.

.gitea/workflows/buildcharts.yaml

@@ -1,58 +0,0 @@
-name: Package and publish helm chart
-
-on:
-  push:
-
-jobs:
-  package-helm:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        name: Check out code
-
-      - name: Set up Helm
-        uses: azure/setup-helm@v4.2.0
-        with:
-          version: v3.14.4
-
-      - name: Set up yq
-        uses: mikefarah/yq@master
-
-      - name: Check for changed charts
-        id: changed-files
-        uses: tj-actions/changed-files@v44
-        with:
-          dir_names: true
-          dir_names_max_depth: '2'
-          files: 'charts/**'
-
-      - name: Run helm lint on all changed charts
-        shell: bash
-        env:
-          ALL_CHANGED_CHARTS: ${{ steps.changed-files.outputs.all_changed_files }}
-        run: |
-          REPO_PATH=$(git rev-parse --show-toplevel)
-          for chart in ${ALL_CHANGED_CHARTS}; do
-            cd ${REPO_PATH}/${chart}
-            helm dependency build
-            helm lint .
-          done
-
-      - name: build helm package
-        shell: bash
-        if: gitea.ref == 'refs/heads/main'
-        env:
-          PACKAGE_TOKEN: ${{ secrets.PACKAGE_TOKEN }}
-          CHART_NAME: ${{ steps.chart_name.outputs.result }}
-          CHART_VERSION: ${{ steps.chart_version.outputs.result }}
-          ALL_CHANGED_CHARTS: ${{ steps.changed-files.outputs.all_changed_files }}
-        run: |
-          REPO_PATH=$(git rev-parse --show-toplevel)
-          for chart in ${ALL_CHANGED_CHARTS}; do
-            cd ${REPO_PATH}/${chart}
-            CHART_NAME=$(yq .name Chart.yaml)
-            CHART_VERSION=$(yq .version Chart.yaml)
-            echo "Packaging ${CHART_NAME}-${CHART_VERSION}"
-            helm package .
-            curl -H "Authorization: token $PACKAGE_TOKEN" -X POST --upload-file ${CHART_NAME}-${CHART_VERSION}.tgz https://git.rre.nu/api/packages/jonas/helm/api/charts
-          done

Makefile

@@ -0,0 +1,3 @@
+pre-commit:
+	pip install pre-commit
+	pre-commit install

README.md

@@ -1 +0,0 @@
-# My helm-charts

charts/gotify/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: lib
+  repository: oci://repo.rre.nu/helm
+  version: 1.0.2
+digest: sha256:fa5e2c6ef2a6f75b236acf60aef5748958d89e03f6f8c6da4b396dee46731401
+generated: "2024-10-22T16:16:46.133911179+02:00"

