local-it/dashboard
Archived
0
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

add bitnami/Discourse chart as a basis, edit Chart.yaml

Browse source
This commit is contained in:
Maarten de Waard 2021-09-30 14:37:30 +02:00
parent 42407e1d0f
commit f0b0dd3e36
No known key found for this signature in database
GPG key ID: 1D3E893A657CC8DA
15 changed files with 1702 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

165
deployment/helmchart/templates/NOTES.txt Normal file
View file

@ -0,0 +1,165 @@
{{- $secretName := include "discourse.secretName" . -}}
{{- $postgresqlSecretName := include "discourse.postgresql.secretName" . -}}
{{- $redisSecretName := include "discourse.redis.secretName" . -}}
{{- if or .Values.postgresql.enabled .Values.externalDatabase.host -}}
{{- if empty (include "discourse.host" .) -}}
###############################################################################
### ERROR: You did not provide an external host in your 'helm install' call ###
###############################################################################
This deployment will be incomplete until you configure Discourse with a resolvable host. To configure Discourse with the URL of your service:
1. Get the discourse URL by running:
{{- if contains "NodePort" .Values.service.type }}
export DISCOURSE_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}"):$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}")
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}'
export DISCOURSE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
{{- end }}
{{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }}
{{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }}
{{- if (include "discourse.redis.auth.enabled" .) }}
{{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }}
{{- end }}
2. Complete your Discourse deployment by running:
{{- if .Values.postgresql.enabled }}
helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \
--set discourse.host=$DISCOURSE_HOST \
--set discourse.password=$DISCOURSE_PASSWORD \
{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }}
--set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \
{{- end }}{{- end }}
{{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }}
--set redis.auth.password=$REDIS_PASSWORD \
{{- end }}
--set postgresql.postgresqlPassword=$POSTGRESQL_PASSWORD
{{- else }}
## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ##
helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \
--set discourse.host=$DISCOURSE_HOST \
--set discourse.password=$DISCOURSE_PASSWORD \
--set service.type={{ .Values.service.type }} \
--set externalDatabase.host={{ .Values.externalDatabase.host }} \
--set externalDatabase.port={{ .Values.externalDatabase.port }} \
--set externalDatabase.user={{ .Values.externalDatabase.user }} \
--set externalDatabase.password=$POSTGRESQL_PASSWORD \
--set externalDatabase.database={{ .Values.externalDatabase.database }} \
{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }}
--set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \
{{- end }}{{- end }}
{{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }}
--set redis.auth.password=$REDIS_PASSWORD \
{{- end }}
--set postgresql.enabled=false
{{- end }}
{{- else -}}
1. Get the Discourse URL by running:
Discourse URL : http://{{ include "discourse.host" . }}/
{{- if eq .Values.service.type "ClusterIP" }}
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} 80:{{ .Values.service.port }}
{{- end }}
2. Get your Discourse login credentials by running:
Username: {{ .Values.discourse.username }}
{{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }}
{{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }}
{{- if (include "discourse.redis.auth.enabled" .) }}
{{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }}
{{- end }}
{{- end }}
{{- else -}}
########################################################################################
