Init Helm chart (#255)

* Initial chart version * Add CI/CD for chart * Fix admin creds template * Add command, args, env, envFrom * Render volumes and volumeMounts with tpl * Change persistance accessMode type * Add update strategy config * Use custom types in docs * Add startup probe config * Fix web.external_url config
2025-09-15 07:11:15 +00:00 · 2024-07-04 22:37:30 +02:00
parent 85381121ee
commit 6f52cb2ada
19 changed files with 981 additions and 0 deletions
--- a/deploy/helm/values.yaml
+++ b/deploy/helm/values.yaml
@@ -0,0 +1,269 @@
+# Default values for wg-portal.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# -- Partially override resource names (adds suffix)
+# @section -- Common
+nameOverride: ''
+# -- Fully override resource names
+# @section -- Common
+fullnameOverride: ''
+# -- Array of extra objects to deploy with the release
+# @section -- Common
+extraDeploy: []
+
+# https://github.com/h44z/wg-portal/blob/master/README.md#configuration-options
+config:
+  # -- (tpl/object) Advanced configuration options.
+  # @section -- Configuration
+  advanced: {}
+  # -- (tpl/object) Auth configuration options.
+  # @section -- Configuration
+  auth: {}
+  # -- (tpl/object) Core configuration options.<br>
+  # @section -- Configuration
+  # If external admins in `auth` are not defined and
+  # there are no `admin_user` and `admin_password` defined here,
+  # the default credentials will be generated.
+  core: {}
+  # -- (tpl/object) Database configuration options
+  # @section -- Configuration
+  database: {}
+  # -- (tpl/object) Mail configuration options
+  # @section -- Configuration
+  mail: {}
+  # -- (tpl/object) Statistics configuration options
+  # @section -- Configuration
+  statistics: {}
+  # -- (tpl/object) Web configuration options.<br>
+  # @section -- Configuration
+  # The chart will set `listening_address` automatically from `service.web.port`,
+  # and `external_url` from `ingress.host` if enabled.
+  web: {}
+
+# -- The number of old ReplicaSets to retain to allow rollback.
+# @section -- Parameters
+# @default -- `10`
+revisionHistoryLimit: ''
+# -- Workload type - `Deployment` or `StatefulSet`
+# @section -- Parameters
+workloadType: Deployment
+# -- Update strategy for the workload
+# Valid values are:
+#  `RollingUpdate` or `Recreate` for Deployment,
+#  `RollingUpdate` or `OnDelete` for StatefulSet
+# @section -- Parameters
+strategy:
+  type: RollingUpdate
+
+image:
+  # -- Image repository
+  # @section -- Parameters
+  repository: ghcr.io/h44z/wg-portal
+  # -- Image pull policy
+  # @section -- Parameters
+  pullPolicy: IfNotPresent
+  # -- Overrides the image tag whose default is the chart appVersion
+  # @section -- Parameters
+  tag: ''
+
+# -- Image pull secrets
+# @section -- Parameters
+imagePullSecrets: []
+
+# -- (tpl/object) Extra annotations to add to the pod
+# @section -- Parameters
+podAnnotations: {}
+
+# -- Extra labels to add to the pod
+# @section -- Parameters
+podLabels: {}
+
+# -- Pod Security Context
+# @section -- Parameters
+podSecurityContext: {}
+
+# Container Security Context
+securityContext:
+  capabilities:
+    # -- Add capabilities to the container
+    # @section -- Parameters
+    add:
+      - NET_ADMIN
+
+# -- (tpl/list) Pod init containers
+# @section -- Parameters
+initContainers: []
+# -- (tpl/list) Pod sidecar containers
+# @section -- Parameters
+sidecarContainers: []
+
+# -- Set DNS policy for the pod.
+# Valid values are `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`.
+# @default -- `"ClusterFirst"`
+# @section -- Parameters
+dnsPolicy: ''
+
+# -- Restart policy for all containers within the pod.
+# Valid values are `Always`, `OnFailure` or `Never`.
+# @default -- `"Always"`
+# @section -- Parameters
+restartPolicy: ''
+
+# -- Use the host's network namespace.
+# @default -- `false`.