charts/gotify/README.md

@@ -0,0 +1,62 @@
+
+Gotify
+===========
+
+Gotify · a simple server for sending and receiving messages
+
+
+## Configuration
+
+The following table lists the configurable parameters of the Gotify chart and their default values.
+
+| Parameter                | Description             | Default        |
+| ------------------------ | ----------------------- | -------------- |
+| `image.repository` |  | `"ghcr.io/gotify/server"` |
+| `gotify.server.keepaliveperiodseconds` | 0 = use Go default (15s); -1 = disable keepalive; set the interval in which keepalive packets will be sent. Only change this value if you know what you are doing. | `0` |
+| `gotify.server.listenaddr` | the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock". | `""` |
+| `gotify.server.port` | the port the HTTP server will listen on | `80` |
+| `gotify.server.ssl.enabled` | if https should be enabled | `false` |
+| `gotify.server.ssl.redirecttohttps` | redirect to https if site is accessed by http | `true` |
+| `gotify.server.ssl.listenaddr` | the address to bind on, leave empty to bind on all addresses. Prefix with "unix:" to create a unix socket. Example: "unix:/tmp/gotify.sock". | `""` |
+| `gotify.server.ssl.port` | the https port | `443` |
+| `gotify.server.ssl.certfile` | the cert file (leave empty when using letsencrypt) | `null` |
+| `gotify.server.ssl.certkey` | the cert key (leave empty when using letsencrypt) | `null` |
+| `gotify.server.ssl.letsencrypt.enabled` | if the certificate should be requested from letsencrypt | `false` |
+| `gotify.server.ssl.letsencrypt.accepttos` | if you accept the tos from letsencrypt | `false` |
+| `gotify.server.ssl.letsencrypt.cache` | the directory of the cache from letsencrypt | `"data/certs"` |
+| `gotify.server.ssl.letsencrypt.hosts` | the hosts for which letsencrypt should request certificates | `null` |
+| `gotify.server.responseheaders` | response headers are added to every response (default: none) | `null` |
+| `gotify.server.trustedproxies` | IPs or IP ranges of trusted proxies. Used to obtain the remote ip via the X-Forwarded-For header. (configure 127.0.0.1 to trust sockets) | `null` |
+| `gotify.server.cors.alloworigins` |  | `null` |
+| `gotify.server.cors.allowmethods` |  | `null` |
+| `gotify.server.cors.allowheaders` |  | `null` |
+| `gotify.server.stream.pingperiodseconds` | the interval in which websocket pings will be sent. Only change this value if you know what you are doing. | `45` |
+| `gotify.server.stream.allowedorigins` | allowed origins for websocket connections (same origin is always allowed, default only same origin) | `null` |
+| `gotify.database.dialect` |  | `"sqlite3"` |
+| `gotify.database.connection` |  | `"data/gotify.db"` |
+| `gotify.defaultuser.name` | the username of the default user | `"admin"` |
+| `gotify.defaultuser.pass` | the password of the default user | `"admin"` |
+| `gotify.passstrength` | the bcrypt password strength (higher = better but also slower) | `10` |
+| `gotify.uploadedimagesdir` | the directory for storing uploaded images | `"data/images"` |
+| `gotify.pluginsdir` | the directory where plugin resides (leave empty to disable plugins) | `"data/plugins"` |
+| `gotify.registration` | enable registrations | `false` |
+| `service.main.enabled` |  | `true` |
+| `service.main.type` |  | `"ClusterIP"` |
+| `service.main.annotations` |  | `{}` |
+| `service.main.labels` |  | `{}` |
+| `service.main.ports.http.port` |  | `80` |
+| `ingress.enabled` |  | `false` |
+| `ingress.service` | what service should the ingress target | `"http"` |
+| `ingress.servicePort` |  | `80` |
+| `ingress.className` |  | `""` |
+| `ingress.annotations` |  | `{}` |
+| `ingress.hosts` |  | `[{"host": "chart-example.local", "paths": [{"path": "/", "pathType": "ImplementationSpecific"}]}]` |
+| `livenessProbe.httpGet.path` |  | `"/"` |
+| `livenessProbe.httpGet.port` |  | `"http"` |
+| `readinessProbe.httpGet.path` |  | `"/"` |
+| `readinessProbe.httpGet.port` |  | `"http"` |
+
+
+
+
+

charts/gotify/templates/config.tpl

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gotify-config
+  namespace: {{ .Values.namespace | default "default" }}
+  labels:
+    {{- include "lib.labels" . | nindent 4}}
+type: Opauge
+data:
+  config.yml: {{ toYaml .Values.gotify | b64enc }}

charts/home-assistant/Chart.yaml

@@ -1,19 +0,0 @@
----
-apiVersion: v2
-name: home-assistant
-description: Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts.
-type: application
-version: 1.0.0
-appVersion: 2024.11.1
-kubeVersion: ">=1.27.0"
-home: https://www.home-assistant.io/
-sources:
-  - https://git.rre.nu/jonas/helm-charts
-  - https://github.com/home-assistant/core
-maintainers:
-  - name: Jonas Forsberg
-    email: barregargamel@gmail.com
-dependencies:
-  - name: lib
-    repository: https://git.rre.nu/api/packages/jonas/helm
-    version: 1.0.4

