From 522aadb9a343b19bb58504332eaf304ef9cc310d Mon Sep 17 00:00:00 2001 From: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Date: Sun, 3 Dec 2023 22:13:07 +0200 Subject: [PATCH] homarr - adapt to upstream changes (#1791) * homarr - adapt to upstream changes * remove password * render * add acl * bump version * update label * update readme --- library/ix-dev/community/homarr/Chart.yaml | 4 +- library/ix-dev/community/homarr/README.md | 9 +- library/ix-dev/community/homarr/app-readme.md | 9 +- .../community/homarr/ci/basic-values.yaml | 8 +- .../community/homarr/ci/extra-values.yaml | 14 +- .../community/homarr/ci/hostNet-values.yaml | 8 +- .../ix-dev/community/homarr/questions.yaml | 369 ++++++++++++++---- .../homarr/templates/_configuration.tpl | 14 + .../community/homarr/templates/_homarr.tpl | 24 +- .../homarr/templates/_persistence.tpl | 39 +- .../community/homarr/templates/common.yaml | 1 + library/ix-dev/community/homarr/values.yaml | 12 +- 12 files changed, 354 insertions(+), 157 deletions(-) create mode 100644 library/ix-dev/community/homarr/templates/_configuration.tpl diff --git a/library/ix-dev/community/homarr/Chart.yaml b/library/ix-dev/community/homarr/Chart.yaml index 1084a162bd..2414f2ca78 100644 --- a/library/ix-dev/community/homarr/Chart.yaml +++ b/library/ix-dev/community/homarr/Chart.yaml @@ -3,9 +3,9 @@ description: Homarr is a sleek, modern dashboard that puts all of your apps and annotations: title: Homarr type: application -version: 1.1.3 +version: 2.0.0 apiVersion: v2 -appVersion: 0.13.4 +appVersion: 0.14.2 kubeVersion: '>=1.16.0-0' maintainers: - name: truenas diff --git a/library/ix-dev/community/homarr/README.md b/library/ix-dev/community/homarr/README.md index c7d12681db..56cfec9765 100644 --- a/library/ix-dev/community/homarr/README.md +++ b/library/ix-dev/community/homarr/README.md @@ -2,7 +2,8 @@ [Homarr](https://github.com/ajnart/homarr) is a sleek, modern dashboard that puts all of your apps and services at your fingertips. -> When application is installed, a container will be launched with **root** privileges. -> This is required in order to apply the correct permissions to the `Homarr` directories. -> Afterward, the `Homarr` container will run as a **non**-root user (Default: `568`). -> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user. +## Upgrade to 2.0.0 + +Direct upgrade to 2.x.x is not possible, due to major upstream changes. +The changes require new storage configuration that cannot be assumed, nor configured +during the upgrade. Please re-install in order to configure this new storage. diff --git a/library/ix-dev/community/homarr/app-readme.md b/library/ix-dev/community/homarr/app-readme.md index c7d12681db..56cfec9765 100644 --- a/library/ix-dev/community/homarr/app-readme.md +++ b/library/ix-dev/community/homarr/app-readme.md @@ -2,7 +2,8 @@ [Homarr](https://github.com/ajnart/homarr) is a sleek, modern dashboard that puts all of your apps and services at your fingertips. -> When application is installed, a container will be launched with **root** privileges. -> This is required in order to apply the correct permissions to the `Homarr` directories. -> Afterward, the `Homarr` container will run as a **non**-root user (Default: `568`). -> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user. +## Upgrade to 2.0.0 + +Direct upgrade to 2.x.x is not possible, due to major upstream changes. +The changes require new storage configuration that cannot be assumed, nor configured +during the upgrade. Please re-install in order to configure this new storage. diff --git a/library/ix-dev/community/homarr/ci/basic-values.yaml b/library/ix-dev/community/homarr/ci/basic-values.yaml index 4a600280d8..bf97e9b36b 100644 --- a/library/ix-dev/community/homarr/ci/basic-values.yaml +++ b/library/ix-dev/community/homarr/ci/basic-values.yaml @@ -7,8 +7,8 @@ homarrRunAs: homarrStorage: configs: - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/configs + type: pvc + data: + type: pvc icons: - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/icons + type: pvc diff --git a/library/ix-dev/community/homarr/ci/extra-values.yaml b/library/ix-dev/community/homarr/ci/extra-values.yaml index e2d978dd86..7cc06f818d 100644 --- a/library/ix-dev/community/homarr/ci/extra-values.yaml +++ b/library/ix-dev/community/homarr/ci/extra-values.yaml @@ -9,15 +9,13 @@ homarrNetwork: homarrStorage: configs: - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/configs + type: pvc + data: + type: pvc icons: - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/icons + type: pvc additionalStorages: - - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/data1 + - type: pvc mountPath: /data1 - - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/data2 + - type: pvc mountPath: /data2 diff --git a/library/ix-dev/community/homarr/ci/hostNet-values.yaml b/library/ix-dev/community/homarr/ci/hostNet-values.yaml index 7aba0604f9..e8b33a2361 100644 --- a/library/ix-dev/community/homarr/ci/hostNet-values.yaml +++ b/library/ix-dev/community/homarr/ci/hostNet-values.yaml @@ -4,8 +4,8 @@ homarrNetwork: homarrStorage: configs: - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/configs + type: pvc + data: + type: pvc icons: - type: hostPath - hostPath: /mnt/{{ .Release.Namespace }}/icons + type: pvc diff --git a/library/ix-dev/community/homarr/questions.yaml b/library/ix-dev/community/homarr/questions.yaml index 7ccdb82856..2b6ca4a1f9 100644 --- a/library/ix-dev/community/homarr/questions.yaml +++ b/library/ix-dev/community/homarr/questions.yaml @@ -37,13 +37,6 @@ questions: schema: type: dict attrs: - - variable: password - label: Password (Optional) - description: Password for Homarr. - schema: - type: string - default: "" - private: true - variable: additionalEnvs label: Additional Environment Variables description: Configure additional environment variables for Homarr. @@ -140,24 +133,145 @@ questions: description: Host Path (Path that already exists on the system) - value: "ixVolume" description: ixVolume (Dataset created automatically by the system) - - variable: datasetName - label: Dataset Name + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. schema: - type: string + type: dict show_if: [["type", "=", "ixVolume"]] - required: true - hidden: true - immutable: true - default: "configs" $ref: - "normalize/ixVolume" - - variable: hostPath - label: Host Path + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "configs" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration schema: - type: hostpath + type: dict show_if: [["type", "=", "hostPath"]] - immutable: true + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + immutable: true + required: true + + - variable: data + label: Homarr Data Storage + description: The path to store Homarr Data. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string required: true + immutable: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "data" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + immutable: true + required: true + - variable: icons label: Homarr Icon Storage description: The path to store Homarr Icons. @@ -179,24 +293,65 @@ questions: description: Host Path (Path that already exists on the system) - value: "ixVolume" description: ixVolume (Dataset created automatically by the system) - - variable: datasetName - label: Dataset Name + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. schema: - type: string + type: dict show_if: [["type", "=", "ixVolume"]] - required: true - hidden: true - immutable: true - default: "icons" $ref: - "normalize/ixVolume" - - variable: hostPath - label: Host Path + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "icons" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration schema: - type: hostpath + type: dict show_if: [["type", "=", "hostPath"]] - immutable: true - required: true + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + immutable: true + required: true + - variable: additionalStorages label: Additional Storage description: Additional storage for Homarr. @@ -227,74 +382,120 @@ questions: description: ixVolume (Dataset created automatically by the system) - value: "smb-pv-pvc" description: SMB Share (Mounts a persistent volume claim to a SMB share) + - variable: readOnly + label: Read Only + description: Mount the volume as read only. + schema: + type: boolean + default: false - variable: mountPath label: Mount Path description: The path inside the container to mount the storage. schema: type: path required: true - - variable: hostPath - label: Host Path - description: The host path to use for storage. + - variable: hostPathConfig + label: Host Path Configuration schema: - type: hostpath + type: dict show_if: [["type", "=", "hostPath"]] - required: true - - variable: datasetName - label: Dataset Name - description: The name of the dataset to use for storage. + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + immutable: true + required: true + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. schema: - type: string + type: dict show_if: [["type", "=", "ixVolume"]] - required: true - immutable: true - default: "storage_entry" $ref: - "normalize/ixVolume" - - variable: server - label: Server - description: The server for the SMB share. + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + default: "storage_entry" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: smbConfig + label: SMB Share Configuration + description: The configuration for the SMB Share. schema: - type: string + type: dict show_if: [["type", "=", "smb-pv-pvc"]] - required: true - - variable: share - label: Share - description: The share name for the SMB share. - schema: - type: string - show_if: [["type", "=", "smb-pv-pvc"]] - required: true - - variable: domain - label: Domain (Optional) - description: The domain for the SMB share. - schema: - type: string - show_if: [["type", "=", "smb-pv-pvc"]] - - variable: username - label: Username - description: The username for the SMB share. - schema: - type: string - show_if: [["type", "=", "smb-pv-pvc"]] - required: true - - variable: password - label: Password - description: The password for the SMB share. - schema: - type: string - show_if: [["type", "=", "smb-pv-pvc"]] - required: true - private: true - - variable: size - label: Size (in Gi) - description: The size of the volume quota. - schema: - type: int - show_if: [["type", "=", "smb-pv-pvc"]] - required: true - min: 1 - default: 1 + attrs: + - variable: server + label: Server + description: The server for the SMB share. + schema: + type: string + required: true + - variable: share + label: Share + description: The share name for the SMB share. + schema: + type: string + required: true + - variable: domain + label: Domain (Optional) + description: The domain for the SMB share. + schema: + type: string + - variable: username + label: Username + description: The username for the SMB share. + schema: + type: string + required: true + - variable: password + label: Password + description: The password for the SMB share. + schema: + type: string + required: true + private: true + - variable: size + label: Size (in Gi) + description: The size of the volume quota. + schema: + type: int + required: true + min: 1 + default: 1 - variable: resources group: Resources Configuration diff --git a/library/ix-dev/community/homarr/templates/_configuration.tpl b/library/ix-dev/community/homarr/templates/_configuration.tpl new file mode 100644 index 0000000000..71a58fe574 --- /dev/null +++ b/library/ix-dev/community/homarr/templates/_configuration.tpl @@ -0,0 +1,14 @@ +{{- define "homarr.configuration" -}} + {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}} + + {{- $secretKey := randAlphaNum 32 -}} + {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-homarr-creds" $fullname)) -}} + {{- $secretKey = ((index .data "NEXTAUTH_SECRET") | b64dec) -}} + {{- end }} + +secret: + homarr-creds: + enabled: true + data: + NEXTAUTH_SECRET: {{ $secretKey }} +{{- end -}} diff --git a/library/ix-dev/community/homarr/templates/_homarr.tpl b/library/ix-dev/community/homarr/templates/_homarr.tpl index fe9d3b7b8b..c484e3f9ac 100644 --- a/library/ix-dev/community/homarr/templates/_homarr.tpl +++ b/library/ix-dev/community/homarr/templates/_homarr.tpl @@ -16,9 +16,9 @@ workload: runAsGroup: {{ .Values.homarrRunAs.group }} env: PORT: {{ .Values.homarrNetwork.webPort }} - {{ with .Values.homarrConfig.password }} - PASSWORD: {{ . }} - {{ end }} + envFrom: + - secretRef: + name: homarr-creds {{ with .Values.homarrConfig.additionalEnvs }} envList: {{ range $env := . }} @@ -30,22 +30,16 @@ workload: liveness: enabled: true type: http - port: "{{ .Values.homarrNetwork.webPort }}" - path: /api/configs + port: {{ .Values.homarrNetwork.webPort }} + path: / readiness: enabled: true type: http - port: "{{ .Values.homarrNetwork.webPort }}" - path: /api/configs + port: {{ .Values.homarrNetwork.webPort }} + path: / startup: enabled: true type: http - port: "{{ .Values.homarrNetwork.webPort }}" - path: /api/configs - initContainers: - {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions" - "UID" .Values.homarrRunAs.user - "GID" .Values.homarrRunAs.group - "mode" "check" - "type" "init") | nindent 8 }} + port: {{ .Values.homarrNetwork.webPort }} + path: / {{- end -}} diff --git a/library/ix-dev/community/homarr/templates/_persistence.tpl b/library/ix-dev/community/homarr/templates/_persistence.tpl index 5e0bcc8ced..5c7e91c056 100644 --- a/library/ix-dev/community/homarr/templates/_persistence.tpl +++ b/library/ix-dev/community/homarr/templates/_persistence.tpl @@ -2,26 +2,25 @@ persistence: configs: enabled: true - type: {{ .Values.homarrStorage.configs.type }} - datasetName: {{ .Values.homarrStorage.configs.datasetName | default "" }} - hostPath: {{ .Values.homarrStorage.configs.hostPath | default "" }} + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.homarrStorage.configs) | nindent 4 }} targetSelector: homarr: homarr: mountPath: /app/data/configs - 01-permissions: - mountPath: /mnt/directories/configs + data: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.homarrStorage.data) | nindent 4 }} + targetSelector: + homarr: + homarr: + mountPath: /data icons: enabled: true - type: {{ .Values.homarrStorage.icons.type }} - datasetName: {{ .Values.homarrStorage.icons.datasetName | default "" }} - hostPath: {{ .Values.homarrStorage.icons.hostPath | default "" }} + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.homarrStorage.icons) | nindent 4 }} targetSelector: homarr: homarr: mountPath: /app/data/icons - 01-permissions: - mountPath: /mnt/directories/icons tmp: enabled: true type: emptyDir @@ -31,29 +30,11 @@ persistence: mountPath: /tmp {{- range $idx, $storage := .Values.homarrStorage.additionalStorages }} {{ printf "homarr-%v" (int $idx) }}: - {{- $size := "" -}} - {{- if $storage.size -}} - {{- $size = (printf "%vGi" $storage.size) -}} - {{- end }} enabled: true - type: {{ $storage.type }} - datasetName: {{ $storage.datasetName | default "" }} - hostPath: {{ $storage.hostPath | default "" }} - server: {{ $storage.server | default "" }} - share: {{ $storage.share | default "" }} - domain: {{ $storage.domain | default "" }} - username: {{ $storage.username | default "" }} - password: {{ $storage.password | default "" }} - size: {{ $size }} - {{- if eq $storage.type "smb-pv-pvc" }} - mountOptions: - - key: noperm - {{- end }} + {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }} targetSelector: homarr: homarr: mountPath: {{ $storage.mountPath }} - 01-permissions: - mountPath: /mnt/directories{{ $storage.mountPath }} {{- end }} {{- end -}} diff --git a/library/ix-dev/community/homarr/templates/common.yaml b/library/ix-dev/community/homarr/templates/common.yaml index db1e93103b..a5cd991f56 100644 --- a/library/ix-dev/community/homarr/templates/common.yaml +++ b/library/ix-dev/community/homarr/templates/common.yaml @@ -1,6 +1,7 @@ {{- include "ix.v1.common.loader.init" . -}} {{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "homarr.configuration" $ | fromYaml) -}} {{- $_ := mustMergeOverwrite .Values (include "homarr.workload" $ | fromYaml) -}} {{- $_ := mustMergeOverwrite .Values (include "homarr.persistence" $ | fromYaml) -}} {{- $_ := mustMergeOverwrite .Values (include "homarr.service" $ | fromYaml) -}} diff --git a/library/ix-dev/community/homarr/values.yaml b/library/ix-dev/community/homarr/values.yaml index c9a0678ea4..8200085297 100644 --- a/library/ix-dev/community/homarr/values.yaml +++ b/library/ix-dev/community/homarr/values.yaml @@ -1,7 +1,7 @@ image: repository: ghcr.io/ajnart/homarr pullPolicy: IfNotPresent - tag: 0.13.4 + tag: 0.14.2 resources: limits: @@ -23,8 +23,14 @@ homarrRunAs: homarrStorage: configs: type: ixVolume - datasetName: configs + ixVolumeConfig: + datasetName: configs + data: + type: ixVolume + ixVolumeConfig: + datasetName: data icons: type: ixVolume - datasetName: icons + ixVolumeConfig: + datasetName: icons additionalStorages: []