commit 4ec4c0232ca1681e96dc0cd0f6e1de32c72e5ea0
author Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Sat Aug 17 15:09:24 2024 +0400
committer Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local> Sat Aug 17 15:09:24 2024 +0400
tree b43c5f4e56145b66c2cbc4eb20fbc11b84eef105
parent 924c61fd74046934228aa1fd58b88b3156cfdb29

update

charts/soft-serve/.helmignore

diff --git a/charts/soft-serve/.helmignore b/charts/soft-serve/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/soft-serve/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/soft-serve/Chart.yaml

diff --git a/charts/soft-serve/Chart.yaml b/charts/soft-serve/Chart.yaml
new file mode 100644
index 0000000..8afa8ca
--- /dev/null
+++ b/charts/soft-serve/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: soft-serve
+description: A Helm chart for git server to store PCloud configuration
+type: application
+version: 0.0.1
+appVersion: "0.0.1"

charts/soft-serve/templates/ingress.yaml

diff --git a/charts/soft-serve/templates/ingress.yaml b/charts/soft-serve/templates/ingress.yaml
new file mode 100644
index 0000000..490a5b3
--- /dev/null
+++ b/charts/soft-serve/templates/ingress.yaml
@@ -0,0 +1,31 @@
+{{ if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress
+  namespace: {{ .Release.Namespace }}
+  {{- if .Values.ingress.certificateIssuer }}
+  annotations:
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer }}
+  {{- end }}
+spec:
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+  {{- if .Values.ingress.certificateIssuer }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.domain }}
+    secretName: cert-soft-serve
+  {{- end }}
+  rules:
+  - host: {{ .Values.ingress.domain }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: soft-serve
+            port:
+              name: http
+{{ end }}

charts/soft-serve/templates/keys.yaml

diff --git a/charts/soft-serve/templates/keys.yaml b/charts/soft-serve/templates/keys.yaml
new file mode 100644
index 0000000..6ba4849
--- /dev/null
+++ b/charts/soft-serve/templates/keys.yaml
@@ -0,0 +1,10 @@
+{{ if and .Values.privateKey .Values.publicKey }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: keys
+  namespace: {{ .Release.Namespace }}
+data:
+  key: {{ toYaml .Values.privateKey | indent 2 }}
+  key.pub: {{ toYaml .Values.publicKey | indent 2 }}
+{{ end }}

charts/soft-serve/templates/service-transport.yaml

diff --git a/charts/soft-serve/templates/service-transport.yaml b/charts/soft-serve/templates/service-transport.yaml
new file mode 100644
index 0000000..969fbbe
--- /dev/null
+++ b/charts/soft-serve/templates/service-transport.yaml
@@ -0,0 +1,13 @@
+{{ if .Values.ingress.enabled }}
+apiVersion: transport.dodo.cloud/v1
+kind: ServiceTransport
+metadata:
+  name: ingress-transport
+  namespace: {{ .Release.Namespace }}
+spec:
+  port: {{ .Values.port }}
+  sourcePort: {{ .Values.ingress.sourcePort }}
+  protocol: TCP
+  service: soft-serve
+  ingressClassName: {{ .Values.ingress.ingressClassName }}
+{{ end }}

charts/soft-serve/templates/service.yaml

diff --git a/charts/soft-serve/templates/service.yaml b/charts/soft-serve/templates/service.yaml
new file mode 100644
index 0000000..9e54b46
--- /dev/null
+++ b/charts/soft-serve/templates/service.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: soft-serve
+  namespace: {{ .Release.Namespace }}
+  {{ if eq .Values.serviceType "LoadBalancer" }}
+  annotations:
+    {{ if .Values.reservedIP }}
+    metallb.universe.tf/loadBalancerIPs: {{ .Values.reservedIP }}
+    {{ end }}
+    {{ if .Values.addressPool }}
+    metallb.universe.tf/address-pool: {{ .Values.addressPool }}
+    {{ end }}
+  {{ end }}
+spec:
+  type: {{ .Values.serviceType }}
+  selector:
+    app: soft-serve
+  ports:
+  - name: ssh
+    port: {{ .Values.port }}
+    protocol: TCP
+  - name: http
+    port: 80 # TODO(gio): make configurable
+    targetPort: http
+    protocol: TCP

