github-mirrorer/rtomik-helm-charts
1
0
Fork 1
mirror of https://github.com/rtomik/helm-charts.git synced 2026-04-05 17:50:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: github-mirrorer:donetick-0.1.0
Branches Tags
github-mirrorer:main github-mirrorer:gh-pages
github-mirrorer:norish-0.0.5 github-mirrorer:norish-0.0.4 github-mirrorer:paperless-ngx-0.0.5 github-mirrorer:donetick-1.0.6 github-mirrorer:donetick-1.0.5 github-mirrorer:paperless-ngx-0.0.4 github-mirrorer:paperless-ngx-0.0.3 github-mirrorer:qbittorrent-vpn-0.0.2 github-mirrorer:norish-0.0.3 github-mirrorer:norish-0.0.2 github-mirrorer:norish-0.0.1 github-mirrorer:tandoor-0.0.1 github-mirrorer:paperless-ngx-0.0.2 github-mirrorer:donetick-1.0.4 github-mirrorer:donetick-1.0.3 github-mirrorer:donetick-1.0.2 github-mirrorer:mealie-0.0.2 github-mirrorer:paperless-ngx-0.0.1 github-mirrorer:joplin-server-0.0.2 github-mirrorer:joplin-server-0.0.1 github-mirrorer:mealie-0.0.1 github-mirrorer:karakeep-0.0.1 github-mirrorer:qbittorrent-vpn-0.0.1 github-mirrorer:jellyseerr-0.0.1 github-mirrorer:recipya-0.0.2 github-mirrorer:recipya-0.0.1 github-mirrorer:donetick-1.0.1 github-mirrorer:donetick-1.0.0 github-mirrorer:donetick-0.1.0
...
compare: github-mirrorer:recipya-0.0.2
Branches Tags
github-mirrorer:gh-pages github-mirrorer:main
github-mirrorer:norish-0.0.5 github-mirrorer:norish-0.0.4 github-mirrorer:paperless-ngx-0.0.5 github-mirrorer:donetick-1.0.6 github-mirrorer:donetick-1.0.5 github-mirrorer:paperless-ngx-0.0.4 github-mirrorer:paperless-ngx-0.0.3 github-mirrorer:qbittorrent-vpn-0.0.2 github-mirrorer:norish-0.0.3 github-mirrorer:norish-0.0.2 github-mirrorer:norish-0.0.1 github-mirrorer:tandoor-0.0.1 github-mirrorer:paperless-ngx-0.0.2 github-mirrorer:donetick-1.0.4 github-mirrorer:donetick-1.0.3 github-mirrorer:donetick-1.0.2 github-mirrorer:mealie-0.0.2 github-mirrorer:paperless-ngx-0.0.1 github-mirrorer:joplin-server-0.0.2 github-mirrorer:joplin-server-0.0.1 github-mirrorer:mealie-0.0.1 github-mirrorer:karakeep-0.0.1 github-mirrorer:qbittorrent-vpn-0.0.1 github-mirrorer:jellyseerr-0.0.1 github-mirrorer:recipya-0.0.2 github-mirrorer:recipya-0.0.1 github-mirrorer:donetick-1.0.1 github-mirrorer:donetick-1.0.0 github-mirrorer:donetick-0.1.0