### ERROR: You did not provide an external database host in your 'helm install' call ###
########################################################################################
This deployment will be incomplete until you configure Discourse with a resolvable database host. To configure Discourse to use and external database host:
1. Complete your Discourse deployment by running:
{{- if contains "NodePort" .Values.service.type }}
export DISCOURSE_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}"):$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}")
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}'
export DISCOURSE_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
{{- else }}
export DISCOURSE_HOST=127.0.0.1
{{- end }}
{{ include "common.utils.secret.getvalue" (dict "secret" $secretName "field" "discourse-password" "context" $) }}
{{ include "common.utils.secret.getvalue" (dict "secret" $postgresqlSecretName "field" "postgresql-password" "context" $) }}
{{- if (include "discourse.redis.auth.enabled" .) }}
{{ include "common.utils.secret.getvalue" (dict "secret" $redisSecretName "field" "redis-password" "context" $) }}
{{- end }}
## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ##
helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \
--set discourse.host=$DISCOURSE_HOST \
--set discourse.password=$DISCOURSE_PASSWORD \
--set postgresql.enabled=false \
{{- if not (empty .Values.externalDatabase.user) }}
--set externalDatabase.user={{ .Values.externalDatabase.user }} \
{{- end }}
{{- if not (empty .Values.externalDatabase.password) }}
--set externalDatabase.password=$POSTGRESQL_PASSWORD \
{{- end }}
{{- if not (empty .Values.externalDatabase.database) }}
--set externalDatabase.database={{ .Values.externalDatabase.database }}
{{- end }}
--set externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST \
{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }}
--set global.imagePullSecrets={{ .Values.global.imagePullSecrets }} \
{{- end }}{{- end }}
{{- if and .Values.redis.enabled .Values.redis.auth.enabled (not .Values.redis.auth.existingSecret) (not .Values.redis.auth.password) }}
--set redis.auth.password=$REDIS_PASSWORD \
{{- end }}
--set service.type={{ .Values.service.type }}
{{- end }}
{{ if and .Values.postgresql.enabled (not .Values.postgresql.existingSecret) (eq .Values.postgresql.postgresqlPostgresPassword "bitnami") -}}
#####################################################################################
### WARNING: You did not change the default password for the PostgreSQL root user ###
#####################################################################################
{{- end }}
{{- include "common.warnings.rollingTag" .Values.image }}
{{- $passwordValidationErrors := list -}}
{{- if not .Values.discourse.existingSecret -}}
{{- $requiredDiscoursePassword := dict "valueKey" "discourse.password" "secret" $secretName "field" "discourse-password" "context" $ -}}
{{- $requiredDiscoursePasswordError := include "common.validations.values.single.empty" $requiredDiscoursePassword -}}
{{- $passwordValidationErrors = append $passwordValidationErrors $requiredDiscoursePasswordError -}}
{{- end -}}
{{- $postgresqlPasswordValidationErrors := include "common.validations.values.postgresql.passwords" (dict "secret" $postgresqlSecretName "subchart" true "context" $) -}}
{{- $passwordValidationErrors = append $passwordValidationErrors $postgresqlPasswordValidationErrors -}}
{{- if (include "discourse.redis.auth.enabled" .) }}
{{- $redisPasswordValidationErrors := include "common.validations.values.redis.passwords" (dict "secret" $redisSecretName "subchart" true "context" $) -}}
{{- $passwordValidationErrors = append $passwordValidationErrors $redisPasswordValidationErrors -}}
{{- end }}
{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}}

