bp99/plcnk-helm-charts
1
0
Fork 0
forked from github-mirrorer/plcnk-helm-charts
Code Pull Requests Activity

feat(cloudflare): Initial release (#17)

Browse Source 
* feat(cloudflare): Initial release

* feat(cloudflare): Update README.md
This commit is contained in:
Romain Pluciennik
2024-08-21 00:32:49 +02:00
committed by GitHub
parent 506c1dbf08
commit 316c9da542
9 changed files with 326 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -27,6 +27,7 @@ The code in this repository is provided as-is with no warranties.
| Chart | Description | | Chart | Description |
| ----- | ----------- | | ----- | ----------- |
| [# cloudflare-tunnel <img src='https://raw.githubusercontent.com/plcnk/charts/master/charts/cloudflare-tunnel/icon.svg' alt='cloudflare-tunnel icon' width='18px' align='right' loading='lazy'>](https://github.com/plcnk/charts/tree/master/charts/cloudflare-tunnel/) | Connect your resources to Cloudflare without a publicly routable IP address. |
| [# it-tools <img src='https://raw.githubusercontent.com/plcnk/charts/master/charts/it-tools/icon.svg' alt='it-tools icon' width='18px' align='right' loading='lazy'>](https://github.com/plcnk/charts/tree/master/charts/it-tools/) | Collection of handy online tools for developers, with great UX. | | [# it-tools <img src='https://raw.githubusercontent.com/plcnk/charts/master/charts/it-tools/icon.svg' alt='it-tools icon' width='18px' align='right' loading='lazy'>](https://github.com/plcnk/charts/tree/master/charts/it-tools/) | Collection of handy online tools for developers, with great UX. |
| [# moodist <img src='https://raw.githubusercontent.com/plcnk/charts/master/charts/moodist/icon.svg' alt='moodist icon' width='18px' align='right' loading='lazy'>](https://github.com/plcnk/charts/tree/master/charts/moodist/) | Ambient sounds for focus and calm. | | [# moodist <img src='https://raw.githubusercontent.com/plcnk/charts/master/charts/moodist/icon.svg' alt='moodist icon' width='18px' align='right' loading='lazy'>](https://github.com/plcnk/charts/tree/master/charts/moodist/) | Ambient sounds for focus and calm. |
| [# wikijs <img src='https://raw.githubusercontent.com/plcnk/charts/master/charts/wikijs/icon.svg' alt='wikijs icon' width='18px' align='right' loading='lazy'>](https://github.com/plcnk/charts/tree/master/charts/wikijs/) | A modern, lightweight and powerful wiki app built on NodeJS. | | [# wikijs <img src='https://raw.githubusercontent.com/plcnk/charts/master/charts/wikijs/icon.svg' alt='wikijs icon' width='18px' align='right' loading='lazy'>](https://github.com/plcnk/charts/tree/master/charts/wikijs/) | A modern, lightweight and powerful wiki app built on NodeJS. |

23
charts/cloudflare-tunnel/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

6
charts/cloudflare-tunnel/Chart.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: common
repository: https://bjw-s.github.io/helm-charts
version: 3.3.2
digest: sha256:5a0f9f06aa383b7cc3070899b879401bcd4ae48b021d0a2b7f9ba39827019e24
generated: "2024-08-20T23:20:57.06668901+02:00"

30
charts/cloudflare-tunnel/Chart.yaml Normal file
View File

@ -0,0 +1,30 @@
apiVersion: v2
name: cloudflare-tunnel
description: Connect your resources to Cloudflare without a publicly routable IP address.
home: https://github.com/plcnk/charts/tree/master/charts/cloudflare-tunnel
icon: https://raw.githubusercontent.com/plcnk/charts/master/charts/cloudflare-tunnel/icon.svg
type: application
version: 0.1.0
# renovate datasource=docker depName=cloudflare/cloudflared
appVersion: "2024.8.2"
kubeVersion: ">=1.22.0-0"
keywords:
- cloudflared
- cloudflare
- argo
- tunnel
dependencies:
- name: common
repository: https://bjw-s.github.io/helm-charts
version: 3.3.2
sources:
- https://github.com/cloudflare/cloudflared
annotations:
artifacthub.io/changes: |-
- kind: added
description: Initial release
artifacthub.io/links: |-
- name: App Source
url: https://github.com/cloudflare/cloudflared
- name: Chart Source
url: https://github.com/plcnk/charts/tree/master/charts/cloudflare-tunnel