14 Commits
donetick-0 ... recipya-0.

Author SHA1 Message Date
Richard Tomik
d968f2ae19 Released v 0.0.2 fixed issue with deployment on kubernetes. 2025-04-05 22:56:22 +02:00
Richard Tomik
4df5dc4384 Merge branch 'main' of https://github.com/rtomik/helm-charts 2025-04-05 18:38:20 +02:00
Richard Tomik
20d661ef6f added recipya helm chart init commit 2025-04-05 18:38:16 +02:00
Richard Tomik
e7635ee5a4 Update artifacthub-repo.yml 2025-04-01 10:39:42 +02:00
Richard Tomik
7cafc6a692 Merge branch 'main' of https://github.com/rtomik/helm-charts 2025-03-31 09:42:52 +02:00
Richard Tomik
b84d617f76 added Artifact Hub repository metadata file 2025-03-31 09:42:45 +02:00
Richard Tomik
a89c71d03f Update README.md 2025-03-24 11:01:29 +01:00
Richard Tomik
24947446e3 Update readme.md 2025-03-23 20:53:07 +01:00
Richard Tomik
2130a6984d Update readme.md 2025-03-23 20:49:57 +01:00
Richard Tomik
0f2602fb5a edited version 2025-03-23 20:37:51 +01:00
Richard Tomik
835e6924cf edited configmap 2025-03-23 20:32:38 +01:00
Richard Tomik
e81b3dee2f Update readme.md 2025-03-23 18:10:36 +01:00
Richard Tomik
3a3efdb30b Merge branch 'main' of https://github.com/rtomik/helm-charts 2025-03-23 17:32:41 +01:00
Richard Tomik
439b8acea7 v1.0.0 2025-03-23 17:32:12 +01:00
15 changed files with 841 additions and 7 deletions
Expand all files Collapse all files

1
README.md
View File

@ -1,2 +1,3 @@
# helm-charts
Repo for helm charts
Donetick Helm chart

19
artifacthub-repo.yml Normal file
View File

@ -0,0 +1,19 @@
# Artifact Hub repository metadata file
#
# Some settings like the verified publisher flag or the ignored packages won't
# be applied until the next time the repository is processed. Please keep in
# mind that the repository won't be processed if it has not changed since the
# last time it was processed. Depending on the repository kind, this is checked
# in a different way. For Helm http based repositories, we consider it has
# changed if the `index.yaml` file changes. For git based repositories, it does
# when the hash of the last commit in the branch you set up changes. This does
# NOT apply to ownership claim operations, which are processed immediately.
#
repositoryID: 8ec75275-172f-45e9-b188-3b0dd609bee9
owners: # (optional, used to claim repository ownership)
- name: user1
email: tomikr7@gmail.com
ignore: # (optional, packages that should not be indexed by Artifact Hub)
- name: donetick # Exact match
version: 0.1.0 # Regular expression (when omitted, all versions are ignored)

2
charts/donetick/Chart.yaml
View File

@ -2,7 +2,7 @@ apiVersion: v2
name: donetick
description: A Helm chart for Donetick application
type: application
version: 0.1.0
version: 1.0.1
appVersion: "latest"
maintainers:
- name: Richard Tomik

10
charts/donetick/readme.md
View File

@ -14,21 +14,21 @@ This chart deploys [Donetick](https://github.com/donetick/donetick) on a Kuberne
## Installing the Chart
To install the chart with the release name `my-donetick`:
To install the chart with the release name `donetick`:
```bash
$ helm repo add donetick-chart https://rtomik.github.io/helm-charts
$ helm install my-donetick donetick-chart/donetick
$ helm install donetick donetick-chart/donetick
```
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-donetick` deployment:
To uninstall/delete the `donetick` deployment:
```bash
$ helm delete my-donetick
$ helm uninstall donetick
```
## Parameters
@ -107,4 +107,4 @@ $ helm delete my-donetick
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.storageClass` | PVC Storage Class | `"longhorn"` |
| `persistence.accessMode` | PVC Access Mode | `ReadWriteOnce` |
| `persistence.size` |
| `persistence.size` |

3
charts/donetick/templates/configmap.yaml
View File

@ -64,7 +64,8 @@ data:
appHost: {{ .Values.config.email.appHost | default "" | quote }}
oauth2:
{{- if .Values.config.oauth2.existingSecret }}
# Client ID and Secret will be injected from Secret
client_id: $DT_OAUTH2_CLIENT_ID
client_secret: $DT_OAUTH2_CLIENT_SECRET
{{- else }}
client_id: {{ .Values.config.oauth2.client_id | default "" | quote }}
client_secret: {{ .Values.config.oauth2.client_secret | default "" | quote }}

