First version of Saberes Caduser chart

charts/caduser/v0.1.0/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: memcached
+  repository: oci://registry-1.docker.io/cloudpirates
+  version: 0.9.3
+digest: sha256:49e682658df3168f5001acab4149fec6a44a954d4355d5c55f19b17eebe62f60
+generated: "2026-01-29T17:01:33.905882774-03:00"

charts/caduser/v0.1.0/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: caduser
+description: Sistema de Cadastro de Usuários - Saberes
+
+# A chart can be either an 'application' or a 'library' chart.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 1.0.0
+
+icon: https://git.interlegis.leg.br/SEIT/rancher-charts/raw/master/images/interlegis.png
+
+dependencies:
+- name: memcached
+  version: 0.9.3
+  repository: oci://registry-1.docker.io/cloudpirates
+  condition: memcached.enabled

charts/caduser/v0.1.0/README.md

@@ -0,0 +1,102 @@
+# CadUser - Sistema de Cadastro de Usuários
+
+Sistema de cadastro e gerenciamento de usuários desenvolvido pelo Interlegis.
+
+## Instalação
+
+```bash
+helm install caduser ./caduser -f values.yaml
+```
+
+## Pré-requisitos
+
+- Kubernetes 1.19+
+- Helm 3.0+
+- CloudNativePG Operator (https://cloudnative-pg.io/)
+- Ingress Controller (nginx)
+- Cert-manager (opcional, para TLS com Let's Encrypt)
+
+## Parâmetros
+
+### Configurações da Aplicação
+
+| Parâmetro | Descrição | Padrão |
+|-----------|-----------|--------|
+| `caduser.hostname` | Hostname para acesso ao CadUser | `caduser.domain.net` |
+| `caduser.adminUsers` | E-mails dos administradores (separados por vírgula) | `admin@example.com` |
+| `caduser.debug` | Habilitar modo debug | `False` |
+
+### Configurações de E-mail
+
+| Parâmetro | Descrição | Padrão |
+|-----------|-----------|--------|
+| `caduser.emailHost` | Servidor SMTP | `smtp.domain.net` |
+| `caduser.emailPort` | Porta SMTP | `25` |
+| `caduser.emailUseTls` | Usar TLS | `False` |
+| `caduser.emailUseSsl` | Usar SSL | `False` |
+| `caduser.defaultFromEmail` | E-mail remetente | `no-reply@domain.net` |
+
+### Configurações de Banco de Dados (CloudNativePG)
+
+| Parâmetro | Descrição | Padrão |
+|-----------|-----------|--------|
+| `postgresql.enabled` | Criar cluster PostgreSQL | `true` |
+| `postgresql.clusterName` | Nome do cluster | `caduser-pg` |
+| `postgresql.instances` | Número de instâncias | `1` |
+| `postgresql.databaseName` | Nome do banco | `caduser` |
+| `postgresql.owner` | Usuário dono do banco | `caduser` |
+| `postgresql.storageSize` | Tamanho do volume | `1Gi` |
+| `postgresql.image` | Imagem PostgreSQL | `ghcr.io/cloudnative-pg/postgresql:17.2` |
+
+### Configurações de Cache
+
+| Parâmetro | Descrição | Padrão |
+|-----------|-----------|--------|
+| `memcached.internal` | Usar Memcached interno | `true` |
+
+### Configurações de Ingress
+
+| Parâmetro | Descrição | Padrão |
+|-----------|-----------|--------|
+| `ingress.enabled` | Habilitar Ingress | `true` |
+| `ingress.class` | Classe do Ingress | `nginx` |
+| `ingress.tls.enabled` | Habilitar TLS | `true` |
+
+### Persistência
+
+| Parâmetro | Descrição | Padrão |
+|-----------|-----------|--------|
+| `persistence.enabled` | Habilitar persistência | `true` |
+| `persistence.size` | Tamanho do volume de mídia | `2Gi` |
+| `persistence.accessMode` | Modo de acesso | `ReadWriteOnce` |
+
+### Recursos
+
+| Parâmetro | Descrição | Padrão |
+|-----------|-----------|--------|
+| `resources.requests.cpu` | CPU solicitada | `35m` |
+| `resources.requests.memory` | Memória solicitada | `512Mi` |
+| `resources.limits.cpu` | Limite de CPU | `1000m` |
+| `resources.limits.memory` | Limite de memória | `1000Mi` |
+
+## Integrações
+
+### Moodle
+
+Para integrar com o Moodle, configure:
+
+```yaml
+caduser:
+  moodleBaseUrl: "https://moodle.example.com"
+  moodleApiToken: "seu-token-aqui"
+```
+
+### MaxMind GeoIP
+
+Para habilitar geolocalização com MaxMind:
+
+```yaml
+caduser:
+  maxmindAccountId: "seu-account-id"
+  maxmindLicenceKey: "sua-chave"
+```

charts/caduser/v0.1.0/app-readme.md

@@ -0,0 +1,5 @@
+# Sistema de Cadastro de Usuários - CadUser
+
+Utilize o formulário abaixo para configurar o CadUser.
+
+O CadUser é um sistema de cadastro e gerenciamento de usuários para o Saberes.

