homarr - adapt to upstream changes (#1791)

* homarr - adapt to upstream changes

* remove password

* render

* add acl

* bump version

* update label

* update readme

library/ix-dev/community/homarr/Chart.yaml

@@ -3,9 +3,9 @@ description: Homarr is a sleek, modern dashboard that puts all of your apps and
 annotations:
   title: Homarr
 type: application
-version: 1.1.3
+version: 2.0.0
 apiVersion: v2
-appVersion: 0.13.4
+appVersion: 0.14.2
 kubeVersion: '>=1.16.0-0'
 maintainers:
   - name: truenas

library/ix-dev/community/homarr/README.md

@@ -2,7 +2,8 @@
 
 [Homarr](https://github.com/ajnart/homarr) is a sleek, modern dashboard that puts all of your apps and services at your fingertips.
 
-> When application is installed, a container will be launched with **root** privileges.
-> This is required in order to apply the correct permissions to the `Homarr` directories.
-> Afterward, the `Homarr` container will run as a **non**-root user (Default: `568`).
-> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user.
+## Upgrade to 2.0.0
+
+Direct upgrade to 2.x.x is not possible, due to major upstream changes.
+The changes require new storage configuration that cannot be assumed, nor configured
+during the upgrade. Please re-install in order to configure this new storage.

library/ix-dev/community/homarr/app-readme.md

@@ -2,7 +2,8 @@
 
 [Homarr](https://github.com/ajnart/homarr) is a sleek, modern dashboard that puts all of your apps and services at your fingertips.
 
-> When application is installed, a container will be launched with **root** privileges.
-> This is required in order to apply the correct permissions to the `Homarr` directories.
-> Afterward, the `Homarr` container will run as a **non**-root user (Default: `568`).
-> All mounted storage(s) will be `chown`ed only if the parent directory does not match the configured user.
+## Upgrade to 2.0.0
+
+Direct upgrade to 2.x.x is not possible, due to major upstream changes.
+The changes require new storage configuration that cannot be assumed, nor configured
+during the upgrade. Please re-install in order to configure this new storage.

library/ix-dev/community/homarr/ci/basic-values.yaml

@@ -7,8 +7,8 @@ homarrRunAs:
 
 homarrStorage:
   configs:
-    type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/configs
+    type: pvc
+  data:
+    type: pvc
   icons:
-    type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/icons
+    type: pvc

library/ix-dev/community/homarr/ci/extra-values.yaml

@@ -9,15 +9,13 @@ homarrNetwork:
 
 homarrStorage:
   configs:
-    type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/configs
+    type: pvc
+  data:
+    type: pvc
   icons:
-    type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/icons
+    type: pvc
   additionalStorages:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
+  - type: pvc
     mountPath: /data1
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data2
+  - type: pvc
     mountPath: /data2

library/ix-dev/community/homarr/ci/hostNet-values.yaml

@@ -4,8 +4,8 @@ homarrNetwork:
 
 homarrStorage:
   configs:
-    type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/configs
+    type: pvc
+  data:
+    type: pvc
   icons:
-    type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/icons
+    type: pvc

