truenas/chart
1
0
Fork 0
mirror of https://github.com/truenas/charts.git synced 2026-05-12 03:26:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add whoogle to community train (#1654)

Browse Source 
* initial commit

* add chart and item yaml

* add strategy

* add templates

* fix tag

* rofs false

* change user

* fix user

* hmm

* whops

* fix

* update readme

* update questions

* typo

* update readme
This commit is contained in:
Stavros Kois
2023-10-23 17:30:01 +03:00
committed by GitHub
parent 8ea030d268
commit 73e5e3b40c
20 changed files with 498 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/ix-dev/community/whoogle/Chart.lock Normal file
View File

@@ -0,0 +1,6 @@
dependencies:
- name: common
repository: file://../../../common
version: 1.1.1
digest: sha256:a7dbe3e4d42dbcd4325776e5e01a1d630c7f185f79e7ebf22b1b9cc80f56eed7
generated: "2023-10-20T15:34:05.850590153+03:00"

26
library/ix-dev/community/whoogle/Chart.yaml Normal file
View File

@@ -0,0 +1,26 @@
name: whoogle
description: Whoogle is a self-hosted, ad-free, privacy-respecting metasearch engine
annotations:
title: Whoogle
type: application
version: 1.0.0
apiVersion: v2
appVersion: 0.8.3
kubeVersion: '>=1.16.0-0'
maintainers:
- name: truenas
url: https://www.truenas.com/
email: dev@ixsystems.com
dependencies:
- name: common
repository: file://../../../common
version: 1.1.1
home: https://github.com/benbusby/whoogle-search
icon: https://media.sys.truenas.net/apps/whoogle/icons/icon.png
sources:
- https://github.com/benbusby/whoogle-search
- https://github.com/truenas/charts/tree/master/library/ix-dev/community/whoogle
- https://hub.docker.com/r/benbusby/whoogle-search
keywords:
- search
- engine

12
library/ix-dev/community/whoogle/README.md Normal file
View File

@@ -0,0 +1,12 @@
# Whoogle
[Whoogle](https://github.com/benbusby/whoogle-search) is a self-hosted, ad-free, privacy-respecting metasearch engine
> When application is installed, a container will be launched with **root** privileges.
> This is required in order to apply the correct permissions to the `Whoogle` directories.
> Afterward, the `Whoogle` container will run as a **non**-root user (`927`).
> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user.
See [Whoogle's Docs](https://github.com/benbusby/whoogle-search?tab=readme-ov-file#environment-variables) for a list of available environment variables.
Note that all configuration via WebUI will be reset if the container is restarted.
Only config changes made via environment variables will persist.

12
library/ix-dev/community/whoogle/app-readme.md Normal file
View File

@@ -0,0 +1,12 @@
# Whoogle
[Whoogle](https://github.com/benbusby/whoogle-search) is a self-hosted, ad-free, privacy-respecting metasearch engine
> When application is installed, a container will be launched with **root** privileges.
> This is required in order to apply the correct permissions to the `Whoogle` directories.
> Afterward, the `Whoogle` container will run as a **non**-root user (`927`).
> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user.
See [Whoogle's Docs](https://github.com/benbusby/whoogle-search?tab=readme-ov-file#environment-variables) for a list of available environment variables.
Note that all configuration via WebUI will be reset if the container is restarted.
Only config changes made via environment variables will persist.

BIN
library/ix-dev/community/whoogle/charts/common-1.1.1.tgz Normal file
View File

Binary file not shown.

2
library/ix-dev/community/whoogle/ci/basic-values.yaml Normal file
View File

@@ -0,0 +1,2 @@
whoogleNetwork:
webPort: 31000

21
library/ix-dev/community/whoogle/ci/extra-values.yaml Normal file
View File

@@ -0,0 +1,21 @@
whoogleConfig:
redirects:
- src: domain.tld
dst: other-domain.tld
- src: example.com
dst: other-example.com
additionalEnvs:
- name: WHOOGLE_USER
value: some-user
- name: WHOOGLE_PASS
value: some-pass
whoogleNetwork:
webPort: 31000
whoogleStorage:
additionalStorages:
- type: pvc
mountPath: /data1
- type: pvc
mountPath: /data2

3
library/ix-dev/community/whoogle/ci/hostNet-values.yaml Normal file
View File

@@ -0,0 +1,3 @@
whoogleNetwork:
webPort: 30000
hostNetwork: true

9
library/ix-dev/community/whoogle/item.yaml Normal file
View File

@@ -0,0 +1,9 @@
icon_url: https://media.sys.truenas.net/apps/whoogle/icons/icon.png
categories:
- productivity
screenshots:
- https://media.sys.truenas.net/apps/whoogle/screenshots/screenshot1.png
- https://media.sys.truenas.net/apps/whoogle/screenshots/screenshot2.png
tags:
- search
- engine

8
library/ix-dev/community/whoogle/metadata.yaml Normal file
View File

@@ -0,0 +1,8 @@
runAsContext:
- userName: whoogle
groupName: whoogle
gid: 927
uid: 927
description: Whoogle runs as any non-root user.
capabilities: []
hostMounts: []

