Publish new changes in catalog

charts/wg-easy/2.0.0/.helmignore

@@ -0,0 +1,2 @@
+# Patterns to ignore when building packages.
+*.png

charts/wg-easy/2.0.0/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+  repository: file://../../../common
+  version: 1.2.3
+digest: sha256:e6ff49b06bf5d4d159e505ae6d153f36cd46170bb519caf90462cd5caebfd0fb
+generated: "2023-11-08T20:13:57.295656002+02:00"

charts/wg-easy/2.0.0/Chart.yaml

@@ -0,0 +1,26 @@
+name: wg-easy
+description: WG-Easy is the easiest way to install & manage WireGuard!
+annotations:
+  title: WG Easy
+type: application
+version: 2.0.0
+apiVersion: v2
+appVersion: "7"
+kubeVersion: ">=1.16.0-0"
+maintainers:
+  - name: truenas
+    url: https://www.truenas.com/
+    email: dev@ixsystems.com
+dependencies:
+  - name: common
+    repository: file://../../../common
+    version: 1.2.3
+home: https://github.com/WeeJeWel/wg-easy
+icon: https://media.sys.truenas.net/apps/wg-easy/icons/icon.png
+sources:
+  - https://github.com/WeeJeWel/wg-easy
+  - https://github.com/truenas/charts/tree/master/charts/wg-easy
+keywords:
+  - wireguard
+  - network
+  - vpn

charts/wg-easy/2.0.0/README.md

@@ -0,0 +1,3 @@
+# WG-Easy
+
+[WG-Easy (WireGuard Easy)](https://github.com/WeeJeWel/wg-easy) is the easiest way to install & manage WireGuard!

charts/wg-easy/2.0.0/app-readme.md

@@ -0,0 +1,3 @@
+# WG-Easy
+
+[WG-Easy (WireGuard Easy)](https://github.com/WeeJeWel/wg-easy) is the easiest way to install & manage WireGuard!

charts/wg-easy/2.0.0/ci/test-values.yaml

@@ -0,0 +1,14 @@
+wgStorage:
+  config:
+    type: pvc
+
+wgConfig:
+  host: wg.domain.com
+  password: secret
+  clientMTU: 1420
+  keepAlive: 5
+  clientAddressRange: 10.10.0.x
+  clientDNSServer: "8.8.8.8"
+  allowedIPs:
+    - 10.10.10.0/24
+    - 10.10.12.0/24

charts/wg-easy/2.0.0/ix_values.yaml

@@ -0,0 +1,35 @@
+image:
+  pullPolicy: IfNotPresent
+  repository: weejewel/wg-easy
+  tag: "7"
+
+resources:
+  limits:
+    cpu: 4000m
+    memory: 8Gi
+
+podOptions:
+  dnsConfig:
+    options: []
+
+wgNetwork:
+  udpPort: 30057
+  webPort: 30058
+  hostNetwork: true
+
+wgConfig:
+  host: ''
+  password: ''
+  keepAlive: 0
+  clientMTU: 1420
+  clientAddressRange: 10.8.0.x
+  clientDNSServer: "1.1.1.1"
+  allowedIPs: []
+  additionalEnvs: []
+
+wgStorage:
+  config:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: config
+  additionalStorages: []

charts/wg-easy/2.0.0/metadata.yaml

@@ -0,0 +1,14 @@
+runAsContext:
+  - userName: root
+    groupName: root
+    gid: 0
+    uid: 0
+    description: WG Easy runs as root user.
+capabilities:
+  - name: NET_RAW
+    description: WG Easy is able to use raw sockets.
+  - name: SYS_MODULE
+    description: WG Easy is able to load kernel modules.
+  - name: NET_ADMIN
+    description: WG Easy is able to perform various network-related operations.
+hostMounts: []

