diff --git a/charts/collabora/1.0.0/.helmignore b/charts/collabora/1.0.0/.helmignore new file mode 100644 index 0000000000..a9fe727881 --- /dev/null +++ b/charts/collabora/1.0.0/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# OWNERS file for Kubernetes +OWNERS \ No newline at end of file diff --git a/charts/collabora/1.0.0/Chart.yaml b/charts/collabora/1.0.0/Chart.yaml new file mode 100644 index 0000000000..f6fa2c3265 --- /dev/null +++ b/charts/collabora/1.0.0/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +appVersion: 6.4.10.10 +dependencies: +- name: common + repository: file://../../../library/common/2105.0.0 + version: 2105.0.0 +description: "Collabora Online Development Edition \u2013 an awesome, Online Office \ suite image suitable for home use." +home: https://github.com/CollaboraOnline/online +icon: https://avatars.githubusercontent.com/u/22418908?s=200&v=4 +keywords: +- office +- documents +- productivity +name: collabora +sources: +- https://github.com/CollaboraOnline/online.git +- https://hub.docker.com/r/collabora/code +version: 1.0.0 diff --git a/charts/collabora/1.0.0/README.md b/charts/collabora/1.0.0/README.md new file mode 100755 index 0000000000..a6ad088691 --- /dev/null +++ b/charts/collabora/1.0.0/README.md @@ -0,0 +1,8 @@ +Collabora Online Development Edition +===== + +Collabora Online Development Edition - An awesome, Online Office suite image suitable for home use! +Introduction +------------ + +This chart bootstraps Collabora deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. diff --git a/charts/collabora/1.0.0/app-readme.md b/charts/collabora/1.0.0/app-readme.md new file mode 100644 index 0000000000..2f0776c3c1 --- /dev/null +++ b/charts/collabora/1.0.0/app-readme.md @@ -0,0 +1,9 @@ +Collabora Online Development Edition +===== + +An awesome, Online Office suite image suitable for home use. +With the Collabora Online Development Edition (CODE) Docker Image you can host +your own online Office Suite at home! This Docker image is aimed at home users +and contains the latest and greatest developments. Simply integrate it in your +preferred File Sync and Share (FSS), to easily get your own online Office +Suite up and running! diff --git a/charts/collabora/1.0.0/charts/common-2105.0.0.tgz b/charts/collabora/1.0.0/charts/common-2105.0.0.tgz new file mode 100644 index 0000000000..ef6f820efb Binary files /dev/null and b/charts/collabora/1.0.0/charts/common-2105.0.0.tgz differ diff --git a/charts/collabora/1.0.0/ix_values.yaml b/charts/collabora/1.0.0/ix_values.yaml new file mode 100644 index 0000000000..4e07fa58fc --- /dev/null +++ b/charts/collabora/1.0.0/ix_values.yaml @@ -0,0 +1,10 @@ +image: + pullPolicy: IfNotPresent + repository: collabora/code + tag: 6.4.10.10 +nginx: + image: + pullPolicy: IfNotPresent + repository: nginx + tag: 1.21.3 +updateStrategy: Recreate diff --git a/charts/collabora/1.0.0/questions.yaml b/charts/collabora/1.0.0/questions.yaml new file mode 100644 index 0000000000..1d39680319 --- /dev/null +++ b/charts/collabora/1.0.0/questions.yaml @@ -0,0 +1,131 @@ +groups: + - name: "Collabora Configuration" + description: "Configure Collabora" + - name: "Collabora Environment Variables" + description: "Set the environment that will be visible to the container" + - name: "Networking" + description: "Configure Networking for Collabora" + - name: "Storage" + description: "Configure Storage for Collabora" + +portals: + web_portal: + protocols: + - "https" + host: + - "$variable-config.server_name" + ports: + - "$variable-nodePort" + path: "/loleaflet/dist/admin/admin.html" + +questions: + - variable: config + label: "Container Configuration" + group: "Collabora Configuration" + schema: + type: dict + attrs: + - variable: timezone + label: "Timezone" + group: "Collabora Configuration" + schema: + type: string + $ref: + - "definitions/timezone" + - variable: username + label: "Username for WebUI" + schema: + type: string + default: "admin" + required: true + - variable: password + label: "Password for WebUI" + schema: + type: string + private: true + default: "changeme" + valid_chars: "[a-zA-Z0-9!@#$%^&*?]{8,}" + required: true + - variable: dictionaries + label: "Dictionaries to use, leave empty to use all" + schema: + type: string + default: "de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru" + - variable: extra_params + label: "Extra Parameters to add" + description: 'e.g. "--o:welcome.enable=false", See more on /etc/loolwsd/loowsd.xml. Separate params with space' + schema: + type: string + default: "--o:welcome.enable=false --o:user_interface.mode=notebookbar --o:ssl.termination=true --o:ssl.enable=false --o:net.proto=IPv4 --o:net.post_allow.host[0]=.+ --o:storage.wopi.host[0]=.