200
library/ix-dev/community/whoogle/questions.yaml Normal file
View File

@@ -0,0 +1,200 @@
groups:
- name: Whoogle Configuration
description: Configure Whoogle
- name: User and Group Configuration
description: Configure User and Group for Whoogle
- name: Network Configuration
description: Configure Network for Whoogle
- name: Storage Configuration
description: Configure Storage for Whoogle
- name: Resources Configuration
description: Configure Resources for Whoogle
portals:
web_portal:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
path: "$kubernetes-resource_configmap_portal_path"
questions:
- variable: whoogleConfig
label: ""
group: Whoogle Configuration
schema:
type: dict
attrs:
- variable: redirects
label: Specify sites that should be redirected elsewhere
description: Configure redirects for Whoogle.
schema:
type: list
default: []
items:
- variable: redirect
label: Redirect
schema:
type: dict
attrs:
- variable: src
label: Source
description: |
The source domain.</br>
Format: domain.tld
schema:
type: string
required: true
- variable: dst
label: Destination
description: |
The destination domain.</br>
Format: domain.tld
schema:
type: string
required: true
- variable: additionalEnvs
label: Additional Environment Variables
description: Configure additional environment variables for Whoogle.
schema:
type: list
default: []
items:
- variable: env
label: Environment Variable
schema:
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: whoogleNetwork
label: ""
group: Network Configuration
schema:
type: dict
attrs:
- variable: webPort
label: Web Port
description: The port for the Whoogle Web UI.
schema:
type: int
default: 30098
min: 9000
max: 65535
required: true
- variable: hostNetwork
label: Host Network
description: |
Bind to the host network. It's recommended to keep this disabled.</br>
schema:
type: boolean
default: false
- variable: whoogleStorage
label: ""
group: Storage Configuration
schema:
type: dict
attrs:
- variable: additionalStorages
label: Additional Storage
description: Additional storage for Whoogle.
schema:
type: list
default: []
items:
- variable: storageEntry
label: Storage Entry
schema:
type: dict
attrs:
- variable: type
label: Type
description: |
ixVolume: Is dataset created automatically by the system.</br>
Host Path: Is a path that already exists on the system.
schema:
type: string
required: true
default: "ixVolume"
enum:
- value: "hostPath"
description: Host Path (Path that already exists on the system)
- value: "ixVolume"
description: ixVolume (Dataset created automatically by the system)
- variable: mountPath
label: Mount Path
description: The path inside the container to mount the storage.
schema:
type: path
required: true
- variable: hostPath
label: Host Path
description: The host path to use for storage.
schema:
type: hostpath
show_if: [["type", "=", "hostPath"]]
required: true
- variable: datasetName
label: Dataset Name
description: The name of the dataset to use for storage.
schema:
type: string
show_if: [["type", "=", "ixVolume"]]
required: true
immutable: true
default: "storage_entry"
$ref:
- "normalize/ixVolume"
- variable: resources
group: Resources Configuration
label: ""
schema:
type: dict
attrs:
- variable: limits
label: Limits
schema:
type: dict
attrs:
- variable: cpu
label: CPU
description: CPU limit for Whoogle.
schema:
type: string
max_length: 6
valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
valid_chars_error: |
Valid CPU limit formats are</br>
- Plain Integer - eg. 1</br>
- Float - eg. 0.5</br>
- Milicpu - eg. 500m
default: "4000m"
required: true
- variable: memory
label: Memory
description: Memory limit for Whoogle.
schema:
type: string
max_length: 12
valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$'
valid_chars_error: |
Valid Memory limit formats are</br>
- Suffixed with E/P/T/G/M/K - eg. 1G</br>
- Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>
- Plain Integer in bytes - eg. 1024</br>
- Exponent - eg. 134e6
default: "8Gi"
required: true

1
library/ix-dev/community/whoogle/templates/NOTES.txt Normal file
View File

@@ -0,0 +1 @@
{{ include "ix.v1.common.lib.chart.notes" $ }}

50
library/ix-dev/community/whoogle/templates/_persistence.tpl Normal file
View File

@@ -0,0 +1,50 @@
{{- define "whoogle.persistence" -}}
persistence:
config:
enabled: true
# Upstream also has this dir
# in an tmpfs directory
type: emptyDir
targetSelector:
whoogle:
whoogle:
mountPath: /config
tmp:
enabled: true
type: emptyDir
targetSelector:
whoogle:
whoogle:
mountPath: /tmp
runtor:
enabled: true
type: emptyDir
targetSelector:
whoogle:
whoogle:
mountPath: /run/tor
varlibtor:
enabled: true
type: emptyDir
targetSelector:
whoogle:
whoogle:
mountPath: /var/lib/tor
# emptyDir is by default 0:fsGroup
# But for this directory we need to set it to 927:927
01-permissions:
mountPath: /mnt/directories/varlibtor
{{- range $idx, $storage := .Values.whoogleStorage.additionalStorages }}
{{ printf "whoogle-%v" (int $idx) }}:
enabled: true
type: {{ $storage.type }}
datasetName: {{ $storage.datasetName | default "" }}
hostPath: {{ $storage.hostPath | default "" }}
targetSelector:
whoogle:
whoogle:
mountPath: {{ $storage.mountPath }}
01-permissions:
mountPath: /mnt/directories{{ $storage.mountPath }}
{{- end }}
{{- end -}}