charts/caduser/v0.1.0/questions.yaml

@@ -0,0 +1,212 @@
+labels:
+  io.cattle.role: project
+categories:
+- Gerenciamento
+questions:
+# Informações Básicas
+- variable: caduser.hostname
+  default: "caduser.teste.leg.br"
+  description: "Endereço para acesso ao CadUser"
+  label: "URL do CadUser"
+  type: string
+  group: Básico
+  required: true
+- variable: caduser.adminUsers
+  default: "admin@example.com"
+  description: "E-mails dos usuários administradores (separados por vírgula)"
+  label: "Administradores"
+  type: string
+  group: Básico
+  required: true
+- variable: caduser.debug
+  default: "False"
+  description: "Habilitar modo de depuração?"
+  label: "Debug"
+  type: enum
+  group: Básico
+  options: 
+    - "True"
+    - "False"
+  required: false
+
+# Ingress
+- variable: ingress.tls.enabled
+  default: true
+  type: boolean
+  description: "Habilitar criptografia do protocolo HTTP (HTTPS)?"
+  label: "Habilitar TLS?"
+  required: false
+  group: Ingress
+  show_subquestion_if: false
+
+# Correio
+- variable: caduser.defaultFromEmail
+  default: "no-reply@interlegis.leg.br"
+  description: "Remetente dos e-mails enviados pelo CadUser"
+  label: "Remetente"
+  type: string
+  group: Correio
+  required: false
+- variable: caduser.emailSubjectPrefix
+  default: "[CadUser]"
+  description: "Prefixo no assunto dos e-mails"
+  label: "Prefixo do assunto"
+  type: string
+  group: Correio
+  required: false
+- variable: caduser.emailUseTls
+  default: "False"
+  description: "Usar TLS ao conectar no servidor SMTP?"
+  label: "Usar TLS"
+  type: enum
+  group: Correio
+  options: 
+    - "True"
+    - "False"
+  required: false
+- variable: caduser.emailUseSsl
+  default: "False"
+  description: "Usar SSL ao conectar no servidor SMTP?"
+  label: "Usar SSL"
+  type: enum
+  group: Correio
+  options: 
+    - "True"
+    - "False"
+  required: false
+- variable: caduser.emailPort
+  default: 25
+  description: "Porta de envio de E-mail (SMTP)"
+  type: int
+  label: "Porta SMTP"
+  required: false
+  group: Correio
+- variable: caduser.emailHost
+  default: "smtp.interlegis.leg.br"
+  description: "Servidor de envio de e-mail (SMTP)"
+  label: "Servidor SMTP"
+  type: string
+  group: Correio
+  required: false
+- variable: caduser.emailHostUser
+  default: ""
+  description: "Usuário para autenticação SMTP (se necessário)"
+  label: "Usuário SMTP"
+  type: string
+  group: Correio
+  required: false
+- variable: caduser.emailHostPassword
+  default: ""
+  description: "Senha para autenticação SMTP (se necessário)"
+  label: "Senha SMTP"
+  type: password
+  group: Correio
+  required: false
+
+# Integrações
+- variable: caduser.moodleBaseUrl
+  default: ""
+  description: "URL base do Moodle (se integração habilitada)"
+  label: "URL Moodle"
+  type: string
+  group: Integrações
+  required: false
+- variable: caduser.moodleApiToken
+  default: ""
+  description: "Token de API do Moodle (se integração habilitada)"
+  label: "Token API Moodle"
+  type: password
+  group: Integrações
+  required: false
+- variable: caduser.maxmindAccountId
+  default: ""
+  description: "ID da conta MaxMind (para geolocalização)"
+  label: "MaxMind Account ID"
+  type: string
+  group: Integrações
+  required: false
+- variable: caduser.maxmindLicenceKey
+  default: ""
+  description: "Chave de licença MaxMind"
+  label: "MaxMind License Key"
+  type: password
+  group: Integrações
+  required: false
+
+# PostgreSQL (CloudNativePG)
+- variable: postgresql.enabled
+  default: true
+  description: "Criar cluster PostgreSQL (CloudNativePG)?"
+  label: "PostgreSQL Habilitado"
+  type: boolean
+  group: Banco de Dados
+  required: true
+  show_subquestion_if: true
+  subquestions:
+    - variable: postgresql.instances
+      default: 1
+      description: "Número de instâncias PostgreSQL"
+      label: "Instâncias"
+      type: int
+      required: true
+    - variable: postgresql.storageSize
+      default: "1Gi"
+      description: "Tamanho do volume persistente para PostgreSQL"
+      label: "Tamanho do Volume PostgreSQL"
+      type: string
+      required: false
+
+# Memcached
+- variable: memcached.enabled
+  default: true
+  description: "Usar servidor Memcached interno?"
+  label: "Memcached Interno"
+  type: boolean
+  group: Cache
+  required: true
+
+# Persistência
+- variable: persistence.enabled
+  default: true
+  description: "Habilitar persistência para arquivos de mídia?"
+  label: "Persistência"
+  type: boolean
+  group: Armazenamento
+  required: false
+- variable: persistence.size
+  default: "2Gi"
+  description: "Tamanho do volume persistente para arquivos de mídia"
+  label: "Tamanho do Volume"
+  type: string
+  group: Armazenamento
+  required: false
+
+# Recursos
+- variable: resources.requests.cpu
+  default: "35m"
+  description: "CPU solicitada"
+  label: "CPU Request"
+  type: string
+  group: Recursos
+  required: false
+- variable: resources.requests.memory
+  default: "512Mi"
+  description: "Memória solicitada"
+  label: "Memory Request"
+  type: string
+  group: Recursos
+  required: false
+- variable: resources.limits.cpu
+  default: "1000m"
+  description: "Limite de CPU"
+  label: "CPU Limit"
+  type: string
+  group: Recursos
+  required: false
+- variable: resources.limits.memory
+  default: "1000Mi"
+  description: "Limite de memória"
+  label: "Memory Limit"
+  type: string
+  group: Recursos
+  required: false

