├── charts ├── coturn │ ├── templates │ │ ├── NOTES.txt │ │ ├── serviceaccount.yaml │ │ ├── service.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── hpa.yaml │ │ ├── ingress.yaml │ │ ├── _helpers.tpl │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── reticulum │ ├── templates │ │ ├── configmap.yaml │ │ ├── serviceaccount.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── service.yaml │ │ ├── persistentvolumeclaim.yaml │ │ ├── hpa.yaml │ │ ├── persistentvolume.yaml │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── ingress.yaml │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── haproxy │ ├── templates │ │ ├── configmap.yaml │ │ ├── configmap-tcp.yaml │ │ ├── clusterrole.yaml │ │ ├── serviceaccount.yaml │ │ ├── lb-service.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── clusterrolebinding.yaml │ │ ├── hpa.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── photomnemonic │ ├── templates │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── hpa.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── nearspark │ ├── templates │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── ingress.yaml │ │ ├── hpa.yaml │ │ ├── NOTES.txt │ │ ├── deployment.yaml │ │ └── _helpers.tpl │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── pgsql │ ├── templates │ │ ├── persistentvolumeclaim.yaml │ │ ├── serviceaccount.yaml │ │ ├── service.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── persistentvolume.yaml │ │ ├── hpa.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── dialog │ ├── templates │ │ ├── serviceaccount.yaml │ │ ├── service.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── ingress.yaml │ │ ├── hpa.yaml │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── spoke │ ├── templates │ │ ├── serviceaccount.yaml │ │ ├── service.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── hpa.yaml │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── ingress.yaml │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── pgbouncer │ ├── templates │ │ ├── serviceaccount.yaml │ │ ├── service.yaml │ │ ├── tests │ │ │ └── test-connection.yaml │ │ ├── hpa.yaml │ │ ├── ingress.yaml │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml └── pgbouncer-t │ ├── templates │ ├── serviceaccount.yaml │ ├── service.yaml │ ├── tests │ │ └── test-connection.yaml │ ├── hpa.yaml │ ├── ingress.yaml │ ├── NOTES.txt │ ├── _helpers.tpl │ └── deployment.yaml │ ├── .helmignore │ ├── Chart.yaml │ └── values.yaml ├── .gitignore ├── templates ├── configs-secret.yaml ├── secret.yaml ├── namespace.yaml ├── serviceaccount.yaml ├── service.yaml ├── tests │ └── test-connection.yaml ├── storage-class.yaml ├── NOTES.txt ├── hpa.yaml ├── ingress.yaml ├── certificate.yaml ├── _helpers.tpl └── deployment.yaml ├── .helmignore ├── default-aws-efs-csi-driver-trust-policy.json ├── LICENSE ├── Chart.yaml ├── Readme.md ├── render_helm.sh ├── Readme.aws.md ├── values.aws.yaml ├── values.gcp.yaml ├── values.yaml └── values.scale.yaml /charts/coturn/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.pem 2 | config.yaml 3 | values-*.yaml 4 | *.json 5 | aws*.yaml 6 | !default-aws-efs-csi-driver-trust-policy.json -------------------------------------------------------------------------------- /templates/configs-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configs.enabled }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: configs 6 | labels: 7 | {{- include "hubs-ce.labels" . | nindent 4 }} 8 | stringData: 9 | {{- toYaml .Values.configs.data | nindent 2 }} 10 | 11 | {{- end}} -------------------------------------------------------------------------------- /templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.defaultCert.enabled }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ .Values.defaultCert.name }} 6 | labels: 7 | {{- include "hubs-ce.labels" . | nindent 4 }} 8 | data: 9 | {{- toYaml .Values.defaultCert.data | nindent 4 }} 10 | {{- end}} -------------------------------------------------------------------------------- /charts/reticulum/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.config.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ .Values.config.name }} 6 | labels: 7 | {{- include "reticulum.labels" . | nindent 4 }} 8 | data: 9 | {{- toYaml .Values.config.data | nindent 2 }} 10 | {{- end }} -------------------------------------------------------------------------------- /charts/haproxy/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.config.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | 5 | metadata: 6 | name: {{ .Chart.Name }}-config 7 | labels: 8 | {{- include "haproxy.labels" . | nindent 4 }} 9 | data: 10 | {{- toYaml .Values.config.data | nindent 2 }} 11 | 12 | {{- end }} -------------------------------------------------------------------------------- /charts/haproxy/templates/configmap-tcp.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configTCP.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | 5 | metadata: 6 | name: {{ .Chart.Name }}-tcp-config 7 | labels: 8 | {{- include "haproxy.labels" . | nindent 4 }} 9 | data: 10 | 5349: {{ .Release.Namespace }}/coturn:5349 11 | {{- end}} -------------------------------------------------------------------------------- /charts/haproxy/templates/clusterrole.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.clusterRole.create }} 2 | kind: ClusterRole 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: {{ .Values.clusterRole.name }} 6 | labels: 7 | {{- include "haproxy.labels" . | nindent 4 }} 8 | rules: 9 | {{- toYaml .Values.clusterRole.rules | nindent 2 }} 10 | 11 | {{- end }} -------------------------------------------------------------------------------- /templates/namespace.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ns.enabled }} 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: {{ .Values.ns.name }} 6 | labels: 7 | {{- include "hubs-ce.labels" . | nindent 4 }} 8 | annotations: 9 | {{- include "hubs-ce.annotations" . | nindent 4 }} 10 | {{- include ".Values.ns.annotations" . | nindent 4 }} 11 | 12 | {{- end }} -------------------------------------------------------------------------------- /charts/photomnemonic/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Chart.Name }} 5 | labels: 6 | {{- include "photomnemonic.labels" . | nindent 4 }} 7 | spec: 8 | ports: 9 | - port: 5000 10 | targetPort: 5000 11 | name: photomnemonic 12 | selector: 13 | {{- include "photomnemonic.selectorLabels" . | nindent 4 }} 14 | -------------------------------------------------------------------------------- /charts/nearspark/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: nearspark 5 | labels: 6 | {{- include "nearspark.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - name: http 11 | port: 5000 12 | targetPort: 5000 13 | selector: 14 | {{- include "nearspark.selectorLabels" . | nindent 4 }} 15 | -------------------------------------------------------------------------------- /templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "hubs-ce.serviceAccountName" . }} 6 | labels: 7 | {{- include "hubs-ce.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/pgsql/templates/persistentvolumeclaim.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.global.aws.efs.enabled}} 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: {{ include "pgsql.fullname" . }}-efs-claim 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: {{ .Release.Name }}-efs-storage-class 10 | resources: 11 | requests: 12 | storage: 5Gi 13 | 14 | {{- end}} -------------------------------------------------------------------------------- /charts/coturn/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "coturn.serviceAccountName" . }} 6 | labels: 7 | {{- include "coturn.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/dialog/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "dialog.serviceAccountName" . }} 6 | labels: 7 | {{- include "dialog.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/pgsql/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "pgsql.serviceAccountName" . }} 6 | labels: 7 | {{- include "pgsql.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/spoke/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "spoke.serviceAccountName" . }} 6 | labels: 7 | {{- include "spoke.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/haproxy/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "haproxy.serviceAccountName" . }} 6 | labels: 7 | {{- include "haproxy.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: hubs 5 | labels: 6 | {{- include "hubs-ce.labels" . | nindent 4 }} 7 | annotations: 8 | haproxy.org/server-ssl: "true" 9 | spec: 10 | clusterIP: None 11 | ports: 12 | - name: https-hubs 13 | port: 8080 14 | targetPort: 8080 15 | selector: 16 | {{- include "hubs-ce.selectorLabels" . | nindent 4 }} 17 | -------------------------------------------------------------------------------- /charts/nearspark/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "nearspark.serviceAccountName" . }} 6 | labels: 7 | {{- include "nearspark.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/pgbouncer/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "pgbouncer.serviceAccountName" . }} 6 | labels: 7 | {{- include "pgbouncer.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/reticulum/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "reticulum.serviceAccountName" . }} 6 | labels: 7 | {{- include "reticulum.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "pgbouncer-t.serviceAccountName" . }} 6 | labels: 7 | {{- include "pgbouncer-t.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/pgsql/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Chart.Name }} 5 | labels: 6 | {{- include "pgsql.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - name: postgresql 11 | protocol: TCP 12 | port: 5432 13 | targetPort: 5432 14 | selector: 15 | {{- include "pgsql.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /charts/coturn/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: coturn 5 | labels: 6 | {{- include "coturn.labels" . | nindent 4 }} 7 | spec: 8 | # {{- if .Values.service.type }}type: {{ .Values.service.type }}{{- end }} 9 | ports: 10 | - name: https-coturn 11 | port: 5349 12 | targetPort: 5349 13 | selector: 14 | {{- include "coturn.selectorLabels" . | nindent 4 }} 15 | -------------------------------------------------------------------------------- /charts/photomnemonic/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "photomnemonic.serviceAccountName" . }} 6 | labels: 7 | {{- include "photomnemonic.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.annotations }} 9 | annotations: 10 | {{- toYaml . | nindent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /charts/spoke/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Chart.Name }} 5 | labels: 6 | {{- include "spoke.labels" . | nindent 4 }} 7 | annotations: 8 | haproxy.org/server-ssl: "true" 9 | spec: 10 | clusterIP: None 11 | ports: 12 | - name: https-spoke 13 | port: 8080 14 | targetPort: 8080 15 | selector: 16 | {{- include "spoke.selectorLabels" . | nindent 4 }} 17 | -------------------------------------------------------------------------------- /charts/haproxy/templates/lb-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.LoadBalancer.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ .Chart.Name }}-lb 6 | labels: 7 | {{- include "haproxy.labels" . | nindent 4 }} 8 | spec: 9 | type: {{ .Values.LoadBalancer.type }} 10 | {{ .Values.LoadBalancer.spec | toYaml | nindent 2 }} 11 | selector: 12 | {{- include "haproxy.selectorLabels" . | nindent 4 }} 13 | 14 | {{- end }} -------------------------------------------------------------------------------- /charts/pgbouncer/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Chart.Name }} 5 | labels: 6 | {{- include "pgbouncer.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - name: http 11 | port: {{ .Values.service.port }} 12 | targetPort: {{ .Values.service.port }} 13 | selector: 14 | {{- include "pgbouncer.selectorLabels" . | nindent 4 }} 15 | -------------------------------------------------------------------------------- /charts/dialog/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Chart.Name }} 5 | labels: 6 | {{- include "dialog.labels" . | nindent 4 }} 7 | spec: 8 | clusterIP: None 9 | ports: 10 | - name: https-dialog 11 | port: 4443 12 | targetPort: 4443 13 | - name: https-dialog-adm 14 | port: 7000 15 | targetPort: 7000 16 | selector: 17 | {{- include "dialog.selectorLabels" . | nindent 4 }} 18 | -------------------------------------------------------------------------------- /.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/coturn/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/dialog/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/haproxy/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/nearspark/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ .Chart.Name }} 5 | labels: 6 | {{- include "pgbouncer-t.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: {{ .Values.service.port }} 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "pgbouncer-t.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /charts/pgbouncer/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/pgsql/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/reticulum/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/spoke/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "hubs-ce.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "hubs-ce.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "hubs-ce.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/pgsql/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "pgsql.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "pgsql.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "pgsql.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/photomnemonic/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/spoke/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "spoke.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "spoke.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "spoke.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/coturn/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "coturn.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "coturn.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "coturn.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/dialog/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "dialog.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "dialog.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "dialog.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/haproxy/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "haproxy.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "haproxy.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "haproxy.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/nearspark/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "nearspark.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "nearspark.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "nearspark.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/pgbouncer/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "pgbouncer.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "pgbouncer.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "pgbouncer.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/reticulum/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "reticulum.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "reticulum.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "reticulum.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "pgbouncer-t.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "pgbouncer-t.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "pgbouncer-t.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/reticulum/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: ret 5 | labels: 6 | {{- include "reticulum.labels" . | nindent 4 }} 7 | spec: 8 | # type: {{ .Values.service.type }} 9 | clusterIP: None 10 | ports: 11 | - name: http-reticulum 12 | port: 4001 13 | targetPort: 4001 14 | - name: https-reticulum 15 | port: 4000 16 | targetPort: 4000 17 | selector: 18 | {{- include "reticulum.selectorLabels" . | nindent 4 }} 19 | -------------------------------------------------------------------------------- /charts/photomnemonic/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "photomnemonic.fullname" . }}-test-connection" 5 | labels: 6 | {{- include "photomnemonic.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "photomnemonic.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /charts/haproxy/templates/clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.clusterRoleBinding.create }} 2 | kind: ClusterRoleBinding 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: {{ .Values.clusterRoleBinding.name }} 6 | labels: 7 | {{- include "haproxy.labels" . | nindent 4 }} 8 | roleRef: 9 | apiGroup: rbac.authorization.k8s.io 10 | kind: ClusterRole 11 | name: haproxy-cr 12 | subjects: 13 | - kind: ServiceAccount 14 | name: haproxy-sa 15 | namespace: {{ .Release.Namespace }} 16 | {{- end }} -------------------------------------------------------------------------------- /charts/pgsql/templates/persistentvolume.