diff --git a/library/ix-dev/charts/syncthing/Chart.lock b/library/ix-dev/charts/syncthing/Chart.lock index 007e4ddd80..274788bff2 100644 --- a/library/ix-dev/charts/syncthing/Chart.lock +++ b/library/ix-dev/charts/syncthing/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common - repository: file://../../../common/2304.0.1 - version: 2304.0.1 -digest: sha256:1ed155c6760e1166e2cb75b52bc5e81c6bdf0252c16ff5ede001157077c41670 -generated: "2023-04-24T13:41:41.407776764+03:00" + repository: file://../../../common + version: 1.2.9 +digest: sha256:af1a9a1f87e3e48453c9f25f909f5ebcd7fa6e25162b7b425448ba752bcdbc5c +generated: "2024-02-16T16:11:26.539168004+02:00" diff --git a/library/ix-dev/charts/syncthing/Chart.yaml b/library/ix-dev/charts/syncthing/Chart.yaml index e65ff78ac6..34d1a64ed0 100644 --- a/library/ix-dev/charts/syncthing/Chart.yaml +++ b/library/ix-dev/charts/syncthing/Chart.yaml @@ -3,7 +3,7 @@ description: Syncthing is a continuous file synchronization program. annotations: title: Syncthing type: application -version: 1.0.42 +version: 2.0.0 apiVersion: v2 appVersion: 1.27.3 kubeVersion: '>=1.16.0-0' @@ -13,8 +13,8 @@ maintainers: email: dev@ixsystems.com dependencies: - name: common - repository: file://../../../common/2304.0.1 - version: 2304.0.1 + repository: file://../../../common + version: 1.2.9 home: https://syncthing.net/ icon: https://media.sys.truenas.net/apps/syncthing/icons/icon.svg sources: diff --git a/library/ix-dev/charts/syncthing/README.md b/library/ix-dev/charts/syncthing/README.md index ea0896841d..2003609595 100644 --- a/library/ix-dev/charts/syncthing/README.md +++ b/library/ix-dev/charts/syncthing/README.md @@ -1,5 +1,7 @@ # Syncthing -[syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or +[Syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose where it is stored, whether it is shared with some third party, and how it's transmitted over the internet. + +> **WARNING** Do check out [official docs](https://docs.syncthing.net/users/faq.html#what-things-are-synced) to see what is synced. diff --git a/library/ix-dev/charts/syncthing/app-readme.md b/library/ix-dev/charts/syncthing/app-readme.md index 9f0f625bcf..2003609595 100644 --- a/library/ix-dev/charts/syncthing/app-readme.md +++ b/library/ix-dev/charts/syncthing/app-readme.md @@ -1,6 +1,7 @@ # Syncthing -[syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or -more computers in real time, safely protected from prying eyes. +[Syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or +more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose +where it is stored, whether it is shared with some third party, and how it's transmitted over the internet. -> **WARNING** Do check out https://docs.syncthing.net/users/faq.html#what-things-are-synced to see what is synced. +> **WARNING** Do check out [official docs](https://docs.syncthing.net/users/faq.html#what-things-are-synced) to see what is synced. diff --git a/library/ix-dev/charts/syncthing/charts/common-1.2.9.tgz b/library/ix-dev/charts/syncthing/charts/common-1.2.9.tgz new file mode 100644 index 0000000000..ee644602d9 Binary files /dev/null and b/library/ix-dev/charts/syncthing/charts/common-1.2.9.tgz differ diff --git a/library/ix-dev/charts/syncthing/charts/common-2304.0.1.tgz b/library/ix-dev/charts/syncthing/charts/common-2304.0.1.tgz deleted file mode 100644 index 61af294b70..0000000000 Binary files a/library/ix-dev/charts/syncthing/charts/common-2304.0.1.tgz and /dev/null differ diff --git a/library/ix-dev/charts/syncthing/ci/basic-values.yaml b/library/ix-dev/charts/syncthing/ci/basic-values.yaml new file mode 100644 index 0000000000..30bcb56747 --- /dev/null +++ b/library/ix-dev/charts/syncthing/ci/basic-values.yaml @@ -0,0 +1,8 @@ +syncthingNetwork: + webPort: 30910 + tcpPort: 30978 + udpPort: 30979 + +syncthingStorage: + config: + type: pvc diff --git a/library/ix-dev/charts/syncthing/ci/host-values.yaml b/library/ix-dev/charts/syncthing/ci/host-values.yaml new file mode 100644 index 0000000000..e0f5406043 --- /dev/null +++ b/library/ix-dev/charts/syncthing/ci/host-values.yaml @@ -0,0 +1,7 @@ +syncthingNetwork: + webPort: 30910 + hostNetwork: true + +syncthingStorage: + config: + type: pvc diff --git a/library/ix-dev/charts/syncthing/ci/test-values.yaml b/library/ix-dev/charts/syncthing/ci/test-values.yaml deleted file mode 100644 index c7a3504c57..0000000000 --- a/library/ix-dev/charts/syncthing/ci/test-values.yaml +++ /dev/null @@ -1,16 +0,0 @@ -appVolumeMounts: - config: - emptyDir: true - mountPath: /config -dnsConfig: - options: [] -emptyDirVolumes: true -environmentVariables: [] -extraAppVolumeMounts: [] -hostNetwork: false -ownerGID: 568 -ownerUID: 568 -tcp_port: 32001 -timezone: Europe/London -udp_port: 32002 -web_port: 32000 diff --git a/library/ix-dev/charts/syncthing/migrations/migrate b/library/ix-dev/charts/syncthing/migrations/migrate new file mode 100755 index 0000000000..34a9905591 --- /dev/null +++ b/library/ix-dev/charts/syncthing/migrations/migrate @@ -0,0 +1,94 @@ +#!/usr/bin/python3 +import json +import os +import sys + + +def migrate_volume(volume): + return { + 'type': 'hostPath', + 'hostPathConfig': { + 'hostPath': volume['hostPath'] + }, + } if volume.get('hostPathEnabled', False) else { + 'type': 'ixVolume', + 'ixVolumeConfig': { + 'datasetName': volume['datasetName'], + }, + } + + +def migrate_common_lib(values): + delete_keys = [ + 'web_port', 'tcp_port', 'udp_port', 'hostNetwork', 'dnsConfig', + 'ownerUID', 'ownerGID', 'environmentVariables', 'cpuLimit', 'memLimit', + 'enableResourceLimits', 'extraAppVolumeMounts', 'appVolumeMounts', + ] + + values.update({ + # Migrate Network + 'syncthingNetwork': { + 'webPort': values['web_port'], + 'tcpPort': values['tcp_port'], + 'udpPort': values['udp_port'], + 'hostNetwork': values['hostNetwork'], + }, + # Migrate Resources + 'resources': { + 'limits': { + 'cpu': values.get('cpuLimit', '4000m'), + 'memory': values.get('memLimit', '8Gi'), + } + }, + # Migrate DNS + 'podOptions': { + 'dnsConfig': { + 'options': [ + {'name': opt['name'], 'value': opt['value']} + for opt in values.get('dnsConfig', {}).get('options', []) + ] + } + }, + # Migrate ID + 'syncthingID': { + 'user': values['ownerUID'], + 'group': values['ownerGID'], + }, + # Migrate Config + 'syncthingConfig': { + 'additionalEnvs': values.get('environmentVariables', []), + }, + # Migrate Storage + 'syncthingStorage': { + 'config': migrate_volume(values['appVolumeMounts']['config']), + 'additionalStorages': [ + { + 'type': 'hostPath', + 'hostPathConfig': {'hostPath': e['hostPath']}, + 'mountPath': e['mountPath'], + } + for e in values.get('extraAppVolumeMounts', []) + ], + }, + }) + + for k in delete_keys: + values.pop(k, None) + + return values + +def migrate(values): + # If this missing, we have already migrated + if not 'appVolumeMounts' in values.keys(): + return values + + return migrate_common_lib(values) + + +if __name__ == '__main__': + if len(sys.argv) != 2: + exit(1) + + if os.path.exists(sys.argv[1]): + with open(sys.argv[1], 'r') as f: + print(json.dumps(migrate(json.loads(f.read())))) diff --git a/library/ix-dev/charts/syncthing/questions.yaml b/library/ix-dev/charts/syncthing/questions.yaml index 6964a864ad..c006268287 100644 --- a/library/ix-dev/charts/syncthing/questions.yaml +++ b/library/ix-dev/charts/syncthing/questions.yaml @@ -1,218 +1,422 @@ groups: - - name: "Configuration" - description: "Syncthing application configuration" - - name: "Storage" - description: "Configure storage for syncthing" - - name: "Networking" - description: "Networking Configuration for syncthing" - - name: "Advanced DNS Settings" - description: "Configure DNS settings" - - name: "Resource Limits" - description: "Set CPU/memory limits for Kubernetes Pod" + - name: Syncthing Configuration + description: Configure Syncthing + - name: User and Group Configuration + description: Configure User and Group for Syncthing + - name: Advanced Pod Configuration + description: Configure Advanced Pod Options for Syncthing + - name: Network Configuration + description: Configure