syncthing - migrate library (#2181)

* update templates

* fix names

* update ui

* add group

* add migration

* wrong dir

* fix typo

* rename

* add hostnet test

library/ix-dev/charts/syncthing/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: common
-  repository: file://../../../common/2304.0.1
-  version: 2304.0.1
-digest: sha256:1ed155c6760e1166e2cb75b52bc5e81c6bdf0252c16ff5ede001157077c41670
-generated: "2023-04-24T13:41:41.407776764+03:00"
+  repository: file://../../../common
+  version: 1.2.9
+digest: sha256:af1a9a1f87e3e48453c9f25f909f5ebcd7fa6e25162b7b425448ba752bcdbc5c
+generated: "2024-02-16T16:11:26.539168004+02:00"

library/ix-dev/charts/syncthing/Chart.yaml

@@ -3,7 +3,7 @@ description: Syncthing is a continuous file synchronization program.
 annotations:
   title: Syncthing
 type: application
-version: 1.0.42
+version: 2.0.0
 apiVersion: v2
 appVersion: 1.27.3
 kubeVersion: '>=1.16.0-0'
@@ -13,8 +13,8 @@ maintainers:
     email: dev@ixsystems.com
 dependencies:
   - name: common
-    repository: file://../../../common/2304.0.1
-    version: 2304.0.1
+    repository: file://../../../common
+    version: 1.2.9
 home: https://syncthing.net/
 icon: https://media.sys.truenas.net/apps/syncthing/icons/icon.svg
 sources:

library/ix-dev/charts/syncthing/README.md

@@ -1,5 +1,7 @@
 # Syncthing
 
-[syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or
+[Syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or
 more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose
 where it is stored, whether it is shared with some third party, and how it's transmitted over the internet.
+
+> **WARNING** Do check out [official docs](https://docs.syncthing.net/users/faq.html#what-things-are-synced) to see what is synced.

library/ix-dev/charts/syncthing/app-readme.md

@@ -1,6 +1,7 @@
 # Syncthing
 
-[syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or
-more computers in real time, safely protected from prying eyes.
+[Syncthing](https://syncthing.net/) is a continuous file synchronization program. It synchronizes files between two or
+more computers in real time, safely protected from prying eyes. Your data is your data alone and you deserve to choose
+where it is stored, whether it is shared with some third party, and how it's transmitted over the internet.
 
-> **WARNING** Do check out https://docs.syncthing.net/users/faq.html#what-things-are-synced to see what is synced.
+> **WARNING** Do check out [official docs](https://docs.syncthing.net/users/faq.html#what-things-are-synced) to see what is synced.

library/ix-dev/charts/syncthing/ci/basic-values.yaml

@@ -0,0 +1,8 @@
+syncthingNetwork:
+  webPort: 30910
+  tcpPort: 30978
+  udpPort: 30979
+
+syncthingStorage:
+  config:
+    type: pvc

library/ix-dev/charts/syncthing/ci/host-values.yaml

@@ -0,0 +1,7 @@
+syncthingNetwork:
+  webPort: 30910
+  hostNetwork: true
+
+syncthingStorage:
+  config:
+    type: pvc

library/ix-dev/charts/syncthing/ci/test-values.yaml

@@ -1,16 +0,0 @@
-appVolumeMounts:
-  config:
-    emptyDir: true
-    mountPath: /config
-dnsConfig:
-  options: []
-emptyDirVolumes: true
-environmentVariables: []
-extraAppVolumeMounts: []
-hostNetwork: false
-ownerGID: 568
-ownerUID: 568
-tcp_port: 32001
-timezone: Europe/London
-udp_port: 32002
-web_port: 32000

