Commit new App releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot
2022-06-25 17:26:03 +00:00
parent 2d3b1a3ad2
commit 07fd378e2d
29 changed files with 6165 additions and 0 deletions

View File

@@ -0,0 +1,9 @@
# Changelog<br>
<a name="openspeedtest-0.0.1"></a>
### openspeedtest-0.0.1 (2022-06-25)
#### Feat
* Add OpenSpeedTest ([#2978](https://github.com/truecharts/apps/issues/2978))

View File

@@ -0,0 +1,7 @@
# Configuration Options
##### Connecting to other apps
If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our [Linking Apps Internally](https://truecharts.org/manual/Quick-Start%20Guides/06-linking-apps/) quick-start guide.
##### Available config options
In the future this page is going to contain an automated list of options available in the installation/edit UI.

View File

@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.1.4
digest: sha256:0f159b86b96bd27bd8d967476e26de9a2a6db995faf0c091cbf1281ee4c4e3a2
generated: "2022-06-25T17:18:22.139825934Z"

View File

@@ -0,0 +1,30 @@
apiVersion: v2
appVersion: "latest"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.1.4
deprecated: false
description: HTML5 Network Speed Test Server. You can test download & upload speed from any device within your network with a web browser that is IE10 or new.
home: https://github.com/truecharts/apps/tree/master/charts/stable/openspeedtest
icon: https://truecharts.org/_static/img/appicons/openspeedtest.png
keywords:
- speedtest
- speed test
- openspeedtest
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: openspeedtest
sources:
- https://github.com/openspeedtest/Speed-Test
type: application
version: 0.0.1
annotations:
truecharts.org/catagories: |
- utilities
- test
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -0,0 +1,37 @@
# Introduction
HTML5 Network Speed Test Server. You can test download & upload speed from any device within your network with a web browser that is IE10 or new.
TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
## Source Code
* <https://github.com/openspeedtest/Speed-Test>
## Requirements
Kubernetes: `>=1.16.0-0`
## Dependencies
| Repository | Name | Version |
|------------|------|---------|
| https://library-charts.truecharts.org | common | 10.1.4 |
## Installing the Chart
To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/02-Installing-an-App/).
## Upgrading, Rolling Back and Uninstalling the Chart
To upgrade, rollback or delete this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/04-Upgrade-rollback-delete-an-App/).
## Support
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first.
- See the [Wiki](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
---
All Rights Reserved - The TrueCharts Project

View File

@@ -0,0 +1,3 @@
HTML5 Network Speed Test Server. You can test download & upload speed from any device within your network with a web browser that is IE10 or new.
This App is supplied by TrueCharts, for more information please visit https://truecharts.org

Binary file not shown.

View File

@@ -0,0 +1,27 @@
# Default Helm-Values
TrueCharts is primarily build to supply TrueNAS SCALE Apps.
However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
Most of our Apps also consume our "common" Helm Chart.
If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"tccr.io/truecharts/openspeedtest"` | |
| image.tag | string | `"v0.20.781@sha256:96eae64bdf60250418ef7581fa5387c58b2c5963be19582ebc4151ccacc7c488"` | |
| persistence.config.enabled | bool | `true` | |
| persistence.config.mountPath | string | `"/config"` | |
| probes.liveness.path | string | `"/"` | |
| probes.readiness.path | string | `"/"` | |
| probes.startup.path | string | `"/"` | |
| securityContext.readOnlyRootFilesystem | bool | `false` | |
| service.main.ports.main.port | int | `3000` | |
| service.main.ports.main.targetPort | int | `3000` | |
| service.main.protocol | string | `"HTTP"` | |
All Rights Reserved - The TrueCharts Project

View File

@@ -0,0 +1,28 @@
image:
repository: tccr.io/truecharts/openspeedtest
pullPolicy: IfNotPresent
tag: latest@sha256:5deed4a03b5695bc6e46b9aef474567e29941bc557406315c3632be401b85e00
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
service:
main:
protocol: HTTP
ports:
main:
targetPort: 3000
port: 10250
probes:
liveness:
path: "/"
readiness:
path: "/"
startup:
path: "/"

