bp99/helm-charts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chart-unifi_network_application: add

Browse Source
This commit is contained in:
bp99
2024-08-25 21:52:08 +02:00
parent c90f214f54
commit 126a50b506
11 changed files with 662 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
charts/unifi-network-application/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

18
charts/unifi-network-application/Chart.yaml Normal file
View File

@ -0,0 +1,18 @@
---
apiVersion: v2
name: unifi-network-application
description: >
Unifi Controller application using linuxservers Docker image. This
chart was originally created by Balazs Petrikovics and is available at
https://github.com/bpetrikovics/unifi-network-application. The chart
was modified and improved by Bertalan Z. Péter for personal use.
home: https://ui.com
type: application
version: 0.1.0
appVersion: 8.3.32-ls61
maintainers:
- name: Bertalan Zoltán Péter
email: bertalan.peter@bp99.eu
url: https://bp99.eu

22
charts/unifi-network-application/LICENSE Normal file
View File

@ -0,0 +1,22 @@
MIT License
Copyright (c) 2024 Balázs Petrikovics
Copyright (c) 2024 Bertalan Zoltán Péter
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

62
charts/unifi-network-application/README.md Normal file
View File

@ -0,0 +1,62 @@
# unifi-network-application
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 8.3.32-ls61](https://img.shields.io/badge/AppVersion-8.3.32--ls61-informational?style=flat-square)
Unifi Controller application using linuxservers Docker image. This chart was originally created by Balazs Petrikovics and is available at https://github.com/bpetrikovics/unifi-network-application. The chart was modified and improved by Bertalan Z. Péter for personal use.
**Homepage:** <https://ui.com>
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| Bertalan Zoltán Péter | <bertalan.peter@bp99.eu> | <https://bp99.eu> |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| fullnameOverride | string | `""` | can be used to override the main app name; incorporates release name by default |
| global.storageClass | string | `""` | globally set the storage class for PVCs |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"linuxserver/unifi-network-application"` | |
| image.tag | string | `""` | overrides the image tag whose default is the chart appVersion |
| ingress.annotations | object | `{}` | |
| ingress.hostname | string | `"unifi.local"` | |
| ingress.redirect.annotations | object | `{}` | |
| ingress.redirect.enabled | bool | `true` | deploys an additional ingress for http to https redirection, if needed |
| mongodb.adminpassword | string | `""` | |
| mongodb.adminuser | string | `""` | |
| mongodb.cacheSizeGB | string | `"0.25"` | |
| mongodb.dbname | string | `"unifi"` | main database name |
| mongodb.dbname_stat | string | `"unifi_stat"` | stat database name |
| mongodb.image | string | `"mongo"` | image to pull and use; for arm64 (eg Raspberry Pi 4), use "arm64v8/mongo" |
| mongodb.imageTag | string | `"7.0"` | |
| mongodb.password | string | `""` | |
| mongodb.persistence.accessModes | object | `{}` | |
| mongodb.persistence.annotations | object | `{}` | |
| mongodb.persistence.claimSuffix | string | `"config-claim"` | suffix string that will be appended to fullname |
| mongodb.persistence.create | bool | `true` | whether to create PVCs |
| mongodb.persistence.enabled | bool | `true` | whether to deal with persistence at all |
| mongodb.persistence.labels | object | `{}` | |
| mongodb.persistence.size | string | `"128Mi"` | size limit for the PVC |
| mongodb.persistence.storageClass | string | `""` | override storage class |
| mongodb.persistence.volumeName | string | `""` | |
| mongodb.podSecurityContext | object | `{}` | |
| mongodb.username | string | `""` | credentials for "normal" and admin user; MUST BE SET! |
| nameOverride | string | `""` | |
| persistence.accessModes | object | `{}` | |
| persistence.annotations | object | `{}` | |
| persistence.claimSuffix | string | `"config-claim"` | suffix string that will be appended to fullname |
| persistence.create | bool | `true` | whether to create PVCs |
| persistence.enabled | bool | `true` | whether to deal with persistence at all |
| persistence.labels | object | `{}` | |
| persistence.size | string | `"128Mi"` | size limit for the PVC |
| persistence.storageClass | string | `""` | override storage class |
| persistence.volumeName | string | `""` | |
| replicaCount | int | `1` | how many app replicas to run; only ever tested with 1 |
| resources | object | `{}` | |
| service.annotations | object | `{}` | |
| service.loadBalancerIp | string | `nil` | |
| service.type | string | `nil` | |

