diff --git a/community/whoogle/1.0.0/Chart.lock b/community/whoogle/1.0.0/Chart.lock new file mode 100644 index 0000000000..119ef485f4 --- /dev/null +++ b/community/whoogle/1.0.0/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.1.1 +digest: sha256:a7dbe3e4d42dbcd4325776e5e01a1d630c7f185f79e7ebf22b1b9cc80f56eed7 +generated: "2023-10-20T15:34:05.850590153+03:00" diff --git a/community/whoogle/1.0.0/Chart.yaml b/community/whoogle/1.0.0/Chart.yaml new file mode 100644 index 0000000000..9ce6457c03 --- /dev/null +++ b/community/whoogle/1.0.0/Chart.yaml @@ -0,0 +1,26 @@ +name: whoogle +description: Whoogle is a self-hosted, ad-free, privacy-respecting metasearch engine +annotations: + title: Whoogle +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: 0.8.3 +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ + email: dev@ixsystems.com +dependencies: + - name: common + repository: file://../../../common + version: 1.1.1 +home: https://github.com/benbusby/whoogle-search +icon: https://media.sys.truenas.net/apps/whoogle/icons/icon.png +sources: + - https://github.com/benbusby/whoogle-search + - https://github.com/truenas/charts/tree/master/library/ix-dev/community/whoogle + - https://hub.docker.com/r/benbusby/whoogle-search +keywords: + - search + - engine diff --git a/community/whoogle/1.0.0/README.md b/community/whoogle/1.0.0/README.md new file mode 100644 index 0000000000..6a4feb15dc --- /dev/null +++ b/community/whoogle/1.0.0/README.md @@ -0,0 +1,12 @@ +# Whoogle + +[Whoogle](https://github.com/benbusby/whoogle-search) is a self-hosted, ad-free, privacy-respecting metasearch engine + +> When application is installed, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the `Whoogle` directories. +> Afterward, the `Whoogle` container will run as a **non**-root user (`927`). +> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user. + +See [Whoogle's Docs](https://github.com/benbusby/whoogle-search?tab=readme-ov-file#environment-variables) for a list of available environment variables. +Note that all configuration via WebUI will be reset if the container is restarted. +Only config changes made via environment variables will persist. diff --git a/community/whoogle/1.0.0/app-readme.md b/community/whoogle/1.0.0/app-readme.md new file mode 100644 index 0000000000..6a4feb15dc --- /dev/null +++ b/community/whoogle/1.0.0/app-readme.md @@ -0,0 +1,12 @@ +# Whoogle + +[Whoogle](https://github.com/benbusby/whoogle-search) is a self-hosted, ad-free, privacy-respecting metasearch engine + +> When application is installed, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the `Whoogle` directories. +> Afterward, the `Whoogle` container will run as a **non**-root user (`927`). +> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user. + +See [Whoogle's Docs](https://github.com/benbusby/whoogle-search?tab=readme-ov-file#environment-variables) for a list of available environment variables. +Note that all configuration via WebUI will be reset if the container is restarted. +Only config changes made via environment variables will persist. diff --git a/community/whoogle/1.0.0/charts/common-1.1.1.tgz b/community/whoogle/1.0.0/charts/common-1.1.1.tgz new file mode 100644 index 0000000000..7b072e6fee Binary files /dev/null and b/community/whoogle/1.0.0/charts/common-1.1.1.tgz differ diff --git a/community/whoogle/1.0.0/ci/basic-values.yaml b/community/whoogle/1.0.0/ci/basic-values.yaml new file mode 100644 index 0000000000..39fd2a99bc --- /dev/null +++ b/community/whoogle/1.0.0/ci/basic-values.yaml @@ -0,0 +1,2 @@ +whoogleNetwork: + webPort: 31000 diff --git a/community/whoogle/1.0.0/ci/extra-values.yaml b/community/whoogle/1.0.0/ci/extra-values.yaml new file mode 100644 index 0000000000..7cb22de134 --- /dev/null +++ b/community/whoogle/1.0.0/ci/extra-values.yaml @@ -0,0 +1,21 @@ +whoogleConfig: + redirects: + - src: domain.tld + dst: other-domain.tld + - src: example.com + dst: other-example.com + additionalEnvs: + - name: WHOOGLE_USER + value: some-user + - name: WHOOGLE_PASS + value: some-pass + +whoogleNetwork: + webPort: 31000 + +whoogleStorage: + additionalStorages: + - type: pvc + mountPath: /data1 + - type: pvc + mountPath: /data2 diff --git a/community/whoogle/1.0.0/ci/hostNet-values.yaml b/community/whoogle/1.0.0/ci/hostNet-values.yaml new file mode 100644 index 0000000000..86b143f3e0 --- /dev/null +++ b/community/whoogle/1.0.0/ci/hostNet-values.yaml @@ -0,0 +1,3 @@ +whoogleNetwork: + webPort: 30000 + hostNetwork: true diff --git a/community/whoogle/1.0.0/ix_values.yaml