Skip to content

Commit

Permalink
Updates privatebin chart
Browse files Browse the repository at this point in the history
  • Loading branch information
@0hlov3
0hlov3 committed Nov 19, 2023
1 parent 51fcd22 commit bfeff5c
Show file tree
Hide file tree
Showing 4 changed files with 166 additions and 110 deletions.
4 changes: 2 additions & 2 deletions charts/privatebin/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@ keywords:
- pastebin
- self-destroy
type: application
version: 0.1.0
appVersion: "1.5.1"
version: 0.1.1
appVersion: "1.6.0"
maintainers:
- name: fSocietySocial
email: dev@fsociety.social
Expand Down
209 changes: 113 additions & 96 deletions charts/privatebin/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,96 +10,71 @@ data:
; config file for PrivateBin
;
; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.
[main]
; (optional) set a project name to be displayed on the website
; name = "PrivateBin"
{{- if .Values.config.name }}
name: {{ .Values.config.name |default "PrivateBin" | quote }}
{{- end}}
; The full URL, with the domain name and directories that point to the PrivateBin files
; This URL is essential to allow Opengraph images to be displayed on social networks
; basepath = ""
name = "{{ .Values.config.name }}"
; The full URL, with the domain name and directories that point to the
; PrivateBin files, including an ending slash (/). This URL is essential to
; allow Opengraph images to be displayed on social networks.
basepath = "{{.Values.config.basepath}}"
; enable or disable the discussion feature, defaults to true
discussion = {{ .Values.config.discussion | default true }}
discussion = {{ .Values.config.discussion }}
; preselect the discussion feature, defaults to false
opendiscussion = {{ .Values.config.opendiscussion | default false }}
opendiscussion = {{ .Values.config.opendiscussion }}
; enable or disable the password feature, defaults to true
password = {{ .Values.config.enablepassword | default true }}
password = {{ .Values.config.password }}
; enable or disable the file upload feature, defaults to false
fileupload = {{ .Values.config.fileupload | default false }}
fileupload = {{ .Values.config.fileupload }}
; preselect the burn-after-reading feature, defaults to false
burnafterreadingselected = {{ .Values.config.burnafterreadingselected | default false }}
burnafterreadingselected = {{ .Values.config.burnafterreadingselected }}
; which display mode to preselect by default, defaults to "plaintext"
; make sure the value exists in [formatter_options]
defaultformatter = {{ .Values.config.defaultformatter | default "plaintext" | quote }}
defaultformatter = "{{ .Values.config.defaultformatter }}"
; (optional) set a syntax highlighting theme, as found in css/prettify/
{{- if .Values.config.syntaxhighlightingtheme }}
syntaxhighlightingtheme = {{ .Values.config.syntaxhighlightingtheme | default "sons-of-obsidian" | quote }}
{{- end }}
; syntaxhighlightingtheme = "{{ .Values.config.syntaxhighlightingtheme }}"
; size limit per paste or comment in bytes, defaults to 10 Mebibytes
sizelimit = {{ .Values.config.sizelimit | default 10485760 }}
sizelimit = {{ .Values.config.sizelimit }}
; template to include, default is "bootstrap" (tpl/bootstrap.php)
template = {{ .Values.config.template | default "bootstrap" | quote }}
template = "{{ .Values.config.template }}"
; (optional) info text to display
; use single, instead of double quotes for HTML attributes
{{- if .Values.config.info }}
info = {{ .Values.config.info | default "More information on the <a href='https://privatebin.info/'>project page</a>." | quote }}
{{- end }}
;info = "More information on the <a href='https://privatebin.info/'>project page</a>."
; (optional) notice to display
; notice = "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service."
{{- if .Values.config.notice }}
notice = {{ .Values.config.notice | default "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service." | quote }}
{{- end }}
; by default PrivateBin will guess the visitors language based on the browsers
; settings. Optionally you can enable the language selection menu, which uses
; a session cookie to store the choice until the browser is closed.
languageselection = {{ .Values.config.languageselection | default false }}
languageselection = {{ .Values.config.languageselection }}
; set the language your installs defaults to, defaults to English
; if this is set and language selection is disabled, this will be the only language
{{- if .Values.config.languagedefault }}
languagedefault = {{ .Values.config.languagedefault | default "en" | quote }}
languagedefault = "{{ .Values.config.languagedefault }}"
{{- end }}
; (optional) URL shortener address to offer after a new paste is created
; it is suggested to only use this with self-hosted shorteners as this will leak
; the pastes encryption key
; urlshortener = "https://shortener.example.com/api?link="
; (optional) URL shortener address to offer after a new paste is created.
; It is suggested to only use this with self-hosted shorteners as this will leak
; the pastes encryption key.
{{- if .Values.config.urlshortener }}
urlshortener = {{ .Values.config.urlshortener | default "https://shortener.example.com/api?link=" | quote }}
urlshortener = "{{ .Values.config.urlshortener }}"
{{- end }}
; (optional) Let users create a QR code for sharing the paste URL with one click.