249
deployment/helmchart/templates/_helpers.tpl Normal file
View file

@ -0,0 +1,249 @@
{{/*
Create a default fully qualified app name
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "postgresql.fullname" -}}
{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "redis.fullname" -}}
{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "discourse.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "common.names.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Return the proper Docker image registry secret names
*/}}
{{- define "discourse.imagePullSecrets" -}}
{{ include "common.images.pullSecrets" (dict "images" (list .Values.image) "global" .Values.global) }}
{{- end -}}
{{/*
Return true if a secret object for Discourse should be created
*/}}
{{- define "discourse.createSecret" -}}
{{- if or (not .Values.discourse.existingSecret) (and (not .Values.discourse.smtp.existingSecret) .Values.discourse.smtp.password .Values.discourse.smtp.enabled) }}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Return the Discourse secret name
*/}}
{{- define "discourse.secretName" -}}
{{- if .Values.discourse.existingSecret }}
{{- printf "%s" .Values.discourse.existingSecret -}}
{{- else -}}
{{- printf "%s-discourse" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return the Discourse SMTP secret name
*/}}
{{- define "discourse.smtp.secretName" -}}
{{- if .Values.discourse.smtp.existingSecret }}
{{- printf "%s" .Values.discourse.smtp.existingSecret -}}
{{- else -}}
{{- printf "%s-discourse" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return true if Discourse SMTP uses password authentication
*/}}
{{- define "discourse.smtp.password.enabled" -}}
{{- if and (or .Values.discourse.smtp.password .Values.discourse.smtp.existingSecret) .Values.discourse.smtp.enabled }}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Get the user defined LoadBalancerIP for this release
Note, returns 127.0.0.1 if using ClusterIP.
*/}}
{{- define "discourse.serviceIP" -}}
{{- if eq .Values.service.type "ClusterIP" -}}
127.0.0.1
{{- else -}}
{{- .Values.service.loadBalancerIP | default "" -}}
{{- end -}}
{{- end -}}
{{/*
Gets the host to be used for this application.
If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty
*/}}
{{- define "discourse.host" -}}
{{- $host := .Values.discourse.host | default "" -}}
{{- default (include "discourse.serviceIP" .) $host -}}
{{- end -}}
{{/*
Return the proper Discourse image name
*/}}
{{- define "discourse.image" -}}
{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }}
{{- end -}}
{{/*
Return the proper Storage Class
*/}}
{{- define "discourse.storageClass" -}}
{{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) -}}
{{- end -}}
{{/*
Return the Postgresql hostname
*/}}
{{- define "discourse.databaseHost" -}}
{{- if .Values.postgresql.enabled }}
{{- printf "%s" (include "postgresql.fullname" .) -}}
{{- else -}}
{{- printf "%s" .Values.externalDatabase.host -}}
{{- end -}}
{{- end -}}
{{/*
Return the Postgresql port
*/}}
{{- define "discourse.databasePort" -}}
{{- if .Values.postgresql.enabled }}
{{- printf "5432" | quote -}}
{{- else -}}
{{- .Values.externalDatabase.port | quote -}}
{{- end -}}
{{- end -}}
{{/*
Return the Postgresql database name
*/}}
{{- define "discourse.databaseName" -}}
