truenas/chart
1
0
Fork 0
mirror of https://github.com/truenas/charts.git synced 2026-04-13 17:52:13 +08:00
Code Issues Packages Projects Releases Wiki Activity

NAS-121200 / 23.10 / Add adguard-home to community train (#1061)

Browse Source 
* Add adguard-home to community train

* add GUI

* fix versions

* update wording

* remove uneeded values

* update description

* add a note

* add descriptions and bump common
This commit is contained in:
Stavros Kois
2023-04-11 18:35:53 +03:00
committed by GitHub
parent c9dcd6470a
commit 341ec4213e
14 changed files with 433 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/ix-dev/community/adguard-home/Chart.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: file://../../../common
version: 1.0.3
digest: sha256:1a090020cfa582aff29906320874ffe9b543fcc6c2423c281f434514f2653e02
generated: "2023-04-06T19:01:50.673798323+03:00"

25
library/ix-dev/community/adguard-home/Chart.yaml Normal file
View File

@@ -0,0 +1,25 @@
name: adguard-home
description: Free and open source, powerful network-wide ads & trackers blocking DNS server.
annotations:
title: AdGuard Home
type: application
version: 1.0.0
apiVersion: v2
appVersion: 'v0.107.26'
kubeVersion: '>=1.16.0-0'
maintainers:
- name: truenas
url: https://www.truenas.com/
dependencies:
- name: common
repository: file://../../../common
version: 1.0.3
home: https://github.com/AdguardTeam/AdGuardHome
icon: https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg
sources:
- https://github.com/AdguardTeam/AdGuardHome
- https://github.com/truenas/charts/tree/master/library/ix-dev/community/adguard-home
- https://hub.docker.com/r/adguard/adguardhome
keywords:
- dns
- adblock

12
library/ix-dev/community/adguard-home/README.md Normal file
View File

@@ -0,0 +1,12 @@
# AdGuard Home
During the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.
(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)
Because of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).
If you select a different port in the wizard, the Dashboard will not work initially but
after a couple of minutes container will automatically restart and the Dashboard will
be available on the port you selected on the TrueNAS SCALE UI.
> - AdGuard runs as `root` user.
> - AdGuard runs with host networking enabled.

12
library/ix-dev/community/adguard-home/app-readme.md Normal file
View File

@@ -0,0 +1,12 @@
# AdGuard Home
During the setup wizard, AdGuard Home presents an option to select on which port the web interface will be available.
(Defaults to 80. Which is a privileged port and also usually the TrueNAS SCALE UI uses that port)
Because of that, App will force the webUI to listen to port 30000 (or the port selected by user in the TrueNAS SCALE UI).
If you select a different port in the wizard, the Dashboard will not work initially but
after a couple of minutes container will automatically restart and the Dashboard will
be available on the port you selected on the TrueNAS SCALE UI.
> - AdGuard runs as `root` user.
> - AdGuard runs with host networking enabled.

BIN
library/ix-dev/community/adguard-home/charts/common-1.0.3.tgz Normal file
View File

Binary file not shown.

7
library/ix-dev/community/adguard-home/ci/basic-values.yaml Normal file
View File

@@ -0,0 +1,7 @@
adguardStorage:
work:
type: hostPath
hostPath: /mnt/{{ .Release.Name }}/work
conf:
type: hostPath
hostPath: /mnt/{{ .Release.Name }}/conf

4
library/ix-dev/community/adguard-home/item.yaml Normal file
View File

@@ -0,0 +1,4 @@
icon_url: https://github.com/AdguardTeam/AdGuardHome/raw/master/doc/adguard_home_darkmode.svg
categories:
- dns
- adblock

