From 3a9b2490224d4d0d714a1efadd5405195a0246f8 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Thu, 11 Jul 2024 15:30:06 +0300 Subject: [PATCH 01/10] adding abviliy to setup host on external postgress --- charts/outline/templates/001-deployment.yaml | 22 ++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/charts/outline/templates/001-deployment.yaml b/charts/outline/templates/001-deployment.yaml index 9f2a164..b6ab7e0 100644 --- a/charts/outline/templates/001-deployment.yaml +++ b/charts/outline/templates/001-deployment.yaml @@ -90,15 +90,29 @@ spec: secretKeyRef: name: "{{ .Values.postgresql.auth.existingSecret }}" key: password + {{- if .Values.postgresql.auth.host }} + - name: DATABASE_URL + value: "postgres://{{ .Values.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@{{ .Values.postgresql.auth.host }}:5432/{{ .Values.postgresql.auth.database }}" + - name: DATABASE_URL_TEST + value: "postgres://{{ .Values.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@{{ .Values.postgresql.auth.host }}:5432/{{ .Values.postgresql.auth.database }}_test" + {{- else }} + - name: DATABASE_URL + value: "postgres://{{ .Values.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@{{ .Release.Name }}-postgresql:5432/{{ .Values.postgresql.auth.database }}" + - name: DATABASE_URL_TEST + value: "postgres://{{ .Values.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@{{ .Release.Name }}-postgresql:5432/{{ .Values.postgresql.auth.database }}_test" + {{- end }} + {{- else }} + {{- if .Values.postgresql.auth.host }} - name: DATABASE_URL - value: "postgres://{{ .Values.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@postgresql.postgresql.svc.cluster.local:5432/{{ .Values.postgresql.auth.database }}" + value: "postgres://{{ .Values.postgresql.auth.username }}:{{ .Values.postgresql.auth.password }}@{{ .Values.postgresql.auth.host }}:5432/{{ .Values.postgresql.auth.database }}" - name: DATABASE_URL_TEST - value: "postgres://{{ .Values.postgresql.auth.username }}:$(POSTGRES_PASSWORD)@postgresql.postgresql.svc.cluster.local:5432/{{ .Values.postgresql.auth.database }}_test" + value: "postgres://{{ .Values.postgresql.auth.username }}:{{ .Values.postgresql.auth.password }}@{{ .Values.postgresql.auth.host }}:5432/{{ .Values.postgresql.auth.database }}_test" {{- else }} - name: DATABASE_URL - value: "postgres://{{ .Values.postgresql.auth.username }}:{{ .Values.postgresql.auth.password }}@postgresql.postgresql.svc.cluster.local:5432/{{ .Values.postgresql.auth.database }}" + value: "postgres://{{ .Values.postgresql.auth.username }}:{{ .Values.postgresql.auth.password }}@{{ .Release.Name }}-postgresql:5432/{{ .Values.postgresql.auth.database }}" - name: DATABASE_URL_TEST - value: "postgres://{{ .Values.postgresql.auth.username }}:{{ .Values.postgresql.auth.password }}@postgresql.postgresql.svc.cluster.local:5432/{{ .Values.postgresql.auth.database }}_test" + value: "postgres://{{ .Values.postgresql.auth.username }}:{{ .Values.postgresql.auth.password }}@{{ .Release.Name }}-postgresql:5432/{{ .Values.postgresql.auth.database }}_test" + {{- end }} {{- end }} {{- end }} From 6a1dd3aeef0c09c7426efd4d2b31276912f10efd Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Thu, 11 Jul 2024 15:37:01 +0300 Subject: [PATCH 02/10] adding ability to change storageclass name and size --- .vscode/settings.json | 5 +++++ charts/outline/Chart.yaml | 2 +- charts/outline/README.md | 2 ++ charts/outline/templates/004-pvc.yaml | 3 ++- charts/outline/values.yaml | 5 +++++ 5 files changed, 15 insertions(+), 2 deletions(-) create mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..a490b61 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,5 @@ +{ + "githubPullRequests.ignoredPullRequestBranches": [ + "main" + ] +} \ No newline at end of file diff --git a/charts/outline/Chart.yaml b/charts/outline/Chart.yaml index 4e49ba0..1b81261 100644 --- a/charts/outline/Chart.yaml +++ b/charts/outline/Chart.yaml @@ -4,7 +4,7 @@ maintainers: url: https://kubito.dev apiVersion: v2 appVersion: 0.78.0-0 -version: 1.0.4 +version: 1.0.5 description: Kubito Outline Wiki Helm Chart home: https://github.com/kubitodev/helm/tree/main/charts/outline icon: https://kubito.dev/images/kubito.svg diff --git a/charts/outline/README.md b/charts/outline/README.md index 3ef9448..97c6b27 100644 --- a/charts/outline/README.md +++ b/charts/outline/README.md @@ -74,6 +74,8 @@ The command removes all the Kubernetes components associated with the chart and | `outline.service.url` | The URL where the application will be accessible. | `https://app.outline.dev` | | `outline.service.port` | The port on which the application will run. | `3000` | | `outline.fileStorage.type` | Type of file storage to be used (e.g., local, s3). | `s3` | +| `outline.fileStorage.storageClassName` | The storageclass name to use | `""` | +| `outline.fileStorage.storageSize` | The storageclass size to use | `250Gi` | | `outline.fileStorage.localRootDir` | Local directory path for storing files, if using local storage. | `/var/lib/outline/data` | | `outline.fileStorage.uploadMaxSize` | Maximum file upload size limit. | `26214400` | | `outline.optional.collaborationUrl` | URL for collaboration features, if any. | `""` | diff --git a/charts/outline/templates/004-pvc.yaml b/charts/outline/templates/004-pvc.yaml index 558072b..9c0a347 100644 --- a/charts/outline/templates/004-pvc.yaml +++ b/charts/outline/templates/004-pvc.yaml @@ -7,9 +7,10 @@ metadata: labels: app: {{ .Release.Name }} spec: + storageClassName: {{ .Values.outline.fileStorage.storageClassName }} accessModes: - ReadWriteOnce resources: requests: - storage: 250Gi + storage: {{ .Values.outline.fileStorage.storageSize }} {{- end }} diff --git a/charts/outline/values.yaml b/charts/outline/values.yaml index 4e39f74..976a973 100644 --- a/charts/outline/values.yaml +++ b/charts/outline/values.yaml @@ -39,6 +39,8 @@ replicaCount: 1 ## @param outline.service.url The URL where the application will be accessible. ## @param outline.service.port The port on which the application will run. ## @param outline.fileStorage.type Type of file storage to be used (e.g., local, s3). +## @param outline.fileStorage.storageClassName The storageclass name to use default "". +## @param outline.fileStorage.storageSize The storageclass size to use default 250Gi. ## @param outline.fileStorage.localRootDir Local directory path for storing files, if using local storage. ## @param outline.fileStorage.uploadMaxSize Maximum file upload size limit. ## @param outline.optional.collaborationUrl URL for collaboration features, if any. @@ -86,8 +88,11 @@ outline: port: 3000 fileStorage: type: s3 # set to local|s3 + storageClassName: "" + storageSize: 250Gi localRootDir: /var/lib/outline/data uploadMaxSize: 26214400 + optional: collaborationUrl: "" forceHttps: false From 46e4292183c4ce974f7dc021553e75840a2ab825 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Thu, 11 Jul 2024 15:47:32 +0300 Subject: [PATCH 03/10] fixing upload max size local storage bug --- charts/outline/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/outline/values.yaml b/charts/outline/values.yaml index 976a973..c439ca8 100644 --- a/charts/outline/values.yaml +++ b/charts/outline/values.yaml @@ -91,7 +91,7 @@ outline: storageClassName: "" storageSize: 250Gi localRootDir: /var/lib/outline/data - uploadMaxSize: 26214400 + uploadMaxSize: "26214400" optional: collaborationUrl: "" From f624cb524a431f7790f4d89f4745dc1e8ad0405b Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Thu, 11 Jul 2024 15:50:38 +0300 Subject: [PATCH 04/10] make sure the uploadMaxSize is always string --- charts/outline/templates/001-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/outline/templates/001-deployment.yaml b/charts/outline/templates/001-deployment.yaml index b6ab7e0..6032958 100644 --- a/charts/outline/templates/001-deployment.yaml +++ b/charts/outline/templates/001-deployment.yaml @@ -157,14 +157,14 @@ spec: - name: AWS_S3_ACL value: "{{ .Values.minio.s3Config.acl }}" - name: FILE_STORAGE_UPLOAD_MAX_SIZE - value: "{{ .Values.minio.s3Config.uploadMaxSize }}" + value: "{{ .Values.minio.s3Config.uploadMaxSize | quote }}" {{- else if eq .Values.outline.fileStorage.type "local" }} - name: FILE_STORAGE value: "{{ .Values.outline.fileStorage.type }}" - name: FILE_STORAGE_LOCAL_ROOT_DIR value: "{{ .Values.outline.fileStorage.localRootDir }}" - name: FILE_STORAGE_UPLOAD_MAX_SIZE - value: "{{ .Values.outline.fileStorage.uploadMaxSize }}" + value: "{{ .Values.outline.fileStorage.uploadMaxSize | quote }}" {{- end }} - name: COLLABORATION_URL From 0f378b73a0e1cab150a3773452f452578110a722 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Thu, 11 Jul 2024 15:59:20 +0300 Subject: [PATCH 05/10] adding security context for write permissions to volume --- charts/outline/templates/001-deployment.