72
charts/unifi-network-application/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,72 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "template.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "template.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "template.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "template.labels" -}}
helm.sh/chart: {{ include "template.chart" . }}
{{ include "template.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "template.selectorLabels" -}}
app.kubernetes.io/name: {{ include "template.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "template.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "template.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
{{/*
Storage Class
*/}}
{{- define "template.persistence.storageClass" -}}
{{- $storageClass := (tpl ( default "" .Values.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }}
{{- if $storageClass }}
storageClassName: {{ $storageClass | quote }}
{{- end }}
{{- end -}}

24
charts/unifi-network-application/templates/configmap.yaml Normal file
View File

@ -0,0 +1,24 @@
---
kind: ConfigMap
apiVersion: v1
metadata:
name: {{ include "template.fullname" . }}-mongodb-init-sh
data:
init-mongo.sh: |
if which mongosh > /dev/null 2>&1; then
mongo_init_bin='mongosh'
else
mongo_init_bin='mongo'
fi
"${mongo_init_bin}" <<EOF
use ${MONGO_AUTHSOURCE}
db.auth("${MONGO_INITDB_ROOT_USERNAME}", "${MONGO_INITDB_ROOT_PASSWORD}")
db.createUser({
user: "${MONGO_USER}",
pwd: "${MONGO_PASS}",
roles: [
{ db: "${MONGO_DBNAME}", role: "dbOwner" },
{ db: "${MONGO_DBNAME}_stat", role: "dbOwner" }
]
})
EOF

152
charts/unifi-network-application/templates/deployment.yaml Normal file
View File

@ -0,0 +1,152 @@
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ include "template.fullname" . }}-mongodb
labels:
{{- include "template.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
name: {{ include "template.fullname" . }}-mongodb
template:
metadata:
name: {{ include "template.fullname" . }}-mongodb
labels:
name: {{ include "template.fullname" . }}-mongodb
spec:
securityContext:
{{ .Values.mongodb.podSecurityContext | toYaml | nindent 8 }}
volumes:
- name: {{ include "template.fullname" . }}-mongodb-init-volume
configMap:
name: {{ include "template.fullname" . }}-mongodb-init-sh
- name: {{ include "template.fullname" . }}-mongodb-data-volume
persistentVolumeClaim:
claimName: {{ include "template.fullname" . }}-{{ default "db-claim" .Values.mongodb.persistence.claimSuffix }}
containers:
- name: mongodb
image: "{{ .Values.mongodb.image }}:{{ .Values.mongodb.imageTag }}"
args: ["--wiredTigerCacheSizeGB", "{{ .Values.mongodb.cacheSizeGB }}"]
env:
- name: MONGO_INITDB_ROOT_USERNAME
value: {{ .Values.mongodb.adminuser }}
- name: MONGO_INITDB_ROOT_PASSWORD
value: {{ .Values.mongodb.adminpassword }}
- name: MONGO_AUTHSOURCE
value: admin
- name: MONGO_USER
value: {{ .Values.mongodb.username }}
- name: MONGO_PASS
value: {{ .Values.mongodb.password }}
- name: MONGO_DBNAME
value: {{ .Values.mongodb.dbname }}
ports:
- name: 'mongo'
containerPort: 27017
protocol: TCP
volumeMounts:
- name: {{ include "template.fullname" . }}-mongodb-init-volume
mountPath: /docker-entrypoint-initdb.d/init-mongo.sh
- name: {{ include "template.fullname" . }}-mongodb-data-volume
mountPath: /data/db
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: {{ include "template.fullname" . }}-app
labels:
{{- include "template.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
name: {{ include "template.fullname" . }}-app
template:
metadata:
name: {{ include "template.fullname" . }}-app
labels:
name: {{ include "template.fullname" . }}-app
spec:
volumes:
- name: {{ include "template.fullname" . }}-app-config-volume
persistentVolumeClaim:
claimName: {{ include "template.fullname" }}-{{ default "config-claim" .Values.persistence.claimSuffix }}
containers:
- name: {{ include "template.fullname" . }}-app
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
env:
- name: TZ
value: "Europe/Budapest"
- name: MEM_LIMIT
value: "1024"
- name: MEM_STARTUP
value: "1024"
- name: MONGO_HOST
value: {{ include "template.fullname" . }}-mongodb-service
- name: MONGO_PORT
value: "27017"
- name: MONGO_USER
value: {{ .Values.mongodb.username }}
- name: MONGO_PASS
value: {{ .Values.mongodb.password }}
- name: MONGO_DBNAME
value: {{ .Values.mongodb.dbname }}
ports:
- name: 'l2-discoverable'
containerPort: 1900
protocol: UDP
- name: 'ap-discovery'
containerPort: 10001
protocol: UDP
- name: 'stun'
containerPort: 3478
protocol: UDP
- name: 'syslog'
containerPort: 5514
protocol: UDP
- name: 'speed-test'
containerPort: 6789
protocol: TCP
- name: 'internal-comms'
containerPort: 8080
protocol: TCP
- name: 'https-web'
containerPort: 8443
protocol: TCP
- name: 'http-s-redirect'
containerPort: 8843
protocol: TCP
- name: 'http-redirect'
containerPort: 8880
protocol: TCP
volumeMounts:
- name: {{ include "template.fullname" . }}-app-config-volume
mountPath: /config
readinessProbe:
httpGet:
path: /status
port: 8080
periodSeconds: 10
failureThreshold: 1
livenessProbe:
httpGet:
path: /status
port: 8080
initialDelaySeconds: 60
periodSeconds: 30
failureThreshold: 5
resources:
{{- toYaml .Values.resources | nindent 12 }}

45
charts/unifi-network-application/templates/ingress.yaml Normal file
View File

@ -0,0 +1,45 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "template.fullname" . }}-ingress
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.hostname }}
http:
paths:
- path: "/"
pathType: Prefix
backend:
service:
name: {{ include "template.fullname" . }}-service-tcp
port:
number: 8443
{{ if .Values.ingress.redirect.enabled }}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "template.fullname" . }}-ingress-redirect
{{- with .Values.ingress.redirect.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.hostname }}
http:
paths:
- path: "/"
pathType: Prefix
backend:
service:
name: {{ include "template.fullname" . }}-service-tcp
port:
number: 8443
{{ end }}

54
charts/unifi-network-application/templates/pvc.yaml Normal file
View File

@ -0,0 +1,54 @@
{{- if and .Values.persistence.enabled .Values.persistence.create }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "template.fullname" . }}-{{ default "config-claim" .Values.persistence.claimSuffix }}
namespace: {{ $.Release.Namespace }}
annotations:
{{ .Values.persistence.annotations | toYaml | indent 4}}
labels:
{{ .Values.persistence.labels | toYaml | indent 4}}
spec:
accessModes:
{{- if gt .Values.replicaCount 1.0 }}
- ReadWriteMany
{{- else }}
{{- .Values.persistence.accessModes | toYaml | nindent 4 }}
{{- end }}
volumeMode: Filesystem
{{- include "template.persistence.storageClass" . | nindent 2 }}
{{- with .Values.persistence.volumeName }}
volumeName: {{ . }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size }}
{{- end }}
{{- if and .Values.mongodb.persistence.enabled .Values.mongodb.persistence.create }}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "template.fullname" . }}-{{ default "db-claim" .Values.mongodb.persistence.claimSuffix }}
namespace: {{ $.Release.Namespace }}
annotations:
{{ .Values.mongodb.persistence.annotations | toYaml | indent 4}}
labels:
{{ .Values.mongodb.persistence.labels | toYaml | indent 4}}
spec:
accessModes:
{{- if gt .Values.replicaCount 1.0 }}
- ReadWriteMany
{{- else }}
{{- .Values.mongodb.persistence.accessModes | toYaml | nindent 4 }}
{{- end }}
volumeMode: Filesystem
{{- include "template.persistence.storageClass" . | nindent 2 }}
{{- with .Values.mongodb.persistence.volumeName }}
volumeName: {{ . }}
{{- end }}
resources:
requests:
storage: {{ .Values.mongodb.persistence.size }}
{{- end }}

86
charts/unifi-network-application/templates/service.yaml Normal file
View File

@ -0,0 +1,86 @@
---
kind: Service
apiVersion: v1
metadata:
name: {{ include "template.fullname" . }}-mongodb-service
spec:
ports:
- name: 'mongo'
protocol: TCP
port: 27017
targetPort: 27017
selector:
name: {{ include "template.fullname" . }}-mongodb
type: NodePort
---
kind: Service
apiVersion: v1
metadata:
name: {{ include "template.fullname" . }}-service-tcp
{{- with .Values.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ports:
- name: 'internal-comms'
protocol: TCP
port: 8080
targetPort: 8080
- name: 'https-web'
protocol: TCP
port: 8443
targetPort: 8443
- name: 'http-s-redirect'
protocol: TCP
port: 8843
targetPort: 8843
- name: 'http-redirect'
protocol: TCP
port: 8880
targetPort: 8880
- name: 'speedt-test'
protocol: TCP
port: 6789
targetPort: 6789
selector:
name: {{ include "template.fullname" . }}-app
type: {{ .Values.service.type }}
{{- if .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{ end }}
---
kind: Service
apiVersion: v1
metadata:
name: {{ include "template.fullname" . }}-service-udp
{{- with .Values.service.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ports:
- name: '1900'
protocol: UDP
port: 1900
targetPort: 1900
- name: '3478'
protocol: UDP
port: 3478
targetPort: 3478
- name: '5514'
protocol: UDP
port: 5514
targetPort: 5514
- name: '10001'
protocol: UDP
port: 10001
targetPort: 10001
selector:
name: {{ include "template.fullname" . }}-app
type: {{ .Values.service.type }}
{{- if .Values.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{ end }}

104
charts/unifi-network-application/values.yaml Normal file
View File

@ -0,0 +1,104 @@
---
# -- how many app replicas to run; only ever tested with 1
replicaCount: 1
image:
repository: linuxserver/unifi-network-application
pullPolicy: IfNotPresent
# -- overrides the image tag whose default is the chart appVersion
tag: ''
nameOverride: ''
# -- can be used to override the main app name; incorporates release name by default
fullnameOverride: ''
global:
# -- globally set the storage class for PVCs
storageClass: ''
service:
annotations: {}
type:
loadBalancerIp:
# Not optional - otherwise UI not accessible
ingress:
hostname: unifi.local
annotations: {}
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
# traefik.ingress.kubernetes.io/loadbalancer.server.scheme: https
redirect:
# -- deploys an additional ingress for http to https redirection, if needed
enabled: true
annotations: {}
# traefik.ingress.kubernetes.io/router.entrypoints: web
# traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
# ingress.kubernetes.io/custom-request-headers: X-Forwarded-Proto:https
resources: {}
# Suggested/tested resource settings
# requests:
# memory: 1Gi
# cpu: 0.5
# limits:
# memory: 1.5Gi
# cpu: 2
persistence:
# -- whether to deal with persistence at all
enabled: true
# -- whether to create PVCs
create: true
# -- suffix string that will be appended to fullname
claimSuffix: config-claim
annotations: {}
labels: {}
accessModes: {}
# -- override storage class
storageClass: ''
volumeName: ''
# -- size limit for the PVC
size: 128Mi
mongodb:
# -- image to pull and use; for arm64 (eg Raspberry Pi 4), use "arm64v8/mongo"
image: mongo
imageTag: '7.0'
cacheSizeGB: '0.25'
# -- main database name
dbname: unifi
# -- stat database name
dbname_stat: unifi_stat
# -- credentials for "normal" and admin user; MUST BE SET!
username: ''
password: ''
adminuser: ''
adminpassword: ''
persistence:
# -- whether to deal with persistence at all
enabled: true
# -- whether to create PVCs
create: true
# -- suffix string that will be appended to fullname
claimSuffix: config-claim
annotations: {}
labels: {}
accessModes: {}
# -- override storage class
storageClass: ''
volumeName: ''
# -- size limit for the PVC
size: 128Mi
podSecurityContext: {}
# Settings for NFS running as nobody(65534):
# runAsUser: 65534
# runAsGroup: 65534