12
library/ix-dev/community/whoogle/templates/_portal.tpl Normal file
View File

@@ -0,0 +1,12 @@
{{- define "whoogle.portal" -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: portal
data:
path: "/"
port: {{ .Values.whoogleNetwork.webPort | quote }}
protocol: http
host: $node_ip
{{- end -}}

15
library/ix-dev/community/whoogle/templates/_service.tpl Normal file
View File

@@ -0,0 +1,15 @@
{{- define "whoogle.service" -}}
service:
whoogle:
enabled: true
primary: true
type: NodePort
targetSelector: whoogle
ports:
webui:
enabled: true
primary: true
port: {{ .Values.whoogleNetwork.webPort }}
nodePort: {{ .Values.whoogleNetwork.webPort }}
targetSelector: whoogle
{{- end -}}

58
library/ix-dev/community/whoogle/templates/_whoogle.tpl Normal file
View File

@@ -0,0 +1,58 @@
{{- define "whoogle.workload" -}}
{{- $redirects := list -}}
{{- range $r := .Values.whoogleConfig.redirects -}}
{{- $redirects = append $redirects (printf "%s:%s" $r.src $r.dst) -}}
{{- end }}
workload:
whoogle:
enabled: true
primary: true
type: Deployment
podSpec:
hostNetwork: {{ .Values.whoogleNetwork.hostNetwork }}
securityContext:
fsGroup: 927
containers:
whoogle:
enabled: true
primary: true
imageSelector: image
securityContext:
runAsUser: 927
runAsGroup: 927
readOnlyRootFilesystem: false
env:
EXPOSE_PORT: {{ .Values.whoogleNetwork.webPort }}
{{- with $redirects }}
WHOOGLE_REDIRECTS: {{ join "," $redirects }}
{{- end -}}
{{ with .Values.whoogleConfig.additionalEnvs }}
envList:
{{ range $env := . }}
- name: {{ $env.name }}
value: {{ $env.value }}
{{ end }}
{{ end }}
probes:
liveness:
enabled: true
type: http
port: {{ .Values.whoogleNetwork.webPort }}
path: /healthz
readiness:
enabled: true
type: http
port: {{ .Values.whoogleNetwork.webPort }}
path: /healthz
startup:
enabled: true
type: http
port: {{ .Values.whoogleNetwork.webPort }}
path: /healthz
initContainers:
{{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
"UID" 927
"GID" 927
"mode" "check"
"type" "init") | nindent 8 }}
{{- end -}}

11
library/ix-dev/community/whoogle/templates/common.yaml Normal file
View File

@@ -0,0 +1,11 @@
{{- include "ix.v1.common.loader.init" . -}}
{{/* Merge the templates with Values */}}
{{- $_ := mustMergeOverwrite .Values (include "whoogle.workload" $ | fromYaml) -}}
{{- $_ := mustMergeOverwrite .Values (include "whoogle.service" $ | fromYaml) -}}
{{- $_ := mustMergeOverwrite .Values (include "whoogle.persistence" $ | fromYaml) -}}
{{/* Create the configmap for portal manually*/}}
{{- include "whoogle.portal" $ -}}
{{- include "ix.v1.common.loader.apply" . -}}

1
library/ix-dev/community/whoogle/upgrade_info.json Normal file
View File

@@ -0,0 +1 @@
{"filename": "values.yaml", "keys": ["image"]}

31
library/ix-dev/community/whoogle/upgrade_strategy Executable file
View File

@@ -0,0 +1,31 @@
#!/usr/bin/python3
import json
import re
import sys
from catalog_update.upgrade_strategy import semantic_versioning
RE_STABLE_VERSION = re.compile(r'\d+\.\d+\.\d+')
def newer_mapping(image_tags):
key = list(image_tags.keys())[0]
tags = {t: t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)}
version = semantic_versioning(list(tags))
if not version:
return {}
return {
'tags': {key: tags[version]},
'app_version': version,
}
if __name__ == '__main__':
try:
versions_json = json.loads(sys.stdin.read())
except ValueError:
raise ValueError('Invalid json specified')
print(json.dumps(newer_mapping(versions_json)))

20
library/ix-dev/community/whoogle/values.yaml Normal file
View File

@@ -0,0 +1,20 @@
image:
repository: benbusby/whoogle-search
pullPolicy: IfNotPresent
tag: 0.8.3
resources:
limits:
cpu: 4000m
memory: 8Gi
whoogleConfig:
redirects: []
additionalEnvs: []
whoogleNetwork:
webPort: 30098
hostNetwork: false
whoogleStorage:
additionalStorages: []