diff --git a/charts/caduser/v0.1.0/Chart.lock b/charts/caduser/v0.1.0/Chart.lock new file mode 100644 index 0000000..1698e84 --- /dev/null +++ b/charts/caduser/v0.1.0/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: memcached + repository: oci://registry-1.docker.io/cloudpirates + version: 0.9.3 +digest: sha256:49e682658df3168f5001acab4149fec6a44a954d4355d5c55f19b17eebe62f60 +generated: "2026-01-29T17:01:33.905882774-03:00" diff --git a/charts/caduser/v0.1.0/Chart.yaml b/charts/caduser/v0.1.0/Chart.yaml new file mode 100644 index 0000000..cccd178 --- /dev/null +++ b/charts/caduser/v0.1.0/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: caduser +description: Sistema de Cadastro de Usuários - Saberes + +# A chart can be either an 'application' or a 'library' chart. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +appVersion: 1.0.0 + +icon: https://git.interlegis.leg.br/SEIT/rancher-charts/raw/master/images/interlegis.png + +dependencies: +- name: memcached + version: 0.9.3 + repository: oci://registry-1.docker.io/cloudpirates + condition: memcached.enabled diff --git a/charts/caduser/v0.1.0/README.md b/charts/caduser/v0.1.0/README.md new file mode 100644 index 0000000..738d2bc --- /dev/null +++ b/charts/caduser/v0.1.0/README.md @@ -0,0 +1,102 @@ +# CadUser - Sistema de Cadastro de Usuários + +Sistema de cadastro e gerenciamento de usuários desenvolvido pelo Interlegis. + +## Instalação + +```bash +helm install caduser ./caduser -f values.yaml +``` + +## Pré-requisitos + +- Kubernetes 1.19+ +- Helm 3.0+ +- CloudNativePG Operator (https://cloudnative-pg.io/) +- Ingress Controller (nginx) +- Cert-manager (opcional, para TLS com Let's Encrypt) + +## Parâmetros + +### Configurações da Aplicação + +| Parâmetro | Descrição | Padrão | +|-----------|-----------|--------| +| `caduser.hostname` | Hostname para acesso ao CadUser | `caduser.domain.net` | +| `caduser.adminUsers` | E-mails dos administradores (separados por vírgula) | `admin@example.com` | +| `caduser.debug` | Habilitar modo debug | `False` | + +### Configurações de E-mail + +| Parâmetro | Descrição | Padrão | +|-----------|-----------|--------| +| `caduser.emailHost` | Servidor SMTP | `smtp.domain.net` | +| `caduser.emailPort` | Porta SMTP | `25` | +| `caduser.emailUseTls` | Usar TLS | `False` | +| `caduser.emailUseSsl` | Usar SSL | `False` | +| `caduser.defaultFromEmail` | E-mail remetente | `no-reply@domain.net` | + +### Configurações de Banco de Dados (CloudNativePG) + +| Parâmetro | Descrição | Padrão | +|-----------|-----------|--------| +| `postgresql.enabled` | Criar cluster PostgreSQL | `true` | +| `postgresql.clusterName` | Nome do cluster | `caduser-pg` | +| `postgresql.instances` | Número de instâncias | `1` | +| `postgresql.databaseName` | Nome do banco | `caduser` | +| `postgresql.owner` | Usuário dono do banco | `caduser` | +| `postgresql.storageSize` | Tamanho do volume | `1Gi` | +| `postgresql.image` | Imagem PostgreSQL | `ghcr.io/cloudnative-pg/postgresql:17.2` | + +### Configurações de Cache + +| Parâmetro | Descrição | Padrão | +|-----------|-----------|--------| +| `memcached.internal` | Usar Memcached interno | `true` | + +### Configurações de Ingress + +| Parâmetro | Descrição | Padrão | +|-----------|-----------|--------| +| `ingress.enabled` | Habilitar Ingress | `true` | +| `ingress.class` | Classe do Ingress | `nginx` | +| `ingress.tls.enabled` | Habilitar TLS | `true` | + +### Persistência + +| Parâmetro | Descrição | Padrão | +|-----------|-----------|--------| +| `persistence.enabled` | Habilitar persistência | `true` | +| `persistence.size` | Tamanho do volume de mídia | `2Gi` | +| `persistence.accessMode` | Modo de acesso | `ReadWriteOnce` | + +### Recursos + +| Parâmetro | Descrição | Padrão | +|-----------|-----------|--------| +| `resources.requests.cpu` | CPU solicitada | `35m` | +| `resources.requests.memory` | Memória solicitada | `512Mi` | +| `resources.limits.cpu` | Limite de CPU | `1000m` | +| `resources.limits.memory` | Limite de memória | `1000Mi` | + +## Integrações + +### Moodle + +Para integrar com o Moodle, configure: + +```yaml +caduser: + moodleBaseUrl: "https://moodle.example.com" + moodleApiToken: "seu-token-aqui" +``` + +### MaxMind GeoIP + +Para habilitar geolocalização com MaxMind: + +```yaml +caduser: + maxmindAccountId: "seu-account-id" + maxmindLicenceKey: "sua-chave" +``` \ No newline at end of file diff --git a/charts/caduser/v0.1.0/app-readme.md b/charts/caduser/v0.1.0/app-readme.md new file mode 100644 index 0000000..a3467dc --- /dev/null +++ b/charts/caduser/v0.1.0/app-readme.md @@ -0,0 +1,5 @@ +# Sistema de Cadastro de Usuários - CadUser + +Utilize o formulário abaixo para configurar o CadUser. + +O CadUser é um sistema de cadastro e gerenciamento de usuários para o Saberes. diff --git a/charts/caduser/v0.1.0/charts/memcached-0.9.3.tgz b/charts/caduser/v0.1.0/charts/memcached-0.9.3.tgz new file mode 100644 index 0000000..9b1d97f Binary files /dev/null and b/charts/caduser/v0.1.0/charts/memcached-0.9.3.tgz differ diff --git a/charts/caduser/v0.1.0/questions.yaml b/charts/caduser/v0.1.0/questions.yaml new file mode 100644 index 0000000..d38d2ac --- /dev/null +++ b/charts/caduser/v0.1.0/questions.yaml @@ -0,0 +1,212 @@ +labels: + io.cattle.role: project +categories: +- Gerenciamento +questions: +# Informações Básicas +- variable: caduser.hostname + default: "caduser.teste.leg.br" + description: "Endereço para acesso ao CadUser" + label: "URL do CadUser" + type: string + group: Básico + required: true +- variable: caduser.adminUsers + default: "admin@example.com" + description: "E-mails dos usuários administradores (separados por vírgula)" + label: "Administradores" + type: string + group: Básico + required: true +- variable: caduser.debug + default: "False" + description: "Habilitar modo de depuração?" + label: "Debug" + type: enum + group: Básico + options: + - "True" + - "False" + required: false + +# Ingress +- variable: ingress.tls.enabled + default: true + type: boolean + description: "Habilitar criptografia do protocolo HTTP (HTTPS)?" + label: "Habilitar TLS?" + required: false + group: Ingress + show_subquestion_if: false + +# Correio +- variable: caduser.defaultFromEmail + default: "no-reply@interlegis.leg.br" + description: "Remetente dos e-mails enviados pelo CadUser" + label: "Remetente" + type: string + group: Correio + required: false +- variable: caduser.emailSubjectPrefix + default: "[CadUser]" + description: "Prefixo no assunto dos e-mails" + label: "Prefixo do assunto" + type: string + group: Correio + required: false +- variable: caduser.emailUseTls + default: "False" + description: "Usar TLS ao conectar no servidor SMTP?" + label: "Usar TLS" + type: enum + group: Correio + options: + - "True" + - "False" + required: false +- variable: caduser.emailUseSsl + default: "False" + description: "Usar SSL ao conectar no servidor SMTP?" + label: "Usar SSL" + type: enum + group: Correio + options: + - "True" + - "False" + required: false +- variable: caduser.emailPort + default: 25 + description: "Porta de envio de E-mail (SMTP)" + type: int + label: "Porta SMTP" + required: false + group: Correio +- variable: caduser.emailHost + default: "smtp.interlegis.leg.br" + description: "Servidor de envio de e-mail (SMTP)" + label: "Servidor SMTP" + type: string + group: Correio + required: false +- variable: caduser.emailHostUser + default: "" + description: "Usuário para autenticação SMTP (se necessário)" + label: "Usuário SMTP" + type: string + group: Correio + required: false +- variable: caduser.emailHostPassword + default: "" + description: "Senha para autenticação SMTP (se necessário)" + label: "Senha SMTP" + type: password + group: Correio + required: false + +# Integrações +- variable: caduser.moodleBaseUrl + default: "" + description: "URL base do Moodle (se integração habilitada)" + label: "URL Moodle" + type: string + group: Integrações + required: false +- variable: caduser.moodleApiToken + default: "" + description: "Token de API do Moodle (se integração habilitada)" + label: "Token API Moodle" + type: password + group: Integrações + required: false +- variable: caduser.maxmindAccountId + default: "" + description: "ID da conta MaxMind (para geolocalização)" + label: "MaxMind Account ID" + type: string + group: Integrações + required: false +- variable: caduser.maxmindLicenceKey + default: "" + description: "Chave de licença MaxMind" + label: "MaxMind License Key" + type: password + group: Integrações + required: false + +# PostgreSQL (CloudNativePG) +- variable: postgresql.enabled + default: true + description: "Criar cluster PostgreSQL (CloudNativePG)?" + label: "PostgreSQL Habilitado" + type: boolean + group: Banco de Dados + required: true + show_subquestion_if: true + subquestions: + - variable: postgresql.instances + default: 1 + description: "Número de instâncias PostgreSQL" + label: "Instâncias" + type: int + required: true + - variable: postgresql.storageSize + default: "1Gi" + description: "Tamanho do volume persistente para PostgreSQL" + label: "Tamanho do Volume PostgreSQL" + type: string + required: false + +# Memcached +- variable: memcached.enabled + default: true + description: "Usar servidor Memcached interno?" + label: "Memcached Interno" + type: boolean + group: Cache + required: true + +# Persistência +- variable: persistence.enabled + default: true + description: "Habilitar persistência para arquivos de mídia?" + label: "Persistência" + type: boolean + group: Armazenamento + required: false +- variable: persistence.size + default: "2Gi" + description: "Tamanho do volume persistente para arquivos de mídia" + label: "Tamanho do Volume" + type: string + group: Armazenamento + required: false + +# Recursos +- variable: resources.requests.cpu + default: "35m" + description: "CPU solicitada" + label: "CPU Request" + type: string + group: Recursos + required: false +- variable: resources.requests.memory + default: "512Mi" + description: "Memória solicitada" + label: "Memory Request" + type: string + group: Recursos + required: false +- variable: resources.limits.cpu + default: "1000m" + description: "Limite de CPU" + label: "CPU Limit" + type: string + group: Recursos + required: false +- variable: resources.limits.memory + default: "1000Mi" + description: "Limite de memória" + label: "Memory Limit" + type: string + group: Recursos + required: false diff --git a/charts/caduser/v0.1.0/templates/NOTES.txt b/charts/caduser/v0.1.0/templates/NOTES.txt new file mode 100644 index 0000000..bb82316 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/NOTES.txt @@ -0,0 +1,18 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} + http{{ if .Values.ingress.tls.enabled }}s{{ end }}://{{ .Values.caduser.hostname }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "caduser.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "caduser.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "caduser.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "caduser.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/charts/caduser/v0.1.0/templates/_helpers.tpl b/charts/caduser/v0.1.0/templates/_helpers.tpl new file mode 100644 index 0000000..ffa59c5 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/_helpers.tpl @@ -0,0 +1,76 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "caduser.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "caduser.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "caduser.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "caduser.labels" -}} +helm.sh/chart: {{ include "caduser.chart" . }} +{{ include "caduser.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "caduser.selectorLabels" -}} +app.kubernetes.io/name: {{ include "caduser.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "caduser.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "caduser.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create the postgresql fullname +*/}} +{{- define "postgresql.fullname" -}} +{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the memcached fullname +*/}} +{{- define "memcached.fullname" -}} +{{- printf "%s-%s" .Release.Name "memcached" | trunc 63 | trimSuffix "-" }} +{{- end }} diff --git a/charts/caduser/v0.1.0/templates/deployment.yaml b/charts/caduser/v0.1.0/templates/deployment.yaml new file mode 100644 index 0000000..e3cfac2 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/deployment.yaml @@ -0,0 +1,134 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "caduser.fullname" . }} + labels: + {{- include "caduser.labels" . | nindent 4 }} +spec: +{{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} +{{- end }} + selector: + matchLabels: + {{- include "caduser.