diff --git a/catalog.json b/catalog.json
index e79a9e5e3c..fe1542ed7c 100644
--- a/catalog.json
+++ b/catalog.json
@@ -1502,6 +1502,44 @@
"https://github.com/truenas/charts/tree/master/enterprise/minio"
],
"icon_url": "https://min.io/resources/img/logo/MINIO_wordmark.png"
+ },
+ "syncthing": {
+ "app_readme": "Syncthing
\nSyncthing is a file synchronization program.
\nAt each startup of the application, the following settings are applied:
\n\n- Disable automatic upgrades
\n- Disable anonymous usage reporting
\n- Disable NAT traversal
\n- Disable global discovery
\n- Disable local discovery
\n- Disable relaying
\n- Disable announcing LAN addresses
\n
\nAdditionally, the following defaults are set for new synthing \"folders\":
\n\n- Max total size of
xattr: 10 MiB \n- Max size per
xattr: 2 MiB \n- Enable
send and sync of xattr \n- Enable
send and sync of ownership \n
",
+ "categories": [
+ "storage"
+ ],
+ "description": "Syncthing is a continuous file synchronization program.",
+ "healthy": true,
+ "healthy_error": null,
+ "home": "https://syncthing.net/",
+ "location": "/__w/charts/charts/enterprise/syncthing",
+ "latest_version": "1.0.0",
+ "latest_app_version": "1.23.3",
+ "latest_human_version": "1.23.3_1.0.0",
+ "last_update": null,
+ "name": "syncthing",
+ "recommended": false,
+ "title": "Syncthing",
+ "maintainers": [
+ {
+ "name": "truenas",
+ "url": "https://www.truenas.com/",
+ "email": "dev@ixsystems.com"
+ }
+ ],
+ "tags": [
+ "sync",
+ "file-sharing"
+ ],
+ "screenshots": [
+ "https://syncthing.net/img/screenshot.png"
+ ],
+ "sources": [
+ "https://syncthing.net/",
+ "https://github.com/syncthing/syncthing",
+ "https://hub.docker.com/r/syncthing/syncthing"
+ ],
+ "icon_url": "https://syncthing.net/img/logo-horizontal.svg"
}
}
}
\ No newline at end of file
diff --git a/enterprise/syncthing/1.0.0/Chart.lock b/enterprise/syncthing/1.0.0/Chart.lock
new file mode 100644
index 0000000000..7126be1633
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+ repository: file://../../../common
+ version: 1.0.8
+digest: sha256:254efaa1285f634b7a80b7baadeadbd20a680f7fee49d1d9d3c4618aa0d657ad
+generated: "2023-05-30T18:50:42.865716795+03:00"
diff --git a/enterprise/syncthing/1.0.0/Chart.yaml b/enterprise/syncthing/1.0.0/Chart.yaml
new file mode 100644
index 0000000000..09068302c1
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/Chart.yaml
@@ -0,0 +1,26 @@
+name: syncthing
+description: Syncthing is a continuous file synchronization program.
+annotations:
+ title: Syncthing
+type: application
+version: 1.0.0
+apiVersion: v2
+appVersion: '1.23.3'
+kubeVersion: '>=1.16.0-0'
+maintainers:
+ - name: truenas
+ url: https://www.truenas.com/
+ email: dev@ixsystems.com
+dependencies:
+ - name: common
+ repository: file://../../../common
+ version: 1.0.8
+home: https://syncthing.net/
+icon: https://syncthing.net/img/logo-horizontal.svg
+sources:
+ - https://syncthing.net/
+ - https://github.com/syncthing/syncthing
+ - https://hub.docker.com/r/syncthing/syncthing
+keywords:
+ - sync
+ - file-sharing
diff --git a/enterprise/syncthing/1.0.0/README.md b/enterprise/syncthing/1.0.0/README.md
new file mode 100644
index 0000000000..cceadde7c0
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/README.md
@@ -0,0 +1,20 @@
+# Syncthing
+
+[Syncthing](https://syncthing.net/) is a file synchronization program.
+
+At each startup of the application, the following settings are applied:
+
+- Disable automatic upgrades
+- Disable anonymous usage reporting
+- Disable NAT traversal
+- Disable global discovery
+- Disable local discovery
+- Disable relaying
+- Disable announcing LAN addresses
+
+Additionally, the following defaults are set for new synthing "folders":
+
+- Max total size of `xattr`: 10 MiB
+- Max size per `xattr`: 2 MiB
+- Enable `send` and `sync` of `xattr`
+- Enable `send` and `sync` of `ownership`
diff --git a/enterprise/syncthing/1.0.0/app-readme.md b/enterprise/syncthing/1.0.0/app-readme.md
new file mode 100644
index 0000000000..cceadde7c0
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/app-readme.md
@@ -0,0 +1,20 @@
+# Syncthing
+
+[Syncthing](https://syncthing.net/) is a file synchronization program.
+
+At each startup of the application, the following settings are applied:
+
+- Disable automatic upgrades
+- Disable anonymous usage reporting
+- Disable NAT traversal
+- Disable global discovery
+- Disable local discovery
+- Disable relaying
+- Disable announcing LAN addresses
+
+Additionally, the following defaults are set for new synthing "folders":
+
+- Max total size of `xattr`: 10 MiB
+- Max size per `xattr`: 2 MiB
+- Enable `send` and `sync` of `xattr`
+- Enable `send` and `sync` of `ownership`
diff --git a/enterprise/syncthing/1.0.0/charts/common-1.0.8.tgz b/enterprise/syncthing/1.0.0/charts/common-1.0.8.tgz
new file mode 100644
index 0000000000..3b457b1361
Binary files /dev/null and b/enterprise/syncthing/1.0.0/charts/common-1.0.8.tgz differ
diff --git a/enterprise/syncthing/1.0.0/ci/basic-no-hostnet-values.yaml b/enterprise/syncthing/1.0.0/ci/basic-no-hostnet-values.yaml
new file mode 100644
index 0000000000..df393973f2
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/ci/basic-no-hostnet-values.yaml
@@ -0,0 +1,24 @@
+syncthingStorage:
+ home:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/home
+ additionalStorages:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir1
+ mountPath: /mnt/dir1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir2
+ mountPath: /mnt/dir2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir3
+ mountPath: /mnt/dir3
+
+syncthingID:
+ user: 1001
+ group: 1001
+
+syncthingNetwork:
+ hostNetwork: false
+ localDiscoveryPort: 31027
+ tcpPort: 32000
+ quicPort: 32000
diff --git a/enterprise/syncthing/1.0.0/ci/basic-values.yaml b/enterprise/syncthing/1.0.0/ci/basic-values.yaml
new file mode 100644
index 0000000000..459223175e
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/ci/basic-values.yaml
@@ -0,0 +1,18 @@
+syncthingStorage:
+ home:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/home
+ additionalStorages:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir1
+ mountPath: /mnt/dir1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir2
+ mountPath: /mnt/dir2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir3
+ mountPath: /mnt/dir3
+
+syncthingID:
+ user: 1001
+ group: 1001
diff --git a/enterprise/syncthing/1.0.0/ci/https-no-hostnet-values.yaml b/enterprise/syncthing/1.0.0/ci/https-no-hostnet-values.yaml
new file mode 100644
index 0000000000..ad59d38f53
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/ci/https-no-hostnet-values.yaml
@@ -0,0 +1,112 @@
+syncthingStorage:
+ home:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/home
+ additionalStorages:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir1
+ mountPath: /mnt/dir1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir2
+ mountPath: /mnt/dir2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir3
+ mountPath: /mnt/dir3
+
+syncthingID:
+ user: 568
+ group: 568
+
+syncthingNetwork:
+ certificateID: 1
+ hostNetwork: false
+ localDiscoveryPort: 31027
+ tcpPort: 32000
+ quicPort: 32000
+
+ixCertificates:
+ "1":
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+ MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+ BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+ Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+ P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+ 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+ PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+ AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+ AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+ hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+ AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+ CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+ DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+ FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+ BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+ KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+ h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+ fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+ x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+ MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+ -----END CERTIFICATE-----
+
+ -----BEGIN CERTIFICATE-----
+ MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+ CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+ CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+ IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+ 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+ iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+ M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+ Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+ VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+ AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+ wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+ AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+ pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+ MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+ SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+ BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+ zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+ PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+ TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+ 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+ +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+ M7Y3vwxshpo=
+ -----END CERTIFICATE-----
+ privatekey: |
+ -----BEGIN PRIVATE KEY-----
+ MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+ HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+ H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+ 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+ NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+ +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+ A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+ eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+ N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+ EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+ PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+ 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+ 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+ FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+ L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+ d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+ 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+ MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+ wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+ DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+ wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+ nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+ dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+ //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+ qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+ 3G15AKCXo7jjOUtHY01DCQ==
+ -----END PRIVATE KEY-----
diff --git a/enterprise/syncthing/1.0.0/ci/https-values.yaml b/enterprise/syncthing/1.0.0/ci/https-values.yaml
new file mode 100644
index 0000000000..6d1b20995c
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/ci/https-values.yaml
@@ -0,0 +1,109 @@
+syncthingStorage:
+ home:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/home
+ additionalStorages:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir1
+ mountPath: /mnt/dir1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir2
+ mountPath: /mnt/dir2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/dir3
+ mountPath: /mnt/dir3
+
+syncthingID:
+ user: 568
+ group: 568
+
+syncthingNetwork:
+ certificateID: 1
+ hostNetwork: true
+
+ixCertificates:
+ "1":
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+ MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+ BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+ Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+ P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+ 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+ PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+ AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+ AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+ hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+ AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+ CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+ DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+ FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+ BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+ KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+ h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+ fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+ x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+ MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+ -----END CERTIFICATE-----
+
+ -----BEGIN CERTIFICATE-----
+ MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+ CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+ CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+ IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+ 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+ iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+ M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+ Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+ VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+ AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+ wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+ AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+ pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+ MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+ SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+ BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+ zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+ PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+ TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+ 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+ +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+ M7Y3vwxshpo=
+ -----END CERTIFICATE-----
+ privatekey: |
+ -----BEGIN PRIVATE KEY-----
+ MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+ HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+ H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+ 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+ NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+ +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+ A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+ eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+ N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+ EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+ PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+ 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+ 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+ FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+ L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+ d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+ 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+ MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+ wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+ DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+ wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+ nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+ dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+ //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+ qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+ 3G15AKCXo7jjOUtHY01DCQ==
+ -----END PRIVATE KEY-----
diff --git a/enterprise/syncthing/1.0.0/ix_values.yaml b/enterprise/syncthing/1.0.0/ix_values.yaml
new file mode 100644
index 0000000000..78b637653e
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/ix_values.yaml
@@ -0,0 +1,38 @@
+image:
+ repository: syncthing/syncthing
+ tag: '1.23.3'
+ pullPolicy: IfNotPresent
+
+resources:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+
+# Currently not exposed in the UI
+# But can be exposed in the future
+syncthingConfig:
+ natTraversal: false
+ localDiscovery: false
+ globalDiscovery: false
+ telemetry: false
+ relaying: false
+ announceLANAddresses: false
+
+syncthingID:
+ user: 568
+ group: 568
+
+syncthingNetwork:
+ webPort: 30000
+ certificateID: 0
+ hostNetwork: true
+ # Only used if hostNetwork is false
+ localDiscoveryPort: 21027
+ tcpPort: 22000
+ quicPort: 22000
+
+syncthingStorage:
+ home:
+ type: ixVolume
+ datasetName: home
+ additionalStorages: []
diff --git a/enterprise/syncthing/1.0.0/metadata.yaml b/enterprise/syncthing/1.0.0/metadata.yaml
new file mode 100644
index 0000000000..f0251c2416
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/metadata.yaml
@@ -0,0 +1,22 @@
+runAsContext:
+ - userName: root
+ groupName: root
+ gid: 0
+ uid: 0
+ description: Syncthing runs as root and starts the syncthing process as a non-root user.