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.global.aws.efs.enabled}} 2 | apiVersion: v1 3 | kind: PersistentVolume 4 | metadata: 5 | name: {{ include "pgsql.fullname" . }}-efs-pv 6 | spec: 7 | capacity: 8 | storage: 5Gi 9 | volumeMode: Filesystem 10 | accessModes: 11 | - ReadWriteMany 12 | storageClassName: {{ .Release.Name }}-efs-storage-class 13 | persistentVolumeReclaimPolicy: Retain 14 | csi: 15 | driver: efs.csi.aws.com 16 | volumeHandle: {{ .Values.global.aws.efs.fileSystemId }} 17 | {{- end}} -------------------------------------------------------------------------------- /default-aws-efs-csi-driver-trust-policy.json: -------------------------------------------------------------------------------- 1 | { 2 | "Version": "2012-10-17", 3 | "Statement": [ 4 | { 5 | "Effect": "Allow", 6 | "Principal": { 7 | "Federated": "arn:aws:iam::{ACCOUNT-NUMBER}:oidc-provider/oidc.eks.{region-code}.amazonaws.com/id/0CXXXXXXXXXXXXXXXXXXXXX" 8 | }, 9 | "Action": "sts:AssumeRoleWithWebIdentity", 10 | "Condition": { 11 | "StringLike": { 12 | "oidc.eks.{region-code}.amazonaws.com/id/0CXXXXXXXXXXXXXXXXXXXXX:sub": "system:serviceaccount:kube-system:efs-csi-*", 13 | "oidc.eks.{region-code}.amazonaws.com/id/0CXXXXXXXXXXXXXXXXXXXXX:aud": "sts.amazonaws.com" 14 | } 15 | } 16 | } 17 | ] 18 | } -------------------------------------------------------------------------------- /templates/storage-class.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.global.aws.efs.enabled}} 2 | kind: StorageClass 3 | apiVersion: storage.k8s.io/v1 4 | metadata: 5 | name: {{ .Release.Name }}-efs-storage-class 6 | provisioner: efs.csi.aws.com 7 | {{- if .Values.global.aws.efs.isDynamicProvisioning}} 8 | parameters: 9 | provisioningMode: efs-ap 10 | fileSystemId: {{ .Values.global.aws.efs.fileSystemId }} 11 | directoryPerms: "700" 12 | {{- end}} 13 | {{- else if .Values.global.gcp.persistent.enabled}} 14 | apiVersion: storage.k8s.io/v1 15 | kind: StorageClass 16 | metadata: 17 | name: {{ .Release.Name }}-filestore-storage-class 18 | provisioner: filestore.csi.storage.gke.io 19 | volumeBindingMode: Immediate 20 | allowVolumeExpansion: true 21 | parameters: 22 | tier: standard 23 | network: default 24 | {{- end}} -------------------------------------------------------------------------------- /charts/reticulum/templates/persistentvolumeclaim.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.global.aws.efs.enabled}} 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: {{ include "reticulum.fullname" . }}-efs-claim 6 | spec: 7 | accessModes: 8 | - ReadWriteMany 9 | storageClassName: {{ .Release.Name }}-efs-storage-class 10 | resources: 11 | requests: 12 | storage: 5Gi 13 | {{- else if .Values.global.gcp.persistent.enabled}} 14 | apiVersion: v1 15 | kind: PersistentVolumeClaim 16 | metadata: 17 | name: {{ include "reticulum.fullname" . }}-gcp-claim 18 | spec: 19 | storageClassName: {{ .Release.Name }}-gcp-storage-class 20 | accessModes: 21 | - ReadWriteMany 22 | storageClassName: {{ .Release.Name }}-filestore-storage-class 23 | resources: 24 | requests: 25 | storage: {{ .Values.global.gcp.persistent.storage }} 26 | {{- end}} -------------------------------------------------------------------------------- /templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | DNS: Replace the values of all four records with your instance's external IP address. These should be: 2 |   3 |  assets. 4 |  stream. 5 |  cors. 6 | 7 | Ports: 8 | Ensure these ports are open to the worker nodes: 9 | * TCP: 80, 443, 4443, 5349 10 | * UDP: 35000 -> 60000 11 | 12 | Get the application URL by running these commands: 13 | You can watch the status of by running "kubectl get --namespace {{ .Release.Namespace }} svc -w haproxy-lb" 14 | 15 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. Once dns is setup the hub ce stack should come online at your  16 | You can get the external-ip by running "kubectl get --namespace {{ .Release.Namespace }} svc -w haproxy-lb --output jsonpath='{.status.loadBalancer.ingress[0].hostname}'" 17 | Get all pods "kubectl get pods --namespace {{ .Release.Namespace }}'" 18 | -------------------------------------------------------------------------------- /charts/nearspark/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "nearspark.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "nearspark.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | tls: 20 | - hosts: 21 | - cors.{{ .Values.global.domain }} 22 | secretName: cert-cors.{{ .Values.global.domain }} 23 | rules: 24 | - host: cors.{{ .Values.global.domain }} 25 | http: 26 | paths: 27 | - path: /nearspark 28 | pathType: Prefix 29 | backend: 30 | service: 31 | name: nearspark 32 | port: 33 | number: 5000 34 | {{- end }} 35 | -------------------------------------------------------------------------------- /charts/dialog/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "dialog.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "dialog.labels" . | nindent 4 }} 14 | annotations: 15 | kubernetes.io/ingress.class: haproxy 16 | haproxy.org/server-ssl: "true" 17 | haproxy.org/load-balance: "url_param roomId" 18 | spec: 19 | tls: 20 | - hosts: 21 | - stream.{{ .Values.global.domain }} 22 | secretName: cert-stream.{{ .Values.global.domain }} 23 | rules: 24 | - host: stream.{{ .Values.global.domain }} 25 | http: 26 | paths: 27 | - path: / 28 | pathType: Prefix 29 | backend: 30 | service: 31 | name: dialog 32 | port: 33 | number: 4443 34 | 35 | {{- end }} 36 | -------------------------------------------------------------------------------- /templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "hubs-ce.fullname" . }} 6 | labels: 7 | {{- include "hubs-ce.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "hubs-ce.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/pgsql/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "pgsql.fullname" . }} 6 | labels: 7 | {{- include "pgsql.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "pgsql.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/spoke/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "spoke.fullname" . }} 6 | labels: 7 | {{- include "spoke.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "spoke.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/coturn/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "coturn.fullname" . }} 6 | labels: 7 | {{- include "coturn.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "coturn.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/dialog/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "dialog.fullname" . }} 6 | labels: 7 | {{- include "dialog.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "dialog.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2023 Alex Griggs 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. -------------------------------------------------------------------------------- /charts/haproxy/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "haproxy.fullname" . }} 6 | labels: 7 | {{- include "haproxy.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "haproxy.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/nearspark/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "nearspark.fullname" . }} 6 | labels: 7 | {{- include "nearspark.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "nearspark.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/pgbouncer/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "pgbouncer.fullname" . }} 6 | labels: 7 | {{- include "pgbouncer.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "pgbouncer.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/reticulum/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "reticulum.fullname" . }} 6 | labels: 7 | {{- include "reticulum.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "reticulum.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "pgbouncer-t.fullname" . }} 6 | labels: 7 | {{- include "pgbouncer-t.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "pgbouncer-t.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/photomnemonic/templates/hpa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.autoscaling.enabled }} 2 | apiVersion: {{ ternary "autoscaling/v2" "autoscaling/v2beta2" (.Capabilities.APIVersions.Has "autoscaling/v2") }} 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: {{ include "photomnemonic.fullname" . }} 6 | labels: 7 | {{- include "photomnemonic.labels" . | nindent 4 }} 8 | spec: 9 | scaleTargetRef: 10 | apiVersion: apps/v1 11 | kind: Deployment 12 | name: {{ include "photomnemonic.fullname" . }} 13 | minReplicas: {{ .Values.autoscaling.minReplicas }} 14 | maxReplicas: {{ .Values.autoscaling.maxReplicas }} 15 | metrics: 16 | {{- with .Values.autoscaling.targetMemoryUtilizationPercentage }} 17 | - type: Resource 18 | resource: 19 | name: memory 20 | target: 21 | type: Utilization 22 | averageUtilization: {{ . }} 23 | {{- end }} 24 | {{- with .Values.autoscaling.targetCPUUtilizationPercentage }} 25 | - type: Resource 26 | resource: 27 | name: cpu 28 | target: 29 | type: Utilization 30 | averageUtilization: {{ . }} 31 | {{- end }} 32 | {{- end }} 33 | -------------------------------------------------------------------------------- /charts/coturn/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: coturn 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/dialog/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: dialog 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/pgsql/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: pgsql 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/spoke/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: spoke 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/haproxy/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: haproxy 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/nearspark/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: nearspark 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/pgbouncer/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: pgbouncer 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/reticulum/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: reticulum 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: pgbouncer-t 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/photomnemonic/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: photomnemonic 3 | description: A Helm chart for Kubernetes 4 | 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 0.1.0 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.16.0 24 | -------------------------------------------------------------------------------- /charts/reticulum/templates/persistentvolume.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.global.aws.efs.enabled}} 2 | apiVersion: v1 3 | kind: PersistentVolume 4 | metadata: 5 | name: {{ include "reticulum.fullname" . }}-efs-pv 6 | spec: 7 | capacity: 8 | storage: 5Gi 9 | volumeMode: Filesystem 10 | accessModes: 11 | - ReadWriteMany 12 | storageClassName: {{ .Release.Name }}-efs-storage-class 13 | persistentVolumeReclaimPolicy: Retain 14 | csi: 15 | driver: efs.csi.aws.com 16 | volumeHandle: {{ .Values.global.aws.efs.fileSystemId }} 17 | {{- else if .Values.global.gcp.persistent.enabled}} 18 | apiVersion: v1 19 | kind: PersistentVolume 20 | metadata: 21 | name: {{ include "reticulum.fullname" . }}-filestore-pv 22 | spec: 23 | storageClassName: {{ .Release.Name }}-filestore-storage-class 24 | capacity: 25 | storage: {{ .Values.global.gcp.persistent.storage }} 26 | accessModes: 27 | - ReadWriteMany 28 | persistentVolumeReclaimPolicy: Retain 29 | volumeMode: Filesystem 30 | csi: 31 | driver: filestore.csi.storage.gke.io 32 | volumeHandle: {{ .Values.global.gcp.persistent.volumeHandle }} 33 | volumeAttributes: 34 | ip: {{ .Values.global.gcp.persistent.volumeAttributes.ip }} 35 | volume: {{ .Values.global.gcp.persistent.volumeAttributes.volumeName }} 36 | {{- end}} -------------------------------------------------------------------------------- /charts/coturn/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "coturn.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "coturn.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ . }} 36 | pathType: ImplementationSpecific 37 | backend: 38 | service: 39 | name: {{ $fullName }} 40 | port: 41 | number: {{ $svcPort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/pgsql/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "pgsql.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "pgsql.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ . }} 36 | pathType: ImplementationSpecific 37 | backend: 38 | service: 39 | name: {{ $fullName }} 40 | port: 41 | number: {{ $svcPort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/haproxy/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "haproxy.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "haproxy.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ . }} 36 | pathType: ImplementationSpecific 37 | backend: 38 | service: 39 | name: {{ $fullName }} 40 | port: 41 | number: {{ $svcPort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/pgbouncer/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "pgbouncer.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "pgbouncer.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ . }} 36 | pathType: ImplementationSpecific 37 | backend: 38 | service: 39 | name: {{ $fullName }} 40 | port: 41 | number: {{ $svcPort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "pgbouncer-t.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "pgbouncer-t.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ . }} 36 | pathType: ImplementationSpecific 37 | backend: 38 | service: 39 | name: {{ $fullName }} 40 | port: 41 | number: {{ $svcPort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /charts/photomnemonic/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "photomnemonic.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "photomnemonic.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | {{- if .Values.ingress.tls }} 20 | tls: 21 | {{- range .Values.ingress.tls }} 22 | - hosts: 23 | {{- range .hosts }} 24 | - {{ . | quote }} 25 | {{- end }} 26 | secretName: {{ .secretName }} 27 | {{- end }} 28 | {{- end }} 29 | rules: 30 | {{- range .Values.ingress.hosts }} 31 | - host: {{ .host | quote }} 32 | http: 33 | paths: 34 | {{- range .paths }} 35 | - path: {{ . }} 36 | pathType: ImplementationSpecific 37 | backend: 38 | service: 39 | name: {{ $fullName }} 40 | port: 41 | number: {{ $svcPort }} 42 | {{- end }} 43 | {{- end }} 44 | {{- end }} 45 | -------------------------------------------------------------------------------- /Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: hubs-ce 3 | description: A Helm chart for setting up Mozilla Hubs on Kubernetes 4 | icon: https://hubs.mozilla.com/favicon.ico 5 | # A chart can be either an 'application' or a 'library' chart. 6 | # 7 | # Application charts are a collection of templates that can be packaged into versioned archives 8 | # to be deployed. 9 | # 10 | # Library charts provide useful utilities or functions for the chart developer. They're included as 11 | # a dependency of application charts to inject those utilities and functions into the rendering 12 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 13 | type: application 14 | 15 | # This is the chart version. This version number should be incremented each time you make changes 16 | # to the chart and its templates, including the app version. 17 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 18 | version: 1.3.0-beta 19 | 20 | # This is the version number of the application being deployed. This version number should be 21 | # incremented each time you make changes to the application. Versions are not expected to 22 | # follow Semantic Versioning. They should reflect the version the application is using. 23 | appVersion: 1.0.0-ce 24 | 25 | maintainers: 26 | - name: Alex Griggs 27 | email: alex.griggs@gmail.com 28 | 29 | dependencies: 30 | - name: pgsql 31 | condition: pgsql.enabled -------------------------------------------------------------------------------- /templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "hubs-ce.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "hubs-ce.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | tls: 20 | - hosts: 21 | - assets.{{ .Values.global.domain }} 22 | secretName: cert-assets.{{ .Values.global.domain }} 23 | - hosts: 24 | - cors.{{ .Values.global.domain }} 25 | secretName: cert-cors.{{ .Values.global.domain }} 26 | rules: 27 | - host: assets.{{ .Values.global.domain }} 28 | http: 29 | paths: 30 | - path: /hubs 31 | pathType: Prefix 32 | backend: 33 | service: 34 | name: hubs 35 | port: 36 | number: 8080 37 | - host: cors.{{ .Values.global.domain }} 38 | http: 39 | paths: 40 | - path: /hubs 41 | pathType: Prefix 42 | backend: 43 | service: 44 | name: hubs 45 | port: 46 | number: 8080 47 | {{- end }} 48 | -------------------------------------------------------------------------------- /templates/certificate.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.certs.enabled }} 2 | # cert-{{ .Values.global.domain }} 3 | apiVersion: cert-manager.io/v1 4 | kind: Certificate 5 | metadata: 6 | name: cert-{{ .Values.global.domain }} 7 | spec: 8 | secretName: cert-{{ .Values.global.domain }} 9 | issuerRef: 10 | name: letsencrypt-issuer 11 | kind: ClusterIssuer 12 | commonName: {{ .Values.global.domain }} 13 | dnsNames: 14 | - {{ .Values.global.domain }} 15 | --- 16 | # cert-assets.{{ .Values.global.domain }} 17 | apiVersion: cert-manager.io/v1 18 | kind: Certificate 19 | metadata: 20 | name: cert-assets.{{ .Values.global.domain }} 21 | spec: 22 | secretName: cert-assets.{{ .Values.global.domain }} 23 | issuerRef: 24 | name: letsencrypt-issuer 25 | kind: ClusterIssuer 26 | commonName: assets.{{ .Values.global.domain }} 27 | dnsNames: 28 | - assets.{{ .Values.global.domain }} 29 | --- 30 | # cert-stream.{{ .Values.global.domain }} 31 | apiVersion: cert-manager.io/v1 32 | kind: Certificate 33 | metadata: 34 | name: cert-stream.{{ .Values.global.domain }} 35 | spec: 36 | secretName: cert-stream.{{ .Values.global.domain }} 37 | issuerRef: 38 | name: letsencrypt-issuer 39 | kind: ClusterIssuer 40 | commonName: stream.{{ .Values.global.domain }} 41 | dnsNames: 42 | - stream.{{ .Values.global.domain }} 43 | --- 44 | # cert-cors.{{ .Values.global.domain }} 45 | apiVersion: cert-manager.io/v1 46 | kind: Certificate 47 | metadata: 48 | name: cert-cors.{{ .Values.global.domain }} 49 | spec: 50 | secretName: cert-cors.{{ .Values.global.domain }} 51 | issuerRef: 52 | name: letsencrypt-issuer 53 | kind: ClusterIssuer 54 | commonName: cors.{{ .Values.global.domain }} 55 | dnsNames: 56 | - cors.{{ .Values.global.domain }} 57 | --- 58 | {{ end }} -------------------------------------------------------------------------------- /charts/pgsql/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pgsql.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pgsql.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pgsql.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pgsql.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/spoke/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "spoke.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "spoke.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "spoke.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "spoke.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/dialog/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "dialog.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "dialog.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "dialog.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "dialog.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/haproxy/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "haproxy.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "haproxy.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "haproxy.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "haproxy.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/nearspark/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nearspark.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "nearspark.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "nearspark.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "nearspark.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/pgbouncer/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pgbouncer.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pgbouncer.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pgbouncer.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pgbouncer.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/reticulum/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "reticulum.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "reticulum.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "reticulum.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "reticulum.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pgbouncer-t.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pgbouncer-t.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pgbouncer-t.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pgbouncer-t.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /charts/photomnemonic/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | 1. Get the application URL by running these commands: 2 | {{- if .Values.ingress.enabled }} 3 | {{- range $host := .Values.ingress.hosts }} 4 | {{- range .paths }} 5 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} 6 | {{- end }} 7 | {{- end }} 8 | {{- else if contains "NodePort" .Values.service.type }} 9 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "photomnemonic.fullname" . }}) 10 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 11 | echo http://$NODE_IP:$NODE_PORT 12 | {{- else if contains "LoadBalancer" .Values.service.type }} 13 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 14 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "photomnemonic.fullname" . }}' 15 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "photomnemonic.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 16 | echo http://$SERVICE_IP:{{ .Values.service.port }} 17 | {{- else if contains "ClusterIP" .Values.service.type }} 18 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "photomnemonic.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 19 | export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") 20 | echo "Visit http://127.0.0.1:8080 to use your application" 21 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT 22 | {{- end }} 23 | -------------------------------------------------------------------------------- /templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "hubs-ce.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "hubs-ce.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "hubs-ce.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "hubs-ce.labels" -}} 37 | helm.sh/chart: {{ include "hubs-ce.chart" . }} 38 | {{ include "hubs-ce.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "hubs-ce.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "hubs-ce.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | 53 | {{/* 54 | Create the name of the service account to use 55 | */}} 56 | {{- define "hubs-ce.serviceAccountName" -}} 57 | {{- if .Values.serviceAccount.create }} 58 | {{- default (include "hubs-ce.fullname" .) .Values.serviceAccount.name }} 59 | {{- else }} 60 | {{- default "default" .Values.serviceAccount.name }} 61 | {{- end }} 62 | {{- end }} 63 | -------------------------------------------------------------------------------- /charts/pgsql/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "pgsql.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "pgsql.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "pgsql.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "pgsql.labels" -}} 37 | helm.sh/chart: {{ include "pgsql.chart" . }} 38 | {{ include "pgsql.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "pgsql.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "pgsql.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "pgsql.name" . }} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "pgsql.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create }} 59 | {{- default (include "pgsql.fullname" .) .Values.serviceAccount.name }} 60 | {{- else }} 61 | {{- default "default" .Values.serviceAccount.name }} 62 | {{- end }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/spoke/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "spoke.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "spoke.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "spoke.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "spoke.labels" -}} 37 | helm.sh/chart: {{ include "spoke.chart" . }} 38 | {{ include "spoke.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "spoke.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "spoke.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "spoke.name" . }} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "spoke.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create }} 59 | {{- default (include "spoke.fullname" .) .Values.serviceAccount.name }} 60 | {{- else }} 61 | {{- default "default" .Values.serviceAccount.name }} 62 | {{- end }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/nearspark/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "nearspark.fullname" . }} 5 | labels: 6 | {{- include "nearspark.labels" . | nindent 4 }} 7 | spec: 8 | {{- if not .Values.autoscaling.enabled }} 9 | replicas: {{ .Values.replicaCount }} 10 | {{- end }} 11 | selector: 12 | matchLabels: 13 | {{- include "nearspark.selectorLabels" . | nindent 6 }} 14 | template: 15 | metadata: 16 | {{- with .Values.podAnnotations }} 17 | annotations: 18 | {{- toYaml . | nindent 8 }} 19 | {{- end }} 20 | labels: 21 | {{- include "nearspark.selectorLabels" . | nindent 8 }} 22 | spec: 23 | {{- with .Values.imagePullSecrets }} 24 | imagePullSecrets: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | serviceAccountName: {{ include "nearspark.serviceAccountName" . }} 28 | securityContext: 29 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 30 | containers: 31 | - name: {{ .Chart.Name }} 32 | securityContext: 33 | {{- toYaml .Values.securityContext | nindent 12 }} 34 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 35 | imagePullPolicy: {{ .Values.image.pullPolicy }} 36 | ports: 37 | - containerPort: 5000 38 | # livenessProbe: 39 | # httpGet: 40 | # path: / 41 | # port: http 42 | # readinessProbe: 43 | # httpGet: 44 | # path: / 45 | # port: http 46 | resources: 47 | {{- toYaml .Values.resources | nindent 12 }} 48 | {{- with .Values.nodeSelector }} 49 | nodeSelector: 50 | {{- toYaml . | nindent 8 }} 51 | {{- end }} 52 | {{- with .Values.affinity }} 53 | affinity: 54 | {{- toYaml . | nindent 8 }} 55 | {{- end }} 56 | {{- with .Values.tolerations }} 57 | tolerations: 58 | {{- toYaml . | nindent 8 }} 59 | {{- end }} 60 | -------------------------------------------------------------------------------- /charts/reticulum/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "reticulum.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "reticulum.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "reticulum.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "reticulum.labels" -}} 37 | helm.sh/chart: {{ include "reticulum.chart" . }} 38 | {{ include "reticulum.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "reticulum.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "reticulum.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | 53 | {{/* 54 | Create the name of the service account to use 55 | */}} 56 | {{- define "reticulum.serviceAccountName" -}} 57 | {{- if .Values.serviceAccount.create }} 58 | {{- default (include "reticulum.fullname" .) .Values.serviceAccount.name }} 59 | {{- else }} 60 | {{- default "default" .Values.serviceAccount.name }} 61 | {{- end }} 62 | {{- end }} 63 | -------------------------------------------------------------------------------- /charts/coturn/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "coturn.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "coturn.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "coturn.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "coturn.labels" -}} 37 | helm.sh/chart: {{ include "coturn.chart" . }} 38 | {{ include "coturn.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "coturn.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "coturn.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "coturn.name" .}} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "coturn.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create }} 59 | {{- default (include "coturn.fullname" .) .Values.serviceAccount.name }} 60 | {{- else }} 61 | {{- default "default" .Values.serviceAccount.name }} 62 | {{- end }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/dialog/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "dialog.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "dialog.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "dialog.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "dialog.labels" -}} 37 | helm.sh/chart: {{ include "dialog.chart" . }} 38 | {{ include "dialog.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "dialog.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "dialog.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "dialog.name" . }} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "dialog.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create }} 59 | {{- default (include "dialog.fullname" .) .Values.serviceAccount.name }} 60 | {{- else }} 61 | {{- default "default" .Values.serviceAccount.name }} 62 | {{- end }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/nearspark/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "nearspark.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "nearspark.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "nearspark.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "nearspark.labels" -}} 37 | helm.sh/chart: {{ include "nearspark.chart" . }} 38 | {{ include "nearspark.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "nearspark.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "nearspark.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "nearspark.name" . }} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "nearspark.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create }} 59 | {{- default (include "nearspark.fullname" .) .Values.serviceAccount.name }} 60 | {{- else }} 61 | {{- default "default" .Values.serviceAccount.name }} 62 | {{- end }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/pgbouncer/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "pgbouncer.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "pgbouncer.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "pgbouncer.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "pgbouncer.labels" -}} 37 | helm.sh/chart: {{ include "pgbouncer.chart" . }} 38 | {{ include "pgbouncer.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "pgbouncer.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "pgbouncer.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "pgbouncer.name" . }} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "pgbouncer.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create }} 59 | {{- default (include "pgbouncer.fullname" .) .Values.serviceAccount.name }} 60 | {{- else }} 61 | {{- default "default" .Values.serviceAccount.name }} 62 | {{- end }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/photomnemonic/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "photomnemonic.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "photomnemonic.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "photomnemonic.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "photomnemonic.labels" -}} 37 | helm.sh/chart: {{ include "photomnemonic.chart" . }} 38 | {{ include "photomnemonic.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "photomnemonic.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "photomnemonic.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | {{- end }} 52 | 53 | {{/* 54 | Create the name of the service account to use 55 | */}} 56 | {{- define "photomnemonic.serviceAccountName" -}} 57 | {{- if .Values.serviceAccount.create }} 58 | {{- default (include "photomnemonic.fullname" .) .Values.serviceAccount.name }} 59 | {{- else }} 60 | {{- default "default" .Values.serviceAccount.name }} 61 | {{- end }} 62 | {{- end }} 63 | -------------------------------------------------------------------------------- /charts/haproxy/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "haproxy.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "haproxy.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "haproxy.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "haproxy.labels" -}} 37 | helm.sh/chart: {{ include "haproxy.chart" . }} 38 | {{ include "haproxy.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "haproxy.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "haproxy.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "haproxy.name" . }} 52 | name: {{ include "haproxy.name" . }} 53 | {{- end }} 54 | 55 | {{/* 56 | Create the name of the service account to use 57 | */}} 58 | {{- define "haproxy.serviceAccountName" -}} 59 | {{- if .Values.serviceAccount.create }} 60 | {{- default (include "haproxy.fullname" .) .Values.serviceAccount.name }} 61 | {{- else }} 62 | {{- default "default" .Values.serviceAccount.name }} 63 | {{- end }} 64 | {{- end }} 65 | -------------------------------------------------------------------------------- /charts/pgbouncer/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "pgbouncer.fullname" . }} 5 | labels: 6 | {{- include "pgbouncer.labels" . | nindent 4 }} 7 | spec: 8 | {{- if not .Values.autoscaling.enabled }} 9 | replicas: {{ .Values.replicaCount }} 10 | {{- end }} 11 | selector: 12 | matchLabels: 13 | {{- include "pgbouncer.selectorLabels" . | nindent 6 }} 14 | template: 15 | metadata: 16 | {{- with .Values.podAnnotations }} 17 | annotations: 18 | {{- toYaml . | nindent 8 }} 19 | {{- end }} 20 | labels: 21 | {{- include "pgbouncer.selectorLabels" . | nindent 8 }} 22 | spec: 23 | {{- with .Values.imagePullSecrets }} 24 | imagePullSecrets: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | serviceAccountName: {{ include "pgbouncer.serviceAccountName" . }} 28 | securityContext: 29 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 30 | containers: 31 | - name: pgbouncer 32 | securityContext: 33 | {{- toYaml .Values.securityContext | nindent 12 }} 34 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 35 | imagePullPolicy: {{ .Values.image.pullPolicy }} 36 | ports: 37 | - containerPort: 5432 38 | # livenessProbe: 39 | # httpGet: 40 | # path: / 41 | # port: http 42 | # readinessProbe: 43 | # httpGet: 44 | # path: / 45 | # port: http 46 | resources: 47 | {{- toYaml .Values.resources | nindent 12 }} 48 | env: 49 | {{- toYaml .Values.env | nindent 12 }} 50 | {{- with .Values.nodeSelector }} 51 | nodeSelector: 52 | {{- toYaml . | nindent 8 }} 53 | {{- end }} 54 | {{- with .Values.affinity }} 55 | affinity: 56 | {{- toYaml . | nindent 8 }} 57 | {{- end }} 58 | {{- with .Values.tolerations }} 59 | tolerations: 60 | {{- toYaml . | nindent 8 }} 61 | {{- end }} 62 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* 2 | Expand the name of the chart. 