library/ix-dev/community/homarr/questions.yaml

@@ -37,13 +37,6 @@ questions:
     schema:
       type: dict
       attrs:
-        - variable: password
-          label: Password (Optional)
-          description: Password for Homarr.
-          schema:
-            type: string
-            default: ""
-            private: true
         - variable: additionalEnvs
           label: Additional Environment Variables
           description: Configure additional environment variables for Homarr.
@@ -140,24 +133,145 @@ questions:
                       description: Host Path (Path that already exists on the system)
                     - value: "ixVolume"
                       description: ixVolume (Dataset created automatically by the system)
-              - variable: datasetName
-                label: Dataset Name
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
                 schema:
-                  type: string
+                  type: dict
                   show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "configs"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        immutable: true
+                        required: true
+
+        - variable: data
+          label: Homarr Data Storage
+          description: The path to store Homarr Data.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
                   required: true
-                  hidden: true
                   immutable: true
-                  default: "configs"
+                  default: "ixVolume"
+                  enum:
+                    - value: "hostPath"
+                      description: Host Path (Path that already exists on the system)
+                    - value: "ixVolume"
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
                   $ref:
                     - "normalize/ixVolume"
-              - variable: hostPath
-                label: Host Path
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "data"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
                 schema:
-                  type: hostpath
+                  type: dict
                   show_if: [["type", "=", "hostPath"]]
-                  immutable: true
-                  required: true
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        immutable: true
+                        required: true
+
         - variable: icons
           label: Homarr Icon Storage
           description: The path to store Homarr Icons.
@@ -179,24 +293,65 @@ questions:
                       description: Host Path (Path that already exists on the system)
                     - value: "ixVolume"
                       description: ixVolume (Dataset created automatically by the system)
-              - variable: datasetName
-                label: Dataset Name
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
                 schema:
-                  type: string
+                  type: dict
                   show_if: [["type", "=", "ixVolume"]]
-                  required: true
-                  hidden: true
-                  immutable: true
-                  default: "icons"
                   $ref:
                     - "normalize/ixVolume"
-              - variable: hostPath
-                label: Host Path
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "icons"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
                 schema:
-                  type: hostpath
+                  type: dict
                   show_if: [["type", "=", "hostPath"]]
-                  immutable: true
-                  required: true
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        immutable: true
+                        required: true
+
         - variable: additionalStorages
           label: Additional Storage
           description: Additional storage for Homarr.
@@ -227,74 +382,120 @@ questions:
                             description: ixVolume (Dataset created automatically by the system)
                           - value: "smb-pv-pvc"
                             description: SMB Share (Mounts a persistent volume claim to a SMB share)
+                    - variable: readOnly
+                      label: Read Only
+                      description: Mount the volume as read only.
+                      schema:
+                        type: boolean
+                        default: false
                     - variable: mountPath
                       label: Mount Path
                       description: The path inside the container to mount the storage.
                       schema:
                         type: path
                         required: true
-                    - variable: hostPath
-                      label: Host Path
-                      description: The host path to use for storage.
+                    - variable: hostPathConfig
+                      label: Host Path Configuration
                       schema:
-                        type: hostpath
+                        type: dict
                         show_if: [["type", "=", "hostPath"]]
-                        required: true
-                    - variable: datasetName
-                      label: Dataset Name
-                      description: The name of the dataset to use for storage.
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: acl
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                              $ref:
+                                - "normalize/acl"
+                          - variable: hostPath
+                            label: Host Path
+                            description: The host path to use for storage.
+                            schema:
+                              type: hostpath
+                              show_if: [["aclEnable", "=", false]]
+                              immutable: true
+                              required: true
+                    - variable: ixVolumeConfig
+                      label: ixVolume Configuration
+                      description: The configuration for the ixVolume dataset.
                       schema:
-                        type: string
+                        type: dict
                         show_if: [["type", "=", "ixVolume"]]
-                        required: true
-                        immutable: true
-                        default: "storage_entry"
                         $ref:
                           - "normalize/ixVolume"
-                    - variable: server
-                      label: Server
-                      description: The server for the SMB share.
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: datasetName
+                            label: Dataset Name
+                            description: The name of the dataset to use for storage.
+                            schema:
+                              type: string
+                              required: true
+                              immutable: true
+                              default: "storage_entry"
+                          - variable: aclEntries
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                    - variable: smbConfig
+                      label: SMB Share Configuration
+                      description: The configuration for the SMB Share.
                       schema:
-                        type: string
+                        type: dict
                         show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                    - variable: share
-                      label: Share
-                      description: The share name for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                    - variable: domain
-                      label: Domain (Optional)
-                      description: The domain for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                    - variable: username
-                      label: Username
-                      description: The username for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                    - variable: password
-                      label: Password
-                      description: The password for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                        private: true
-                    - variable: size
-                      label: Size (in Gi)
-                      description: The size of the volume quota.
-                      schema:
-                        type: int
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                        min: 1
-                        default: 1
+                        attrs:
+                          - variable: server
+                            label: Server
+                            description: The server for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: share
+                            label: Share
+                            description: The share name for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: domain
+                            label: Domain (Optional)
+                            description: The domain for the SMB share.
+                            schema:
+                              type: string
+                          - variable: username
+                            label: Username
+                            description: The username for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: password
+                            label: Password
+                            description: The password for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                              private: true
+                          - variable: size
+                            label: Size (in Gi)
+                            description: The size of the volume quota.
+                            schema:
+                              type: int
+                              required: true
+                              min: 1
+                              default: 1
 
   - variable: resources
     group: Resources Configuration

library/ix-dev/community/homarr/templates/_configuration.tpl

@@ -0,0 +1,14 @@
+{{- define "homarr.configuration" -}}
+  {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}}
+
+  {{- $secretKey := randAlphaNum 32 -}}
+  {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-homarr-creds" $fullname)) -}}
+    {{- $secretKey = ((index .data "NEXTAUTH_SECRET") | b64dec) -}}
+  {{- end }}
+
+secret:
+  homarr-creds:
+    enabled: true
+    data:
+      NEXTAUTH_SECRET: {{ $secretKey }}
+{{- end -}}