+capabilities:
+ - name: CHOWN
+ description: Syncthing is able to chown files.
+ - name: DAC_OVERRIDE
+ description: Syncthing is able to bypass permission checks.
+ - name: FOWNER
+ description: Syncthing is able bypass permission checks for it's sub-processes.
+ - name: SETUID
+ description: Syncthing is able to set user ID for it's sub-processes.
+ - name: SETGID
+ description: Syncthing is able to set group ID for it's sub-processes.
+ - name: SETPCAP
+ description: Syncthing is able to set process capabilities.
+ - name: SETFCAP
+ description: Syncthing is able to set file capabilities.
+hostMounts: []
diff --git a/enterprise/syncthing/1.0.0/questions.yaml b/enterprise/syncthing/1.0.0/questions.yaml
new file mode 100644
index 0000000000..8afc0212b5
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/questions.yaml
@@ -0,0 +1,222 @@
+groups:
+ - name: Syncthing Configuration
+ description: Configure Syncthing
+ - name: User and Group Configuration
+ description: Configure User and Group for Syncthing
+ - name: Network Configuration
+ description: Configure Network for Syncthing
+ - name: Storage Configuration
+ description: Configure Storage for Syncthing
+ - name: Resources Configuration
+ description: Configure Resources for Syncthing
+
+portals:
+ web_portal:
+ protocols:
+ - "$kubernetes-resource_configmap_portal_protocol"
+ host:
+ - "$kubernetes-resource_configmap_portal_host"
+ ports:
+ - "$kubernetes-resource_configmap_portal_port"
+ path: "$kubernetes-resource_configmap_portal_path"
+
+questions:
+ - variable: TZ
+ group: Syncthing Configuration
+ label: Timezone
+ schema:
+ type: string
+ default: Etc/UTC
+ required: true
+ $ref:
+ - definitions/timezone
+
+ - variable: syncthingID
+ label: ""
+ group: User and Group Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: user
+ label: User ID
+ description: The user id that Syncthing files will be owned by.
+ schema:
+ type: int
+ min: 568
+ default: 568
+ immutable: true
+ required: true
+ - variable: group
+ label: Group ID
+ description: The group id that Syncthing files will be owned by.
+ schema:
+ type: int
+ min: 568
+ default: 568
+ immutable: true
+ required: true
+
+ - variable: syncthingNetwork
+ label: ""
+ group: Network Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: hostNetwork
+ label: Host Network
+ description: |
+ Bind to the host network.
+ If this is disabled, you will need to add your local networks in CIDR format to the Syncthing WebUI.
+ In the Syncthing WebUI, go to Advanced Settings > Options > Always Local Nets
+ Separate each CIDR network with a comma.
+ Example: 192.168.0.0/24,192.168.1.0/24
+ schema:
+ type: boolean
+ default: true
+ - variable: webPort
+ label: Web Port
+ description: The port for the Syncthing WebUI.
+ schema:
+ type: int
+ default: 31000
+ min: 9000
+ max: 65535
+ required: true
+ - variable: tcpPort
+ label: TCP Port (File Transfers)
+ description: The TCP port for Syncthing transfers.
+ schema:
+ type: int
+ show_if: [["hostNetwork", "=", false]]
+ default: 22000
+ min: 9000
+ max: 65535
+ required: true
+ - variable: quicPort
+ label: QUIC (UDP) Port (File Transfers)
+ description: The QUIC (UDP) port for Syncthing transfers.
+ schema:
+ type: int
+ show_if: [["hostNetwork", "=", false]]
+ default: 22000
+ min: 9000
+ max: 65535
+ required: true
+ - variable: certificateID
+ label: Certificate
+ description: The certificate to use for Syncthing GUI.
