diff --git a/catalog.json b/catalog.json
index 5d244fa800..605d517f31 100644
--- a/catalog.json
+++ b/catalog.json
@@ -49,7 +49,7 @@
"latest_version": "1.0.0",
"latest_app_version": "8.7.0",
"latest_human_version": "8.7.0_1.0.0",
- "last_update": null,
+ "last_update": "2023-04-11 15:33:26",
"name": "elastic-search",
"recommended": false,
"title": "Elastic Search",
@@ -402,6 +402,25 @@
"title": "IPFS",
"icon_url": "https://avatars.githubusercontent.com/u/10536621"
},
+ "adguard-home": {
+ "app_readme": "AdGuard Home
\nDuring the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.\n(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)\nBecause of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).
\nIf you select a different port in the wizard, the Dashboard will not work initially but\nafter a couple of minutes container will automatically restart and the Dashboard will\nbe available on the port you selected on the TrueNAS SCALE UI.
\n\n\n- AdGuard runs as
root user. \n- AdGuard runs with host networking enabled.
\n
\n
",
+ "categories": [
+ "dns",
+ "adblock"
+ ],
+ "description": "Free and open source, powerful network-wide ads & trackers blocking DNS server.",
+ "healthy": true,
+ "healthy_error": null,
+ "location": "/__w/charts/charts/community/adguard-home",
+ "latest_version": "1.0.0",
+ "latest_app_version": "v0.107.26",
+ "latest_human_version": "v0.107.26_1.0.0",
+ "last_update": null,
+ "name": "adguard-home",
+ "recommended": false,
+ "title": "AdGuard Home",
+ "icon_url": "https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg"
+ },
"vaultwarden": {
"app_readme": "Vaultwarden
\nVaultwarden Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients
\n\nDuring the installation process, a container will be launched with root privileges. This is required\nin order to apply the correct permissions to the Vaultwarden data directory. Afterward, the Vaultwarden container\nwill run as a non-root user (default 568).\nSame applies to the postgres container. This will run afterwards as a non-root user (999).\nOn each upgrade, a container will be launched with root privileges in order to apply the correct\npermissions to the postgres backups directory. Container that performs the backup will run as a non-root user (999) afterwards.\nKeep in mind the permissions on the backup directory will be changed to 999:999 on every update.\nBut will only be changed once for the Vaultwarden and postgres data directories.
\n
\nWhile the option to use Rocket for TLS is there, it is not\nrecommended.\nInstead, use a reverse proxy to handle TLS termination.
\nUsing HTTPS is required for the most of the features to work (correctly).
",
"categories": [
diff --git a/community/adguard-home/1.0.0/Chart.lock b/community/adguard-home/1.0.0/Chart.lock
new file mode 100644
index 0000000000..f6cdf0a11f
--- /dev/null
+++ b/community/adguard-home/1.0.0/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+ repository: file://../../../common
+ version: 1.0.3
+digest: sha256:1a090020cfa582aff29906320874ffe9b543fcc6c2423c281f434514f2653e02
+generated: "2023-04-06T19:01:50.673798323+03:00"
diff --git a/community/adguard-home/1.0.0/Chart.yaml b/community/adguard-home/1.0.0/Chart.yaml
new file mode 100644
index 0000000000..3698135643
--- /dev/null
+++ b/community/adguard-home/1.0.0/Chart.yaml
@@ -0,0 +1,25 @@
+name: adguard-home
+description: Free and open source, powerful network-wide ads & trackers blocking DNS server.
+annotations:
+ title: AdGuard Home
+type: application
+version: 1.0.0
+apiVersion: v2
+appVersion: 'v0.107.26'
+kubeVersion: '>=1.16.0-0'
+maintainers:
+ - name: truenas
+ url: https://www.truenas.com/
+dependencies:
+ - name: common
+ repository: file://../../../common
+ version: 1.0.3
+home: https://github.com/AdguardTeam/AdGuardHome
+icon: https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg
+sources:
+ - https://github.com/AdguardTeam/AdGuardHome
+ - https://github.com/truenas/charts/tree/master/library/ix-dev/community/adguard-home
+ - https://hub.docker.com/r/adguard/adguardhome
+keywords:
+ - dns
+ - adblock
diff --git a/community/adguard-home/1.0.0/README.md b/community/adguard-home/1.0.0/README.md
new file mode 100644
index 0000000000..24a6191698
--- /dev/null
+++ b/community/adguard-home/1.0.0/README.md
@@ -0,0 +1,12 @@
+# AdGuard Home
+
+During the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.
+(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)
+Because of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).
+
+If you select a different port in the wizard, the Dashboard will not work initially but
+after a couple of minutes container will automatically restart and the Dashboard will
+be available on the port you selected on the TrueNAS SCALE UI.
+
+> - AdGuard runs as `root` user.
+> - AdGuard runs with host networking enabled.
diff --git a/community/adguard-home/1.0.0/app-readme.md b/community/adguard-home/1.0.0/app-readme.md
new file mode 100644
index 0000000000..24a6191698
--- /dev/null
+++ b/community/adguard-home/1.0.0/app-readme.md
@@ -0,0 +1,12 @@
+# AdGuard Home
+
+During the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.
+(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)
+Because of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).
+
+If you select a different port in the wizard, the Dashboard will not work initially but
+after a couple of minutes container will automatically restart and the Dashboard will
+be available on the port you selected on the TrueNAS SCALE UI.
+
+> - AdGuard runs as `root` user.
+> - AdGuard runs with host networking enabled.
diff --git a/community/adguard-home/1.0.0/charts/common-1.0.3.tgz b/community/adguard-home/1.0.0/charts/common-1.0.3.tgz
new file mode 100644
index 0000000000..9b2580e5d1
Binary files /dev/null and b/community/adguard-home/1.0.0/charts/common-1.0.3.tgz differ
diff --git a/community/adguard-home/1.0.0/ci/basic-values.yaml b/community/adguard-home/1.0.0/ci/basic-values.yaml
new file mode 100644
index 0000000000..2ff4aa4e79
--- /dev/null
+++ b/community/adguard-home/1.0.0/ci/basic-values.yaml
@@ -0,0 +1,7 @@
+adguardStorage:
+ work:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Name }}/work
+ conf:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Name }}/conf
diff --git a/community/adguard-home/1.0.0/ix_values.yaml b/community/adguard-home/1.0.0/ix_values.yaml
new file mode 100644
index 0000000000..296e86c8fa
--- /dev/null
+++ b/community/adguard-home/1.0.0/ix_values.yaml
@@ -0,0 +1,28 @@
+image:
+ repository: adguard/adguardhome
+ tag: v0.107.26
+ pullPolicy: IfNotPresent
+
+resources:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+
+adguardNetwork:
+ webPort: 30000
+ enableDHCP: false
+
+# FIXME: See _adguard.tpl
+# adguardRunAs:
+# user: 568
+# group: 568
+
+adguardStorage:
+ work:
+ type: ixVolume
+ hostPath: ""
+ datasetName: work
+ conf:
+ type: ixVolume
+ hostPath: ""
+ datasetName: conf
diff --git a/community/adguard-home/1.0.0/questions.yaml b/community/adguard-home/1.0.0/questions.yaml
new file mode 100644
index 0000000000..cb2919ed05
--- /dev/null
+++ b/community/adguard-home/1.0.0/questions.yaml
@@ -0,0 +1,181 @@
+groups:
+ - name: AdGuard Home Configuration
+ description: Configure AdGuard Home
+ # - name: User and Group Configuration
+ # description: Configure User and Group for AdGuard Home
+ - name: Network Configuration
+ description: Configure Network for AdGuard Home
+ - name: Storage Configuration
+ description: Configure Storage for AdGuard Home
+ - name: Resources Configuration
+ description: Configure Resources for AdGuard Home
+
+portals:
+ web_portal:
+ protocols:
+ - "$kubernetes-resource_configmap_portal_protocol"
+ host:
+ - "$kubernetes-resource_configmap_portal_host"
+ ports:
+ - "$kubernetes-resource_configmap_portal_port"
+ path: "$kubernetes-resource_configmap_portal_path"
+
+questions:
+ # - variable: adguardRunAs
+ # label: ""
+ # group: User and Group Configuration
+ # schema:
+ # type: dict
+ # attrs:
+ # - variable: user
+ # label: User ID
+ # description: The user id that AdGuard Home will run as.
+ # schema:
+ # type: int
+ # min: 1
+ # default: 568
+ # required: true
+ # - variable: group
+ # label: Group ID
+ # description: The group id that AdGuard Home will run as.