library/ix-dev/community/homarr/templates/_homarr.tpl

@@ -16,9 +16,9 @@ workload:
             runAsGroup: {{ .Values.homarrRunAs.group }}
           env:
             PORT: {{ .Values.homarrNetwork.webPort }}
-            {{ with .Values.homarrConfig.password }}
-            PASSWORD: {{ . }}
-            {{ end }}
+          envFrom:
+            - secretRef:
+                name: homarr-creds
           {{ with .Values.homarrConfig.additionalEnvs }}
           envList:
             {{ range $env := . }}
@@ -30,22 +30,16 @@ workload:
             liveness:
               enabled: true
               type: http
-              port: "{{ .Values.homarrNetwork.webPort }}"
-              path: /api/configs
+              port: {{ .Values.homarrNetwork.webPort }}
+              path: /
             readiness:
               enabled: true
               type: http
-              port: "{{ .Values.homarrNetwork.webPort }}"
-              path: /api/configs
+              port: {{ .Values.homarrNetwork.webPort }}
+              path: /
             startup:
               enabled: true
               type: http
-              port: "{{ .Values.homarrNetwork.webPort }}"
-              path: /api/configs
-      initContainers:
-      {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
-                                                        "UID" .Values.homarrRunAs.user
-                                                        "GID" .Values.homarrRunAs.group
-                                                        "mode" "check"
-                                                        "type" "init") | nindent 8 }}
+              port: {{ .Values.homarrNetwork.webPort }}
+              path: /
 {{- end -}}

library/ix-dev/community/homarr/templates/_persistence.tpl

@@ -2,26 +2,25 @@
 persistence:
   configs:
     enabled: true
-    type: {{ .Values.homarrStorage.configs.type }}
-    datasetName: {{ .Values.homarrStorage.configs.datasetName | default "" }}
-    hostPath: {{ .Values.homarrStorage.configs.hostPath | default "" }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.homarrStorage.configs) | nindent 4 }}
     targetSelector:
       homarr:
         homarr:
           mountPath: /app/data/configs
-        01-permissions:
-          mountPath: /mnt/directories/configs
+  data:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.homarrStorage.data) | nindent 4 }}
+    targetSelector:
+      homarr:
+        homarr:
+          mountPath: /data
   icons:
     enabled: true
-    type: {{ .Values.homarrStorage.icons.type }}
-    datasetName: {{ .Values.homarrStorage.icons.datasetName | default "" }}
-    hostPath: {{ .Values.homarrStorage.icons.hostPath | default "" }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.homarrStorage.icons) | nindent 4 }}
     targetSelector:
       homarr:
         homarr:
           mountPath: /app/data/icons
-        01-permissions:
-          mountPath: /mnt/directories/icons
   tmp:
     enabled: true
     type: emptyDir
@@ -31,29 +30,11 @@ persistence:
           mountPath: /tmp
   {{- range $idx, $storage := .Values.homarrStorage.additionalStorages }}
   {{ printf "homarr-%v" (int $idx) }}:
-    {{- $size := "" -}}
-    {{- if $storage.size -}}
-      {{- $size = (printf "%vGi" $storage.size) -}}
-    {{- end }}
     enabled: true
-    type: {{ $storage.type }}
-    datasetName: {{ $storage.datasetName | default "" }}
-    hostPath: {{ $storage.hostPath | default "" }}
-    server: {{ $storage.server | default "" }}
-    share: {{ $storage.share | default "" }}
-    domain: {{ $storage.domain | default "" }}
-    username: {{ $storage.username | default "" }}
-    password: {{ $storage.password | default "" }}
-    size: {{ $size }}
-    {{- if eq $storage.type "smb-pv-pvc" }}
-    mountOptions:
-      - key: noperm
-    {{- end }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
     targetSelector:
       homarr:
         homarr:
           mountPath: {{ $storage.mountPath }}
-        01-permissions:
-          mountPath: /mnt/directories{{ $storage.mountPath }}
   {{- end }}
 {{- end -}}

library/ix-dev/community/homarr/templates/common.yaml

@@ -1,6 +1,7 @@
 {{- include "ix.v1.common.loader.init" . -}}
 
 {{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "homarr.configuration" $ | fromYaml) -}}
 {{- $_ := mustMergeOverwrite .Values (include "homarr.workload" $ | fromYaml) -}}
 {{- $_ := mustMergeOverwrite .Values (include "homarr.persistence" $ | fromYaml) -}}
 {{- $_ := mustMergeOverwrite .Values (include "homarr.service" $ | fromYaml) -}}

library/ix-dev/community/homarr/values.yaml

@@ -1,7 +1,7 @@
 image:
   repository: ghcr.io/ajnart/homarr
   pullPolicy: IfNotPresent
-  tag: 0.13.4
+  tag: 0.14.2
 
 resources:
   limits:
@@ -23,8 +23,14 @@ homarrRunAs:
 homarrStorage:
   configs:
     type: ixVolume
-    datasetName: configs
+    ixVolumeConfig:
+      datasetName: configs
+  data:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: data
   icons:
     type: ixVolume
-    datasetName: icons
+    ixVolumeConfig:
+      datasetName: icons
   additionalStorages: []