diff --git a/create_app.sh b/create_app.sh index 67e42f4d53..e90f81ed89 100755 --- a/create_app.sh +++ b/create_app.sh @@ -6,7 +6,7 @@ YQ_PATH="/tmp/yq" BASE_PATH="library/ix-dev" if [[ ! -f "$YQ_PATH" ]]; then - wget "https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}" -O "$YQ_PATH" && \ + wget -q "https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY}" -O "$YQ_PATH" && \ chmod +x "$YQ_PATH" fi diff --git a/library/ix-dev/community/nginx-proxy-manager/Chart.lock b/library/ix-dev/community/nginx-proxy-manager/Chart.lock new file mode 100644 index 0000000000..c45b5f9c51 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.0.5 +digest: sha256:cf1db8c2ae650987a3e3d8d98767caab62c341bd0fb15309213b00dce87111cc +generated: "2023-04-12T17:17:40.41107506+03:00" diff --git a/library/ix-dev/community/nginx-proxy-manager/Chart.yaml b/library/ix-dev/community/nginx-proxy-manager/Chart.yaml new file mode 100644 index 0000000000..fa74f840c2 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/Chart.yaml @@ -0,0 +1,25 @@ +name: nginx-proxy-manager +description: Expose your services easily and securely +annotations: + title: Nginx Proxy Manager +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: '2.10.2' +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ +dependencies: + - name: common + repository: file://../../../common + version: 1.0.5 +home: https://nginxproxymanager.com/ +icon: https://nginxproxymanager.com/logo.png +sources: + - https://nginxproxymanager.com/ + - https://github.com/truenas/charts/tree/master/community/nginx-proxy-manager + - https://hub.docker.com/r/jc21/nginx-proxy-manager +keywords: + - nginx + - proxy diff --git a/library/ix-dev/community/nginx-proxy-manager/README.md b/library/ix-dev/community/nginx-proxy-manager/README.md new file mode 100644 index 0000000000..9ab47b8479 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/README.md @@ -0,0 +1,5 @@ +# Nginx Proxy Manager + +[Nginx Proxy Manager](https://nginxproxymanager.com) Expose your services easily and securely + +> Application requires to run as root. This is a limitation of the application. diff --git a/library/ix-dev/community/nginx-proxy-manager/app-readme.md b/library/ix-dev/community/nginx-proxy-manager/app-readme.md new file mode 100644 index 0000000000..9ab47b8479 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/app-readme.md @@ -0,0 +1,5 @@ +# Nginx Proxy Manager + +[Nginx Proxy Manager](https://nginxproxymanager.com) Expose your services easily and securely + +> Application requires to run as root. This is a limitation of the application. diff --git a/library/ix-dev/community/nginx-proxy-manager/charts/common-1.0.5.tgz b/library/ix-dev/community/nginx-proxy-manager/charts/common-1.0.5.tgz new file mode 100644 index 0000000000..f817b7c941 Binary files /dev/null and b/library/ix-dev/community/nginx-proxy-manager/charts/common-1.0.5.tgz differ diff --git a/library/ix-dev/community/nginx-proxy-manager/ci/basic-values.yaml b/library/ix-dev/community/nginx-proxy-manager/ci/basic-values.yaml new file mode 100644 index 0000000000..1eb88502e2 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/ci/basic-values.yaml @@ -0,0 +1,12 @@ +npmNetwork: + webPort: 31000 + httpPort: 31001 + httpsPort: 31002 + +npmStorage: + data: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/data + certs: + type: hostPath + hostPath: /mnt/{{ .Release.Name }}/certs diff --git a/library/ix-dev/community/nginx-proxy-manager/item.yaml b/library/ix-dev/community/nginx-proxy-manager/item.yaml new file mode 100644 index 0000000000..e2a8eaa90c --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/item.yaml @@ -0,0 +1,4 @@ +icon_url: https://nginxproxymanager.com/logo.png +categories: + - media + - series diff --git a/library/ix-dev/community/nginx-proxy-manager/questions.yaml b/library/ix-dev/community/nginx-proxy-manager/questions.yaml new file mode 100644 index 0000000000..a32a6b7528 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/questions.yaml @@ -0,0 +1,204 @@ +groups: + - name: Nginx Proxy Manager Configuration + description: Configure Nginx Proxy Manager + - name: User and Group Configuration + description: Configure User and Group for Nginx Proxy Manager + - name: Network Configuration + description: Configure Network for Nginx Proxy Manager + - name: Storage Configuration + description: Configure Storage for Nginx Proxy Manager + - name: Resources Configuration + description: Configure Resources for Nginx Proxy Manager + +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" + +questions: + - variable: TZ + group: Nginx Proxy Manager Configuration + label: Timezone + schema: + type: string + default: Etc/UTC + required: true + $ref: + - definitions/timezone + + - variable: npmConfig + label: "" + group: Nginx Proxy Manager Configuration + schema: + type: dict + attrs: + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Nginx Proxy Manager. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: npmNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the Nginx Proxy Manager Web UI. + schema: + type: int + default: 30000 + min: 9000 + max: 65535 + required: true + - variable: httpPort + label: HTTP Port + description: The HTTP port for the Nginx Proxy Manager. + schema: + type: int + default: 30001 + min: 9000 + max: 65535 + required: true + - variable: httpsPort + label: HTTPS Port + description: The HTTP port for the Nginx Proxy Manager. + schema: + type: int + default: 30002 + min: 9000 + max: 65535 + required: true + + - variable: npmStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: data + label: Nginx Proxy Manager Data Storage + description: The path to store Nginx Proxy Manager Data. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: "data" + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + - variable: certs + label: Nginx Proxy Manager Certificate Storage + description: The path to store Nginx Proxy Manager Certificate. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: "certs" + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + + - variable: resources + group: Resources Configuration + label: "" + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Nginx Proxy Manager. + schema: + type: string + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Nginx Proxy Manager. + schema: + type: string + default: "8Gi" + required: true diff --git a/library/ix-dev/community/nginx-proxy-manager/templates/NOTES.txt b/library/ix-dev/community/nginx-proxy-manager/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/library/ix-dev/community/nginx-proxy-manager/templates/_npm.tpl b/library/ix-dev/community/nginx-proxy-manager/templates/_npm.tpl new file mode 100644 index 0000000000..e9eb76886f --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/templates/_npm.tpl @@ -0,0 +1,105 @@ +{{- define "npm.workload" -}} +workload: + npm: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: false + securityContext: + fsGroup: 1000 + containers: + npm: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: 0 + runAsGroup: 0 + readOnlyRootFilesystem: false + runAsNonRoot: false + capabilities: + add: + # Needed for: s6-applyuidgid: fatal: unable to setuid: Operation not permitted + - SETUID + # Needed for: s6-applyuidgid: fatal: unable to set supplementary group list: Operation not permitted + - SETGID + # Needed for: Used in some s6-overlay startup scripts + - CHOWN + - DAC_OVERRIDE + # Needed for: Nginx Service + - FOWNER + fixedEnv: + # FIXME: Revisit once upstream irons out some issues in regarids with PUID. + # Make sure 568 PUID works before exposing + PUID: 1000 + env: + DISABLE_IPV6: true + DB_SQLITE_FILE: /data/database.sqlite + {{ with .Values.npmConfig.additionalEnvs }} + {{ range $env := . }} + {{ $env.name }}: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: exec + command: /bin/check-health + readiness: + enabled: true + type: exec + command: /bin/check-health + startup: + enabled: true + type: exec + command: /bin/check-health +{{/* Service */}} +service: + npm: + enabled: true + primary: true + type: NodePort + targetSelector: npm + ports: + webui: + enabled: true + primary: true + port: {{ .Values.npmNetwork.webPort }} + nodePort: {{ .Values.npmNetwork.webPort }} + targetPort: 81 + targetSelector: npm + http: + enabled: true + port: {{ .Values.npmNetwork.httpPort }} + nodePort: {{ .Values.npmNetwork.httpPort }} + targetPort: 80 + targetSelector: npm + https: + enabled: true + port: {{ .Values.npmNetwork.httpsPort }} + nodePort: {{ .Values.npmNetwork.httpsPort }} + targetPort: 443 + targetSelector: npm + +{{/* Persistence */}} +persistence: + data: + enabled: true + type: {{ .Values.npmStorage.data.type }} + datasetName: {{ .Values.npmStorage.data.datasetName | default "" }} + hostPath: {{ .Values.npmStorage.data.hostPath | default "" }} + targetSelector: + npm: + npm: + mountPath: /data + certs: + enabled: true + type: {{ .Values.npmStorage.certs.type }} + datasetName: {{ .Values.npmStorage.certs.datasetName | default "" }} + hostPath: {{ .Values.npmStorage.certs.hostPath | default "" }} + targetSelector: + npm: + npm: + mountPath: /etc/letsencrypt +{{- end -}} diff --git a/library/ix-dev/community/nginx-proxy-manager/templates/_portal.tpl b/library/ix-dev/community/nginx-proxy-manager/templates/_portal.tpl new file mode 100644 index 0000000000..4d2ca959b3 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "npm.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + path: "/" + port: {{ .Values.npmNetwork.webPort | quote }} + protocol: http + host: $node_ip +{{- end -}} diff --git a/library/ix-dev/community/nginx-proxy-manager/templates/common.yaml b/library/ix-dev/community/nginx-proxy-manager/templates/common.yaml new file mode 100644 index 0000000000..185c880134 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/templates/common.yaml @@ -0,0 +1,9 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "npm.workload" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "npm.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/library/ix-dev/community/nginx-proxy-manager/upgrade_info.json b/library/ix-dev/community/nginx-proxy-manager/upgrade_info.json new file mode 100644 index 0000000000..767388094a --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/upgrade_info.json @@ -0,0 +1 @@ +{"filename": "values.yaml", "keys": ["image"]} diff --git a/library/ix-dev/community/nginx-proxy-manager/upgrade_strategy b/library/ix-dev/community/nginx-proxy-manager/upgrade_strategy new file mode 100755 index 0000000000..41e9448b21 --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/upgrade_strategy @@ -0,0 +1,31 @@ +#!/usr/bin/python3 +import json +import re +import sys + +from catalog_update.upgrade_strategy import semantic_versioning + + +RE_STABLE_VERSION = re.compile(r'[0-9]+\.[0-9]+\.[0-9]+') + + +def newer_mapping(image_tags): + key = list(image_tags.keys())[0] + tags = {t: t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)} + version = semantic_versioning(list(tags)) + if not version: + return {} + + return { + 'tags': {key: tags[version]}, + 'app_version': version, + } + + +if __name__ == '__main__': + try: + versions_json = json.loads(sys.stdin.read()) + except ValueError: + raise ValueError('Invalid json specified') + + print(json.dumps(newer_mapping(versions_json))) diff --git a/library/ix-dev/community/nginx-proxy-manager/values.yaml b/library/ix-dev/community/nginx-proxy-manager/values.yaml new file mode 100644 index 0000000000..8f3cf5b41e --- /dev/null +++ b/library/ix-dev/community/nginx-proxy-manager/values.yaml @@ -0,0 +1,28 @@ +image: + repository: jc21/nginx-proxy-manager + pullPolicy: IfNotPresent + tag: '2.10.2' +resources: + limits: + cpu: 4000m + memory: 8Gi +npmConfig: + additionalEnvs: [] +npmNetwork: + webPort: 30000 + httpPort: 30001 + httpsPort: 30002 +npmStorage: + data: + type: ixVolume + hostPath: '' + datasetName: data + certs: + type: ixVolume + hostPath: '' + datasetName: certs +notes: + custom: | + Default credentials: + - username: admin@example.com + - password: changeme