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "caduser.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "caduser.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + env: + - name: DATABASE_URL + valueFrom: + secretKeyRef: + name: {{ .Values.postgresql.clusterName }}-app + key: uri + - name: MEMCACHED_LOCATION + value: {{ printf "%s:11211" (include "memcached.fullname" .) | quote }} + - name: ADMINS + value: "{{ .Values.caduser.adminUsers }}" + - name: DEBUG + value: "{{ .Values.caduser.debug }}" + - name: EMAIL_PORT + value: "{{ .Values.caduser.emailPort }}" + - name: EMAIL_HOST + value: "{{ .Values.caduser.emailHost }}" + - name: EMAIL_HOST_USER + value: "{{ .Values.caduser.emailHostUser }}" + - name: EMAIL_HOST_PASSWORD + value: "{{ .Values.caduser.emailHostPassword }}" + - name: EMAIL_SUBJECT_PREFIX + value: "{{ .Values.caduser.emailSubjectPrefix }}" + - name: EMAIL_USE_LOCALTIME + value: "{{ .Values.caduser.emailUseLocaltime }}" + - name: EMAIL_USE_TLS + value: "{{ .Values.caduser.emailUseTls }}" + - name: EMAIL_USE_SSL + value: "{{ .Values.caduser.emailUseSsl }}" + - name: EMAIL_TIMEOUT + value: "{{ .Values.caduser.emailTimeout }}" + - name: DEFAULT_FROM_EMAIL + value: "{{ .Values.caduser.defaultFromEmail }}" + - name: MAXMIND_ACCOUNT_ID + value: "{{ .Values.caduser.maxmindAccountId }}" + - name: MAXMIND_LICENCE_KEY + value: "{{ .Values.caduser.maxmindLicenceKey }}" + - name: MOODLE_BASE_URL + value: "{{ .Values.caduser.moodleBaseUrl }}" + - name: MOODLE_API_TOKEN + value: "{{ .Values.caduser.moodleApiToken }}" + - name: LANG + value: "pt_BR.UTF-8" + volumeMounts: + - mountPath: /srv/interlegis/caduser/media + name: media + livenessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 60 + failureThreshold: 3 + periodSeconds: 60 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: 30 + failureThreshold: 3 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 5 + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumes: + - name: media + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "caduser.fullname" . }}-media + {{- else }} + emptyDir: {} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + affinity: + podAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + {{- if eq .Values.persistence.accessMode "ReadWriteOnce" }} + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - {{ include "caduser.name" . }} + topologyKey: kubernetes.io/hostname + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/caduser/v0.1.0/templates/hpa.yaml b/charts/caduser/v0.1.0/templates/hpa.yaml new file mode 100644 index 0000000..8c80190 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/hpa.yaml @@ -0,0 +1,28 @@ +{{- if .Values.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "caduser.fullname" . }} + labels: + {{- include "caduser.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "caduser.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/caduser/v0.1.0/templates/ingress.yaml b/charts/caduser/v0.1.0/templates/ingress.yaml new file mode 100644 index 0000000..8f18a16 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/ingress.yaml @@ -0,0 +1,36 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "caduser.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "caduser.labels" . | nindent 4 }} + annotations: + kubernetes.io/ingress.class: {{ .Values.ingress.class }} +{{- if .Values.ingress.tls.enabled }} + cert-manager.io/cluster-issuer: letsencrypt-production +{{- end }} + {{- with .Values.ingress.