File diff suppressed because it is too large Load Diff

View File

@@ -0,0 +1,77 @@
---
hide:
- toc
---
# Security Overview
<link href="https://truecharts.org/_static/trivy.css" type="text/css" rel="stylesheet" />
## Helm-Chart
##### Scan Results
#### Chart Object: openspeedtest/templates/common.yaml
| Type | Misconfiguration ID | Check | Severity | Explaination | Links |
|:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------|
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;RELEASE-NAME-openspeedtest&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
| Kubernetes Security Check | KSV001 | Process can elevate its own privileges | MEDIUM | <details><summary>Expand...</summary> A program inside the container can elevate its own privileges and run as root, which might give the program control over the container and node. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.allowPrivilegeEscalation&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv001">https://avd.aquasec.com/misconfig/ksv001</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;RELEASE-NAME-openspeedtest&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/misconfig/ksv003">https://avd.aquasec.com/misconfig/ksv003</a><br></details> |
| Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW | <details><summary>Expand...</summary> The container should drop all default capabilities and add only those that are needed for its execution. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should add &#39;ALL&#39; to &#39;securityContext.capabilities.drop&#39; </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/">https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/</a><br><a href="https://avd.aquasec.com/misconfig/ksv003">https://avd.aquasec.com/misconfig/ksv003</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;RELEASE-NAME-openspeedtest&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv012">https://avd.aquasec.com/misconfig/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv012">https://avd.aquasec.com/misconfig/ksv012</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-openspeedtest&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/misconfig/ksv014">https://avd.aquasec.com/misconfig/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/misconfig/ksv014">https://avd.aquasec.com/misconfig/ksv014</a><br></details> |
| Kubernetes Security Check | KSV017 | Privileged container | HIGH | <details><summary>Expand...</summary> Privileged containers share namespaces with the host system and do not offer any security. They should be used exclusively for system containers that require high privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.privileged&#39; to false </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline">https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline</a><br><a href="https://avd.aquasec.com/misconfig/ksv017">https://avd.aquasec.com/misconfig/ksv017</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-openspeedtest&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv020">https://avd.aquasec.com/misconfig/ksv020</a><br></details> |
| Kubernetes Security Check | KSV020 | Runs with low user ID | LOW | <details><summary>Expand...</summary> Force the container to run with user ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.runAsUser&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv020">https://avd.aquasec.com/misconfig/ksv020</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;RELEASE-NAME-openspeedtest&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv021">https://avd.aquasec.com/misconfig/ksv021</a><br></details> |
| Kubernetes Security Check | KSV021 | Runs with low group ID | LOW | <details><summary>Expand...</summary> Force the container to run with group ID &gt; 10000 to avoid conflicts with the hosts user table. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-openspeedtest&#39; should set &#39;securityContext.runAsGroup&#39; &gt; 10000 </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-runasuser/">https://kubesec.io/basics/containers-securitycontext-runasuser/</a><br><a href="https://avd.aquasec.com/misconfig/ksv021">https://avd.aquasec.com/misconfig/ksv021</a><br></details> |