15
charts/recipya/Chart.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v2
name: recipya
description: A Helm chart for Recipya recipe manager application
type: application
version: 0.0.2
appVersion: "v1.2.2"
maintainers:
- name: Richard Tomik
email: no@m.com
keywords:
- recipe-manager
- recipya
home: https://github.com/rtomik/helm-charts
sources:
- https://github.com/reaper47/recipya

194
charts/recipya/readme.md Normal file
View File

@ -0,0 +1,194 @@
# Recipya Helm Chart
A Helm chart for deploying [Recipya](https://github.com/reaper47/recipya) on Kubernetes.
## Introduction
This chart deploys Recipya recipe manager on a Kubernetes cluster using the Helm package manager.
## Prerequisites
- Kubernetes 1.19+
- Helm 3.2.0+
- PV provisioner support in the underlying infrastructure (if persistence is needed)
## Installing the Chart
To install the chart with the release name `recipya`:
```bash
helm repo add recipya-chart https://rtomik.github.io/helm-charts
helm install recipya recipya-chart/recipya -n recipya
```
The command deploys Recipya on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
## Uninstalling the Chart
To uninstall/delete the `recipya` deployment:
```bash
helm uninstall recipya -n recipya
```
## Important Configuration Notes
### Server URL
When deploying with an ingress, it's **critical** to set `config.server.url` to match your ingress URL (including https if you're using TLS). This ensures that redirects after login work correctly:
```yaml
config:
server:
url: "https://your-recipya-domain.com"
```
### Ingress Configuration
This chart includes optimized ingress configurations for Traefik, with support for WebSockets and proper security headers. If you're using a different ingress controller, you may need to adjust annotations accordingly.
## Parameters
### Global parameters
| Name | Description | Value |
|--------------------------|--------------------------------------|-----------------|
| `image.repository` | Recipya image repository | `reaper99/recipya` |
| `image.tag` | Recipya image tag | `v1.2.2` |
| `image.pullPolicy` | Recipya image pull policy | `IfNotPresent` |
| `replicaCount` | Number of Recipya replicas | `1` |
| `revisionHistoryLimit` | Number of revisions to keep | `3` |
### Security parameters
| Name | Description | Value |
|-----------------------------------------|--------------------------------------------------|-----------|
| `podSecurityContext.fsGroup` | Group ID for the Recipya container | `1000` |
| `containerSecurityContext` | Security context for the container | `{}` |
### Recipya configuration parameters
| Name | Description | Value |
|-----------------------------------------|-------------------------------------------------------|---------------------|
| `config.server.port` | Server port | `8078` |
| `config.server.autologin` | Whether to login automatically | `false` |
| `config.server.is_demo` | Whether the app is a demo version | `false` |
| `config.server.is_prod` | Whether the app is in production | `false` |
| `config.server.no_signups` | Whether to disable user account registrations | `false` |
| `config.server.url` | Base URL for the application | `http://0.0.0.0` |
| `config.email.address` | The email address for SendGrid | `""` |
| `config.email.sendgrid` | SendGrid API key | `""` |
| `config.documentIntelligence.endpoint` | Azure Document Intelligence endpoint | `""` |
| `config.documentIntelligence.key` | Azure Document Intelligence key | `""` |
### Service parameters
| Name | Description | Value |