{{- if .Values.postgresql.enabled }}
{{- printf "%s" .Values.postgresql.postgresqlDatabase -}}
{{- else -}}
{{- printf "%s" .Values.externalDatabase.database -}}
{{- end -}}
{{- end -}}
{{/*
Return the Postgresql user
*/}}
{{- define "discourse.databaseUser" -}}
{{- if .Values.postgresql.enabled }}
{{- printf "%s" .Values.postgresql.postgresqlUsername -}}
{{- else -}}
{{- printf "%s" .Values.externalDatabase.user -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a secret object for Postgres should be created
*/}}
{{- define "discourse.postgresql.createSecret" -}}
{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) }}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Return the Postgresql secret name
*/}}
{{- define "discourse.postgresql.secretName" -}}
{{- if .Values.postgresql.enabled }}
{{- if .Values.postgresql.existingSecret }}
{{- printf "%s" .Values.postgresql.existingSecret -}}
{{- else -}}
{{- printf "%s" (include "postgresql.fullname" .) -}}
{{- end -}}
{{- else if .Values.externalDatabase.existingSecret }}
{{- printf "%s" .Values.externalDatabase.existingSecret -}}
{{- else -}}
{{- printf "%s-database" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return the Redis™ hostname
*/}}
{{- define "discourse.redisHost" -}}
{{- if .Values.redis.enabled }}
{{- printf "%s-master" (include "redis.fullname" .) -}}
{{- else -}}
{{- printf "%s" .Values.externalRedis.host -}}
{{- end -}}
{{- end -}}
{{/*
Return the Redis™ port
*/}}
{{- define "discourse.redisPort" -}}
{{- if .Values.redis.enabled }}
{{- printf "6379" | quote -}}
{{- else -}}
{{- .Values.externalRedis.port | quote -}}
{{- end -}}
{{- end -}}
{{/*
Return true if a secret object for Redis™ should be created
*/}}
{{- define "discourse.redis.createSecret" -}}
{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) .Values.externalRedis.password }}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Return the Redis™ secret name
*/}}
{{- define "discourse.redis.secretName" -}}
{{- if .Values.redis.enabled }}
{{- if .Values.redis.auth.existingSecret }}
{{- printf "%s" .Values.redis.auth.existingSecret -}}
{{- else -}}
{{- printf "%s" (include "redis.fullname" .) -}}
{{- end -}}
{{- else if .Values.externalRedis.existingSecret }}
{{- printf "%s" .Values.externalRedis.existingSecret -}}
{{- else -}}
{{- printf "%s-redis" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Return the Redis™ secret key
*/}}
{{- define "discourse.redis.secretPasswordKey" -}}
{{- if and .Values.redis.enabled .Values.redis.auth.existingSecret }}
{{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in redis" .Values.redis.auth.existingSecretPasswordKey | printf "%s" }}
{{- else if and (not .Values.redis.enabled) .Values.externalRedis.existingSecret }}
{{- required "You need to provide existingSecretPasswordKey when an existingSecret is specified in redis" .Values.externalRedis.existingSecretPasswordKey | printf "%s" }}
{{- else -}}
{{- printf "redis-password" -}}
{{- end -}}
{{- end -}}
{{/*
Return whether Redis™ uses password authentication or not
*/}}
{{- define "discourse.redis.auth.enabled" -}}
{{- if or (and .Values.redis.enabled .Values.redis.auth.enabled) (and (not .Values.redis.enabled) (or .Values.externalRedis.password .Values.externalRedis.existingSecret)) }}
{{- true -}}
{{- end -}}
{{- end -}}

50
deployment/helmchart/templates/configmaps.yaml Normal file
View file

@ -0,0 +1,50 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "common.names.fullname" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data:
{{- $port := .Values.service.port | toString }}
DISCOURSE_HOST: "{{ include "discourse.host" . }}"
DISCOURSE_SKIP_INSTALL: {{ ternary "yes" "no" .Values.discourse.skipInstall | quote }}
DISCOURSE_SITE_NAME: {{ .Values.discourse.siteName | quote }}
DISCOURSE_USERNAME: {{ .Values.discourse.username | quote }}
DISCOURSE_EMAIL: {{ .Values.discourse.email | quote }}
DISCOURSE_REDIS_HOST: {{ template "discourse.redisHost" . }}
DISCOURSE_REDIS_PORT_NUMBER: {{ template "discourse.redisPort" . }}
DISCOURSE_DATABASE_HOST: {{ template "discourse.databaseHost" . }}
DISCOURSE_DATABASE_PORT_NUMBER: {{ template "discourse.databasePort" . }}
DISCOURSE_DATABASE_NAME: {{ template "discourse.databaseName" . }}
DISCOURSE_DATABASE_USER: {{ template "discourse.databaseUser" . }}
{{- if .Values.discourse.smtp.enabled }}
DISCOURSE_SMTP_HOST: {{ .Values.discourse.smtp.host | quote }}
DISCOURSE_SMTP_PORT: {{ .Values.discourse.smtp.port | quote }}
{{- if .Values.discourse.smtp.user }}
DISCOURSE_SMTP_USER: {{ .Values.discourse.smtp.user | quote }}
{{- end }}
{{- if .Values.discourse.smtp.protocol }}
DISCOURSE_SMTP_PROTOCOL: {{ .Values.discourse.smtp.protocol | quote }}
{{- end }}
{{- if .Values.discourse.smtp.auth }}
DISCOURSE_SMTP_AUTH: {{ .Values.discourse.smtp.auth | quote }}
{{- end }}
{{- end }}
{{- if or .Values.postgresql.enabled .Values.externalDatabase.create }}
POSTGRESQL_CLIENT_DATABASE_HOST: {{ template "discourse.databaseHost" . }}
POSTGRESQL_CLIENT_DATABASE_PORT_NUMBER: {{ template "discourse.databasePort" . }}
{{- if or .Values.postgresql.enabled (not .Values.externalDatabase.postgresqlPostgresUser) }}
POSTGRESQL_CLIENT_POSTGRES_USER: "postgres"
{{- else }}
POSTGRESQL_CLIENT_POSTGRES_USER: {{ .Values.externalDatabase.postgresqlPostgresUser | quote }}
POSTGRESQL_CLIENT_CREATE_DATABASE_USERNAME: {{ .Values.externalDatabase.user | quote }}
POSTGRESQL_CLIENT_CREATE_DATABASE_PASSWORD: {{ .Values.externalDatabase.password | quote }}
{{- end }}
POSTGRESQL_CLIENT_CREATE_DATABASE_NAME: {{ template "discourse.databaseName" . }}
POSTGRESQL_CLIENT_CREATE_DATABASE_EXTENSIONS: "hstore,pg_trgm"
{{- end }}