+" + - variable: server_name + label: "Server Name" + description: "When this environment variable is set (is not “”), then its value will be used as server name in /etc/loolwsd/loolwsd.xml. Without this, CODE is not delivering a correct host for the websocket connection in case of a proxy in front of it." + schema: + type: string + $ref: + - "definitions/nodeIP" + + - variable: certificate + description: "Collabora Certificate" + label: "Certificate" + group: "Collabora Configuration" + schema: + type: int + $ref: + - "definitions/certificate" + "null": false + + - variable: extraAppVolumeMounts + label: "Collabora Extra Host Path Volumes" + group: "Storage" + schema: + type: list + items: + - variable: extraAppVolume + label: "Collabora Host Path Volume" + description: "Add an extra host path volume for Collabora application" + schema: + type: dict + attrs: + - variable: mountPath + label: "Mount Path in Pod" + description: "Path where the volume will be mounted inside the pod" + schema: + type: path + required: true + - variable: hostPath + label: "Host Path" + description: "Host path" + schema: + type: hostpath + required: true + + - variable: environmentVariables + label: "Environment Variables" + group: "Collabora Environment Variables" + schema: + type: list + default: [] + items: + - variable: environmentVariable + label: "Environment Variable" + schema: + type: dict + attrs: + - variable: name + label: "Name" + schema: + type: string + - variable: value + label: "Value" + schema: + type: string + + - variable: nodePort + label: "Node Port to use for Collabora" + group: "Networking" + schema: + type: int + default: 9980 + min: 9000 + max: 65535 diff --git a/charts/collabora/1.0.0/requirements.lock b/charts/collabora/1.0.0/requirements.lock new file mode 100644 index 0000000000..eba13d88bf --- /dev/null +++ b/charts/collabora/1.0.0/requirements.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../library/common/2105.0.0 + version: 2105.0.0 +digest: sha256:11522ab36487826700d7ad0f86f713a4bb5d35248014bcef690fe94acbc09ef6 +generated: "2021-05-17T18:26:46.201544+05:00" diff --git a/charts/collabora/1.0.0/templates/_helpers.tpl b/charts/collabora/1.0.0/templates/_helpers.tpl new file mode 100644 index 0000000000..82b2687b17 --- /dev/null +++ b/charts/collabora/1.0.0/templates/_helpers.tpl @@ -0,0 +1,40 @@ +{{/* +Retrieve secret name for secure credentials +*/}} +{{- define "secretName" -}} +{{- print "credentials" -}} +{{- end -}} + + +{{/* +Retrieve true/false if certificate is configured +*/}} +{{- define "certAvailable" -}} +{{- if .Values.certificate -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}} +{{- template "common.resources.cert_present" $values -}} +{{- else -}} +{{- false -}} +{{- end -}} +{{- end -}} + + +{{/* +Retrieve public key of certificate +*/}} +{{- define "cert.publicKey" -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate "publicKey" true) -}} +{{ include "common.resources.cert" $values }} +{{- end -}} + + +{{/* +Retrieve private key of certificate +*/}} +{{- define "cert.privateKey" -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}} +{{ include "common.resources.cert" $values }} +{{- end -}} diff --git a/charts/collabora/1.0.0/templates/deployment.yaml b/charts/collabora/1.0.0/templates/deployment.yaml new file mode 100644 index 0000000000..604687d2ee --- /dev/null +++ b/charts/collabora/1.0.0/templates/deployment.yaml @@ -0,0 +1,75 @@ +apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ template "common.names.fullname" . }} + labels: {{ include "common.labels" . | nindent 4 }} +spec: + strategy: + type: {{ .Values.updateStrategy }} + selector: + matchLabels: {{ include "common.labels.selectorLabels" . | nindent 6 }} + template: + metadata: + name: {{ template "common.names.fullname" . }} + labels: {{ include "common.labels.selectorLabels" . | nindent 8 }} + spec: + containers: + - name: {{ .Chart.Name }}-nginx + image: {{ printf "%s:%s" .Values.nginx.image.repository .Values.nginx.image.tag }} + imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} + volumeMounts: + - name: configuration + mountPath: /etc/nginx/nginx.conf + readOnly: true + subPath: config + - name: certs + mountPath: /etc/nginx/server.crt + subPath: certPublicKey + - name: certs + mountPath: /etc/nginx/server.key + subPath: certPrivateKey + ports: + - name: http + containerPort: 80 + protocol: TCP + - name: https + containerPort: 443 + protocol: TCP + - name: {{ .Chart.Name }} + {{ include "common.containers.imageConfig" .Values.image | nindent 10 }} + {{ if .Values.extraAppVolumeMounts }} + volumeMounts: + {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} + - name: extrappvolume-{{ $index }} + mountPath: {{ $hostPathConfiguration.mountPath }} + {{ end }} + {{ end }} + ports: + - name: collabora + protocol: TCP + containerPort: 9980 + {{ $envList := (default list .Values.environmentVariables) }} + {{ $secretName := (include "secretName" .) }} + {{ $envConfig := .Values.config }} + {{ $envList = mustAppend $envList (dict "name" "timezone" "value" $envConfig.timezone) }} + {{ $envList = mustAppend $envList (dict "name" "domain" "value" $envConfig.domain) }} + {{ $envList = mustAppend $envList (dict "name" "dictionaries" "value" $envConfig.dictionaries) }} + {{ $envList = mustAppend $envList (dict "name" "extra_params" "value" $envConfig.extra_params) }} + {{ $envList = mustAppend $envList (dict "name" "DONT_GEN_SSL_CERT" "value" "true") }} + {{ $envList = mustAppend $envList (dict "name" "server_name" "value" (printf "%v:%v" $envConfig.server_name .Values.nodePort)) }} + {{ $envList = mustAppend $envList (dict "name" "username" "valueFromSecret" true "secretName" $secretName "secretKey" "username") }} + {{ $envList = mustAppend $envList (dict "name" "password" "valueFromSecret" true "secretName" $secretName "secretKey" "password") }} + {{ include "common.containers.allEnvironmentVariables" (dict "environmentVariables" $envList) | nindent 10 }} + volumes: + - name: configuration + configMap: + defaultMode: 0700 + name: "nginx-config" + - name: certs + secret: + secretName: {{ include "secretName" . }} + {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} + - name: extrappvolume-{{ $index }} + hostPath: + path: {{ $hostPathConfiguration.hostPath }} + {{ end }} diff --git a/charts/collabora/1.0.0/templates/nginx-conf.yaml b/charts/collabora/1.0.0/templates/nginx-conf.yaml new file mode 100644 index 0000000000..ec616892eb --- /dev/null +++ b/charts/collabora/1.0.0/templates/nginx-conf.yaml @@ -0,0 +1,122 @@ +{{- $serviceName := "localhost" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: "nginx-config" + annotations: + rollme: {{ randAlphaNum 5 | quote }} +data: + config: |- + events { + worker_connections 1024; + } + + http { + include mime.types; + default_type application/octet-stream; + + # Types to enable gzip compression on + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/rss+xml + image/svg+xml; + + sendfile on; + client_max_body_size 1000m; + + keepalive_timeout 65; + + # Disable tokens for security (#23684) + server_tokens off; + + gzip on; + client_body_temp_path /var/tmp/firmware; + + server { + server_name nginx; + listen 0.0.0.0:443 default_server ssl http2; + listen [::]:443 default_server ssl http2; + + ssl_certificate "/etc/nginx/server.crt"; + ssl_certificate_key "/etc/nginx/server.key"; + + ssl_session_timeout 120m; + ssl_session_cache shared:ssl:16m; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA:EDH+aRSA:EECDH:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!SHA1:!SHA256:!SHA384; + add_header Strict-Transport-Security max-age=31536000; + + location = /robots.txt { + add_header Content-Type text/plain; + proxy_set_header Referer "http://nginx"; + return 200 "User-agent: *\nDisallow: /loleaflet/*\n"; + } + + # static files + location ^~ /loleaflet { + proxy_pass http://{{ $serviceName }}:9980; + proxy_set_header Host $host; + # proxy_set_header Referer "http://nginx"; + } + + # WOPI discovery URL + location ^~ /hosting/discovery { + set $upstream_collabora {{ $serviceName }}; + proxy_pass http://$upstream_collabora:9980; + proxy_set_header Host $http_host; + # proxy_set_header Referer "http://nginx"; + } + + # Capabilities + location ^~ /hosting/capabilities { + proxy_pass http://{{ $serviceName }}:9980; + proxy_set_header Host $host; + # proxy_set_header Referer "http://nginx"; + } + + # main websocket + location ~ ^/lool/(.*)/ws$ { + proxy_pass http://{{ $serviceName }}:9980; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + # proxy_set_header Referer "http://nginx"; + proxy_read_timeout 36000s; + } + + # download, presentation and image upload + location ~ ^/lool { + proxy_pass http://{{ $serviceName }}:9980; + proxy_set_header Host $host; + proxy_set_header Referer "http://nginx"; + } + + # Admin Console websocket + location ^~ /lool/adminws { + proxy_pass http://{{ $serviceName }}:9980; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + # proxy_set_header Referer "http://nginx"; + proxy_read_timeout 36000s; + } + + } + server { + listen 0.0.0.0:80; + listen [::]:80; + server_name nginx; + return 307 https://$host:{{ .Values.nodePort }}}$request_uri; + } + + } diff --git a/charts/collabora/1.0.0/templates/nginx-service.yaml b/charts/collabora/1.0.0/templates/nginx-service.yaml new file mode 100644 index 0000000000..644ed5b3ad --- /dev/null +++ b/charts/collabora/1.0.0/templates/nginx-service.yaml @@ -0,0 +1,6 @@ +{{ $port := .Values.nodePort }} +{{ $ports := list }} +{{ $ports = mustAppend $ports (dict "name" "https" "nodePort" $port "targetPort" 443 "port" 443) }} +{{ $params := (. | mustDeepCopy) }} +{{ $_ := set $params "commonService" (dict "ports" $ports "type" "NodePort" ) }} +{{ include "common.classes.service" $params }} diff --git a/charts/collabora/1.0.0/templates/secrets.yaml b/charts/collabora/1.0.0/templates/secrets.yaml new file mode 100644 index 0000000000..4538aa5e8a --- /dev/null +++ b/charts/collabora/1.0.0/templates/secrets.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "secretName" . }} + labels: {{ include "common.labels" . | nindent 4 }} +type: Opaque +data: + username: {{ .Values.config.username | b64enc | quote }} + password: {{ .Values.config.password | b64enc | quote }} + {{ if eq (include "certAvailable" .) "true" }} + certPublicKey: {{ (include "cert.publicKey" .) | toString | b64enc | quote }} + certPrivateKey: {{ (include "cert.privateKey" .) | toString | b64enc | quote }} + {{ else }} + {{ fail "No certificate configured for Collabora" }} + {{ end }} diff --git a/charts/collabora/1.0.0/test_values.yaml b/charts/collabora/1.0.0/test_values.yaml new file mode 100644 index 0000000000..93506171df --- /dev/null +++ b/charts/collabora/1.0.0/test_values.yaml @@ -0,0 +1,231 @@ +certificate: 55 +config: + DONT_GEN_SSL_CERT: "true" + dictionaries: de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru + domain: nextcloud\.domain\.tld|othernextcloud\.domain\.tld + extra_params: --o:welcome.enable=false --o:user_interface.mode=notebookbar --o:ssl.termination=true --o:ssl.enable=false --o:net.proto=IPv4 --o:net.post_allow.host[0]=.+ --o:storage.wopi.host[0]=.+ + password: changeme + server_name: ssh.sonicaj.com:49980 + timezone: Asia/Karachi + username: admin +environmentVariables: [] +extraAppVolumeMounts: [] +image: + pullPolicy: IfNotPresent + repository: collabora/code + tag: 6.4.10.10 +ixCertificateAuthorities: {} +ixCertificates: + "55": + CA_type_existing: false + CA_type_intermediate: false + CA_type_internal: false + CSR: null + DN: /CN=ad/C=US/ST=asdf/L=asdf/O=adsf/OU=asdf/emailAddress=a@a.com/subjectAltName=IP Address:192.168.0.3, IP Address:192.168.0.5, IP Address:192.168.0.182, IP Address:192.168.0.129, IP Address:192.168.0.146 + can_be_revoked: false + cert_type: CERTIFICATE + cert_type_CSR: false + cert_type_existing: true + cert_type_internal: false + certificate: |- + -----BEGIN CERTIFICATE----- + MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL + MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV + BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX + Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1 + P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW + 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H + PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t + AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3 + AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB + hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E + AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww + CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH + DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB + FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/ + BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD + KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR + h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx + fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj + x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz + MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB + -----END CERTIFICATE----- + + -----BEGIN CERTIFICATE----- + MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx + CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE + CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB + IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt + 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf + iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd + M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL + Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H + VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID + AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE + wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T + AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw + pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL + MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG + SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr + zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql + PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX + TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d + 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/ + +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w + M7Y3vwxshpo= + -----END CERTIFICATE----- + certificate_path: /etc/certificates/slog3.crt + chain: true + chain_list: + - |- + -----BEGIN CERTIFICATE----- + MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL + MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV + BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX + Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1 + P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW + 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H + PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t + AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3 + AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB + hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E + AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww + CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH + DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB + FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/ + BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD + KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR + h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx + fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj + x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz + MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB + -----END CERTIFICATE----- + - |- + -----BEGIN CERTIFICATE----- + MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz + ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD + VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w + HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx + CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE + CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB + IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt + 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf + iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd + M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL + Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H + VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID + AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE + wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T + AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw + pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL + MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG + SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF + BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr + zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql + PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX + TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d + 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/ + +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w + M7Y3vwxshpo= + -----END CERTIFICATE----- + city: asdf + common: ad + country: US + csr_path: /etc/certificates/slog3.csr + digest_algorithm: SHA256 + email: a@a.com + extensions: + AuthorityKeyIdentifier: | + keyid:B9:58:7F:D2:FD:F6:7C:49:0D:CA:42:33:F2:D3:DD:5E:61:43:F6:B7 + DirName:/CN=asd/C=US/ST=asdf/L=af/O=asdf/OU=asd/emailAddress=a@a.com + serial:60:53:17 + BasicConstraints: CA:FALSE + ExtendedKeyUsage: TLS Web Server Authentication + KeyUsage: Digital Signature, Key Encipherment + SubjectAltName: IP Address:192.168.0.3, IP Address:192.168.0.5, IP Address:192.168.0.182, IP Address:192.168.0.129, IP Address:192.168.0.146 + SubjectKeyIdentifier: 38:1B:67:DF:E2:D8:19:97:8B:E6:A3:8C:42:7E:A9:89:85:DA:92:87 + fingerprint: 59:7A:49:6D:04:CE:70:E5:AF:9A:FB:75:3C:26:58:7D:B7:8E:A6:9D + from: Tue Aug 31 04:23:54 2021 + id: 55 + internal: "NO" + issuer: external + key_length: 2048 + key_type: RSA + lifetime: 825 + name: slog3 + organization: adsf + organizational_unit: asdf + parsed: true + privatekey: |- + -----BEGIN PRIVATE KEY----- + MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT + HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk + H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI + 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d + NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB + +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7 + A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu + eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5 + N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe + EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL + PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR + 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA + 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z + FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo + L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL + d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA + 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu + MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2 + wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd + DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7 + wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc + nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S + dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P + //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY + qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc + 3G15AKCXo7jjOUtHY01DCQ== + -----END PRIVATE KEY----- + privatekey_path: /etc/certificates/slog3.key + revoked: false + revoked_date: null + root_path: /etc/certificates + san: + - IP Address:192.168.0.3 + - IP Address:192.168.0.5 + - IP Address:192.168.0.182 + - IP Address:192.168.0.129 + - IP Address:192.168.0.146 + serial: 6312728 + signedby: null + state: asdf + subject_name_hash: 1673640987 + type: 8 + until: Mon Dec 4 04:23:54 2023 +ixChartContext: + isInstall: false + isUpdate: true + isUpgrade: false + operation: UPDATE + storageClassName: ix-storage-class-col + upgradeMetadata: {} +ixExternalInterfacesConfiguration: [] +ixExternalInterfacesConfigurationNames: [] +ixVolumes: [] +nginx: + image: + pullPolicy: IfNotPresent + repository: nginx + tag: 1.21.3 +nodePort: 31980 diff --git a/charts/collabora/item.yaml b/charts/collabora/item.yaml new file mode 100644 index 0000000000..1e6ded9124 --- /dev/null +++ b/charts/collabora/item.yaml @@ -0,0 +1,5 @@ +categories: + - office + - documents + - productivity +icon_url: https://avatars.githubusercontent.com/u/22418908?s=200&v=4