3 | */}} 4 | {{- define "pgbouncer-t.name" -}} 5 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} 6 | {{- end }} 7 | 8 | {{/* 9 | Create a default fully qualified app name. 10 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 11 | If release name contains chart name it will be used as a full name. 12 | */}} 13 | {{- define "pgbouncer-t.fullname" -}} 14 | {{- if .Values.fullnameOverride }} 15 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} 16 | {{- else }} 17 | {{- $name := default .Chart.Name .Values.nameOverride }} 18 | {{- if contains $name .Release.Name }} 19 | {{- .Release.Name | trunc 63 | trimSuffix "-" }} 20 | {{- else }} 21 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} 22 | {{- end }} 23 | {{- end }} 24 | {{- end }} 25 | 26 | {{/* 27 | Create chart name and version as used by the chart label. 28 | */}} 29 | {{- define "pgbouncer-t.chart" -}} 30 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} 31 | {{- end }} 32 | 33 | {{/* 34 | Common labels 35 | */}} 36 | {{- define "pgbouncer-t.labels" -}} 37 | helm.sh/chart: {{ include "pgbouncer-t.chart" . }} 38 | {{ include "pgbouncer-t.selectorLabels" . }} 39 | {{- if .Chart.AppVersion }} 40 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 41 | {{- end }} 42 | app.kubernetes.io/managed-by: {{ .Release.Service }} 43 | {{- end }} 44 | 45 | {{/* 46 | Selector labels 47 | */}} 48 | {{- define "pgbouncer-t.selectorLabels" -}} 49 | app.kubernetes.io/name: {{ include "pgbouncer-t.name" . }} 50 | app.kubernetes.io/instance: {{ .Release.Name }} 51 | app: {{ include "pgbouncer-t.name" . }} 52 | {{- end }} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "pgbouncer-t.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create }} 59 | {{- default (include "pgbouncer-t.fullname" .) .Values.serviceAccount.name }} 60 | {{- else }} 61 | {{- default "default" .Values.serviceAccount.name }} 62 | {{- end }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/spoke/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "spoke.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "spoke.labels" . | nindent 4 }} 14 | {{- with .Values.ingress.annotations }} 15 | annotations: 16 | {{- toYaml . | nindent 4 }} 17 | {{- end }} 18 | spec: 19 | # {{- if .Values.ingress.tls }} 20 | # tls: 21 | # {{- range .Values.ingress.tls }} 22 | # - hosts: 23 | # {{- range .hosts }} 24 | # - {{ . | quote }} 25 | # {{- end }} 26 | # secretName: {{ .secretName }} 27 | # {{- end }} 28 | # {{- end }} 29 | # rules: 30 | # {{- range .Values.ingress.hosts }} 31 | # - host: {{ .host | quote }} 32 | # http: 33 | # paths: 34 | # {{- range .paths }} 35 | # - path: {{ . }} 36 | # pathType: ImplementationSpecific 37 | # backend: 38 | # service: 39 | # name: {{ $fullName }} 40 | # port: 41 | # number: {{ $svcPort }} 42 | # {{- end }} 43 | # {{- end }} 44 | tls: 45 | - hosts: 46 | - assets.{{ .Values.global.domain }} 47 | secretName: cert-assets.{{ .Values.global.domain }} 48 | - hosts: 49 | - cors.{{ .Values.global.domain }} 50 | secretName: cert-cors.{{ .Values.global.domain }} 51 | rules: 52 | - host: assets.{{ .Values.global.domain }} 53 | http: 54 | paths: 55 | - path: /spoke 56 | pathType: Prefix 57 | backend: 58 | service: 59 | name: spoke 60 | port: 61 | number: 8080 62 | - host: cors.{{ .Values.global.domain }} 63 | http: 64 | paths: 65 | - path: /spoke 66 | pathType: Prefix 67 | backend: 68 | service: 69 | name: spoke 70 | port: 71 | number: 8080 72 | {{- end }} 73 | -------------------------------------------------------------------------------- /charts/photomnemonic/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "photomnemonic.fullname" . }} 5 | labels: 6 | {{- include "photomnemonic.labels" . | nindent 4 }} 7 | annotations: 8 | {{ .Values.annotations | toYaml | nindent 4 }} 9 | spec: 10 | {{- if not .Values.autoscaling.enabled }} 11 | replicas: {{ .Values.replicaCount }} 12 | {{- end }} 13 | selector: 14 | matchLabels: 15 | {{- include "photomnemonic.selectorLabels" . | nindent 6 }} 16 | template: 17 | metadata: 18 | {{- with .Values.podAnnotations }} 19 | annotations: 20 | {{- toYaml . | nindent 8 }} 21 | {{- end }} 22 | labels: 23 | {{- include "photomnemonic.selectorLabels" . | nindent 8 }} 24 | spec: 25 | {{- with .Values.imagePullSecrets }} 26 | imagePullSecrets: 27 | {{- toYaml . | nindent 8 }} 28 | {{- end }} 29 | serviceAccountName: {{ include "photomnemonic.serviceAccountName" . }} 30 | securityContext: 31 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 32 | containers: 33 | - name: {{ .Chart.Name }} 34 | securityContext: 35 | {{- toYaml .Values.securityContext | nindent 12 }} 36 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 37 | imagePullPolicy: {{ .Values.image.pullPolicy }} 38 | # ports: 39 | # - name: http 40 | # containerPort: 80 41 | # protocol: TCP 42 | # livenessProbe: 43 | # httpGet: 44 | # path: / 45 | # port: http 46 | # readinessProbe: 47 | # httpGet: 48 | # path: / 49 | # port: http 50 | resources: 51 | {{- toYaml .Values.resources | nindent 12 }} 52 | {{- with .Values.nodeSelector }} 53 | nodeSelector: 54 | {{- toYaml . | nindent 8 }} 55 | {{- end }} 56 | {{- with .Values.affinity }} 57 | affinity: 58 | {{- toYaml . | nindent 8 }} 59 | {{- end }} 60 | {{- with .Values.tolerations }} 61 | tolerations: 62 | {{- toYaml . | nindent 8 }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "pgbouncer-t.fullname" . }} 5 | labels: 6 | {{- include "pgbouncer-t.labels" . | nindent 4 }} 7 | spec: 8 | {{- if not .Values.autoscaling.enabled }} 9 | replicas: {{ .Values.replicaCount }} 10 | {{- end }} 11 | selector: 12 | matchLabels: 13 | {{- include "pgbouncer-t.selectorLabels" . | nindent 6 }} 14 | template: 15 | metadata: 16 | {{- with .Values.podAnnotations }} 17 | annotations: 18 | {{- toYaml . | nindent 8 }} 19 | {{- end }} 20 | labels: 21 | {{- include "pgbouncer-t.selectorLabels" . | nindent 8 }} 22 | spec: 23 | {{- with .Values.imagePullSecrets }} 24 | imagePullSecrets: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | serviceAccountName: {{ include "pgbouncer-t.serviceAccountName" . }} 28 | securityContext: 29 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 30 | containers: 31 | - name: {{ .Chart.Name }} 32 | securityContext: 33 | {{- toYaml .Values.securityContext | nindent 12 }} 34 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 35 | imagePullPolicy: {{ .Values.image.pullPolicy }} 36 | ports: 37 | - name: http 38 | containerPort: {{ .Values.service.port }} 39 | protocol: TCP 40 | # livenessProbe: 41 | # httpGet: 42 | # path: / 43 | # port: http 44 | # readinessProbe: 45 | # httpGet: 46 | # path: / 47 | # port: http 48 | resources: 49 | {{- toYaml .Values.resources | nindent 12 }} 50 | env: 51 | {{- toYaml .Values.env | nindent 12 }} 52 | {{- with .Values.nodeSelector }} 53 | nodeSelector: 54 | {{- toYaml . | nindent 8 }} 55 | {{- end }} 56 | {{- with .Values.affinity }} 57 | affinity: 58 | {{- toYaml . | nindent 8 }} 59 | {{- end }} 60 | {{- with .Values.tolerations }} 61 | tolerations: 62 | {{- toYaml . | nindent 8 }} 63 | {{- end }} 64 | -------------------------------------------------------------------------------- /charts/dialog/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for dialog. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: mozillareality/dialog 9 | pullPolicy: Always 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "stable-latest" 12 | 13 | env: 14 | - name: perms_key 15 | valueFrom: 16 | secretKeyRef: 17 | name: configs 18 | key: PERMS_KEY 19 | 20 | strategy: 21 | type: RollingUpdate 22 | rollingUpdate: 23 | maxUnavailable: 1 24 | maxSurge: 1 25 | 26 | hostNetwork: true 27 | 28 | imagePullSecrets: [] 29 | nameOverride: "" 30 | fullnameOverride: "" 31 | 32 | serviceAccount: 33 | # Specifies whether a service account should be created 34 | create: true 35 | # Annotations to add to the service account 36 | annotations: {} 37 | # The name of the service account to use. 38 | # If not set and create is true, a name is generated using the fullname template 39 | name: "" 40 | 41 | podAnnotations: {} 42 | 43 | podSecurityContext: {} 44 | # fsGroup: 2000 45 | 46 | securityContext: {} 47 | # capabilities: 48 | # drop: 49 | # - ALL 50 | # readOnlyRootFilesystem: true 51 | # runAsNonRoot: true 52 | # runAsUser: 1000 53 | 54 | service: 55 | type: ClusterIP 56 | port: 4443 57 | 58 | ingress: 59 | enabled: true 60 | 61 | resources: {} 62 | # We usually recommend not to specify default resources and to leave this as a conscious 63 | # choice for the user. This also increases chances charts run on environments with little 64 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 65 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 66 | # limits: 67 | # cpu: 100m 68 | # memory: 128Mi 69 | # requests: 70 | # cpu: 100m 71 | # memory: 128Mi 72 | 73 | autoscaling: 74 | enabled: false 75 | minReplicas: 1 76 | maxReplicas: 100 77 | targetCPUUtilizationPercentage: 80 78 | # targetMemoryUtilizationPercentage: 80 79 | 80 | nodeSelector: {} 81 | 82 | tolerations: [] 83 | 84 | affinity: {} 85 | 86 | annotations: 87 | cluster-autoscaler.kubernetes.io/safe-to-evict: "false" -------------------------------------------------------------------------------- /charts/photomnemonic/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for photomnemonic. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: mozillareality/photomnemonic 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "stable-latest" 12 | 13 | annotations: 14 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 15 | 16 | imagePullSecrets: [] 17 | nameOverride: "" 18 | fullnameOverride: "" 19 | 20 | serviceAccount: 21 | # Specifies whether a service account should be created 22 | create: true 23 | # Annotations to add to the service account 24 | annotations: {} 25 | # The name of the service account to use. 26 | # If not set and create is true, a name is generated using the fullname template 27 | name: "" 28 | 29 | podAnnotations: {} 30 | 31 | podSecurityContext: {} 32 | # fsGroup: 2000 33 | 34 | securityContext: {} 35 | # capabilities: 36 | # drop: 37 | # - ALL 38 | # readOnlyRootFilesystem: true 39 | # runAsNonRoot: true 40 | # runAsUser: 1000 41 | 42 | service: 43 | type: ClusterIP 44 | port: 80 45 | 46 | ingress: 47 | enabled: false 48 | annotations: {} 49 | # kubernetes.io/ingress.class: nginx 50 | # kubernetes.io/tls-acme: "true" 51 | hosts: 52 | - host: chart-example.local 53 | paths: [] 54 | tls: [] 55 | # - secretName: chart-example-tls 56 | # hosts: 57 | # - chart-example.local 58 | 59 | resources: {} 60 | # We usually recommend not to specify default resources and to leave this as a conscious 61 | # choice for the user. This also increases chances charts run on environments with little 62 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 63 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 64 | # limits: 65 | # cpu: 100m 66 | # memory: 128Mi 67 | # requests: 68 | # cpu: 100m 69 | # memory: 128Mi 70 | 71 | autoscaling: 72 | enabled: false 73 | minReplicas: 1 74 | maxReplicas: 100 75 | targetCPUUtilizationPercentage: 80 76 | # targetMemoryUtilizationPercentage: 80 77 | 78 | nodeSelector: {} 79 | 80 | tolerations: [] 81 | 82 | affinity: {} 83 | -------------------------------------------------------------------------------- /charts/coturn/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "coturn.fullname" . }} 5 | labels: 6 | {{- include "coturn.labels" . | nindent 4 }} 7 | spec: 8 | {{- if not .Values.autoscaling.enabled }} 9 | replicas: {{ .Values.replicaCount }} 10 | {{- end }} 11 | selector: 12 | matchLabels: 13 | {{- include "coturn.selectorLabels" . | nindent 6 }} 14 | strategy: 15 | {{- toYaml .Values.strategyType | nindent 6 }} 16 | template: 17 | metadata: 18 | {{- with .Values.podAnnotations }} 19 | annotations: 20 | {{- toYaml . | nindent 8 }} 21 | {{- end }} 22 | labels: 23 | {{- include "coturn.selectorLabels" . | nindent 8 }} 24 | spec: 25 | {{- with .Values.imagePullSecrets }} 26 | imagePullSecrets: 27 | {{- toYaml . | nindent 8 }} 28 | {{- end }} 29 | serviceAccountName: {{ include "coturn.serviceAccountName" . }} 30 | securityContext: 31 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 32 | {{- if .Values.hostNetwork }} 33 | hostNetwork: {{ .Values.hostNetwork }} 34 | {{- end }} 35 | containers: 36 | - name: {{ .Chart.Name }} 37 | securityContext: 38 | {{- toYaml .Values.securityContext | nindent 12 }} 39 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 40 | imagePullPolicy: {{ .Values.image.pullPolicy }} 41 | {{- if .Values.command }} 42 | command: {{ .Values.command }} 43 | {{- end }} 44 | ports: 45 | {{- if .Values.ports }} 46 | {{- toYaml .Values.ports | nindent 12 }} 47 | {{- else }} 48 | - hostPort: 5349 49 | containerPort: 5349 50 | {{- end }} 51 | resources: 52 | {{- toYaml .Values.resources | nindent 12 }} 53 | env: 54 | {{- toYaml .Values.env | nindent 12 }} 55 | {{- with .Values.nodeSelector }} 56 | nodeSelector: 57 | {{- toYaml . | nindent 8 }} 58 | {{- end }} 59 | {{- with .Values.affinity }} 60 | affinity: 61 | {{- toYaml . | nindent 8 }} 62 | {{- end }} 63 | {{- with .Values.tolerations }} 64 | tolerations: 65 | {{- toYaml . | nindent 8 }} 66 | {{- end }} -------------------------------------------------------------------------------- /charts/dialog/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "dialog.fullname" . }} 5 | labels: 6 | {{- include "dialog.labels" . | nindent 4 }} 7 | annotations: 8 | {{- toYaml .Values.annotations | nindent 4 }} 9 | spec: 10 | {{- if not .Values.autoscaling.enabled }} 11 | replicas: {{ .Values.replicaCount }} 12 | {{- end }} 13 | selector: 14 | matchLabels: 15 | {{- include "dialog.selectorLabels" . | nindent 6 }} 16 | strategy: 17 | {{- toYaml .Values.strategy | nindent 8 }} 18 | template: 19 | metadata: 20 | {{- with .Values.podAnnotations }} 21 | annotations: 22 | {{- toYaml . | nindent 8 }} 23 | {{- end }} 24 | labels: 25 | {{- include "dialog.selectorLabels" . | nindent 8 }} 26 | spec: 27 | {{- with .Values.imagePullSecrets }} 28 | imagePullSecrets: 29 | {{- toYaml . | nindent 8 }} 30 | {{- end }} 31 | serviceAccountName: {{ include "dialog.serviceAccountName" . }} 32 | securityContext: 33 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 34 | {{- if .Values.hostNetwork }} 35 | hostNetwork: {{ .Values.hostNetwork }} 36 | {{- end }} 37 | containers: 38 | - name: {{ .Chart.Name }} 39 | securityContext: 40 | {{- toYaml .Values.securityContext | nindent 12 }} 41 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 42 | imagePullPolicy: {{ .Values.image.pullPolicy }} 43 | ports: 44 | - hostPort: 4443 45 | containerPort: 4443 46 | # livenessProbe: 47 | # httpGet: 48 | # path: / 49 | # port: http 50 | # readinessProbe: 51 | # httpGet: 52 | # path: / 53 | # port: http 54 | resources: 55 | {{- toYaml .Values.resources | nindent 12 }} 56 | env: 57 | {{- toYaml .Values.env | nindent 12 }} 58 | {{- with .Values.nodeSelector }} 59 | nodeSelector: 60 | {{- toYaml . | nindent 8 }} 61 | {{- end }} 62 | {{- with .Values.affinity }} 63 | affinity: 64 | {{- toYaml . | nindent 8 }} 65 | {{- end }} 66 | {{- with .Values.tolerations }} 67 | tolerations: 68 | {{- toYaml . | nindent 8 }} 69 | {{- end }} 70 | -------------------------------------------------------------------------------- /charts/nearspark/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for nearspark. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: mozillareality/nearspark 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "stable-latest" 12 | 13 | 14 | annotations: 15 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 16 | 17 | strategy: 18 | type: RollingUpdate 19 | rollingUpdate: 20 | maxUnavailable: 0 21 | maxSurge: 1 22 | 23 | imagePullSecrets: [] 24 | nameOverride: "" 25 | fullnameOverride: "" 26 | 27 | serviceAccount: 28 | # Specifies whether a service account should be created 29 | create: true 30 | # Annotations to add to the service account 31 | annotations: {} 32 | # The name of the service account to use. 33 | # If not set and create is true, a name is generated using the fullname template 34 | name: "" 35 | 36 | podAnnotations: {} 37 | 38 | podSecurityContext: {} 39 | # fsGroup: 2000 40 | 41 | securityContext: {} 42 | # capabilities: 43 | # drop: 44 | # - ALL 45 | # readOnlyRootFilesystem: true 46 | # runAsNonRoot: true 47 | # runAsUser: 1000 48 | 49 | service: 50 | type: ClusterIP 51 | port: 80 52 | 53 | ingress: 54 | enabled: true 55 | annotations: 56 | kubernetes.io/ingress.class: haproxy 57 | haproxy.org/path-rewrite: /nearspark/(.*) /\1 58 | # kubernetes.io/ingress.class: nginx 59 | # kubernetes.io/tls-acme: "true" 60 | # hosts: 61 | # - host: chart-example.local 62 | # paths: [] 63 | # tls: [] 64 | # - secretName: chart-example-tls 65 | # hosts: 66 | # - chart-example.local 67 | 68 | resources: {} 69 | # We usually recommend not to specify default resources and to leave this as a conscious 70 | # choice for the user. This also increases chances charts run on environments with little 71 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 72 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 73 | # limits: 74 | # cpu: 100m 75 | # memory: 128Mi 76 | # requests: 77 | # cpu: 100m 78 | # memory: 128Mi 79 | 80 | autoscaling: 81 | enabled: false 82 | minReplicas: 1 83 | maxReplicas: 100 84 | targetCPUUtilizationPercentage: 80 85 | # targetMemoryUtilizationPercentage: 80 86 | 87 | nodeSelector: {} 88 | 89 | tolerations: [] 90 | 91 | affinity: {} 92 | -------------------------------------------------------------------------------- /charts/reticulum/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "reticulum.fullname" . -}} 3 | {{- $svcPort := .Values.service.port -}} 4 | {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} 5 | apiVersion: networking.k8s.io/v1 6 | {{- else -}} 7 | apiVersion: extensions/v1beta1 8 | {{- end }} 9 | kind: Ingress 10 | metadata: 11 | name: {{ $fullName }} 12 | labels: 13 | {{- include "reticulum.labels" . | nindent 4 }} 14 | annotations: 15 | kubernetes.io/ingress.class: haproxy 16 | haproxy.org/response-set-header: | 17 | access-control-allow-origin "https://{{ .Values.global.domain }}" 18 | haproxy.org/path-rewrite: /api-internal(.