|--------------------------|--------------------------------------------------|-------------|
| `service.type` | Recipya service type | `ClusterIP` |
| `service.port` | Recipya service port | `8078` |
### Ingress parameters
| Name | Description | Value |
|-------------------------------|--------------------------------------------------|------------------------|
| `ingress.enabled` | Enable ingress controller resource | `false` |
| `ingress.className` | IngressClass that will be used | `"traefik"` |
| `ingress.annotations` | Additional ingress annotations | See values.yaml |
| `ingress.hosts[0].host` | Default host for the ingress resource | `chart-example.local` |
| `ingress.tls` | TLS configuration | `[]` |
### Persistence parameters
| Name | Description | Value |
|--------------------------------------|------------------------------------------|------------------|
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.accessMode` | PVC Access Mode | `ReadWriteOnce` |
| `persistence.size` | PVC Storage Request | `1Gi` |
| `persistence.storageClass` | Storage class of backing PVC | `""` |
### Resource parameters
| Name | Description | Value |
|-------------------------------|------------------------------------------|-----------|
| `resources.limits.cpu` | CPU limit | `500m` |
| `resources.limits.memory` | Memory limit | `512Mi` |
| `resources.requests.cpu` | CPU request | `100m` |
| `resources.requests.memory` | Memory request | `128Mi` |
### Probe parameters
| Name | Description | Value |
|--------------------------------------|--------------------------------------------|-----------|
| `probes.liveness.enabled` | Enable liveness probe | `true` |
| `probes.liveness.path` | Path for liveness probe | `/` |
| `probes.readiness.enabled` | Enable readiness probe | `true` |
| `probes.readiness.path` | Path for readiness probe | `/` |
## Traefik Ingress Configuration
The chart includes specially configured middlewares for Traefik to ensure proper functioning of Recipya:
```yaml
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: recipya-recipya-headers@kubernetescrd
traefik.ingress.kubernetes.io/service.sticky: "true"
traefik.ingress.kubernetes.io/session-cookie-name: "recipya_session"
hosts:
- host: recipya.example.com
paths:
- path: /
pathType: ImplementationSpecific
tls:
- hosts:
- recipya.example.com
```
This configuration includes:
1. Custom Content Security Policy allowing essential scripts from unpkg.com
2. Sticky sessions for maintaining authentication
3. Proper headers for proxy operation
## Content Security Policy Configuration
The chart includes a custom middleware that configures the proper Content Security Policy for Recipya. This is particularly important as the application requires access to external scripts from unpkg.com:
```yaml
contentSecurityPolicy: >-
default-src 'self';
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://unpkg.com;
style-src 'self' 'unsafe-inline';
img-src 'self' data: blob:;
font-src 'self' data:;
connect-src 'self' ws: wss: *;
worker-src 'self' blob:;
frame-src 'self';
media-src 'self' blob:;
object-src 'none';
form-action 'self';
```
## Using Existing Secrets
If you want to use existing secrets for sensitive data:
```yaml
config:
email:
existingSecret: "my-email-secret"
addressKey: "email"
sendgridKey: "sendgrid"
documentIntelligence:
existingSecret: "my-di-secret"
endpointKey: "di_endpoint"
keyKey: "di_key"
```
## Configuration
See the [Recipya documentation](https://recipes.musicavis.ca/docs/installation/docker/#environment-variables) for details on all available configuration options.