charts/home-assistant/README.md

@@ -1,44 +0,0 @@
-
-Home-assistant
-===========
-
-Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts.
-
-
-## Configuration
-
-The following table lists the configurable parameters of the Home-assistant chart and their default values.
-
-| Parameter                | Description             | Default        |
-| ------------------------ | ----------------------- | -------------- |
-| `image.repository` |  | `"ghcr.io/home-assistant/home-assistant"` |
-| `image.tag` |  | `null` |
-| `controller.enabled` | should the main workload be included or not | `true` |
-| `controller.type` | valid options are deployment, statefulset, job | `"statefulset"` |
-| `service.http.enabled` |  | `true` |
-| `service.http.ports.http.port` |  | `80` |
-| `service.http.ports.http.targetPort` |  | `8123` |
-| `ingress.enabled` |  | `false` |
-| `ingress.service` | what service should the ingress target | `"http"` |
-| `ingress.servicePort` |  | `80` |
-| `ingress.className` |  | `"nginx"` |
-| `ingress.hosts` |  | `[{"host": "example.local", "paths": [{"path": "/", "pathType": "Prefix"}]}]` |
-| `ingress.annotations` |  | `{}` |
-| `ingress.tls` |  | `[]` |
-| `volumeClaimTemplates` |  | `[{"name": "config", "mountPath": "/config", "accessMode": "ReadWriteOnce", "storageClassName": "longhorn", "size": "1Gi"}]` |
-| `livenessProbe.httpGet.path` |  | `"/"` |
-| `livenessProbe.httpGet.port` |  | `8123` |
-| `livenessProbe.initialDelaySeconds` |  | `5` |
-| `livenessProbe.periodSeconds` |  | `3` |
-| `volumes` |  | `[{"name": "configs", "configMap": {"name": "hass-configs", "items": [{"key": "configuration.yaml", "path": "configuration.yaml"}, {"key": "automations.yaml", "path": "automations.yaml"}, {"key": "scenes.yaml", "path": "scenes.yaml"}, {"key": "scripts.yaml", "path": "scripts.yaml"}]}}, {"name": "secrets", "secret": {"secretName": "hass-secrets", "items": [{"key": "secrets.yaml", "path": "secrets.yaml"}]}}]` |
-| `volumeMounts` |  | `[{"name": "configs", "mountPath": "/config/configuration.yaml", "subPath": "configuration.yaml", "readOnly": true}, {"name": "configs", "mountPath": "/config/automations.yaml", "subPath": "automations.yaml", "readOnly": true}, {"name": "configs", "mountPath": "/config/scenes.yaml", "subPath": "scenes.yaml", "readOnly": true}, {"name": "configs", "mountPath": "/config/scripts.yaml", "subPath": "scripts.yaml", "readOnly": true}, {"name": "secrets", "mountPath": "/config/secrets.yaml", "subPath": "secrets.yaml", "readOnly": true}]` |
-| `hass_configs.configuration.yaml` |  | `"# Loads default set of integrations. Do not remove.\ndefault_config:\n\n# Load frontend themes from the themes folder\nfrontend:\n  themes: !include_dir_merge_named themes\n\nautomation: !include automations.yaml\nscript: !include scripts.yaml\nscene: !include scenes.yaml\n"` |
-| `hass_configs.automations.yaml` |  | `"[]\n"` |
-| `hass_configs.scenes.yaml` |  | `"# scenes\n"` |
-| `hass_configs.scripts.yaml` |  | `"# scripts\n"` |
-| `hass_secrets.secrets.yaml` |  | `"# Use this file to store secrets like usernames and passwords.\n# Learn more at https://www.home-assistant.io/docs/configuration/secrets/\nsome_password: welcome\n"` |
-
-
-
-
-

