installer: configs
diff --git a/charts/appmanager/templates/install.yaml b/charts/appmanager/templates/install.yaml
index d63827d..7274aa9 100644
--- a/charts/appmanager/templates/install.yaml
+++ b/charts/appmanager/templates/install.yaml
@@ -1,3 +1,27 @@
+kind: ClusterRole
+metadata:
+ name: {{ .Values.clusterRoleName }}
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - namespaces
+ verbs:
+ - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Values.clusterRoleName }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: {{ .Values.clusterRoleName }}
+subjects:
+- kind: ServiceAccount
+ name: default
+ namespace: {{ .Release.Namespace }}
+---
apiVersion: v1
kind: Secret
metadata:
@@ -26,15 +50,19 @@
metadata:
name: ingress
namespace: {{ .Release.Namespace }}
+ {{- if .Values.certificateIssuer }}
annotations:
acme.cert-manager.io/http01-edit-in-place: "true"
cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer}}
+ {{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
+ {{- if .Values.certificateIssuer }}
tls:
- hosts:
- {{ .Values.ingress.domain }}
secretName: cert-appmanager
+ {{- end }}
rules:
- host: {{ .Values.ingress.domain }}
http:
diff --git a/charts/appmanager/values.yaml b/charts/appmanager/values.yaml
index 572f74b..ac29afd 100644
--- a/charts/appmanager/values.yaml
+++ b/charts/appmanager/values.yaml
@@ -8,3 +8,4 @@
className: example-ingress-private
domain: apps.p.example.com
certificateIssuer: example-private
+clusterRoleName: example-welcome
diff --git a/charts/env-manager/templates/install.yaml b/charts/env-manager/templates/install.yaml
index 6139479..400726d 100644
--- a/charts/env-manager/templates/install.yaml
+++ b/charts/env-manager/templates/install.yaml
@@ -1,7 +1,7 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
- name: {{ .Global.PCloudEnvName }}-env-manager
+ name: {{ .Values.clusterRoleName }}
rules:
- apiGroups:
- ""
@@ -13,11 +13,11 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
- name: {{ .Global.PCloudEnvName }}-env-manager
+ name: {{ .Values.clusterRoleName }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: {{ .Global.PCloudEnvName }}-env-manager
+ name: {{ .Values.clusterRoleName }}
subjects:
- kind: ServiceAccount
name: default
diff --git a/charts/env-manager/values.yaml b/charts/env-manager/values.yaml
index f8cf699..aa5a42c 100644
--- a/charts/env-manager/values.yaml
+++ b/charts/env-manager/values.yaml
@@ -4,3 +4,4 @@
pullPolicy: Always
repoIP: 192.168.0.11
sshPrivateKey: key
+clusterRoleName: pcloud-env-manager
diff --git a/charts/welcome/templates/install.yaml b/charts/welcome/templates/install.yaml
index ddeeab6..d151411 100644
--- a/charts/welcome/templates/install.yaml
+++ b/charts/welcome/templates/install.yaml
@@ -1,6 +1,6 @@
kind: ClusterRole
metadata:
- name: {{ .Global.PCloudEnvName }}-welcome
+ name: {{ .Values.clusterRoleName }}
rules:
- apiGroups:
- ""
@@ -12,11 +12,11 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
- name: {{ .Global.PCloudEnvName }}-welcome
+ name: {{ .Values.clusterRoleName }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: {{ .Global.PCloudEnvName }}-welcome
+ name: {{ .Values.clusterRoleName }}
subjects:
- kind: ServiceAccount
name: default
@@ -50,15 +50,19 @@
metadata:
name: ingress
namespace: {{ .Release.Namespace }}
+ {{- if .Values.certificateIssuer }}
annotations:
acme.cert-manager.io/http01-edit-in-place: "true"
cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer}}
+ {{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
+ {{- if .Values.certificateIssuer }}
tls:
- hosts:
- {{ .Values.ingress.domain }}
secretName: cert-welcome
+ {{- end }}
rules:
- host: {{ .Values.ingress.domain }}
http:
diff --git a/charts/welcome/values.yaml b/charts/welcome/values.yaml
index d83ffd1..5b71b61 100644
--- a/charts/welcome/values.yaml
+++ b/charts/welcome/values.yaml
@@ -8,3 +8,4 @@
className: pcloud-ingress-public
domain: welcome.example.com
certificateIssuer: example-public
+clusterRoleName: example-welcome
diff --git a/core/installer/values-tmpl/appmanager.jsonschema b/core/installer/values-tmpl/appmanager.jsonschema
new file mode 100644
index 0000000..8a011ca
--- /dev/null
+++ b/core/installer/values-tmpl/appmanager.jsonschema
@@ -0,0 +1,8 @@
+{
+ "type": "object",
+ "properties": {
+ "RepoAddr": { "type": "string", "default": "ssh://192.168.0.11/example" },
+ "SSHPrivateKey": { "type": "string", "default": "foo bar" }
+ },
+ "additionalProperties": false
+}
diff --git a/core/installer/values-tmpl/appmanager.md b/core/installer/values-tmpl/appmanager.md
new file mode 100644
index 0000000..8fdc4ea
--- /dev/null
+++ b/core/installer/values-tmpl/appmanager.md
@@ -0,0 +1 @@
+Installs PCloud App Manager
diff --git a/core/installer/values-tmpl/appmanager.yaml b/core/installer/values-tmpl/appmanager.yaml
new file mode 100644
index 0000000..2ca79b9
--- /dev/null
+++ b/core/installer/values-tmpl/appmanager.yaml
@@ -0,0 +1,22 @@
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: appmanager
+ namespace: {{ .Release.Namespace }}
+spec:
+ chart:
+ spec:
+ chart: charts/appmanager
+ sourceRef:
+ kind: GitRepository
+ name: pcloud
+ namespace: {{ .Global.Id }}
+ interval: 1m0s
+ values:
+ repoAddr: {{ .Values.RepoAddr }}
+ sshPrivateKey: {{ .Values.SSHPrivateKey | b64enc }}
+ ingress:
+ className: {{ .Global.Id }}-ingress-public
+ domain: apps.{{ .Global.PrivateDomain }}
+ certificateIssuer: ""
+ clusterRoleName: {{ .Global.Id }}-appmanager
diff --git a/core/installer/values-tmpl/env-manager.yaml b/core/installer/values-tmpl/env-manager.yaml
index b64ce09..a2ba684 100644
--- a/core/installer/values-tmpl/env-manager.yaml
+++ b/core/installer/values-tmpl/env-manager.yaml
@@ -15,3 +15,4 @@
values:
repoIP: {{ .Values.RepoIP }}
sshPrivateKey: {{ .Values.SSHPrivateKey | b64enc }}
+ clusterRoleName: {{ .Global.PCloudEnvName }}-env-manager
diff --git a/core/installer/values-tmpl/welcome.yaml b/core/installer/values-tmpl/welcome.yaml
index 93556e3..145a735 100644
--- a/core/installer/values-tmpl/welcome.yaml
+++ b/core/installer/values-tmpl/welcome.yaml
@@ -19,3 +19,4 @@
className: {{ .Global.PCloudEnvName }}-ingress-public
domain: welcome.{{ .Global.Domain }}
certificateIssuer: {{ .Global.Id }}-public
+ clusterRoleName: {{ .Global.Id }}-welcome