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | <details><summary>Expand...</summary> The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. <br> <hr> <br> Either Pod or Container should set &#39;securityContext.seccompProfile.type&#39; to &#39;RuntimeDefault&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv030">https://avd.aquasec.com/misconfig/ksv030</a><br></details> |
| Kubernetes Security Check | KSV030 | Default Seccomp profile not set | LOW | <details><summary>Expand...</summary> The RuntimeDefault/Localhost seccomp profile must be required, or allow specific additional profiles. <br> <hr> <br> Either Pod or Container should set &#39;securityContext.seccompProfile.type&#39; to &#39;RuntimeDefault&#39; </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv030">https://avd.aquasec.com/misconfig/ksv030</a><br></details> |
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root UID. <br> <hr> <br> securityContext.runAsUser should be set to a value greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv105">https://avd.aquasec.com/misconfig/ksv105</a><br></details> |
| Kubernetes Security Check | KSV105 | Containers must not set runAsUser to 0 | LOW | <details><summary>Expand...</summary> Containers should be forbidden from running with a root UID. <br> <hr> <br> securityContext.runAsUser should be set to a value greater than 0 </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv105">https://avd.aquasec.com/misconfig/ksv105</a><br></details> |
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
| Kubernetes Security Check | KSV106 | Container capabilities must only include NET_BIND_SERVICE | LOW | <details><summary>Expand...</summary> Containers must drop ALL capabilities, and are only permitted to add back the NET_BIND_SERVICE capability. <br> <hr> <br> container should drop all </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/misconfig/ksv106">https://avd.aquasec.com/misconfig/ksv106</a><br></details> |
## Containers
##### Detected Containers
tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730
tccr.io/truecharts/openspeedtest:latest@sha256:5deed4a03b5695bc6e46b9aef474567e29941bc557406315c3632be401b85e00
##### Scan Results
#### Container: tccr.io/truecharts/alpine:v3.16.0@sha256:16dc15f3d61a1e30b1df9f839e53636847b6097286b2b74c637b25fd8264f730 (alpine 3.16.0)
**alpine**
| No Vulnerabilities found |
|:---------------------------------|
#### Container: tccr.io/truecharts/openspeedtest:latest@sha256:5deed4a03b5695bc6e46b9aef474567e29941bc557406315c3632be401b85e00 (alpine 3.16.0)
**alpine**
| Package | Vulnerability | Severity | Installed Version | Fixed Version | Links |
|:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------|
| pcre2 | CVE-2022-1586 | CRITICAL | 10.39-r0 | 10.40-r0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1586">https://access.redhat.com/security/cve/CVE-2022-1586</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077976,">https://bugzilla.redhat.com/show_bug.cgi?id=2077976,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1586</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,">https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a,</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c">https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1586">https://nvd.nist.gov/vuln/detail/CVE-2022-1586</a><br></details> |
| pcre2 | CVE-2022-1587 | CRITICAL | 10.39-r0 | 10.40-r0 | <details><summary>Expand...</summary><a href="https://access.redhat.com/security/cve/CVE-2022-1587">https://access.redhat.com/security/cve/CVE-2022-1587</a><br><a href="https://bugzilla.redhat.com/show_bug.cgi?id=2077983,">https://bugzilla.redhat.com/show_bug.cgi?id=2077983,</a><br><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1587</a><br><a href="https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0">https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DWNG2NS3GINO6LQYUVC4BZLUQPJ3DYHA/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXINO3KKI5DICQ45E2FKD6MKVMGJLEKJ/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KAX7767BCUFC7JMDGP7GOQ5GIZCAUGBB/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M2GLQQUEY5VFM57CFYXVIFOXN2HUZPDM/</a><br><a href="https://nvd.nist.gov/vuln/detail/CVE-2022-1587">https://nvd.nist.gov/vuln/detail/CVE-2022-1587</a><br></details> |
****
| No Vulnerabilities found |
|:---------------------------------|

View File

@@ -0,0 +1 @@
{{ include "tc.common.loader.all" . }}

View File

@@ -0,0 +1,5 @@
icon_url: https://truecharts.org/_static/img/appicons/openspeedtest.png
categories:
- utilities
- test

View File

@@ -0,0 +1,14 @@
# Changelog<br>
<a name="wger-0.0.2"></a>
### wger-0.0.2 (2022-06-25)
#### Chore
* update helm general non-major helm releases ([#2981](https://github.com/truecharts/apps/issues/2981))
#### Feat
* add wger ([#2975](https://github.com/truecharts/apps/issues/2975))

View File

@@ -0,0 +1,12 @@
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.1.4
- name: postgresql
repository: https://charts.truecharts.org/
version: 8.0.18
- name: redis
repository: https://charts.truecharts.org
version: 3.0.18
digest: sha256:f868b14f60498ada1b9ee08fc6641870d68dd1cb3e05b233f63cf7d6c076dc02
generated: "2022-06-25T17:18:26.398041439Z"

View File

@@ -0,0 +1,34 @@
apiVersion: v2
appVersion: "latest"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.1.4
- condition: postgresql.enabled
name: postgresql
repository: https://charts.truecharts.org/
version: 8.0.18
- condition: redis.enabled
name: redis
repository: https://charts.truecharts.org
version: 3.0.18
description: Workout Manager is a free, open source web application that helps you manage your personal workouts, weight and diet plans and can also be used as a simple gym management utility.
home: https://github.com/truecharts/apps/tree/master/charts/stable/wger
icon: https://truecharts.org/_static/img/appicons/wger.png
keywords:
- workout
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: wger
sources:
- https://github.com/wger-project/wger
- https://github.com/wger-project/docker
version: 0.0.2
annotations:
truecharts.org/catagories: |
- life
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@@ -0,0 +1,40 @@
# Introduction
Workout Manager is a free, open source web application that helps you manage your personal workouts, weight and diet plans and can also be used as a simple gym management utility.
TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
## Source Code
* <https://github.com/wger-project/wger>
* <https://github.com/wger-project/docker>
## Requirements
Kubernetes: `>=1.16.0-0`
## Dependencies
| Repository | Name | Version |
|------------|------|---------|
| https://charts.truecharts.org/ | postgresql | 8.0.18 |
| https://charts.truecharts.org | redis | 3.0.18 |
| https://library-charts.truecharts.org | common | 10.1.4 |
## Installing the Chart
To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/02-Installing-an-App/).
## Upgrading, Rolling Back and Uninstalling the Chart
To upgrade, rollback or delete this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/04-Upgrade-rollback-delete-an-App/).
## Support
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first.
- See the [Wiki](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
---
All Rights Reserved - The TrueCharts Project

View File

@@ -0,0 +1,3 @@
Workout Manager is a free, open source web application that helps you manage your personal workouts, weight and diet plans and can also be used as a simple gym management utility.
This App is supplied by TrueCharts, for more information please visit https://truecharts.org