charts/home-assistant/templates/configuration.yaml

@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: hass-configs
-  namespace: {{ .Values.namespace | default "default" }}
-  labels: {{ include "lib.labels" . | nindent 4 }}
-data: {{ .Values.hass_configs | toYaml | nindent 2 }}

charts/home-assistant/templates/secrets.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: hass-secrets
-  namespace: {{ .Values.namespace | default "default" }}
-  labels: {{ include "lib.labels" . | nindent 4 }}
-type: Opauge
-data: 
-  {{- range $n, $v := .Values.hass_secrets -}}
-    {{ $n | nindent 2 }}: {{ $v | b64enc }}
-  {{- end }}

charts/home-assistant/values.yaml

@@ -1,113 +0,0 @@
-image:
-  repository: ghcr.io/home-assistant/home-assistant
-  tag:
-
-controller: # main workload
-  enabled: true # should the main workload be included or not
-  type: statefulset # valid options are deployment, statefulset, job
-
-service:
-  http:
-    enabled: true
-    ports:
-      http:
-        port: 80
-        targetPort: 8123
-
-ingress:
-  enabled: false
-  service: http # what service should the ingress target
-  servicePort: 80
-  className: "nginx"
-  hosts:
-    - host: example.local
-      paths:
-        - path: /
-          pathType: Prefix
-  annotations:
-    {}
-  tls: []
-  #  - secretName: chart-example-tls
-  #    hosts:
-  #      - chart-example.local
-
-volumeClaimTemplates:
-  - name: config
-    mountPath: /config
-    accessMode: "ReadWriteOnce"
-    storageClassName: "longhorn"
-    size: 1Gi
-
-livenessProbe:
-  httpGet:
-    path: /
-    port: 8123
-  initialDelaySeconds: 5
-  periodSeconds: 3
-
-volumes:
-  - name: configs
-    configMap:
-      name: hass-configs
-      items:
-        - key: configuration.yaml
-          path: configuration.yaml
-        - key: automations.yaml
-          path: automations.yaml
-        - key: scenes.yaml
-          path: scenes.yaml
-        - key: scripts.yaml
-          path: scripts.yaml
-  - name: secrets
-    secret:
-      secretName: hass-secrets
-      items:
-        - key: secrets.yaml
-          path: secrets.yaml
-
-volumeMounts:
-  - name: configs
-    mountPath: /config/configuration.yaml
-    subPath: configuration.yaml
-    readOnly: true
-  - name: configs
-    mountPath: /config/automations.yaml
-    subPath: automations.yaml
-    readOnly: true
-  - name: configs
-    mountPath: /config/scenes.yaml
-    subPath: scenes.yaml
-    readOnly: true
-  - name: configs
-    mountPath: /config/scripts.yaml
-    subPath: scripts.yaml
-    readOnly: true
-  - name: secrets
-    mountPath: /config/secrets.yaml
-    subPath: secrets.yaml
-    readOnly: true
-
-hass_configs:
-  configuration.yaml: |
-    # Loads default set of integrations. Do not remove.
-    default_config:
-
-    # Load frontend themes from the themes folder
-    frontend:
-      themes: !include_dir_merge_named themes
-
-    automation: !include automations.yaml
-    script: !include scripts.yaml
-    scene: !include scenes.yaml
-  automations.yaml: |
-    []
-  scenes.yaml: |
-    # scenes
-  scripts.yaml: |
-    # scripts
-
-hass_secrets:
-  secrets.yaml: |
-    # Use this file to store secrets like usernames and passwords.
-    # Learn more at https://www.home-assistant.io/docs/configuration/secrets/
-    some_password: welcome

