badge/Version-1.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) +![Version: 1.0.9](https://img.shields.io/badge/Version-1.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) Matrix reference homeserver @@ -44,7 +44,7 @@ helm uninstall matrix-synapse-release | Repository | Name | Version | |------------|------|---------| | oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | -| oci://docker.io/bitnamicharts | redis | 20.6.1 | +| oci://docker.io/bitnamicharts | redis | 20.6.3 | ## Values @@ -154,7 +154,7 @@ helm uninstall matrix-synapse-release | volumePermissions.image.pullPolicy | string | `"Always"` | | | volumePermissions.image.registry | string | `"docker.io"` | | | volumePermissions.image.repository | string | `"library/alpine"` | | -| volumePermissions.image.tag | string | `"3.21.1"` | | +| volumePermissions.image.tag | string | `"3.21.2"` | | | volumePermissions.resources | object | `{}` | | | volumePermissions.uid | int | `666` | | | wellknown.affinity | object | `{}` | | diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index 3661bab..aaa0837 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -794,7 +794,7 @@ volumePermissions: image: registry: docker.io repository: library/alpine - tag: 3.21.1 + tag: 3.21.2 pullPolicy: Always ## Optionally specify an array of imagePullSecrets. -- 2.45.3 From 9c890d23dfa301f8d9e2e84551da9332ca0b9631 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 15 Jan 2025 22:07:53 +0100 Subject: [PATCH 236/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 072d21d..460b754 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.3.1 +version: 0.3.2 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2025.1.1" +appVersion: "2025.1.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index 9680429..3fc80ec 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.3.1](https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.1](https://img.shields.io/badge/AppVersion-2025.1.1-informational?style=flat-square) +![Version: 0.3.2](https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.2](https://img.shields.io/badge/AppVersion-2025.1.2-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From e4086c91c790ec6b6dff27a9a13c17e697a8b8e5 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 15 Jan 2025 22:09:33 +0100 Subject: [PATCH 237/256] fix(forgejo-runner): updates --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.md | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 88d94e4..d9b3457 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.7" +version: "0.4.8" # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "5.0.4" +appVersion: "6.0.1" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index 3871194..b56db0f 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.7](https://img.shields.io/badge/Version-0.4.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.4](https://img.shields.io/badge/AppVersion-5.0.4-informational?style=flat-square) +![Version: 0.4.8](https://img.shields.io/badge/Version-0.4.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.0.1](https://img.shields.io/badge/AppVersion-6.0.1-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) @@ -119,7 +119,7 @@ helm uninstall forgejo-runner-release | dind.image.pullPolicy | string | `"IfNotPresent"` | | | dind.image.registry | string | `"docker.io"` | | | dind.image.repository | string | `"library/docker"` | | -| dind.image.tag | string | `"27.4.1-dind"` | | +| dind.image.tag | string | `"27.5.0-dind"` | | | extraEnvVars | list | `[]` | Additional environment variables to be set on runner container Example: extraEnvVars: - name: FOO value: "bar" | | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index cb0b17f..2802ed6 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -144,7 +144,7 @@ dind: registry: docker.io repository: library/docker pullPolicy: IfNotPresent - tag: 27.4.1-dind + tag: 27.5.0-dind kubectl: image: registry: docker.io -- 2.45.3 From 7ae56a29d3ec8a2495fcb855acdc18160772f21f Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 15 Jan 2025 22:12:12 +0100 Subject: [PATCH 238/256] fix(autopush): update dependencies redis --- autopush/Chart.lock | 6 +++--- autopush/Chart.yaml | 4 ++-- autopush/README.md | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/autopush/Chart.lock b/autopush/Chart.lock index 50a66e1..374ae78 100644 --- a/autopush/Chart.lock +++ b/autopush/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: redis repository: oci://docker.io/bitnamicharts - version: 20.6.1 -digest: sha256:c792eb1f889b58718def58d4bb80d370a1f5ddfc093e5902ab3d87441a4a769f -generated: "2025-01-03T14:55:39.364820359+01:00" + version: 20.6.3 +digest: sha256:393d6daa4bc8cdb66a7b6b34571a98e240890e994cb717e6bd2886dab67d196b +generated: "2025-01-15T22:10:56.598818643+01:00" diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index eacdf2c..a57c4f9 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.3 +version: 0.0.4 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: @@ -12,6 +12,6 @@ maintainers: dependencies: - name: redis - version: "20.6.1" + version: "20.6.3" repository: "oci://docker.io/bitnamicharts" condition: redis.internal diff --git a/autopush/README.md b/autopush/README.md index f0613d5..997d018 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.3](https://img.shields.io/badge/Version-0.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.4](https://img.shields.io/badge/Version-0.0.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -57,7 +57,7 @@ helm uninstall autopush-release | Repository | Name | Version | |------------|------|---------| -| oci://docker.io/bitnamicharts | redis | 20.6.1 | +| oci://docker.io/bitnamicharts | redis | 20.6.3 | ## Values -- 2.45.3 From 4e6de7e2bbbd32a9cac543323537918060c0df48 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 15 Jan 2025 22:12:16 +0100 Subject: [PATCH 239/256] fix(pretix): update dependencies redis --- pretix/Chart.lock | 8 ++++---- pretix/Chart.yaml | 4 ++-- pretix/README.md | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/pretix/Chart.lock b/pretix/Chart.lock index ea43fe0..d8fae94 100644 --- a/pretix/Chart.lock +++ b/pretix/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: postgresql repository: oci://docker.io/bitnamicharts - version: 16.3.4 + version: 16.4.3 - name: redis repository: oci://docker.io/bitnamicharts - version: 20.6.1 -digest: sha256:665df7526ab6a366a2d588fd0269eafb28b8b798e16e2df0c61b43095aa97219 -generated: "2024-12-23T12:06:39.521620501+01:00" + version: 20.6.3 +digest: sha256:dd37b0663f93a21ea0d23e5041b48efef3cef63a051f2942eb095d1b95e63d7d +generated: "2025-01-15T22:10:16.363478706+01:00" diff --git a/pretix/Chart.yaml b/pretix/Chart.yaml index 6b5833e..ae5420a 100644 --- a/pretix/Chart.yaml +++ b/pretix/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: pretix description: Reinventing ticket presales, one ticket at a time. type: application -version: 0.1.2 +version: 0.1.3 # renovate: image=docker.io/pretix/standalone appVersion: "2024.11.0" keywords: @@ -20,6 +20,6 @@ dependencies: repository: "oci://docker.io/bitnamicharts" condition: postgresql.enabled - name: redis - version: "20.6.1" + version: "20.6.3" repository: "oci://docker.io/bitnamicharts" condition: redis.enabled diff --git a/pretix/README.md b/pretix/README.md index 62bb464..d322cb9 100644 --- a/pretix/README.md +++ b/pretix/README.md @@ -7,7 +7,7 @@ description: "Reinventing ticket presales, one ticket at a time." # pretix -![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -50,7 +50,7 @@ helm uninstall pretix-release | Repository | Name | Version | |------------|------|---------| | oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | -| oci://docker.io/bitnamicharts | redis | 20.6.1 | +| oci://docker.io/bitnamicharts | redis | 20.6.3 | ## Values @@ -154,7 +154,7 @@ helm uninstall pretix-release Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) # pretix -![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -175,7 +175,7 @@ Reinventing ticket presales, one ticket at a time. | Repository | Name | Version | |------------|------|---------| | oci://docker.io/bitnamicharts | postgresql | ^16.3.1 | -| oci://docker.io/bitnamicharts | redis | 20.6.1 | +| oci://docker.io/bitnamicharts | redis | 20.6.3 | ## Values -- 2.45.3 From e5099620cdd660e8971fe5b704ef6409459c8ebe Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 16 Jan 2025 15:38:52 +0100 Subject: [PATCH 240/256] fix(autopush): add first prometheus rules --- autopush/Chart.yaml | 2 +- autopush/README.md | 7 ++++- autopush/templates/prometheus-rules.yaml | 38 ++++++++++++++++++++++++ autopush/values.yaml | 7 +++++ 4 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 autopush/templates/prometheus-rules.yaml diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index a57c4f9..4f826d7 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.4 +version: 0.0.5 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index 997d018..fcf6fc7 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.4](https://img.shields.io/badge/Version-0.0.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.5](https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -123,6 +123,11 @@ helm uninstall autopush-release | prometheus.readinessProbe.httpGet.path | string | `"/"` | | | prometheus.readinessProbe.httpGet.port | string | `"metrics"` | | | prometheus.