181
library/ix-dev/community/adguard-home/questions.yaml Normal file
View File

@@ -0,0 +1,181 @@
groups:
- name: AdGuard Home Configuration
description: Configure AdGuard Home
# - name: User and Group Configuration
# description: Configure User and Group for AdGuard Home
- name: Network Configuration
description: Configure Network for AdGuard Home
- name: Storage Configuration
description: Configure Storage for AdGuard Home
- name: Resources Configuration
description: Configure Resources for AdGuard Home
portals:
web_portal:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
path: "$kubernetes-resource_configmap_portal_path"
questions:
# - variable: adguardRunAs
# label: ""
# group: User and Group Configuration
# schema:
# type: dict
# attrs:
# - variable: user
# label: User ID
# description: The user id that AdGuard Home will run as.
# schema:
# type: int
# min: 1
# default: 568
# required: true
# - variable: group
# label: Group ID
# description: The group id that AdGuard Home will run as.
# schema:
# type: int
# min: 1
# default: 568
# required: true
- variable: adguardNetwork
label: ""
group: Network Configuration
schema:
type: dict
attrs:
- variable: webPort
label: Web Port
description: |
The port for the AdGuard Home WebUI. Set the same during the setup wizard.
In case you set a different port, you will need to stop/start the app for the
port set here to take effect. (Or wait for the container to restart automatically)
schema:
type: int
default: 30000
min: 9000
max: 65535
required: true
- variable: enableDHCP
label: Enable DHCP
description: |
This will only append the needed capabilities for DHCP to work </br>
The configuration for DHCP is done in the AdGuard Home WebUI
schema:
type: boolean
default: false
- variable: adguardStorage
label: ""
group: Storage Configuration
schema:
type: dict
attrs:
- variable: work
label: AdGuard Home Data Storage
description: The path to store AdGuard Home work.
schema:
type: dict
attrs:
- variable: type
label: Type
description: |
ixVolume: Is dataset created automatically by the system.</br>
Host Path: Is a path that already exists on the system.
schema:
type: string
required: true
default: ixVolume
enum:
- value: hostPath
description: Host Path (Path that already exists on the system)
- value: ixVolume
description: ixVolume (Dataset created automatically by the system)
- variable: datasetName
label: Dataset Name
schema:
type: string
show_if: [["type", "=", "ixVolume"]]
required: true
hidden: true
immutable: true
default: work
$ref:
- "normalize/ixVolume"
- variable: hostPath
label: Host Path
schema:
type: hostpath
show_if: [["type", "=", "hostPath"]]
immutable: true
required: true
- variable: conf
label: AdGuard Home Configuration Storage
description: The path to store AdGuard Home configuration
schema:
type: dict
attrs:
- variable: type
label: Type
description: |
ixVolume: Is dataset created automatically by the system.</br>
Host Path: Is a path that already exists on the system.
schema:
type: string
required: true
default: ixVolume
enum:
- value: hostPath
description: Host Path (Path that already exists on the system)
- value: ixVolume
description: ixVolume (Dataset created automatically by the system)
- variable: datasetName
label: Dataset Name
schema:
type: string
show_if: [["type", "=", "ixVolume"]]
required: true
hidden: true
immutable: true
default: conf
$ref:
- "normalize/ixVolume"
- variable: hostPath
label: Host Path
schema:
type: hostpath
show_if: [["type", "=", "hostPath"]]
immutable: true
required: true
- variable: resources
label: ""
group: Resources Configuration
schema:
type: dict
attrs:
- variable: limits
label: Limits
schema:
type: dict
attrs:
- variable: cpu
label: CPU
description: CPU limit for AdGuard Home.
schema:
type: string
default: 4000m
required: true
- variable: memory
label: Memory
description: Memory limit for AdGuard Home.
schema:
type: string
default: 8Gi
required: true

1
library/ix-dev/community/adguard-home/templates/NOTES.txt Normal file
View File

@@ -0,0 +1 @@
{{ include "ix.v1.common.lib.chart.notes" $ }}

105
library/ix-dev/community/adguard-home/templates/_adguard.tpl Normal file
View File