charts/wg-easy/2.0.0/migrations/migrate

@@ -0,0 +1,94 @@
+#!/usr/bin/python3
+import json
+import os
+import sys
+
+
+def migrate_common_lib(values):
+    delete_keys = [
+        'wgUDPPort', 'webUIPort', 'hostNetwork', 'cpuLimit', 'memLimit',
+        'dnsConfig', 'environmentVariables', 'appVolumeMounts',
+        'extraAppVolumeMounts', 'wgeasy', 'enableResourceLimits',
+    ]
+
+    values.update({
+        # Migrate Network
+        'wgNetwork': {
+            'udpPort': values['wgUDPPort'],
+            'webPort': values['webUIPort'],
+            'hostNetwork': values['hostNetwork'],
+        },
+        # Migrate Resources
+        'resources': {
+            'limits': {
+                'cpu': values.get('cpuLimit', '4000m'),
+                'memory': values.get('memLimit', '8Gi'),
+            }
+        },
+        # Migrate DNS
+        'podOptions': {
+            'dnsConfig': {
+                'options': [
+                    {'name': opt['name'], 'value': opt['value']}
+                    for opt in values.get('dnsConfig', {}).get('options', [])
+                ]
+            }
+        },
+        # Migrate Config
+        'wgConfig': {
+            'host': values['wgeasy']['host'],
+            'password': values['wgeasy'].get('password', ''),
+            'keepAlive': values['wgeasy']['keep_alive'],
+            'clientMTU': values['wgeasy']['client_mtu'],
+            'clientAddressRange': values['wgeasy']['client_address_range'],
+            'clientDNSServer': values['wgeasy']['client_dns_server'],
+            'allowedIPs': values['wgeasy']['allowed_ips'],
+            'additionalEnvs': values.get('environmentVariables', []),
+        },
+        # Migrate Storage
+        'wgStorage': {
+            'config': {
+                'type': 'hostPath',
+                'hostPathConfig': {
+                    'hostPath': values['appVolumeMounts']['config']['hostPath']
+                },
+            } if values['appVolumeMounts']['config']['hostPathEnabled'] else {
+                'type': 'ixVolume',
+                'ixVolumeConfig': {
+                    'datasetName': values['appVolumeMounts']['config']['datasetName'],
+                },
+            },
+            'additionalStorages': [
+                {
+                    'type': 'hostPath',
+                    'hostPathConfig': {'hostPath': e['hostPath']},
+                    'mountPath': e['mountPath'],
+                }
+                for e in values.get('extraAppVolumeMounts', [])
+            ],
+        },
+    })
+
+    for k in delete_keys:
+        values.pop(k, None)
+
+    return values
+
+def migrate(values):
+    if not 'wgeasy' in values.keys():
+        return values
+
+
+    return migrate_common_lib(values)
+
+
+
+if __name__ == '__main__':
+    with open('in.json', 'r') as f:
+        print(json.dumps(migrate(json.loads(f.read()))))
+    if len(sys.argv) != 2:
+        exit(1)
+
+    if os.path.exists(sys.argv[1]):
+        with open(sys.argv[1], 'r') as f:
+            print(json.dumps(migrate(json.loads(f.read()))))