*) /_drop_ 19 | 20 | spec: 21 | tls: 22 | - hosts: 23 | - {{ .Values.global.domain }} 24 | secretName: cert-{{ .Values.global.domain }} 25 | - hosts: 26 | - assets.{{ .Values.global.domain }} 27 | secretName: cert-assets.{{ .Values.global.domain }} 28 | - hosts: 29 | - stream.{{ .Values.global.domain }} 30 | secretName: cert-stream.{{ .Values.global.domain }} 31 | - hosts: 32 | - cors.{{ .Values.global.domain }} 33 | secretName: cert-cors.{{ .Values.global.domain }} 34 | rules: 35 | - host: {{ .Values.global.domain }} 36 | http: 37 | paths: 38 | - path: / 39 | pathType: Prefix 40 | backend: 41 | service: 42 | name: ret 43 | port: 44 | number: 4001 45 | - host: assets.{{ .Values.global.domain }} 46 | http: 47 | paths: 48 | - path: /files/ 49 | pathType: Prefix 50 | backend: 51 | service: 52 | name: ret 53 | port: 54 | number: 4001 55 | - path: /http 56 | pathType: ImplementationSpecific # haproxy's "Begin with" 57 | backend: 58 | service: 59 | name: ret 60 | port: 61 | number: 4001 62 | - host: cors.{{ .Values.global.domain }} 63 | http: 64 | paths: 65 | - path: /files/ 66 | pathType: Prefix 67 | backend: 68 | service: 69 | name: ret 70 | port: 71 | number: 4001 72 | - path: /http 73 | pathType: ImplementationSpecific 74 | backend: 75 | service: 76 | name: ret 77 | port: 78 | number: 4001 79 | {{- end }} 80 | -------------------------------------------------------------------------------- /charts/pgsql/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "pgsql.fullname" . }} 5 | labels: 6 | {{- include "pgsql.labels" . | nindent 4 }} 7 | spec: 8 | {{- if not .Values.autoscaling.enabled }} 9 | replicas: {{ .Values.replicaCount }} 10 | {{- end }} 11 | selector: 12 | matchLabels: 13 | {{- include "pgsql.selectorLabels" . | nindent 6 }} 14 | template: 15 | metadata: 16 | {{- with .Values.podAnnotations }} 17 | annotations: 18 | {{- toYaml . | nindent 8 }} 19 | {{- end }} 20 | labels: 21 | {{- include "pgsql.selectorLabels" . | nindent 8 }} 22 | spec: 23 | {{- with .Values.imagePullSecrets }} 24 | imagePullSecrets: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | serviceAccountName: {{ include "pgsql.serviceAccountName" . }} 28 | securityContext: 29 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 30 | containers: 31 | - name: {{ .Chart.Name }} 32 | securityContext: 33 | {{- toYaml .Values.securityContext | nindent 12 }} 34 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 35 | imagePullPolicy: {{ .Values.image.pullPolicy }} 36 | ports: 37 | - name: postgresql 38 | containerPort: 5432 39 | # livenessProbe: 40 | # httpGet: 41 | # path: / 42 | # port: postgresql 43 | # readinessProbe: 44 | # httpGet: 45 | # path: / 46 | # port: postgresql 47 | resources: 48 | {{- toYaml .Values.resources | nindent 12 }} 49 | env: 50 | {{- toYaml .Values.env | nindent 12 }} 51 | volumeMounts: 52 | {{- toYaml .Values.volumeMounts | nindent 12 }} 53 | {{- with .Values.nodeSelector }} 54 | nodeSelector: 55 | {{- toYaml . | nindent 8 }} 56 | {{- end }} 57 | {{- with .Values.affinity }} 58 | affinity: 59 | {{- toYaml . | nindent 8 }} 60 | {{- end }} 61 | {{- with .Values.tolerations }} 62 | tolerations: 63 | {{- toYaml . | nindent 8 }} 64 | {{- end }} 65 | volumes: 66 | - name: postgresql-data 67 | {{- if .Values.global.aws.efs.enabled }} 68 | persistentVolumeClaim: 69 | claimName: {{ include "pgsql.fullname" . }}-efs-claim 70 | {{- else }} 71 | hostPath: 72 | path: /tmp/pgsql_data 73 | {{- end }} -------------------------------------------------------------------------------- /charts/pgbouncer/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for pgbouncer. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: mozillareality/pgbouncer 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "stable-latest" 12 | 13 | env: 14 | - name: MAX_CLIENT_CONN 15 | value: "10000" 16 | - name: DB_USER 17 | valueFrom: 18 | secretKeyRef: 19 | name: configs 20 | key: DB_USER 21 | - name: DB_PASSWORD 22 | valueFrom: 23 | secretKeyRef: 24 | name: configs 25 | key: DB_PASS 26 | - name: DB_HOST 27 | valueFrom: 28 | secretKeyRef: 29 | name: configs 30 | key: EXT_DB_HOST 31 | 32 | imagePullSecrets: [] 33 | nameOverride: "" 34 | fullnameOverride: "" 35 | 36 | serviceAccount: 37 | # Specifies whether a service account should be created 38 | create: true 39 | # Annotations to add to the service account 40 | annotations: {} 41 | # The name of the service account to use. 42 | # If not set and create is true, a name is generated using the fullname template 43 | name: "" 44 | 45 | podAnnotations: {} 46 | 47 | podSecurityContext: {} 48 | # fsGroup: 2000 49 | 50 | securityContext: {} 51 | # capabilities: 52 | # drop: 53 | # - ALL 54 | # readOnlyRootFilesystem: true 55 | # runAsNonRoot: true 56 | # runAsUser: 1000 57 | 58 | service: 59 | type: ClusterIP 60 | port: 5432 61 | 62 | ingress: 63 | enabled: false 64 | annotations: {} 65 | # kubernetes.io/ingress.class: nginx 66 | # kubernetes.io/tls-acme: "true" 67 | hosts: 68 | - host: chart-example.local 69 | paths: [] 70 | tls: [] 71 | # - secretName: chart-example-tls 72 | # hosts: 73 | # - chart-example.local 74 | 75 | resources: {} 76 | # We usually recommend not to specify default resources and to leave this as a conscious 77 | # choice for the user. This also increases chances charts run on environments with little 78 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 79 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 80 | # limits: 81 | # cpu: 100m 82 | # memory: 128Mi 83 | # requests: 84 | # cpu: 100m 85 | # memory: 128Mi 86 | 87 | autoscaling: 88 | enabled: false 89 | minReplicas: 1 90 | maxReplicas: 100 91 | targetCPUUtilizationPercentage: 80 92 | # targetMemoryUtilizationPercentage: 80 93 | 94 | nodeSelector: {} 95 | 96 | tolerations: [] 97 | 98 | affinity: {} 99 | -------------------------------------------------------------------------------- /charts/spoke/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for spoke. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: mozillareality/spoke 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "stable-latest" 12 | annotations: 13 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 14 | 15 | minReadySeconds: 15 16 | 17 | strategy: 18 | type: RollingUpdate 19 | rollingUpdate: 20 | maxUnavailable: 0 21 | maxSurge: 1 22 | 23 | livenessProbe: 24 | httpGet: 25 | path: https://localhost/healthz 26 | port: 8080 27 | scheme: HTTPS 28 | initialDelaySeconds: 20 29 | timeoutSeconds: 1 30 | periodSeconds: 120 31 | 32 | imagePullSecrets: [] 33 | nameOverride: "" 34 | fullnameOverride: "" 35 | 36 | serviceAccount: 37 | # Specifies whether a service account should be created 38 | create: true 39 | # Annotations to add to the service account 40 | annotations: {} 41 | # The name of the service account to use. 42 | # If not set and create is true, a name is generated using the fullname template 43 | name: "" 44 | 45 | podAnnotations: {} 46 | 47 | podSecurityContext: {} 48 | # fsGroup: 2000 49 | 50 | securityContext: {} 51 | # capabilities: 52 | # drop: 53 | # - ALL 54 | # readOnlyRootFilesystem: true 55 | # runAsNonRoot: true 56 | # runAsUser: 1000 57 | 58 | service: 59 | type: ClusterIP 60 | port: 8080 61 | 62 | ingress: 63 | enabled: true 64 | annotations: 65 | kubernetes.io/ingress.class: haproxy 66 | # kubernetes.io/ingress.class: nginx 67 | # kubernetes.io/tls-acme: "true" 68 | # hosts: 69 | # - host: chart-example.local 70 | # paths: [] 71 | # tls: [] 72 | # # - secretName: chart-example-tls 73 | # # hosts: 74 | # # - chart-example.local 75 | 76 | resources: {} 77 | # We usually recommend not to specify default resources and to leave this as a conscious 78 | # choice for the user. This also increases chances charts run on environments with little 79 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 80 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 81 | # limits: 82 | # cpu: 100m 83 | # memory: 128Mi 84 | # requests: 85 | # cpu: 100m 86 | # memory: 128Mi 87 | 88 | autoscaling: 89 | enabled: false 90 | minReplicas: 1 91 | maxReplicas: 100 92 | targetCPUUtilizationPercentage: 80 93 | # targetMemoryUtilizationPercentage: 80 94 | 95 | nodeSelector: {} 96 | 97 | tolerations: [] 98 | 99 | affinity: {} 100 | -------------------------------------------------------------------------------- /charts/pgbouncer-t/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for pgbouncer-t. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: mozillareality/pgbouncer 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "stable-latest" 12 | 13 | env: 14 | - name: MAX_CLIENT_CONN 15 | value: "10000" 16 | - name: DB_USER 17 | valueFrom: 18 | secretKeyRef: 19 | name: configs 20 | key: DB_USER 21 | - name: DB_PASSWORD 22 | valueFrom: 23 | secretKeyRef: 24 | name: configs 25 | key: DB_PASS 26 | - name: DB_HOST 27 | valueFrom: 28 | secretKeyRef: 29 | name: configs 30 | key: EXT_DB_HOST 31 | - name: POOL_MODE 32 | value: transaction 33 | 34 | imagePullSecrets: [] 35 | nameOverride: "" 36 | fullnameOverride: "" 37 | 38 | serviceAccount: 39 | # Specifies whether a service account should be created 40 | create: true 41 | # Annotations to add to the service account 42 | annotations: {} 43 | # The name of the service account to use. 44 | # If not set and create is true, a name is generated using the fullname template 45 | name: "" 46 | 47 | podAnnotations: {} 48 | 49 | podSecurityContext: {} 50 | # fsGroup: 2000 51 | 52 | securityContext: {} 53 | # capabilities: 54 | # drop: 55 | # - ALL 56 | # readOnlyRootFilesystem: true 57 | # runAsNonRoot: true 58 | # runAsUser: 1000 59 | 60 | service: 61 | type: ClusterIP 62 | port: 5432 63 | 64 | ingress: 65 | enabled: false 66 | annotations: {} 67 | # kubernetes.io/ingress.class: nginx 68 | # kubernetes.io/tls-acme: "true" 69 | hosts: 70 | - host: chart-example.local 71 | paths: [] 72 | tls: [] 73 | # - secretName: chart-example-tls 74 | # hosts: 75 | # - chart-example.local 76 | 77 | resources: {} 78 | # We usually recommend not to specify default resources and to leave this as a conscious 79 | # choice for the user. This also increases chances charts run on environments with little 80 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 81 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 82 | # limits: 83 | # cpu: 100m 84 | # memory: 128Mi 85 | # requests: 86 | # cpu: 100m 87 | # memory: 128Mi 88 | 89 | autoscaling: 90 | enabled: false 91 | minReplicas: 1 92 | maxReplicas: 100 93 | targetCPUUtilizationPercentage: 80 94 | # targetMemoryUtilizationPercentage: 80 95 | 96 | nodeSelector: {} 97 | 98 | tolerations: [] 99 | 100 | affinity: {} 101 | -------------------------------------------------------------------------------- /charts/coturn/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for coturn. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: doginal/mozilla-hubs-coturn 9 | pullPolicy: Always 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "latest" 12 | 13 | # command: [ "/bin/sh","-c","/entrypoint-ce.sh" ] 14 | 15 | ports: 16 | - hostPort: &COTURN_PORT 5349 17 | containerPort: *COTURN_PORT 18 | 19 | env: 20 | - name: REALM 21 | value: turkey 22 | - name: PSQL 23 | valueFrom: 24 | secretKeyRef: 25 | name: configs 26 | key: PSQL 27 | 28 | strategyType: 29 | type: RollingUpdate 30 | 31 | hostNetwork: true 32 | 33 | imagePullSecrets: [] 34 | nameOverride: "" 35 | fullnameOverride: "" 36 | 37 | serviceAccount: 38 | # Specifies whether a service account should be created 39 | create: true 40 | # Annotations to add to the service account 41 | annotations: {} 42 | # The name of the service account to use. 43 | # If not set and create is true, a name is generated using the fullname template 44 | name: "" 45 | 46 | podAnnotations: {} 47 | 48 | podSecurityContext: 49 | {} 50 | # fsGroup: 2000 51 | 52 | selectorLabels: 53 | app: coturn 54 | 55 | securityContext: 56 | {} 57 | # capabilities: 58 | # drop: 59 | # - ALL 60 | # readOnlyRootFilesystem: true 61 | # runAsNonRoot: true 62 | # runAsUser: 1000 63 | 64 | service: 65 | # type: ClusterIP 66 | port: *COTURN_PORT 67 | # If true, haproxy will be annotated with the external IP address(es) of the ingress controller 68 | 69 | ingress: 70 | enabled: false 71 | annotations: 72 | {} 73 | # kubernetes.io/ingress.class: nginx 74 | # kubernetes.io/tls-acme: "true" 75 | hosts: 76 | - host: chart-example.local 77 | paths: [] 78 | tls: [] 79 | # - secretName: chart-example-tls 80 | # hosts: 81 | # - chart-example.local 82 | 83 | resources: 84 | {} 85 | # We usually recommend not to specify default resources and to leave this as a conscious 86 | # choice for the user. This also increases chances charts run on environments with little 87 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 88 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 89 | # limits: 90 | # cpu: 100m 91 | # memory: 128Mi 92 | # requests: 93 | # cpu: 100m 94 | # memory: 128Mi 95 | 96 | autoscaling: 97 | enabled: false 98 | minReplicas: 1 99 | maxReplicas: 100 100 | targetCPUUtilizationPercentage: 80 101 | # targetMemoryUtilizationPercentage: 80 102 | 103 | nodeSelector: {} 104 | 105 | tolerations: [] 106 | 107 | affinity: {} -------------------------------------------------------------------------------- /charts/pgsql/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for pgsql. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | enabled: true 6 | 7 | replicaCount: 1 8 | 9 | image: 10 | repository: postgres 11 | pullPolicy: IfNotPresent 12 | # Overrides the image tag whose default is the chart appVersion. 13 | tag: "12" 14 | 15 | ports: 16 | - name: postgresql 17 | containerPort: 5432 18 | 19 | env: 20 | - name: POSTGRES_USER 21 | valueFrom: 22 | secretKeyRef: 23 | name: configs 24 | key: DB_USER 25 | - name: POSTGRES_PASSWORD 26 | valueFrom: 27 | secretKeyRef: 28 | name: configs 29 | key: DB_PASS 30 | - name: POSTGRES_DB 31 | valueFrom: 32 | secretKeyRef: 33 | name: configs 34 | key: DB_NAME 35 | 36 | volumeMounts: 37 | - name: postgresql-data 38 | mountPath: /var/lib/postgresql/data 39 | 40 | volumes: 41 | - name: postgresql-data 42 | hostPath: 43 | path: /tmp/pgsql_data 44 | 45 | imagePullSecrets: [] 46 | nameOverride: "" 47 | fullnameOverride: "" 48 | 49 | serviceAccount: 50 | # Specifies whether a service account should be created 51 | create: true 52 | # Annotations to add to the service account 53 | annotations: {} 54 | # The name of the service account to use. 55 | # If not set and create is true, a name is generated using the fullname template 56 | name: "" 57 | 58 | podAnnotations: {} 59 | 60 | podSecurityContext: {} 61 | # fsGroup: 2000 62 | 63 | securityContext: {} 64 | # capabilities: 65 | # drop: 66 | # - ALL 67 | # readOnlyRootFilesystem: true 68 | # runAsNonRoot: true 69 | # runAsUser: 1000 70 | 71 | service: 72 | type: ClusterIP 73 | port: 5432 74 | 75 | ingress: 76 | enabled: false 77 | annotations: {} 78 | # kubernetes.io/ingress.class: nginx 79 | # kubernetes.io/tls-acme: "true" 80 | hosts: 81 | - host: chart-example.local 82 | paths: [] 83 | tls: [] 84 | # - secretName: chart-example-tls 85 | # hosts: 86 | # - chart-example.local 87 | 88 | resources: {} 89 | # We usually recommend not to specify default resources and to leave this as a conscious 90 | # choice for the user. This also increases chances charts run on environments with little 91 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 92 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 93 | # limits: 94 | # cpu: 100m 95 | # memory: 128Mi 96 | # requests: 97 | # cpu: 100m 98 | # memory: 128Mi 99 | 100 | autoscaling: 101 | enabled: false 102 | minReplicas: 1 103 | maxReplicas: 100 104 | targetCPUUtilizationPercentage: 80 105 | # targetMemoryUtilizationPercentage: 80 106 | 107 | nodeSelector: {} 108 | 109 | tolerations: [] 110 | 111 | affinity: {} 112 | -------------------------------------------------------------------------------- /charts/haproxy/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "haproxy.fullname" . }} 5 | labels: 6 | {{- include "haproxy.labels" . | nindent 4 }} 7 | spec: 8 | {{- if not .Values.autoscaling.enabled }} 9 | replicas: {{ .Values.replicaCount }} 10 | {{- end }} 11 | selector: 12 | matchLabels: 13 | {{- include "haproxy.selectorLabels" . | nindent 6 }} 14 | template: 15 | metadata: 16 | {{- with .Values.podAnnotations }} 17 | annotations: 18 | {{- toYaml . | nindent 8 }} 19 | {{- end }} 20 | labels: 21 | {{- include "haproxy.selectorLabels" . | nindent 8 }} 22 | spec: 23 | {{- with .Values.imagePullSecrets }} 24 | imagePullSecrets: 25 | {{- toYaml . | nindent 8 }} 26 | {{- end }} 27 | serviceAccountName: {{ .Values.serviceAccount.name }} 28 | terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} 29 | securityContext: 30 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 31 | containers: 32 | - name: {{ .Chart.Name }} 33 | securityContext: 34 | {{- toYaml .Values.securityContext | nindent 12 }} 35 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 36 | args: 37 | - --configmap={{ .Release.Namespace }}/haproxy-config 38 | - --configmap-tcp-services={{ .Release.Namespace }}/haproxy-tcp-config 39 | - --default-ssl-certificate={{ .Release.Namespace }}/cert-hcce 40 | - --https-bind-port=4443 41 | - --http-bind-port=8080 42 | - --ingress.class=haproxy 43 | - --log=warning #error warning info debug trace 44 | imagePullPolicy: {{ .Values.image.pullPolicy }} 45 | # ports: 46 | # - name: http 47 | # containerPort: 80 48 | # protocol: TCP 49 | livenessProbe: 50 | httpGet: 51 | path: /healthz 52 | port: 1042 53 | # readinessProbe: 54 | # httpGet: 55 | # path: /healthz 56 | # port: 1042 57 | resources: 58 | {{- toYaml .Values.resources | nindent 12 }} 59 | env: 60 | {{- toYaml .Values.env | nindent 12 }} 61 | - name: POD_NAME 62 | valueFrom: 63 | fieldRef: 64 | fieldPath: metadata.name 65 | - name: POD_NAMESPACE 66 | valueFrom: 67 | fieldRef: 68 | fieldPath: metadata.namespace 69 | {{- with .Values.nodeSelector }} 70 | nodeSelector: 71 | {{- toYaml . | nindent 8 }} 72 | {{- end }} 73 | {{- with .Values.affinity }} 74 | affinity: 75 | {{- toYaml . | nindent 8 }} 76 | {{- end }} 77 | {{- with .Values.tolerations }} 78 | tolerations: 79 | {{- toYaml . | nindent 8 }} 80 | {{- end }} 81 | -------------------------------------------------------------------------------- /charts/spoke/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "spoke.fullname" . }} 5 | labels: 6 | {{- include "spoke.labels" . | nindent 4 }} 7 | annotations: 8 | {{ .Values.annotations | toYaml | nindent 4 }} 9 | spec: 10 | {{- if not .Values.autoscaling.enabled }} 11 | replicas: {{ .Values.replicaCount }} 12 | {{- end }} 13 | selector: 14 | matchLabels: 15 | {{- include "spoke.selectorLabels" . | nindent 6 }} 16 | minReadySeconds: 15 17 | strategy: 18 | {{- toYaml .Values.strategy | nindent 4 }} 19 | template: 20 | metadata: 21 | {{- with .Values.podAnnotations }} 22 | annotations: 23 | {{- toYaml . | nindent 8 }} 24 | {{- end }} 25 | labels: 26 | {{- include "spoke.selectorLabels" . | nindent 8 }} 27 | spec: 28 | {{- with .Values.imagePullSecrets }} 29 | imagePullSecrets: 30 | {{- toYaml . | nindent 8 }} 31 | {{- end }} 32 | serviceAccountName: {{ include "spoke.serviceAccountName" . }} 33 | securityContext: 34 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 35 | containers: 36 | - name: {{ .Chart.Name }} 37 | securityContext: 38 | {{- toYaml .Values.securityContext | nindent 12 }} 39 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 40 | imagePullPolicy: {{ .Values.image.pullPolicy }} 41 | ports: 42 | - containerPort: 8080 43 | livenessProbe: 44 | {{ toYaml .Values.livenessProbe | nindent 12 }} 45 | # readinessProbe: 46 | # httpGet: 47 | # path: / 48 | # port: http 49 | resources: 50 | {{- toYaml .Values.resources | nindent 12 }} 51 | env: 52 | - name: turkeyCfg_thumbnail_server 53 | value: cors.