Network for Syncthing + - name: Storage Configuration + description: Configure Storage for Syncthing + - name: Resources Configuration + description: Configure Resources for Syncthing portals: web_portal: protocols: - - "http" + - "$kubernetes-resource_configmap_portal_protocol" host: - - "$node_ip" + - "$kubernetes-resource_configmap_portal_host" ports: - - "$variable-web_port" - path: "/" + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" questions: - - variable: web_port - label: "Web Port for syncthing" - group: Networking - schema: - type: int - min: 8000 - max: 65535 - default: 20910 - required: true - - variable: tcp_port - label: "TCP Port for syncthing" - group: Networking - schema: - type: int - min: 8000 - max: 65535 - default: 20978 - required: true - - variable: udp_port - label: "UDP Port for syncthing" - group: Networking - schema: - type: int - min: 8000 - max: 65535 - default: 20979 - required: true - - variable: hostNetwork - label: "Host Network" - group: Networking - schema: - type: boolean - default: false - - - variable: dnsConfig - label: "DNS Configuration" - group: "Advanced DNS Settings" + - variable: syncthingConfig + label: "" + group: Syncthing Configuration schema: type: dict attrs: - - variable: options - label: "DNS Options" + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Syncthing. schema: type: list + default: [] items: - - variable: optionsEntry - label: "Option Entry Configuration" + - variable: env + label: Environment Variable schema: type: dict attrs: - variable: name - label: "Option Name" + label: Name schema: type: string required: true - variable: value - label: "Option Value" + label: Value schema: type: string required: true - - variable: ownerUID - label: "Owner User ID" - group: Configuration + - variable: syncthingID + label: "" + group: User and Group Configuration schema: - type: int - default: 568 - min: 1 - max: 65535 + type: dict + attrs: + - variable: user + label: User ID + description: The user id that Syncthing files will be owned by. + schema: + type: int + min: 568 + default: 568 + required: true + - variable: group + label: Group ID + description: The group id that Syncthing files will be owned by. + schema: + type: int + min: 568 + default: 568 + required: true - - variable: ownerGID - label: "Owner Group ID" - group: Configuration + - variable: podOptions + label: "" + group: Advanced Pod Configuration schema: - type: int - default: 568 - min: 1 - max: 65535 - - - variable: environmentVariables - label: "Syncthing environment" - group: "Configuration" - schema: - type: list - default: [ ] - items: - - variable: environmentVariable - label: "Environment Variable" + type: dict + attrs: + - variable: dnsConfig + label: Advanced DNS Configuration schema: type: dict attrs: - - variable: name - label: "Name" + - variable: options + label: DNS Options schema: - type: string - - variable: value - label: "Value" - schema: - type: string + type: list + items: + - variable: optionsEntry + label: DNS Option Entry + schema: + type: dict + attrs: + - variable: name + label: Option Name + schema: + type: string + required: true + - variable: value + label: Option Value + schema: + type: string + required: true - - variable: appVolumeMounts - label: "Syncthing Storage" - group: "Storage" + - variable: syncthingNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the Syncthing Web UI. + schema: + type: int + default: 20910 + min: 9000 + max: 65535 + required: true + - variable: tcpPort + label: TCP Port + description: The port for the Syncthing TCP connection. + schema: + type: int + default: 20978 + show_if: [["hostNetwork", "=", false]] + min: 9000 + max: 65535 + required: true + - variable: udpPort + label: UDP Port + description: The port for the Syncthing UDP connection. + schema: + type: int + default: 20979 + show_if: [["hostNetwork", "=", false]] + min: 9000 + max: 65535 + required: true + - variable: hostNetwork + label: Host Network + description: | + Enabling this will use the host network for Syncthing.