library/ix-dev/charts/syncthing/migrations/migrate

@@ -0,0 +1,94 @@
+#!/usr/bin/python3
+import json
+import os
+import sys
+
+
+def migrate_volume(volume):
+    return {
+        'type': 'hostPath',
+        'hostPathConfig': {
+            'hostPath': volume['hostPath']
+        },
+    } if volume.get('hostPathEnabled', False) else {
+        'type': 'ixVolume',
+        'ixVolumeConfig': {
+            'datasetName': volume['datasetName'],
+        },
+    }
+
+
+def migrate_common_lib(values):
+    delete_keys = [
+        'web_port', 'tcp_port', 'udp_port', 'hostNetwork', 'dnsConfig',
+        'ownerUID', 'ownerGID', 'environmentVariables', 'cpuLimit', 'memLimit',
+        'enableResourceLimits', 'extraAppVolumeMounts', 'appVolumeMounts',
+    ]
+
+    values.update({
+        # Migrate Network
+        'syncthingNetwork': {
+            'webPort': values['web_port'],
+            'tcpPort': values['tcp_port'],
+            'udpPort': values['udp_port'],
+            'hostNetwork': values['hostNetwork'],
+        },
+        # Migrate Resources
+        'resources': {
+            'limits': {
+                'cpu': values.get('cpuLimit', '4000m'),
+                'memory': values.get('memLimit', '8Gi'),
+            }
+        },
+        # Migrate DNS
+        'podOptions': {
+            'dnsConfig': {
+                'options': [
+                    {'name': opt['name'], 'value': opt['value']}
+                    for opt in values.get('dnsConfig', {}).get('options', [])
+                ]
+            }
+        },
+        # Migrate ID
+        'syncthingID': {
+            'user': values['ownerUID'],
+            'group': values['ownerGID'],
+        },
+        # Migrate Config
+        'syncthingConfig': {
+            'additionalEnvs': values.get('environmentVariables', []),
+        },
+        # Migrate Storage
+        'syncthingStorage': {
+            'config': migrate_volume(values['appVolumeMounts']['config']),
+            'additionalStorages': [
+                {
+                    'type': 'hostPath',
+                    'hostPathConfig': {'hostPath': e['hostPath']},
+                    'mountPath': e['mountPath'],
+                }
+                for e in values.get('extraAppVolumeMounts', [])
+            ],
+        },
+    })
+
+    for k in delete_keys:
+        values.pop(k, None)
+
+    return values
+
+def migrate(values):
+    # If this missing, we have already migrated
+    if not 'appVolumeMounts' in values.keys():
+        return values
+
+    return migrate_common_lib(values)
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 2:
+        exit(1)
+
+    if os.path.exists(sys.argv[1]):
+        with open(sys.argv[1], 'r') as f:
+            print(json.dumps(migrate(json.loads(f.read()))))

library/ix-dev/charts/syncthing/questions.yaml

@@ -1,218 +1,422 @@
 groups:
-  - name: "Configuration"
-    description: "Syncthing application configuration"
-  - name: "Storage"
-    description: "Configure storage for syncthing"
-  - name: "Networking"
-    description: "Networking Configuration for syncthing"
-  - name: "Advanced DNS Settings"
-    description: "Configure DNS settings"
-  - name: "Resource Limits"
-    description: "Set CPU/memory limits for Kubernetes Pod"
+  - name: Syncthing Configuration
+    description: Configure Syncthing
+  - name: User and Group Configuration
+    description: Configure User and Group for Syncthing
+  - name: Advanced Pod Configuration
+    description: Configure Advanced Pod Options for Syncthing
+  - name: Network Configuration
+    description: Configure Network for Syncthing
+  - name: Storage Configuration
+    description: Configure Storage for Syncthing
+  - name: Resources Configuration
+    description: Configure Resources for Syncthing
 
 portals:
   web_portal:
     protocols:
-      - "http"
+      - "$kubernetes-resource_configmap_portal_protocol"
     host:
-      - "$node_ip"
+      - "$kubernetes-resource_configmap_portal_host"
     ports:
-      - "$variable-web_port"
-    path: "/"
+      - "$kubernetes-resource_configmap_portal_port"
+    path: "$kubernetes-resource_configmap_portal_path"
 