{{ .Values.global.domain }}/nearspark 54 | - name: turkeyCfg_base_assets_path 55 | value: https://assets.{{ .Values.global.domain }}/spoke/ 56 | - name: turkeyCfg_non_cors_proxy_domains 57 | value: "{{ .Values.global.domain }},assets.{{ .Values.global.domain }}" 58 | - name: turkeyCfg_reticulum_server 59 | value: {{ .Values.global.domain }} 60 | - name: turkeyCfg_cors_proxy_server 61 | value: cors.{{ .Values.global.domain }} 62 | - name: turkeyCfg_shortlink_domain 63 | value: {{ .Values.global.domain }} 64 | - name: turkeyCfg_hubs_server 65 | value: {{ .Values.global.domain }} 66 | {{- with .Values.nodeSelector }} 67 | nodeSelector: 68 | {{- toYaml . | nindent 8 }} 69 | {{- end }} 70 | {{- with .Values.affinity }} 71 | affinity: 72 | {{- toYaml . | nindent 8 }} 73 | {{- end }} 74 | {{- with .Values.tolerations }} 75 | tolerations: 76 | {{- toYaml . | nindent 8 }} 77 | {{- end }} 78 | -------------------------------------------------------------------------------- /templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "hubs-ce.fullname" . }} 5 | labels: 6 | {{- include "hubs-ce.labels" . | nindent 4 }} 7 | annotations: 8 | {{ .Values.annotations | toYaml | nindent 4 }} 9 | spec: 10 | {{- if not .Values.autoscaling.enabled }} 11 | replicas: {{ .Values.replicaCount }} 12 | {{- end }} 13 | selector: 14 | matchLabels: 15 | {{- include "hubs-ce.selectorLabels" . | nindent 6 }} 16 | minReadySeconds: 15 17 | strategy: 18 | {{- toYaml .Values.strategy | nindent 4 }} 19 | template: 20 | metadata: 21 | {{- with .Values.podAnnotations }} 22 | annotations: 23 | {{- toYaml . | nindent 8 }} 24 | {{- end }} 25 | labels: 26 | {{- include "hubs-ce.selectorLabels" . | nindent 8 }} 27 | spec: 28 | {{- with .Values.imagePullSecrets }} 29 | imagePullSecrets: 30 | {{- toYaml . | nindent 8 }} 31 | {{- end }} 32 | serviceAccountName: {{ include "hubs-ce.serviceAccountName" . }} 33 | securityContext: 34 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 35 | containers: 36 | - name: {{ .Chart.Name }} 37 | securityContext: 38 | {{- toYaml .Values.securityContext | nindent 12 }} 39 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 40 | imagePullPolicy: {{ .Values.image.pullPolicy }} 41 | ports: 42 | - containerPort: 8080 43 | livenessProbe: 44 | httpGet: 45 | path: https://localhost/healthz 46 | port: 8080 47 | scheme: HTTPS 48 | initialDelaySeconds: 20 49 | timeoutSeconds: 1 50 | periodSeconds: 120 51 | readinessProbe: 52 | httpGet: 53 | path: https://localhost/healthz 54 | port: 8080 55 | scheme: HTTPS 56 | resources: 57 | {{- toYaml .Values.resources | nindent 12 }} 58 | env: 59 | - name: turkeyCfg_base_assets_path 60 | value: https://assets.{{ .Values.global.domain }}/hubs/ 61 | - name: turkeyCfg_non_cors_proxy_domains 62 | value: "{{ .Values.global.domain }},assets.{{ .Values.global.domain }}" 63 | - name: turkeyCfg_reticulum_server 64 | value: {{ .Values.global.domain }} 65 | - name: turkeyCfg_cors_proxy_server 66 | value: cors.{{ .Values.global.domain }} 67 | - name: turkeyCfg_shortlink_domain 68 | value: {{ .Values.global.domain }} 69 | {{- toYaml .Values.env | nindent 12 }} 70 | 71 | {{- with .Values.nodeSelector }} 72 | nodeSelector: 73 | {{- toYaml . | nindent 8 }} 74 | {{- end }} 75 | {{- with .Values.affinity }} 76 | affinity: 77 | {{- toYaml . | nindent 8 }} 78 | {{- end }} 79 | {{- with .Values.tolerations }} 80 | tolerations: 81 | {{- toYaml . | nindent 8 }} 82 | {{- end }} 83 | -------------------------------------------------------------------------------- /Readme.md: -------------------------------------------------------------------------------- 1 | # Welcome to the Mozilla Hubs Community Edition Chart! 2 | 3 | To start you need a kubernetes cluster. 4 | Your worker nodes should have these ports open: 5 | * TCP: 80, 443, 4443, 5349 6 | * UDP: 35000 - 60000 7 | 8 | 9 | ## Setup SSL Certs 10 | We need a few ssl certs and cert manager allows us to automate the request but also the renewal of the certs. lets install it! 11 | ### Install cert-manager 12 | See https://cert-manager.io/docs/installation/helm/ for more information 13 | 14 | ``` 15 | kubectl create ns security 16 | helm repo add jetstack https://charts.jetstack.io 17 | helm repo update 18 | helm install cert-manager jetstack/cert-manager \ 19 | --namespace security \ 20 | --set ingressShim.defaultIssuerName=letsencrypt-issuer \ 21 | --set ingressShim.defaultIssuerKind=ClusterIssuer \ 22 | --set installCRDs=true 23 | ``` 24 | 25 | ### Create cluster-issuer.yaml for Let's Encrypt 26 | ``` 27 | apiVersion: cert-manager.io/v1 28 | kind: ClusterIssuer 29 | metadata: 30 | name: letsencrypt-issuer 31 | spec: 32 | acme: 33 | # You must replace this email address with your own. 34 | # Let's Encrypt will use this to contact you about expiring 35 | # certificates, and issues related to your account. 36 | email: '{YOUR_EMAIL_ADDRESS}' 37 | server: https://acme-v02.api.letsencrypt.org/directory 38 | privateKeySecretRef: 39 | # Secret resource that will be used to store the account's private key. 40 | name: letsencrypt-issuer 41 | # Add a single challenge solver, HTTP01 using nginx 42 | solvers: 43 | - http01: 44 | ingress: 45 | class: haproxy 46 | ``` 47 | 48 | Then run 49 | ``` 50 | kubectl apply -f 'PATH_TO/cluster-issuer.yaml' 51 | ``` 52 | 53 | ## Deployment 54 | ### Install this helm chart 55 | 56 | Copy and paste the configs.data output of render_helm.sh into the values.yaml file 57 | ``` 58 | ./render_helm.sh {YOUR_HUBS_DOMAIN} {ADMIN_EMAIL_ADDRESS} 59 | ``` 60 | > You need the default cert to allow cert manager to request certs. 61 | > It will create a new file `config.yaml` 62 | 63 | Modify the values.yaml with your domain and email, replace whats inside the string. 64 | ``` 65 | global: 66 | domain: &HUBS_DOMAIN "{YOUR_HUBS_DOMAIN}" 67 | adminEmail: &ADMINEMAIL "{ADMIN_EMAIL_ADDRESS}" 68 | ``` 69 | 70 | To finish up the install run: 71 | ``` 72 | git clone git@github.com:hubs-community/mozilla-hubs-ce-chart.git 73 | cd mozilla-hubs-ce-chart 74 | 75 | kubectl create ns {YOUR_NAMESPACE} 76 | 77 | helm install moz . --namespace={YOUR_NAMESPACE} --debug --dry-run 78 | ``` 79 | > remove --dry-run to fully install 80 | 81 | > [AWS Deployment Notes](./Readme.aws.md) 82 | 83 | ## Update this helm chart 84 | Update what you need to, ie, values.yaml or template files. Remove --dry-run to upgrade 85 | ``` 86 | helm upgrade moz . --namespace={YOUR_NAMESPACE} --debug --dry-run 87 | ``` 88 | 89 | ## Delete this helm chart 90 | This will remove everything installed by this chart. Remove --dry-run to delete 91 | ``` 92 | helm delete moz --namespace={YOUR_NAMESPACE} --dry-run 93 | ``` 94 | 95 | 96 | -------------------------------------------------------------------------------- /render_helm.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | bins=("bash" "openssl" "npm") 4 | for cmd in "${bins[@]}"; do 5 | if ! command -v $cmd &> /dev/null; then 6 | echo "missing required binary: $cmd" 7 | return 1 8 | fi 9 | done 10 | 11 | if ! npm list -g pem-jwk | grep -q pem-jwk; then 12 | echo "missing required npm pkg: pem-jwk, try (sudo) npm install pem-jwk -g to install it" 13 | return 1 14 | fi 15 | 16 | read -rsp $'Press any key to continue... (This will wipe your config.yaml)\n' -n1 key 17 | 18 | ENV_OUTPUT="configs:\n data:\n" 19 | ### required 20 | HUB_DOMAIN=$1 21 | ADM_EMAIL=$2 22 | DB_USER="postgres" 23 | DB_PASS="123456" 24 | DB_NAME="retdb" 25 | DB_HOST="pgbouncer" 26 | DB_HOST_T="pgbouncer-t" 27 | EXT_DB_HOST="pgsql" 28 | PGRST_DB_URI="postgres://$DB_USER:$DB_PASS@$DB_HOST/$DB_NAME" 29 | PSQL="postgres://$DB_USER:$DB_PASS@$DB_HOST/$DB_NAME" 30 | # Update with your STMP server settings 31 | SMTP_SERVER="{YOUR_SMTP_SERVER}" 32 | SMTP_PORT="587" 33 | SMTP_USER="{YOUR_SMTP_USER}" 34 | SMTP_PASS="{YOUR_SMTP_PASS}" 35 | 36 | NODE_COOKIE="node-{YOUR_NODE_COOKIE_ID}" 37 | GUARDIAN_KEY="{YOUR_GUARDIAN_KEY}" 38 | PHX_KEY="{YOUR_PHX_KEY}" 39 | 40 | SKETCHFAB_API_KEY="?" 41 | TENOR_API_KEY="?" 42 | 43 | ### generate keys and new jwt secret 44 | openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048 45 | PERMS_KEY=$(echo -n "$(awk '{printf "%s\\\\n", $0}' private_key.pem)") 46 | openssl ec -pubout -in private_key.pem -out public_key.pem 47 | 48 | JWT_SECRET=$(pem-jwk public_key.pem) 49 | PGRST_JWT_SECRET=$(pem-jwk public_key.pem) 50 | 51 | ### initial cert 52 | openssl req -x509 -newkey rsa:2048 -sha256 -days 36500 -nodes -keyout key.pem -out cert.pem -subj '/CN='$1 53 | initCert=$(base64 -i cert.pem | tr -d '\n') 54 | initKey=$(base64 -i key.pem | tr -d '\n') 55 | 56 | ENV_OUTPUT+=" DB_USER: \"$DB_USER\"\n" 57 | ENV_OUTPUT+=" DB_PASS: \"$DB_PASS\"\n" 58 | ENV_OUTPUT+=" DB_NAME: \"$DB_NAME\"\n" 59 | ENV_OUTPUT+=" DB_HOST: \"$DB_HOST\"\n" 60 | ENV_OUTPUT+=" DB_HOST_T: \"$DB_HOST_T\"\n" 61 | ENV_OUTPUT+=" EXT_DB_HOST: \"$EXT_DB_HOST\"\n" 62 | ENV_OUTPUT+=" PGRST_DB_URI: \"$PGRST_DB_URI\"\n" 63 | ENV_OUTPUT+=" PSQL: \"$PSQL\"\n" 64 | ENV_OUTPUT+=" SMTP_SERVER: \"$SMTP_SERVER\"\n" 65 | ENV_OUTPUT+=" SMTP_PORT: \"$SMTP_PORT\"\n" 66 | ENV_OUTPUT+=" SMTP_USER: \"$SMTP_USER\"\n" 67 | ENV_OUTPUT+=" SMTP_PASS: \"$SMTP_PASS\"\n" 68 | ENV_OUTPUT+=" NODE_COOKIE: \"$NODE_COOKIE\"\n" 69 | ENV_OUTPUT+=" GUARDIAN_KEY: \"$GUARDIAN_KEY\"\n" 70 | ENV_OUTPUT+=" PHX_KEY: \"$PHX_KEY\"\n" 71 | ENV_OUTPUT+=" SKETCHFAB_API_KEY: \"$SKETCHFAB_API_KEY\"\n" 72 | ENV_OUTPUT+=" TENOR_API_KEY: \"$TENOR_API_KEY\"\n" 73 | ENV_OUTPUT+=" PGRST_JWT_SECRET: '$(pem-jwk public_key.pem)'\n" 74 | echo -e -n "$ENV_OUTPUT" > config.yaml 75 | printf "%s\n\n" " PERMS_KEY: '$(echo -n $PERMS_KEY)'" >> config.yaml 76 | 77 | ENV_OUTPUT="\n---\n\n" 78 | ENV_OUTPUT="defaultCert:\n" 79 | ENV_OUTPUT+=" tls.crt: '$initCert'\n" 80 | ENV_OUTPUT+=" tls.key: '$initKey'\n---\n" 81 | echo -e -n "$ENV_OUTPUT" >> config.yaml 82 | 83 | echo -e "\n\nAdd these vars to your values.yaml:\n\n" 84 | cat config.yaml 85 | echo -e "\n\n" 86 | echo "Check ./config.yaml for the generated configs" 87 | -------------------------------------------------------------------------------- /Readme.aws.md: -------------------------------------------------------------------------------- 1 | # AWS Note 2 | If installed on aws, open ec2 -> load balancer -> select the new lb -> copy dns A record 3 | Create alias A record with Route53 for each of the domain records for the hubs stack; stream,cors,assets,tld. 4 | 5 | ### EFS Persistent Volumes 6 | We need to set up the EFS driver in the EKS control panel under addons. Search for EFS, click enable and follow along with the wizard to create an EFS filesystem. 7 | 8 | Once the EFS drive has come online, we will need to allow traffic from EKS by updating our EFS inbound security group. 9 | 10 | 1. Open up the EFS filesystem you just created click on networking note down the security group in us-east-1. 11 | 2. Go to EC2, open up the security group tab and search for the EFS security group. 12 | 3. Add an inbound rule to allow EKS’s node workers access to EFS. Add an inbound rule for all traffic and the source should be the EKS node workers security group. 13 | > This group can be found in the EKS control panel under networking (Additional Security Groups). 14 | 15 | Copy and paste its filesystemId to values.yaml file under aws 16 | 17 | >You may need to create the needed security policy between EKS and EFS. 18 | 19 | Run these commands to set up the needed Trust Policy and Role needed to access EFS from EKS. 20 | 21 | Setup your cluster name 22 | ``` 23 | export cluster_name={YOUR_CLUSTER_NAME} 24 | export role_name=AmazonEKS_EFS_CSI_DriverRole 25 | ``` 26 | Create an IAM Service Account for EFS-CSI-controller 27 | ``` 28 | eksctl create iamserviceaccount \ 29 | --name efs-csi-controller-sa \ 30 | --namespace kube-system \ 31 | --cluster $cluster_name \ 32 | --role-name $role_name \ 33 | --profile hubs-ce \ 34 | --role-only \ 35 | --attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEFSCSIDriverPolicy \ 36 | --approve 37 | ``` 38 | Get and update the trust policy for this new role. 39 | 40 | ``` 41 | TRUST_POLICY=$(aws iam get-role --role-name $role_name --query 'Role.AssumeRolePolicyDocument' | \ 42 | sed -e 's/efs-csi-controller-sa/efs-csi-*/' -e 's/StringEquals/StringLike/') 43 | 44 | aws iam update-assume-role-policy --role-name $role_name --policy-document "$TRUST_POLICY" 45 | ``` 46 | 47 | Now we need to grab the OIDC id from the below command: 48 | ``` 49 | aws eks describe-cluster --name $cluster_name --query "cluster.identity.oidc.issuer" --output text 50 | ``` 51 | 52 | The output should look like this: https://oidc.eks.us-east-1.amazonaws.com/id/0CXXXXXXXXXXXXXXXXXXXXX 53 | 54 | Copy the id after the slash and add it to the default-aws-efs-csi-driver-trust-policy.json 55 | Now create and attach the role with awscli: 56 | ``` 57 | aws iam create-role \ 58 | --role-name AmazonEKS_EFS_CSI_DriverRole \ 59 | --assume-role-policy-document file://"default-aws-efs-csi-driver-trust-policy.json" 60 | 61 | aws iam attach-role-policy \ 62 | --policy-arn arn:aws:iam::aws:policy/service-role/AmazonEFSCSIDriverPolicy \ 63 | --role-name AmazonEKS_EFS_CSI_DriverRole 64 | ``` 65 | 66 | Once upgraded, Reticulum and Postgres (pgsql) will use a static Persistent Volume Claims and Persistent Volumes with an EFS backend to share their storage directories across pods. Restarting the reticulum pod(s) should no longer cause data loss but can't guarantee that. Use at your own risk! 67 | 68 | Now go update your values.yaml to enable EFS (values.aws.yaml), and upgrade helm and you are good to go! -------------------------------------------------------------------------------- /values.aws.yaml: -------------------------------------------------------------------------------- 1 | # Default values for hubs-ce. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | global: 6 | domain: &HUBS_DOMAIN "{YOUR_HUBS_DOMAIN}" 7 | adminEmail: &ADMINEMAIL "{ADMIN_EMAIL_ADDRESS}" 8 | aws: 9 | efs: 10 | enabled: true 11 | isDynamicProvisioning: false 12 | fileSystemId: fs-000000000000 13 | gcp: 14 | persistent: 15 | enabled: false 16 | storage: 50Gi 17 | volumeHandle: "modeInstance/FILESTORE_INSTANCE_LOCATION/FILESTORE_INSTANCE_NAME/FILESTORE_SHARE_NAME" 18 | volumeAttributes: 19 | ip: FILESTORE_INSTANCE_IP 20 | volumeName: FILESTORE_SHARE_NAME 21 | replicaCount: 1 22 | # namespace: hcce 23 | 24 | image: 25 | repository: mozillareality/hubs 26 | pullPolicy: IfNotPresent 27 | # Overrides the image tag whose default is the chart appVersion. 28 | tag: "stable-latest" 29 | 30 | annotations: 31 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 32 | 33 | strategy: 34 | type: RollingUpdate 35 | rollingUpdate: 36 | maxUnavailable: 0 37 | maxSurge: 1 38 | 39 | certs: 40 | enabled: true 41 | 42 | env: 43 | - name: turkeyCfg_thumbnail_server 44 | value: cors.