charts/wg-easy/2.0.0/questions.yaml

@@ -0,0 +1,440 @@
+groups:
+  - name: WG-Easy Configuration
+    description: Configure WG-Easy
+  - name: Advanced Pod Configuration
+    description: Configure Advanced Pod Options for WG-Easy
+  - name: Network Configuration
+    description: Configure Network for WG-Easy
+  - name: Storage Configuration
+    description: Configure Storage for WG-Easy
+  - name: Resources Configuration
+    description: Configure Resources for WG-Easy
+
+portals:
+  web_portal:
+    protocols:
+      - "$kubernetes-resource_configmap_portal_protocol"
+    host:
+      - "$kubernetes-resource_configmap_portal_host"
+    ports:
+      - "$kubernetes-resource_configmap_portal_port"
+    path: "$kubernetes-resource_configmap_portal_path"
+
+questions:
+  - variable: wgNetwork
+    label: ""
+    group: Network Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: udpPort
+          label: Web Port
+          description: The port for the WG-Easy Wireguard service.
+          schema:
+            type: int
+            default: 30057
+            min: 9000
+            max: 65535
+            required: true
+        - variable: webPort
+          label: Web Port
+          description: The port for the WG-Easy Web UI.
+          schema:
+            type: int
+            default: 30058
+            min: 9000
+            max: 65535
+            required: true
+        - variable: hostNetwork
+          label: Host Network
+          schema:
+            type: boolean
+            default: true
+
+  - variable: podOptions
+    label: ""
+    group: Advanced Pod Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: dnsConfig
+          label: Advanced DNS Configuration
+          schema:
+            type: dict
+            attrs:
+              - variable: options
+                label: DNS Options
+                schema:
+                  type: list
+                  items:
+                    - variable: optionsEntry
+                      label: DNS Option Entry
+                      schema:
+                        type: dict
+                        attrs:
+                          - variable: name
+                            label: Option Name
+                            schema:
+                              type: string
+                              required: true
+                          - variable: value
+                            label: Option Value
+                            schema:
+                              type: string
+                              required: true
+
+  - variable: wgConfig
+    label: ""
+    group: WG-Easy Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: host
+          label: Hostname or IP
+          description: The public hostname or IP of your VPN server.
+          schema:
+            type: string
+            required: true
+            $ref:
+              - "definitions/nodeIP"
+        - variable: password
+          label: Password for WebUI
+          description: When set, requires a password when logging in to the Web UI.
+          schema:
+            type: string
+            private: true
+            default: ""
+        - variable: keepAlive
+          label: Persistent Keep Alive
+          description: Value in seconds to keep the "connection" open. If this value is 0, then connections won't be kept alive.
+          schema:
+            type: int
+            required: true
+            default: 0
+        - variable: clientMTU
+          label: Clients MTU
+          description: The MTU the clients will use.
+          schema:
+            type: int
+            required: true
+            default: 1420
+        - variable: clientAddressRange
+          label: Clients IP Address Range
+          description: Clients IP address range.
+          schema:
+            type: string
+            required: true
+            default: 10.8.0.x
+        - variable: clientDNSServer
+          label: Clients DNS Server
+          description: Clients DNS Server.
+          schema:
+            type: string
+            required: true
+            default: "1.1.1.1"
+        - variable: allowedIPs
+          label: Allowed IPs
+          description: Allowed IPs clients will use. If none provided, <0.0.0.0/0,::/0> will be used.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: entry
+                label: Allowed IP Entry
+                schema:
+                  type: string
+                  required: true
+                  default: ""
+        - variable: additionalEnvs
+          label: Additional Environment Variables
+          description: Configure additional environment variables for WG-Easy.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: env
+                label: Environment Variable
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: name
+                      label: Name
+                      schema:
+                        type: string
+                        required: true
+                    - variable: value
+                      label: Value
+                      schema:
+                        type: string
+                        required: true
+
+  - variable: wgStorage
+    label: ""
+    group: Storage Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: config
+          label: WG-Easy Config Storage
+          description: The path to store WG-Easy Configuration.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: "ixVolume"
+                  enum:
+                    - value: "hostPath"
+                      description: Host Path (Path that already exists on the system)
+                    - value: "ixVolume"
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "config"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Config
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        immutable: true
+                        required: true
+        - variable: additionalStorages
+          label: Additional Storage
+          description: Additional storage for WG-Easy.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: storageEntry
+                label: Storage Entry
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: type
+                      label: Type
+                      description: |
+                        ixVolume: Is dataset created automatically by the system.</br>
+                        Host Path: Is a path that already exists on the system.</br>
+                        SMB Share: Is a SMB share that is mounted to a persistent volume claim.
+                      schema:
+                        type: string
+                        required: true
+                        default: "ixVolume"
+                        immutable: true
+                        enum:
+                          - value: "hostPath"
+                            description: Host Path (Path that already exists on the system)
+                          - value: "ixVolume"
+                            description: ixVolume (Dataset created automatically by the system)
+                          - value: "smb-pv-pvc"
+                            description: SMB Share (Mounts a persistent volume claim to a SMB share)
+                    - variable: readOnly
+                      label: Read Only
+                      description: Mount the volume as read only.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: mountPath
+                      label: Mount Path
+                      description: The path inside the container to mount the storage.
+                      schema:
+                        type: path
+                        required: true
+                    - variable: hostPathConfig
+                      label: Host Path Config
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "hostPath"]]
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: acl
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                              $ref:
+                                - "normalize/acl"
+                          - variable: hostPath
+                            label: Host Path
+                            description: The host path to use for storage.
+                            schema:
+                              type: hostpath
+                              show_if: [["aclEnable", "=", false]]
+                              immutable: true
+                              required: true
+                    - variable: ixVolumeConfig
+                      label: ixVolume Configuration
+                      description: The configuration for the ixVolume dataset.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "ixVolume"]]
+                        $ref:
+                          - "normalize/ixVolume"
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: datasetName
+                            label: Dataset Name
+                            description: The name of the dataset to use for storage.
+                            schema:
+                              type: string
+                              required: true
+                              immutable: true
+                              default: "storage_entry"
+                          - variable: aclEntries
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                    - variable: smbConfig
+                      label: SMB Share Configuration
+                      description: The configuration for the SMB Share.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "smb-pv-pvc"]]
+                        attrs:
+                          - variable: server
+                            label: Server
+                            description: The server for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: share
+                            label: Share
+                            description: The share name for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: domain
+                            label: Domain (Optional)
+                            description: The domain for the SMB share.
+                            schema:
+                              type: string
+                          - variable: username
+                            label: Username
+                            description: The username for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: password
+                            label: Password
+                            description: The password for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                              private: true
+                          - variable: size
+                            label: Size (in Gi)
+                            description: The size of the volume quota.
+                            schema:
+                              type: int
+                              required: true
+                              min: 1
+                              default: 1
+
+  - variable: resources
+    group: Resources Configuration
+    label: ""
+    schema:
+      type: dict
+      attrs:
+        - variable: limits
+          label: Limits
+          schema:
+            type: dict
+            attrs:
+              - variable: cpu
+                label: CPU
+                description: CPU limit for WG-Easy.
+                schema:
+                  type: string
+                  max_length: 6
+                  valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
+                  valid_chars_error: |
+                    Valid CPU limit formats are</br>
+                    - Plain Integer - eg. 1</br>
+                    - Float - eg. 0.5</br>
+                    - Milicpu - eg. 500m
+                  default: "4000m"
+                  required: true
+              - variable: memory
+                label: Memory
+                description: Memory limit for WG-Easy.
+                schema:
+                  type: string
+                  max_length: 12
+                  valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$'
+                  valid_chars_error: |
+                    Valid Memory limit formats are</br>
+                    - Suffixed with E/P/T/G/M/K - eg. 1G</br>
+                    - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>
+                    - Plain Integer in bytes - eg. 1024</br>
+                    - Exponent - eg. 134e6
+                  default: "8Gi"
+                  required: true

