truenas/chart
1
0
Fork 0
mirror of https://github.com/truenas/charts.git synced 2026-04-02 10:21:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update catalog information

Browse Source
This commit is contained in:
sonicaj
2023-04-11 15:36:31 +00:00
parent 341ec4213e
commit 178fa6002a
14 changed files with 422 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
catalog.json
View File

@@ -49,7 +49,7 @@
"latest_version": "1.0.0",
"latest_app_version": "8.7.0",
"latest_human_version": "8.7.0_1.0.0",
"last_update": null,
"last_update": "2023-04-11 15:33:26",
"name": "elastic-search",
"recommended": false,
"title": "Elastic Search",
@@ -402,6 +402,25 @@
"title": "IPFS",
"icon_url": "https://avatars.githubusercontent.com/u/10536621"
},
"adguard-home": {
"app_readme": "<h1>AdGuard Home</h1>\n<p>During the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.\n(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)\nBecause of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).</p>\n<p>If you select a different port in the wizard, the Dashboard will not work initially but\nafter a couple of minutes container will automatically restart and the Dashboard will\nbe available on the port you selected on the TrueNAS SCALE UI.</p>\n<blockquote>\n<ul>\n<li>AdGuard runs as <code>root</code> user.</li>\n<li>AdGuard runs with host networking enabled.</li>\n</ul>\n</blockquote>",
"categories": [
"dns",
"adblock"
],
"description": "Free and open source, powerful network-wide ads & trackers blocking DNS server.",
"healthy": true,
"healthy_error": null,
"location": "/__w/charts/charts/community/adguard-home",
"latest_version": "1.0.0",
"latest_app_version": "v0.107.26",
"latest_human_version": "v0.107.26_1.0.0",
"last_update": null,
"name": "adguard-home",
"recommended": false,
"title": "AdGuard Home",
"icon_url": "https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg"
},
"vaultwarden": {
"app_readme": "<h1>Vaultwarden</h1>\n<p><a href=\"https://github.com/dani-garcia/vaultwarden\">Vaultwarden</a> Alternative implementation of the <code>Bitwarden</code> server API written in Rust and compatible with upstream Bitwarden clients</p>\n<blockquote>\n<p>During the installation process, a container will be launched with <strong>root</strong> privileges. This is required\nin order to apply the correct permissions to the <code>Vaultwarden</code> data directory. Afterward, the <code>Vaultwarden</code> container\nwill run as a <strong>non</strong>-root user (default <code>568</code>).\nSame applies to the <code>postgres</code> container. This will run afterwards as a <strong>non</strong>-root user (<code>999</code>).\nOn each upgrade, a container will be launched with <strong>root</strong> privileges in order to apply the correct\npermissions to the <code>postgres</code> <strong>backups</strong> directory. Container that performs the backup will run as a <strong>non</strong>-root user (<code>999</code>) afterwards.\nKeep in mind the permissions on the backup directory will be changed to <code>999:999</code> on <strong>every</strong> update.\nBut will only be changed once for the <code>Vaultwarden</code> and <code>postgres</code> data directories.</p>\n</blockquote>\n<p>While the option to use <code>Rocket</code> for TLS is there, it is not\n<a href=\"https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS#via-rocket\">recommended</a>.\nInstead, use a reverse proxy to handle TLS termination.</p>\n<p>Using <code>HTTPS</code> is <strong>required</strong> for the most of the features to work (correctly).</p>",
"categories": [

6
community/adguard-home/1.0.0/Chart.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: file://../../../common
version: 1.0.3
digest: sha256:1a090020cfa582aff29906320874ffe9b543fcc6c2423c281f434514f2653e02
generated: "2023-04-06T19:01:50.673798323+03:00"

25
community/adguard-home/1.0.0/Chart.yaml Normal file
View File

@@ -0,0 +1,25 @@
name: adguard-home
description: Free and open source, powerful network-wide ads & trackers blocking DNS server.
annotations:
title: AdGuard Home
type: application
version: 1.0.0
apiVersion: v2
appVersion: 'v0.107.26'
kubeVersion: '>=1.16.0-0'
maintainers:
- name: truenas
url: https://www.truenas.com/
dependencies:
- name: common
repository: file://../../../common
version: 1.0.3
home: https://github.com/AdguardTeam/AdGuardHome
icon: https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg
sources:
- https://github.com/AdguardTeam/AdGuardHome
- https://github.com/truenas/charts/tree/master/library/ix-dev/community/adguard-home
- https://hub.docker.com/r/adguard/adguardhome
keywords:
- dns
- adblock

12
community/adguard-home/1.0.0/README.md Normal file
View File

@@ -0,0 +1,12 @@
# AdGuard Home
During the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.
(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)
Because of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).
If you select a different port in the wizard, the Dashboard will not work initially but
after a couple of minutes container will automatically restart and the Dashboard will
be available on the port you selected on the TrueNAS SCALE UI.
> - AdGuard runs as `root` user.
> - AdGuard runs with host networking enabled.