 questions:
-  - variable: web_port
-    label: "Web Port for syncthing"
-    group: Networking
-    schema:
-      type: int
-      min: 8000
-      max: 65535
-      default: 20910
-      required: true
-  - variable: tcp_port
-    label: "TCP Port for syncthing"
-    group: Networking
-    schema:
-      type: int
-      min: 8000
-      max: 65535
-      default: 20978
-      required: true
-  - variable: udp_port
-    label: "UDP Port for syncthing"
-    group: Networking
-    schema:
-      type: int
-      min: 8000
-      max: 65535
-      default: 20979
-      required: true
-  - variable: hostNetwork
-    label: "Host Network"
-    group: Networking
-    schema:
-      type: boolean
-      default: false
-
-  - variable: dnsConfig
-    label: "DNS Configuration"
-    group: "Advanced DNS Settings"
+  - variable: syncthingConfig
+    label: ""
+    group: Syncthing Configuration
     schema:
       type: dict
       attrs:
-        - variable: options
-          label: "DNS Options"
+        - variable: additionalEnvs
+          label: Additional Environment Variables
+          description: Configure additional environment variables for Syncthing.
           schema:
             type: list
+            default: []
             items:
-              - variable: optionsEntry
-                label: "Option Entry Configuration"
+              - variable: env
+                label: Environment Variable
                 schema:
                   type: dict
                   attrs:
                     - variable: name
-                      label: "Option Name"
+                      label: Name
                       schema:
                         type: string
                         required: true
                     - variable: value
-                      label: "Option Value"
+                      label: Value
                       schema:
                         type: string
                         required: true
 
-  - variable: ownerUID
-    label: "Owner User ID"
-    group: Configuration
+  - variable: syncthingID
+    label: ""
+    group: User and Group Configuration
     schema:
-      type: int
-      default: 568
-      min: 1
-      max: 65535
-
-  - variable: ownerGID
-    label: "Owner Group ID"
-    group: Configuration
-    schema:
-      type: int
-      default: 568
-      min: 1
-      max: 65535
+      type: dict
+      attrs:
+        - variable: user
+          label: User ID
+          description: The user id that Syncthing files will be owned by.
+          schema:
+            type: int
+            min: 568
+            default: 568
+            required: true
+        - variable: group
+          label: Group ID
+          description: The group id that Syncthing files will be owned by.
+          schema:
+            type: int
+            min: 568
+            default: 568
+            required: true
 
-  - variable: environmentVariables
-    label: "Syncthing environment"
-    group: "Configuration"
+  - variable: podOptions
+    label: ""
+    group: Advanced Pod Configuration
     schema:
-      type: list
-      default: [ ]
-      items:
-        - variable: environmentVariable
-          label: "Environment Variable"
+      type: dict
+      attrs:
+        - variable: dnsConfig
+          label: Advanced DNS Configuration
           schema:
             type: dict
             attrs:
-              - variable: name
-                label: "Name"
+              - variable: options
+                label: DNS Options
                 schema:
-                  type: string
-              - variable: value
-                label: "Value"
-                schema:
-                  type: string
+                  type: list
+                  items:
+                    - variable: optionsEntry
+                      label: DNS Option Entry
+                      schema:
+                        type: dict
+                        attrs:
+                          - variable: name
+                            label: Option Name
+                            schema:
+                              type: string
+                              required: true
+                          - variable: value
+                            label: Option Value
+                            schema:
+                              type: string
+                              required: true
 