+ # schema:
+ # type: int
+ # min: 1
+ # default: 568
+ # required: true
+
+ - variable: adguardNetwork
+ label: ""
+ group: Network Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: webPort
+ label: Web Port
+ description: |
+ The port for the AdGuard Home WebUI. Set the same during the setup wizard.
+ In case you set a different port, you will need to stop/start the app for the
+ port set here to take effect. (Or wait for the container to restart automatically)
+ schema:
+ type: int
+ default: 30000
+ min: 9000
+ max: 65535
+ required: true
+ - variable: enableDHCP
+ label: Enable DHCP
+ description: |
+ This will only append the needed capabilities for DHCP to work
+ The configuration for DHCP is done in the AdGuard Home WebUI
+ schema:
+ type: boolean
+ default: false
+
+ - variable: adguardStorage
+ label: ""
+ group: Storage Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: work
+ label: AdGuard Home Data Storage
+ description: The path to store AdGuard Home work.
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ description: |
+ ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ schema:
+ type: string
+ required: true
+ default: ixVolume
+ enum:
+ - value: hostPath
+ description: Host Path (Path that already exists on the system)
+ - value: ixVolume
+ description: ixVolume (Dataset created automatically by the system)
+ - variable: datasetName
+ label: Dataset Name
+ schema:
+ type: string
+ show_if: [["type", "=", "ixVolume"]]
+ required: true
+ hidden: true
+ immutable: true
+ default: work
+ $ref:
+ - "normalize/ixVolume"
+ - variable: hostPath
+ label: Host Path
+ schema:
+ type: hostpath
+ show_if: [["type", "=", "hostPath"]]
+ immutable: true
+ required: true
+ - variable: conf
+ label: AdGuard Home Configuration Storage
+ description: The path to store AdGuard Home configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ description: |
+ ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ schema:
+ type: string
+ required: true
+ default: ixVolume
+ enum:
+ - value: hostPath
+ description: Host Path (Path that already exists on the system)
+ - value: ixVolume
+ description: ixVolume (Dataset created automatically by the system)
+ - variable: datasetName
+ label: Dataset Name
+ schema:
+ type: string
+ show_if: [["type", "=", "ixVolume"]]
+ required: true
+ hidden: true
+ immutable: true
+ default: conf
+ $ref:
+ - "normalize/ixVolume"
+ - variable: hostPath
+ label: Host Path
+ schema:
+ type: hostpath
+ show_if: [["type", "=", "hostPath"]]
+ immutable: true
+ required: true
+
+ - variable: resources
+ label: ""
+ group: Resources Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: limits
+ label: Limits
+ schema:
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: CPU limit for AdGuard Home.
+ schema:
+ type: string
+ default: 4000m
+ required: true
+ - variable: memory
+ label: Memory
+ description: Memory limit for AdGuard Home.
+ schema:
+ type: string
+ default: 8Gi
+ required: true
diff --git a/community/adguard-home/1.0.0/templates/NOTES.txt b/community/adguard-home/1.0.0/templates/NOTES.txt
new file mode 100644
index 0000000000..ba4e01146c
--- /dev/null
+++ b/community/adguard-home/1.0.0/templates/NOTES.txt
@@ -0,0 +1 @@
+{{ include "ix.v1.common.lib.chart.notes" $ }}
diff --git a/community/adguard-home/1.0.0/templates/_adguard.tpl b/community/adguard-home/1.0.0/templates/_adguard.tpl
new file mode 100644
index 0000000000..98b3adbf19
--- /dev/null
+++ b/community/adguard-home/1.0.0/templates/_adguard.tpl
@@ -0,0 +1,105 @@
+{{- define "adguard.workload" -}}
+workload:
+ adguard:
+ enabled: true
+ primary: true
+ type: Deployment
+ podSpec:
+ # Host network is pretty much a requirement for apps like this.
+ # Because NodePort can't bind ports like 53(DNS) or 67(DHCP)
+ # and the majority of devices do not have option to change the port.
+ hostNetwork: true
+ containers:
+ adguard:
+ enabled: true
+ primary: true
+ imageSelector: image
+ # Args are copied from the official docker image
+ # So we can also specify the port.
+ # If we dont specify the port here, AdGuardHome
+ # will start initially at port 3000 and after
+ # the setup wizard is completed it will switch
+ # to user specified port.