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@@ -0,0 +1,179 @@
image:
repository: wger/server
tag: latest@sha256:504626e67e709b00a23fb2daf8edd420f30b9e2d1c2c72efb2c3e3907fc636a1
pullPolicy: IfNotPresent
nginxImage:
repository: tccr.io/truecharts/nginx
tag: v1.22.0@sha256:9829252d9891aa3dfc654df8a98f65567ca8b43683e3ef2898944bc44287aeef
securityContext:
runAsNonRoot: false
readOnlyRootFilesystem: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
env:
DJANGO_DB_ENGINE: "django.db.backends.postgresql"
DJANGO_DB_DATABASE: "{{ .Values.postgresql.postgresqlDatabase }}"
DJANGO_DB_USER: "{{ .Values.postgresql.postgresqlUsername }}"
DJANGO_DB_PORT: "5432"
DJANGO_DB_HOST:
secretKeyRef:
name: dbcreds
key: plainhost
DJANGO_DB_PASSWORD:
secretKeyRef:
name: dbcreds
key: postgresql-password
DJANGO_CACHE_BACKEND: "django_redis.cache.RedisCache"
DJANGO_CACHE_CLIENT_CLASS: "django_redis.client.DefaultClient"
DJANGO_CACHE_TIMEOUT: "1296000"
DJANGO_CACHE_LOCATION:
secretKeyRef:
name: rediscreds
key: url
SECRET_KEY:
secretKeyRef:
name: wger-secrets
key: SECRET_KEY
TIME_ZONE: "{{ .Values.TZ }}"
# True, not true
WGER_USE_GUNICORN: "True"
# User Defined
SITE_URL: "{{ .Values.wger.site_url }}"
FROM_EMAIL: "{{ .Values.wger.from_email }}"
EXERCISE_CACHE_TTL: "{{ .Values.wger.exercise_cache_ttl }}"
EMAIL_HOST: "{{ .Values.wger.email_host }}"
EMAIL_PORT: "{{ .Values.wger.email_port }}"
EMAIL_HOST_USER: "{{ .Values.wger.email_host_user }}"
EMAIL_HOST_PASSWORD: "{{ .Values.wger.email_host_password }}"
RECAPTCHA_PUBLIC_KEY: "{{ .Values.wger.recaptha_public_key }}"
RECAPTCHA_PRIVATE_KEY: "{{ .Values.wger.recaptha_private_key }}"
envFrom:
- configMapRef:
name: '{{ include "tc.common.names.fullname" . }}-wger'
wger:
site_url: "http://localhost:8000"
sync_exercises_on_startup: false
download_exercise_images_on_startup: false
allow_registration: true
allow_guest_users: true
allow_upload_videos: true
exercise_cache_ttl: "3600"
django_perform_migrations: true
django_debug: false
enable_email: false
from_email: ""
email_host: ""
email_port: "587"
email_host_user: ""
email_host_password: ""
email_use_tls: true
email_use_ssl: true
recaptha_public_key: ""
recaptha_private_key: ""
nocaptcha: true
configmap:
wger:
enabled: true
data:
SYNC_EXERCISES_ON_STARTUP: "{{ ternary \"True\" \"False\" .Values.wger.sync_exercises_on_startup }}"
DOWNLOAD_EXERCISE_IMAGES_ON_STARTUP: "{{ ternary \"True\" \"False\" .Values.wger.download_exercise_images_on_startup }}"
ALLOW_REGISTRATION: "{{ ternary \"True\" \"False\" .Values.wger.allow_registration }}"
ALLOW_GUEST_USERS: "{{ ternary \"True\" \"False\" .Values.wger.allow_guest_users }}"
ALLOW_UPLOAD_VIDEOS: "{{ ternary \"True\" \"False\" .Values.wger.allow_upload_videos }}"
DJANGO_PERFORM_MIGRATIONS: "{{ ternary \"True\" \"False\" .Values.wger.django_perform_migrations }}"
DJANGO_DEBUG: "{{ ternary \"True\" \"False\" .Values.wger.django_debug }}"
ENABLE_EMAIL: "{{ ternary \"True\" \"False\" .Values.wger.enable_email }}"
EMAIL_USE_TLS: "{{ ternary \"True\" \"False\" .Values.wger.email_use_tls }}"
EMAIL_USE_SSL: "{{ ternary \"True\" \"False\" .Values.wger.email_use_ssl }}"
NOCAPTCHA: "{{ ternary \"True\" \"False\" .Values.wger.nocaptcha }}"
config:
enabled: true
data:
nginx-config: |-
upstream wger {
server localhost:8000;
}
server {
listen 80;
location / {
proxy_pass http://localhost;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
location /static/ {
alias /static/;
}
location /media/ {
alias /media/;
}
# Increase max body size to allow for video uploads
client_max_body_size 100M;
}
probes:
liveness:
path: "/"
readiness:
path: "/"
startup:
path: "/"
service:
main:
ports:
main:
port: 10249
targetPort: 80
additionalContainers:
nginx:
name: nginx
image: "{{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}"
ports:
- containerPort: 80
name: main
volumeMounts:
- name: wger-config
mountPath: "/etc/nginx/conf.d/default.conf"
subPath: nginx-config
readOnly: true
- name: media
mountPath: "/media"
- name: static
mountPath: "/static"
persistence:
media:
enabled: true
mountPath: "/home/wger/media"
static:
enabled: true
type: emptyDir
mountPath: "/home/wger/static"
wger-config:
enabled: "true"
mountPath: "/etc/nginx/conf.d/default.conf"
subPath: "default.conf"
type: "custom"
volumeSpec:
configMap:
name: '{{ printf "%v-config" (include "tc.common.names.fullname" .) }}'
postgresql:
enabled: true
existingSecret: "dbcreds"
postgresqlUsername: wger
postgresqlDatabase: wger
redis:
enabled: true
existingSecret: "rediscreds"

File diff suppressed because it is too large Load Diff

File diff suppressed because one or more lines are too long

View File

@@ -0,0 +1,20 @@
{{/* Define the secrets */}}
{{- define "wger.secrets" -}}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: wger-secrets
{{- $wgerprevious := lookup "v1" "Secret" .Release.Namespace "wger-secrets" }}
{{- $secret_key := "" }}
data:
{{- if $wgerprevious}}
SECRET_KEY: {{ index $wgerprevious.data "SECRET_KEY" }}
{{- else }}
{{- $secret_key := randAlphaNum 32 }}
SECRET_KEY: {{ $secret_key | b64enc }}
{{- end }}
{{- end -}}

View File

@@ -0,0 +1,7 @@
{{- include "tc.common.loader.init" . }}
{{/* Render secrets for wger */}}
{{- include "wger.secrets" . }}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}

View File

4
incubator/wger/item.yaml Normal file
View File

@@ -0,0 +1,4 @@
icon_url: https://truecharts.org/_static/img/appicons/wger.png
categories:
- life