diff --git a/charts/netbox/Chart.yaml b/charts/netbox/Chart.yaml index 21e08d5..f10cc6a 100644 --- a/charts/netbox/Chart.yaml +++ b/charts/netbox/Chart.yaml @@ -4,4 +4,4 @@ appVersion: "2.8.1" description: An IP address management (IPAM) and data center infrastructure management (DCIM) tool. icon: https://raw.githubusercontent.com/digitalocean/netbox/develop/netbox/project-static/img/netbox.ico name: netbox -version: 0.5.2 +version: 1.0.0 diff --git a/charts/netbox/charts/postgresql-8.9.4.tgz b/charts/netbox/charts/postgresql-8.9.4.tgz new file mode 100644 index 0000000..bdd8270 Binary files /dev/null and b/charts/netbox/charts/postgresql-8.9.4.tgz differ diff --git a/charts/netbox/charts/redis-10.3.4.tgz b/charts/netbox/charts/redis-10.3.4.tgz deleted file mode 100644 index be616f2..0000000 Binary files a/charts/netbox/charts/redis-10.3.4.tgz and /dev/null differ diff --git a/charts/netbox/charts/redis-10.6.12.tgz b/charts/netbox/charts/redis-10.6.12.tgz new file mode 100644 index 0000000..8cb043e Binary files /dev/null and b/charts/netbox/charts/redis-10.6.12.tgz differ diff --git a/charts/netbox/requirements.lock b/charts/netbox/requirements.lock new file mode 100644 index 0000000..92142b8 --- /dev/null +++ b/charts/netbox/requirements.lock @@ -0,0 +1,9 @@ +dependencies: +- name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 8.9.4 +- name: redis + repository: https://charts.bitnami.com/bitnami + version: 10.6.12 +digest: sha256:501f2da7eac8d6ecf2616fb27c6b26a808515250dc32e38738fa26e8016dfb1f +generated: "2020-05-04T09:41:49.344324356+02:00" diff --git a/charts/netbox/requirements.yaml b/charts/netbox/requirements.yaml index 3107031..512bbab 100644 --- a/charts/netbox/requirements.yaml +++ b/charts/netbox/requirements.yaml @@ -1,4 +1,8 @@ dependencies: + - name: postgresql + version: ~8.9.4 + repository: https://charts.bitnami.com/bitnami + condition: postgresql.enabled - name: redis - version: 10.3.4 - repository: https://kubernetes-charts.storage.googleapis.com/ + version: ~10.6.12 + repository: https://charts.bitnami.com/bitnami diff --git a/charts/netbox/templates/_helpers.tpl b/charts/netbox/templates/_helpers.tpl index 594670c..cc61ddf 100644 --- a/charts/netbox/templates/_helpers.tpl +++ b/charts/netbox/templates/_helpers.tpl @@ -39,5 +39,21 @@ Create chart name and version as used by the chart label. Get the correct image tag name */}} {{- define "netbox.imageTag" -}} -{{- .Values.image.tag | default (printf "%s-ldap" .Chart.AppVersion) -}} +{{- .Values.image.tag | default (printf "v%s-ldap" .Chart.AppVersion) -}} +{{- end -}} + +{{/* +Get the installed postgresql fullname +*/}} +{{- define "netbox.postgresql.fullname" -}} +{{- $name := default "postgresql" .Values.postgresql.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Get the installed redis fullname +*/}} +{{- define "netbox.redis.fullname" -}} +{{- $name := default "redis" .Values.redis.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} diff --git a/charts/netbox/templates/configuration.yaml b/charts/netbox/templates/configuration.yaml index bd23233..2a22543 100644 --- a/charts/netbox/templates/configuration.yaml +++ b/charts/netbox/templates/configuration.yaml @@ -9,17 +9,28 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "netbox.chart" . }} data: - DB_NAME: {{ .Values.database.database }} - DB_USER: {{ .Values.database.user }} - DB_HOST: {{ .Values.database.host }} - DB_PORT: {{ .Values.database.port | quote }} +{{- if .Values.database }} + DB_NAME: {{ .Values.database.database | default "netbox" | quote }} + DB_USER: {{ .Values.database.user | default "netbox" | quote }} + DB_HOST: {{ .Values.database.host | quote }} + DB_PORT: {{ .Values.database.port | default 5432 | quote }} +{{- else }} + DB_NAME: {{ .Values.postgresql.postgresqlDatabase | quote }} + DB_USER: {{ .Values.postgresql.postgresqlUsername | quote }} + DB_HOST: {{ include "netbox.postgresql.fullname" . }} + DB_PORT: {{ .Values.postgresql.postgresqlPort | default 5432 | quote }} +{{- end }} REDIS_HOST: {{ include "netbox.redisHost" . }} REDIS_PORT: {{ .Values.redis.redisPort | quote }} REDIS_SSL: "false" - SUPERUSER_NAME: {{ .Values.superuser.name }} - SUPERUSER_EMAIL: {{ .Values.superuser.email }} +{{- if .Values.superuser.name }} + SUPERUSER_NAME: {{ .Values.superuser.name | quote }} +{{- end }} +{{- if .Values.superuser.email }} + SUPERUSER_EMAIL: {{ .Values.superuser.email | quote }} +{{- end }} {{- range $key, $value := .Values.extraEnv }} {{ $key }}: {{ $value | quote }} diff --git a/charts/netbox/templates/deployment-worker.yaml b/charts/netbox/templates/deployment-worker.yaml index 7dd31da..f78f971 100644 --- a/charts/netbox/templates/deployment-worker.yaml +++ b/charts/netbox/templates/deployment-worker.yaml @@ -34,6 +34,24 @@ spec: - rqworker image: "{{ .Values.image.repository }}:{{ include "netbox.imageTag" . }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "netbox.redis.fullname" . }} + key: redis-password + {{- if .Values.postgresql.enabled }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + {{- if .Values.postgresql.existingSecret }} + name: {{ .Values.postgresql.existingSecret }} + key: {{ .Values.postgresql.existingSecretKey }} + {{- else }} + name: {{ include "netbox.postgresql.fullname" . }} + key: postgresql-password + {{- end }} + {{- end }} envFrom: - configMapRef: name: {{ include "netbox.fullname" . }} diff --git a/charts/netbox/templates/deployment.yaml b/charts/netbox/templates/deployment.yaml index 12846b4..2bcd41a 100644 --- a/charts/netbox/templates/deployment.yaml +++ b/charts/netbox/templates/deployment.yaml @@ -1,3 +1,12 @@ +{{- if .Values.database }} + {{- if .Values.postgresql.enabled }} + {{- "Both external and internal database enabled, you may want to set postgresql.enabled=false" | fail }} + {{- end }} +{{- else }} + {{- if not .Values.postgresql.enabled }} + {{- "Neither external nor internal database enabled, you may want to set postgresql.enabled=true" | fail }} + {{- end }} +{{- end }} --- apiVersion: apps/v1 kind: Deployment @@ -29,6 +38,33 @@ spec: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ include "netbox.imageTag" . }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- if .Values.redis.usePassword }} + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "netbox.redis.fullname" . }} + key: redis-password + {{- end }} + {{- if .Values.existingDjangoSecret }} + - name: SECRET_KEY + valueFrom: + secretKeyRef: + name: {{ .Values.existingDjagonSecret }} + key: {{ .Values.existingDjangoSecretKey }} + {{- end }} + {{- if .Values.postgresql.enabled }} + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + {{- if .Values.postgresql.existingSecret }} + name: {{ .Values.postgresql.existingSecret }} + key: {{ .Values.postgresql.existingSecretKey }} + {{- else }} + name: {{ include "netbox.postgresql.fullname" . }} + key: postgresql-password + {{- end }} + {{- end }} envFrom: - configMapRef: name: {{ include "netbox.fullname" . }} @@ -36,7 +72,6 @@ spec: name: {{ include "netbox.fullname" . }} resources: {{- toYaml .Values.resources | nindent 12 }} - {{- if or .Values.persistence.enabled .Values.extraVolumeMounts }} volumeMounts: - name: netbox-static-files mountPath: /opt/netbox/netbox/static @@ -44,14 +79,15 @@ spec: mountPath: /etc/netbox/config/gunicorn_config.py subPath: gunicorn_config.py readOnly: true + {{- if .Values.useUnixSocket }} - name: netbox-socket mountPath: /tmp/netbox + {{- end }} - name: data mountPath: /etc/netbox/media -{{- if .Values.extraVolumeMounts }} -{{ toYaml .Values.extraVolumeMounts | indent 12 }} -{{- end }} - {{- end }} + {{- with .Values.extraVolumeMounts }} + {{ toYaml . | nindent 12 }} + {{- end }} - name: nginx image: "nginx:alpine" imagePullPolicy: Always @@ -80,8 +116,10 @@ spec: - name: netbox-static-files mountPath: /opt/netbox/netbox/static readOnly: true + {{- if .Values.useUnixSocket }} - name: netbox-socket mountPath: /tmp/netbox + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -92,8 +130,10 @@ spec: name: {{ .Chart.Name }}-config-files - name: netbox-static-files emptyDir: {} + {{- if .Values.useUnixSocket }} - name: netbox-socket emptyDir: {} + {{- end }} - name: data {{- if .Values.persistence.enabled }} persistentVolumeClaim: diff --git a/charts/netbox/templates/nginx-config.yaml b/charts/netbox/templates/nginx-config.yaml index f8bd173..e72f88d 100644 --- a/charts/netbox/templates/nginx-config.yaml +++ b/charts/netbox/templates/nginx-config.yaml @@ -9,6 +9,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "netbox.chart" . }} data: +{{- if .Values.useUnixSocket }} gunicorn_config.py: |- command = '/usr/bin/gunicorn' pythonpath = '/opt/netbox/netbox' @@ -18,6 +19,7 @@ data: accesslog = '-' capture_output = False loglevel = 'info' +{{- end }} nginx.conf: |- daemon off; worker_processes 1; @@ -39,7 +41,11 @@ data: client_max_body_size 10M; upstream netbox { + {{- if .Values.useUnixSocket }} server unix:/tmp/netbox/gunicorn.sock fail_timeout=0; + {{- else }} + server http://localhost:8001 fail_timeout=0; + {{- end }} } server { diff --git a/charts/netbox/templates/secrets.yaml b/charts/netbox/templates/secrets.yaml index cb3122f..e95d74d 100644 --- a/charts/netbox/templates/secrets.yaml +++ b/charts/netbox/templates/secrets.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: @@ -8,12 +9,23 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "netbox.chart" . }} data: +{{- if .Values.database }} DB_PASSWORD: {{ .Values.database.password | b64enc }} - REDIS_PASSWORD: {{ .Values.redis.password | b64enc }} +{{- else if .Values.postgresql.postgresqlPassword }} + DB_PASSWORD: {{ .Values.postgresql.postgresqlPassword | b64enc }} +{{- end }} +{{- if .Values.djangoSecret }} SECRET_KEY: {{ .Values.djangoSecret | b64enc }} +{{- else if not .Values.existingDjangoSecret }} + SECRET_KEY: {{ randAlphaNum 50 | b64enc }} +{{- end }} +{{- if .Values.superuser.apiToken }} SUPERUSER_API_TOKEN: {{ .Values.superuser.apiToken | b64enc }} +{{- end }} +{{- if .Values.superuser.password }} SUPERUSER_PASSWORD: {{ .Values.superuser.password | b64enc }} +{{- end }} {{- range $key, $value := .Values.extraSecrets }} {{ $key }}: {{ $value | b64enc | quote }} diff --git a/charts/netbox/values.yaml b/charts/netbox/values.yaml index 6713ba0..330ce4b 100644 --- a/charts/netbox/values.yaml +++ b/charts/netbox/values.yaml @@ -31,21 +31,22 @@ ingress: # hosts: # - chart-example.local -database: - ## Database host - host: localhost +# Deprecated database keys +# database: - ## Database port - port: 5432 +postgresql: + enabled: true - ## Database user - user: netbox + postgresqlDatabase: netbox + postgresqlUsername: netbox - ## Database password - password: netbox - - ## Database name - database: netbox + # The following variables are only used when internal PG is disabled + # postgresqlHost: postgres + # postgresqlPassword: postgres + # postgresqlPort: 5432 + # When defined the `postgresqlPassword` field is ignored + # existingSecret: secret-name + # existingSecretKey: postgresql-password redis: cluster: @@ -56,10 +57,16 @@ redis: slave: persistence: enabled: false - password: netbox + # password: netbox redisPort: 6379 -djangoSecret: '' +# NB; Not specifying a key or existing secret will cause it to regenerate on +# every upgrade +# djangoSecret: '' +# existingDjangoSecret: netbox-django-secret +# existingDjangoSecretKey: secret_key + +useUnixSocket: true extraEnv: {} # EMAIL_SERVER: localhost