+ The TCP and UDP ports will listen on port 22000.
+ Web UI will listen on the port specified above. + schema: + type: boolean + default: false + + - variable: syncthingStorage + label: "" + group: Storage Configuration schema: type: dict attrs: - variable: config - label: "Configuration Volume" + label: Syncthing Config Storage + description: The path to store Syncthing Configuration. schema: type: dict attrs: - - variable: datasetName - label: "Configuration Volume Dataset Name" + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. schema: type: string - hidden: true + required: true + immutable: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] $ref: - "normalize/ixVolume" - show_if: [["hostPathEnabled", "=", false]] - default: "ix-syncthing_config" - editable: false - - variable: mountPath - label: "Configuration Mount Path" - description: "Path where the volume will be mounted inside the pod" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "config" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Config schema: - type: path - hidden: true - editable: true - default: "/var/syncthing" - - variable: hostPathEnabled - label: "Enable Custom Host Path for Syncthing Configuration Volume" - schema: - type: boolean - default: false - show_subquestions_if: true - subquestions: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" - variable: hostPath - label: "Host Path for Syncthing Configuration Volume" + label: Host Path + description: The host path to use for storage. schema: type: hostpath + show_if: [["aclEnable", "=", false]] required: true + - variable: additionalStorages + label: Additional Storage + description: Additional storage for Syncthing. + schema: + type: list + default: [] + items: + - variable: storageEntry + label: Storage Entry + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ SMB Share: Is a SMB share that is mounted to a persistent volume claim. + schema: + type: string + required: true + default: "ixVolume" + immutable: true + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - value: "smb-pv-pvc" + description: SMB Share (Mounts a persistent volume claim to a SMB share) + - variable: readOnly + label: Read Only + description: Mount the volume as read only. + schema: + type: boolean + default: false + - variable: mountPath + label: Mount Path + description: The path inside the container to mount the storage. + schema: + type: path + required: true + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] $ref: - - "validations/lockedHostPath" - - variable: extraAppVolumeMounts - label: "Extra Host Path Volumes" - group: "Storage" + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + default: "storage_entry" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: smbConfig + label: SMB Share Configuration + description: The configuration for the SMB Share. + schema: + type: dict + show_if: [["type", "=", "smb-pv-pvc"]] + attrs: + - variable: server + label: Server + description: The server for the SMB share. + schema: + type: string + required: true + - variable: share + label: Share + description: The share name for the SMB share. + schema: + type: string + required: true + - variable: domain + label: Domain (Optional) + description: The domain for the SMB share. + schema: + type: string + - variable: username + label: Username + description: The username for the SMB share. + schema: + type: string + required: true + - variable: password + label: Password + description: The password for the SMB share. + schema: + type: string + required: true + private: true + - variable: size + label: Size (in Gi) + description: The size of the volume quota. + schema: + type: int + required: true + min: 1 + default: 1 + + - variable: resources + group: Resources Configuration + label: "" schema: - type: list - items: - - variable: extraAppVolume - label: "Host Path Volume" - description: "Add an extra host path volume for Syncthing application" + type: dict + attrs: + - variable: limits + label: Limits schema: type: dict attrs: - - variable: mountPath - label: "Mount Path in Pod" - description: "Path where the volume will be mounted inside the pod" + - variable: cpu + label: CPU + description: CPU limit for Syncthing. schema: - type: path + type: string + max_length: 6 + valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$' + valid_chars_error: | + Valid CPU limit formats are
+ - Plain Integer - eg. 1
+ - Float - eg. 0.5
+ - Milicpu - eg. 500m + default: "4000m" required: true - - variable: hostPath - label: "Host Path" - description: "Host path" + - variable: memory + label: Memory + description: Memory limit for Syncthing. schema: - type: hostpath + type: string + max_length: 12 + valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$' + valid_chars_error: | + Valid Memory limit formats are
+ - Suffixed with E/P/T/G/M/K - eg. 1G
+ - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi
+ - Plain Integer in bytes - eg. 1024
+ - Exponent - eg. 134e6 + default: "8Gi" required: true - $ref: - - "validations/lockedHostPath" - - - variable: enableResourceLimits - label: "Enable Pod resource limits" - group: "Resource Limits" - schema: - type: boolean - default: false - - variable: cpuLimit - label: "CPU Limit" - description: "CPU resource limit allow plain integer values with suffix m(milli) e.g 1000m, 100." - group: "Resource Limits" - schema: - type: string - show_if: [["enableResourceLimits", "=", true]] - valid_chars: "^\\d+(?:\\.\\d+(?!.*m$)|m?$)" - default: "4000m" - - variable: memLimit - label: "Memory Limit" - group: "Resource Limits" - description: "Memory limits is specified by number of bytes. Followed by quantity suffix like E,P,T,G,M,k and Ei,Pi,Ti,Mi,Gi,Ki can also be used. e.g 129e6, 129M, 128974848000m, 123Mi" - schema: - type: string - show_if: [["enableResourceLimits", "=", true]] - valid_chars: "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$" - default: "8Gi" - diff --git a/library/ix-dev/charts/syncthing/templates/NOTES.txt b/library/ix-dev/charts/syncthing/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/library/ix-dev/charts/syncthing/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/library/ix-dev/charts/syncthing/templates/_migration.tpl b/library/ix-dev/charts/syncthing/templates/_migration.tpl new file mode 100644 index 0000000000..323dc6fc10 --- /dev/null +++ b/library/ix-dev/charts/syncthing/templates/_migration.tpl @@ -0,0 +1,35 @@ +{{- define "syncthing.get-versions" -}} + {{- $oldChartVersion := "" -}} + {{- $newChartVersion := "" -}} + + {{/* Safely access the context, so it wont block CI */}} + {{- if hasKey .Values.global "ixChartContext" -}} + {{- if .Values.global.ixChartContext.upgradeMetadata -}} + + {{- $oldChartVersion = .Values.global.ixChartContext.upgradeMetadata.oldChartVersion -}} + {{- $newChartVersion = .Values.global.ixChartContext.upgradeMetadata.newChartVersion -}} + {{- if and (not $oldChartVersion) (not $newChartVersion) -}} + {{- fail "Upgrade Metadata is missing. Cannot proceed" -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{- toYaml (dict "old" $oldChartVersion "new" $newChartVersion) -}} +{{- end -}} + +{{- define "syncthing.migration" -}} + {{- $versions := (fromYaml (include "syncthing.get-versions" $)) -}} + {{- if and $versions.old $versions.new -}} + {{- $oldV := semver $versions.old -}} + {{- $newV := semver $versions.new -}} + + {{/* If new is v2.x.x */}} + {{- if eq ($newV.Major | int) 2 -}} + {{/* And old is v1.x.x, but lower than .42 */}} + {{- if and (eq $oldV.Major 1) (lt ($oldV.Patch | int) 