nginx-proxy-manager: allow changing puid/pgid (#2340)

* nginx-proxy-manager: allow changing puid/pgid

* restore quites

* restore quotes

* fix defaults

* make better

library/ix-dev/community/nginx-proxy-manager/Chart.yaml

@@ -3,7 +3,7 @@ description: Expose your services easily and securely
 annotations:
   title: Nginx Proxy Manager
 type: application
-version: 1.0.28
+version: 1.0.29
 apiVersion: v2
 appVersion: 2.11.1
 kubeVersion: '>=1.16.0-0'

library/ix-dev/community/nginx-proxy-manager/migrations/migrate

@@ -16,6 +16,15 @@ def migrate(values):
 
         values[storageKey][storage] = {key: value for key, value in check_val.items() if key != 'hostPath'}
 
+    # If there is no npmID, add it defaults to
+    # 1000 to account for existing installations
+    if values.get('npmID', None) is None:
+        values.update({
+            'npmID': {
+                'user': 1000,
+                'group': 1000
+            }
+        })
 
     return values
 

library/ix-dev/community/nginx-proxy-manager/questions.yaml

@@ -59,6 +59,28 @@ questions:
                       schema:
                         type: string
                         required: true
+  - variable: npmID
+    label: ""
+    group: User and Group Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: user
+          label: User ID
+          description: The user id that Nginx Proxy Manager files will be owned by.
+          schema:
+            type: int
+            min: 2
+            default: 568
+            required: true
+        - variable: group
+          label: Group ID
+          description: The group id that Nginx Proxy Manager files will be owned by.
+          schema:
+            type: int
+            min: 2
+            default: 568
+            required: true
 
   - variable: npmNetwork
     label: ""

library/ix-dev/community/nginx-proxy-manager/templates/_npm.tpl

@@ -1,4 +1,7 @@
 {{- define "npm.workload" -}}
+{{- if not .Values.npmID -}}
+  {{- $_ := set .Values "npmID" dict -}}
+{{- end }}
 workload:
   npm:
     enabled: true
@@ -7,7 +10,7 @@ workload:
     podSpec:
       hostNetwork: false
       securityContext:
-        fsGroup: 1000
+        fsGroup: {{ .Values.npmID.group | default 1000 }}
       containers:
         npm:
           enabled: true
@@ -30,9 +33,7 @@ workload:
                 # Needed for: Nginx Service
                 - FOWNER
           fixedEnv:
-            # FIXME: Revisit once upstream irons out some issues in regarids with PUID.
-            # Make sure 568 PUID works before exposing
-            PUID: 1000
+            PUID: {{ .Values.npmID.user | default 1000 }}
           env:
             DISABLE_IPV6: true
             DB_SQLITE_FILE: /data/database.sqlite

library/ix-dev/community/nginx-proxy-manager/values.yaml

@@ -12,6 +12,9 @@ npmNetwork:
   webPort: 30020
   httpPort: 30021
   httpsPort: 30022
+npmID:
+  user: 568
+  group: 568
 npmStorage:
   data:
     type: ixVolume