-  - variable: appVolumeMounts
-    label: "Syncthing Storage"
-    group: "Storage"
+  - variable: syncthingNetwork
+    label: ""
+    group: Network Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: webPort
+          label: Web Port
+          description: The port for the Syncthing Web UI.
+          schema:
+            type: int
+            default: 20910
+            min: 9000
+            max: 65535
+            required: true
+        - variable: tcpPort
+          label: TCP Port
+          description: The port for the Syncthing TCP connection.
+          schema:
+            type: int
+            default: 20978
+            show_if: [["hostNetwork", "=", false]]
+            min: 9000
+            max: 65535
+            required: true
+        - variable: udpPort
+          label: UDP Port
+          description: The port for the Syncthing UDP connection.
+          schema:
+            type: int
+            default: 20979
+            show_if: [["hostNetwork", "=", false]]
+            min: 9000
+            max: 65535
+            required: true
+        - variable: hostNetwork
+          label: Host Network
+          description: |
+            Enabling this will use the host network for Syncthing.</br>
+            The TCP and UDP ports will listen on port 22000. </br>
+            Web UI will listen on the port specified above.
+          schema:
+            type: boolean
+            default: false
+
+  - variable: syncthingStorage
+    label: ""
+    group: Storage Configuration
     schema:
       type: dict
       attrs:
         - variable: config
-          label: "Configuration Volume"
+          label: Syncthing Config Storage
+          description: The path to store Syncthing Configuration.
           schema:
             type: dict
             attrs:
-              - variable: datasetName
-                label: "Configuration Volume Dataset Name"
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
                 schema:
                   type: string
-                  hidden: true
+                  required: true
+                  immutable: true
+                  default: "ixVolume"
+                  enum:
+                    - value: "hostPath"
+                      description: Host Path (Path that already exists on the system)
+                    - value: "ixVolume"
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
                   $ref:
                     - "normalize/ixVolume"
-                  show_if: [["hostPathEnabled", "=", false]]
-                  default: "ix-syncthing_config"
-                  editable: false
-              - variable: mountPath
-                label: "Configuration Mount Path"
-                description: "Path where the volume will be mounted inside the pod"
-                schema:
-                  type: path
-                  hidden: true
-                  editable: true
-                  default: "/var/syncthing"
-              - variable: hostPathEnabled
-                label: "Enable Custom Host Path for Syncthing Configuration Volume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "config"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Config
                 schema:
-                  type: boolean
-                  default: false
-                  show_subquestions_if: true
-                  subquestions:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
                     - variable: hostPath
-                      label: "Host Path for Syncthing Configuration Volume"
+                      label: Host Path
+                      description: The host path to use for storage.
                       schema:
                         type: hostpath
+                        show_if: [["aclEnable", "=", false]]
                         required: true
+        - variable: additionalStorages
+          label: Additional Storage
+          description: Additional storage for Syncthing.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: storageEntry
+                label: Storage Entry
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: type
+                      label: Type
+                      description: |
+                        ixVolume: Is dataset created automatically by the system.</br>
+                        Host Path: Is a path that already exists on the system.</br>
+                        SMB Share: Is a SMB share that is mounted to a persistent volume claim.
+                      schema:
+                        type: string
+                        required: true
+                        default: "ixVolume"
+                        immutable: true
+                        enum:
+                          - value: "hostPath"
+                            description: Host Path (Path that already exists on the system)
+                          - value: "ixVolume"
+                            description: ixVolume (Dataset created automatically by the system)
+                          - value: "smb-pv-pvc"
+                            description: SMB Share (Mounts a persistent volume claim to a SMB share)
+                    - variable: readOnly
+                      label: Read Only
+                      description: Mount the volume as read only.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: mountPath
+                      label: Mount Path
+                      description: The path inside the container to mount the storage.
+                      schema:
+                        type: path
+                        required: true
+                    - variable: hostPathConfig
+                      label: Host Path Config
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "hostPath"]]
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: acl
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                              $ref:
+                                - "normalize/acl"
+                          - variable: hostPath
+                            label: Host Path
+                            description: The host path to use for storage.
+                            schema:
+                              type: hostpath
+                              show_if: [["aclEnable", "=", false]]
+                              required: true
+                    - variable: ixVolumeConfig
+                      label: ixVolume Configuration
+                      description: The configuration for the ixVolume dataset.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "ixVolume"]]
                         $ref:
-                          - "validations/lockedHostPath"
-  - variable: extraAppVolumeMounts
-    label: "Extra Host Path Volumes"
-    group: "Storage"
+                          - "normalize/ixVolume"
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: datasetName
+                            label: Dataset Name
+                            description: The name of the dataset to use for storage.
+                            schema:
+                              type: string
+                              required: true
+                              immutable: true
+                              default: "storage_entry"
+                          - variable: aclEntries
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                    - variable: smbConfig
+                      label: SMB Share Configuration
+                      description: The configuration for the SMB Share.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "smb-pv-pvc"]]
+                        attrs:
+                          - variable: server
+                            label: Server
+                            description: The server for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: share
+                            label: Share
+                            description: The share name for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: domain
+                            label: Domain (Optional)
+                            description: The domain for the SMB share.
+                            schema:
+                              type: string
+                          - variable: username
+                            label: Username
+                            description: The username for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: password
+                            label: Password
+                            description: The password for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                              private: true
+                          - variable: size
+                            label: Size (in Gi)
+                            description: The size of the volume quota.
+                            schema:
+                              type: int
+                              required: true
+                              min: 1
+                              default: 1
+
+  - variable: resources
+    group: Resources Configuration
+    label: ""
     schema:
-      type: list
-      items:
-        - variable: extraAppVolume
-          label: "Host Path Volume"
-          description: "Add an extra host path volume for Syncthing application"
+      type: dict
+      attrs:
+        - variable: limits
+          label: Limits
           schema:
             type: dict
             attrs:
-              - variable: mountPath
-                label: "Mount Path in Pod"
-                description: "Path where the volume will be mounted inside the pod"
+              - variable: cpu
+                label: CPU
+                description: CPU limit for Syncthing.
                 schema:
-                  type: path
+                  type: string
+                  max_length: 6
+                  valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
+                  valid_chars_error: |
+                    Valid CPU limit formats are</br>
+                    - Plain Integer - eg. 1</br>
+                    - Float - eg. 0.5</br>
+                    - Milicpu - eg. 500m
+                  default: "4000m"
                   required: true
-              - variable: hostPath
-                label: "Host Path"
-                description: "Host path"
+              - variable: memory
+                label: Memory
+                description: Memory limit for Syncthing.
                 schema:
-                  type: hostpath
+                  type: string
+                  max_length: 12
+                  valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$'
+                  valid_chars_error: |
+                    Valid Memory limit formats are</br>
+                    - Suffixed with E/P/T/G/M/K - eg. 1G</br>
+                    - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>
+                    - Plain Integer in bytes - eg. 1024</br>
+                    - Exponent - eg. 134e6
+                  default: "8Gi"
                   required: true
-                  $ref:
-                    - "validations/lockedHostPath"
-
-  - variable: enableResourceLimits
-    label: "Enable Pod resource limits"
-    group: "Resource Limits"
-    schema:
-      type: boolean
-      default: false
-  - variable: cpuLimit
-    label: "CPU Limit"
-    description: "CPU resource limit allow  plain integer values with suffix m(milli) e.g 1000m, 100."
-    group: "Resource Limits"
-    schema:
-      type: string
-      show_if: [["enableResourceLimits", "=", true]]
-      valid_chars: "^\\d+(?:\\.\\d+(?!.*m$)|m?$)"
-      default: "4000m"
-  - variable: memLimit
-    label: "Memory Limit"
-    group: "Resource Limits"
-    description: "Memory limits is specified by number of bytes. Followed by quantity suffix like E,P,T,G,M,k and Ei,Pi,Ti,Mi,Gi,Ki can also be used. e.g 129e6, 129M,  128974848000m, 123Mi"
-    schema:
-      type: string
-      show_if: [["enableResourceLimits", "=", true]]
-      valid_chars: "^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$"
-      default: "8Gi"
-

library/ix-dev/charts/syncthing/templates/NOTES.txt

@@ -0,0 +1 @@
+{{ include "ix.v1.common.lib.chart.notes" $ }}

library/ix-dev/charts/syncthing/templates/_migration.tpl

@@ -0,0 +1,35 @@
+{{- define "syncthing.get-versions" -}}
+  {{- $oldChartVersion := "" -}}
+  {{- $newChartVersion := "" -}}
+
+  {{/* Safely access the context, so it wont block CI */}}
+  {{- if hasKey .Values.global "ixChartContext" -}}
+    {{- if .Values.global.ixChartContext.upgradeMetadata -}}
+
+      {{- $oldChartVersion = .Values.global.ixChartContext.upgradeMetadata.oldChartVersion -}}
+      {{- $newChartVersion = .Values.global.ixChartContext.upgradeMetadata.newChartVersion -}}
+      {{- if and (not $oldChartVersion) (not $newChartVersion) -}}
+        {{- fail "Upgrade Metadata is missing. Cannot proceed" -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- toYaml (dict "old" $oldChartVersion "new" $newChartVersion) -}}
+{{- end -}}
+
+{{- define "syncthing.migration" -}}
+  {{- $versions := (fromYaml (include "syncthing.get-versions" $)) -}}
+  {{- if and $versions.old $versions.new -}}
+    {{- $oldV := semver $versions.old -}}
+    {{- $newV := semver $versions.new -}}
+
+    {{/* If new is v2.x.x */}}
+    {{- if eq ($newV.Major | int) 2 -}}
+      {{/* And old is v1.x.x, but lower than .42 */}}
+      {{- if and (eq $oldV.Major 1) (lt ($oldV.Patch | int) 42) -}}
+        {{/* Block the upgrade */}}
+        {{- fail "Migration to 2.x.x is only allowed from 1.0.42 or higher" -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}

library/ix-dev/charts/syncthing/templates/_persistence.tpl

@@ -0,0 +1,26 @@
+{{- define "syncthing.persistence" -}}
+persistence:
+  config:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.syncthingStorage.config) | nindent 4 }}
+    targetSelector:
+      syncthing:
+        syncthing:
+          mountPath: /var/syncthing
+  tmp:
+    enabled: true
+    type: emptyDir
+    targetSelector:
+      syncthing:
+        syncthing:
+          mountPath: /tmp
+  {{- range $idx, $storage := .Values.syncthingStorage.additionalStorages }}
+  {{ printf "syncthing-%v:" (int $idx) }}
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
+    targetSelector:
+      syncthing:
+        syncthing:
+          mountPath: {{ $storage.mountPath }}
+  {{- end }}
+{{- end -}}

library/ix-dev/charts/syncthing/templates/_portal.tpl

@@ -0,0 +1,12 @@
+{{- define "syncthing.portal" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: portal
+data:
+  port: {{ .Values.syncthingNetwork.webPort | quote }}
+  path: "/"
+  protocol: "http"
+  host: $node_ip
+{{- end -}}

library/ix-dev/charts/syncthing/templates/_service.tpl

@@ -0,0 +1,25 @@
+{{- define "syncthing.service" -}}
+service:
+  syncthing:
+    enabled: true
+    primary: true
+    type: ClusterIP
+    targetSelector: syncthing
+    ports:
+      webui:
+        enabled: true
+        primary: true
+        port: {{ .Values.syncthingNetwork.webPort }}
+        targetSelector: syncthing
+      sync-tcp:
+        enabled: true
+        port: {{ .Values.syncthingNetwork.tcpPort }}
+        targetPort: 22000
+        targetSelector: syncthing
+      sync-udp:
+        enabled: true
+        port: {{ .Values.syncthingNetwork.udpPort }}
+        targetPort: 22000
+        protocol: udp
+        targetSelector: syncthing
+{{- end -}}

library/ix-dev/charts/syncthing/templates/_syncthing.tpl

@@ -0,0 +1,62 @@
+{{- define "syncthing.workload" -}}
+workload:
+  syncthing:
+    enabled: true
+    primary: true
+    type: Deployment
+    podSpec:
+      securityContenxt:
+        fsGroup: {{ .Values.syncthingID.group }}
+      hostNetwork: {{ .Values.syncthingNetwork.hostNetwork }}
+      containers:
+        syncthing:
+          enabled: true
+          primary: true
+          imageSelector: image
+          securityContext:
+            runAsUser: 0
+            runAsGroup: 0
+            runAsNonRoot: false
+            readOnlyRootFilesystem: false
+            # This is needed to allow syncthing assign
+            # PCAPs to its child processes
+            allowPrivilegeEscalation: true
+            capabilities:
+              add:
+                - FOWNER
+                - DAC_OVERRIDE
+                - CHOWN
+                - SETUID
+                - SETGID
+                - SETFCAP
+                - SETPCAP
+                - SYS_ADMIN
+          env:
+            STGUIADDRESS: 0.0.0.0:{{ .Values.syncthingNetwork.webPort }}
+            STNOUPGRADE: "true"
+          fixedEnv:
+            PUID: {{ .Values.syncthingID.user }}
+          {{ with .Values.syncthingConfig.additionalEnvs }}
+          envList:
+            {{ range $env := . }}
+            - name: {{ $env.name }}
+              value: {{ $env.value }}
+            {{ end }}
+          {{ end }}
+          probes:
+            liveness:
+              enabled: true
+              type: http
+              path: /rest/noauth/health
+              port: {{ .Values.syncthingNetwork.webPort }}
+            readiness:
+              enabled: true
+              type: http
+              path: /rest/noauth/health
+              port: {{ .Values.syncthingNetwork.webPort }}
+            startup:
+              enabled: true
+              type: http
+              path: /rest/noauth/health
+              port: {{ .Values.syncthingNetwork.webPort }}
+{{- end -}}

library/ix-dev/charts/syncthing/templates/common.yaml

@@ -0,0 +1,13 @@
+{{- include "ix.v1.common.loader.init" . -}}
+
+{{- include "syncthing.migration" $ -}}
+
+{{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "syncthing.workload" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "syncthing.service" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "syncthing.persistence" $ | fromYaml) -}}
+
+{{/* Create the configmap for portal manually*/}}
+{{- include "syncthing.portal" $ -}}
+
+{{- include "ix.v1.common.loader.apply" . -}}

library/ix-dev/charts/syncthing/templates/deployment.yaml

@@ -1,98 +0,0 @@
-{{ include "common.storage.hostPathValidate" .Values }}
-apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }}
-kind: Deployment
-metadata:
-  name: {{ template "common.names.fullname" . }}-st
-  labels:
-    app: {{ template "common.names.name" . }}
-    chart: {{ template "common.names.chart" . }}
-    release: {{ .Release.Name }}
-    heritage: {{ .Release.Service }}
-  annotations:
-    rollme: {{ randAlphaNum 5 | quote }}
-spec:
-  replicas: {{ (default 1 .Values.replicas) }}
-  strategy:
-    type: "Recreate"
-  selector:
-    matchLabels:
-      app: {{ template "common.names.name" . }}
-      release: {{ .Release.Name }}
-  template:
-    metadata:
-      name: {{ template "common.names.fullname" . }}
-      labels:
-        app: {{ template "common.names.name" . }}
-        release: {{ .Release.Name }}
-        {{- include "common.labels.selectorLabels" . | nindent 8 }}
-      annotations: {{ include "common.annotations" . | nindent 8 }}
-    spec:
-      hostNetwork: {{ .Values.hostNetwork }}
-      hostname: {{ .Release.Name }}
-      containers:
-        - name: {{ .Chart.Name }}
-          {{ include "common.resources.limitation" . | nindent 10 }}
-          {{ include "common.containers.imageConfig" .Values.image | nindent 10 }}
-          volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }}
-          {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
-            - name: extrappvolume-{{ $index }}
-              mountPath: {{ $hostPathConfiguration.mountPath }}
-          {{ end }}
-          ports:
-            - name: web
-              containerPort: 8384
-              {{ if not .Values.hostNetwork }}
-              hostPort: null
-              {{ end }}
-            - name: tcp
-              containerPort: 22000
-              protocol: TCP
-              {{ if not .Values.hostNetwork }}
-              hostPort: null
-              {{ end }}
-            - name: udp
-              containerPort: 22000
-              protocol: UDP
-              {{ if not .Values.hostNetwork }}
-              hostPort: null
-              {{ end }}
-          readinessProbe:
-            httpGet:
-              path: /rest/noauth/health
-              port: 8384
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 5
-            successThreshold: 2
-          livenessProbe:
-            httpGet:
-              path: /rest/noauth/health
-              port: 8384
-            initialDelaySeconds: 10
-            periodSeconds: 10
-            timeoutSeconds: 5
-            failureThreshold: 5
-            successThreshold: 1
-          startupProbe:
-            httpGet:
-              path: /rest/noauth/health
-              port: 8384
-            initialDelaySeconds: 10
-            periodSeconds: 5
-            timeoutSeconds: 2
-            failureThreshold: 60
-            successThreshold: 1
-          env:
-            {{ $envList := (default list .Values.environmentVariables) }}
-            {{ $envList = mustAppend $envList (dict "name" "PUID" "value" (printf "%d" (.Values.ownerUID | int))) }}
-            {{ $envList = mustAppend $envList (dict "name" "PGID" "value" (printf "%d" (.Values.ownerGID | int))) }}
-            {{ $envList = mustAppend $envList (dict "name" "STGUIADDRESS" "value" "0.0.0.0:8384") }}
-            {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }}
-{{ include "common.networking.dnsConfiguration" .Values | nindent 6 }}
-      volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }}
-      {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
-        - name: extrappvolume-{{ $index }}
-          hostPath:
-            path: {{ $hostPathConfiguration.hostPath }}
-      {{ end }}