109
charts/cloudflare-tunnel/README.md Normal file
View File

@ -0,0 +1,109 @@
# # cloudflare-tunnel
<img src="https://raw.githubusercontent.com/plcnk/charts/master/charts/cloudflare-tunnel/icon.svg" align="right" width="92" alt="cloudflare-tunnel logo">
![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat)
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat)
![AppVersion: 2024.8.2](https://img.shields.io/badge/AppVersion-2024.8.2-informational?style=flat)
Connect your resources to Cloudflare without a publicly routable IP address.
**Homepage:** <https://github.com/plcnk/charts/tree/master/charts/cloudflare-tunnel>
**This chart is not maintained by the upstream project and any issues with the chart should be raised
[here](https://github.com/plcnk/charts/issues/new?assignees=plcnk&labels=bug&template=bug_report.yaml&name=cloudflare-tunnel&version=0.1.0)**
## Source Code
* <https://github.com/cloudflare/cloudflared>
## Requirements
Kubernetes: `>=1.22.0-0`
## Dependencies
| Repository | Name | Version |
|------------|------|---------|
| <https://bjw-s.github.io/helm-charts> | common | 3.3.2 |
## Installing the Chart
To install the chart with the release name `cloudflare-tunnel`
### OCI (Recommended)
```console
helm install cloudflare-tunnel oci://ghcr.io/plcnk/charts/cloudflare-tunnel
```
### Traditional
```console
helm repo add plcnk https://charts.plcnk.net
helm repo update
helm install cloudflare-tunnel plcnk/cloudflare-tunnel
```
## Uninstalling the Chart
To uninstall the `cloudflare-tunnel` deployment
```console
helm uninstall cloudflare-tunnel
```
The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
## Configuration
Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
Other values may be used from the [values.yaml](https://github.com/bjw-s/helm-charts/tree/main/charts/library/common/values.yaml) from the [bjw-s common library](https://github.com/bjw-s/helm-charts/tree/main/charts/library/common).
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
```console
helm install cloudflare-tunnel \
--set env.TZ="America/New York" \
plcnk/cloudflare-tunnel
```
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
```console
helm install cloudflare-tunnel plcnk/cloudflare-tunnel -f values.yaml
```
## Custom configuration
> [!NOTE]
> This chart only supports the **remotely-managed** (dashboard) version of Cloudflare Tunnel.
> The **locally-managed** (CLI) version is currently **not supported**.
## Values
**Important**: When deploying an application Helm chart you can add more values from the bjw-s common library chart [here](https://github.com/bjw-s/helm-charts/tree/main/charts/library/common)
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| controllers.main.containers.app.env | object | See [values.yaml](./values.yaml) | Environment variables |
| controllers.main.containers.app.image.pullPolicy | string | `"IfNotPresent"` | Image pull policy |
| controllers.main.containers.app.image.repository | string | `"cloudflare/cloudflared"` | Image repository |
| controllers.main.containers.app.image.tag | string | `"2024.8.2"` | Image tag |
| controllers.main.containers.app.securityContext.allowPrivilegeEscalation | bool | `false` | Disable privilege escalations |
| controllers.main.containers.app.securityContext.capabilities | object | `{"drop":["ALL"]}` | Drop all capabilities |
| controllers.main.containers.app.securityContext.readOnlyRootFilesystem | bool | `true` | Mount the container's root filesystem as read-only |
| controllers.main.pod.securityContext.fsGroup | int | `65534` | Volume binds will be granted to `nobody` group |
| controllers.main.pod.securityContext.runAsGroup | int | `65534` | Run as `nobody` group |
| controllers.main.pod.securityContext.runAsNonRoot | bool | `true` | Run container as a non-root user |
| controllers.main.pod.securityContext.runAsUser | int | `65534` | Run as `nobody` user |
| controllers.main.replicas | int | `1` | Number of desired pods |
| controllers.main.resources | object | `{}` | Set the resource requests / limits for the container. |
| controllers.main.type | string | `"deployment"` | Controller type |
| logLevel | string | `"info"` | Set the container log level. Accepted values: `debug`, `info`, `warn`, `error`, `fatal` |
| metrics | object | `{"enabled":false,"port":""}` | Enable Metrics Monitor under this key. |
| tunnel.existingSecret | object | `{"enabled":false,"key":"","name":""}` | You can set the token as an existing secret here. |
| tunnel.token | string | `"your-token-here"` | Set the Cloudflare Tunnel token here. |
---
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)

15
charts/cloudflare-tunnel/README_CONFIG.md.gotmpl Normal file
View File

@ -0,0 +1,15 @@
{{- define "custom.chart.name" -}}
# {{ .Name }}
{{- end -}}
{{- define "custom.custom.configuration.header" -}}
## Custom configuration
{{- end -}}
{{- define "custom.custom.configuration" -}}
{{ template "custom.custom.configuration.header" . }}
> [!NOTE]
> This chart only supports the **remotely-managed** (dashboard) version of Cloudflare Tunnel.
> The **locally-managed** (CLI) version is currently **not supported**.
{{- end -}}

