ssl

library/ix-dev/community/dashy/templates/_dashy.tpl

@@ -20,9 +20,17 @@ workload:
           fixedEnv:
             PUID: {{ .Values.dashyID.user }}
           env:
+            {{- $protocol := "http" -}}
+            {{- if .Values.dashyNetwork.certificateID }}
+              {{- $protocol = "https" -}}
+            SSL_PRIV_KEY_PATH: /cert/tls.key
+            SSL_PUB_KEY_PATH: /cert/tls.crt
+            SSL_PORT: {{ .Values.dashyNetwork.webPort }}
+            {{- else }}
+            PORT: {{ .Values.dashyNetwork.webPort }}
+            {{- end }}
             NODE_ENV: production
             IS_DOCKER: "true"
-            PORT: {{ .Values.dashyNetwork.webPort }}
           {{ with .Values.dashyConfig.additionalEnvs }}
           envList:
             {{ range $env := . }}
@@ -33,17 +41,17 @@ workload:
           probes:
             liveness:
               enabled: true
-              type: http
+              type: {{ $protocol }}
               port: {{ .Values.dashyNetwork.webPort }}
               path: /
             readiness:
               enabled: true
-              type: http
+              type: {{ $protocol }}
               port: {{ .Values.dashyNetwork.webPort }}
               path: /
             startup:
               enabled: true
-              type: http
+              type: {{ $protocol }}
               port: {{ .Values.dashyNetwork.webPort }}
               path: /
       initContainers:

library/ix-dev/community/dashy/templates/_persistence.tpl

@@ -29,4 +29,27 @@ persistence:
         dashy:
           mountPath: {{ $storage.mountPath }}
   {{- end -}}
+
+  {{- if .Values.dashyNetwork.certificateID }}
+  cert:
+    enabled: true
+    type: secret
+    objectName: dashy-cert
+    defaultMode: "0600"
+    items:
+      - key: tls.key
+        path: tls.key
+      - key: tls.crt
+        path: tls.crt
+    targetSelector:
+      dashy:
+        dashy:
+          mountPath: /cert
+          readOnly: true
+
+scaleCertificate:
+  dashy-cert:
+    enabled: true
+    id: {{ .Values.dashyNetwork.certificateID }}
+    {{- end -}}
 {{- end -}}

library/ix-dev/community/dashy/templates/_portal.tpl

@@ -1,4 +1,8 @@
 {{- define "dashy.portal" -}}
+{{- $protocol := "http" -}}
+{{- if .Values.dashyNetwork.certificateID -}}
+  {{- $protocol = "https" -}}
+{{- end }}
 ---
 apiVersion: v1
 kind: ConfigMap
@@ -7,6 +11,6 @@ metadata:
 data:
   path: "/"
   port: {{ .Values.dashyNetwork.webPort | quote }}
-  protocol: http
+  protocol: {{ $protocol }}
   host: $node_ip
 {{- end -}}

library/ix-dev/community/dashy/values.yaml

@@ -13,6 +13,7 @@ dashyConfig:
 
 dashyNetwork:
   webPort: 31003
+  certificateID:
   hostNetwork: false
 
 dashyID: