truenas/chart
1
0
Fork 0
mirror of https://github.com/truenas/charts.git synced 2026-02-03 02:23:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

NAS-121454 / 23.10 / Add nginx-proxy-manager to community train (#1117)

Browse Source 
* Add nginx-proxy-manager (initial commit)

* Update questions and readme

* Add a note/fixme

* remove host network
This commit is contained in:
Stavros Kois
2023-04-20 01:26:20 +03:00
committed by GitHub
parent a3dd3f460b
commit 37b070fe7a
16 changed files with 449 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
create_app.sh
View File

@@ -6,7 +6,7 @@ YQ_PATH="/tmp/yq"
BASE_PATH="library/ix-dev"
if [[ ! -f "$YQ_PATH" ]]; then
wget "https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}" -O "$YQ_PATH" && \
wget -q "https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}" -O "$YQ_PATH" && \
chmod +x "$YQ_PATH"
fi

6
library/ix-dev/community/nginx-proxy-manager/Chart.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: file://../../../common
version: 1.0.5
digest: sha256:cf1db8c2ae650987a3e3d8d98767caab62c341bd0fb15309213b00dce87111cc
generated: "2023-04-12T17:17:40.41107506+03:00"

25
library/ix-dev/community/nginx-proxy-manager/Chart.yaml Normal file
View File

@@ -0,0 +1,25 @@
name: nginx-proxy-manager
description: Expose your services easily and securely
annotations:
title: Nginx Proxy Manager
type: application
version: 1.0.0
apiVersion: v2
appVersion: '2.10.2'
kubeVersion: '>=1.16.0-0'
maintainers:
- name: truenas
url: https://www.truenas.com/
dependencies:
- name: common
repository: file://../../../common
version: 1.0.5
home: https://nginxproxymanager.com/
icon: https://nginxproxymanager.com/logo.png
sources:
- https://nginxproxymanager.com/
- https://github.com/truenas/charts/tree/master/community/nginx-proxy-manager
- https://hub.docker.com/r/jc21/nginx-proxy-manager
keywords:
- nginx
- proxy

5
library/ix-dev/community/nginx-proxy-manager/README.md Normal file
View File

@@ -0,0 +1,5 @@
# Nginx Proxy Manager
[Nginx Proxy Manager](https://nginxproxymanager.com) Expose your services easily and securely
> Application requires to run as root. This is a limitation of the application.

5
library/ix-dev/community/nginx-proxy-manager/app-readme.md Normal file
View File

@@ -0,0 +1,5 @@
# Nginx Proxy Manager
[Nginx Proxy Manager](https://nginxproxymanager.com) Expose your services easily and securely
> Application requires to run as root. This is a limitation of the application.

BIN
library/ix-dev/community/nginx-proxy-manager/charts/common-1.0.5.tgz Normal file
View File

Binary file not shown.

12
library/ix-dev/community/nginx-proxy-manager/ci/basic-values.yaml Normal file
View File

@@ -0,0 +1,12 @@
npmNetwork:
webPort: 31000
httpPort: 31001
httpsPort: 31002
npmStorage:
data:
type: hostPath
hostPath: /mnt/{{ .Release.Name }}/data
certs:
type: hostPath
hostPath: /mnt/{{ .Release.Name }}/certs

4
library/ix-dev/community/nginx-proxy-manager/item.yaml Normal file
View File

@@ -0,0 +1,4 @@
icon_url: https://nginxproxymanager.com/logo.png
categories:
- media
- series

204
library/ix-dev/community/nginx-proxy-manager/questions.yaml Normal file
View File