275
deployment/helmchart/templates/deployment.yaml Normal file
View file

@ -0,0 +1,275 @@
{{- if and (include "discourse.host" .) (or .Values.postgresql.enabled .Values.externalDatabase.host) -}}
apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ template "common.names.fullname" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
component: discourse
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
component: discourse
{{- if .Values.updateStrategy }}
strategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
{{- end }}
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/configmaps.yaml") . | sha256sum }}
checksum/secrets-discourse: {{ include (print $.Template.BasePath "/secrets-discourse.yaml") . | sha256sum }}
checksum/secrets-database: {{ include (print $.Template.BasePath "/secrets-database.yaml") . | sha256sum }}
checksum/secrets-redis: {{ include (print $.Template.BasePath "/secrets-redis.yaml") . | sha256sum }}
labels: {{- include "common.labels.standard" . | nindent 8 }}
component: discourse
{{- if .Values.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "discourse.imagePullSecrets" . | nindent 6 }}
{{- if .Values.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }}
{{- else }}
affinity:
podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }}
podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }}
nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "discourse.serviceAccountName" . }}
securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
{{- if .Values.initContainers }}
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ include "discourse.image" . }}
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- sh
- -c
- |
mkdir -p "/bitnami/discourse"
chown -R "discourse:root" "/bitnami/discourse"
securityContext:
runAsUser: 0
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- name: discourse-data
mountPath: /bitnami/discourse
{{- end }}
containers:
- name: discourse
securityContext: {{- toYaml .Values.discourse.containerSecurityContext | nindent 12 }}
image: {{ template "discourse.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.discourse.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.command "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.discourse.args }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.args "context" $) | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
- name: DISCOURSE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.secretName" . }}
key: discourse-password
- name: DISCOURSE_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.postgresql.secretName" . }}
key: postgresql-password
{{- if or .Values.postgresql.enabled .Values.externalDatabase.create }}
- name: POSTGRESQL_CLIENT_POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.postgresql.secretName" . }}
key: postgresql-postgres-password
{{- end }}
{{- if (include "discourse.redis.auth.enabled" .) }}
- name: DISCOURSE_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.redis.secretName" . }}
key: {{ include "discourse.redis.secretPasswordKey" . }}
{{- end }}
{{- if (include "discourse.smtp.password.enabled" .) }}
- name: DISCOURSE_SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.smtp.secretName" . }}
key: smtp-password
{{- end }}
{{- if .Values.discourse.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.discourse.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ include "common.names.fullname" . }}
{{- if .Values.discourse.extraEnvVarsCM }}
- configMapRef:
name: {{ .Values.discourse.extraEnvVarsCM }}
{{- end }}
{{- if .Values.discourse.extraEnvVarsSecret }}
- secretRef:
name: {{ .Values.discourse.extraEnvVarsSecret }}
{{- end }}
ports:
- name: http
containerPort: 3000
protocol: TCP
{{- if .Values.discourse.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /srv/status
port: http
initialDelaySeconds: {{ .Values.discourse.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.discourse.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.discourse.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.discourse.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.discourse.livenessProbe.failureThreshold }}
{{- else if .Values.discourse.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.discourse.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /srv/status
port: http
initialDelaySeconds: {{ .Values.discourse.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.discourse.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.discourse.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.discourse.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.discourse.readinessProbe.failureThreshold }}
{{- else if .Values.discourse.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.discourse.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
volumeMounts:
- name: discourse-data
mountPath: /bitnami/discourse
subPath: discourse
{{- if .Values.discourse.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.discourse.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.discourse.resources }}
resources: {{- toYaml .Values.discourse.resources | nindent 12 }}
{{- end }}
- name: sidekiq
securityContext: {{- toYaml .Values.sidekiq.containerSecurityContext | nindent 12 }}
image: {{ template "discourse.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.command "context" $) | nindent 12 }}
args: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.args "context" $) | nindent 12 }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
- name: DISCOURSE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.secretName" . }}
key: discourse-password
- name: DISCOURSE_POSTGRESQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.postgresql.secretName" . }}
key: postgresql-password
{{- if (include "discourse.redis.auth.enabled" .) }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.redis.secretName" . }}
key: {{ include "discourse.redis.secretPasswordKey" . }}
{{- end }}
{{- if (include "discourse.smtp.password.enabled" .) }}
- name: DISCOURSE_SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "discourse.smtp.secretName" . }}
key: smtp-password
{{- end }}
{{- if .Values.sidekiq.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ include "common.names.fullname" . }}
{{- if .Values.sidekiq.extraEnvVarsCM }}
- configMapRef:
name: {{ .Values.sidekiq.extraEnvVarsCM }}
{{- end }}
{{- if .Values.sidekiq.extraEnvVarsSecret }}
- secretRef:
name: {{ .Values.sidekiq.extraEnvVarsSecret }}
{{- end }}
{{- if .Values.sidekiq.livenessProbe.enabled }}
livenessProbe:
exec:
command: ["/bin/sh", "-c", "pgrep -f ^sidekiq"]
initialDelaySeconds: {{ .Values.sidekiq.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.sidekiq.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.sidekiq.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.sidekiq.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.sidekiq.livenessProbe.failureThreshold }}
{{- else if .Values.sidekiq.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.sidekiq.readinessProbe.enabled }}
readinessProbe:
exec:
command: ["/bin/sh", "-c", "pgrep -f ^sidekiq"]
initialDelaySeconds: {{ .Values.sidekiq.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.sidekiq.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.sidekiq.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.sidekiq.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.sidekiq.readinessProbe.failureThreshold }}
{{- else if .Values.sidekiq.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
volumeMounts:
- name: discourse-data
mountPath: /bitnami/discourse
subPath: discourse
{{- if .Values.sidekiq.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.sidekiq.resources }}
resources: {{- toYaml .Values.sidekiq.resources | nindent 12 }}
{{- end }}
{{- if .Values.sidecars }}
{{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }}
{{- end }}
volumes:
- name: discourse-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (include "common.names.fullname" .) }}
{{- else }}
emptyDir: {}
{{ end }}
{{- if .Values.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end }}