+# @section -- Parameters
+hostNetwork: ''
+
+# -- Resources requests and limits
+# @section -- Parameters
+resources: {}
+
+# -- Overwrite pod command
+# @section -- Parameters
+command: []
+
+# -- Additional pod arguments
+# @section -- Parameters
+args: []
+
+# -- (tpl/list) Additional environment variables
+# @section -- Parameters
+env: []
+
+# -- (tpl/list) Additional environment variables from a secret or configMap
+# @section -- Parameters
+envFrom: []
+
+# -- Liveness probe configuration
+# @ignore
+livenessProbe:
+  failureThreshold: 10
+  httpGet:
+    path: /
+    port: http
+
+# -- Readiness probe configuration
+# @ignore
+readinessProbe:
+  httpGet:
+    path: /
+    port: http
+
+# -- Startup probe configuration
+# @ignore
+startupProbe:
+  initialDelaySeconds: 5
+  failureThreshold: 10
+  httpGet:
+    path: /
+    port: http
+    scheme: HTTP
+
+# -- (tpl/list) Additional volumes
+# @section -- Parameters
+volumes: []
+
+# -- (tpl/list) Additional volumeMounts
+# @section -- Parameters
+volumeMounts: []
+
+# -- Node Selector configuration
+# @section -- Parameters
+nodeSelector:
+  kubernetes.io/os: linux
+
+# -- Tolerations configuration
+# @section -- Parameters
+tolerations: []
+
+# -- Affinity configuration
+# @section -- Parameters
+affinity: {}
+
+service:
+  web:
+    # -- Annotations for the web service
+    # @section -- Traffic exposure
+    annotations: {}
+    # -- Web service type
+    # @section -- Traffic exposure
+    type: ClusterIP
+    # -- Web service port
+    # Used for the web interface listener
+    # @section -- Traffic exposure
+    port: 8888
+  wireguard:
+    # -- Annotations for the WireGuard service
+    # @section -- Traffic exposure
+    annotations: {}
+    # -- Wireguard service type
+    # @section -- Traffic exposure
+    type: LoadBalancer
+    # -- Wireguard service ports.
+    # Exposes the WireGuard ports for created interfaces.
+    # Lowerest port is selected as start port for the first interface.
+    # Increment next port by 1 for each additional interface.
+    # @section -- Traffic exposure
+    ports:
+      - 51820
+
+ingress:
+  # -- Specifies whether an ingress resource should be created
+  # @section -- Traffic exposure
+  enabled: false
+  # -- Ingress class name
+  # @section -- Traffic exposure
+  className: ''
+  # -- Ingress annotations
+  # @section -- Traffic exposure
+  # @section -- Traffic exposure
+  annotations: {}
+  # -- Ingress host FQDN
+  # @section -- Traffic exposure
+  host: ''
+  # -- Ingress path type
+  # @section -- Traffic exposure
+  pathType: ImplementationSpecific
+  # -- Ingress path
+  # @section -- Traffic exposure
+  path: /
+  # -- Ingress TLS configuration
+  # @section -- Traffic exposure
+  tls: []
+  #  - secretName: wg-portal-example-tls
+  #    hosts:
+  #      - wg-portal.example.local
+
+persistence:
+  # -- Specifies whether an persistent volume should be created
+  # @section -- Persistence
+  enabled: false
+  # -- Persistent Volume Claim annotations
+  # @section -- Persistence
+  annotations: {}
+  # -- Persistent Volume storage class.
+  # If undefined (the default) cluster's default provisioner will be used.
+  # @section -- Persistence
+  storageClass: ''
+  # -- Persistent Volume Access Mode
+  # @section -- Persistence
+  accessMode: ReadWriteOnce
+  # -- Persistent Volume size
+  # @section -- Persistence
+  size: 1Gi
+
+serviceAccount:
+  # -- Specifies whether a service account should be created
+  # @section -- RBAC
+  create: true
+  # -- Service account annotations
+  # @section -- RBAC
+  annotations: {}
+  # -- Automatically mount a ServiceAccount's API credentials
+  # @section -- RBAC
+  automount: false
+  # -- The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  # @section -- RBAC
+  name: ''