+ schema:
+ type: int
+ "null": true
+ $ref:
+ - "definitions/certificate"
+
+ - variable: syncthingStorage
+ label: ""
+ group: Storage Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: home
+ label: Syncthing Home Storage
+ description: The path to store Syncthing Home Directory.
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ description: |
+ ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ schema:
+ type: string
+ required: true
+ default: "ixVolume"
+ enum:
+ - value: "hostPath"
+ description: Host Path (Path that already exists on the system)
+ - value: "ixVolume"
+ description: ixVolume (Dataset created automatically by the system)
+ - variable: datasetName
+ label: Dataset Name
+ schema:
+ type: string
+ show_if: [["type", "=", "ixVolume"]]
+ required: true
+ hidden: true
+ immutable: true
+ default: "home"
+ $ref:
+ - "normalize/ixVolume"
+ - variable: hostPath
+ label: Host Path
+ schema:
+ type: hostpath
+ show_if: [["type", "=", "hostPath"]]
+ immutable: true
+ required: true
+ - variable: additionalStorages
+ label: Additional Storage
+ description: Additional storage for Syncthing.
+ schema:
+ type: list
+ required: true
+ empty: false
+ default: []
+ items:
+ - variable: storageEntry
+ label: Storage Entry
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ description: |
+ Host Path: Is a path that already exists on the system.
+ schema:
+ type: string
+ required: true
+ default: "hostPath"
+ hidden: true
+ enum:
+ - value: "hostPath"
+ description: Host Path (Path that already exists on the system)
+ - variable: mountPath
+ label: Mount Path
+ description: The path inside the container to mount the storage.
+ schema:
+ type: path
+ required: true
+ - variable: hostPath
+ label: Host Path
+ description: The host path to use for storage.
+ schema:
+ type: hostpath
+ show_if: [["type", "=", "hostPath"]]
+ required: true
+
+ - variable: resources
+ group: Resources Configuration
+ label: ""
+ schema:
+ type: dict
+ attrs:
+ - variable: limits
+ label: Limits
+ schema:
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: CPU limit for Syncthing.
+ schema:
+ type: string
+ default: "4000m"
+ required: true
+ - variable: memory
+ label: Memory
+ description: Memory limit for Syncthing.
+ schema:
+ type: string
+ default: "8Gi"
+ required: true
diff --git a/enterprise/syncthing/1.0.0/templates/NOTES.txt b/enterprise/syncthing/1.0.0/templates/NOTES.txt
new file mode 100644
index 0000000000..ba4e01146c
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/templates/NOTES.txt
@@ -0,0 +1 @@
+{{ include "ix.v1.common.lib.chart.notes" $ }}
diff --git a/enterprise/syncthing/1.0.0/templates/_certContainer.tpl b/enterprise/syncthing/1.0.0/templates/_certContainer.tpl
new file mode 100644
index 0000000000..880bb56dbb
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/templates/_certContainer.tpl
@@ -0,0 +1,41 @@
+{{- define "syncthing.certContainer" -}}
+01-certs:
+ enabled: true
+ type: init
+ imageSelector: image
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ runAsNonRoot: false
+ readOnlyRootFilesystem: false
+ allowPrivilegeEscalation: true
+ capabilities:
+ add:
+ - FOWNER
+ - DAC_OVERRIDE
+ - CHOWN
+ - SETUID
+ - SETGID
+ - SETFCAP
+ - SETPCAP
+ fixedEnv:
+ PUID: {{ .Values.syncthingID.user }}
+ command:
+ - /bin/sh
+ - -c
+ - |
+ #!/bin/sh
+ set -e
+ configDir=/var/syncthing/config
