pascaliske / helm-charts Goto Github PK

• Empty image tags in version files
• Set @default comments for image tags
• Configure renovate bot for appVersion updates

Is your feature request related to a problem? Please describe.
It should be possible to enable support for MaxMinds GeoLite2 DB through a flag.

Describe the solution you'd like
The flag enables the deployment of the official image maxmindinc/geoipupdate as a sidecar container for Plausible.

Describe alternatives you've considered

Additional context

Hi Pascal,

I am currently trying to setup paperless. I have a secret that contains the keys as stated a little below:

[...]
stringData:
  PAPERLESS_SECRET_KEY: ADD-A-RANDOM-STRING-HERE
  PAPERLESS_ADMIN_USER: YOUR-USERNAME-GOES-HERE
  PAPERLESS_ADMIN_PASSWORD: YOUR-PASSWORD-GOES-HERE
  PAPERLESS_ADMIN_MAIL: YOUR-MAIL-ADDRESS-GOES-HERE
  PAPERLESS_URL: YOUR-URL-GOES-HERE

However it seems like the chart only uses the PAPERLESS_SECRET_KEY from the existing secret:

$ kubectl get deploy paperless
[...]
    spec:
      containers:
      - env:
        - name: TZ
          value: UTC
        - name: PAPERLESS_TIME_ZONE
          value: UTC
        - name: PAPERLESS_CONSUMPTION_DIR
          value: /consumption
        - name: PAPERLESS_REDIS
          value: redis://paperless-redis:6379
        - name: PAPERLESS_SECRET_KEY
          valueFrom:
            secretKeyRef:
              key: PAPERLESS_SECRET_KEY
              name: paperless-admin
        - name: PAPERLESS_PORT
          value: "8000"
[...]

Should this be working? Am I missing something?

Unfortunately this chart does not have a envFrom:, at least according to the values.yaml.

I am running the service with type Loadbalancer on my local k3s+MetalLB cluster.

However, after enabling the metrics, I cannot upgrade as mixed protocols are not allowed on services of type Loadbalancer.

Error: UPGRADE FAILED: cannot patch "cloudflared" with kind Service: Service "cloudflared" is invalid: spec.ports: Invalid value: []core.ServicePort{core.ServicePort{Name:"dns", Protocol:"UDP", AppProtocol:(*string)(nil), Port:53, TargetPort:intstr.IntOrString{Type:0, IntVal:5053, StrVal:""}, NodePort:30686}, core.ServicePort{Name:"metrics", Protocol:"TCP", AppProtocol:(*string)(nil), Port:49312, TargetPort:intstr.IntOrString{Type:0, IntVal:5053, StrVal:""}, NodePort:0}}: may not contain more than 1 protocol when type is 'LoadBalancer'

I can think of two solutions:

• rework to have two separate services (aka two service template files)
• do not expose the metrics via the service

See here: badges/shields#8671

https://github.com/plausible/hosting/blob/master/kubernetes/plausible-events-db.yaml

Is your feature request related to a problem? Please describe.

Running the chart directly does not set admin user / password so no login is possible.

Describe the solution you'd like

Add a configuration option to the values.yaml that either creates a new secret or allows to use an existing one to set the admin credentials.

Describe alternatives you've considered

As a workaround, it is possible to set the credentials using the environment variables PAPERLESS_ADMIN_USERNAME and PAPERLESS_ADMIN_PASSWORD.

I tried to upgrade from chart version 0.3.1 to the latest 1.0.5 (at the time of writing) and it failed with the error: reconciliation failed: Helm upgrade failed: cannot patch "linkding" with kind Deployment: Deployment.apps "linkding" is invalid: spec.template.spec.containers[0].volumeMounts[0].name: Not found: "storage-volume"

I have a pre-baked PV and PVC that I refer to and they've worked quite well so far.

---
kind: PersistentVolume
apiVersion: v1
metadata:
  name: storage-volume
spec:
  capacity:
    storage: 10Gi
  accessModes:
  - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: local-path
  local:
    path: /home/....
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: storage-volume
  namespace: linkding
spec:
  accessModes:
  - ReadWriteOnce
  storageClassName: local-path
  resources:
    storage: 10Gi
---
apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository
metadata:
  name: pascaliske
  namespace: linkding
spec:
  interval: 60m
  url: https://charts.pascaliske.dev
---
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
  name: linkding
  namespace: linkding
spec:
  interval: 30s
  chart:
    spec:
      chart: linkding
      version: "0.3.1" # <- I only changed this line to 1.0.5
      sourceRef:
        kind: HelmRepository
        name: pascaliske
        namespace: linkding
      interval: 60m
  values:
    persistentVolumeClaim:
      create: false
      existingPersistentVolumeClaim: storage-volume
---

The cluster is managed with FluxCD, hence the HelmRepository and HelmRelease objects. What I saw among the k8s events was the Helm release tried to provision another volume, named linkding-storage and disregarded my pre-made PV and PVC although they were there and named exactly as the release required. Any pointer would be greatly appreciated.