42) -}} + {{/* Block the upgrade */}} + {{- fail "Migration to 2.x.x is only allowed from 1.0.42 or higher" -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/library/ix-dev/charts/syncthing/templates/_persistence.tpl b/library/ix-dev/charts/syncthing/templates/_persistence.tpl new file mode 100644 index 0000000000..fae13cdcbd --- /dev/null +++ b/library/ix-dev/charts/syncthing/templates/_persistence.tpl @@ -0,0 +1,26 @@ +{{- define "syncthing.persistence" -}} +persistence: + config: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.syncthingStorage.config) | nindent 4 }} + targetSelector: + syncthing: + syncthing: + mountPath: /var/syncthing + tmp: + enabled: true + type: emptyDir + targetSelector: + syncthing: + syncthing: + mountPath: /tmp + {{- range $idx, $storage := .Values.syncthingStorage.additionalStorages }} + {{ printf "syncthing-%v:" (int $idx) }} + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }} + targetSelector: + syncthing: + syncthing: + mountPath: {{ $storage.mountPath }} + {{- end }} +{{- end -}} diff --git a/library/ix-dev/charts/syncthing/templates/_portal.tpl b/library/ix-dev/charts/syncthing/templates/_portal.tpl new file mode 100644 index 0000000000..f3a4926d74 --- /dev/null +++ b/library/ix-dev/charts/syncthing/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "syncthing.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + port: {{ .Values.syncthingNetwork.webPort | quote }} + path: "/" + protocol: "http" + host: $node_ip +{{- end -}} diff --git a/library/ix-dev/charts/syncthing/templates/_service.tpl b/library/ix-dev/charts/syncthing/templates/_service.tpl new file mode 100644 index 0000000000..acefb0d5c3 --- /dev/null +++ b/library/ix-dev/charts/syncthing/templates/_service.tpl @@ -0,0 +1,25 @@ +{{- define "syncthing.service" -}} +service: + syncthing: + enabled: true + primary: true + type: ClusterIP + targetSelector: syncthing + ports: + webui: + enabled: true + primary: true + port: {{ .Values.syncthingNetwork.webPort }} + targetSelector: syncthing + sync-tcp: + enabled: true + port: {{ .Values.syncthingNetwork.tcpPort }} + targetPort: 22000 + targetSelector: syncthing + sync-udp: + enabled: true + port: {{ .Values.syncthingNetwork.udpPort }} + targetPort: 22000 + protocol: udp + targetSelector: syncthing +{{- end -}} diff --git a/library/ix-dev/charts/syncthing/templates/_syncthing.tpl b/library/ix-dev/charts/syncthing/templates/_syncthing.tpl new file mode 100644 index 0000000000..d34d2b7408 --- /dev/null +++ b/library/ix-dev/charts/syncthing/templates/_syncthing.tpl @@ -0,0 +1,62 @@ +{{- define "syncthing.workload" -}} +workload: + syncthing: + enabled: true + primary: true + type: Deployment + podSpec: + securityContenxt: + fsGroup: {{ .Values.syncthingID.group }} + hostNetwork: {{ .Values.syncthingNetwork.hostNetwork }} + containers: + syncthing: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: 0 + runAsGroup: 0 + runAsNonRoot: false + readOnlyRootFilesystem: false + # This is needed to allow syncthing assign + # PCAPs to its child processes + allowPrivilegeEscalation: true + capabilities: + add: + - FOWNER + - DAC_OVERRIDE + - CHOWN + - SETUID + - SETGID + - SETFCAP + - SETPCAP + - SYS_ADMIN + env: + STGUIADDRESS: 0.0.0.0:{{ .Values.syncthingNetwork.webPort }} + STNOUPGRADE: "true" + fixedEnv: + PUID: {{ .Values.syncthingID.user }} + {{ with .Values.syncthingConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + value: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: http + path: /rest/noauth/health + port: {{ .Values.syncthingNetwork.webPort }} + readiness: + enabled: true + type: http + path: /rest/noauth/health + port: {{ .Values.syncthingNetwork.webPort }} + startup: + enabled: true + type: http + path: /rest/noauth/health + port: {{ .Values.syncthingNetwork.webPort }} +{{- end -}} diff --git a/library/ix-dev/charts/syncthing/templates/common.yaml b/library/ix-dev/charts/syncthing/templates/common.yaml new file mode 100644 index 0000000000..a864a832df --- /dev/null +++ b/library/ix-dev/charts/syncthing/templates/common.yaml @@ -0,0 +1,13 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{- include "syncthing.migration" $ -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "syncthing.workload" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "syncthing.service" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "syncthing.persistence" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "syncthing.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/library/ix-dev/charts/syncthing/templates/deployment.yaml b/library/ix-dev/charts/syncthing/templates/deployment.yaml deleted file mode 100644 index 996ce1f11e..0000000000 --- a/library/ix-dev/charts/syncthing/templates/deployment.yaml +++ /dev/null @@ -1,98 +0,0 @@ -{{ include "common.storage.hostPathValidate" .Values }} -apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} -kind: Deployment -metadata: - name: {{ template "common.names.fullname" . }}-st - labels: - app: {{ template "common.names.name" . }} - chart: {{ template "common.names.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - annotations: - rollme: {{ randAlphaNum 5 | quote }} -spec: - replicas: {{ (default 1 .Values.replicas) }} - strategy: - type: "Recreate" - selector: - matchLabels: - app: {{ template "common.names.name" . }} - release: {{ .Release.Name }} - template: - metadata: - name: {{ template "common.names.fullname" . }} - labels: - app: {{ template "common.names.name" . }} - release: {{ .Release.Name }} - {{- include "common.labels.selectorLabels" . | nindent 8 }} - annotations: {{ include "common.annotations" . | nindent 8 }} - spec: - hostNetwork: {{ .Values.hostNetwork }} - hostname: {{ .Release.Name }} - containers: - - name: {{ .Chart.Name }} - {{ include "common.resources.limitation" . | nindent 10 }} - {{ include "common.containers.imageConfig" .Values.image | nindent 10 }} - volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }} - {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} - - name: extrappvolume-{{ $index }} - mountPath: {{ $hostPathConfiguration.mountPath }} - {{ end }} - ports: - - name: web - containerPort: 8384 - {{ if not .Values.hostNetwork }} - hostPort: null - {{ end }} - - name: tcp - containerPort: 22000 - protocol: TCP - {{ if not .Values.hostNetwork }} - hostPort: null - {{ end }} - - name: udp - containerPort: 22000 - protocol: UDP - {{ if not .Values.hostNetwork }} - hostPort: null - {{ end }} - readinessProbe: - httpGet: - path: /rest/noauth/health - port: 8384 - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 2 - livenessProbe: - httpGet: - path: /rest/noauth/health - port: 8384 - initialDelaySeconds: 10 - periodSeconds: 10 - timeoutSeconds: 5 - failureThreshold: 5 - successThreshold: 1 - startupProbe: - httpGet: - path: /rest/noauth/health - port: 8384 - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 2 - failureThreshold: 60 - successThreshold: 1 - env: - {{ $envList := (default list .Values.environmentVariables) }} - {{ $envList = mustAppend $envList (dict "name" "PUID" "value" (printf "%d" (.Values.ownerUID | int))) }} - {{ $envList = mustAppend $envList (dict "name" "PGID" "value" (printf "%d" (.Values.ownerGID | int))) }} - {{ $envList = mustAppend $envList (dict "name" "STGUIADDRESS" "value" "0.0.0.0:8384") }} - {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }} -{{ include "common.networking.dnsConfiguration" .Values | nindent 6 }} - volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }} - {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} - - name: extrappvolume-{{ $index }} - hostPath: - path: {{ $hostPathConfiguration.hostPath }} - {{ end }} diff --git a/library/ix-dev/charts/syncthing/templates/pre-install-job.yaml b/library/ix-dev/charts/syncthing/templates/pre-install-job.yaml deleted file mode 100644 index 33c4cfb113..0000000000 --- a/library/ix-dev/charts/syncthing/templates/pre-install-job.