62
charts/recipya/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "recipya.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "recipya.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "recipya.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "recipya.labels" -}}
helm.sh/chart: {{ include "recipya.chart" . }}
{{ include "recipya.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "recipya.selectorLabels" -}}
app.kubernetes.io/name: {{ include "recipya.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "recipya.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "recipya.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

73
charts/recipya/templates/configmap-init-script.yaml Normal file
View File

@ -0,0 +1,73 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "recipya.fullname" . }}-init-script
labels:
{{- include "recipya.labels" . | nindent 4 }}
data:
init.sh: |
#!/bin/sh
set -e
CONFIG_DIR="/home/recipya/.config/Recipya"
CONFIG_FILE="$CONFIG_DIR/config.json"
TARGET_PORT={{ .Values.config.server.port }}
echo "Starting initialization with port $TARGET_PORT..."
# Create directories if they don't exist
mkdir -p $CONFIG_DIR/Backup
mkdir -p $CONFIG_DIR/Database
mkdir -p $CONFIG_DIR/Images
mkdir -p $CONFIG_DIR/Logs
mkdir -p $CONFIG_DIR/Videos
echo "Directories created."
# Create config.json if it doesn't exist or update the existing one
if [ -f "$CONFIG_FILE" ]; then
echo "Found existing config.json, updating port to $TARGET_PORT"
# Use jq to modify the port in the existing config file
TMP_FILE=$(mktemp)
cat $CONFIG_FILE | jq ".server.port = $TARGET_PORT" > $TMP_FILE
mv $TMP_FILE $CONFIG_FILE
else
echo "Creating new config.json with port $TARGET_PORT"
# Create a new config.json with default values and the specified port
cat > $CONFIG_FILE << EOF
{
"email": {
"from": "{{ .Values.config.email.address | default "" }}",
"sendGridAPIKey": "{{ .Values.config.email.sendgrid | default "" }}"
},
"integrations": {
"azureDocumentIntelligence": {
"endpoint": "{{ .Values.config.documentIntelligence.endpoint | default "" }}",
"key": "{{ .Values.config.documentIntelligence.key | default "" }}"
}
},
"server": {
"autologin": {{ .Values.config.server.autologin }},
"bypassGuide": false,
"isDemo": {{ .Values.config.server.is_demo }},
"noSignups": {{ .Values.config.server.no_signups }},
"isProduction": {{ .Values.config.server.is_prod }},
"port": $TARGET_PORT,
"url": "{{ .Values.config.server.url }}"
}
}
EOF
fi
# Set permissions using numeric IDs
echo "Setting permissions..."
chmod -R 755 $CONFIG_DIR
find $CONFIG_DIR -type f -exec chmod 644 {} \;
find $CONFIG_DIR -type d -exec chmod 755 {} \;
# Change ownership by numeric ID
echo "Changing ownership to 1000:1000..."
chown -R 1000:1000 $CONFIG_DIR
echo "Configuration completed successfully."
ls -la $CONFIG_DIR