@@ -0,0 +1,105 @@
{{- define "adguard.workload" -}}
workload:
adguard:
enabled: true
primary: true
type: Deployment
podSpec:
# Host network is pretty much a requirement for apps like this.
# Because NodePort can't bind ports like 53(DNS) or 67(DHCP)
# and the majority of devices do not have option to change the port.
hostNetwork: true
containers:
adguard:
enabled: true
primary: true
imageSelector: image
# Args are copied from the official docker image
# So we can also specify the port.
# If we dont specify the port here, AdGuardHome
# will start initially at port 3000 and after
# the setup wizard is completed it will switch
# to user specified port.
args:
- --no-check-update
- --host
- "0.0.0.0"
- --config
- /opt/adguardhome/conf/AdGuardHome.yaml
- --work-dir
- /opt/adguardhome/work
- --port
- {{ .Values.adguardNetwork.webPort | quote }}
# Setup wizard shows an option to select the port that AdGuardHome
# Web UI will listen on. If the user selects anything other than the `webPort`,
# container will reload its new configuration and listen to the user specified port.
# But user won't have access to it because the port is not exposed. Few seconds later
# probes will kill the container and restart it with the correct `webPort` port.
securityContext:
# FIXME: It might be able to run rootless, probably blocked by:
# https://github.com/AdguardTeam/AdGuardHome/issues/4681
runAsNonRoot: false
runAsUser: 0
runAsGroup: 0
capabilities:
add:
- NET_BIND_SERVICE
{{ if .Values.adguardNetwork.enableDHCP }}
- NET_RAW
{{ end }}
# FIXME: Switch to exec probe after this issue is solved, also note that healthcheck
# is only available on "edge" tag, as of 27/03/2023
# https://github.com/AdguardTeam/AdGuardHome/issues/3290#issuecomment-1485451976
probes:
liveness:
enabled: true
type: http
path: /
port: {{ .Values.adguardNetwork.webPort }}
readiness:
enabled: true
type: http
path: /
port: {{ .Values.adguardNetwork.webPort }}
startup:
enabled: true
type: http
path: /
port: {{ .Values.adguardNetwork.webPort }}
{{/* # FIXME: Disabled until it can run as non-root
initContainers:
{{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
"UID" .Values.ipfsRunAs.user
"GID" .Values.ipfsRunAs.group
"type" "install") | nindent 8 }}
*/}}
{{/* Persistence */}}
persistence:
work:
enabled: true
type: {{ .Values.adguardStorage.work.type }}
datasetName: {{ .Values.adguardStorage.work.datasetName | default "" }}
hostPath: {{ .Values.adguardStorage.work.hostPath | default "" }}
targetSelector:
adguard:
adguard:
mountPath: /opt/adguardhome/work
{{/* # FIXME: See above
01-permissions:
mountPath: /mnt/directories/work
*/}}
conf:
enabled: true
type: {{ .Values.adguardStorage.conf.type }}
datasetName: {{ .Values.adguardStorage.conf.datasetName | default "" }}
hostPath: {{ .Values.adguardStorage.conf.hostPath | default "" }}
targetSelector:
adguard:
adguard:
mountPath: /opt/adguardhome/conf
{{/* # FIXME: See above
01-permissions:
mountPath: /mnt/directories/conf
*/}}
{{- end -}}

12
library/ix-dev/community/adguard-home/templates/_portal.tpl Normal file
View File

@@ -0,0 +1,12 @@
{{- define "adguard.portal" -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: portal
data:
path: /
port: {{ .Values.adguardNetwork.webPort | quote }}
protocol: http
host: $node_ip
{{- end -}}

9
library/ix-dev/community/adguard-home/templates/common.yaml Normal file
View File

@@ -0,0 +1,9 @@
{{- include "ix.v1.common.loader.init" . -}}
{{/* Merge the templates with Values */}}
{{- $_ := mustMergeOverwrite .Values (include "adguard.workload" $ | fromYaml) -}}
{{/* Create the configmap for portal manually*/}}
{{- include "adguard.portal" $ -}}
{{- include "ix.v1.common.loader.apply" . -}}

31
library/ix-dev/community/adguard-home/upgrade_strategy Executable file
View File

@@ -0,0 +1,31 @@
#!/usr/bin/python3
import json
import re
import sys
from catalog_update.upgrade_strategy import semantic_versioning
RE_STABLE_VERSION = re.compile(r'v[0-9]+\.[0-9]+\.[0-9]+')
def newer_mapping(image_tags):
key = list(image_tags.keys())[0]
tags = {t: t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)}
version = semantic_versioning(list(tags))
if not version:
return {}
return {
'tags': {key: tags[version]},
'app_version': version,
}
if __name__ == '__main__':
try:
versions_json = json.loads(sys.stdin.read())
except ValueError:
raise ValueError('Invalid json specified')
print(json.dumps(newer_mapping(versions_json)))

28
library/ix-dev/community/adguard-home/values.yaml Normal file
View File

@@ -0,0 +1,28 @@
image:
repository: adguard/adguardhome
tag: v0.107.26
pullPolicy: IfNotPresent
resources:
limits:
cpu: 4000m
memory: 8Gi
adguardNetwork:
webPort: 30000
enableDHCP: false
# FIXME: See _adguard.tpl
# adguardRunAs:
# user: 568
# group: 568
adguardStorage:
work:
type: ixVolume
hostPath: ""
datasetName: work
conf:
type: ixVolume
hostPath: ""
datasetName: conf