12
community/adguard-home/1.0.0/app-readme.md Normal file
View File

@@ -0,0 +1,12 @@
# AdGuard Home
During the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.
(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)
Because of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).
If you select a different port in the wizard, the Dashboard will not work initially but
after a couple of minutes container will automatically restart and the Dashboard will
be available on the port you selected on the TrueNAS SCALE UI.
> - AdGuard runs as `root` user.
> - AdGuard runs with host networking enabled.

BIN
community/adguard-home/1.0.0/charts/common-1.0.3.tgz Normal file
View File

Binary file not shown.

7
community/adguard-home/1.0.0/ci/basic-values.yaml Normal file
View File

@@ -0,0 +1,7 @@
adguardStorage:
work:
type: hostPath
hostPath: /mnt/{{ .Release.Name }}/work
conf:
type: hostPath
hostPath: /mnt/{{ .Release.Name }}/conf

28
community/adguard-home/1.0.0/ix_values.yaml Normal file
View File

@@ -0,0 +1,28 @@
image:
repository: adguard/adguardhome
tag: v0.107.26
pullPolicy: IfNotPresent
resources:
limits:
cpu: 4000m
memory: 8Gi
adguardNetwork:
webPort: 30000
enableDHCP: false
# FIXME: See _adguard.tpl
# adguardRunAs:
# user: 568
# group: 568
adguardStorage:
work:
type: ixVolume
hostPath: ""
datasetName: work
conf:
type: ixVolume
hostPath: ""
datasetName: conf

181
community/adguard-home/1.0.0/questions.yaml Normal file
View File

@@ -0,0 +1,181 @@
groups:
- name: AdGuard Home Configuration
description: Configure AdGuard Home
# - name: User and Group Configuration
# description: Configure User and Group for AdGuard Home
- name: Network Configuration
description: Configure Network for AdGuard Home
- name: Storage Configuration
description: Configure Storage for AdGuard Home
- name: Resources Configuration
description: Configure Resources for AdGuard Home
portals:
web_portal:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
path: "$kubernetes-resource_configmap_portal_path"
questions:
# - variable: adguardRunAs
# label: ""
# group: User and Group Configuration
# schema:
# type: dict
# attrs:
# - variable: user
# label: User ID
# description: The user id that AdGuard Home will run as.
# schema:
# type: int
# min: 1
# default: 568
# required: true
# - variable: group
# label: Group ID
# description: The group id that AdGuard Home will run as.
# schema:
# type: int
# min: 1
# default: 568
# required: true
- variable: adguardNetwork
label: ""
group: Network Configuration
schema:
type: dict
attrs:
- variable: webPort
label: Web Port
description: |
The port for the AdGuard Home WebUI. Set the same during the setup wizard.
In case you set a different port, you will need to stop/start the app for the
port set here to take effect. (Or wait for the container to restart automatically)
schema:
type: int
default: 30000
min: 9000
max: 65535
required: true
- variable: enableDHCP
label: Enable DHCP
description: |
This will only append the needed capabilities for DHCP to work </br>
The configuration for DHCP is done in the AdGuard Home WebUI
schema:
type: boolean
default: false
- variable: adguardStorage
label: ""
group: Storage Configuration
schema:
type: dict
attrs:
- variable: work
label: AdGuard Home Data Storage
description: The path to store AdGuard Home work.
schema:
type: dict
attrs:
- variable: type
label: Type
description: |
ixVolume: Is dataset created automatically by the system.</br>
Host Path: Is a path that already exists on the system.
schema:
type: string
required: true
default: ixVolume
enum:
- value: hostPath
description: Host Path (Path that already exists on the system)
- value: ixVolume
description: ixVolume (Dataset created automatically by the system)
- variable: datasetName
label: Dataset Name
schema:
type: string
show_if: [["type", "=", "ixVolume"]]
required: true
hidden: true
immutable: true
default: work
$ref:
- "normalize/ixVolume"
- variable: hostPath
label: Host Path
schema:
type: hostpath
show_if: [["type", "=", "hostPath"]]
immutable: true
required: true
- variable: conf
label: AdGuard Home Configuration Storage
description: The path to store AdGuard Home configuration
schema:
type: dict
attrs:
- variable: type
label: Type
description: |
ixVolume: Is dataset created automatically by the system.</br>
Host Path: Is a path that already exists on the system.
schema:
type: string
required: true
default: ixVolume
enum:
- value: hostPath
description: Host Path (Path that already exists on the system)
- value: ixVolume
description: ixVolume (Dataset created automatically by the system)
- variable: datasetName
label: Dataset Name
schema:
type: string
show_if: [["type", "=", "ixVolume"]]
required: true
hidden: true
immutable: true
default: conf
$ref:
- "normalize/ixVolume"
- variable: hostPath
label: Host Path
schema:
type: hostpath
show_if: [["type", "=", "hostPath"]]
immutable: true
required: true
- variable: resources
label: ""
group: Resources Configuration
schema:
type: dict
attrs:
- variable: limits
label: Limits
schema:
type: dict
attrs:
- variable: cpu
label: CPU
description: CPU limit for AdGuard Home.
schema:
type: string
default: 4000m
required: true
- variable: memory
label: Memory
description: Memory limit for AdGuard Home.
schema:
type: string
default: 8Gi
required: true

