From ab6bbb2e998c0f4c7ad235f7415e79ea0fcb60b3 Mon Sep 17 00:00:00 2001 From: Stavros Kois <47820033+stavros-k@users.noreply.github.com> Date: Tue, 19 Sep 2023 22:27:17 +0300 Subject: [PATCH] NAS-124160 / 24.04 / Allow to deploy collabora without certificate (#1549) * Allow to deploy collabora without certificate * rename file * update description --- library/ix-dev/charts/collabora/Chart.yaml | 2 +- .../charts/collabora/ci/http-values.yaml | 26 +++++++++++++++++++ .../{test-values.yaml => https-values.yaml} | 0 .../ix-dev/charts/collabora/questions.yaml | 7 +++-- .../collabora/templates/deployment.yaml | 4 +++ .../collabora/templates/nginx-conf.yaml | 2 ++ .../collabora/templates/nginx-service.yaml | 6 ----- .../charts/collabora/templates/secrets.yaml | 8 +++--- .../charts/collabora/templates/service.yaml | 10 +++++++ 9 files changed, 53 insertions(+), 12 deletions(-) create mode 100644 library/ix-dev/charts/collabora/ci/http-values.yaml rename library/ix-dev/charts/collabora/ci/{test-values.yaml => https-values.yaml} (100%) delete mode 100644 library/ix-dev/charts/collabora/templates/nginx-service.yaml create mode 100644 library/ix-dev/charts/collabora/templates/service.yaml diff --git a/library/ix-dev/charts/collabora/Chart.yaml b/library/ix-dev/charts/collabora/Chart.yaml index 51a8b3526d..9abb498d77 100644 --- a/library/ix-dev/charts/collabora/Chart.yaml +++ b/library/ix-dev/charts/collabora/Chart.yaml @@ -5,7 +5,7 @@ description: | annotations: title: Collabora type: application -version: 1.2.14 +version: 1.2.15 apiVersion: v2 appVersion: '21.11.4.1.1' kubeVersion: '>=1.16.0-0' diff --git a/library/ix-dev/charts/collabora/ci/http-values.yaml b/library/ix-dev/charts/collabora/ci/http-values.yaml new file mode 100644 index 0000000000..7180c98c81 --- /dev/null +++ b/library/ix-dev/charts/collabora/ci/http-values.yaml @@ -0,0 +1,26 @@ +nodePort: 31980 +config: + DONT_GEN_SSL_CERT: 'true' + dictionaries: de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru + domain: nextcloud\.domain\.tld|othernextcloud\.domain\.tld + extra_params: --o:welcome.enable=false --o:user_interface.mode=notebookbar --o:ssl.termination=true + --o:ssl.enable=false --o:net.proto=IPv4 --o:net.post_allow.host[0]=.+ --o:storage.wopi.host[0]=.+ + password: changeme + server_name: ssh.sonicaj.com:49980 + timezone: Asia/Karachi + username: admin +ixChartContext: + isInstall: false + isUpdate: true + isUpgrade: false + operation: UPDATE + storageClassName: ix-storage-class-col + upgradeMetadata: {} +ixExternalInterfacesConfiguration: [] +ixExternalInterfacesConfigurationNames: [] +ixVolumes: [] +environmentVariables: [] +extraAppVolumeMounts: [] +ixCertificateAuthorities: {} +ixCertificates: {} +certificate: diff --git a/library/ix-dev/charts/collabora/ci/test-values.yaml b/library/ix-dev/charts/collabora/ci/https-values.yaml similarity index 100% rename from library/ix-dev/charts/collabora/ci/test-values.yaml rename to library/ix-dev/charts/collabora/ci/https-values.yaml diff --git a/library/ix-dev/charts/collabora/questions.yaml b/library/ix-dev/charts/collabora/questions.yaml index a69a0fa78e..696f138169 100644 --- a/library/ix-dev/charts/collabora/questions.yaml +++ b/library/ix-dev/charts/collabora/questions.yaml @@ -71,14 +71,17 @@ questions: - "definitions/nodeIP" - variable: certificate - description: "Collabora Certificate" + description: | + Collabora Certificate
+ If you do not choose a certificate and do not configure an external reverse proxy