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.tls.enabled }} + tls: + - hosts: + - {{ .Values.caduser.hostname }} + secretName: {{ $fullName }}-tls +{{- end }} + rules: + - host: {{ .Values.caduser.hostname }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} +{{- end }} diff --git a/charts/caduser/v0.1.0/templates/postgresql-cluster.yaml b/charts/caduser/v0.1.0/templates/postgresql-cluster.yaml new file mode 100644 index 0000000..f7075e3 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/postgresql-cluster.yaml @@ -0,0 +1,34 @@ +{{- if .Values.postgresql.enabled }} +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: {{ .Values.postgresql.clusterName }} + labels: + {{- include "caduser.labels" . | nindent 4 }} +spec: + instances: {{ .Values.postgresql.instances }} + + imageName: {{ .Values.postgresql.image }} + + bootstrap: + initdb: + database: {{ .Values.postgresql.databaseName }} + owner: {{ .Values.postgresql.owner }} + localeCollate: {{ .Values.postgresql.initdb.localeCollate }} + localeCType: {{ .Values.postgresql.initdb.localeCType }} + encoding: {{ .Values.postgresql.initdb.encoding }} + + storage: + size: {{ .Values.postgresql.storageSize }} +{{- if .Values.postgresql.storageClass }} + storageClass: {{ .Values.postgresql.storageClass }} +{{- end }} + + resources: + {{- toYaml .Values.postgresql.resources | nindent 4 }} + +{{- if .Values.postgresql.superuserSecret }} + superuserSecret: + name: {{ .Values.postgresql.superuserSecret }} +{{- end }} +{{- end }} diff --git a/charts/caduser/v0.1.0/templates/pvc-media.yaml b/charts/caduser/v0.1.0/templates/pvc-media.yaml new file mode 100644 index 0000000..f35da7a --- /dev/null +++ b/charts/caduser/v0.1.0/templates/pvc-media.yaml @@ -0,0 +1,21 @@ +{{- if .Values.persistence.enabled }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "caduser.fullname" . }}-media + labels: + {{- include "caduser.labels" . | nindent 4 }} +spec: + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: {{ .Values.persistence.storageClass }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/caduser/v0.1.0/templates/service.yaml b/charts/caduser/v0.1.0/templates/service.yaml new file mode 100644 index 0000000..f69e75a --- /dev/null +++ b/charts/caduser/v0.1.0/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "caduser.fullname" . }} + labels: + {{- include "caduser.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "caduser.selectorLabels" . | nindent 4 }} diff --git a/charts/caduser/v0.1.0/templates/serviceaccount.yaml b/charts/caduser/v0.1.0/templates/serviceaccount.yaml new file mode 100644 index 0000000..41323e5 --- /dev/null +++ b/charts/caduser/v0.1.0/templates/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "caduser.serviceAccountName" . }} + labels: + {{- include "caduser.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/caduser/v0.1.0/values.yaml b/charts/caduser/v0.1.0/values.yaml new file mode 100644 index 0000000..ac949c8 --- /dev/null +++ b/charts/caduser/v0.1.0/values.yaml @@ -0,0 +1,134 @@ +# Default values for caduser. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: porto.interlegis.leg.br/ilb/caduser + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: + fsGroup: 101 # GID for the volume + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +persistence: + enabled: false + #storageClass: "" + accessMode: ReadWriteOnce + size: 2Gi + +caduser: + adminUsers: "admin@example.com" + debug: 'False' + emailPort: 25 + emailHost: smtp.domain.net + emailHostUser: "" + emailHostPassword: "" + emailSubjectPrefix: "[CadUser]" + emailUseLocaltime: 'False' + emailUseTls: 'False' + emailUseSsl: 'False' + emailTimeout: 10 + defaultFromEmail: no-reply@domain.net + maxmindAccountId: "" + maxmindLicenceKey: "" + moodleBaseUrl: "" + moodleApiToken: "" + hostname: 'caduser.domain.net' + +ingress: + enabled: true + class: nginx + tls: + enabled: true + # extra annotations only + annotations: {} + +postgresql: + # CloudNativePG cluster configuration + enabled: true + clusterName: caduser-pg + instances: 1 + image: ghcr.io/cloudnative-pg/postgresql:17.2 + databaseName: caduser + owner: caduser + storageSize: 1Gi + #storageClass: "" + superuserSecret: "" # If empty, will be auto-generated + # Locale settings for Brazilian Portuguese + initdb: + localeCollate: pt_BR.UTF-8 + localeCType: pt_BR.UTF-8 + encoding: UTF8 + resources: + requests: + cpu: 40m + memory: 128Mi + limits: + cpu: 1000m + memory: 512Mi + +memcached: + enabled: true + image: + repository: memcached + tag: "1.6.40" + service: + port: 11211 + resources: + requests: + cpu: 20m + memory: 64Mi + limits: + cpu: 100m + memory: 128Mi + +resources: + limits: + cpu: 1000m + memory: 1000Mi + requests: + cpu: 35m + memory: 512Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {}