From 2d0b005a5e0cead5d624757fa65aa67bd160c4ad Mon Sep 17 00:00:00 2001 From: bbk Date: Sun, 23 Feb 2025 09:55:07 +0100 Subject: [PATCH 1/5] comment --- charts/wger/values.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/charts/wger/values.yaml b/charts/wger/values.yaml index c167cbb..ff0ae62 100644 --- a/charts/wger/values.yaml +++ b/charts/wger/values.yaml @@ -53,21 +53,19 @@ app: timeout: 1296000 # for existing databases use the following settings # you need to set `postgres.enabled: false` as well + # the credentials will be saved in a new secret + # {{ .Release.Name}}-existing-database existingDatabase: enabled: false - # set DJANGO_DB_ENGINE engine: null - # set DJANGO_DB_HOST host: null - # set DJANGO_DB_PORT port: null - # set DJANGO_DB_DATABASE dbname: wger - # set DJANGO_DB_USER dbuser: wger - # set DJANGO_DB_PASSWORD dbpw: null - # existing secret key containing database credentials + # optionally use a existing secret key containing database credentials + # if you don't set a *Key it will look for the following keys + # USERDB_USER / USERDB_PASSWORD / USERDB_NAME existingSecret: # name of the secret name: null From 0e978efc702940a95b4bafc422e2d5c6789cfa4f Mon Sep 17 00:00:00 2001 From: bbk Date: Sun, 2 Mar 2025 09:23:54 +0100 Subject: [PATCH 2/5] make dbnameKey optional --- charts/wger/README.md | 2 +- charts/wger/templates/_helpers.tpl | 5 +++++ charts/wger/values.yaml | 5 ++++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/wger/README.md b/charts/wger/README.md index d73bd67..54c22f2 100644 --- a/charts/wger/README.md +++ b/charts/wger/README.md @@ -91,7 +91,7 @@ For additional configuration of the Groundhog2k's PostgreSQL and Redis charts, p | `app.django.existingDatabase.dbuser` | Database User |String | `wger` | | `app.django.existingDatabase.dbpw` | Database Password | String | `null` | | `app.django.existingDatabase.existingSecret.name` | Name of a existing secret. If you like to use this for the database credentials | String | `null` | -| `app.django.existingDatabase.existingSecret.dbnameKey` | Key containing the database name | String | `null` | +| `app.django.existingDatabase.existingSecret.dbnameKey` | Key containing the database name. Optional; will take `app.django.existingDatabase.dbname` if not set | String | `null` | | `app.django.existingDatabase.existingSecret.dbuserKey` | Key containing the database user | String | `null` | | `app.django.existingDatabase.existingSecret.dbpwKey` | Key containing the database password | String | `null` | diff --git a/charts/wger/templates/_helpers.tpl b/charts/wger/templates/_helpers.tpl index 254df3c..3cd8943 100644 --- a/charts/wger/templates/_helpers.tpl +++ b/charts/wger/templates/_helpers.tpl @@ -185,11 +185,16 @@ environment: secretKeyRef: name: {{ .Values.app.django.existingDatabase.existingSecret.name | default (print .Release.Name "-existing-database") | quote }} key: {{ .Values.app.django.existingDatabase.existingSecret.dbpwKey | default "USERDB_PASSWORD" | quote }} + {{- if .Values.app.django.existingDatabase.existingSecret.dbnameKey }} - name: DJANGO_DB_DATABASE valueFrom: secretKeyRef: name: {{ .Values.app.django.existingDatabase.existingSecret.name | default (print .Release.Name "-existing-database") | quote }} key: {{ .Values.app.django.existingDatabase.existingSecret.dbnameKey | default "USERDB_NAME" | quote }} + {{- else }} + - name: DJANGO_DB_DATABASE + value: {{ .Values.app.django.existingDatabase.dbname | default "wger" | quote }} + {{- end }} {{- else }} - name: DJANGO_DB_USER valueFrom: diff --git a/charts/wger/values.yaml b/charts/wger/values.yaml index ff0ae62..64b9380 100644 --- a/charts/wger/values.yaml +++ b/charts/wger/values.yaml @@ -55,6 +55,7 @@ app: # you need to set `postgres.enabled: false` as well # the credentials will be saved in a new secret # {{ .Release.Name}}-existing-database + # except you use a existingSecret existingDatabase: enabled: false engine: null @@ -63,13 +64,15 @@ app: dbname: wger dbuser: wger dbpw: null - # optionally use a existing secret key containing database credentials + # optionally use a existing secret containing the database credentials # if you don't set a *Key it will look for the following keys # USERDB_USER / USERDB_PASSWORD / USERDB_NAME + # in the secret existingSecret: # name of the secret name: null # overrides app.django.existingDatabase.dbname + # optional; defaults to app.django.existingDatabase.dbname / "wger" dbnameKey: null # overrides app.django.existingDatabase.dbuser dbuserKey: null From a23df76e96429605760b5a3ea49ef0e283ba84c8 Mon Sep 17 00:00:00 2001 From: bbk Date: Sun, 2 Mar 2025 09:56:42 +0100 Subject: [PATCH 3/5] update doc --- charts/wger/README.md | 187 +++++++++++++++++++++--------------------- 1 file changed, 93 insertions(+), 94 deletions(-) diff --git a/charts/wger/README.md b/charts/wger/README.md index 54c22f2..5946e16 100644 --- a/charts/wger/README.md +++ b/charts/wger/README.md @@ -29,7 +29,7 @@ helm repo add github-wger https://wger-project.github.io/helm-charts helm upgrade \ --install wger github-wger/wger \ - --version 0.1.5 \ + --version 0.2.4 \ -n wger \ --create-namespace -f values.yaml @@ -50,151 +50,151 @@ For additional configuration of the Groundhog2k's PostgreSQL and Redis charts, p ### Globals -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `app.global.image.registry` | Image to use for the wger deployment | String | `docker.io` | -| `app.global.image.repository` | Image to use for the wger deployment | String | `wger/server` | -| `app.global.image.tag` | Takes the `Chart.yaml` `appversion` when empty. wger is developed as a rolling release | String | `latest` | +| Name | Description | Type | Default Value | +|-------------------------------|-------------------------------------------------------|---------|---------------| +| `app.global.image.registry` | Image to use for the wger deployment | String | `docker.io` | +| `app.global.image.repository` | Image to use for the wger deployment | String | `wger/server` | +| `app.global.image.tag` | Takes the `Chart.yaml` `appversion` when empty. wger is developed as a rolling release | String | `latest` | | `app.global.image.PullPolicy` | [Pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use for the image | String | `Always` | -| `app.global.annotations` | Annotations to attach to each resource, apart from the ingress and the persistence objects | Dictionary | `{}` | -| `app.global.replicas` | Number of webserver instances that should be running. | Integer | `1` | -| `app.global.securityContext` | Pod security context | Object | see [values.yaml](charts/wger/values.yaml) | +| `app.global.annotations` | Annotations to attach to each resource, apart from the ingress and the persistence objects | Dictionary | `{}` | +| `app.global.replicas` | Number of webserver instances that should be running. | Integer | `1` | +| `app.global.securityContext` | Pod security context | Object | see [values.yaml](charts/wger/values.yaml) | ### Mail -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `app.mail.enabled` | Enable mail client configuration | Boolean | `false` | -| `app.mail.server` | Mailserver | String | `null` | -| `app.mail.port` | Mailserver Port | String | `587` | -| `app.mail.user` | Mailserver User | String | `null` | -| `app.mail.from_email` | From Email Address | String | `null` | -| `app.mail.secret.name` | Name of the secret for the mail password | String | `mail` | -| `app.mail.secret.key` | Key in the secret used for the mail password | String | `mail-password` | +| Name | Description | Type | Default Value | +|--------------------------|----------------------------------------------|---------|-----------------| +| `app.mail.enabled` | Enable mail client configuration | Boolean | `false` | +| `app.mail.server` | Mailserver | String | `null` | +| `app.mail.port` | Mailserver Port | String | `587` | +| `app.mail.user` | Mailserver User | String | `null` | +| `app.mail.from_email` | From Email Address | String | `null` | +| `app.mail.secret.name` | Name of the secret for the mail password | String | `mail` | +| `app.mail.secret.key` | Key in the secret used for the mail password | String | `mail-password` | | `app.mail.secret.update` | Enable or disable changes to the secret with the values | Boolean | `false` | | `app.mail.django_admins` | Django admins to receive internal server error, don't enable it when not needed | String | `null` | ### Django -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `app.django.secret.name` | Name of the secret | String | `django` | -| `app.django.secret.key` | Key for the `SECRET_KEY` | String | `randAlphaNum 50` | -| `app.django.cache.timeout` | Cache timeout in seconds | String | `1296000` | -| `app.django.existingDatabase.enabled` | Enable existing database, you need to set `postgres.enabled: false` | Boolean | `false` | -| `app.django.existingDatabase.engine` | Set database engine | String | `django.db.backends.postgresql` | -| `app.django.existingDatabase.host` | Database hostname | String | `{{ .Release.Name }}-postgres` | -| `app.django.existingDatabase.port` | Database port | Integer | `postgres.service.port` | -| `app.django.existingDatabase.dbname` | Name of the database | String | `wger` | -| `app.django.existingDatabase.dbuser` | Database User |String | `wger` | -| `app.django.existingDatabase.dbpw` | Database Password | String | `null` | -| `app.django.existingDatabase.existingSecret.name` | Name of a existing secret. If you like to use this for the database credentials | String | `null` | +| Name | Description | Type | Default Value | +|--------------------------------------------------------|--------------------------------------|--------|---------------| +| `app.django.secret.name` | Name of the secret | String | `django` | +| `app.django.secret.key` | Key for the `SECRET_KEY` | String | `randAlphaNum 50` | +| `app.django.cache.timeout` | Cache timeout in seconds | String | `1296000` | +| `app.django.existingDatabase.enabled` | Enable existing database, you need to set `postgres.enabled: false` | Boolean | `false` | +| `app.django.existingDatabase.engine` | Set database engine | String | `django.db.backends.postgresql` | +| `app.django.existingDatabase.host` | Database hostname | String | `{{ .Release.Name }}-postgres` | +| `app.django.existingDatabase.port` | Database port | Integer | `postgres.service.port` | +| `app.django.existingDatabase.dbname` | Name of the database | String | `wger` | +| `app.django.existingDatabase.dbuser` | Database User | String | `wger` | +| `app.django.existingDatabase.dbpw` | Database Password | String | `null` | +| `app.django.existingDatabase.existingSecret.name` | Name of a existing secret. If you like to use this for the database credentials | String | `null` | | `app.django.existingDatabase.existingSecret.dbnameKey` | Key containing the database name. Optional; will take `app.django.existingDatabase.dbname` if not set | String | `null` | -| `app.django.existingDatabase.existingSecret.dbuserKey` | Key containing the database user | String | `null` | -| `app.django.existingDatabase.existingSecret.dbpwKey` | Key containing the database password | String | `null` | +| `app.django.existingDatabase.existingSecret.dbuserKey` | Key containing the database user | String | `null` | +| `app.django.existingDatabase.existingSecret.dbpwKey` | Key containing the database password | String | `null` | ### Celery Celery requires persistent volumes. -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `celery.enabled` | Enable celery for sync | Boolean | `True` | -| `celery.annotations` | Annotations | Dictionary | `{}` | -| `celery.replicas` | Enable celery for sync | Integer | `1` | -| `celery.replicasWorker` | Enable celery for sync | Integer | `1` | -| `celery.securityContext` | Pod security context | Object | see [values.yaml](charts/wger/values.yaml) | -| `celery.syncExercises` | sync exercises | Boolean | `True` | -| `celery.syncImages` | sync exercise images | Boolean | `True` | -| `celery.syncVideos` | sync exercise videos | Boolean | `True` | -| `celery.ingredientsFrom` | source for ingredients, possible values `WGER`,`OFF` | String | `WGER` | -| `celery.flower.enabled` | enable flower webinterface for celery | Boolean | `False` | -| `celery.flower.secret.name` | Name of the secret | String | `flower` | -| `celery.flower.secret.password` | Password for the webinterface | String | `randAlphaNum 50` | +| Name | Description | Type | Default Value | +|---------------------------------|-------------------------------|------------|-------------------| +| `celery.enabled` | Enable celery for sync | Boolean | `True` | +| `celery.annotations` | Annotations | Dictionary | `{}` | +| `celery.replicas` | Enable celery for sync | Integer | `1` | +| `celery.replicasWorker` | Enable celery for sync | Integer | `1` | +| `celery.securityContext` | Pod security context | Object | see [values.yaml](charts/wger/values.yaml) | +| `celery.syncExercises` | sync exercises | Boolean | `True` | +| `celery.syncImages` | sync exercise images | Boolean | `True` | +| `celery.syncVideos` | sync exercise videos | Boolean | `True` | +| `celery.ingredientsFrom` | source for ingredients, possible values `WGER`,`OFF` | String | `WGER` | +| `celery.flower.enabled` | enable flower webinterface for celery | Boolean | `False` | +| `celery.flower.secret.name` | Name of the secret | String | `flower` | +| `celery.flower.secret.password` | Password for the webinterface | String | `randAlphaNum 50` | ## SimpleJWT -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `app.jwt.secret.name` | Name of the secret | String | `jwt` | -| `app.jwt.secret.key` | Key for the `SIGNING_KEY` | String | `randAlphaNum 50` | -| `app.jwt.accessTokenLifetime` | Duration of the access token, in minutes | String | `10` | -| `app.jwt.refreshTokenLifetime` | Duration of the refresh token, in hours | String | `24` | +| Name | Description | Type | Default Value | +|--------------------------------|------------------------------------------|--------|-------------------| +| `app.jwt.secret.name` | Name of the secret | String | `jwt` | +| `app.jwt.secret.key` | Key for the `SIGNING_KEY` | String | `randAlphaNum 50` | +| `app.jwt.accessTokenLifetime` | Duration of the access token, in minutes | String | `10` | +| `app.jwt.refreshTokenLifetime` | Duration of the refresh token, in hours | String | `24` | ## Axes -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `app.axes.enabled` | Enable [axes](https://django-axes.readthedocs.io/en/latest/index.html) Bruteforce protection | Boolean | `false` | -| `app.axes.lockoutParameters` | List (comma separated string) | `"ip_address"` | -| `app.axes.failureLimit` | Limit of failed auth | String | `10` | -| `app.axes.cooloffTime` | in Minutes | String | `30` | -| `app.axes.ipwareProxyCount` | Count of proxies | String | `0` | +| Name | Description | Type | Default Value | +|--------------------------------------|-------------------------------|------|---------------| +| `app.axes.enabled` | Enable [axes](https://django-axes.readthedocs.io/en/latest/index.html) Bruteforce protection | Boolean | `false` | +| `app.axes.lockoutParameters` | List (comma separated string) | String | `"ip_address"` | +| `app.axes.failureLimit` | Limit of failed auth | String | `10` | +| `app.axes.cooloffTime` | in Minutes | String | `30` | +| `app.axes.ipwareProxyCount` | Count of proxies | String | `0` | | `app.axes.ipwareMetaPrecedenceOrder` | Proxy header magnitude | List (comma separated string) | `"HTTP_X_FORWARDED_FOR,REMOTE_ADDR"` | ## Nginx -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `app.nginx.enabled` | Enable nginx as a proxy. This will enable persistent volumes, gunicorn and disable `DJANGO_DEBUG` | Boolean | `false` | -| `app.nginx.image` | Image to use for the nginx proxy | String | `nginx:stable` | +| Name | Description | Type | Default Value | +|-----------------------------|-------------|------|---------------| +| `app.nginx.enabled` | Enable nginx as a proxy. This will enable persistent volumes, gunicorn and disable `DJANGO_DEBUG` | Boolean | `false` | +| `app.nginx.image` | Image to use for the nginx proxy | String | `nginx:stable` | | `app.nginx.imagePullPolicy` | [Pull policy](https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy) to use for the image | String | `IfNotPresent` | ## Ingress -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `ingress.enabled` | Whether to enable ingress. If `false`, the options from below are ignored | Boolean | `false` | -| `ingress.ingressClassName` | The ClassName that this ingress should use | String | `` | -| `ingress.url` | The URL that this ingress should use | String | `fit.example.com` | -| `ingress.tls` | Whether to enable TLS. If using cert-manager, the correct annotations have to be set | Boolean | `true` | -| `ingress.annotations` | Annotations to attach to the ingress | Dictionary | `{}` | +| Name | Description | Type | Default Value | +|----------------------------|--------------------------------------------|------------|-------------------| +| `ingress.enabled` | Whether to enable ingress. If `false`, the options from below are ignored | Boolean | `false` | +| `ingress.ingressClassName` | The ClassName that this ingress should use | String | `` | +| `ingress.url` | The URL that this ingress should use | String | `fit.example.com` | +| `ingress.tls` | Whether to enable TLS. If using cert-manager, the correct annotations have to be set | Boolean | `true` | +| `ingress.annotations` | Annotations to attach to the ingress | Dictionary | `{}` | ## Service -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `service.type` | Sets the http service type, valid values are `NodePort`, `ClusterIP` or `LoadBalancer`. | String | `ClusterIP` | -| `service.port` | Port for the service | Integer | `8000` | -| `service.annotations` | Annotations to attach to the service | Dictionary | `{}` | +| Name | Description | Type | Default Value | +|-----------------------|--------------------------------------|------------|---------------| +| `service.type` | Sets the http service type, valid values are `NodePort`, `ClusterIP` or `LoadBalancer`. | String | `ClusterIP` | +| `service.port` | Port for the service | Integer | `8000` | +| `service.annotations` | Annotations to attach to the service | Dictionary | `{}` | ## Persistence -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| -| `app.persistence.enabled` | Whether to enable persistent storage. If `false`, the options from below are ignored | Boolean | `false` | -| `app.persistence.existingClaim.media` | Name of the pvc for the media data when existingClaim is enabled | String | `null` | -| `app.persistence.existingClaim.static` | Name of the pvc for the static data when existingClaim is enabled | String | `null` | +| Name | Description | Type | Default Value | +|-----------------------------------------|--------------------------------------------------------------------|------|---------------| +| `app.persistence.enabled` | Whether to enable persistent storage. If `false`, the options from below are ignored | Boolean | `false` | +| `app.persistence.existingClaim.media` | Name of the pvc for the media data when existingClaim is enabled | String | `null` | +| `app.persistence.existingClaim.static` | Name of the pvc for the static data when existingClaim is enabled | String | `null` | | `app.persistence.existingClaim.enabled` | Whether to use a existing persistent storage claim. If `false`, the options from below are ignored | Boolean | `false` | -| `app.persistence.storageClass` | StorageClass for the PVCs | String | `""` | -| `app.persistence.accessModes` | Access modes for the PVCs | Array | `["ReadWriteMany"]` | -| `app.persistence.size` | PVC size | String | `8Gi` | -| `app.persistence.annotations` | Annotations to attach to the persistence objects (PVC and PV) | Dictionary | `{}` | -| `app.persistence.enabled` | Whether to enable persistent storage. If `false`, the options from below are ignored | Boolean | `false` | +| `app.persistence.storageClass` | StorageClass for the PVCs | String | `""` | +| `app.persistence.accessModes` | Access modes for the PVCs | Array | `["ReadWriteMany"]` | +| `app.persistence.size` | PVC size | String | `8Gi` | +| `app.persistence.annotations` | Annotations to attach to the persistence objects (PVC and PV) | Dictionary | `{}` | +| `app.persistence.enabled` | Whether to enable persistent storage. If `false`, the options from below are ignored | Boolean | `false` | ## Application Resources -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| +| Name | Description | Type | Default Value | +|---------------------------------|-------------|------|---------------| | `app.resources.requests.memory` | Amount of memory that the app requests for running. Keep this value low to allow the pod to get admitted on a node. | String | `128Mi` | -| `app.resources.requests.cpu` | Amount of CPU that the app requests for running. Keep this value low to allow the pod to get admitted on a node. | String | `100m` | -| `app.resources.limits.memory` | Maximum amount of memory that the app is allowed to use. | String | `512Mi` | -| `app.resources.limits.cpu` | Maximum amount of CPU that the app is allowed to use. | String | `500m` | +| `app.resources.requests.cpu` | Amount of CPU that the app requests for running. Keep this value low to allow the pod to get admitted on a node. | String | `100m` | +| `app.resources.limits.memory` | Maximum amount of memory that the app is allowed to use. | String | `512Mi` | +| `app.resources.limits.cpu` | Maximum amount of CPU that the app is allowed to use. | String | `500m` | ### Environment Variables -| Name | Description | Type | Default Value | -|------|-------------|------|---------------| +| Name | Description | Type | Default Value | +|-------------------|-------------|------|---------------| | `app.environment` | Array of objects, representing additional environment variables to set for the deployment. | Array | see [_helpers.yaml](charts/wger/templates/_helpers.tpl) and [values.yaml](charts/wger/values.yaml) | There are more possible ENV variables, than the ones used in the deployment. Please check [prod.env](https://github.com/wger-project/docker/blob/master/config/prod.env). @@ -468,5 +468,4 @@ Feel free to contact us if you found this useful or if there was something that ## Additional information * [groundhog2k PostgreSQL chart](https://github.com/groundhog2k/helm-charts/tree/master/charts/postgres) - * [groundhog2k Redis chart](https://github.com/groundhog2k/helm-charts/tree/master/charts/redis) From 565f3529e871c228001e355ac9853d95ddc1532c Mon Sep 17 00:00:00 2001 From: bbk Date: Sun, 2 Mar 2025 09:56:56 +0100 Subject: [PATCH 4/5] add rc.2 --- charts/wger/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/wger/Chart.yaml b/charts/wger/Chart.yaml index 3910baf..b4711e9 100644 --- a/charts/wger/Chart.yaml +++ b/charts/wger/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -version: 0.2.4-rc.1 +version: 0.2.4-rc.2 appVersion: latest name: wger description: A Helm chart for wger installation on Kubernetes From dd791da18622b124e52be2f0edc1fb22c7a2fafa Mon Sep 17 00:00:00 2001 From: bbk Date: Sun, 2 Mar 2025 10:02:50 +0100 Subject: [PATCH 5/5] release 0.2.4 --- charts/wger/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/wger/Chart.yaml b/charts/wger/Chart.yaml index b4711e9..b53f4d4 100644 --- a/charts/wger/Chart.yaml +++ b/charts/wger/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -version: 0.2.4-rc.2 +version: 0.2.4 appVersion: latest name: wger description: A Helm chart for wger installation on Kubernetes