+ you might have to adjust the extra_params. label: "Certificate" group: "Collabora Configuration" schema: type: int $ref: - "definitions/certificate" - "null": false + "null": true - variable: extraAppVolumeMounts label: "Collabora Extra Host Path Volumes" diff --git a/library/ix-dev/charts/collabora/templates/deployment.yaml b/library/ix-dev/charts/collabora/templates/deployment.yaml index 8576aea01e..1334c4c32b 100644 --- a/library/ix-dev/charts/collabora/templates/deployment.yaml +++ b/library/ix-dev/charts/collabora/templates/deployment.yaml @@ -15,6 +15,7 @@ spec: labels: {{ include "common.labels.selectorLabels" . | nindent 8 }} spec: containers: + {{ if .Values.certificate }} - name: {{ .Chart.Name }}-nginx image: {{ printf "%s:%s" .Values.nginx.image.repository .Values.nginx.image.tag }} imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} @@ -66,6 +67,7 @@ spec: timeoutSeconds: 2 failureThreshold: 60 successThreshold: 1 + {{ end }} - name: {{ .Chart.Name }} {{ include "common.resources.limitation" . | nindent 10 }} {{ include "common.containers.imageConfig" .Values.image | nindent 10 }} @@ -120,6 +122,7 @@ spec: {{ $envList = mustAppend $envList (dict "name" "password" "valueFromSecret" true "secretName" $secretName "secretKey" "password") }} {{ include "common.containers.allEnvironmentVariables" (dict "environmentVariables" $envList) | nindent 10 }} volumes: + {{ if .Values.certificate }} - name: configuration configMap: defaultMode: 0700 @@ -127,6 +130,7 @@ spec: - name: certs secret: secretName: {{ include "secretName" . }} + {{ end }} {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} - name: extrappvolume-{{ $index }} hostPath: diff --git a/library/ix-dev/charts/collabora/templates/nginx-conf.yaml b/library/ix-dev/charts/collabora/templates/nginx-conf.yaml index e79e98253f..f6c5b5671f 100644 --- a/library/ix-dev/charts/collabora/templates/nginx-conf.yaml +++ b/library/ix-dev/charts/collabora/templates/nginx-conf.yaml @@ -1,3 +1,4 @@ +{{ if .Values.certificate }} {{- $serviceName := "localhost" -}} apiVersion: v1 kind: ConfigMap @@ -120,3 +121,4 @@ data: } } +{{ end }} diff --git a/library/ix-dev/charts/collabora/templates/nginx-service.yaml b/library/ix-dev/charts/collabora/templates/nginx-service.yaml deleted file mode 100644 index 644ed5b3ad..0000000000 --- a/library/ix-dev/charts/collabora/templates/nginx-service.yaml +++ /dev/null @@ -1,6 +0,0 @@ -{{ $port := .Values.nodePort }} -{{ $ports := list }} -{{ $ports = mustAppend $ports (dict "name" "https" "nodePort" $port "targetPort" 443 "port" 443) }} -{{ $params := (. | mustDeepCopy) }} -{{ $_ := set $params "commonService" (dict "ports" $ports "type" "NodePort" ) }} -{{ include "common.classes.service" $params }} diff --git a/library/ix-dev/charts/collabora/templates/secrets.yaml b/library/ix-dev/charts/collabora/templates/secrets.yaml index 4538aa5e8a..eef7981a90 100644 --- a/library/ix-dev/charts/collabora/templates/secrets.yaml +++ b/library/ix-dev/charts/collabora/templates/secrets.yaml @@ -7,9 +7,11 @@ type: Opaque data: username: {{ .Values.config.username | b64enc | quote }} password: {{ .Values.config.password | b64enc | quote }} - {{ if eq (include "certAvailable" .) "true" }} + {{ if .Values.certificate }} + {{ if eq (include "certAvailable" .) "true" }} certPublicKey: {{ (include "cert.publicKey" .) | toString | b64enc | quote }} certPrivateKey: {{ (include "cert.privateKey" .) | toString | b64enc | quote }} - {{ else }} - {{ fail "No certificate configured for Collabora" }} + {{ else }} + {{ fail "No certificate configured for Collabora" }} + {{ end }} {{ end }} diff --git a/library/ix-dev/charts/collabora/templates/service.yaml b/library/ix-dev/charts/collabora/templates/service.yaml new file mode 100644 index 0000000000..40756d24a7 --- /dev/null +++ b/library/ix-dev/charts/collabora/templates/service.yaml @@ -0,0 +1,10 @@ +{{ $port := .Values.nodePort }} +{{ $ports := list }} +{{ if .Values.certificate }} + {{ $ports = mustAppend $ports (dict "name" "https" "nodePort" $port "targetPort" 443 "port" 443) }} +{{ else }} + {{ $ports = mustAppend $ports (dict "name" "http" "nodePort" $port "targetPort" 9980 "port" 9980) }} +{{ end }} +{{ $params := (. | mustDeepCopy) }} +{{ $_ := set $params "commonService" (dict "ports" $ports "type" "NodePort" ) }} +{{ include "common.classes.service" $params }}