{{ .Values.global.domain }}/nearspark 45 | - name: turkeyCfg_tier 46 | value: p1 47 | 48 | imagePullSecrets: [] 49 | nameOverride: "" 50 | fullnameOverride: "" 51 | 52 | serviceAccount: 53 | # Specifies whether a service account should be created 54 | create: true 55 | # Annotations to add to the service account 56 | annotations: {} 57 | # The name of the service account to use. 58 | # If not set and create is true, a name is generated using the fullname template 59 | name: "" 60 | 61 | podAnnotations: {} 62 | 63 | podSecurityContext: 64 | {} 65 | # fsGroup: 2000 66 | 67 | securityContext: 68 | {} 69 | # capabilities: 70 | # drop: 71 | # - ALL 72 | # readOnlyRootFilesystem: true 73 | # runAsNonRoot: true 74 | # runAsUser: 1000 75 | 76 | service: 77 | type: ClusterIP 78 | port: 8080 79 | 80 | ingress: 81 | enabled: true 82 | annotations: 83 | kubernetes.io/ingress.class: haproxy 84 | # kubernetes.io/ingress.class: nginx 85 | # kubernetes.io/tls-acme: "true" 86 | 87 | resources: 88 | {} 89 | # We usually recommend not to specify default resources and to leave this as a conscious 90 | # choice for the user. This also increases chances charts run on environments with little 91 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 92 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 93 | # limits: 94 | # cpu: 100m 95 | # memory: 128Mi 96 | # requests: 97 | # cpu: 100m 98 | # memory: 128Mi 99 | 100 | autoscaling: 101 | enabled: false 102 | minReplicas: 1 103 | maxReplicas: 100 104 | targetCPUUtilizationPercentage: 80 105 | # targetMemoryUtilizationPercentage: 80 106 | 107 | nodeSelector: {} 108 | 109 | tolerations: [] 110 | 111 | affinity: {} 112 | 113 | ns: 114 | enabled: false 115 | name: hcce 116 | 117 | configs: 118 | enabled: true 119 | # The name of the configmap to use 120 | name: configs 121 | # The key of the configmap to use 122 | data: 123 | HUB_DOMAIN: *HUBS_DOMAIN 124 | ADM_EMAIL: *ADMINEMAIL 125 | # Get the following from render_helm.sh 126 | DB_USER: "{run render_helm.sh}" 127 | DB_PASS: "{run render_helm.sh}" 128 | DB_NAME: "{run render_helm.sh}" 129 | DB_HOST: "{run render_helm.sh}" 130 | DB_HOST_T: "{run render_helm.sh}" 131 | PGRST_DB_URI: "{run render_helm.sh}" 132 | PSQL: "{run render_helm.sh}" 133 | SMTP_SERVER: "{run render_helm.sh}" 134 | SMTP_PORT: "{run render_helm.sh}" 135 | SMTP_USER: "{run render_helm.sh}" 136 | SMTP_PASS: "{run render_helm.sh}" 137 | NODE_COOKIE: "{run render_helm.sh}" 138 | GUARDIAN_KEY: "{run render_helm.sh}" 139 | PHX_KEY: "{run render_helm.sh}" 140 | SKETCHFAB_API_KEY: "{run render_helm.sh}" 141 | TENOR_API_KEY: "{run render_helm.sh}" 142 | PERMS_KEY: "{run render_helm.sh}" 143 | PGRST_JWT_SECRET: "{run render_helm.sh}" 144 | 145 | defaultCert: 146 | enabled: true 147 | name: cert-hcce 148 | data: 149 | tls.crt: "{run render_helm.sh}" 150 | tls.key: "{run render_helm.sh}" 151 | -------------------------------------------------------------------------------- /values.gcp.yaml: -------------------------------------------------------------------------------- 1 | # Default values for hubs-ce. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | global: 6 | domain: &HUBS_DOMAIN "{YOUR_HUBS_DOMAIN}" 7 | adminEmail: &ADMINEMAIL "{ADMIN_EMAIL_ADDRESS}" 8 | gcp: 9 | persistent: 10 | enabled: true 11 | storage: 50Gi 12 | volumeHandle: "modeInstance/FILESTORE_INSTANCE_LOCATION/FILESTORE_INSTANCE_NAME/FILESTORE_SHARE_NAME" 13 | volumeAttributes: 14 | ip: FILESTORE_INSTANCE_IP 15 | volumeName: FILESTORE_SHARE_NAME 16 | aws: 17 | efs: 18 | enabled: false 19 | isDynamicProvisioning: false 20 | fileSystemId: fs-000000000000 21 | 22 | replicaCount: 1 23 | # namespace: hcce 24 | 25 | image: 26 | repository: mozillareality/hubs 27 | pullPolicy: IfNotPresent 28 | # Overrides the image tag whose default is the chart appVersion. 29 | tag: "stable-latest" 30 | 31 | annotations: 32 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 33 | 34 | strategy: 35 | type: RollingUpdate 36 | rollingUpdate: 37 | maxUnavailable: 0 38 | maxSurge: 1 39 | 40 | certs: 41 | enabled: true 42 | 43 | env: 44 | - name: turkeyCfg_thumbnail_server 45 | value: cors.{{ .Values.global.domain }}/nearspark 46 | - name: turkeyCfg_tier 47 | value: p1 48 | 49 | imagePullSecrets: [] 50 | nameOverride: "" 51 | fullnameOverride: "" 52 | 53 | serviceAccount: 54 | # Specifies whether a service account should be created 55 | create: true 56 | # Annotations to add to the service account 57 | annotations: {} 58 | # The name of the service account to use. 59 | # If not set and create is true, a name is generated using the fullname template 60 | name: "" 61 | 62 | podAnnotations: {} 63 | 64 | podSecurityContext: 65 | {} 66 | # fsGroup: 2000 67 | 68 | securityContext: 69 | {} 70 | # capabilities: 71 | # drop: 72 | # - ALL 73 | # readOnlyRootFilesystem: true 74 | # runAsNonRoot: true 75 | # runAsUser: 1000 76 | 77 | service: 78 | type: ClusterIP 79 | port: 8080 80 | 81 | ingress: 82 | enabled: true 83 | annotations: 84 | kubernetes.io/ingress.class: haproxy 85 | # kubernetes.io/ingress.class: nginx 86 | # kubernetes.io/tls-acme: "true" 87 | 88 | resources: 89 | {} 90 | # We usually recommend not to specify default resources and to leave this as a conscious 91 | # choice for the user. This also increases chances charts run on environments with little 92 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 93 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 94 | # limits: 95 | # cpu: 100m 96 | # memory: 128Mi 97 | # requests: 98 | # cpu: 100m 99 | # memory: 128Mi 100 | 101 | autoscaling: 102 | enabled: false 103 | minReplicas: 1 104 | maxReplicas: 100 105 | targetCPUUtilizationPercentage: 80 106 | # targetMemoryUtilizationPercentage: 80 107 | 108 | nodeSelector: {} 109 | 110 | tolerations: [] 111 | 112 | affinity: {} 113 | 114 | ns: 115 | enabled: false 116 | name: hcce 117 | 118 | configs: 119 | enabled: true 120 | # The name of the configmap to use 121 | name: configs 122 | # The key of the configmap to use 123 | data: 124 | HUB_DOMAIN: *HUBS_DOMAIN 125 | ADM_EMAIL: *ADMINEMAIL 126 | # Get the following from render_helm.sh 127 | DB_USER: "{run render_helm.sh}" 128 | DB_PASS: "{run render_helm.sh}" 129 | DB_NAME: "{run render_helm.sh}" 130 | DB_HOST: "{run render_helm.sh}" 131 | DB_HOST_T: "{run render_helm.sh}" 132 | PGRST_DB_URI: "{run render_helm.sh}" 133 | PSQL: "{run render_helm.sh}" 134 | SMTP_SERVER: "{run render_helm.sh}" 135 | SMTP_PORT: "{run render_helm.sh}" 136 | SMTP_USER: "{run render_helm.sh}" 137 | SMTP_PASS: "{run render_helm.sh}" 138 | NODE_COOKIE: "{run render_helm.sh}" 139 | GUARDIAN_KEY: "{run render_helm.sh}" 140 | PHX_KEY: "{run render_helm.sh}" 141 | SKETCHFAB_API_KEY: "{run render_helm.sh}" 142 | TENOR_API_KEY: "{run render_helm.sh}" 143 | PERMS_KEY: "{run render_helm.sh}" 144 | PGRST_JWT_SECRET: "{run render_helm.sh}" 145 | 146 | defaultCert: 147 | enabled: true 148 | name: cert-hcce 149 | data: 150 | tls.crt: "{run render_helm.sh}" 151 | tls.key: "{run render_helm.sh}" 152 | -------------------------------------------------------------------------------- /values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for hubs-ce. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | global: 6 | domain: &HUBS_DOMAIN "{YOUR_HUBS_DOMAIN}" 7 | adminEmail: &ADMINEMAIL "{ADMIN_EMAIL_ADDRESS}" 8 | gcp: 9 | persistent: 10 | enabled: false 11 | storage: 50Gi 12 | volumeHandle: "modeInstance/FILESTORE_INSTANCE_LOCATION/FILESTORE_INSTANCE_NAME/FILESTORE_SHARE_NAME" 13 | volumeAttributes: 14 | ip: FILESTORE_INSTANCE_IP 15 | volumeName: FILESTORE_SHARE_NAME 16 | aws: 17 | efs: 18 | enabled: false 19 | isDynamicProvisioning: false 20 | fileSystemId: fs-000000000000 21 | 22 | replicaCount: 1 23 | # namespace: hcce 24 | 25 | image: 26 | repository: mozillareality/hubs 27 | pullPolicy: IfNotPresent 28 | # Overrides the image tag whose default is the chart appVersion. 29 | tag: "stable-latest" 30 | 31 | annotations: 32 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 33 | 34 | strategy: 35 | type: RollingUpdate 36 | rollingUpdate: 37 | maxUnavailable: 0 38 | maxSurge: 1 39 | 40 | certs: 41 | enabled: true 42 | 43 | env: 44 | - name: turkeyCfg_thumbnail_server 45 | value: cors.{{ .Values.global.domain }}/nearspark 46 | - name: turkeyCfg_tier 47 | value: p1 48 | 49 | imagePullSecrets: [] 50 | nameOverride: "" 51 | fullnameOverride: "" 52 | 53 | serviceAccount: 54 | # Specifies whether a service account should be created 55 | create: true 56 | # Annotations to add to the service account 57 | annotations: {} 58 | # The name of the service account to use. 59 | # If not set and create is true, a name is generated using the fullname template 60 | name: "" 61 | 62 | podAnnotations: {} 63 | 64 | podSecurityContext: 65 | {} 66 | # fsGroup: 2000 67 | 68 | securityContext: 69 | {} 70 | # capabilities: 71 | # drop: 72 | # - ALL 73 | # readOnlyRootFilesystem: true 74 | # runAsNonRoot: true 75 | # runAsUser: 1000 76 | 77 | service: 78 | type: ClusterIP 79 | port: 8080 80 | 81 | ingress: 82 | enabled: true 83 | annotations: 84 | kubernetes.io/ingress.class: haproxy 85 | # kubernetes.io/ingress.class: nginx 86 | # kubernetes.io/tls-acme: "true" 87 | 88 | resources: 89 | {} 90 | # We usually recommend not to specify default resources and to leave this as a conscious 91 | # choice for the user. This also increases chances charts run on environments with little 92 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 93 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 94 | # limits: 95 | # cpu: 100m 96 | # memory: 128Mi 97 | # requests: 98 | # cpu: 100m 99 | # memory: 128Mi 100 | 101 | autoscaling: 102 | enabled: false 103 | minReplicas: 1 104 | maxReplicas: 100 105 | targetCPUUtilizationPercentage: 80 106 | # targetMemoryUtilizationPercentage: 80 107 | 108 | nodeSelector: {} 109 | 110 | tolerations: [] 111 | 112 | affinity: {} 113 | 114 | ns: 115 | enabled: false 116 | name: hcce 117 | 118 | configs: 119 | enabled: true 120 | # The name of the configmap to use 121 | name: configs 122 | # The key of the configmap to use 123 | data: 124 | HUB_DOMAIN: *HUBS_DOMAIN 125 | ADM_EMAIL: *ADMINEMAIL 126 | # Get the following from render_helm.sh 127 | DB_USER: "{run render_helm.sh}" 128 | DB_PASS: "{run render_helm.sh}" 129 | DB_NAME: "{run render_helm.sh}" 130 | DB_HOST: "{run render_helm.sh}" 131 | DB_HOST_T: "{run render_helm.sh}" 132 | PGRST_DB_URI: "{run render_helm.sh}" 133 | PSQL: "{run render_helm.sh}" 134 | SMTP_SERVER: "{run render_helm.sh}" 135 | SMTP_PORT: "{run render_helm.sh}" 136 | SMTP_USER: "{run render_helm.sh}" 137 | SMTP_PASS: "{run render_helm.sh}" 138 | NODE_COOKIE: "{run render_helm.sh}" 139 | GUARDIAN_KEY: "{run render_helm.sh}" 140 | PHX_KEY: "{run render_helm.sh}" 141 | SKETCHFAB_API_KEY: "{run render_helm.sh}" 142 | TENOR_API_KEY: "{run render_helm.sh}" 143 | PERMS_KEY: "{run render_helm.sh}" 144 | PGRST_JWT_SECRET: "{run render_helm.sh}" 145 | 146 | defaultCert: 147 | enabled: true 148 | name: cert-hcce 149 | data: 150 | tls.crt: "{run render_helm.sh}" 151 | tls.key: "{run render_helm.sh}" 152 | -------------------------------------------------------------------------------- /charts/haproxy/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for haproxy. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: haproxytech/kubernetes-ingress 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "1.8.5@sha256:09b59bc272e3aec5ca5b706774ed788c4bb4f184bb1d7ab99660a2b7773b0668" 12 | 13 | env: 14 | - name: TZ 15 | value: "Etc/UTC" 16 | 17 | imagePullSecrets: [] 18 | nameOverride: "" 19 | fullnameOverride: "" 20 | 21 | terminationGracePeriodSeconds: 60 22 | 23 | serviceAccount: 24 | # Specifies whether a service account should be created 25 | create: true 26 | # Annotations to add to the service account 27 | annotations: {} 28 | # The name of the service account to use. 29 | # If not set and create is true, a name is generated using the fullname template 30 | name: "haproxy-sa" 31 | 32 | LoadBalancer: 33 | enabled: true 34 | type: LoadBalancer 35 | # If true, haproxy will be annotated with the external IP address(es) of the ingress controller 36 | spec: 37 | ports: 38 | - name: http 39 | port: 80 40 | targetPort: 8080 41 | - name: https 42 | port: 443 43 | targetPort: 4443 44 | - name: dialog 45 | port: 4443 46 | targetPort: 4443 47 | - name: turn 48 | port: 5349 49 | targetPort: 5349 50 | 51 | clusterRole: 52 | # Specifies whether a service account should be created 53 | create: true 54 | # Annotations to add to the service account 55 | annotations: {} 56 | # The name of the service account to use. 57 | # If not set and create is true, a name is generated using the fullname template 58 | name: "haproxy-cr" 59 | rules: 60 | - apiGroups: 61 | - "" 62 | resources: 63 | - configmaps 64 | - nodes 65 | - pods 66 | - namespaces 67 | - events 68 | - serviceaccounts 69 | - services 70 | - endpoints 71 | verbs: 72 | - get 73 | - list 74 | - watch 75 | - apiGroups: 76 | - "extensions" 77 | - "networking.k8s.io" 78 | resources: 79 | - ingresses 80 | - ingresses/status 81 | - ingressclasses 82 | verbs: 83 | - get 84 | - list 85 | - watch 86 | - apiGroups: 87 | - "extensions" 88 | - "networking.k8s.io" 89 | resources: 90 | - ingresses/status 91 | verbs: 92 | - update 93 | - apiGroups: 94 | - "" 95 | resources: 96 | - secrets 97 | verbs: 98 | - get 99 | - list 100 | - watch 101 | - create 102 | - patch 103 | - update 104 | - apiGroups: 105 | - core.haproxy.org 106 | resources: 107 | - "*" 108 | verbs: 109 | - get 110 | - list 111 | - watch 112 | - update 113 | - apiGroups: 114 | - "discovery.k8s.io" 115 | resources: 116 | - "*" 117 | verbs: 118 | - get 119 | - list 120 | - watch 121 | 122 | clusterRoleBinding: 123 | # Specifies whether a service account should be created 124 | create: true 125 | # Annotations to add to the service account 126 | annotations: {} 127 | # The name of the service account to use. 128 | # If not set and create is true, a name is generated using the fullname template 129 | name: "haproxy-rb" 130 | 131 | podAnnotations: {} 132 | 133 | podSecurityContext: 134 | {} 135 | # fsGroup: 2000 136 | 137 | securityContext: 138 | runAsUser: 1000 139 | runAsGroup: 1000 140 | capabilities: 141 | drop: 142 | - ALL 143 | add: 144 | - NET_BIND_SERVICE 145 | 146 | service: 147 | type: ClusterIP 148 | port: 80 149 | 150 | ingress: 151 | enabled: false 152 | annotations: 153 | {} 154 | # kubernetes.io/ingress.class: nginx 155 | # kubernetes.io/tls-acme: "true" 156 | hosts: 157 | - host: chart-example.local 158 | paths: [] 159 | tls: [] 160 | # - secretName: chart-example-tls 161 | # hosts: 162 | # - chart-example.local 163 | 164 | resources: 165 | requests: 166 | memory: 1Gi 167 | cpu: 0.5 168 | limits: 169 | memory: 2Gi 170 | cpu: 1 171 | # We usually recommend not to specify default resources and to leave this as a conscious 172 | # choice for the user. This also increases chances charts run on environments with little 173 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 174 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 175 | # limits: 176 | # cpu: 100m 177 | # memory: 128Mi 178 | # requests: 179 | # cpu: 100m 180 | # memory: 128Mi 181 | 182 | autoscaling: 183 | enabled: false 184 | minReplicas: 1 185 | maxReplicas: 100 186 | targetCPUUtilizationPercentage: 80 187 | # targetMemoryUtilizationPercentage: 80 188 | 189 | nodeSelector: {} 190 | 191 | tolerations: [] 192 | 193 | affinity: {} 194 | 195 | # ConfigMaps 196 | config: 197 | enabled: true 198 | data: 199 | global-config-snippet: | 200 | tune.bufsize 33792 201 | backend-config-snippet: | 202 | option forwardfor 203 | option http-pretend-keepalive 204 | ssl-redirect: "true" 205 | timeout-client: 30m 206 | timeout-client-fin: 1h 207 | timeout-server: 30m 208 | timeout-server-fin: 1h 209 | timeout-connect: 3s 210 | #access logging -- can be enabled at runtime 211 | syslog-server: "address:stdout, format: raw, facility:daemon" 212 | 213 | configTCP: 214 | enabled: true -------------------------------------------------------------------------------- /values.scale.yaml: -------------------------------------------------------------------------------- 1 | # Default values for hubs-ce. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | global: 6 | domain: &HUBS_DOMAIN "{YOUR_HUBS_DOMAIN}" 7 | adminEmail: &ADMINEMAIL "{ADMIN_EMAIL_ADDRESS}" 8 | gcp: 9 | persistent: 10 | enabled: false 11 | storage: 50Gi 12 | volumeHandle: "modeInstance/FILESTORE_INSTANCE_LOCATION/FILESTORE_INSTANCE_NAME/FILESTORE_SHARE_NAME" 13 | volumeAttributes: 14 | ip: FILESTORE_INSTANCE_IP 15 | volumeName: FILESTORE_SHARE_NAME 16 | aws: 17 | efs: 18 | enabled: false 19 | isDynamicProvisioning: false 20 | fileSystemId: fs-000000000000 21 | 22 | replicaCount: 1 23 | # namespace: hcce 24 | 25 | image: 26 | repository: mozillareality/hubs 27 | pullPolicy: IfNotPresent 28 | # Overrides the image tag whose default is the chart appVersion. 29 | tag: "stable-latest" 30 | 31 | annotations: 32 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 33 | 34 | strategy: 35 | type: RollingUpdate 36 | rollingUpdate: 37 | maxUnavailable: 0 38 | maxSurge: 1 39 | 40 | certs: 41 | enabled: true 42 | 43 | env: 44 | - name: turkeyCfg_thumbnail_server 45 | value: cors.