226
charts/recipya/templates/deployment.yaml Normal file
View File

@ -0,0 +1,226 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "recipya.fullname" . }}
labels:
{{- include "recipya.labels" . | nindent 4 }}
annotations:
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
checksum/init-script: {{ include (print $.Template.BasePath "/configmap-init-script.yaml") . | sha256sum }}
spec:
replicas: {{ .Values.replicaCount }}
revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
selector:
matchLabels:
{{- include "recipya.selectorLabels" . | nindent 6 }}
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
template:
metadata:
labels:
{{- include "recipya.selectorLabels" . | nindent 8 }}
annotations:
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
# Set security context for the pod
securityContext:
fsGroup: 1000
# Init container to configure the application
initContainers:
- name: init-config
image: alpine:3.18
command: ["/bin/sh", "-c"]
args:
- |
echo "Installing jq..."
apk add --no-cache jq
echo "Running initialization script..."
/scripts/init.sh
securityContext:
runAsUser: 0 # Run as root to modify config files
runAsGroup: 0
volumeMounts:
- name: data
mountPath: /home/recipya/.config/Recipya
- name: init-script
mountPath: /scripts
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 100m
memory: 128Mi
# Main application container
containers:
- name: {{ .Chart.Name }}
securityContext:
runAsUser: 1000
runAsGroup: 1000
runAsNonRoot: true
readOnlyRootFilesystem: false
capabilities:
drop:
- ALL
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.startupArgs }}
args:
{{- range .Values.startupArgs }}
- {{ . | quote }}
{{- end }}
{{- end }}
ports:
- name: http
containerPort: {{ .Values.service.port }}
protocol: TCP
{{- if .Values.probes.liveness.enabled }}
livenessProbe:
httpGet:
path: {{ .Values.probes.liveness.path }}
port: http
initialDelaySeconds: {{ .Values.probes.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.probes.liveness.timeoutSeconds }}
failureThreshold: {{ .Values.probes.liveness.failureThreshold }}
successThreshold: {{ .Values.probes.liveness.successThreshold }}
{{- end }}
{{- if .Values.probes.readiness.enabled }}
readinessProbe:
httpGet:
path: {{ .Values.probes.readiness.path }}
port: http
initialDelaySeconds: {{ .Values.probes.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.probes.readiness.timeoutSeconds }}
failureThreshold: {{ .Values.probes.readiness.failureThreshold }}
successThreshold: {{ .Values.probes.readiness.successThreshold }}
{{- end }}
env:
# Critical environment variables for proper directory structure
- name: HOME
value: "/home/recipya"
- name: RECIPYA_SERVER_URL
value: {{ .Values.config.server.url | quote }}
- name: RECIPYA_SERVER_AUTOLOGIN
value: {{ .Values.config.server.autologin | quote }}
- name: RECIPYA_SERVER_IS_DEMO
value: {{ .Values.config.server.is_demo | quote }}
- name: RECIPYA_SERVER_IS_PROD
value: {{ .Values.config.server.is_prod | quote }}
- name: RECIPYA_SERVER_NO_SIGNUPS
value: {{ .Values.config.server.no_signups | quote }}
{{- if .Values.config.email.existingSecret }}
- name: RECIPYA_EMAIL
valueFrom:
secretKeyRef:
name: {{ .Values.config.email.existingSecret }}
key: {{ .Values.config.email.addressKey }}
- name: RECIPYA_EMAIL_SENDGRID
valueFrom:
secretKeyRef:
name: {{ .Values.config.email.existingSecret }}
key: {{ .Values.config.email.sendgridKey }}
{{- else }}
{{- if .Values.config.email.address }}
- name: RECIPYA_EMAIL
valueFrom:
secretKeyRef:
name: {{ include "recipya.fullname" . }}-secrets
key: {{ .Values.config.email.addressKey }}
optional: true
{{- end }}
{{- if .Values.config.email.sendgrid }}
- name: RECIPYA_EMAIL_SENDGRID
valueFrom:
secretKeyRef:
name: {{ include "recipya.fullname" . }}-secrets
key: {{ .Values.config.email.sendgridKey }}
optional: true
{{- end }}
{{- end }}
{{- if .Values.config.documentIntelligence.existingSecret }}
- name: RECIPYA_DI_ENDPOINT
valueFrom:
secretKeyRef:
name: {{ .Values.config.documentIntelligence.existingSecret }}
key: {{ .Values.config.documentIntelligence.endpointKey }}
- name: RECIPYA_DI_KEY
valueFrom:
secretKeyRef:
name: {{ .Values.config.documentIntelligence.existingSecret }}
key: {{ .Values.config.documentIntelligence.keyKey }}
{{- else }}
{{- if .Values.config.documentIntelligence.endpoint }}
- name: RECIPYA_DI_ENDPOINT
valueFrom:
secretKeyRef:
name: {{ include "recipya.fullname" . }}-secrets
key: {{ .Values.config.documentIntelligence.endpointKey }}
optional: true
{{- end }}
{{- if .Values.config.documentIntelligence.key }}
- name: RECIPYA_DI_KEY
valueFrom:
secretKeyRef:
name: {{ include "recipya.fullname" . }}-secrets
key: {{ .Values.config.documentIntelligence.keyKey }}
optional: true
{{- end }}
{{- end }}
{{- range .Values.env }}
- name: {{ .name }}
value: {{ .value | quote }}
{{- end }}
{{- with .Values.extraEnv }}
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: /home/recipya/.config/Recipya
{{- with .Values.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "recipya.fullname" . }}-data
- name: init-script
configMap:
name: {{ include "recipya.fullname" . }}-init-script
defaultMode: 0755
{{- with .Values.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

43
charts/recipya/templates/ingress.yaml Normal file
View File

@ -0,0 +1,43 @@
{{- if .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "recipya.fullname" . }}
labels:
{{- include "recipya.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
{{- if .secretName }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "recipya.fullname" $ }}
port:
number: {{ $.Values.service.port }}
{{- end }}
{{- end }}
{{- end }}