+ args:
+ - --no-check-update
+ - --host
+ - "0.0.0.0"
+ - --config
+ - /opt/adguardhome/conf/AdGuardHome.yaml
+ - --work-dir
+ - /opt/adguardhome/work
+ - --port
+ - {{ .Values.adguardNetwork.webPort | quote }}
+ # Setup wizard shows an option to select the port that AdGuardHome
+ # Web UI will listen on. If the user selects anything other than the `webPort`,
+ # container will reload its new configuration and listen to the user specified port.
+ # But user won't have access to it because the port is not exposed. Few seconds later
+ # probes will kill the container and restart it with the correct `webPort` port.
+ securityContext:
+ # FIXME: It might be able to run rootless, probably blocked by:
+ # https://github.com/AdguardTeam/AdGuardHome/issues/4681
+ runAsNonRoot: false
+ runAsUser: 0
+ runAsGroup: 0
+ capabilities:
+ add:
+ - NET_BIND_SERVICE
+ {{ if .Values.adguardNetwork.enableDHCP }}
+ - NET_RAW
+ {{ end }}
+ # FIXME: Switch to exec probe after this issue is solved, also note that healthcheck
+ # is only available on "edge" tag, as of 27/03/2023
+ # https://github.com/AdguardTeam/AdGuardHome/issues/3290#issuecomment-1485451976
+ probes:
+ liveness:
+ enabled: true
+ type: http
+ path: /
+ port: {{ .Values.adguardNetwork.webPort }}
+ readiness:
+ enabled: true
+ type: http
+ path: /
+ port: {{ .Values.adguardNetwork.webPort }}
+ startup:
+ enabled: true
+ type: http
+ path: /
+ port: {{ .Values.adguardNetwork.webPort }}
+ {{/* # FIXME: Disabled until it can run as non-root
+ initContainers:
+ {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
+ "UID" .Values.ipfsRunAs.user
+ "GID" .Values.ipfsRunAs.group
+ "type" "install") | nindent 8 }}
+ */}}
+
+{{/* Persistence */}}
+persistence:
+ work:
+ enabled: true
+ type: {{ .Values.adguardStorage.work.type }}
+ datasetName: {{ .Values.adguardStorage.work.datasetName | default "" }}
+ hostPath: {{ .Values.adguardStorage.work.hostPath | default "" }}
+ targetSelector:
+ adguard:
+ adguard:
+ mountPath: /opt/adguardhome/work
+ {{/* # FIXME: See above
+ 01-permissions:
+ mountPath: /mnt/directories/work
+ */}}
+ conf:
+ enabled: true
+ type: {{ .Values.adguardStorage.conf.type }}
+ datasetName: {{ .Values.adguardStorage.conf.datasetName | default "" }}
+ hostPath: {{ .Values.adguardStorage.conf.hostPath | default "" }}
+ targetSelector:
+ adguard:
+ adguard:
+ mountPath: /opt/adguardhome/conf
+ {{/* # FIXME: See above
+ 01-permissions:
+ mountPath: /mnt/directories/conf
+ */}}
+{{- end -}}
diff --git a/community/adguard-home/1.0.0/templates/_portal.tpl b/community/adguard-home/1.0.0/templates/_portal.tpl
new file mode 100644
index 0000000000..cce8ce8915
--- /dev/null
+++ b/community/adguard-home/1.0.0/templates/_portal.tpl
@@ -0,0 +1,12 @@
+{{- define "adguard.portal" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: portal
+data:
+ path: /
+ port: {{ .Values.adguardNetwork.webPort | quote }}
+ protocol: http
+ host: $node_ip
+{{- end -}}
diff --git a/community/adguard-home/1.0.0/templates/common.yaml b/community/adguard-home/1.0.0/templates/common.yaml
new file mode 100644
index 0000000000..c0da7005d8
--- /dev/null
+++ b/community/adguard-home/1.0.0/templates/common.yaml
@@ -0,0 +1,9 @@
+{{- include "ix.v1.common.loader.init" . -}}
+
+{{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "adguard.workload" $ | fromYaml) -}}
+
+{{/* Create the configmap for portal manually*/}}
+{{- include "adguard.portal" $ -}}
+
+{{- include "ix.v1.common.loader.apply" . -}}
diff --git a/community/adguard-home/item.yaml b/community/adguard-home/item.yaml
new file mode 100644
index 0000000000..37bf743b48
--- /dev/null
+++ b/community/adguard-home/item.yaml
@@ -0,0 +1,4 @@
+icon_url: https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg
+categories:
+ - dns
+ - adblock