charts/wg-easy/2.0.0/templates/_migration.tpl

@@ -0,0 +1,25 @@
+{{- define "wgeasy.migration.checks" -}}
+  {{/* Safely access the context, so it wont block CI */}}
+  {{- if hasKey .Values.global "ixChartContext" -}}
+    {{- if not .Values.global.ixChartContext.upgradeMetadata -}}
+      {{- fail "Upgrade Metadata is missing. Cannot proceed" -}}
+    {{- end -}}
+
+    {{- $oldChartVersion := .Values.global.ixChartContext.upgradeMetadata.oldChartVersion -}}
+    {{- $newChartVersion := .Values.global.ixChartContext.upgradeMetadata.newChartVersion -}}
+
+    {{/* Explode versions */}}
+    {{- $oldV := semver $oldChartVersion -}}
+    {{- $newV := semver $newChartVersion -}}
+
+    {{/* If new is v2.x.x */}}
+    {{- if eq ($newV.Major | int) 2 -}}
+      {{/* And old is v1.x.x, but lower than .11 */}}
+      {{- if and (eq $oldV.Major 1) (lt ($oldV.Patch | int) 11) -}}
+        {{/* Block the upgrade */}}
+        {{- fail "Migration to 2.x.x is only allowed from 1.0.11 or higher" -}}
+      {{- end -}}
+    {{- end -}}
+
+  {{- end -}}
+{{- end -}}

charts/wg-easy/2.0.0/templates/_persistence.tpl

@@ -0,0 +1,26 @@
+{{- define "wgeasy.persistence" -}}
+persistence:
+  config:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.wgStorage.config) | nindent 4 }}
+    targetSelector:
+      wgeasy:
+        wgeasy:
+          mountPath: /etc/wireguard
+  tmp:
+    enabled: true
+    type: emptyDir
+    targetSelector:
+      wgeasy:
+        wgeasy:
+          mountPath: /tmp
+  {{- range $idx, $storage := .Values.wgStorage.additionalStorages }}
+  {{ printf "wgeasy-%v:" (int $idx) }}
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
+    targetSelector:
+      wgeasy:
+        wgeasy:
+          mountPath: {{ $storage.mountPath }}
+  {{- end }}
+{{- end -}}

charts/wg-easy/2.0.0/templates/_portal.tpl

@@ -0,0 +1,12 @@
+{{- define "wgeasy.portal" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: portal
+data:
+  path: "/"
+  port: {{ .Values.wgNetwork.webPort | quote }}
+  protocol: http
+  host: $node_ip
+{{- end -}}

charts/wg-easy/2.0.0/templates/_service.tpl

@@ -0,0 +1,21 @@
+{{- define "wgeasy.service" -}}
+service:
+  wgeasy:
+    enabled: true
+    primary: true
+    type: NodePort
+    targetSelector: wgeasy
+    ports:
+      webui:
+        enabled: true
+        primary: true
+        port: {{ .Values.wgNetwork.webPort }}
+        nodePort: {{ .Values.wgNetwork.webPort }}
+        targetSelector: wgeasy
+      vpn:
+        enabled: true
+        port: {{ .Values.wgNetwork.udpPort }}
+        nodePort: {{ .Values.wgNetwork.udpPort }}
+        protocol: udp
+        targetSelector: wgeasy
+{{- end -}}