charts/soft-serve/templates/stateful-set.yaml

diff --git a/charts/soft-serve/templates/stateful-set.yaml b/charts/soft-serve/templates/stateful-set.yaml
new file mode 100644
index 0000000..e5b32eb
--- /dev/null
+++ b/charts/soft-serve/templates/stateful-set.yaml
@@ -0,0 +1,67 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: soft-serve
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    matchLabels:
+      app: soft-serve
+  serviceName: soft-serve
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: soft-serve
+    spec:
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: soft-serve
+      {{ if and .Values.privateKey .Values.publicKey }}
+      - name: keys
+        configMap:
+          name: keys
+      {{ end }}
+      containers:
+      - name: soft-serve
+        image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+        imagePullPolicy: {{ .Values.image.pullPolicy}}
+        env:
+        - name: SOFT_SERVE_SSH_LISTEN_ADDR
+          value: ":{{ .Values.port }}"
+        - name: SOFT_SERVE_SSH_PUBLIC_URL
+          value: "ssh://{{ .Values.ingress.domain }}:{{ .Values.sshPublicPort }}"
+        - name: SOFT_SERVE_INITIAL_ADMIN_KEYS
+          value: |-
+{{ indent 12 .Values.adminKey }}
+        {{ if and .Values.privateKey .Values.publicKey }}
+        - name: SOFT_SERVE_SSH_KEY_PATH
+          value: /.ssh/key
+        {{ end }}
+        - name: SOFT_SERVE_DATA_PATH
+          value: /var/lib/soft-serve/repos
+        - name: SOFT_SERVE_HTTP_LISTEN_ADDR
+          value: ":80"
+        - name: SOFT_SERVE_HTTP_PUBLIC_URL
+          value: "http://{{ .Values.ingress.domain }}"
+        - name: SOFT_SERVE_ALLOW_KEYLESS
+          value: "{{ .Values.allowKeyless }}"
+        - name: SOFT_SERVE_ANON_ACCESS
+          value: "{{ .Values.anonAccess }}"
+        ports:
+        - name: ssh
+          containerPort: {{ .Values.port }}
+          protocol: TCP
+        - name: http
+          containerPort: 80
+          protocol: TCP
+        volumeMounts:
+        - name: data
+          mountPath: /var/lib/soft-serve
+          readOnly: false
+        {{ if and .Values.privateKey .Values.publicKey }}
+        - name: keys
+          mountPath: /.ssh
+          readOnly: true
+        {{ end }}

charts/soft-serve/templates/volume.yaml

diff --git a/charts/soft-serve/templates/volume.yaml b/charts/soft-serve/templates/volume.yaml
new file mode 100644
index 0000000..f5d0bfc
--- /dev/null
+++ b/charts/soft-serve/templates/volume.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: soft-serve
+  namespace: {{ .Release.Namespace }}
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.storage.size }}

charts/soft-serve/values.yaml

diff --git a/charts/soft-serve/values.yaml b/charts/soft-serve/values.yaml
new file mode 100644
index 0000000..cd042fc
--- /dev/null
+++ b/charts/soft-serve/values.yaml
@@ -0,0 +1,22 @@
+image:
+  repository: charmcli/soft-serve
+  tag: latest
+  pullPolicy: IfNotPresent
+storage:
+  size: 1Gi
+port: 22
+sshPublicPort: 22
+privateKey: ""
+publicKey: ""
+adminKey: ""
+serviceType: LoadBalancer
+reservedIP: ""
+addressPool: ""
+ingress:
+  enabled: false
+  domain: git.p.example.com
+  ingressClassName: example-ingress-private
+  certificateIssuer: ""
+  sourcePort: 0
+allowKeyless: false
+anonAccess: "no-access"