+ # Copy certificates, so that syncthing can use them
+ # If we mount the certificates directly, syncthing will not start, as it tries
+ # to chmod the whole directory and fails, because the secret is read-only
+ if [ ! -d "$configDir" ]; then
+ mkdir -p "$configDir"
+ chown -R "$PUID:$PGID" "$configDir"
+ fi
+ cp /certs/https-key.pem "$configDir/https-key.pem"
+ cp /certs/https-cert.pem "$configDir/https-cert.pem"
+ chown "$PUID:$PGID" "$configDir/https-key.pem"
+ chown "$PUID:$PGID" "$configDir/https-cert.pem"
+{{- end -}}
diff --git a/enterprise/syncthing/1.0.0/templates/_configure.tpl b/enterprise/syncthing/1.0.0/templates/_configure.tpl
new file mode 100644
index 0000000000..8bc27338f1
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/templates/_configure.tpl
@@ -0,0 +1,53 @@
+{{- define "syncthing.configure" -}}
+{{/*
+ https://docs.syncthing.net/users/config.html
+ Note: Configuration in the above link does not match the subcommands of the cli
+ To get the correct subcommands, run `syncthing cli config `
+ It will print all the available subcommands for that category
+ "Knobs" are exposed under Values.syncthingConfig, We can exposed those to questions.yaml if we want
+ */}}
+configmap:
+ syncthing-configure:
+ enabled: true
+ data:
+ configure.sh: |
+ #!/bin/sh
+ set -e
+ configDir=/var/syncthing/config
+
+ # Make sure the file exists
+ until [ -f "$configDir/config.xml" ]; do
+ sleep 2
+ done
+
+ # Check the API is running
+ until curl --silent --output /dev/null http://localhost:{{ .Values.syncthingNetwork.webPort }}/rest/noauth/health; do
+ sleep 2
+ done
+
+ function setConfig() {
+ syncthing cli --home "$configDir" config $@
+ }
+
+ # Now we can use the syncthing cli (wrapper around the API) to set the defaults.
+ # Keep in mind that all the below values are not enforced, user can change them
+ # while the app is running, but will be re-applied on restart.
+
+ # Category "options" is more like "general" or "global" settings.
+ setConfig options announce-lanaddresses set -- {{ ternary "1" "0" .Values.syncthingConfig.announceLANAddresses | quote }}
+ setConfig options global-ann-enabled set -- {{ ternary "1" "0" .Values.syncthingConfig.globalDiscovery | quote }}
+ setConfig options local-ann-enabled set -- {{ ternary "1" "0" .Values.syncthingConfig.localDiscovery | quote }}
+ setConfig options natenabled set -- {{ ternary "1" "0" .Values.syncthingConfig.natTraversal | quote }}
+ setConfig options relays-enabled set -- {{ ternary "1" "0" .Values.syncthingConfig.relaying | quote }}
+ setConfig options uraccepted set -- {{ ternary "1" "-1" .Values.syncthingConfig.telemetry | quote }}
+ setConfig options auto-upgrade-intervalh set -- "0"
+
+ # Category "defaults/folder" contains the default settings for new folders.
+ setConfig defaults folder xattr-filter max-total-size set -- 10485760
+ setConfig defaults folder xattr-filter max-single-entry-size set -- 2097152
+ setConfig defaults folder send-ownership set -- 1
+ setConfig defaults folder sync-ownership set -- 1
+ setConfig defaults folder send-xattrs set -- 1
+ setConfig defaults folder sync-xattrs set -- 1
+
+{{- end -}}
diff --git a/enterprise/syncthing/1.0.0/templates/_portal.tpl b/enterprise/syncthing/1.0.0/templates/_portal.tpl
new file mode 100644
index 0000000000..eb7f491fed
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/templates/_portal.tpl
@@ -0,0 +1,16 @@
+{{- define "syncthing.portal" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: portal
+data:
+ path: "/"
+ host: "$node_ip"
+ port: {{ .Values.syncthingNetwork.webPort | quote }}
+ {{- if .Values.syncthingNetwork.certificateID }}
+ protocol: https
+ {{- else }}
+ protocol: http
+ {{- end }}
+{{- end -}}
diff --git a/enterprise/syncthing/1.0.0/templates/_syncthing.tpl b/enterprise/syncthing/1.0.0/templates/_syncthing.tpl
new file mode 100644
index 0000000000..b0ae4e57dc
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/templates/_syncthing.tpl
@@ -0,0 +1,178 @@
+{{- define "syncthing.workload" -}}
+workload:
+ syncthing:
+ enabled: true
+ primary: true
+ type: Deployment
+ podSpec:
+ hostNetwork: {{ .Values.syncthingNetwork.hostNetwork }}
+ securityContext:
+ fsGroup: {{ .Values.syncthingID.group }}
+ containers:
+ syncthing:
+ enabled: true
+ primary: true
+ imageSelector: image
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ runAsNonRoot: false
+ readOnlyRootFilesystem: false
+ # This is needed to allow syncthing assign
+ # PCAPs to its child processes
+ allowPrivilegeEscalation: true
+ capabilities:
+ add:
+ - FOWNER
+ - DAC_OVERRIDE
+ - CHOWN
+ - SETUID
+ - SETGID
+ - SETFCAP
+ - SETPCAP
+ env:
+ PCAP: cap_chown,cap_dac_override,cap_fowner+ep
+ STGUIADDRESS: "0.0.0.0:{{ .Values.syncthingNetwork.webPort }}"
+ # Disable automatic upgrades
+ STNOUPGRADE: "true"
+ fixedEnv:
+ PUID: {{ .Values.syncthingID.user }}
+ probes:
+ liveness:
+ enabled: true
+ type: http
+ path: /rest/noauth/health
+ port: "{{ .Values.syncthingNetwork.webPort }}"
+ readiness:
+ enabled: true
+ type: http
+ path: /rest/noauth/health
+ port: "{{ .Values.syncthingNetwork.webPort }}"
+ startup:
+ enabled: true
+ type: http
+ path: /rest/noauth/health
+ port: "{{ .Values.syncthingNetwork.webPort }}"
+ # We use this hook as we need the API
+ # to be running when we run the configure script
+ lifecycle:
+ postStart:
+ type: exec
+ command:
+ - su-exec
+ - "{{ .Values.syncthingID.user }}:{{ .Values.syncthingID.group }}"
+ - /configure.sh
+ {{- if .Values.syncthingNetwork.certificateID }}
+ initContainers:
+ {{- include "syncthing.certContainer" $ | nindent 8 -}}
+ {{- end }}
+{{/* Service */}}
+service:
+ syncthing-web:
+ enabled: true
+ primary: true
+ type: NodePort
+ targetSelector: syncthing
+ ports:
+ webui:
+ enabled: true
+ primary: true
+ port: {{ .Values.syncthingNetwork.webPort }}
+ nodePort: {{ .Values.syncthingNetwork.webPort }}
+ targetSelector: syncthing
+ syncthing-discovery:
+ # Only enable this service if local discovery is enabled
+ enabled: {{ .Values.syncthingConfig.localDiscovery }}
+ type: NodePort
+ targetSelector: syncthing
+ ports:
+ discovery:
+ enabled: true
+ port: {{ .Values.syncthingNetwork.localDiscoveryPort }}
+ nodePort: {{ .Values.syncthingNetwork.localDiscoveryPort }}
+ targetPort: 21017
+ protocol: udp
+ targetSelector: syncthing
+ syncthing-transfer:
+ enabled: true
+ type: NodePort
+ targetSelector: syncthing
+ ports:
+ tcp:
+ enabled: true
+ primary: true
+ port: {{ .Values.syncthingNetwork.tcpPort }}
+ nodePort: {{ .Values.syncthingNetwork.tcpPort }}
+ targetPort: 22000
+ targetSelector: syncthing
+ quic:
+ enabled: true
+ port: {{ .Values.syncthingNetwork.quicPort }}
+ nodePort: {{ .Values.syncthingNetwork.quicPort }}
+ targetPort: 22000
+ protocol: udp
+ targetSelector: syncthing
+
+{{/* Persistence */}}
+persistence:
+ home:
+ enabled: true
+ type: {{ .Values.syncthingStorage.home.type }}
+ datasetName: {{ .Values.syncthingStorage.home.datasetName | default "" }}
+ hostPath: {{ .Values.syncthingStorage.home.hostPath | default "" }}
+ targetSelector:
+ syncthing:
+ syncthing:
+ mountPath: /var/syncthing
+ 01-certs:
+ mountPath: /var/syncthing
+ configure:
+ enabled: true
+ type: configmap
+ objectName: syncthing-configure
+ defaultMode: "0770"
+ targetSelector:
+ syncthing:
+ syncthing:
+ mountPath: /configure.sh
+ subPath: configure.sh
+
+ {{- if not .Values.syncthingStorage.additionalStorages -}}
+ {{- fail "Syncthing - Expected at least one additional storage defined" -}}
+ {{- end -}}
+
+ {{- range $idx, $storage := .Values.syncthingStorage.additionalStorages }}
+ {{ printf "sync-%v" (int $idx) }}:
+ enabled: true
+ type: {{ $storage.type }}
+ datasetName: {{ $storage.datasetName | default "" }}
+ hostPath: {{ $storage.hostPath | default "" }}
+ targetSelector:
+ syncthing:
+ syncthing:
+ mountPath: {{ $storage.mountPath }}
+ {{- end }}
+
+ {{- if .Values.syncthingNetwork.certificateID }}
+ certs:
+ enabled: true
+ type: secret
+ objectName: syncthing-cert
+ defaultMode: "0600"
+ items:
+ - key: tls.key
+ path: https-key.pem
+ - key: tls.crt
+ path: https-cert.pem
+ targetSelector:
+ syncthing:
+ 01-certs:
+ mountPath: /certs
+ readOnly: true
+
+scaleCertificate:
+ syncthing-cert:
+ enabled: true
+ id: {{ .Values.syncthingNetwork.certificateID }}
+ {{- end -}}
+{{- end -}}
diff --git a/enterprise/syncthing/1.0.0/templates/common.yaml b/enterprise/syncthing/1.0.0/templates/common.yaml
new file mode 100644
index 0000000000..f9f4fded52
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/templates/common.yaml
@@ -0,0 +1,10 @@
+{{- include "ix.v1.common.loader.init" . -}}
+
+{{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "syncthing.workload" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "syncthing.configure" $ | fromYaml) -}}
+
+{{/* Create the configmap for portal manually*/}}
+{{- include "syncthing.portal" $ -}}
+
+{{- include "ix.v1.common.loader.apply" . -}}
diff --git a/enterprise/syncthing/1.0.0/upgrade_strategy_disable b/enterprise/syncthing/1.0.0/upgrade_strategy_disable
new file mode 100755
index 0000000000..aef37b7f05
--- /dev/null
+++ b/enterprise/syncthing/1.0.0/upgrade_strategy_disable
@@ -0,0 +1,30 @@
+#!/usr/bin/python3
+import json
+import re
+import sys
+
+from catalog_update.upgrade_strategy import semantic_versioning
+
+RE_STABLE_VERSION = re.compile(r'[1-9]+\.[0-9]+\.[0-9]+')
+
+
+def newer_mapping(image_tags):
+ key = list(image_tags.keys())[0]
+ tags = {t: t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)}
+ version = semantic_versioning(list(tags))
+ if not version:
+ return {}
+
+ return {
+ 'tags': {key: tags[version]},
+ 'app_version': version,
+ }
+
+
+if __name__ == '__main__':
+ try:
+ versions_json = json.loads(sys.stdin.read())
+ except ValueError:
+ raise ValueError('Invalid json specified')
+
+ print(json.dumps(newer_mapping(versions_json)))
diff --git a/enterprise/syncthing/item.yaml b/enterprise/syncthing/item.yaml
new file mode 100644
index 0000000000..6612d841d1
--- /dev/null
+++ b/enterprise/syncthing/item.yaml
@@ -0,0 +1,8 @@
+icon_url: https://syncthing.net/img/logo-horizontal.svg
+categories:
+ - storage
+screenshots:
+ - https://syncthing.net/img/screenshot.png
+tags:
+ - sync
+ - file-sharing