charts/node-red/.gitignore

@@ -5,8 +5,6 @@ bin/*
 .project
 /.bin
 /_test/secrets/*.json
-*.tgz
-Chart.lock
 
 # OSX leaves these everywhere on SMB shares
 ._*
@@ -37,4 +35,3 @@ Session.vim
 **/charts/*.tgz
 
 .history
-

charts/node-red/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: lib
+  repository: oci://repo.rre.nu/helm
+  version: 1.0.0
+digest: sha256:96ab24bff7a4495ae492e87667724f179a244b08c648bf9405804c37e4a01364
+generated: "2024-10-18T15:37:35.457950145+02:00"

charts/node-red/Chart.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: v2
+name: node-red
+version: 1.0.0
+description: Node-RED is a flow-based programming tool, originally developed by IBM’s Emerging Technology Services team and now a part of the OpenJS Foundation.
+type: application
+appVersion: 4.0.5-22-minimal
+kubeVersion: ">=1.27.0"
+sources:
+  - https://git.rre.nu/jonas/common-helm-lib
+  - https://git.rre.nu/jonas/helm-charts
+maintainers:
+  - name: Jonas Forsberg
+    email: barregargamel@gmail.com
+dependencies:
+  - name: lib
+    repository: oci://repo.rre.nu/helm
+    version: 1.0.0

charts/node-red/templates/NOTES.txt

@@ -0,0 +1 @@
+{{- include "lib.defaultNotes" . -}}

charts/node-red/values.yaml

@@ -0,0 +1,74 @@
+secrets:
+  config:
+    env: true
+    enabled: false
+    data:
+      secret: dGVzdAo=
+      blabla: dGVzdAo=
+    stringData:
+      USERNAME: foo
+      PASSWORD: bar
+  file:
+    stringData:
+      game.conf: "this is a long file"
+
+configs:
+  mariadb:
+    enabled: false
+    env: true
+    data:
+      ABC: 123
+  file:
+    data:
+      file.txt: |
+        this is a multi line
+        file that should be mounted
+
+
+enva:
+  - name: TESTING
+    value: "kasll"
+
+
+namespace: kallekalas
+controller:
+  enabled: true
+  type: statefulset
+image:
+  repository: docker.io/nodered/node-red
+  pullPolicy:
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+service:
+  main:
+    enabled: false
+    type: ClusterIP
+    ports:
+      http:
+        port: 80
+        targetPort: 1880
+        protocol: HTTP
+ingress:
+  enabled: false
+  className: ""
+  service: main
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: chart-example.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+volumeClaimTemplates:
+  - name: www
+    mountPath: /var/www/html
+    accessMode: "ReadWriteOnce"
+    storageClassName: "local-path"
+    size: 1Gi

charts/semaphoreui/.gitignore

@@ -1,3 +1,2 @@
 Chart.lock
 charts/
-*.tgz

charts/semaphoreui/Chart.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: v2
+name: semaphoreui
+description: Powerful API for Ansible
+type: application
+version: 1.0.0
+appVersion: v2.10.31
+kubeVersion: ">=1.27.0"
+home: https://semaphoreui.com/
+sources:
+  - https://git.rre.nu/jonas/helm-charts
+maintainers:
+  - name: Jonas Forsberg
+    email: barregargamel@gmail.com
+dependencies:
+  - name: lib
+    repository: oci://repo.rre.nu/helm
+    version: 1.0.2