; It works both when a new paste is created and when you view a paste.
; qrcode = true
{{- if .Values.config.qrcode }}
qrcode = {{ .Values.config.qrcode | default true }}
qrcode = {{ .Values.config.qrcode }}
{{- end }}
; (optional) Let users send an email sharing the paste URL with one click.
; It works both when a new paste is created and when you view a paste.
{{- if .Values.config.email }}
email = {{ .Values.config.email }}
{{- end }}
; (optional) IP based icons are a weak mechanism to detect if a comment was from
; a different user when the same username was used in a comment. It might be
; used to get the IP of a non anonymous comment poster if the server salt is
; leaked and a SHA256 HMAC rainbow table is generated for all (relevant) IPs.
; Can be set to one these values: "none" / "vizhash" / "identicon" (default).
; icon = "none"
; a different user when the same username was used in a comment. It might get
; used to get the IP of a comment poster if the server salt is leaked and a
; SHA512 HMAC rainbow table is generated for all (relevant) IPs.
; Can be set to one these values:
; "none" / "identicon" (default) / "jdenticon" / "vizhash".
{{- if .Values.config.icon }}
icon = {{ .Values.config.icon | default "none" | quote }}
icon = "{{ .Values.config.icon }}"
{{- end }}
; Content Security Policy headers allow a website to restrict what sources are
; allowed to be accessed in its context. You need to change this if you added
; custom scripts from third-party domains to your templates, e.g. tracking
Expand All @@ -116,42 +91,33 @@ data:
; async functions and display an error if not and for Chrome to enable
; webassembly support (used for zlib compression). You can remove it if Chrome
; doesn't need to be supported and old browsers don't need to be warned.
; cspheader = "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval' resource:; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
{{- if .Values.config.cspheader }}
cspheader = {{ .Values.config.cspheader | default "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval' resource:; style-src 'self'; font-src 'self'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads" | quote }}
cspheader = "{{ .Values.config.cspheader }}"
{{- end }}
; stay compatible with PrivateBin Alpha 0.19, less secure
; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
; sha256 in HMAC for the deletion token
; zerobincompatibility = false
{{- if .Values.config.zerobincompatibility }}
zerobincompatibility = {{ .Values.config.zerobincompatibility | default false }}
; zerobincompatibility = {{ .Values.config.zerobincompatibility }}
{{- end }}
; Enable or disable the warning message when the site is served over an insecure
; connection (insecure HTTP instead of HTTPS), defaults to true.
; Secure transport methods like Tor and I2P domains are automatically whitelisted.
; It is **strongly discouraged** to disable this.
; See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-it-show-me-an-error-about-an-insecure-connection for more information.
; httpwarning = true
; See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-it-show-me-an-error-about-an-insecure-connection for more information.
{{- if .Values.config.httpwarning }}
httpwarning = {{ .Values.config.httpwarning | default true }}
httpwarning = {{ .Values.config.httpwarning }}
{{- end }}
; Pick compression algorithm or disable it. Only applies to pastes/comments
; created after changing the setting.
; Can be set to one these values: "none" / "zlib" (default).
; compression = "zlib"
{{- if .Values.config.compression }}
compression = {{ .Values.config.compression | default "zlib" | quote }}
compression = "{{ .Values.config.compression }}"
{{- end }}
[expire]
; expire value that is selected per default
; make sure the value exists in [expire_options]
default = {{ .Values.config.defaultexpire | default "1week" | quote }}
default = "{{ .Values.config.expire.default }}"
[expire_options]
; Set each one of these to the number of seconds in the expiration period,
; or 0 if it should never expire
Expand All @@ -164,54 +130,50 @@ data:
1month = 2592000
1year = 31536000
never = 0
[formatter_options]
; Set available formatters, their order and their labels
plaintext = {{ .Values.config.formatterOptions.plaintext | default "Plain Text" | quote }}
syntaxhighlighting = {{ .Values.config.formatterOptions.syntaxhighlighting | default "Source Code" | quote }}
markdown = "Markdown" {{ .Values.config.formatterOptions.markdown | default "Markdown" | quote }}
plaintext = "{{ .Values.config.formatter_options.plaintext }}"
syntaxhighlighting = "{{ .Values.config.formatter_options.syntaxhighlighting }}"
markdown = "{{ .Values.config.formatter_options.markdown }}"
[traffic]
; time limit between calls from the same IP address in seconds
; Set this to 0 to disable rate limiting.
limit = {{ .Values.config.limit | default 10 }}
; Set ips (v4|v6) which should be exempted for the rate-limit. CIDR also supported. Needed to be comma separated.