charts/wg-easy/2.0.0/templates/_wgeasy.tpl

@@ -0,0 +1,84 @@
+{{- define "wgeasy.workload" -}}
+workload:
+  wgeasy:
+    enabled: true
+    primary: true
+    type: Deployment
+    podSpec:
+      hostNetwork: {{ .Values.wgNetwork.hostNetwork }}
+      containers:
+        wgeasy:
+          enabled: true
+          primary: true
+          imageSelector: image
+          {{/* https://github.com/WeeJeWel/wg-easy/pull/394 */}}
+          securityContext:
+            runAsUser: 0
+            runAsGroup: 0
+            runAsNonRoot: false
+            readOnlyRootFilesystem: false
+            capabilities:
+              add:
+                - NET_ADMIN
+                - NET_RAW
+                - SYS_MODULE
+          env:
+            WG_PORT: {{ .Values.wgNetwork.udpPort }}
+            PORT: {{ .Values.wgNetwork.webPort }}
+            WG_HOST: {{ .Values.wgConfig.host | quote }}
+            PASSWORD: {{ .Values.wgConfig.password | quote }}
+            WG_PERSISTENT_KEEPALIVE: {{ .Values.wgConfig.keepAlive }}
+            WG_MTU: {{ .Values.wgConfig.clientMTU }}
+            WG_DEFAULT_ADDRESS: {{ .Values.wgConfig.clientAddressRange }}
+            WG_DEFAULT_DNS: {{ .Values.wgConfig.clientDNSServer }}
+            WG_ALLOWED_IPS: {{ join "," .Values.wgConfig.clientAllowedIPs | default "0.0.0.0/0,::/0" | quote }}
+          fixedEnv:
+            PUID: 0
+          {{ with .Values.wgConfig.additionalEnvs }}
+          envList:
+            {{ range $env := . }}
+            - name: {{ $env.name }}
+              value: {{ $env.value }}
+            {{ end }}
+          {{ end }}
+          probes:
+            liveness:
+              enabled: true
+              type: http
+              port: {{ .Values.wgNetwork.webPort }}
+              path: /
+            readiness:
+              enabled: true
+              type: http
+              port: {{ .Values.wgNetwork.webPort }}
+              path: /
+            startup:
+              enabled: true
+              type: http
+              port: {{ .Values.wgNetwork.webPort }}
+              path: /
+          {{ $ip := .Values.wgConfig.clientAddressRange | replace "x" "0" }}
+          lifecycle:
+            preStop:
+              type: exec
+              command:
+                - /bin/bash
+                - -c
+                - |
+                  echo "Deleting routes created by the app..."
+                  netmask=$(ip route | grep {{ $ip }})
+                  netmask=$(echo $netmask | grep -o -E '/.\d*')
+                  netmask=${netmask#/}
+                  echo "Matched routes to delete... {{ $ip }}/$netmask"
+                  # Don't try to delete routes if steps above didn't grep-ed anything
+                  if [ ! "$netmask" == "" ]; then
+                    ip route del {{ $ip }}/$netmask || echo "Route deletion failed..."
+                  fi
+                  echo "Routes deleted..."
+                  interface=$(ip a | grep wg0)
+                  if [ ! "$interface" == "" ]; then
+                    echo "Removing wg0 interface..."
+                    ip link delete wg0
+                    echo "Removed wg0 interface..."
+                  fi
+{{- end -}}

charts/wg-easy/2.0.0/templates/common.yaml

@@ -0,0 +1,14 @@
+{{/* Apply helm migrations */}}
+{{- include "ix.v1.common.loader.init" . -}}
+
+{{- include "wgeasy.migration.checks" . -}}
+
+{{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "wgeasy.workload" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "wgeasy.service" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "wgeasy.persistence" $ | fromYaml) -}}
+
+{{/* Create the configmap for portal manually*/}}
+{{- include "wgeasy.portal" $ -}}
+
+{{- include "ix.v1.common.loader.apply" . -}}

charts/wg-easy/2.0.0/to_keep_versions.md

@@ -0,0 +1,4 @@
+# 1.0.12
+
+This version is kept because it contains a fix that is needed for migration to v2.x.x
+It should be safe to remove few months after v2.x.x is released.

charts/wg-easy/item.yaml

@@ -4,6 +4,5 @@ categories:
 screenshots:
   - https://media.sys.truenas.net/apps/wg-easy/screenshots/screenshot1.png
 tags:
-  - wireguard
-  - network
   - vpn
+  - wireguard