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | +| prometheus.rules.additionalRules | list | `[]` | | +| prometheus.rules.default.alertLabels | object | `{}` | | +| prometheus.rules.default.enabled | bool | `true` | | +| prometheus.rules.enabled | bool | `false` | | +| prometheus.rules.labels | object | `{}` | | | prometheus.securityContext | object | `{}` | securityContext capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 | | prometheus.servicemonitor.enabled | bool | `false` | | | prometheus.servicemonitor.labels | object | `{}` | | diff --git a/autopush/templates/prometheus-rules.yaml b/autopush/templates/prometheus-rules.yaml new file mode 100644 index 0000000..c7d1b34 --- /dev/null +++ b/autopush/templates/prometheus-rules.yaml @@ -0,0 +1,38 @@ +{{- if and .Values.prometheus.rules.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ include "autopush.fullname" . }} + labels: + {{- include "autopush.labels" . | nindent 4 }} + {{- with .Values.prometheus.rules.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + groups: + {{- if .Values.prometheus.rules.default.enabled }} + - name: {{ template "autopush.fullname" . }}-Endpoint + rules: + - alert: "autopush: No Subscription API Error" + expr: 'sum(increase(autoendpoint_api_error_no_subscription{}[1h])) without (container,endpoint,pod,instance) > 0' + for: 5m + labels: + severity: critical + {{- with .Values.prometheus.rules.default.alertLabels }} + {{- toYaml . | nindent 12 }} + {{- end }} + annotations: + {{` + summary: "autoendpoint: No Subscription API Error in {{ $labels.namespace }}/{{ $labels.job }} increate in the last hour" + `}} + {{/* + - name: {{ template "autopush.fullname" . }}-Push + rules: + */}} + {{- end }} + {{- with .Values.prometheus.rules.additionalRules }} + - name: {{ template "autopush.fullname" $ }}-Additional + rules: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/autopush/values.yaml b/autopush/values.yaml index ac0fabc..7ce041f 100644 --- a/autopush/values.yaml +++ b/autopush/values.yaml @@ -30,6 +30,13 @@ prometheus: servicemonitor: enabled: false labels: {} + rules: + enabled: false + labels: {} + default: + enabled: true + alertLabels: {} + additionalRules: [] image: registry: docker.io -- 2.45.3 From d2e147987b6c0f9fc3610d6c26f3a9153886141a Mon Sep 17 00:00:00 2001 From: WrenIX Date: Thu, 16 Jan 2025 17:22:01 +0100 Subject: [PATCH 241/256] fix(autopush): add grafana dashboards (first draft) --- autopush/Chart.yaml | 2 +- autopush/README.md | 7 +- autopush/grafana_dashboards/overview.json | 355 ++++++++++++++++++ .../configmap_grafana_dashboards.yaml | 14 + autopush/values.yaml | 18 +- 5 files changed, 386 insertions(+), 10 deletions(-) create mode 100644 autopush/grafana_dashboards/overview.json create mode 100644 autopush/templates/configmap_grafana_dashboards.yaml diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index 4f826d7..23c3d26 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.5 +version: 0.0.6 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index fcf6fc7..a92269b 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.5](https://img.shields.io/badge/Version-0.0.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.6](https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -70,7 +70,7 @@ helm uninstall autopush-release | autoconnect.image.tag | string | `"latest"` | | | autoconnect.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | | autoconnect.nodeSelector | object | `{}` | | -| autoconnect.podAnnotations | object | `{}` | This is for setting Kubernetes Annotations to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ | +| autoconnect.podAnnotations | object | `{}` | This is for setting Kubernetes Annotations to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ | | autoconnect.podLabels | object | `{}` | This is for setting Kubernetes Labels to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ | | autoconnect.podSecurityContext | object | `{}` | | | autoconnect.readinessProbe.httpGet.path | string | `"/health"` | | @@ -107,6 +107,9 @@ helm uninstall autopush-release | fullnameOverride | string | `""` | | | global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy | | global.image.registry | string | `nil` | if set it will overwrite all registry entries | +| grafana.dashboards.annotations | object | `{}` | | +| grafana.dashboards.enabled | bool | `false` | | +| grafana.dashboards.labels.grafana_dashboard | string | `"1"` | | | imagePullSecrets | list | `[]` | This is for the secretes for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ | | ingress.annotations | object | `{}` | | | ingress.className | string | `""` | | diff --git a/autopush/grafana_dashboards/overview.json b/autopush/grafana_dashboards/overview.json new file mode 100644 index 0000000..f0c0390 --- /dev/null +++ b/autopush/grafana_dashboards/overview.json @@ -0,0 +1,355 @@ +{ + "annotations": { + "list": [ + { + "builtIn": 1, + "datasource": { + "type": "grafana", + "uid": "-- Grafana --" + }, + "enable": true, + "hide": true, + "iconColor": "rgba(0, 211, 255, 1)", + "name": "Annotations & Alerts", + "type": "dashboard" + } + ] + }, + "editable": true, + "fiscalYearStartMonth": 0, + "graphTooltip": 0, + "links": [], + "panels": [ + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 0 + }, + "id": 4, + "panels": [], + "title": "Push", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + } + }, + "mappings": [] + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 9, + "x": 0, + "y": 1 + }, + "id": 1, + "options": { + "legend": { + "displayMode": "list", + "placement": "bottom", + "showLegend": true, + "values": [ + "percent" + ] + }, + "pieType": "pie", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.4.0", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum(increase(autopush_notification_message_retrieved{namespace=~\"$namespace\"}[$__range])) without (container,endpoint,instance,pod,job,service)", + "legendFormat": "Retrieved: {{namespace}}", + "range": true, + "refId": "A" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum(increase(autopush_notification_message_deleted{namespace=~\"$namespace\"}[$__range])) without (container,endpoint,instance,pod,job,service)", + "hide": false, + "instant": false, + "legendFormat": "Deleted: {{namespace}}", + "range": true, + "refId": "B" + } + ], + "title": "Notification Message", + "transparent": true, + "type": "piechart" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + } + }, + "mappings": [] + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 8, + "x": 10, + "y": 1 + }, + "id": 2, + "options": { + "legend": { + "displayMode": "list", + "placement": "right", + "showLegend": true, + "values": [ + "percent" + ] + }, + "pieType": "pie", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.4.0", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum(increase(autopush_ua_notification_sent{namespace=~\"$namespace\"}[$__range])) without (container,endpoint,instance,pod,job,service)", + "hide": false, + "instant": false, + "legendFormat": "OS: {{namespace}}/{{os}}", + "range": true, + "refId": "A" + } + ], + "title": "UA Notify Send", + "transparent": true, + "type": "piechart" + }, + { + "collapsed": false, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 9 + }, + "id": 5, + "panels": [], + "title": "Endpoint", + "type": "row" + }, + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "fieldConfig": { + "defaults": { + "color": { + "mode": "palette-classic" + }, + "custom": { + "axisBorderShow": false, + "axisCenteredZero": false, + "axisColorMode": "text", + "axisLabel": "", + "axisPlacement": "auto", + "barAlignment": 0, + "barWidthFactor": 0.6, + "drawStyle": "line", + "fillOpacity": 0, + "gradientMode": "none", + "hideFrom": { + "legend": false, + "tooltip": false, + "viz": false + }, + "insertNulls": false, + "lineInterpolation": "linear", + "lineWidth": 1, + "pointSize": 5, + "scaleDistribution": { + "type": "linear" + }, + "showPoints": "auto", + "spanNulls": false, + "stacking": { + "group": "A", + "mode": "none" + }, + "thresholdsStyle": { + "mode": "off" + } + }, + "mappings": [], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "green", + "value": null + }, + { + "color": "red", + "value": 80 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 8, + "w": 12, + "x": 0, + "y": 10 + }, + "id": 3, + "options": { + "legend": { + "calcs": [], + "displayMode": "list", + "placement": "bottom", + "showLegend": true + }, + "tooltip": { + "mode": "single", + "sort": "none" + } + }, + "pluginVersion": "11.4.0", + "targets": [ + { + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "editorMode": "code", + "expr": "sum(increase(autoendpoint_api_error_no_subscription{namespace=~\"$namespace\"}[$__range])) without(container,endpoint,instance,pod,service,job)", + "legendFormat": "__auto", + "range": true, + "refId": "A" + } + ], + "title": "No Subscription API Error", + "transparent": true, + "type": "timeseries" + } + ], + "preload": false, + "refresh": "", + "schemaVersion": 40, + "tags": [], + "templating": { + "list": [ + { + "current": { + "text": "Prometheus", + "value": "prometheus" + }, + "label": "datasource", + "name": "DS_PROMETHEUS", + "options": [], + "query": "prometheus", + "refresh": 1, + "regex": "", + "type": "datasource" + }, + { + "current": { + "text": [ + "chaos-autopush" + ], + "value": [ + "chaos-autopush" + ] + }, + "datasource": { + "type": "prometheus", + "uid": "${DS_PROMETHEUS}" + }, + "definition": "label_values(statsd_exporter_build_info,namespace)", + "includeAll": true, + "multi": true, + "name": "namespace", + "options": [], + "query": { + "qryType": 1, + "query": "label_values(statsd_exporter_build_info,namespace)", + "refId": "PrometheusVariableQueryEditor-VariableQuery" + }, + "refresh": 1, + "regex": "", + "type": "query" + } + ] + }, + "time": { + "from": "now-24h", + "to": "now" + }, + "timepicker": {}, + "timezone": "browser", + "title": "Autopush: Overview", + "version": 0, + "weekStart": "" +} diff --git a/autopush/templates/configmap_grafana_dashboards.yaml b/autopush/templates/configmap_grafana_dashboards.yaml new file mode 100644 index 0000000..0b8850c --- /dev/null +++ b/autopush/templates/configmap_grafana_dashboards.yaml @@ -0,0 +1,14 @@ +{{- if .Values.grafana.dashboards.