55
deployment/helmchart/templates/ingress.yaml Normal file
View file

@ -0,0 +1,55 @@
{{- if .Values.ingress.enabled -}}
apiVersion: {{ template "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ template "common.names.fullname" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.ingress.annotations .Values.ingress.certManager .Values.commonAnnotations }}
annotations:
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.ingress.annotations }}
{{- toYaml .Values.ingress.annotations | nindent 4 }}
{{- end }}
{{- if .Values.ingress.certManager }}
kubernetes.io/tls-acme: "true"
{{- end }}
{{- end }}
spec:
{{- if or .Values.ingress.tls .Values.ingress.extraTls }}
tls:
{{- if .Values.ingress.tls }}
- hosts:
- {{ .Values.ingress.hostname }}
secretName: {{ printf "%s-tls" .Values.ingress.hostname }}
{{- end }}
{{- if .Values.ingress.extraTls }}
{{- toYaml .Values.ingress.extraTls | nindent 4 }}
{{- end }}
{{- end }}
rules:
{{- if .Values.ingress.hostname }}
- host: {{ .Values.ingress.hostname }}
http:
paths:
- path: {{ .Values.ingress.path }}
{{- if eq "true" (include "common.ingress.supportsPathType" .) }}
pathType: {{ .Values.ingress.pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" .) "servicePort" "http" "context" $) | nindent 14 }}
{{- end }}
{{- range .Values.ingress.extraHosts }}
- host: {{ .name }}
http:
paths:
- path: {{ default "/" .path }}
{{- if eq "true" (include "common.ingress.supportsPathType" $) }}
pathType: {{ default "ImplementationSpecific" .pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }}
{{- end }}
{{- end }}

23
deployment/helmchart/templates/pvc.yaml Normal file
View file

@ -0,0 +1,23 @@
{{- if and (include "discourse.host" .) .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "common.names.fullname" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "discourse.storageClass" . }}
{{- if .Values.persistence.selector }}
selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }}
{{- end -}}
{{- end }}

17
deployment/helmchart/templates/secrets-database.yaml Normal file
View file

@ -0,0 +1,17 @@
{{- if (include "discourse.postgresql.createSecret" .) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "common.names.fullname" . }}-database
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
postgresql-password: {{ .Values.externalDatabase.password | b64enc | quote }}
postgresql-postgres-password: {{ .Values.externalDatabase.postgresqlPostgresPassword | b64enc | quote }}
{{- end }}

23
deployment/helmchart/templates/secrets-discourse.yaml Normal file
View file

@ -0,0 +1,23 @@
{{- if (include "discourse.createSecret" .) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "common.names.fullname" . }}-discourse
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{- if and (.Values.discourse.password) (not .Values.discourse.existingSecret) }}
discourse-password: {{ .Values.discourse.password | b64enc | quote }}
{{- else if not .Values.discourse.existingSecret }}
discourse-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- if and (.Values.discourse.smtp.password) (.Values.discourse.smtp.enabled) (not .Values.discourse.smtp.existingSecret) }}
smtp-password: {{ .Values.discourse.smtp.password | b64enc | quote }}
{{- end }}
{{- end }}

16
deployment/helmchart/templates/secrets-redis.yaml Normal file
View file

@ -0,0 +1,16 @@
{{- if (include "discourse.redis.createSecret" .) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "common.names.fullname" . }}-redis
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: Opaque
data:
redis-password: {{ .Values.externalRedis.password | b64enc | quote }}
{{- end }}

42
deployment/helmchart/templates/service.yaml Normal file
View file

@ -0,0 +1,42 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "common.names.fullname" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.service.annotations .Values.commonAnnotations}}
annotations:
{{- if .Values.service.annotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.service.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }}
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }}
{{- end }}
{{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if (and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges) }}
loadBalancerSourceRanges:
{{ toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
{{- end }}
ports:
- name: http
port: {{ .Values.service.port }}
targetPort: http
{{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }}
nodePort: {{ .Values.service.nodePorts.http }}
{{- else if eq .Values.service.type "ClusterIP" }}
nodePort: null
{{- end }}
{{- if .Values.service.extraPorts }}
{{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }}
{{- end }}
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}

19
deployment/helmchart/templates/serviceaccount.yaml Normal file
View file

@ -0,0 +1,19 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "discourse.serviceAccountName" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.serviceAccount.annotations }}
{{- toYaml .Values.serviceAccount.annotations | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
{{- end }}
{{- end }}
{{- end -}}

19
deployment/helmchart/templates/tls-secrets.yaml Normal file
View file

@ -0,0 +1,19 @@
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}
labels: {{- include "common.labels.standard" $ | nindent 4 }}
{{- if $.Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if $.Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
{{- end }}
{{- end }}