library/ix-dev/charts/syncthing/templates/pre-install-job.yaml

@@ -1,32 +0,0 @@
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: "{{ template "common.names.fullname" . }}-preinstall-job"
-  labels:
-    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
-    app.kubernetes.io/instance: {{ .Release.Name | quote }}
-    app.kubernetes.io/version: {{ .Chart.AppVersion }}
-    helm.sh/chart: {{ template "common.names.chart" . }}
-  annotations:
-    "helm.sh/hook": pre-install
-    "helm.sh/hook-delete-policy": hook-succeeded
-spec:
-  template:
-    metadata:
-      name: "{{ template "common.names.fullname" . }}-preinstall-hook"
-      labels:
-        app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
-        app.kubernetes.io/instance: {{ .Release.Name | quote }}
-        helm.sh/chart: {{ template "common.names.chart" . }}
-    spec:
-      restartPolicy: Never
-      containers:
-      - name: pre-install-job
-        image: "alpine:latest"
-        command:
-          - "chown"
-          - "-R"
-          - "{{ .Values.ownerUID }}:{{ .Values.ownerGID }}"
-          - "{{ .Values.appVolumeMounts.config.mountPath }}"
-        volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }}
-      volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }}

library/ix-dev/charts/syncthing/templates/service.yaml

@@ -1,11 +0,0 @@
-{{ $selectors := list }}
-{{ $selectors = mustAppend $selectors (dict "key" "app" "value" (include "common.names.name" .) ) }}
-{{ $selectors = mustAppend $selectors (dict "key" "release" "value" .Release.Name ) }}
-{{ $ports := list }}
-{{ $ports = mustAppend $ports (dict "name" "web" "port" .Values.web_port "nodePort" .Values.web_port "targetPort" 8384) }}
-{{ $ports = mustAppend $ports (dict "name" "tcp" "port" .Values.tcp_port "nodePort" .Values.tcp_port "targetPort" 22000) }}
-{{ $ports = mustAppend $ports (dict "name" "udp" "port" .Values.udp_port "nodePort" .Values.udp_port "targetPort" 22000 "protocol" "UDP") }}
-{{ $params := . }}
-{{ $_ := set $params "commonService" (dict "type" "NodePort" "ports" $ports ) }}
-{{ $_1 := set .Values "extraSelectorLabels" $selectors }}
-{{ include "common.classes.service" $params }}

library/ix-dev/charts/syncthing/to_keep_versions.md

@@ -0,0 +1,4 @@
+# 1.0.42
+
+This version is kept because it contains a fix that is needed for migration to v2.x.x
+It should be safe to remove few months after v2.x.x is released.

library/ix-dev/charts/syncthing/to_keep_versions.yaml

@@ -0,0 +1 @@
+- 1.0.42

library/ix-dev/charts/syncthing/values.yaml

@@ -2,3 +2,32 @@ image:
   pullPolicy: IfNotPresent
   repository: syncthing/syncthing
   tag: 1.27.3
+
+resources:
+  limits:
+    cpu: 4000m
+    memory: 8Gi
+
+podOptions:
+  dnsConfig:
+    options: []
+
+syncthingConfig:
+  additionalEnvs: []
+
+syncthingID:
+  user: 568
+  group: 568
+
+syncthingNetwork:
+  webPort: 20910
+  tcpPort: 20978
+  udpPort: 20979
+  hostNetwork: false
+
+syncthingStorage:
+  config:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: config
+  additionalStorages: []