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/charts/outline/templates/001-deployment.yaml b/charts/outline/templates/001-deployment.yaml index 6032958..97db0ef 100644 --- a/charts/outline/templates/001-deployment.yaml +++ b/charts/outline/templates/001-deployment.yaml @@ -16,6 +16,10 @@ spec: app: {{ .Release.Name }} release: {{ .Release.Name }} spec: + securityContext: + fsGroup: 1001 + runAsUser: 1001 + runAsGroup: 1001 containers: - name: {{ .Release.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" From d69721fd0566482857ca37d17daaf1edd8a42409 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Thu, 11 Jul 2024 16:19:48 +0300 Subject: [PATCH 06/10] fixing local storage permissions --- charts/outline/templates/001-deployment.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/charts/outline/templates/001-deployment.yaml b/charts/outline/templates/001-deployment.yaml index 97db0ef..5bc5d9f 100644 --- a/charts/outline/templates/001-deployment.yaml +++ b/charts/outline/templates/001-deployment.yaml @@ -20,6 +20,19 @@ spec: fsGroup: 1001 runAsUser: 1001 runAsGroup: 1001 + {{- if eq .Values.outline.fileStorage.type "local" }} + initContainers: + - name: storage-prepare + image: busybox + command: + - chown + - -R + - 1001:1001 + - {{ .Values.outline.fileStorage.localRootDir }} + volumeMounts: + - name: {{ .Release.Name }}-data + mountPath: {{ .Values.outline.fileStorage.localRootDir }} + {{- end }} containers: - name: {{ .Release.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" From ca95fecced6018d321474b5a4340979bcbff2fb1 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Mon, 15 Jul 2024 12:18:38 +0300 Subject: [PATCH 07/10] fixing max import size --- charts/outline/templates/001-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/outline/templates/001-deployment.yaml b/charts/outline/templates/001-deployment.yaml index 5bc5d9f..9e549bc 100644 --- a/charts/outline/templates/001-deployment.yaml +++ b/charts/outline/templates/001-deployment.yaml @@ -193,7 +193,7 @@ spec: - name: WEB_CONCURRENCY value: "{{ .Values.outline.optional.webConcurrency }}" - name: FILE_STORAGE_IMPORT_MAX_SIZE - value: "{{ .Values.outline.optional.fileStorageImportMaxSize }}" + value: "{{ .Values.outline.optional.fileStorageImportMaxSize | quote }}" - name: LOG_LEVEL value: "{{ .Values.outline.optional.logLevel }}" - name: GOOGLE_ANALYTICS_ID From 53a1359d59f535ff1ee7d0e5d66f5377dce9c552 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Mon, 15 Jul 2024 12:19:50 +0300 Subject: [PATCH 08/10] fixing storage value for import --- charts/outline/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/outline/values.yaml b/charts/outline/values.yaml index c439ca8..bd6856a 100644 --- a/charts/outline/values.yaml +++ b/charts/outline/values.yaml @@ -98,7 +98,7 @@ outline: forceHttps: false enableUpdates: false webConcurrency: 1 - fileStorageImportMaxSize: 5120000 + fileStorageImportMaxSize: "5120000" logLevel: info googleAnalyticsId: "" sentry: From 5bdd1ba19bddfb934e66ff80beaf9ee35aa95847 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Mon, 15 Jul 2024 13:08:56 +0300 Subject: [PATCH 09/10] Delete .vscode/settings.json --- .vscode/settings.json | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index a490b61..0000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "githubPullRequests.ignoredPullRequestBranches": [ - "main" - ] -} \ No newline at end of file From f2d5f2798f62a410cee37709ecf4d117d49fb116 Mon Sep 17 00:00:00 2001 From: Alexander Zhilko <49622006+strelok899@users.noreply.github.com> Date: Thu, 18 Jul 2024 12:11:26 +0300 Subject: [PATCH 10/10] moving security context to work only if local --- charts/outline/templates/001-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/outline/templates/001-deployment.yaml b/charts/outline/templates/001-deployment.yaml index 9e549bc..298cf5f 100644 --- a/charts/outline/templates/001-deployment.yaml +++ b/charts/outline/templates/001-deployment.yaml @@ -16,11 +16,11 @@ spec: app: {{ .Release.Name }} release: {{ .Release.Name }} spec: + {{- if eq .Values.outline.fileStorage.type "local" }} securityContext: fsGroup: 1001 runAsUser: 1001 runAsGroup: 1001 - {{- if eq .Values.outline.fileStorage.type "local" }} initContainers: - name: storage-prepare image: busybox