24
charts/recipya/templates/pvc.yaml Normal file
View File

@ -0,0 +1,24 @@
{{- if .Values.persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "recipya.fullname" . }}-data
labels:
{{- include "recipya.labels" . | nindent 4 }}
annotations:
{{- if .Values.persistence.retain }}
"helm.sh/resource-policy": keep
{{- end }}
{{- with .Values.persistence.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
{{- if .Values.persistence.storageClass }}
storageClassName: {{ .Values.persistence.storageClass | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- end }}

28
charts/recipya/templates/secret.yaml Normal file
View File

@ -0,0 +1,28 @@
{{- $createSecret := or (and (not .Values.config.email.existingSecret) (or .Values.config.email.address .Values.config.email.sendgrid)) (and (not .Values.config.documentIntelligence.existingSecret) (or .Values.config.documentIntelligence.endpoint .Values.config.documentIntelligence.key)) -}}
{{- if $createSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "recipya.fullname" . }}-secrets
labels:
{{- include "recipya.labels" . | nindent 4 }}
type: Opaque
data:
{{- if not .Values.config.email.existingSecret }}
{{- if .Values.config.email.address }}
{{ .Values.config.email.addressKey }}: {{ .Values.config.email.address | b64enc }}
{{- end }}
{{- if .Values.config.email.sendgrid }}
{{ .Values.config.email.sendgridKey }}: {{ .Values.config.email.sendgrid | b64enc }}
{{- end }}
{{- end }}
{{- if not .Values.config.documentIntelligence.existingSecret }}
{{- if .Values.config.documentIntelligence.endpoint }}
{{ .Values.config.documentIntelligence.endpointKey }}: {{ .Values.config.documentIntelligence.endpoint | b64enc }}
{{- end }}
{{- if .Values.config.documentIntelligence.key }}
{{ .Values.config.documentIntelligence.keyKey }}: {{ .Values.config.documentIntelligence.key | b64enc }}
{{- end }}
{{- end }}
{{- end }}

15
charts/recipya/templates/service.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "recipya.fullname" . }}
labels:
{{- include "recipya.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "recipya.selectorLabels" . | nindent 4 }}

133
charts/recipya/values.yaml Normal file
View File

@ -0,0 +1,133 @@
# Default values for recipya.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
revisionHistoryLimit: 3
image:
repository: reaper99/recipya
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: "v1.2.2"
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
# Security context for the pod
podSecurityContext:
fsGroup: 1000
containerSecurityContext: {}
# Service configuration
service:
type: ClusterIP
port: 8078
# Recipya configuration
config:
email:
address: ""
sendgrid: ""
existingSecret: ""
addressKey: "email"
sendgridKey: "sendgrid"
documentIntelligence:
endpoint: ""
key: ""
existingSecret: ""
endpointKey: "di_endpoint"
keyKey: "di_key"
server:
port: 8078
autologin: false
is_demo: false
is_prod: true
no_signups: false
url: "http://0.0.0.0"
# Ingress configuration
ingress:
enabled: true
className: "traefik"
annotations: []
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
# traefik.ingress.kubernetes.io/router.middlewares: default-recipya-headers@kubernetescrd
hosts:
- host: recipya.<domain>
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
# Persistent volume claim
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 5Gi
storageClass: ""
annotations: {}
retain: true
# Resource limits and requests
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
# Node selector
nodeSelector: {}
# Tolerations
tolerations: []
# Affinity
affinity: {}
# Additional pod annotations
podAnnotations: {}
# Startup arguments
startupArgs: []
# Additional environment variables
env: []
# Extra environment variables
extraEnv: []
# Extra volume mounts
extraVolumeMounts: []
# Extra volumes
extraVolumes: []
# Probes configuration
probes:
liveness:
enabled: true
path: /
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readiness:
enabled: true
path: /
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1