@@ -0,0 +1,204 @@
groups:
- name: Nginx Proxy Manager Configuration
description: Configure Nginx Proxy Manager
- name: User and Group Configuration
description: Configure User and Group for Nginx Proxy Manager
- name: Network Configuration
description: Configure Network for Nginx Proxy Manager
- name: Storage Configuration
description: Configure Storage for Nginx Proxy Manager
- name: Resources Configuration
description: Configure Resources for Nginx Proxy Manager
portals:
web_portal:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
path: "$kubernetes-resource_configmap_portal_path"
questions:
- variable: TZ
group: Nginx Proxy Manager Configuration
label: Timezone
schema:
type: string
default: Etc/UTC
required: true
$ref:
- definitions/timezone
- variable: npmConfig
label: ""
group: Nginx Proxy Manager Configuration
schema:
type: dict
attrs:
- variable: additionalEnvs
label: Additional Environment Variables
description: Configure additional environment variables for Nginx Proxy Manager.
schema:
type: list
default: []
items:
- variable: env
label: Environment Variable
schema:
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: npmNetwork
label: ""
group: Network Configuration
schema:
type: dict
attrs:
- variable: webPort
label: Web Port
description: The port for the Nginx Proxy Manager Web UI.
schema:
type: int
default: 30000
min: 9000
max: 65535
required: true
- variable: httpPort
label: HTTP Port
description: The HTTP port for the Nginx Proxy Manager.
schema:
type: int
default: 30001
min: 9000
max: 65535
required: true
- variable: httpsPort
label: HTTPS Port
description: The HTTP port for the Nginx Proxy Manager.
schema:
type: int
default: 30002
min: 9000
max: 65535
required: true
- variable: npmStorage
label: ""
group: Storage Configuration
schema:
type: dict
attrs:
- variable: data
label: Nginx Proxy Manager Data Storage
description: The path to store Nginx Proxy Manager Data.
schema:
type: dict
attrs:
- variable: type
label: Type
description: |
ixVolume: Is dataset created automatically by the system.</br>
Host Path: Is a path that already exists on the system.
schema:
type: string
required: true
default: "ixVolume"
enum:
- value: "hostPath"
description: Host Path (Path that already exists on the system)
- value: "ixVolume"
description: ixVolume (Dataset created automatically by the system)
- variable: datasetName
label: Dataset Name
schema:
type: string
show_if: [["type", "=", "ixVolume"]]
required: true
hidden: true
immutable: true
default: "data"
$ref:
- "normalize/ixVolume"
- variable: hostPath
label: Host Path
schema:
type: hostpath
show_if: [["type", "=", "hostPath"]]
immutable: true
required: true
- variable: certs
label: Nginx Proxy Manager Certificate Storage
description: The path to store Nginx Proxy Manager Certificate.
schema:
type: dict
attrs:
- variable: type
label: Type
description: |
ixVolume: Is dataset created automatically by the system.</br>
Host Path: Is a path that already exists on the system.
schema:
type: string
required: true
default: "ixVolume"
enum:
- value: "hostPath"
description: Host Path (Path that already exists on the system)
- value: "ixVolume"
description: ixVolume (Dataset created automatically by the system)
- variable: datasetName
label: Dataset Name
schema:
type: string
show_if: [["type", "=", "ixVolume"]]
required: true
hidden: true
immutable: true
default: "certs"
$ref:
- "normalize/ixVolume"
- variable: hostPath
label: Host Path
schema:
type: hostpath
show_if: [["type", "=", "hostPath"]]
immutable: true
required: true
- variable: resources
group: Resources Configuration
label: ""
schema:
type: dict
attrs:
- variable: limits
label: Limits
schema:
type: dict
attrs:
- variable: cpu
label: CPU
description: CPU limit for Nginx Proxy Manager.
schema:
type: string
default: "4000m"
required: true
- variable: memory
label: Memory
description: Memory limit for Nginx Proxy Manager.
schema:
type: string
default: "8Gi"
required: true

1
library/ix-dev/community/nginx-proxy-manager/templates/NOTES.txt Normal file
View File

@@ -0,0 +1 @@
{{ include "ix.v1.common.lib.chart.notes" $ }}

105
library/ix-dev/community/nginx-proxy-manager/templates/_npm.tpl Normal file
View File

@@ -0,0 +1,105 @@
{{- define "npm.workload" -}}
workload:
npm:
enabled: true
primary: true
type: Deployment
podSpec:
hostNetwork: false
securityContext:
fsGroup: 1000
containers:
npm:
enabled: true
primary: true
imageSelector: image
securityContext:
runAsUser: 0
runAsGroup: 0
readOnlyRootFilesystem: false
runAsNonRoot: false
capabilities:
add:
# Needed for: s6-applyuidgid: fatal: unable to setuid: Operation not permitted
- SETUID
# Needed for: s6-applyuidgid: fatal: unable to set supplementary group list: Operation not permitted
- SETGID
# Needed for: Used in some s6-overlay startup scripts
- CHOWN
- DAC_OVERRIDE
# Needed for: Nginx Service
- FOWNER
fixedEnv:
# FIXME: Revisit once upstream irons out some issues in regarids with PUID.
# Make sure 568 PUID works before exposing
PUID: 1000
env:
DISABLE_IPV6: true
DB_SQLITE_FILE: /data/database.sqlite
{{ with .Values.npmConfig.additionalEnvs }}
{{ range $env := . }}
{{ $env.name }}: {{ $env.value }}
{{ end }}
{{ end }}
probes:
liveness:
enabled: true
type: exec
command: /bin/check-health
readiness:
enabled: true
type: exec
command: /bin/check-health
startup:
enabled: true
type: exec
command: /bin/check-health
{{/* Service */}}
service:
npm:
enabled: true
primary: true
type: NodePort
targetSelector: npm
ports:
webui:
enabled: true
primary: true
port: {{ .Values.npmNetwork.webPort }}
nodePort: {{ .Values.npmNetwork.webPort }}
targetPort: 81
targetSelector: npm
http:
enabled: true
port: {{ .Values.npmNetwork.httpPort }}
nodePort: {{ .Values.npmNetwork.httpPort }}
targetPort: 80
targetSelector: npm
https:
enabled: true
port: {{ .Values.npmNetwork.httpsPort }}
nodePort: {{ .Values.npmNetwork.httpsPort }}
targetPort: 443
targetSelector: npm
{{/* Persistence */}}
persistence:
data:
enabled: true
type: {{ .Values.npmStorage.data.type }}
datasetName: {{ .Values.npmStorage.data.datasetName | default "" }}
hostPath: {{ .Values.npmStorage.data.hostPath | default "" }}
targetSelector:
npm:
npm:
mountPath: /data
certs:
enabled: true
type: {{ .Values.npmStorage.certs.type }}
datasetName: {{ .Values.npmStorage.certs.datasetName | default "" }}
hostPath: {{ .Values.npmStorage.certs.hostPath | default "" }}
targetSelector:
npm:
npm:
mountPath: /etc/letsencrypt
{{- end -}}

12
library/ix-dev/community/nginx-proxy-manager/templates/_portal.tpl Normal file
View File

@@ -0,0 +1,12 @@
{{- define "npm.portal" -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: portal
data:
path: "/"
port: {{ .Values.npmNetwork.webPort | quote }}
protocol: http
host: $node_ip
{{- end -}}

9
library/ix-dev/community/nginx-proxy-manager/templates/common.yaml Normal file
View File

@@ -0,0 +1,9 @@
{{- include "ix.v1.common.loader.init" . -}}
{{/* Merge the templates with Values */}}
{{- $_ := mustMergeOverwrite .Values (include "npm.workload" $ | fromYaml) -}}
{{/* Create the configmap for portal manually*/}}
{{- include "npm.portal" $ -}}
{{- include "ix.v1.common.loader.apply" . -}}

1
library/ix-dev/community/nginx-proxy-manager/upgrade_info.json Normal file
View File

@@ -0,0 +1 @@
{"filename": "values.yaml", "keys": ["image"]}

31
library/ix-dev/community/nginx-proxy-manager/upgrade_strategy Executable file
View File

@@ -0,0 +1,31 @@
#!/usr/bin/python3
import json
import re
import sys
from catalog_update.upgrade_strategy import semantic_versioning
RE_STABLE_VERSION = re.compile(r'[0-9]+\.[0-9]+\.[0-9]+')
def newer_mapping(image_tags):
key = list(image_tags.keys())[0]
tags = {t: t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)}
version = semantic_versioning(list(tags))
if not version:
return {}
return {
'tags': {key: tags[version]},
'app_version': version,
}
if __name__ == '__main__':
try:
versions_json = json.loads(sys.stdin.read())
except ValueError:
raise ValueError('Invalid json specified')
print(json.dumps(newer_mapping(versions_json)))

28
library/ix-dev/community/nginx-proxy-manager/values.yaml Normal file
View File

@@ -0,0 +1,28 @@
image:
repository: jc21/nginx-proxy-manager
pullPolicy: IfNotPresent
tag: '2.10.2'
resources:
limits:
cpu: 4000m
memory: 8Gi
npmConfig:
additionalEnvs: []
npmNetwork:
webPort: 30000
httpPort: 30001
httpsPort: 30002
npmStorage:
data:
type: ixVolume
hostPath: ''
datasetName: data
certs:
type: ixVolume
hostPath: ''
datasetName: certs
notes:
custom: |
Default credentials:
- username: admin@example.com
- password: changeme