charts/semaphoreui/README.md

@@ -0,0 +1,33 @@
+
+Semaphoreui
+===========
+
+Powerful API for Ansible
+
+
+## Configuration
+
+The following table lists the configurable parameters of the Semaphoreui chart and their default values.
+
+| Parameter                | Description             | Default        |
+| ------------------------ | ----------------------- | -------------- |
+| `image.repository` |  | `"semaphoreui/semaphore"` |
+| `config` |  | `{}` |
+| `service.http.enabled` |  | `true` |
+| `service.http.ports.http.port` |  | `80` |
+| `service.http.ports.http.targetPort` |  | `3000` |
+| `ingress.enabled` |  | `false` |
+| `ingress.service` | what service should the ingress target | `"http"` |
+| `ingress.servicePort` |  | `80` |
+| `ingress.className` |  | `"nginx"` |
+| `ingress.hosts` |  | `[{"host": "example.local", "paths": [{"path": "/", "pathType": "Prefix"}]}]` |
+| `ingress.annotations` |  | `{}` |
+| `controller.command` | Need to override server-wrapper due to stupid DB ping in container | `["/bin/sh"]` |
+| `controller.args` |  | `["/var/local/bin/entrypoint.sh"]` |
+| `volumes` |  | `[{"name": "config", "secret": {"secretName": "semaphoreui-config", "optional": false}}, {"name": "entrypoint", "configMap": {"name": "semaphoreui-entrypoint", "items": [{"key": "entrypoint.sh", "path": "entrypoint.sh"}]}}]` |
+| `volumeMounts` |  | `[{"name": "config", "mountPath": "/var/semaphoreui-secret", "readOnly": true}, {"name": "entrypoint", "mountPath": "/var/local/bin/entrypoint.sh", "subPath": "entrypoint.sh"}]` |
+
+
+
+
+

charts/semaphoreui/templates/base.tpl

@@ -0,0 +1 @@
+{{ include "lib.all" . }}

charts/semaphoreui/templates/config.tpl

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: semaphoreui-config
+  namespace: {{ .Values.namespace | default "default" }}
+  labels:
+    {{- include "lib.labels" . | nindent 4}}
+type: Opauge
+data:
+  config.json: {{ toJson .Values.config | b64enc }}
+  {{- with .Values.packages }}
+  packages.txt: {{ . | b64enc }}
+  {{- end }}
+  {{- with .Values.requirements }}
+  requirements.txt: {{ . | b64enc }}
+  {{- end }}

charts/semaphoreui/templates/entrypoint.sh

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: semaphoreui-entrypoint
+  namespace: {{ .Values.namespace | default "default" }}
+  labels:
+    {{- include "lib.labels" . | nindent 4}}
+data:
+  entrypoint.sh: |
+    #!/bin/sh
+    echo "creating /etc/semaphore/config.json"
+    cp /var/semaphoreui-secret/config.json /etc/semaphore/config.json
+    if test -f /var/semaphoreui-secret/packages.txt; then
+      echo "Installing additional system dependencies"
+      apk add --no-cache --upgrade \
+      $(cat /var/semaphoreui-secret/packages.txt | xargs)
+    else
+      echo "No additional system dependencies to install"
+    fi
+    if test -f /var/semaphoreui-secret/requirements.txt; then
+      echo "Installing additional python dependencies"
+      pip3 install --upgrade \
+        -r /var/semaphoreui-secret//requirements.txt
+    else
+      echo "No additional python dependencies to install"
+    fi
+    echo "Starting semapore server"
+    exec /usr/local/bin/semaphore server  --config /etc/semaphore/config.json