b/community/whoogle/1.0.0/ix_values.yaml new file mode 100644 index 0000000000..d4d8d87099 --- /dev/null +++ b/community/whoogle/1.0.0/ix_values.yaml @@ -0,0 +1,20 @@ +image: + repository: benbusby/whoogle-search + pullPolicy: IfNotPresent + tag: 0.8.3 + +resources: + limits: + cpu: 4000m + memory: 8Gi + +whoogleConfig: + redirects: [] + additionalEnvs: [] + +whoogleNetwork: + webPort: 30098 + hostNetwork: false + +whoogleStorage: + additionalStorages: [] diff --git a/community/whoogle/1.0.0/metadata.yaml b/community/whoogle/1.0.0/metadata.yaml new file mode 100644 index 0000000000..aa64036920 --- /dev/null +++ b/community/whoogle/1.0.0/metadata.yaml @@ -0,0 +1,8 @@ +runAsContext: + - userName: whoogle + groupName: whoogle + gid: 927 + uid: 927 + description: Whoogle runs as any non-root user. +capabilities: [] +hostMounts: [] diff --git a/community/whoogle/1.0.0/questions.yaml b/community/whoogle/1.0.0/questions.yaml new file mode 100644 index 0000000000..fc9e73a4f6 --- /dev/null +++ b/community/whoogle/1.0.0/questions.yaml @@ -0,0 +1,200 @@ +groups: + - name: Whoogle Configuration + description: Configure Whoogle + - name: User and Group Configuration + description: Configure User and Group for Whoogle + - name: Network Configuration + description: Configure Network for Whoogle + - name: Storage Configuration + description: Configure Storage for Whoogle + - name: Resources Configuration + description: Configure Resources for Whoogle + +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" + +questions: + - variable: whoogleConfig + label: "" + group: Whoogle Configuration + schema: + type: dict + attrs: + - variable: redirects + label: Specify sites that should be redirected elsewhere + description: Configure redirects for Whoogle. + schema: + type: list + default: [] + items: + - variable: redirect + label: Redirect + schema: + type: dict + attrs: + - variable: src + label: Source + description: | + The source domain.
+ Format: domain.tld + schema: + type: string + required: true + - variable: dst + label: Destination + description: | + The destination domain.
+ Format: domain.tld + schema: + type: string + required: true + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Whoogle. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: whoogleNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the Whoogle Web UI. + schema: + type: int + default: 30098 + min: 9000 + max: 65535 + required: true + - variable: hostNetwork + label: Host Network + description: | + Bind to the host network. It's recommended to keep this disabled.
+ schema: + type: boolean + default: false + + - variable: whoogleStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: additionalStorages + label: Additional Storage + description: Additional storage for Whoogle. + schema: + type: list + default: [] + items: + - variable: storageEntry + label: Storage Entry + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: mountPath + label: Mount Path + description: The path inside the container to mount the storage. + schema: + type: path + required: true + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + required: true + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + immutable: true + default: "storage_entry" + $ref: + - "normalize/ixVolume" + + - variable: resources + group: Resources Configuration + label: "" + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Whoogle. + schema: + type: string + max_length: 6 + valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$' + valid_chars_error: | + Valid CPU limit formats are
+ - Plain Integer - eg. 1
+ - Float - eg. 0.5
+ - Milicpu - eg. 500m + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Whoogle. + schema: + type: string + max_length: 12 + valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$' + valid_chars_error: | + Valid Memory limit formats are
+ - Suffixed with E/P/T/G/M/K - eg. 1G
+ - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi
+ - Plain Integer in bytes - eg. 1024
