diff --git a/community/unifi-protect-backup/1.0.0/Chart.lock b/community/unifi-protect-backup/1.0.0/Chart.lock new file mode 100644 index 0000000000..b0b9c14712 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.1.1 +digest: sha256:a7dbe3e4d42dbcd4325776e5e01a1d630c7f185f79e7ebf22b1b9cc80f56eed7 +generated: "2023-09-04T21:16:06.489421061+03:00" diff --git a/community/unifi-protect-backup/1.0.0/Chart.yaml b/community/unifi-protect-backup/1.0.0/Chart.yaml new file mode 100644 index 0000000000..66a231a0ef --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/Chart.yaml @@ -0,0 +1,26 @@ +name: unifi-protect-backup +description: Unifi Protect Backup is a python based tool for backing up UniFi Protect event clips as they occur. +annotations: + title: Unifi Protect Backup +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: 0.9.4 +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ + email: dev@ixsystems.com +dependencies: + - name: common + repository: file://../../../common + version: 1.1.1 +home: https://github.com/ep1cman/unifi-protect-backup +icon: https://www.ixsystems.com/wp-content/uploads/2021/06/ix_logo_200x47.png +sources: + - https://github.com/ep1cman/unifi-protect-backup + - https://github.com/truenas/charts/tree/master/community/unifi-protect-backup + - https://github.com/ep1cman/unifi-protect-backup/pkgs/container/unifi-protect-backup/ +keywords: + - backup + - unifi-protect diff --git a/community/unifi-protect-backup/1.0.0/README.md b/community/unifi-protect-backup/1.0.0/README.md new file mode 100644 index 0000000000..80fd300937 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/README.md @@ -0,0 +1,3 @@ +# Unifi Protect Backup + +[Unifi Protect Backup](https://github.com/ep1cman/unifi-protect-backup) is a python based tool for backing up UniFi Protect event clips as they occur. diff --git a/community/unifi-protect-backup/1.0.0/app-readme.md b/community/unifi-protect-backup/1.0.0/app-readme.md new file mode 100644 index 0000000000..80fd300937 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/app-readme.md @@ -0,0 +1,3 @@ +# Unifi Protect Backup + +[Unifi Protect Backup](https://github.com/ep1cman/unifi-protect-backup) is a python based tool for backing up UniFi Protect event clips as they occur. diff --git a/community/unifi-protect-backup/1.0.0/charts/common-1.1.1.tgz b/community/unifi-protect-backup/1.0.0/charts/common-1.1.1.tgz new file mode 100644 index 0000000000..9738ef5853 Binary files /dev/null and b/community/unifi-protect-backup/1.0.0/charts/common-1.1.1.tgz differ diff --git a/community/unifi-protect-backup/1.0.0/ci/basic-values.yaml b/community/unifi-protect-backup/1.0.0/ci/basic-values.yaml new file mode 100644 index 0000000000..62efebee17 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/ci/basic-values.yaml @@ -0,0 +1,13 @@ +upbConfig: + unifiProtectUsername: 'user' + unifiProtectPassword: 'pass' + unifiProtectAddress: '192.168.1.100' + rcloneDestination: 'gdrive:unifi-protect-backup' + +upbStorage: + config: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/config + data: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/data diff --git a/community/unifi-protect-backup/1.0.0/ci/extra-values.yaml b/community/unifi-protect-backup/1.0.0/ci/extra-values.yaml new file mode 100644 index 0000000000..9aac370321 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/ci/extra-values.yaml @@ -0,0 +1,20 @@ +upbConfig: + unifiProtectUsername: 'user' + unifiProtectPassword: 'pass' + unifiProtectAddress: '192.168.1.100' + rcloneDestination: 'gdrive:unifi-protect-backup' + +upbStorage: + config: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/config + data: + type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/data + additionalStorages: + - type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/data1 + mountPath: /data1 + - type: hostPath + hostPath: /mnt/{{ .Release.Namespace }}/data2 + mountPath: /data2 diff --git a/community/unifi-protect-backup/1.0.0/ix_values.yaml b/community/unifi-protect-backup/1.0.0/ix_values.yaml new file mode 100644 index 0000000000..64414f3520 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/ix_values.yaml @@ -0,0 +1,40 @@ +image: + repository: ghcr.io/ep1cman/unifi-protect-backup + pullPolicy: IfNotPresent + tag: 0.9.4 + +resources: + limits: + cpu: 4000m + memory: 8Gi + +upbConfig: + unifiProtectUsername: '' + unifiProtectPassword: '' + unifiProtectAddress: '' + unifiProtectPort: 443 + unifiProtectVerifySsl: true + skipMissing: false + ignoreCameras: [] + detectionTypes: + - motion + - person + - vehicle + - ring + rcloneDestination: '' + rcloneArgs: [] + rclonePurgeArgs: [] + additionalEnvs: [] + +upbID: + user: 568 + group: 568 + +upbStorage: + config: + type: ixVolume + datasetName: config + data: + type: ixVolume + datasetName: data + additionalStorages: [] diff --git a/community/unifi-protect-backup/1.0.0/metadata.yaml b/community/unifi-protect-backup/1.0.0/metadata.yaml new file mode 100644 index 0000000000..bc40158008 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/metadata.yaml @@ -0,0 +1,16 @@ +runAsContext: + - userName: root + groupName: root + gid: 0 + uid: 0 + description: Unifi Protect Backup run as root user +capabilities: + - name: CHOWN + description: Unifi Protect Backup is able to chown files. + - name: FOWNER + description: Unifi Protect Backup is able bypass permission checks for it's sub-processes. + - name: SETGID + description: Unifi Protect Backup is able to set group ID for it's sub-processes. + - name: SETUID + description: Unifi Protect Backup is able to set user ID for it's sub-processes. +hostMounts: [] diff --git a/community/unifi-protect-backup/1.0.0/questions.yaml b/community/unifi-protect-backup/1.0.0/questions.yaml new file mode 100644 index 0000000000..59e830e367 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/questions.yaml @@ -0,0 +1,362 @@ +groups: + - name: Unifi Protect Backup Configuration + description: Configure Unifi Protect Backup + - name: User and Group Configuration + description: Configure User and Group for Unifi Protect Backup + - name: Storage Configuration + description: Configure Storage for Unifi Protect Backup + - name: Resources Configuration + description: Configure Resources for Unifi Protect Backup + +questions: + - variable: TZ + group: Unifi Protect Backup Configuration + label: Timezone + schema: + type: string + default: Etc/UTC + required: true + $ref: + - definitions/timezone + + - variable: upbConfig + label: "" + group: Unifi Protect Backup Configuration + schema: + type: dict + attrs: + - variable: unifiProtectUsername + label: Unifi Protect Username + description: Username to login to Unifi Protect instance + schema: + type: string + required: true + - variable: unifiProtectPassword + label: Unifi Protect Password + description: Password for Unifi Protect user + schema: + type: string + required: true + private: true + - variable: unifiProtectAddress + label: Unifi Protect Address + description: Address of Unifi Protect instance + schema: + type: string + required: true + - variable: unifiProtectPort + label: Unifi Protect Port + description: Port of Unifi Protect instance + schema: + type: int + min: 1 + max: 65535 + required: true + default: 443 + - variable: unifiProtectVerifySsl + label: Unifi Protect Verify SSL + description: Verify SSL certificate of Unifi Protect instance + schema: + type: boolean + default: true + - variable: skipMissing + label: Skip Missing + description: If set, events which are 'missing' at the start will be ignored. + schema: + type: boolean + default: false + - variable: ignoreCameras + label: Ignore Cameras + description: IDs of cameras for which events should not be backed up. One per line. + schema: + type: list + default: [] + items: + - variable: id + label: Camera ID + schema: + type: string + required: true + - variable: detectionTypes + label: Detection Types + description: Types of detections to back up. One per line. + schema: + type: list + default: + - motion + - person + - vehicle + - ring + items: + - variable: type + label: Detection Type + schema: + type: string + required: true + enum: + - value: "motion" + description: Motion + - value: "person" + description: Person + - value: "vehicle" + description: Vehicle + - value: "ring" + description: Ring + - variable: rcloneDestination + label: Rclone Destination + description: | + Rclone destination path in the format {rclone-remote}:{path-on-remote} + E.g. `gdrive:/backups/unifi_protect` + schema: + type: string + required: true + - variable: rcloneArgs + label: Rclone Arguments + description: | + Optional extra arguments to pass to rclone rcat directly. One per line
+ Common usage for this would be to set a bandwidth limit
+ E.g. --bwlimit 8M + schema: + type: list + default: [] + items: + - variable: arg + label: Argument + schema: + type: string + required: true + - variable: rclonePurgeArgs + label: Rclone Purge Arguments + description: | + Optional extra arguments to pass to rclone delete. One per line
+ Common usage for this would be to execute a permanent delete + instead of using the recycle bin on a destination.
+ Google Drive example: --drive-use-trash=false + schema: + type: list + default: [] + items: + - variable: arg + label: Argument + schema: + type: string + required: true + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Unifi Protect Backup. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: upbID + label: "" + group: User and Group Configuration + schema: + type: dict + attrs: + - variable: user + label: User ID + description: The user id that Unifi Protect Backup files will be owned by. + schema: + type: int + min: 568 + default: 568 + required: true + - variable: group + label: Group ID + description: The group id that Unifi Protect Backup files will be owned by. + schema: + type: int + min: 568 + default: 568 + required: true + + - variable: upbStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: config + label: Unifi Protect Backup Config Storage + description: The path to store Unifi Protect Backup Configuration. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: "config" + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + - variable: data + label: Unifi Protect Backup Data Storage + description: The path to store Unifi Protect Backup Data. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: datasetName + label: Dataset Name + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + hidden: true + immutable: true + default: "data" + $ref: + - "normalize/ixVolume" + - variable: hostPath + label: Host Path + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + immutable: true + required: true + - variable: additionalStorages + label: Additional Storage + description: Additional storage for Unifi Protect Backup. + schema: + type: list + default: [] + items: + - variable: storageEntry + label: Storage Entry + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: mountPath + label: Mount Path + description: The path inside the container to mount the storage. + schema: + type: path + required: true + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["type", "=", "hostPath"]] + required: true + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + show_if: [["type", "=", "ixVolume"]] + required: true + immutable: true + default: "storage_entry" + $ref: + - "normalize/ixVolume" + + - variable: resources + group: Resources Configuration + label: "" + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Unifi Protect Backup. + schema: + type: string + max_length: 6 + valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$' + valid_chars_error: | + Valid CPU limit formats are
+ - Plain Integer - eg. 1
+ - Float - eg. 0.5
+ - Milicpu - eg. 500m + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Unifi Protect Backup. + schema: + type: string + max_length: 12 + valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$' + valid_chars_error: | + Valid Memory limit formats are
+ - Suffixed with E/P/T/G/M/K - eg. 1G
+ - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi
+ - Plain Integer in bytes - eg. 1024
+ - Exponent - eg. 134e6 + default: "8Gi" + required: true diff --git a/community/unifi-protect-backup/1.0.0/templates/NOTES.txt b/community/unifi-protect-backup/1.0.0/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/community/unifi-protect-backup/1.0.0/templates/_configuration.tpl b/community/unifi-protect-backup/1.0.0/templates/_configuration.tpl new file mode 100644 index 0000000000..2ad719c162 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/templates/_configuration.tpl @@ -0,0 +1,31 @@ +{{- define "upb.configuration" -}} +secret: + upb-creds: + enabled: true + data: + UFP_USERNAME: {{ .Values.upbConfig.unifiProtectUsername | quote }} + UFP_PASSWORD: {{ .Values.upbConfig.unifiProtectPassword | quote }} + UFP_ADDRESS: {{ .Values.upbConfig.unifiProtectAddress | quote }} + UFP_PORT: {{ .Values.upbConfig.unifiProtectPort | quote }} + UFP_SSL_VERIFY: {{ .Values.upbConfig.unifiProtectVerifySsl | quote }} + +configmap: + upb-config: + enabled: true + data: + SQLITE_PATH: /config/database/events.sqlite + RCLONE_DESTINATION: {{ .Values.upbConfig.rcloneDestination | quote }} + SKIP_MISSING: {{ .Values.upbConfig.skipMissing | quote }} + {{- if .Values.upbConfig.ignoreCameras }} + IGNORE_CAMERAS: {{ join " " .Values.upbConfig.ignoreCameras | quote }} + {{- end -}} + {{- if .Values.upbConfig.detectionTypes }} + DETECTION_TYPES: {{ join "," .Values.upbConfig.detectionTypes | quote }} + {{- end -}} + {{- if .Values.upbConfig.rcloneArgs }} + RCLONE_ARGS: {{ join " " .Values.upbConfig.rcloneArgs | quote }} + {{- end -}} + {{- if .Values.upbConfig.rclonePurgeArgs }} + RCLONE_PURGE_ARGS: {{ join " " .Values.upbConfig.rcloneArgs | quote }} + {{- end -}} +{{- end -}} diff --git a/community/unifi-protect-backup/1.0.0/templates/_persistence.tpl b/community/unifi-protect-backup/1.0.0/templates/_persistence.tpl new file mode 100644 index 0000000000..0972740ddf --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/templates/_persistence.tpl @@ -0,0 +1,45 @@ +{{- define "upb.persistence" -}} +persistence: + config: + enabled: true + type: {{ .Values.upbStorage.config.type }} + datasetName: {{ .Values.upbStorage.config.datasetName | default "" }} + hostPath: {{ .Values.upbStorage.config.hostPath | default "" }} + targetSelector: + unifi-protect: + unifi-protect: + mountPath: /config + 01-permissions: + mountPath: /mnt/directories/config + data: + enabled: true + type: {{ .Values.upbStorage.data.type }} + datasetName: {{ .Values.upbStorage.data.datasetName | default "" }} + hostPath: {{ .Values.upbStorage.data.hostPath | default "" }} + targetSelector: + unifi-protect: + unifi-protect: + mountPath: /data + 01-permissions: + mountPath: /mnt/directories/data + tmp: + enabled: true + type: emptyDir + targetSelector: + unifi-protect: + unifi-protect: + mountPath: /tmp + {{- range $idx, $storage := .Values.upbStorage.additionalStorages }} + {{ printf "upb-%v" (int $idx) }}: + enabled: true + type: {{ $storage.type }} + datasetName: {{ $storage.datasetName | default "" }} + hostPath: {{ $storage.hostPath | default "" }} + targetSelector: + unifi-protect: + unifi-protect: + mountPath: {{ $storage.mountPath }} + 01-permissions: + mountPath: /mnt/directories{{ $storage.mountPath }} + {{- end }} +{{- end -}} diff --git a/community/unifi-protect-backup/1.0.0/templates/_unifi-protect-backup.tpl b/community/unifi-protect-backup/1.0.0/templates/_unifi-protect-backup.tpl new file mode 100644 index 0000000000..a3bcde9f83 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/templates/_unifi-protect-backup.tpl @@ -0,0 +1,49 @@ +{{- define "upb.workload" -}} +workload: + unifi-protect: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: false + securityContext: + fsGroup: {{ .Values.upbID.group }} + containers: + unifi-protect: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: 0 + runAsGroup: 0 + runAsNonRoot: false + readOnlyRootFilesystem: false + capabilities: + add: + - CHOWN + - FOWNER + - SETUID + - SETGID + fixedEnv: + PUID: {{ .Values.upbID.user }} + envFrom: + - configMapRef: + name: upb-config + - secretRef: + name: upb-creds + {{ with .Values.upbConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + value: {{ $env.value }} + {{ end }} + {{ end }} + probes: + # Nothing to probe + liveness: + enabled: false + readiness: + enabled: false + startup: + enabled: false +{{- end -}} diff --git a/community/unifi-protect-backup/1.0.0/templates/_validation.tpl b/community/unifi-protect-backup/1.0.0/templates/_validation.tpl new file mode 100644 index 0000000000..abc7d13f6f --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/templates/_validation.tpl @@ -0,0 +1,10 @@ +{{- define "upb.validation" -}} + + {{- $validTypes := (list "motion" "person" "vehicle" "ring") -}} + {{- range $type := .Values.upbConfig.detectionTypes -}} + {{- if not (mustHas $type $validTypes) -}} + {{- fail (printf "Unifi Protect Backup - Expected Detection type to be one of [%s], but got [%s]" (join ", " $validTypes) $type) -}} + {{- end -}} + {{- end -}} + +{{- end -}} diff --git a/community/unifi-protect-backup/1.0.0/templates/common.yaml b/community/unifi-protect-backup/1.0.0/templates/common.yaml new file mode 100644 index 0000000000..70941aaac7 --- /dev/null +++ b/community/unifi-protect-backup/1.0.0/templates/common.yaml @@ -0,0 +1,9 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "upb.validation" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "upb.configuration" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "upb.persistence" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "upb.workload" $ | fromYaml) -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/community/unifi-protect-backup/item.yaml b/community/unifi-protect-backup/item.yaml new file mode 100644 index 0000000000..9ac20b8f92 --- /dev/null +++ b/community/unifi-protect-backup/item.yaml @@ -0,0 +1,7 @@ +icon_url: https://www.ixsystems.com/wp-content/uploads/2021/06/ix_logo_200x47.png +categories: + - storage +screenshots: [] +tags: + - backup + - unifi-protect