{{ .Values.global.domain }}/nearspark 46 | - name: turkeyCfg_tier 47 | value: p1 48 | 49 | imagePullSecrets: [] 50 | nameOverride: "" 51 | fullnameOverride: "" 52 | 53 | serviceAccount: 54 | # Specifies whether a service account should be created 55 | create: true 56 | # Annotations to add to the service account 57 | annotations: {} 58 | # The name of the service account to use. 59 | # If not set and create is true, a name is generated using the fullname template 60 | name: "" 61 | 62 | podAnnotations: {} 63 | 64 | podSecurityContext: 65 | {} 66 | # fsGroup: 2000 67 | 68 | securityContext: 69 | {} 70 | # capabilities: 71 | # drop: 72 | # - ALL 73 | # readOnlyRootFilesystem: true 74 | # runAsNonRoot: true 75 | # runAsUser: 1000 76 | 77 | service: 78 | type: ClusterIP 79 | port: 8080 80 | 81 | ingress: 82 | enabled: true 83 | annotations: 84 | {} 85 | # kubernetes.io/ingress.class: nginx 86 | # kubernetes.io/tls-acme: "true" 87 | 88 | resources: 89 | limits: 90 | cpu: 500m 91 | memory: 512Mi 92 | requests: 93 | cpu: 250m 94 | memory: 256Mi 95 | 96 | autoscaling: 97 | enabled: true 98 | minReplicas: 2 99 | maxReplicas: 5 100 | targetCPUUtilizationPercentage: 80 101 | # targetMemoryUtilizationPercentage: 80 102 | 103 | nodeSelector: {} 104 | 105 | tolerations: [] 106 | 107 | affinity: {} 108 | 109 | configs: 110 | enabled: true 111 | # The name of the configmap to use 112 | name: configs 113 | # The key of the configmap to use 114 | data: 115 | HUB_DOMAIN: *HUBS_DOMAIN 116 | ADM_EMAIL: *ADMINEMAIL 117 | # Get the following from render_helm.sh 118 | DB_USER: "{run render_helm.sh}" 119 | DB_PASS: "{run render_helm.sh}" 120 | DB_NAME: "{run render_helm.sh}" 121 | DB_HOST: "{run render_helm.sh}" 122 | DB_HOST_T: "{run render_helm.sh}" 123 | PGRST_DB_URI: "{run render_helm.sh}" 124 | PSQL: "{run render_helm.sh}" 125 | SMTP_SERVER: "{run render_helm.sh}" 126 | SMTP_PORT: "{run render_helm.sh}" 127 | SMTP_USER: "{run render_helm.sh}" 128 | SMTP_PASS: "{run render_helm.sh}" 129 | NODE_COOKIE: "{run render_helm.sh}" 130 | GUARDIAN_KEY: "{run render_helm.sh}" 131 | PHX_KEY: "{run render_helm.sh}" 132 | SKETCHFAB_API_KEY: "{run render_helm.sh}" 133 | TENOR_API_KEY: "{run render_helm.sh}" 134 | PERMS_KEY: "{run render_helm.sh}" 135 | PGRST_JWT_SECRET: "{run render_helm.sh}" 136 | 137 | defaultCert: 138 | enabled: false 139 | name: cert-hcce 140 | data: 141 | tls.crt: "{run render_helm.sh}" 142 | tls.key: "{run render_helm.sh}" 143 | 144 | ns: 145 | enabled: false 146 | name: ns-hcce 147 | 148 | cert-manager: #defined by either the name or alias of your dependency in Chart.yaml 149 | enabled: true 150 | namespace: security 151 | 152 | 153 | ## Setup scale and resources for event! 154 | haproxy: 155 | resources: 156 | limits: 157 | cpu: 2000m 158 | memory: 2Gi 159 | requests: 160 | cpu: 500m 161 | memory: 512Mi 162 | 163 | autoscaling: 164 | enabled: true 165 | minReplicas: 2 166 | maxReplicas: 5 167 | targetCPUUtilizationPercentage: 80 168 | # targetMemoryUtilizationPercentage: 80 169 | 170 | dialog: 171 | resources: 172 | limits: 173 | cpu: 1000m 174 | memory: 2Gi 175 | requests: 176 | cpu: 500m 177 | memory: 512Mi 178 | 179 | autoscaling: 180 | enabled: true 181 | minReplicas: 2 182 | maxReplicas: 5 183 | targetCPUUtilizationPercentage: 80 184 | # targetMemoryUtilizationPercentage: 80 185 | 186 | reticulum: 187 | resources: 188 | limits: 189 | cpu: 2000m 190 | memory: 4Gi 191 | requests: 192 | cpu: 500m 193 | memory: 512Mi 194 | 195 | autoscaling: 196 | enabled: true 197 | minReplicas: 2 198 | maxReplicas: 5 199 | targetCPUUtilizationPercentage: 80 200 | # targetMemoryUtilizationPercentage: 80 201 | 202 | pgbouncer: 203 | resources: 204 | limits: 205 | cpu: 1000m 206 | memory: 1Gi 207 | requests: 208 | cpu: 500m 209 | memory: 512Mi 210 | 211 | autoscaling: 212 | enabled: true 213 | minReplicas: 2 214 | maxReplicas: 5 215 | targetCPUUtilizationPercentage: 80 216 | # targetMemoryUtilizationPercentage: 80 217 | 218 | pgbouncer-t: 219 | resources: 220 | limits: 221 | cpu: 1000m 222 | memory: 1Gi 223 | requests: 224 | cpu: 500m 225 | memory: 512Mi 226 | 227 | autoscaling: 228 | enabled: true 229 | minReplicas: 2 230 | maxReplicas: 5 231 | targetCPUUtilizationPercentage: 80 232 | # targetMemoryUtilizationPercentage: 80 233 | 234 | coturn: 235 | resources: 236 | limits: 237 | cpu: 500m 238 | memory: 512Mi 239 | requests: 240 | cpu: 250m 241 | memory: 256Mi 242 | 243 | autoscaling: 244 | enabled: true 245 | minReplicas: 2 246 | maxReplicas: 5 247 | targetCPUUtilizationPercentage: 80 248 | # targetMemoryUtilizationPercentage: 80 -------------------------------------------------------------------------------- /charts/reticulum/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ include "reticulum.fullname" . }} 5 | labels: 6 | {{- include "reticulum.labels" . | nindent 4 }} 7 | {{- with .Values.annotations }} 8 | annotations: 9 | {{- toYaml . | nindent 4 }} 10 | {{- end }} 11 | spec: 12 | {{- if not .Values.autoscaling.enabled }} 13 | replicas: {{ .Values.replicaCount }} 14 | {{- end }} 15 | minReadySeconds: 15 16 | strategy: 17 | type: RollingUpdate 18 | rollingUpdate: 19 | maxUnavailable: 0 20 | maxSurge: 1 21 | selector: 22 | matchLabels: 23 | {{- include "reticulum.selectorLabels" . | nindent 6 }} 24 | revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} 25 | template: 26 | metadata: 27 | {{- with .Values.podAnnotations }} 28 | annotations: 29 | {{- toYaml . | nindent 8 }} 30 | {{- end }} 31 | labels: 32 | {{- include "reticulum.selectorLabels" . | nindent 8 }} 33 | spec: 34 | {{- with .Values.imagePullSecrets }} 35 | imagePullSecrets: 36 | {{- toYaml . | nindent 8 }} 37 | {{- end }} 38 | serviceAccountName: {{ include "reticulum.serviceAccountName" . }} 39 | securityContext: 40 | {{- toYaml .Values.podSecurityContext | nindent 8 }} 41 | volumes: 42 | - name: storage 43 | {{- if .Values.global.aws.efs.enabled }} 44 | persistentVolumeClaim: 45 | claimName: {{ include "reticulum.fullname" . }}-efs-claim 46 | {{- else }} 47 | hostPath: 48 | path: /tmp/ret_storage_data 49 | type: DirectoryOrCreate 50 | {{- end }} 51 | - name: config 52 | configMap: 53 | name: ret-config 54 | containers: 55 | - name: {{ .Chart.Name }} 56 | securityContext: 57 | {{- toYaml .Values.securityContext | nindent 12 }} 58 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" 59 | imagePullPolicy: {{ .Values.image.pullPolicy }} 60 | ports: 61 | - containerPort: 9100 62 | livenessProbe: 63 | httpGet: 64 | path: /health 65 | port: 4001 66 | scheme: HTTP 67 | initialDelaySeconds: 30 68 | timeoutSeconds: 3 69 | periodSeconds: 30 70 | readinessProbe: 71 | initialDelaySeconds: 20 72 | httpGet: 73 | path: /?skipadmin 74 | port: 4001 75 | scheme: HTTP 76 | timeoutSeconds: 5 77 | periodSeconds: 5 78 | successThreshold: 5 79 | failureThreshold: 100 80 | resources: 81 | {{- toYaml .Values.resources | nindent 12 }} 82 | volumeMounts: 83 | {{- toYaml .Values.volumeMounts | nindent 12 }} 84 | env: 85 | - name: POD_IP 86 | valueFrom: 87 | fieldRef: 88 | fieldPath: status.podIP 89 | - name: POD_NAME 90 | valueFrom: 91 | fieldRef: 92 | fieldPath: metadata.name 93 | - name: turkeyCfg_POD_NS 94 | valueFrom: 95 | fieldRef: 96 | fieldPath: metadata.namespace 97 | - name: turkeyCfg_NODE_COOKIE 98 | valueFrom: 99 | secretKeyRef: 100 | name: configs 101 | key: NODE_COOKIE 102 | - name: turkeyCfg_HUB_DOMAIN 103 | valueFrom: 104 | secretKeyRef: 105 | name: configs 106 | key: HUB_DOMAIN 107 | - name: turkeyCfg_DOMAIN 108 | valueFrom: 109 | secretKeyRef: 110 | name: configs 111 | key: HUB_DOMAIN 112 | - name: turkeyCfg_DB_USER 113 | valueFrom: 114 | secretKeyRef: 115 | name: configs 116 | key: DB_USER 117 | - name: turkeyCfg_DB_PASS 118 | valueFrom: 119 | secretKeyRef: 120 | name: configs 121 | key: DB_PASS 122 | - name: turkeyCfg_DB_NAME 123 | valueFrom: 124 | secretKeyRef: 125 | name: configs 126 | key: DB_NAME 127 | - name: turkeyCfg_DB_HOST 128 | valueFrom: 129 | secretKeyRef: 130 | name: configs 131 | key: DB_HOST 132 | - name: turkeyCfg_DB_HOST_T 133 | valueFrom: 134 | secretKeyRef: 135 | name: configs 136 | key: DB_HOST_T 137 | - name: turkeyCfg_GUARDIAN_KEY 138 | valueFrom: 139 | secretKeyRef: 140 | name: configs 141 | key: GUARDIAN_KEY 142 | - name: turkeyCfg_PERMS_KEY 143 | valueFrom: 144 | secretKeyRef: 145 | name: configs 146 | key: PERMS_KEY 147 | - name: turkeyCfg_PHX_KEY 148 | valueFrom: 149 | secretKeyRef: 150 | name: configs 151 | key: PHX_KEY 152 | - name: turkeyCfg_SMTP_SERVER 153 | valueFrom: 154 | secretKeyRef: 155 | name: configs 156 | key: SMTP_SERVER 157 | - name: turkeyCfg_SMTP_PORT 158 | valueFrom: 159 | secretKeyRef: 160 | name: configs 161 | key: SMTP_PORT 162 | - name: turkeyCfg_SMTP_USER 163 | valueFrom: 164 | secretKeyRef: 165 | name: configs 166 | key: SMTP_USER 167 | - name: turkeyCfg_SMTP_PASS 168 | valueFrom: 169 | secretKeyRef: 170 | name: configs 171 | key: SMTP_PASS 172 | - name: turkeyCfg_ADM_EMAIL 173 | valueFrom: 174 | secretKeyRef: 175 | name: configs 176 | key: ADM_EMAIL 177 | - name: turkeyCfg_SKETCHFAB_API_KEY 178 | valueFrom: 179 | secretKeyRef: 180 | name: configs 181 | key: SKETCHFAB_API_KEY 182 | - name: turkeyCfg_IMG_PROXY 183 | value: nearspark.{{ .Release.Namespace }}. 184 | - name: turkeyCfg_TENOR_API_KEY 185 | valueFrom: 186 | secretKeyRef: 187 | name: configs 188 | key: TENOR_API_KEY 189 | - name: turkeyCfg_YTDL_HOST 190 | value: "https://hubs-ytdl-fsu7tyt32a-uc.a.run.app" 191 | - name: turkeyCfg_PHOTOMNEMONIC 192 | value: "http://photomnemonic:5000" 193 | - name: turkeyCfg_SPEELYCAPTOR 194 | value: "http://speelycaptor:5000" 195 | - name: turkeyCfg_STORAGE_QUOTA_GB 196 | value: "1000" 197 | {{- if .Values.sidecar.enabled }} 198 | - name: {{ .Values.sidecar.name }} 199 | image: {{ .Values.sidecar.image }} 200 | ports: 201 | {{ toYaml .Values.sidecar.ports | nindent 12 }} 202 | env: 203 | {{ toYaml .Values.sidecar.env | nindent 12 }} 204 | {{- end }} 205 | 206 | {{- with .Values.nodeSelector }} 207 | nodeSelector: 208 | {{- toYaml . | nindent 8 }} 209 | {{- end }} 210 | {{- with .Values.affinity }} 211 | affinity: 212 | {{- toYaml . | nindent 8 }} 213 | {{- end }} 214 | {{- with .Values.tolerations }} 215 | tolerations: 216 | {{- toYaml . | nindent 8 }} 217 | {{- end }} 218 | -------------------------------------------------------------------------------- /charts/reticulum/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for reticulum. 2 | # This is a YAML-formatted file. 3 | # Declare variables to be passed into your templates. 4 | 5 | replicaCount: 1 6 | 7 | image: 8 | repository: mozillareality/ret 9 | pullPolicy: IfNotPresent 10 | # Overrides the image tag whose default is the chart appVersion. 11 | tag: "stable-798" 12 | 13 | ports: 14 | - containerPort: 9100 15 | 16 | annotations: 17 | cluster-autoscaler.kubernetes.io/safe-to-evict: "true" 18 | 19 | # env: 20 | 21 | 22 | revisionHistoryLimit: 1 23 | 24 | imagePullSecrets: [] 25 | nameOverride: "" 26 | fullnameOverride: "" 27 | 28 | serviceAccount: 29 | # Specifies whether a service account should be created 30 | create: true 31 | # Annotations to add to the service account 32 | annotations: {} 33 | # The name of the service account to use. 34 | # If not set and create is true, a name is generated using the fullname template 35 | name: "" 36 | 37 | podAnnotations: {} 38 | 39 | podSecurityContext: 40 | {} 41 | # fsGroup: 2000 42 | 43 | securityContext: 44 | privileged: true 45 | # capabilities: 46 | # drop: 47 | # - ALL 48 | # readOnlyRootFilesystem: true 49 | # runAsNonRoot: true 50 | # runAsUser: 1000 51 | 52 | service: 53 | type: ClusterIP 54 | port: 80 55 | 56 | ingress: 57 | enabled: true 58 | # annotations: 59 | # kubernetes.io/ingress.class: haproxy 60 | # haproxy.org/response-set-header: | 61 | # access-control-allow-origin "https://{{ .Values.global.domain }}" 62 | # haproxy.org/path-rewrite: /api-internal(.*) /_drop_ 63 | 64 | resources: 65 | {} 66 | # We usually recommend not to specify default resources and to leave this as a conscious 67 | # choice for the user. This also increases chances charts run on environments with little 68 | # resources, such as Minikube. If you do want to specify resources, uncomment the following 69 | # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 70 | # limits: 71 | # cpu: 100m 72 | # memory: 128Mi 73 | # requests: 74 | # cpu: 100m 75 | # memory: 128Mi 76 | 77 | autoscaling: 78 | enabled: false 79 | minReplicas: 1 80 | maxReplicas: 100 81 | targetCPUUtilizationPercentage: 80 82 | # targetMemoryUtilizationPercentage: 80 83 | strategy: 84 | type: RollingUpdate 85 | rollingUpdate: 86 | maxUnavailable: 0 87 | maxSurge: 1 88 | 89 | nodeSelector: {} 90 | 91 | tolerations: [] 92 | 93 | affinity: {} 94 | 95 | config: 96 | enabled: true 97 | name: ret-config 98 | data: 99 | config.toml.template: | 100 | [peerage] 101 | dns_name = "ret..svc.cluster.local" 102 | app_name = "ret" 103 | 104 | [ret."Elixir.Ret"] 105 | pool = "hubs" 106 | 107 | [ret."Elixir.RetWeb.Plugs.DashboardHeaderAuthorization"] 108 | dashboard_access_key = "" 109 | 110 | [ret."Elixir.Ret.DiscordClient"] 111 | client_id = "" 112 | client_secret = "" 113 | bot_token = "" 114 | 115 | [ret."Elixir.RetWeb.Endpoint".https] 116 | port = 4000 117 | certfile = "/ret/cert.pem" 118 | cacertfile = "/ret/cacert.pem" 119 | keyfile = "/ret/key.pem" 120 | 121 | [ret."Elixir.RetWeb.Endpoint"] 122 | allowed_origins = "*" 123 | secret_key_base = "" 124 | allow_crawlers = true 125 | 126 | [ret."Elixir.RetWeb.Endpoint".secondary_url] 127 | 128 | [ret."Elixir.RetWeb.Endpoint".cors_proxy_url] 129 | host = "cors." 130 | port = 443 131 | 132 | [ret."Elixir.RetWeb.Endpoint".imgproxy_url] 133 | host = "" 134 | port = 5000 135 | 136 | [ret."Elixir.RetWeb.Endpoint".assets_url] 137 | host = "assets." 138 | port = 443 139 | 140 | [ret."Elixir.RetWeb.Endpoint".link_url] 141 | host = "hubs-link.local" 142 | 143 | [ret."Elixir.RetWeb.Endpoint".url] 144 | host = "" 145 | port = 443 146 | 147 | [ret."Elixir.RetWeb.Endpoint".static_url] 148 | host = "" 149 | 150 | [ret."Elixir.Ret.Repo"] 151 | username = "" 152 | password = "" 153 | database = "" 154 | hostname = "" 155 | template = "template0" 156 | pool_size = 10 157 | port = 5432 158 | 159 | [ret."Elixir.Ret.SessionLockRepo"] 160 | username = "" 161 | password = "" 162 | database = "" 163 | hostname = "" 164 | template = "template0" 165 | 166 | port = 5432 167 | 168 | [ret."Elixir.Ret.Locking".session_lock_db] 169 | username = "" 170 | password = "" 171 | database = "" 172 | hostname = "" 173 | port = 5432 174 | 175 | [ret."Elixir.Ret.Habitat"] 176 | ip = "127.0.0.1" 177 | http_port = 9631 178 | 179 | [ret."Elixir.Ret.JanusLoadStatus"] 180 | default_janus_host = "stream." 181 | janus_service_name = "" 182 | janus_admin_secret = "" 183 | janus_admin_port = 7000 184 | janus_port = 4443 185 | 186 | [ret."Elixir.Ret.Guardian"] 187 | secret_key = "" 188 | issuer = "" 189 | 190 | [ret."Elixir.Ret.PermsToken"] 191 | perms_key = "" 192 | 193 | [ret."Elixir.Ret.OAuthToken"] 194 | oauth_token_key = "" 195 | 196 | [ret] 197 | bot_access_key = "" 198 | # pgrest_host = "" 199 | # ita_host = "" 200 | 201 | [ret."Elixir.Ret.MediaResolver"] 202 | ytdl_host = "" 203 | photomnemonic_endpoint = "" 204 | sketchfab_api_key = "" 205 | tenor_api_key = "" 206 | 207 | [ret."Elixir.Ret.Speelycaptor"] 208 | speelycaptor_endpoint = "" 209 | 210 | [ret."Elixir.Ret.PageOriginWarmer"] 211 | hubs_page_origin = "https://hubs.:8080/hubs/pages" 212 | spoke_page_origin = "https://spoke.:8080/spoke/pages" 213 | admin_page_origin = "https://hubs.:8080/hubs/pages" 214 | insecure_ssl = true 215 | 216 | [ret."Elixir.Ret.HttpUtils"] 217 | insecure_ssl = true 218 | 219 | [ret."Elixir.Ret.Storage"] 220 | storage_path = "/storage" 221 | ttl = 172800 222 | host = "https://" 223 | quota_gb = "" # example: "12" 224 | # ^^^ has to be string or elixir throws (ArgumentError) argument error:erlang.byte_size(#), but why 225 | 226 | [ret."Elixir.RetWeb.Email"] 227 | from = "noreply@" 228 | 229 | [ret."Elixir.Ret.Mailer"] 230 | server = "" 231 | port = "" 232 | username = "" 233 | password = "" 234 | 235 | [ret."Elixir.Ret.Support"] 236 | slack_webhook_url = "" 237 | 238 | [ret."Elixir.RetWeb.Plugs.AddCSP"] 239 | child_src = "" 240 | connect_src = "wss://*.stream.:4443" 241 | font_src = "" 242 | form_action = "" 243 | frame_src = "" 244 | img_src = "nearspark.reticulum.io" 245 | manifest_src = "" 246 | media_src = "" 247 | script_src = "" 248 | style_src = "" 249 | worker_src = "" 250 | 251 | [ret."Ret.Repo.Migrations.AdminSchemaInit"] 252 | postgrest_password = "" 253 | 254 | [ret."Elixir.Ret.StatsJob"] 255 | 256 | [ret."Elixir.RetWeb.HealthController"] 257 | 258 | [ret."Elixir.RetWeb.PageController"] 259 | skip_cache = false 260 | extra_avatar_headers = "" 261 | extra_index_headers = "" 262 | extra_room_headers = "" 263 | extra_scene_headers = "" 264 | 265 | extra_avatar_html = "" 266 | extra_index_html = "" 267 | extra_room_html = "" 268 | extra_scene_html = "" 269 | 270 | extra_avatar_script = "" 271 | extra_index_script = "" 272 | extra_room_script = "" 273 | extra_scene_script = "" 274 | 275 | [ret."Elixir.Ret.Account"] 276 | admin_email = "" 277 | 278 | [ret."Elixir.Ret.Coturn"] 279 | realm = "turkey" 280 | public_tls_ports = "5349" 281 | 282 | [web_push_encryption.vapid_details] 283 | subject = "" 284 | public_key = "" 285 | private_key = "" 286 | 287 | [sentry] 288 | dsn = "" 289 | 290 | [run] 291 | hostname_dns_suffix = "turkey" 292 | 293 | [hackney] 294 | max_connections = 250 295 | 296 | [ret."Elixir.Ret.Meta"] 297 | phx_host = "" 298 | 299 | volumes: 300 | - name: storage 301 | hostPath: 302 | path: /tmp/ret_storage_data 303 | type: DirectoryOrCreate 304 | - name: config 305 | configMap: 306 | name: ret-config 307 | 308 | volumeMounts: 309 | - name: storage 310 | mountPath: /storage 311 | mountPropagation: Bidirectional 312 | - name: config 313 | mountPath: /home/ret 314 | 315 | sidecar: 316 | enabled: true 317 | name: postgrest 318 | image: mozillareality/postgrest 319 | ports: 320 | - containerPort: 3000 321 | imagePullPolicy: IfNotPresent 322 | env: 323 | - name: PGRST_LOG_LEVEL 324 | value: info 325 | - name: PGRST_DB_SCHEMA 326 | value: ret0_admin 327 | - name: PGRST_DB_ANON_ROLE 328 | value: postgres 329 | - name: PGRST_DB_URI 330 | valueFrom: 331 | secretKeyRef: 332 | name: configs 333 | key: PGRST_DB_URI 334 | - name: PGRST_JWT_SECRET 335 | valueFrom: 336 | secretKeyRef: 337 | name: configs 338 | key: PGRST_JWT_SECRET 339 | --------------------------------------------------------------------------------