+ - Exponent - eg. 134e6 + default: "8Gi" + required: true diff --git a/community/whoogle/1.0.0/templates/NOTES.txt b/community/whoogle/1.0.0/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/community/whoogle/1.0.0/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/community/whoogle/1.0.0/templates/_persistence.tpl b/community/whoogle/1.0.0/templates/_persistence.tpl new file mode 100644 index 0000000000..a2fbeaa97d --- /dev/null +++ b/community/whoogle/1.0.0/templates/_persistence.tpl @@ -0,0 +1,50 @@ +{{- define "whoogle.persistence" -}} +persistence: + config: + enabled: true + # Upstream also has this dir + # in an tmpfs directory + type: emptyDir + targetSelector: + whoogle: + whoogle: + mountPath: /config + tmp: + enabled: true + type: emptyDir + targetSelector: + whoogle: + whoogle: + mountPath: /tmp + runtor: + enabled: true + type: emptyDir + targetSelector: + whoogle: + whoogle: + mountPath: /run/tor + varlibtor: + enabled: true + type: emptyDir + targetSelector: + whoogle: + whoogle: + mountPath: /var/lib/tor + # emptyDir is by default 0:fsGroup + # But for this directory we need to set it to 927:927 + 01-permissions: + mountPath: /mnt/directories/varlibtor + {{- range $idx, $storage := .Values.whoogleStorage.additionalStorages }} + {{ printf "whoogle-%v" (int $idx) }}: + enabled: true + type: {{ $storage.type }} + datasetName: {{ $storage.datasetName | default "" }} + hostPath: {{ $storage.hostPath | default "" }} + targetSelector: + whoogle: + whoogle: + mountPath: {{ $storage.mountPath }} + 01-permissions: + mountPath: /mnt/directories{{ $storage.mountPath }} + {{- end }} +{{- end -}} diff --git a/community/whoogle/1.0.0/templates/_portal.tpl b/community/whoogle/1.0.0/templates/_portal.tpl new file mode 100644 index 0000000000..1a0247b2fd --- /dev/null +++ b/community/whoogle/1.0.0/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "whoogle.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + path: "/" + port: {{ .Values.whoogleNetwork.webPort | quote }} + protocol: http + host: $node_ip +{{- end -}} diff --git a/community/whoogle/1.0.0/templates/_service.tpl b/community/whoogle/1.0.0/templates/_service.tpl new file mode 100644 index 0000000000..fd9aade386 --- /dev/null +++ b/community/whoogle/1.0.0/templates/_service.tpl @@ -0,0 +1,15 @@ +{{- define "whoogle.service" -}} +service: + whoogle: + enabled: true + primary: true + type: NodePort + targetSelector: whoogle + ports: + webui: + enabled: true + primary: true + port: {{ .Values.whoogleNetwork.webPort }} + nodePort: {{ .Values.whoogleNetwork.webPort }} + targetSelector: whoogle +{{- end -}} diff --git a/community/whoogle/1.0.0/templates/_whoogle.tpl b/community/whoogle/1.0.0/templates/_whoogle.tpl new file mode 100644 index 0000000000..cbcd8fce9f --- /dev/null +++ b/community/whoogle/1.0.0/templates/_whoogle.tpl @@ -0,0 +1,58 @@ +{{- define "whoogle.workload" -}} + {{- $redirects := list -}} + {{- range $r := .Values.whoogleConfig.redirects -}} + {{- $redirects = append $redirects (printf "%s:%s" $r.src $r.dst) -}} + {{- end }} +workload: + whoogle: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: {{ .Values.whoogleNetwork.hostNetwork }} + securityContext: + fsGroup: 927 + containers: + whoogle: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: 927 + runAsGroup: 927 + readOnlyRootFilesystem: false + env: + EXPOSE_PORT: {{ .Values.whoogleNetwork.webPort }} + {{- with $redirects }} + WHOOGLE_REDIRECTS: {{ join "," $redirects }} + {{- end -}} + {{ with .Values.whoogleConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + value: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: http + port: {{ .Values.whoogleNetwork.webPort }} + path: /healthz + readiness: + enabled: true + type: http + port: {{ .Values.whoogleNetwork.webPort }} + path: /healthz + startup: + enabled: true + type: http + port: {{ .Values.whoogleNetwork.webPort }} + path: /healthz + initContainers: + {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions" + "UID" 927 + "GID" 927 + "mode" "check" + "type" "init") | nindent 8 }} +{{- end -}} diff --git a/community/whoogle/1.0.0/templates/common.yaml b/community/whoogle/1.0.0/templates/common.yaml new file mode 100644 index 0000000000..be9b5ce996 --- /dev/null +++ b/community/whoogle/1.0.0/templates/common.yaml @@ -0,0 +1,11 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "whoogle.workload" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "whoogle.service" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "whoogle.persistence" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "whoogle.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/community/whoogle/item.yaml b/community/whoogle/item.yaml new file mode 100644 index 0000000000..cfdfebe6ef --- /dev/null +++ b/community/whoogle/item.yaml @@ -0,0 +1,9 @@ +icon_url: https://media.sys.truenas.net/apps/whoogle/icons/icon.png +categories: + - productivity +screenshots: + - https://media.sys.truenas.net/apps/whoogle/screenshots/screenshot1.png + - https://media.sys.truenas.net/apps/whoogle/screenshots/screenshot2.png +tags: + - search + - engine