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: "{{ template "common.names.fullname" . }}-preinstall-job" - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - helm.sh/chart: {{ template "common.names.chart" . }} - annotations: - "helm.sh/hook": pre-install - "helm.sh/hook-delete-policy": hook-succeeded -spec: - template: - metadata: - name: "{{ template "common.names.fullname" . }}-preinstall-hook" - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: {{ template "common.names.chart" . }} - spec: - restartPolicy: Never - containers: - - name: pre-install-job - image: "alpine:latest" - command: - - "chown" - - "-R" - - "{{ .Values.ownerUID }}:{{ .Values.ownerGID }}" - - "{{ .Values.appVolumeMounts.config.mountPath }}" - volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }} - volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }} diff --git a/library/ix-dev/charts/syncthing/templates/service.yaml b/library/ix-dev/charts/syncthing/templates/service.yaml deleted file mode 100644 index a35d1ffe18..0000000000 --- a/library/ix-dev/charts/syncthing/templates/service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -{{ $selectors := list }} -{{ $selectors = mustAppend $selectors (dict "key" "app" "value" (include "common.names.name" .) ) }} -{{ $selectors = mustAppend $selectors (dict "key" "release" "value" .Release.Name ) }} -{{ $ports := list }} -{{ $ports = mustAppend $ports (dict "name" "web" "port" .Values.web_port "nodePort" .Values.web_port "targetPort" 8384) }} -{{ $ports = mustAppend $ports (dict "name" "tcp" "port" .Values.tcp_port "nodePort" .Values.tcp_port "targetPort" 22000) }} -{{ $ports = mustAppend $ports (dict "name" "udp" "port" .Values.udp_port "nodePort" .Values.udp_port "targetPort" 22000 "protocol" "UDP") }} -{{ $params := . }} -{{ $_ := set $params "commonService" (dict "type" "NodePort" "ports" $ports ) }} -{{ $_1 := set .Values "extraSelectorLabels" $selectors }} -{{ include "common.classes.service" $params }} diff --git a/library/ix-dev/charts/syncthing/to_keep_versions.md b/library/ix-dev/charts/syncthing/to_keep_versions.md new file mode 100644 index 0000000000..1578f1325e --- /dev/null +++ b/library/ix-dev/charts/syncthing/to_keep_versions.md @@ -0,0 +1,4 @@ +# 1.0.42 + +This version is kept because it contains a fix that is needed for migration to v2.x.x +It should be safe to remove few months after v2.x.x is released. diff --git a/library/ix-dev/charts/syncthing/to_keep_versions.yaml b/library/ix-dev/charts/syncthing/to_keep_versions.yaml new file mode 100644 index 0000000000..8d1a6575ae --- /dev/null +++ b/library/ix-dev/charts/syncthing/to_keep_versions.yaml @@ -0,0 +1 @@ +- 1.0.42 diff --git a/library/ix-dev/charts/syncthing/values.yaml b/library/ix-dev/charts/syncthing/values.yaml index ed01a4e16e..03ebb3261d 100644 --- a/library/ix-dev/charts/syncthing/values.yaml +++ b/library/ix-dev/charts/syncthing/values.yaml @@ -2,3 +2,32 @@ image: pullPolicy: IfNotPresent repository: syncthing/syncthing tag: 1.27.3 + +resources: + limits: + cpu: 4000m + memory: 8Gi + +podOptions: + dnsConfig: + options: [] + +syncthingConfig: + additionalEnvs: [] + +syncthingID: + user: 568 + group: 568 + +syncthingNetwork: + webPort: 20910 + tcpPort: 20978 + udpPort: 20979 + hostNetwork: false + +syncthingStorage: + config: + type: ixVolume + ixVolumeConfig: + datasetName: config + additionalStorages: []