1 年之前 · 6e8d31ecee
--- a/library/ix-dev/community/vikunja/Chart.yaml
+++ b/library/ix-dev/community/vikunja/Chart.yaml
@@ -5,7 +5,7 @@ annotations:
 
				 type: application
			
 
				 version: 1.0.0
			
 
				 apiVersion: v2
			
 
				-appVersion: latest
			
 
				+appVersion: 0.21.0
			
 
				 kubeVersion: '>=1.16.0-0'
			
 
				 maintainers:
			
 
				   - name: truenas
			
--- a/library/ix-dev/community/vikunja/ci/extra-values.yaml
+++ b/library/ix-dev/community/vikunja/ci/extra-values.yaml
@@ -0,0 +1,23 @@
 
				+vikunjaNetwork:
			
 
				+  webPort: 31000
			
 
				+
			
 
				+vikunjaConfig:
			
 
				+  url: http://localhost:31000
			
 
				+  maxFileSize: 20
			
 
				+
			
 
				+vikunjaRunAs:
			
 
				+  user: 1000
			
 
				+  group: 1000
			
 
				+
			
 
				+vikunjaStorage:
			
 
				+  data:
			
 
				+    type: pvc
			
 
				+  pgData:
			
 
				+    type: pvc
			
 
				+  pgBackup:
			
 
				+    type: emptyDir
			
 
				+  additionalStorages:
			
 
				+  - type: pvc
			
 
				+    mountPath: /data1
			
 
				+  - type: pvc
			
 
				+    mountPath: /data2
			
--- a/library/ix-dev/community/vikunja/metadata.yaml
+++ b/library/ix-dev/community/vikunja/metadata.yaml
@@ -1,9 +1,9 @@
 
				 runAsContext:
			
 
				-  - userName: root
			
 
				-    groupName: root
			
 
				-    gid: 0
			
 
				-    uid: 0
			
 
				-    description: Vikunja API runs as root user.
			
 
				+  - userName: vikunja
			
 
				+    groupName: vikunja
			
 
				+    gid: 568
			
 
				+    uid: 568
			
 
				+    description: Vikunja API can run as any non-root user
			
 
				   - userName: nginx
			
 
				     groupName: nginx
			
 
				     gid: 101
			
@@ -19,11 +19,5 @@ runAsContext:
 
				     gid: 999
			
 
				     uid: 999
			
 
				     description: Postgres runs as a non-root user.
			
 
				-capabilities:
			
 
				-  - name: CHOWN
			
 
				-    description: Vikunka API is able to chown files.
			
 
				-  - name: SETGID
			
 
				-    description: Vikunka API is able to set group ID for it's sub-processes.
			
 
				-  - name: SETUID
			
 
				-    description: Vikunka API is able to set user ID for it's sub-processes.
			
 
				+capabilities: []
			
 
				 hostMounts: []
			
--- a/library/ix-dev/community/vikunja/questions.yaml
+++ b/library/ix-dev/community/vikunja/questions.yaml
@@ -1,6 +1,8 @@
 
				 groups:
			
 
				   - name: Vikunja Configuration
			
 
				     description: Configure Vikunja
			
 
				+  - name: User and Group Configuration
			
 
				+    description: Configure User and Group for Vikunja
			
 
				   - name: Network Configuration
			
 
				     description: Configure Network for Vikunja
			
 
				   - name: Storage Configuration
			
@@ -77,6 +79,29 @@ questions:
 
				                         type: string
			
 
				                         required: true
			
 
				 
			
 
				+  - variable: vikunjaRunAs
			
 
				+    label: ""
			
 
				+    group: User and Group Configuration
			
 
				+    schema:
			
 
				+      type: dict
			
 
				+      attrs:
			
 
				+        - variable: user
			
 
				+          label: User ID
			
 
				+          description: The user id that Vikunja will run as.
			
 
				+          schema:
			
 
				+            type: int
			
 
				+            min: 2
			
 
				+            default: 568
			
 
				+            required: true
			
 
				+        - variable: group
			
 
				+          label: Group ID
			
 
				+          description: The group id that Vikunja will run as.
			
 
				+          schema:
			
 
				+            type: int
			
 
				+            min: 2
			
 
				+            default: 568
			
 
				+            required: true
			
 
				+
			
 
				   - variable: vikunjaNetwork
			
 
				     label: ""
			
 
				     group: Network Configuration
			
--- a/library/ix-dev/community/vikunja/templates/_vikunja_api.tpl
+++ b/library/ix-dev/community/vikunja/templates/_vikunja_api.tpl
@@ -12,15 +12,14 @@ workload:
 
				           primary: true
			
 
				           imageSelector: image
			
 
				           securityContext:
			
 
				-            runAsUser: 0
			
 
				-            runAsGroup: 0
			
 
				+            runAsUser: {{ .Values.vikunjaRunAs.user }}
			
 
				+            runAsGroup: {{ .Values.vikunjaRunAs.group }}
			
 
				             runAsNonRoot: false
			
 
				-            readOnlyRootFilesystem: false
			
 
				-            capabilities:
			
 
				-              add:
			
 
				-                - CHOWN
			
 
				-                - SETGID
			
 
				-                - SETUID
			
 
				+
			
 
				+          env:
			
 
				+            # Make vikunja skip user creation
			
 
				+            PUID: ""
			
 
				+            PGID: ""
			
 
				           envFrom:
			
 
				             - secretRef:
			
 
				                 name: vikunja-creds
			
--- a/library/ix-dev/community/vikunja/values.yaml
+++ b/library/ix-dev/community/vikunja/values.yaml
@@ -21,6 +21,10 @@ vikunjaConfig:
 
				   maxFileSize: 20
			
 
				   additionalEnvs: []
			
 
				 
			
 
				+vikunjaRunAs:
			
 
				+  user: 568
			
 
				+  group: 568
			
 
				+
			
 
				 vikunjaNetwork:
			
 
				   webPort: 31002