7
charts/cloudflare-tunnel/icon.svg Normal file
View File

@ -0,0 +1,7 @@
<?xml version="1.0" encoding="utf-8"?><!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
<svg xmlns="http://www.w3.org/2000/svg"
aria-label="Cloudflare" role="img"
viewBox="0 0 512 512"><rect
width="512" height="512"
rx="15%"
fill="#ffffff"/><path fill="#f38020" d="M331 326c11-26-4-38-19-38l-148-2c-4 0-4-6 1-7l150-2c17-1 37-15 43-33 0 0 10-21 9-24a97 97 0 0 0-187-11c-38-25-78 9-69 46-48 3-65 46-60 72 0 1 1 2 3 2h274c1 0 3-1 3-3z"/><path fill="#faae40" d="M381 224c-4 0-6-1-7 1l-5 21c-5 16 3 30 20 31l32 2c4 0 4 6-1 7l-33 1c-36 4-46 39-46 39 0 2 0 3 2 3h113l3-2a81 81 0 0 0-78-103"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 622 B

59
charts/cloudflare-tunnel/templates/common.yaml Normal file
View File

@ -0,0 +1,59 @@
{{/* Append the hardcoded settings */}}
{{- define "cloudflare-tunnel.harcodedValues" -}}
{{- if .Values.metrics.enabled }}
service:
main:
controller: main
ports:
metrics:
port: {{ .Values.metrics.port }}
protocol: TCP
serviceMonitor:
main:
enabled: true
serviceName: {{ include "bjw-s.common.lib.chart.names.fullname" $ }}
endpoints:
- port: metrics
path: /metrics
{{- end }}
controllers:
main:
containers:
app:
{{- if .Values.metrics.enabled }}
ports:
- name: metrics
containerPort: {{ .Values.metrics.port }}
{{- end }}
env:
TUNNEL_TOKEN: {{ if not .Values.tunnel.existingSecret.enabled }}{{ .Values.tunnel.token }}{{ end }}
{{- if .Values.tunnel.existingSecret.enabled }}
secretKeyRef:
name: {{ .Values.tunnel.existingSecret.name }}
key: {{ .Values.tunnel.existingSecret.key }}
{{- end }}
args:
- tunnel
- --no-autoupdate
{{- if .Values.logLevel }}
- --loglevel
- {{ .Values.logLevel }}
{{- end }}
{{- if .Values.metrics.enabled }}
- --metrics
- "0.0.0.0:{{ .Values.metrics.port }}"
{{- end }}
- run
- --token
- $(TUNNEL_TOKEN)
{{- end -}}
{{- $tmplVars := deepCopy . -}}
{{ include "bjw-s.common.loader.init" $tmplVars }}
{{- $defaultValues := include "cloudflare-tunnel.harcodedValues" $tmplVars | fromYaml -}}
{{- $_ := mustMerge .Values $defaultValues -}}
{{/* Render the templates */}}
{{ include "bjw-s.common.loader.init" . }}
{{ include "bjw-s.common.loader.generate" . }}

76
charts/cloudflare-tunnel/values.yaml Normal file
View File

@ -0,0 +1,76 @@
---
#
# IMPORTANT NOTE
#
# This chart inherits from our common library chart. You can check the default values/options here:
# https://github.com/bjw-s/helm-charts/blob/main/charts/library/common/values.yaml
#
controllers:
main:
# -- Controller type
type: deployment
# -- Number of desired pods
replicas: 1
containers:
app:
image:
# -- Image repository
repository: cloudflare/cloudflared
# -- Image pull policy
pullPolicy: IfNotPresent
# -- Image tag
tag: 2024.8.2
# -- Environment variables
# @default -- See [values.yaml](./values.yaml)
env: {}
# TZ: UTC
securityContext:
# -- Mount the container's root filesystem as read-only
readOnlyRootFilesystem: true
# -- Disable privilege escalations
allowPrivilegeEscalation: false
# -- Drop all capabilities
capabilities:
drop:
- ALL
pod:
securityContext:
# -- Run container as a non-root user
runAsNonRoot: true
# -- Run as `nobody` user
runAsUser: 65534
# -- Run as `nobody` group
runAsGroup: 65534
# -- Volume binds will be granted to `nobody` group
fsGroup: 65534
# -- Set the resource requests / limits for the container.
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
tunnel:
# -- Set the Cloudflare Tunnel token here.
token: "your-token-here"
# -- You can set the token as an existing secret here.
existingSecret:
enabled: false
name: ""
key: ""
# -- Set the container log level.
# Accepted values: `debug`, `info`, `warn`, `error`, `fatal`
logLevel: info
# -- Enable Metrics Monitor under this key.
metrics:
enabled: false
port: ""