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "autopush.fullname" . }}-grafana-dashboards + labels: + {{- include "autopush.labels" . | nindent 4 }} + {{- toYaml .Values.grafana.dashboards.labels | nindent 4 }} + annotations: + {{- toYaml .Values.grafana.dashboards.annotations | nindent 4 }} +data: + {{- (.Files.Glob "grafana_dashboards/*.json" ).AsConfig | nindent 2 }} +{{- end }} diff --git a/autopush/values.yaml b/autopush/values.yaml index 7ce041f..11e251a 100644 --- a/autopush/values.yaml +++ b/autopush/values.yaml @@ -12,8 +12,6 @@ nameOverride: "" fullnameOverride: "" - - config: logs: # -- set log level of autopush @@ -81,6 +79,13 @@ prometheus: # readOnly: true volumeMounts: [] +grafana: + dashboards: + enabled: false + labels: + grafana_dashboard: "1" + annotations: {} + ## This configuration is for the internal Redis that's deployed for use with ## workers/sharding, for an external Redis server you want to set enabled to ## false and configure the externalRedis block. @@ -96,7 +101,7 @@ redis: password: autopush # -- Or use existing secret with "redis-password" key instead of static password - existingSecret: + existingSecret: external: host: redis port: 6379 @@ -114,7 +119,6 @@ redis: port: 6379 - autoconnect: # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ replicaCount: 1 @@ -124,7 +128,7 @@ autoconnect: pullPolicy: IfNotPresent tag: latest # -- This is for setting Kubernetes Annotations to a Pod. - # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ podAnnotations: {} # -- This is for setting Kubernetes Labels to a Pod. # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ @@ -193,7 +197,7 @@ autoendpoint: tag: latest # This is for setting Kubernetes Annotations to a Pod. - # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ podAnnotations: {} # This is for setting Kubernetes Labels to a Pod. # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ @@ -252,7 +256,7 @@ autoendpoint: volumeMounts: [] -#This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ +# This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ serviceAccount: # Specifies whether a service account should be created create: true -- 2.45.3 From 6a13f3072b3526b1abb6d1c197647b75e5524a49 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 17 Jan 2025 23:41:46 +0100 Subject: [PATCH 242/256] fix(matrix-synapse): update appVersion --- matrix-synapse/Chart.yaml | 4 ++-- matrix-synapse/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index c6c09a3..bc640ab 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,9 +4,9 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.9" +version: "1.0.10" # renovate: image=ghcr.io/element-hq/synapse -appVersion: 1.121.1 +appVersion: 1.122.0 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index 467866e..16517fb 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.9](https://img.shields.io/badge/Version-1.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.121.1](https://img.shields.io/badge/AppVersion-1.121.1-informational?style=flat-square) +![Version: 1.0.10](https://img.shields.io/badge/Version-1.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.122.0](https://img.shields.io/badge/AppVersion-1.122.0-informational?style=flat-square) Matrix reference homeserver -- 2.45.3 From 679f8f54ad2672ed2cf8fd7faf1bf368ab296efe Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 17 Jan 2025 23:42:56 +0100 Subject: [PATCH 243/256] fix(forgejo-runner): update dependencies kubectl --- forgejo-runner/Chart.yaml | 2 +- forgejo-runner/README.md | 4 ++-- forgejo-runner/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index d9b3457..8ed9b65 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.8" +version: "0.4.9" # renovate: image=code.forgejo.org/forgejo/runner appVersion: "6.0.1" maintainers: diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index b56db0f..b62df46 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.8](https://img.shields.io/badge/Version-0.4.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.0.1](https://img.shields.io/badge/AppVersion-6.0.1-informational?style=flat-square) +![Version: 0.4.9](https://img.shields.io/badge/Version-0.4.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.0.1](https://img.shields.io/badge/AppVersion-6.0.1-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) @@ -130,7 +130,7 @@ helm uninstall forgejo-runner-release | kubectl.image.pullPolicy | string | `"IfNotPresent"` | | | kubectl.image.registry | string | `"docker.io"` | | | kubectl.image.repository | string | `"bitnami/kubectl"` | | -| kubectl.image.tag | string | `"1.32.0"` | | +| kubectl.image.tag | string | `"1.32.1"` | | | nameOverride | string | `""` | | | nodeSelector | object | `{}` | | | podAnnotations | object | `{}` | | diff --git a/forgejo-runner/values.yaml b/forgejo-runner/values.yaml index 2802ed6..215c73c 100644 --- a/forgejo-runner/values.yaml +++ b/forgejo-runner/values.yaml @@ -150,7 +150,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.32.0 + tag: 1.32.1 serviceAccount: # Specifies whether a service account should be created -- 2.45.3 From 8afa8af7bd0fb3ea2a5df5416b7df3230df97e39 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 17 Jan 2025 23:42:59 +0100 Subject: [PATCH 244/256] fix(ntfy): update dependencies kubectl --- ntfy/Chart.yaml | 2 +- ntfy/README.md | 4 ++-- ntfy/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ntfy/Chart.yaml b/ntfy/Chart.yaml index 032b8cf..43d3f8c 100644 --- a/ntfy/Chart.yaml +++ b/ntfy/Chart.yaml @@ -3,7 +3,7 @@ name: ntfy description: A Helm chart for Kubernetes icon: https://github.com/binwiederhier/ntfy/raw/main/web/public/static/images/pwa-512x512.png type: application -version: "0.4.8" +version: "0.4.9" # renovate: image=docker.io/binwiederhier/ntfy appVersion: "2.11.0" maintainers: diff --git a/ntfy/README.md b/ntfy/README.md index b88c448..e325dda 100644 --- a/ntfy/README.md +++ b/ntfy/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # ntfy -![Version: 0.4.8](https://img.shields.io/badge/Version-0.4.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) +![Version: 0.4.9](https://img.shields.io/badge/Version-0.4.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.11.0](https://img.shields.io/badge/AppVersion-2.11.0-informational?style=flat-square) A Helm chart for Kubernetes @@ -65,7 +65,7 @@ helm uninstall ntfy-release | ingress.hosts[0].paths[0].path | string | `"/"` | | | ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | | ingress.tls | list | `[]` | | -| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.32.0"}` | image needed for setup (store generated VAPID / WebPush keys) | +| kubectl.image | object | `{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"bitnami/kubectl","tag":"1.32.1"}` | image needed for setup (store generated VAPID / WebPush keys) | | nameOverride | string | `""` | | | networkPolicy.egress.enabled | bool | `true` | activate egress no networkpolicy | | networkPolicy.egress.extra | list | `[]` | egress rules | diff --git a/ntfy/values.yaml b/ntfy/values.yaml index 10e51ec..4206140 100644 --- a/ntfy/values.yaml +++ b/ntfy/values.yaml @@ -16,7 +16,7 @@ kubectl: registry: docker.io repository: bitnami/kubectl pullPolicy: IfNotPresent - tag: 1.32.0 + tag: 1.32.1 imagePullSecrets: [] nameOverride: "" -- 2.45.3 From 76fd94a39e4405eff1ed1bf07b64f629fe225d98 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 17 Jan 2025 23:45:14 +0100 Subject: [PATCH 245/256] fix(stalwart-mail): update appVersion --- stalwart-mail/Chart.yaml | 4 ++-- stalwart-mail/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 63d66d0..3c0cd1f 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.21 +version: 0.0.22 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.11.1" +appVersion: "0.11.2" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.md b/stalwart-mail/README.md index 9407581..caf25e1 100644 --- a/stalwart-mail/README.md +++ b/stalwart-mail/README.md @@ -7,7 +7,7 @@ description: "Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One M # stalwart-mail -![Version: 0.0.21](https://img.shields.io/badge/Version-0.0.21-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.1](https://img.shields.io/badge/AppVersion-0.11.1-informational?style=flat-square) +![Version: 0.0.22](https://img.shields.io/badge/Version-0.0.22-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.2](https://img.shields.io/badge/AppVersion-0.11.2-informational?style=flat-square) Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) -- 2.45.3 From de8e16c4de58f9f1512fdc593b2e3b175883a335 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 17 Jan 2025 23:54:12 +0100 Subject: [PATCH 246/256] fix(mautrix-bridge): update signal --- mautrix-bridge/Chart.yaml | 2 +- mautrix-bridge/README.md | 2 +- .../bridge-values/signal/values.yaml | 2 +- mautrix-bridge/values.yaml | 34 +++++++++---------- 4 files changed, 20 insertions(+), 20 deletions(-) diff --git a/mautrix-bridge/Chart.yaml b/mautrix-bridge/Chart.yaml index 1ac228b..8793e12 100644 --- a/mautrix-bridge/Chart.yaml +++ b/mautrix-bridge/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mautrix-bridge description: A Matrix puppeting bridge mautrix. type: application -version: 0.0.15 +version: 0.0.16 maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/mautrix-bridge/README.md b/mautrix-bridge/README.md index 0a31bdd..e87da16 100644 --- a/mautrix-bridge/README.md +++ b/mautrix-bridge/README.md @@ -7,7 +7,7 @@ description: "A Matrix puppeting bridge mautrix." # mautrix-bridge -![Version: 0.0.15](https://img.shields.io/badge/Version-0.0.