; Unset for enabling and invalid values will be ignored
; eg: exemptedIp = '1.2.3.4,10.10.10/24'
limit = {{ .Values.config.traffic.limit }}
; (optional) Set IPs addresses (v4 or v6) or subnets (CIDR) which are exempted
; from the rate-limit. Invalid IPs will be ignored. If multiple values are to
; be exempted, the list needs to be comma separated. Leave unset to disable
; exemptions.
; exempted = "1.2.3.4,10.10.10/24"
; (optional) If you want only some source IP addresses (v4 or v6) or subnets
; (CIDR) to be allowed to create pastes, set these here. Invalid IPs will be
; ignored. If multiple values are to be exempted, the list needs to be comma
; separated. Leave unset to allow anyone to create pastes.
; creators = "1.2.3.4,10.10.10/24"
; (optional) if your website runs behind a reverse proxy or load balancer,
; set the HTTP header containing the visitors IP address, i.e. X_FORWARDED_FOR
; header = "X_FORWARDED_FOR"
{{- if .Values.config.header }}
header = {{ .Values.config.header | default "X_FORWARDED_FOR" | quote }}
{{- end }}
[purge]
; minimum time limit between two purgings of expired pastes, it is only
; triggered when pastes are created
; Set this to 0 to run a purge every time a paste is created.
limit = {{ .Values.config.purgelimit | default 300 }}
limit = 300
; maximum amount of expired pastes to delete in one purge
; Set this to 0 to disable purging. Set it higher, if you are running a large
; site
batchsize = {{ .Values.config.batchsize | default 10 }}
batchsize = 10
[model]
; name of data model class to load and directory for storage
; the default model "Filesystem" stores everything in the filesystem
class = {{ .Values.config.modelclass | default "Filesystem" | quote }}
class = Filesystem
[model_options]
dir = PATH "data"
;[model]
; example of a Google Cloud Storage configuration
;class = GoogleCloudStorage
;[model_options]
;bucket = "my-private-bin"
;prefix = "pastes"
;uniformacl = false
;[model]
; example of DB configuration for MySQL
;class = Database
Expand All @@ -221,7 +183,6 @@ data:
;usr = "privatebin"
;pwd = "Z3r0P4ss"
;opt[12] = true ; PDO::ATTR_PERSISTENT
;[model]
; example of DB configuration for SQLite
;class = Database
Expand All @@ -230,4 +191,60 @@ data:
;usr = null
;pwd = null
;opt[12] = true ; PDO::ATTR_PERSISTENT
;[model]
; example of DB configuration for PostgreSQL
;class = Database
;[model_options]
;dsn = "pgsql:host=localhost;dbname=privatebin"
;tbl = "privatebin_" ; table prefix
;usr = "privatebin"
;pwd = "Z3r0P4ss"
;opt[12] = true ; PDO::ATTR_PERSISTENT
;[model]
; example of S3 configuration for Rados gateway / CEPH
;class = S3Storage
;[model_options]
;region = ""
;version = "2006-03-01"
;endpoint = "https://s3.my-ceph.invalid"
;use_path_style_endpoint = true
;bucket = "my-bucket"
;accesskey = "my-rados-user"
;secretkey = "my-rados-pass"
;[model]
; example of S3 configuration for AWS
;class = S3Storage
;[model_options]
;region = "eu-central-1"
;version = "latest"
;bucket = "my-bucket"
;accesskey = "access key id"
;secretkey = "secret access key"
;[model]
; example of S3 configuration for AWS using its SDK default credential provider chain
; if relying on environment variables, the AWS SDK will look for the following:
; - AWS_ACCESS_KEY_ID
; - AWS_SECRET_ACCESS_KEY
; - AWS_SESSION_TOKEN (if needed)
; for more details, see https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html#default-credential-chain
;class = S3Storage
;[model_options]
;region = "eu-central-1"
;version = "latest"
;bucket = "my-bucket"
[yourls]
; When using YOURLS as a "urlshortener" config item:
; - By default, "urlshortener" will point to the YOURLS API URL, with or without
; credentials, and will be visible in public on the PrivateBin web page.
; Only use this if you allow short URL creation without credentials.
; - Alternatively, using the parameters in this section ("signature" and
; "apiurl"), "urlshortener" needs to point to the base URL of your PrivateBin
; instance with "shortenviayourls?link=" appended. For example:
; urlshortener = "${basepath}shortenviayourls?link="
; This URL will in turn call YOURLS on the server side, using the URL from
; "apiurl" and the "access signature" from the "signature" parameters below.
; (optional) the "signature" (access key) issued by YOURLS for the using account
; signature = ""
; (optional) the URL of the YOURLS API, called to shorten a PrivateBin URL
; apiurl = "https://yourls.example.com/yourls-api.php"
{{- end }}
2 changes: 1 addition & 1 deletion charts/privatebin/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ spec:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
image: "{{ .Values.image.registry}}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: privatebin
Expand Down
Loading

0 comments on commit bfeff5c

Please sign in to comment.