charts/semaphoreui/values.yaml

@@ -0,0 +1,103 @@
+image:
+  repository: semaphoreui/semaphore
+
+config: {}
+#  bolt:
+#    host: # Path to the BoltDB database file
+#  mysql:
+#    host: # MySQL database host
+#    name: # MySQL database (schema) name
+#    user: # MySQL user name
+#    pass: # MySQL user's password
+#  postgres:
+#    host: # Postgres database host
+#    name: # Postgres database (schema) name
+#    user: # Postgres user name
+#    pass: # Postgres user's password
+#  dialect: bolt # Can be mysql, postgres or bolt
+#  port: 3000 # TCP port on which the web interface will be available. Default: 3000
+#  interface: # Useful if your server has multiple network interfaces
+#  tmp_path: /tmp/semaphore # Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore
+#  access_key_encryption: # Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption).
+#  web_host: # Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /.
+#  email_sender:
+#  email_host:
+#  email_port:
+#  email_secure:
+#  email_username:
+#  email_password:
+#  email_alert:
+#  telegram_alert:
+#  slack_alert:  # Set to True to enable pushing alerts to slack. It should be used in combination with slack_url
+#  slack_url: # The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url
+#  rocketchat_alert: # Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56.
+#  rocketchat_url: # The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56.
+#  ldap_enable:
+#  ldap_needtls:
+#  ldap_binddn:
+#  ldap_bindpassword:
+#  ldap_server:
+#  ldap_searchdn:
+#  concurrency_mode: # Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished.
+#max_parallel_tasks:
+#oidc_providers: # OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/).
+#password_login_disable: false # Disable login with using password. Only LDAP and OpenID.
+#non_admin_can_create_project: false # Allow non-admin users to create new projects.
+
+service:
+  http:
+    enabled: true
+    ports:
+      http:
+        port: 80
+        targetPort: 3000
+
+ingress:
+  enabled: false
+  service: http # what service should the ingress target
+  servicePort: 80
+  className: "nginx"
+  hosts:
+    - host: example.local
+      paths:
+        - path: /
+          pathType: Prefix
+  annotations:
+    {}
+
+packages: # extra packages that needs to be installed
+requirements: # Requirements files serve as a list of items to be installed by pip, when using [pip install](https://pip.pypa.io/en/stable/cli/pip_install/#pip-install)
+
+livenessProbe:
+  httpGet:
+    path: /
+    port: http
+readinessProbe:
+  httpGet:
+    path: /
+    port: http
+
+controller:
+  command: ["/bin/sh"] # Need to override server-wrapper due to stupid DB ping in container
+  args:
+    - /var/local/bin/entrypoint.sh
+
+volumes:
+  - name: config
+    secret:
+      secretName: semaphoreui-config
+      optional: false
+  - name: entrypoint
+    configMap:
+      name: semaphoreui-entrypoint
+      items:
+        - key: entrypoint.sh
+          path: entrypoint.sh
+
+volumeMounts:
+  - name: config
+    mountPath: /var/semaphoreui-secret
+    readOnly: true
+  - name: entrypoint
+    mountPath: /var/local/bin/entrypoint.sh
+    subPath: entrypoint.sh

charts/unifi/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: lib
+  repository: file://../../../lib/
+  version: 1.0.0
+digest: sha256:63e7ca30622b531017b921e041bc25280c0d53712af37f6e36aaa19f5a5a8f15
+generated: "2024-10-12T11:11:31.627097149+02:00"

charts/unifi/Chart.yaml

@@ -0,0 +1,15 @@
+---
+apiVersion: v2
+name: unifi
+version: 1.0.0
+description: The Unifi-network-application software is a powerful, enterprise wireless software engine ideal for high-density client deployments requiring low latency and high uptime performance.
+type: application
+appVersion: v8.5.6
+kubeVersion: ">=1.27.0"
+maintainers:
+  - name: Jonas Forsberg
+    email: barregargamel@gmail.com
+dependencies:
+  - name: lib
+    repository: "file://../../../lib/"
+    version: 1.0.0

charts/unifi/templates/NOTES.txt

@@ -0,0 +1 @@
+{{- include "lib.defaultNotes" . -}}

charts/unifi/templates/all.yaml

@@ -0,0 +1 @@
+{{ include "lib.all" . }}

charts/unifi/values.yaml

@@ -0,0 +1,33 @@
+lib:
+
+  service:
+    tcp:
+      enabled: true
+      type: ClusterIP
+      ports:
+        https:
+          port: 8443
+          protocol: TCP
+          targetPort: 8443
+        http_redirect:
+          port: 8880
+          protocol: TCP
+        https_redirect:
+          port: 8843
+          protocol: TCP
+        speed_test:
+          port: 6789
+          protocol: TCP
+    udp:
+      enabled: true
+      type: ClusterIP
+      ports:
+        stun:
+          port: 3478
+          protocol: UDP
+        device_discovery:
+          port: 10001
+          protocol: UDP
+        local_discovery:
+          port: 1900
+          protocol: UDP