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.0.16](https://img.shields.io/badge/Version-0.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) A Matrix puppeting bridge mautrix. diff --git a/mautrix-bridge/bridge-values/signal/values.yaml b/mautrix-bridge/bridge-values/signal/values.yaml index eddff59..629a640 100644 --- a/mautrix-bridge/bridge-values/signal/values.yaml +++ b/mautrix-bridge/bridge-values/signal/values.yaml @@ -1,6 +1,6 @@ image: repository: mautrix/signal - tag: "v0.7.4" + tag: "v0.7.5" config: bridge: diff --git a/mautrix-bridge/values.yaml b/mautrix-bridge/values.yaml index e7a25ea..76ff0e6 100644 --- a/mautrix-bridge/values.yaml +++ b/mautrix-bridge/values.yaml @@ -97,7 +97,7 @@ config: # This has all the Sender variables available under message_formats (but without the .Sender prefix). # Note that you need to manually remove the displayname from message_formats above. displayname_format: "{{ .DisambiguatedName }}" - + # -- Permissions for using the bridge. # Permitted values: # relay - Talk through the relaybot (if enabled), no access otherwise @@ -160,7 +160,7 @@ config: # -- How often should the websocket be pinged? Pinging will be disabled if this is zero. ping_interval_seconds: 0 - + # Application service host/registration related details. # Changing these values requires regeneration of the registration. appservice: @@ -211,7 +211,7 @@ config: # -- Whether or not created rooms should have federation enabled. # If false, created portal rooms will never be federated. federate_rooms: true - + # Settings for provisioning API provisioning: # -- Prefix for the provisioning API paths. @@ -274,23 +274,23 @@ config: unread_hours_threshold: 720 # Settings for backfilling threads within other backfills. threads: - # -- Maximum number of messages to backfill in a new thread. - max_initial_messages: 50 + # -- Maximum number of messages to backfill in a new thread. + max_initial_messages: 50 # Settings for the backwards backfill queue. This only applies when connecting to # Beeper as standard Matrix servers don't support inserting messages into history. queue: - # -- Should the backfill queue be enabled? - enabled: false - # -- Number of messages to backfill in one batch. - batch_size: 100 - # -- Delay between batches in seconds. - batch_delay: 20 - # -- Maximum number of batches to backfill per portal. - # If set to -1, all available messages will be backfilled. - max_batches: -1 - # -- Optional network-specific overrides for max batches. - # Interpretation of this field depends on the network connector. - max_batches_override: {} + # -- Should the backfill queue be enabled? + enabled: false + # -- Number of messages to backfill in one batch. + batch_size: 100 + # -- Delay between batches in seconds. + batch_delay: 20 + # -- Maximum number of batches to backfill per portal. + # If set to -1, all available messages will be backfilled. + max_batches: -1 + # -- Optional network-specific overrides for max batches. + # Interpretation of this field depends on the network connector. + max_batches_override: {} # Settings for enabling double puppeting -- 2.45.3 From fa40436ef093e25a26b76378303f06d15cb85c94 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 18 Jan 2025 00:55:41 +0100 Subject: [PATCH 247/256] fix(stalwart-mail): update AppVersion after fix https://github.com/stalwartlabs/mail-server/issues/1104 --- stalwart-mail/Chart.yaml | 4 ++-- stalwart-mail/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/stalwart-mail/Chart.yaml b/stalwart-mail/Chart.yaml index 3c0cd1f..88b95e4 100644 --- a/stalwart-mail/Chart.yaml +++ b/stalwart-mail/Chart.yaml @@ -3,9 +3,9 @@ name: stalwart-mail description: Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) icon: https://stalw.art/img/apple-touch-icon.png type: application -version: 0.0.22 +version: 0.0.23 # renovate: image=docker.io/stalwartlabs/mail-server -appVersion: "0.11.2" +appVersion: "0.11.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/stalwart-mail/README.md b/stalwart-mail/README.md index caf25e1..14abf7d 100644 --- a/stalwart-mail/README.md +++ b/stalwart-mail/README.md @@ -7,7 +7,7 @@ description: "Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One M # stalwart-mail -![Version: 0.0.22](https://img.shields.io/badge/Version-0.0.22-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.2](https://img.shields.io/badge/AppVersion-0.11.2-informational?style=flat-square) +![Version: 0.0.23](https://img.shields.io/badge/Version-0.0.23-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.11.3](https://img.shields.io/badge/AppVersion-0.11.3-informational?style=flat-square) Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IMAP, JMAP, SMTP) -- 2.45.3 From ff40a7f712f03536504b3d44ba7c33af957c5559 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 18 Jan 2025 14:56:51 +0100 Subject: [PATCH 248/256] fix(autopush): redis to persistence --- autopush/Chart.yaml | 2 +- autopush/README.md | 9 ++++++--- autopush/values.yaml | 13 ++++++++++--- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index 23c3d26..828f7a1 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.6 +version: 0.0.7 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index a92269b..6100cf5 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.6](https://img.shields.io/badge/Version-0.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.7](https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -137,16 +137,19 @@ helm uninstall autopush-release | prometheus.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | redis.architecture | string | `"standalone"` | | | redis.auth.enabled | bool | `true` | | +| redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | | redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | +| redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | | redis.auth.password | string | `"autopush"` | XXX Change me! | | redis.dbid | int | `0` | Database ID for non-default database | | redis.external.existingSecretPasswordKey | string | `"redis-password"` | Password key to be retrieved from existing secret | | redis.external.host | string | `"redis"` | | | redis.external.port | int | `6379` | | +| redis.global.storageClass | string | `""` | | | redis.internal | bool | `true` | | -| redis.master.kind | string | `"Deployment"` | | -| redis.master.persistence.enabled | bool | `false` | | +| redis.master.persistence.enabled | bool | `true` | | | redis.master.service.port | int | `6379` | | +| redis.replica.persistence.enabled | bool | `true` | | | serviceAccount.annotations | object | `{}` | | | serviceAccount.automount | bool | `true` | | | serviceAccount.create | bool | `true` | | diff --git a/autopush/values.yaml b/autopush/values.yaml index 11e251a..2a51115 100644 --- a/autopush/values.yaml +++ b/autopush/values.yaml @@ -99,6 +99,10 @@ redis: enabled: true # -- XXX Change me! password: autopush + # -- name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time + existingSecret: "" + # -- Password key to be retrieved from existing secret + existingSecretPasswordKey: "" # -- Or use existing secret with "redis-password" key instead of static password existingSecret: @@ -111,13 +115,16 @@ redis: architecture: standalone + global: + storageClass: "" master: - kind: Deployment persistence: - enabled: false + enabled: true service: port: 6379 - + replica: + persistence: + enabled: true autoconnect: # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ -- 2.45.3 From b8969440b7ee1fb38dc04302f34956efb5cf5e57 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 18 Jan 2025 14:56:55 +0100 Subject: [PATCH 249/256] fix(matrix-synapse): redis to persistence --- matrix-synapse/Chart.yaml | 2 +- matrix-synapse/README.md | 12 ++++++++---- matrix-synapse/values.yaml | 24 +++++++++++++----------- 3 files changed, 22 insertions(+), 16 deletions(-) diff --git a/matrix-synapse/Chart.yaml b/matrix-synapse/Chart.yaml index bc640ab..bffccdb 100644 --- a/matrix-synapse/Chart.yaml +++ b/matrix-synapse/Chart.yaml @@ -4,7 +4,7 @@ name: matrix-synapse description: Matrix reference homeserver icon: https://matrix.org/images/matrix-logo.svg type: application -version: "1.0.10" +version: "1.0.11" # renovate: image=ghcr.io/element-hq/synapse appVersion: 1.122.0 maintainers: diff --git a/matrix-synapse/README.md b/matrix-synapse/README.md index 16517fb..fc5347e 100644 --- a/matrix-synapse/README.md +++ b/matrix-synapse/README.md @@ -7,7 +7,7 @@ description: "Matrix reference homeserver" # matrix-synapse -![Version: 1.0.10](https://img.shields.io/badge/Version-1.0.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.122.0](https://img.shields.io/badge/AppVersion-1.122.0-informational?style=flat-square) +![Version: 1.0.11](https://img.shields.io/badge/Version-1.0.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.122.0](https://img.shields.io/badge/AppVersion-1.122.0-informational?style=flat-square) Matrix reference homeserver @@ -111,11 +111,15 @@ helm uninstall matrix-synapse-release | publicServerName | string | `nil` | The public Matrix server name, this will be used for any public URLs in config as well as for client API links in the ingress. | | redis.architecture | string | `"standalone"` | | | redis.auth.enabled | bool | `true` | | -| redis.auth.password | string | `"synapse"` | | +| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | +| redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | +| redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | +| redis.auth.password | string | `"synapse"` | XXX Change me! | | redis.enabled | bool | `true` | | -| redis.master.kind | string | `"Deployment"` | | -| redis.master.persistence.enabled | bool | `false` | | +| redis.global.storageClass | string | `""` | | +| redis.master.persistence.enabled | bool | `true` | | | redis.master.service.port | int | `6379` | | +| redis.replica.persistence.enabled | bool | `true` | | | serverName | string | `nil` | The Matrix domain name, this is what will be used for the domain part in your MXIDs. | | service.port | int | `8008` | | | service.targetPort | string | `"http"` | | diff --git a/matrix-synapse/values.yaml b/matrix-synapse/values.yaml index aaa0837..1343b15 100644 --- a/matrix-synapse/values.yaml +++ b/matrix-synapse/values.yaml @@ -721,25 +721,27 @@ redis: auth: enabled: true - # XXX Change me! + # -- XXX Change me! password: synapse + # -- name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time + existingSecret: "" + # -- Password key to be retrieved from existing secret + existingSecretPasswordKey: "" - ## Or use existing secret with "redis-password" key - ## instead of static password - ## - # existingSecret: redis-secret + # -- Or use existing secret with "redis-password" key instead of static password + existingSecret: architecture: standalone + global: + storageClass: "" master: - kind: Deployment persistence: - ## Note that Synapse only uses redis as a synchronization utility, so no - ## data will ever need to be persisted. - ## - enabled: false + enabled: true service: port: 6379 - + replica: + persistence: + enabled: true ## An externally configured Redis server to use for workers/sharding. ## externalRedis: -- 2.45.3 From e2052a56ff3fe219f48fcf99c2e92a3ddeeee466 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sat, 18 Jan 2025 14:56:59 +0100 Subject: [PATCH 250/256] fix(pretix): redis to persistence --- pretix/Chart.yaml | 2 +- pretix/README.md | 44 ++++++++++++++++++++++++++++---------------- pretix/values.yaml | 35 ++++++++++++++++++++++++----------- 3 files changed, 53 insertions(+), 28 deletions(-) diff --git a/pretix/Chart.yaml b/pretix/Chart.yaml index ae5420a..05e3379 100644 --- a/pretix/Chart.yaml +++ b/pretix/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: pretix description: Reinventing ticket presales, one ticket at a time. type: application -version: 0.1.3 +version: 0.1.4 # renovate: image=docker.io/pretix/standalone appVersion: "2024.11.0" keywords: diff --git a/pretix/README.md b/pretix/README.md index d322cb9..97bfc7e 100644 --- a/pretix/README.md +++ b/pretix/README.md @@ -7,7 +7,7 @@ description: "Reinventing ticket presales, one ticket at a time." # pretix -![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -62,8 +62,8 @@ helm uninstall pretix-release | autoscaling.minReplicas | int | `1` | | | autoscaling.targetCPUUtilizationPercentage | int | `80` | | | cronSchedule | string | `"*/30 * * * *"` | | -| env.PRETIX_CELERY_BACKEND | string | `"redis://pretix-redis-master/1"` | | -| env.PRETIX_CELERY_BROKER | string | `"redis://pretix-redis-master/2"` | | +| env.PRETIX_CELERY_BACKEND | string | `"redis://:changeme@pretix-redis-master/1"` | | +| env.PRETIX_CELERY_BROKER | string | `"redis://:changeme@pretix-redis-master/2"` | | | env.PRETIX_DATABASE_BACKEND | string | `"postgresql"` | | | env.PRETIX_DATABASE_HOST | string | `"pretix-postgresql"` | | | env.PRETIX_DATABASE_NAME | string | `"pretix"` | | @@ -81,10 +81,10 @@ helm uninstall pretix-release | env.PRETIX_PRETIX_CURRENCY | string | `"EUR"` | | | env.PRETIX_PRETIX_DATADIR | string | `"/data"` | | | env.PRETIX_PRETIX_INSTANCE_NAME | string | `"Pretix Helm"` | | -| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | string | `"on"` | | -| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | string | `"on"` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | bool | `true` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | bool | `true` | | | env.PRETIX_PRETIX_URL | string | `"http://localhost"` | | -| env.PRETIX_REDIS_LOCATION | string | `"redis://pretix-redis-master/0"` | | +| env.PRETIX_REDIS_LOCATION | string | `"redis://:changeme@pretix-redis-master/0"` | | | env.PRETIX_REDIS_SESSIONS | bool | `true` | | | fullnameOverride | string | `""` | | | grafana.dashboards.annotations | object | `{}` | | @@ -129,14 +129,20 @@ helm uninstall pretix-release | prometheus.servicemonitor.enabled | bool | `false` | broken, Host need to be localhost on request (instatt of ip) needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003 | | prometheus.servicemonitor.interval | string | `nil` | interval | | prometheus.servicemonitor.labels | object | `{}` | | -| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout | +| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout | | readinessProbe.httpGet.httpHeaders[0].name | string | `"host"` | | | readinessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | | | readinessProbe.httpGet.path | string | `"/healthcheck/"` | | | readinessProbe.httpGet.port | string | `"http"` | | | redis.architecture | string | `"standalone"` | | -| redis.auth.enabled | bool | `false` | | +| redis.auth.enabled | bool | `true` | | +| redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | +| redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | +| redis.auth.password | string | `"changeme"` | | | redis.enabled | bool | `true` | | +| redis.global.storageClass | string | `""` | | +| redis.master.persistence.enabled | bool | `true` | | +| redis.replica.persistence.enabled | bool | `true` | | | replicas.taskworker | int | `1` | | | replicas.web | int | `1` | | | resources | object | `{}` | | @@ -154,7 +160,7 @@ helm uninstall pretix-release Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) # pretix -![Version: 0.1.3](https://img.shields.io/badge/Version-0.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) +![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.11.0](https://img.shields.io/badge/AppVersion-2024.11.0-informational?style=flat-square) Reinventing ticket presales, one ticket at a time. @@ -187,8 +193,8 @@ Reinventing ticket presales, one ticket at a time. | autoscaling.minReplicas | int | `1` | | | autoscaling.targetCPUUtilizationPercentage | int | `80` | | | cronSchedule | string | `"*/30 * * * *"` | | -| env.PRETIX_CELERY_BACKEND | string | `"redis://pretix-redis-master/1"` | | -| env.PRETIX_CELERY_BROKER | string | `"redis://pretix-redis-master/2"` | | +| env.PRETIX_CELERY_BACKEND | string | `"redis://:changeme@pretix-redis-master/1"` | | +| env.PRETIX_CELERY_BROKER | string | `"redis://:changeme@pretix-redis-master/2"` | | | env.PRETIX_DATABASE_BACKEND | string | `"postgresql"` | | | env.PRETIX_DATABASE_HOST | string | `"pretix-postgresql"` | | | env.PRETIX_DATABASE_NAME | string | `"pretix"` | | @@ -206,10 +212,10 @@ Reinventing ticket presales, one ticket at a time. | env.PRETIX_PRETIX_CURRENCY | string | `"EUR"` | | | env.PRETIX_PRETIX_DATADIR | string | `"/data"` | | | env.PRETIX_PRETIX_INSTANCE_NAME | string | `"Pretix Helm"` | | -| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | string | `"on"` | | -| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | string | `"on"` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_FOR | bool | `true` | | +| env.PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO | bool | `true` | | | env.PRETIX_PRETIX_URL | string | `"http://localhost"` | | -| env.PRETIX_REDIS_LOCATION | string | `"redis://pretix-redis-master/0"` | | +| env.PRETIX_REDIS_LOCATION | string | `"redis://:changeme@pretix-redis-master/0"` | | | env.PRETIX_REDIS_SESSIONS | bool | `true` | | | fullnameOverride | string | `""` | | | grafana.dashboards.annotations | object | `{}` | | @@ -254,14 +260,20 @@ Reinventing ticket presales, one ticket at a time. | prometheus.servicemonitor.enabled | bool | `false` | broken, Host need to be localhost on request (instatt of ip) needs: https://github.com/prometheus-operator/prometheus-operator/pull/7003 | | prometheus.servicemonitor.interval | string | `nil` | interval | | prometheus.servicemonitor.labels | object | `{}` | | -| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout | +| prometheus.servicemonitor.scrapeTimeout | string | `nil` | scrape timeout | | readinessProbe.httpGet.httpHeaders[0].name | string | `"host"` | | | readinessProbe.httpGet.httpHeaders[0].value | string | `"localhost"` | | | readinessProbe.httpGet.path | string | `"/healthcheck/"` | | | readinessProbe.httpGet.port | string | `"http"` | | | redis.architecture | string | `"standalone"` | | -| redis.auth.enabled | bool | `false` | | +| redis.auth.enabled | bool | `true` | | +| redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | +| redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | +| redis.auth.password | string | `"changeme"` | | | redis.enabled | bool | `true` | | +| redis.global.storageClass | string | `""` | | +| redis.master.persistence.enabled | bool | `true` | | +| redis.replica.persistence.enabled | bool | `true` | | | replicas.taskworker | int | `1` | | | replicas.web | int | `1` | | | resources | object | `{}` | | diff --git a/pretix/values.yaml b/pretix/values.yaml index 406460d..f839a79 100644 --- a/pretix/values.yaml +++ b/pretix/values.yaml @@ -23,23 +23,23 @@ env: PRETIX_PRETIX_URL: http://localhost PRETIX_PRETIX_CURRENCY: EUR PRETIX_PRETIX_DATADIR: /data - PRETIX_PRETIX_TRUST_X_FORWARDED_FOR: on - PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO: on + PRETIX_PRETIX_TRUST_X_FORWARDED_FOR: true + PRETIX_PRETIX_TRUST_X_FORWARDED_PROTO: true PRETIX_MAIL_FROM: test@example.com PRETIX_MAIL_HOST: PRETIX_MAIL_USER: PRETIX_MAIL_PASSWORD: PRETIX_MAIL_PORT: 587 - PRETIX_MAIL_TLS: True + PRETIX_MAIL_TLS: true PRETIX_DATABASE_BACKEND: postgresql PRETIX_DATABASE_NAME: pretix PRETIX_DATABASE_USER: pretix PRETIX_DATABASE_PASSWORD: pretix PRETIX_DATABASE_HOST: pretix-postgresql - PRETIX_REDIS_LOCATION: redis://pretix-redis-master/0 + PRETIX_REDIS_LOCATION: redis://:changeme@pretix-redis-master/0 PRETIX_REDIS_SESSIONS: true - PRETIX_CELERY_BACKEND: redis://pretix-redis-master/1 - PRETIX_CELERY_BROKER: redis://pretix-redis-master/2 + PRETIX_CELERY_BACKEND: redis://:changeme@pretix-redis-master/1 + PRETIX_CELERY_BROKER: redis://:changeme@pretix-redis-master/2 PRETIX_METRICS_ENABLED: false PRETIX_METRICS_USER: pretix PRETIX_METRICS_PASSPHRASE: pretix @@ -50,7 +50,7 @@ imagePullSecrets: [] nameOverride: "" fullnameOverride: "" -#This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ +# This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ serviceAccount: # Specifies whether a service account should be created create: true @@ -63,7 +63,7 @@ serviceAccount: name: "" # This is for setting Kubernetes Annotations to a Pod. -# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ podAnnotations: {} # This is for setting Kubernetes Labels to a Pod. @@ -121,7 +121,7 @@ prometheus: labels: {} # -- interval interval: - # -- scrape timeout + # -- scrape timeout scrapeTimeout: rules: enabled: false @@ -181,7 +181,7 @@ readinessProbe: - name: "host" value: localhost -#This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/ +# This section is for setting up autoscaling more information can be found here: https://kubernetes.io/docs/concepts/workloads/autoscaling/ autoscaling: enabled: false minReplicas: 1 @@ -221,4 +221,17 @@ redis: enabled: true architecture: standalone auth: - enabled: false + enabled: true + password: 'changeme' + # -- name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time + existingSecret: "" + # -- Password key to be retrieved from existing secret + existingSecretPasswordKey: "" + global: + storageClass: "" + master: + persistence: + enabled: true + replica: + persistence: + enabled: true -- 2.45.3 From db242ac7f69859d9e41328ad702d1615127e11af Mon Sep 17 00:00:00 2001 From: WrenIX Date: Sun, 19 Jan 2025 23:55:11 +0100 Subject: [PATCH 251/256] fix(autopush): add router of autoconnect to service --- autopush/Chart.yaml | 2 +- autopush/README.md | 7 ++++--- autopush/templates/autoconnect/deployment.yaml | 2 +- autopush/templates/autoconnect/service.yaml | 6 +++++- autopush/templates/secret.yaml | 1 + autopush/values.yaml | 4 +++- 6 files changed, 15 insertions(+), 7 deletions(-) diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index 828f7a1..0d77753 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.7 +version: 0.0.8 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index 6100cf5..8c6eb95 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.7](https://img.shields.io/badge/Version-0.0.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -78,7 +78,8 @@ helm uninstall autopush-release | autoconnect.replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ | | autoconnect.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | | autoconnect.securityContext | object | `{}` | securityContext capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 | -| autoconnect.service.port | int | `80` | | +| autoconnect.service.ports.http | int | `80` | | +| autoconnect.service.ports.router | int | `8081` | | | autoconnect.service.type | string | `"ClusterIP"` | | | autoconnect.tolerations | list | `[]` | | | autoconnect.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | @@ -137,8 +138,8 @@ helm uninstall autopush-release | prometheus.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | redis.architecture | string | `"standalone"` | | | redis.auth.enabled | bool | `true` | | -| redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | | redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | +| redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | | redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | | redis.auth.password | string | `"autopush"` | XXX Change me! | | redis.dbid | int | `0` | Database ID for non-default database | diff --git a/autopush/templates/autoconnect/deployment.yaml b/autopush/templates/autoconnect/deployment.yaml index 0f1f3bb..de027ec 100644 --- a/autopush/templates/autoconnect/deployment.yaml +++ b/autopush/templates/autoconnect/deployment.yaml @@ -59,7 +59,7 @@ spec: containerPort: 8080 protocol: TCP - name: router - containerPort: 8081 + containerPort: {{ .service.ports.router }} protocol: TCP livenessProbe: {{- toYaml .livenessProbe | nindent 12 }} diff --git a/autopush/templates/autoconnect/service.yaml b/autopush/templates/autoconnect/service.yaml index 2a54f55..5f12030 100644 --- a/autopush/templates/autoconnect/service.yaml +++ b/autopush/templates/autoconnect/service.yaml @@ -10,10 +10,14 @@ spec: {{- include "autopush.selectorLabels" . | nindent 4 }} app.kubernetes.io/component: autoconnect ports: - - port: {{ .Values.autoconnect.service.port }} + - port: {{ .Values.autoconnect.service.ports.http }} targetPort: http protocol: TCP name: http + - port: {{ .Values.autoconnect.service.ports.router }} + targetPort: router + protocol: TCP + name: router {{- if .Values.prometheus.enabled }} - port: 9100 targetPort: metrics diff --git a/autopush/templates/secret.yaml b/autopush/templates/secret.yaml index 54d5f0f..bb84a35 100644 --- a/autopush/templates/secret.yaml +++ b/autopush/templates/secret.yaml @@ -33,6 +33,7 @@ data: {{- end }} AUTOCONNECT__ENDPOINT_HOSTNAME: {{ printf "updates.%s" .Values.ingress.host | b64enc }} AUTOCONNECT__ROUTER_HOSTNAME: {{ printf "%s-autoconnect" (include "autopush.fullname" .) | b64enc }} + AUTOCONNECT__ROUTER_PORT: {{ toYaml .Values.autoconnect.service.ports.router | b64enc }} {{- if .Values.prometheus.enabled }} AUTOCONNECT__STATSD_HOST: {{ "127.0.0.1" | b64enc}} AUTOCONNECT__STATSD_PORT: {{ "9125" | b64enc }} diff --git a/autopush/values.yaml b/autopush/values.yaml index 2a51115..bb4504b 100644 --- a/autopush/values.yaml +++ b/autopush/values.yaml @@ -164,7 +164,9 @@ autoconnect: # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types type: ClusterIP # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports - port: 80 + ports: + http: 80 + router: 8081 # -- We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little -- 2.45.3 From c39a8e05b869592b0eaa9531e8fd9eadc5010d73 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Mon, 20 Jan 2025 15:03:13 +0100 Subject: [PATCH 252/256] fix(headscale-ui): update appVersion --- headscale-ui/Chart.yaml | 4 ++-- headscale-ui/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/headscale-ui/Chart.yaml b/headscale-ui/Chart.yaml index f8a7fe6..5c486cd 100644 --- a/headscale-ui/Chart.yaml +++ b/headscale-ui/Chart.yaml @@ -3,9 +3,9 @@ name: headscale-ui description: A simple Headscale web UI for small-scale deployments. icon: https://raw.githubusercontent.com/gurucomputing/headscale-ui/master/static/favicon.png type: application -version: 0.2.1 +version: 0.2.2 # renovate: image=ghcr.io/gurucomputing/headscale-ui -appVersion: "2024.10.10" +appVersion: "2025.01.20" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/headscale-ui/README.md b/headscale-ui/README.md index 87cf2d0..6692895 100644 --- a/headscale-ui/README.md +++ b/headscale-ui/README.md @@ -7,7 +7,7 @@ description: "A simple Headscale web UI for small-scale deployments." # headscale-ui -![Version: 0.2.1](https://img.shields.io/badge/Version-0.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2024.10.10](https://img.shields.io/badge/AppVersion-2024.10.10-informational?style=flat-square) +![Version: 0.2.2](https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.01.20](https://img.shields.io/badge/AppVersion-2025.01.20-informational?style=flat-square) A simple Headscale web UI for small-scale deployments. -- 2.45.3 From f656f15e85c2c4c8fbd5b99098f8e56115adb9c8 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Tue, 21 Jan 2025 18:52:36 +0100 Subject: [PATCH 253/256] fix(home-assistant): update appVersion --- home-assistant/Chart.yaml | 4 ++-- home-assistant/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/home-assistant/Chart.yaml b/home-assistant/Chart.yaml index 460b754..62cdbed 100644 --- a/home-assistant/Chart.yaml +++ b/home-assistant/Chart.yaml @@ -3,9 +3,9 @@ name: home-assistant description: Home Assistant with tooling to run on an k3s pi icon: https://www.home-assistant.io/images/favicon-192x192.png type: application -version: 0.3.2 +version: 0.3.3 # renovate: image=ghcr.io/home-assistant/home-assistant -appVersion: "2025.1.2" +appVersion: "2025.1.3" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/home-assistant/README.md b/home-assistant/README.md index 3fc80ec..8532654 100644 --- a/home-assistant/README.md +++ b/home-assistant/README.md @@ -7,7 +7,7 @@ description: "Home Assistant with tooling to run on an k3s pi" # home-assistant -![Version: 0.3.2](https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.2](https://img.shields.io/badge/AppVersion-2025.1.2-informational?style=flat-square) +![Version: 0.3.3](https://img.shields.io/badge/Version-0.