1
community/adguard-home/1.0.0/templates/NOTES.txt Normal file
View File

@@ -0,0 +1 @@
{{ include "ix.v1.common.lib.chart.notes" $ }}

105
community/adguard-home/1.0.0/templates/_adguard.tpl Normal file
View File

@@ -0,0 +1,105 @@
{{- define "adguard.workload" -}}
workload:
adguard:
enabled: true
primary: true
type: Deployment
podSpec:
# Host network is pretty much a requirement for apps like this.
# Because NodePort can't bind ports like 53(DNS) or 67(DHCP)
# and the majority of devices do not have option to change the port.
hostNetwork: true
containers:
adguard:
enabled: true
primary: true
imageSelector: image
# Args are copied from the official docker image
# So we can also specify the port.
# If we dont specify the port here, AdGuardHome
# will start initially at port 3000 and after
# the setup wizard is completed it will switch
# to user specified port.
args:
- --no-check-update
- --host
- "0.0.0.0"
- --config
- /opt/adguardhome/conf/AdGuardHome.yaml
- --work-dir
- /opt/adguardhome/work
- --port
- {{ .Values.adguardNetwork.webPort | quote }}
# Setup wizard shows an option to select the port that AdGuardHome
# Web UI will listen on. If the user selects anything other than the `webPort`,
# container will reload its new configuration and listen to the user specified port.
# But user won't have access to it because the port is not exposed. Few seconds later
# probes will kill the container and restart it with the correct `webPort` port.
securityContext:
# FIXME: It might be able to run rootless, probably blocked by:
# https://github.com/AdguardTeam/AdGuardHome/issues/4681
runAsNonRoot: false
runAsUser: 0
runAsGroup: 0
capabilities:
add:
- NET_BIND_SERVICE
{{ if .Values.adguardNetwork.enableDHCP }}
- NET_RAW
{{ end }}
# FIXME: Switch to exec probe after this issue is solved, also note that healthcheck
# is only available on "edge" tag, as of 27/03/2023
# https://github.com/AdguardTeam/AdGuardHome/issues/3290#issuecomment-1485451976
probes:
liveness:
enabled: true
type: http
path: /
port: {{ .Values.adguardNetwork.webPort }}
readiness:
enabled: true
type: http
path: /
port: {{ .Values.adguardNetwork.webPort }}
startup:
enabled: true
type: http
path: /
port: {{ .Values.adguardNetwork.webPort }}
{{/* # FIXME: Disabled until it can run as non-root
initContainers:
{{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
"UID" .Values.ipfsRunAs.user
"GID" .Values.ipfsRunAs.group
"type" "install") | nindent 8 }}
*/}}
{{/* Persistence */}}
persistence:
work:
enabled: true
type: {{ .Values.adguardStorage.work.type }}
datasetName: {{ .Values.adguardStorage.work.datasetName | default "" }}
hostPath: {{ .Values.adguardStorage.work.hostPath | default "" }}
targetSelector:
adguard:
adguard:
mountPath: /opt/adguardhome/work
{{/* # FIXME: See above
01-permissions:
mountPath: /mnt/directories/work
*/}}
conf:
enabled: true
type: {{ .Values.adguardStorage.conf.type }}
datasetName: {{ .Values.adguardStorage.conf.datasetName | default "" }}
hostPath: {{ .Values.adguardStorage.conf.hostPath | default "" }}
targetSelector:
adguard:
adguard:
mountPath: /opt/adguardhome/conf
{{/* # FIXME: See above
01-permissions:
mountPath: /mnt/directories/conf
*/}}
{{- end -}}

12
community/adguard-home/1.0.0/templates/_portal.tpl Normal file
View File

@@ -0,0 +1,12 @@
{{- define "adguard.portal" -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: portal
data:
path: /
port: {{ .Values.adguardNetwork.webPort | quote }}
protocol: http
host: $node_ip
{{- end -}}

9
community/adguard-home/1.0.0/templates/common.yaml Normal file
View File

@@ -0,0 +1,9 @@
{{- include "ix.v1.common.loader.init" . -}}
{{/* Merge the templates with Values */}}
{{- $_ := mustMergeOverwrite .Values (include "adguard.workload" $ | fromYaml) -}}
{{/* Create the configmap for portal manually*/}}
{{- include "adguard.portal" $ -}}
{{- include "ix.v1.common.loader.apply" . -}}

4
community/adguard-home/item.yaml Normal file
View File

@@ -0,0 +1,4 @@
icon_url: https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg
categories:
- dns
- adblock