Is your feature request related to a problem? Please describe.
If the chart index on the gh-pages branch gets corrupted the chart-release workflow can not restore it.

Describe the solution you'd like
Create a workflow to rebuild the index if it got corrupted.

Describe alternatives you've considered
Update the chart index in an idempotent fashion during the release process.

Additional context

• https://github.com/rstudio/helm/tree/main/scripts

Describe the bug
I'm a beginner with helm so I might be doing something wrong, but after deploying the paperless-ngx chart with redis enabled, the pod fails to start with the following error:

Adjusting permissions of paperless files. This may take a while.
Waiting for Redis...
Redis ping #0 failed.
Error: Error 111 connecting to localhost:6379. Connection refused..
Waiting 5s
Redis ping #1 failed.
Error: Error 111 connecting to localhost:6379. Connection refused..
Waiting 5s
Redis ping #2 failed.
Error: Error 111 connecting to localhost:6379. Connection refused..
Waiting 5s
Redis ping #3 failed.
Error: Error 111 connecting to localhost:6379. Connection refused..
Waiting 5s
Redis ping #4 failed.
Error: Error 111 connecting to localhost:6379. Connection refused..
Waiting 5s
Failed to connect to redis using environment variable PAPERLESS_REDIS.

To me it seems like you added the variable to your CI dir so it can pass tests, but in my opinion it should have been present in the template, within an if block. This would also allow proper injection of redis' service name.

To Reproduce
Steps to reproduce the behavior:

Deploy the paperless chart with the following values:

redis:
  enabled: true

Expected behavior
The PAPERLESS_REDIS variable gets properly set with the generated (or overwritten) redis service name

** (RuntimeError) BASE_URL configuration option is required. See https://plausible.io/docs/self-hosting-configuration#server

** (RuntimeError) SECRET_KEY_BASE configuration option is required. See https://plausible.io/docs/self-hosting-configuration#server

https://github.com/pascaliske/helm-charts/actions/runs/4439709035/jobs/7792548732#step:9:1

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Is the repo link still valid?
I'm getting the following error -
$ helm repo add pascaliske https://charts.pascaliske.dev
Error: looks like "https://charts.pascaliske.dev" is not a valid chart repository or cannot be reached: failed to fetch https://charts.pascaliske.dev/index.yaml : 503 Service Unavailable

is it just me ?

I installed the paperless-ngx chart and can't login. admin:admin does not work and I don't find any secret with the credentials. What are the default ones?

• Define values with controller: {}
• Define more generic controller template: controller.yaml

• #186
• #185
• #184
• #183
• #182
• #181
• #180
• #173
• #179
• #178
• #177
• #176
• #175

https://github.com/plausible/hosting/blob/master/kubernetes/plausible.yaml

Blocked by: #209

Is your feature request related to a problem? Please describe.

Describe the solution you'd like
Newer Kubernetes versions allow combining TCP & UDP ports to be combined into a single service. This should be optionally possible with this chart.

Describe alternatives you've considered

Additional context

https://github.com/karuppiah7890/helm-schema-gen

I just upgraded to the latest version of the chart, and noticed that DNS via TCP was no longer working.

$ dig @192.168.99.166 suse.de +tcp
;; Connection to 192.168.99.166#53(192.168.99.166) for suse.de failed: connection refused.

Editing the service and changing targetPort: dns-tcp to targetPort: 5053 immediately restores the connectivity.

Funnily enough, for dns-udp it is working even with the name for the targetPort... :-)

Is your feature request related to a problem? Please describe.
The consumption, export and trash directories currently only allow to be mounted to host paths:

consumption:
  # -- Enable the volume mount of a [consumption directory](https://paperless-ngx.readthedocs.io/en/latest/configuration.html#paths-and-folders).
  enabled: false
  # -- Mount path of the consumption directory inside the container.
  mountPath: /consumption
  # -- Host path of the consumption directory outside the container.
  hostPath: ''

This is not practical for Kubernetes because when using NAS etc. for backups, the directories first need to be mounted on all nodes.

Describe the solution you'd like

I would like an option to specify an existing PVC to mount these at, like:

consumption:
  # -- Enable the volume mount of a [consumption directory](https://paperless-ngx.readthedocs.io/en/latest/configuration.html#paths-and-folders).
  enabled: true
  # -- Mount path of the consumption directory inside the container.
  mountPath: /consumption
  # -- Host path of the consumption directory outside the container.
  hostPath: ''
  # -- PVC of the consumption directory
  persistentVolumeClaim: 'my-consumption-claim'

Describe alternatives you've considered

Using some automation technology (like Ansible) to mount the directory to each node, but this opposes the idea of Kubernetes.