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2025.1.3](https://img.shields.io/badge/AppVersion-2025.1.3-informational?style=flat-square) Home Assistant with tooling to run on an k3s pi -- 2.45.3 From 174cf19d2cd32f09e92db7971b5f09a1720c33e3 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 22 Jan 2025 21:04:03 +0100 Subject: [PATCH 254/256] fix(jellyfin): update appVersion --- jellyfin/Chart.yaml | 4 +- jellyfin/README.adoc | 326 ------------------------------------------- jellyfin/README.md | 2 +- 3 files changed, 3 insertions(+), 329 deletions(-) delete mode 100644 jellyfin/README.adoc diff --git a/jellyfin/Chart.yaml b/jellyfin/Chart.yaml index 486f1c2..1566162 100644 --- a/jellyfin/Chart.yaml +++ b/jellyfin/Chart.yaml @@ -3,9 +3,9 @@ name: jellyfin description: The Free Software Media System icon: https://raw.githubusercontent.com/jellyfin/jellyfin-ux/master/branding/SVG/icon-transparent.svg type: application -version: "0.3.7" +version: "0.3.8" # renovate: image=ghcr.io/jellyfin/jellyfin -appVersion: "10.10.3" +appVersion: "10.10.4" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/jellyfin/README.adoc b/jellyfin/README.adoc deleted file mode 100644 index c9946bb..0000000 --- a/jellyfin/README.adoc +++ /dev/null @@ -1,326 +0,0 @@ - - -= jellyfin - -image::https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square[Version: 0.3.7] -image::https://img.shields.io/badge/Version-application-informational?style=flat-square[Type: application] -image::https://img.shields.io/badge/AppVersion-10.10.3-informational?style=flat-square[AppVersion: 10.10.3] -== Maintainers - -.Maintainers -|=== -| Name | Email | Url - -| WrenIX -| -| -|=== - -== Usage - -Helm must be installed and setup to your kubernetes cluster to use the charts. -Refer to Helm's https://helm.sh/docs[documentation] to get started. -Once Helm has been set up correctly, fetch the charts as follows: - -[source,bash] ----- -helm pull oci://codeberg.org/wrenix/helm-charts/jellyfin ----- - -You can install a chart release using the following command: - -[source,bash] ----- -helm install jellyfin-release oci://codeberg.org/wrenix/helm-charts/jellyfin --values values.yaml ----- - -To uninstall a chart release use `helm`'s delete command: - -[source,bash] ----- -helm uninstall jellyfin-release ----- - -== Values - -.Values -|=== -| Key | Type | Default | Description - -| affinity -| object -| `{}` -| - -| autoscaling.enabled -| bool -| `false` -| - -| autoscaling.maxReplicas -| int -| `100` -| - -| autoscaling.minReplicas -| int -| `1` -| - -| autoscaling.targetCPUUtilizationPercentage -| int -| `80` -| - -| config.enabled -| bool -| `false` -| - -| config.image -| object -| `{"pullPolicy":"IfNotPresent","registry":"ghcr.io","repository":"tomwright/dasel","tag":"2.8.1"}` -| image to patch config - -| config.metrics -| bool -| `false` -| - -| fullnameOverride -| string -| `""` -| - -| global.image.pullPolicy -| string -| `nil` -| if set it will overwrite all pullPolicy - -| global.image.registry -| string -| `nil` -| if set it will overwrite all registry entries - -| grafana.dashboards.annotations -| object -| `{}` -| - -| grafana.dashboards.enabled -| bool -| `false` -| - -| grafana.dashboards.labels.grafana_dashboard -| string -| `"1"` -| - -| image.pullPolicy -| string -| `"IfNotPresent"` -| - -| image.registry -| string -| `"ghcr.io"` -| - -| image.repository -| string -| `"jellyfin/jellyfin"` -| - -| image.tag -| string -| `""` -| Overrides the image tag whose default is the chart appVersion. - -| imagePullSecrets -| list -| `[]` -| - -| ingress.annotations -| object -| `{}` -| - -| ingress.className -| string -| `""` -| - -| ingress.enabled -| bool -| `false` -| - -| ingress.hosts[0].host -| string -| `"chart-example.local"` -| - -| ingress.hosts[0].paths[0].path -| string -| `"/"` -| - -| ingress.hosts[0].paths[0].pathType -| string -| `"ImplementationSpecific"` -| - -| ingress.tls -| list -| `[]` -| - -| nameOverride -| string -| `""` -| - -| networkPolicy.egress.enabled -| bool -| `true` -| activate egress no networkpolicy - -| networkPolicy.egress.extra -| list -| `[]` -| egress rules - -| networkPolicy.enabled -| bool -| `false` -| - -| networkPolicy.ingress.http -| list -| `[]` -| ingress for http port (e.g. ingress-controller, prometheus) - -| nodeSelector -| object -| `{}` -| - -| persistence.config.hostPath -| string -| `nil` -| - -| persistence.config.nfs.path -| string -| `"/"` -| - -| persistence.config.nfs.server -| string -| `nil` -| - -| persistence.config.pvc.enabled -| bool -| `false` -| - -| persistence.media.hostPath -| string -| `nil` -| - -| persistence.media.nfs.path -| string -| `"/"` -| - -| persistence.media.nfs.server -| string -| `nil` -| - -| persistence.media.pvc.enabled -| bool -| `false` -| - -| persistence.media.readOnly -| bool -| `true` -| - -| podAnnotations -| object -| `{}` -| - -| podLabels -| object -| `{}` -| - -| podSecurityContext -| object -| `{}` -| - -| prometheus.servicemonitor.enabled -| bool -| `false` -| - -| prometheus.servicemonitor.labels -| object -| `{}` -| - -| replicaCount -| int -| `1` -| - -| resources -| object -| `{}` -| - -| securityContext -| object -| `{}` -| - -| service.port -| int -| `8096` -| - -| service.type -| string -| `"ClusterIP"` -| - -| serviceAccount.annotations -| object -| `{}` -| - -| serviceAccount.create -| bool -| `true` -| - -| serviceAccount.name -| string -| `""` -| - -| tolerations -| list -| `[]` -| -|=== - -Autogenerated from chart metadata using https://github.com/norwoodj/helm-docs[helm-docs] diff --git a/jellyfin/README.md b/jellyfin/README.md index f814921..e5aaf8d 100644 --- a/jellyfin/README.md +++ b/jellyfin/README.md @@ -7,7 +7,7 @@ description: "The Free Software Media System" # jellyfin -![Version: 0.3.7](https://img.shields.io/badge/Version-0.3.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.3](https://img.shields.io/badge/AppVersion-10.10.3-informational?style=flat-square) +![Version: 0.3.8](https://img.shields.io/badge/Version-0.3.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.4](https://img.shields.io/badge/AppVersion-10.10.4-informational?style=flat-square) The Free Software Media System -- 2.45.3 From 24286723f0285e3d34565b375fe6bd7e74f7f6cc Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 22 Jan 2025 21:04:58 +0100 Subject: [PATCH 255/256] fix(forgejo-runner): update appVersion --- forgejo-runner/Chart.yaml | 4 ++-- forgejo-runner/README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/forgejo-runner/Chart.yaml b/forgejo-runner/Chart.yaml index 8ed9b65..56218fe 100644 --- a/forgejo-runner/Chart.yaml +++ b/forgejo-runner/Chart.yaml @@ -2,9 +2,9 @@ apiVersion: v2 name: forgejo-runner description: Deploy runner for an forgejo instance (default codeberg.org) type: application -version: "0.4.9" +version: "0.4.10" # renovate: image=code.forgejo.org/forgejo/runner -appVersion: "6.0.1" +appVersion: "6.1.0" maintainers: - name: WrenIX url: https://wrenix.eu diff --git a/forgejo-runner/README.md b/forgejo-runner/README.md index b62df46..40b20f8 100644 --- a/forgejo-runner/README.md +++ b/forgejo-runner/README.md @@ -7,7 +7,7 @@ description: "Deploy runner for an forgejo instance (default codeberg.org)" # forgejo-runner -![Version: 0.4.9](https://img.shields.io/badge/Version-0.4.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.0.1](https://img.shields.io/badge/AppVersion-6.0.1-informational?style=flat-square) +![Version: 0.4.10](https://img.shields.io/badge/Version-0.4.10-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 6.1.0](https://img.shields.io/badge/AppVersion-6.1.0-informational?style=flat-square) Deploy runner for an forgejo instance (default codeberg.org) -- 2.45.3 From 6de9ec016b99ae4e88df3eb21df97bdb9358a10e Mon Sep 17 00:00:00 2001 From: WrenIX Date: Wed, 22 Jan 2025 21:29:58 +0100 Subject: [PATCH 256/256] fix(autopush): add unifiedpush common-proxies support --- autopush/Chart.yaml | 2 +- autopush/README.md | 29 +++++- autopush/templates/autoconnect/service.yaml | 1 + autopush/templates/autoendpoint/service.yaml | 1 + autopush/templates/ingress.yaml | 22 +++++ autopush/templates/servicemonitor.yaml | 1 + .../templates/unifiedpush/deployment.yaml | 97 +++++++++++++++++++ autopush/templates/unifiedpush/service.yaml | 19 ++++ autopush/values.yaml | 79 +++++++++++++++ 9 files changed, 248 insertions(+), 3 deletions(-) create mode 100644 autopush/templates/unifiedpush/deployment.yaml create mode 100644 autopush/templates/unifiedpush/service.yaml diff --git a/autopush/Chart.yaml b/autopush/Chart.yaml index 0d77753..727c3dc 100644 --- a/autopush/Chart.yaml +++ b/autopush/Chart.yaml @@ -3,7 +3,7 @@ name: autopush description: A Helm chart for Kubernetes icon: type: application -version: 0.0.8 +version: 0.0.9 # renovate: image=docker.io/mozilla-services/autopush-rs appVersion: "1.72.2" maintainers: diff --git a/autopush/README.md b/autopush/README.md index 8c6eb95..057e0e6 100644 --- a/autopush/README.md +++ b/autopush/README.md @@ -7,7 +7,7 @@ description: "A Helm chart for Kubernetes" # autopush -![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) +![Version: 0.0.9](https://img.shields.io/badge/Version-0.0.9-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.72.2](https://img.shields.io/badge/AppVersion-1.72.2-informational?style=flat-square) A Helm chart for Kubernetes @@ -138,8 +138,8 @@ helm uninstall autopush-release | prometheus.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | redis.architecture | string | `"standalone"` | | | redis.auth.enabled | bool | `true` | | -| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | | redis.auth.existingSecret | string | `""` | name of an existing secret with Redis credentials (instead of auth.password), must be created ahead of time | +| redis.auth.existingSecret | string | `nil` | Or use existing secret with "redis-password" key instead of static password | | redis.auth.existingSecretPasswordKey | string | `""` | Password key to be retrieved from existing secret | | redis.auth.password | string | `"autopush"` | XXX Change me! | | redis.dbid | int | `0` | Database ID for non-default database | @@ -155,6 +155,31 @@ helm uninstall autopush-release | serviceAccount.automount | bool | `true` | | | serviceAccount.create | bool | `true` | | | serviceAccount.name | string | `""` | | +| unifiedPush.affinity | object | `{}` | | +| unifiedPush.config.gateway.allowedHosts | list | `[]` | | +| unifiedPush.config.gateway.generic.enable | bool | `true` | | +| unifiedPush.config.gateway.matrix.enable | bool | `true` | | +| unifiedPush.config.uaid | string | `""` | | +| unifiedPush.config.verbose | bool | `false` | | +| unifiedPush.enabled | bool | `false` | | +| unifiedPush.image.pullPolicy | string | `"IfNotPresent"` | | +| unifiedPush.image.registry | string | `"docker.io"` | | +| unifiedPush.image.repository | string | `"unifiedpush/common-proxies"` | | +| unifiedPush.image.tag | string | `"v2.2.0"` | | +| unifiedPush.livenessProbe | object | `{"httpGet":{"path":"/health","port":"http"}}` | This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ | +| unifiedPush.nodeSelector | object | `{}` | | +| unifiedPush.podAnnotations | object | `{}` | | +| unifiedPush.podLabels | object | `{}` | | +| unifiedPush.podSecurityContext | object | `{}` | | +| unifiedPush.readinessProbe.httpGet.path | string | `"/health"` | | +| unifiedPush.readinessProbe.httpGet.port | string | `"http"` | | +| unifiedPush.replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ | +| unifiedPush.resources | object | `{}` | We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. If you do want to specify resources, uncomment the following lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 100m memory: 128Mi requests: cpu: 100m memory: 128Mi | +| unifiedPush.securityContext | object | `{}` | | +| unifiedPush.service.port | int | `80` | | +| unifiedPush.service.type | string | `"ClusterIP"` | | +| unifiedPush.tolerations | list | `[]` | | +| unifiedPush.volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. - name: foo mountPath: "/etc/foo" readOnly: true | | volumes | list | `[]` | Additional volumes on the output Deployment definition. - name: foo secret: secretName: mysecret optional: false | Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs) diff --git a/autopush/templates/autoconnect/service.yaml b/autopush/templates/autoconnect/service.yaml index 5f12030..b94b1fc 100644 --- a/autopush/templates/autoconnect/service.yaml +++ b/autopush/templates/autoconnect/service.yaml @@ -4,6 +4,7 @@ metadata: name: {{ include "autopush.fullname" . }}-autoconnect labels: {{- include "autopush.labels" . | nindent 4 }} + app.kubernetes.io/metrics: "true" spec: type: {{ .Values.autoconnect.service.type }} selector: diff --git a/autopush/templates/autoendpoint/service.yaml b/autopush/templates/autoendpoint/service.yaml index ef7abb3..94f3eac 100644 --- a/autopush/templates/autoendpoint/service.yaml +++ b/autopush/templates/autoendpoint/service.yaml @@ -4,6 +4,7 @@ metadata: name: {{ include "autopush.fullname" . }}-autoendpoint labels: {{- include "autopush.labels" . | nindent 4 }} + app.kubernetes.io/metrics: "true" spec: type: {{ .Values.autoendpoint.service.type }} selector: diff --git a/autopush/templates/ingress.yaml b/autopush/templates/ingress.yaml index d53ba34..a5e2dd4 100644 --- a/autopush/templates/ingress.yaml +++ b/autopush/templates/ingress.yaml @@ -38,4 +38,26 @@ spec: name: {{ include "autopush.fullname" $ }}-autoendpoint port: name: http + {{- with .Values.unifiedPush }} + {{- if .enabled }} + {{- if .config.gateway.generic.enable }} + - path: /generic/ + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-unifiedpush + port: + name: http + {{- end }} + {{- if .config.gateway.matrix.enable }} + - path: /_matrix/push/v1/notify + pathType: Prefix + backend: + service: + name: {{ include "autopush.fullname" $ }}-unifiedpush + port: + name: http + {{- end }} + {{- end }} + {{- end }} {{- end }} diff --git a/autopush/templates/servicemonitor.yaml b/autopush/templates/servicemonitor.yaml index 87b7f82..44569c5 100644 --- a/autopush/templates/servicemonitor.yaml +++ b/autopush/templates/servicemonitor.yaml @@ -12,6 +12,7 @@ spec: selector: matchLabels: {{- include "autopush.selectorLabels" . | nindent 6 }} + app.kubernetes.io/metrics: "true" endpoints: - port: metrics {{- end }} diff --git a/autopush/templates/unifiedpush/deployment.yaml b/autopush/templates/unifiedpush/deployment.yaml new file mode 100644 index 0000000..62ddbd5 --- /dev/null +++ b/autopush/templates/unifiedpush/deployment.yaml @@ -0,0 +1,97 @@ +{{- with .Values.unifiedPush }} +{{- if .enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "autopush.fullname" $ }}-unifiedpush + labels: + {{- include "autopush.labels" $ | nindent 4 }} +spec: + replicas: {{ .replicaCount }} + selector: + matchLabels: + {{- include "autopush.selectorLabels" $ | nindent 6 }} + app.kubernetes.io/component: unifiedpush + template: + metadata: + {{- with .podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "autopush.labels" $ | nindent 8 }} + app.kubernetes.io/component: unifiedpush + {{- with .podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "autopush.serviceAccountName" $ }} + securityContext: + {{- toYaml .podSecurityContext | nindent 8 }} + containers: + - name: common-proxies + securityContext: + {{- toYaml .securityContext | nindent 12 }} + {{- with .image }} + image: "{{ coalesce $.Values.global.image.registry .registry }}/{{ .repository }}:{{ .tag | default (printf "v%s" $.Chart.AppVersion) }}" + imagePullPolicy: {{ coalesce $.Values.global.image.pullPolicy .pullPolicy }} + {{- end }} + env: + - name: "UP_LISTEN" + value: ":8080" + {{- if .config.verbose }} + - name: "UP_VERBOSE" + value: "true" + {{- end }} + {{- with .config.uaid }} + - name: "UP_UAID" + value: {{ . | quote }} + {{- end }} + {{- if .config.gateway.generic.enable }} + - name: "UP_GATEWAY_GENERIC_ENABLE" + value: "true" + {{- end }} + {{- if .config.gateway.matrix.enable }} + - name: "UP_GATEWAY_MATRIX_ENABLE" + value: "true" + {{- end }} + {{- with .config.gateway.allowedHosts }} + - name: "UP_GATEWAY_ALLOWEDHOSTS" + value: {{ join "," . | quote }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + {{- toYaml .livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .readinessProbe | nindent 12 }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- with .volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} diff --git a/autopush/templates/unifiedpush/service.yaml b/autopush/templates/unifiedpush/service.yaml new file mode 100644 index 0000000..300a35c --- /dev/null +++ b/autopush/templates/unifiedpush/service.yaml @@ -0,0 +1,19 @@ +{{- if .Values.unifiedPush.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "autopush.fullname" . }}-unifiedpush + labels: + app.kubernetes.io/metrics: "true" + {{- include "autopush.labels" . | nindent 4 }} +spec: + type: {{ .Values.unifiedPush.service.type }} + selector: + {{- include "autopush.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: unifiedpush + ports: + - port: {{ .Values.unifiedPush.service.port }} + targetPort: http + protocol: TCP + name: http +{{- end }} diff --git a/autopush/values.yaml b/autopush/values.yaml index bb4504b..e17ad54 100644 --- a/autopush/values.yaml +++ b/autopush/values.yaml @@ -264,6 +264,85 @@ autoendpoint: # readOnly: true volumeMounts: [] +unifiedPush: + enabled: false + # -- This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ + replicaCount: 1 + image: + registry: docker.io + repository: unifiedpush/common-proxies + pullPolicy: IfNotPresent + tag: "v2.2.0" + + config: + verbose: false + uaid: "" + gateway: + generic: + enable: true + matrix: + enable: true + allowedHosts: [] + + # This is for setting Kubernetes Annotations to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + podAnnotations: {} + # This is for setting Kubernetes Labels to a Pod. + # For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + podLabels: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + podSecurityContext: {} + # fsGroup: 2000 + + securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + + # This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/ + service: + # This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types + type: ClusterIP + # This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports + port: 80 + + # -- We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + resources: {} + + # -- This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ + livenessProbe: + httpGet: + path: /health + port: http + readinessProbe: + httpGet: + path: /health + port: http + + # -- Additional volumeMounts on the output Deployment definition. + # - name: foo + # mountPath: "/etc/foo" + # readOnly: true + volumeMounts: [] + # This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/ serviceAccount: -- 2.45.3