charts/caduser/v0.1.0/templates/NOTES.txt

@@ -0,0 +1,18 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+  http{{ if .Values.ingress.tls.enabled }}s{{ end }}://{{ .Values.caduser.hostname }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "caduser.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "caduser.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "caduser.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "caduser.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}

charts/caduser/v0.1.0/templates/_helpers.tpl

@@ -0,0 +1,76 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "caduser.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "caduser.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "caduser.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "caduser.labels" -}}
+helm.sh/chart: {{ include "caduser.chart" . }}
+{{ include "caduser.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "caduser.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "caduser.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "caduser.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "caduser.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the postgresql fullname
+*/}}
+{{- define "postgresql.fullname" -}}
+{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create the memcached fullname
+*/}}
+{{- define "memcached.fullname" -}}
+{{- printf "%s-%s" .Release.Name "memcached" | trunc 63 | trimSuffix "-" }}
+{{- end }}

charts/caduser/v0.1.0/templates/deployment.yaml

@@ -0,0 +1,134 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "caduser.fullname" . }}
+  labels:
+    {{- include "caduser.labels" . | nindent 4 }}
+spec:
+{{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+{{- end }}
+  selector:
+    matchLabels:
+      {{- include "caduser.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+    {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      labels:
+        {{- include "caduser.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "caduser.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 80
+              protocol: TCP
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.postgresql.clusterName }}-app
+                  key: uri
+            - name: MEMCACHED_LOCATION
+              value: {{ printf "%s:11211" (include "memcached.fullname" .) | quote }}
+            - name: ADMINS
+              value: "{{ .Values.caduser.adminUsers }}"
+            - name: DEBUG
+              value: "{{ .Values.caduser.debug }}"
+            - name: EMAIL_PORT
+              value: "{{ .Values.caduser.emailPort }}"
+            - name: EMAIL_HOST
+              value: "{{ .Values.caduser.emailHost }}"
+            - name: EMAIL_HOST_USER
+              value: "{{ .Values.caduser.emailHostUser }}"
+            - name: EMAIL_HOST_PASSWORD
+              value: "{{ .Values.caduser.emailHostPassword }}"
+            - name: EMAIL_SUBJECT_PREFIX
+              value: "{{ .Values.caduser.emailSubjectPrefix }}"
+            - name: EMAIL_USE_LOCALTIME
+              value: "{{ .Values.caduser.emailUseLocaltime }}"
+            - name: EMAIL_USE_TLS
+              value: "{{ .Values.caduser.emailUseTls }}"
+            - name: EMAIL_USE_SSL
+              value: "{{ .Values.caduser.emailUseSsl }}"
+            - name: EMAIL_TIMEOUT
+              value: "{{ .Values.caduser.emailTimeout }}"
+            - name: DEFAULT_FROM_EMAIL
+              value: "{{ .Values.caduser.defaultFromEmail }}"
+            - name: MAXMIND_ACCOUNT_ID
+              value: "{{ .Values.caduser.maxmindAccountId }}"
+            - name: MAXMIND_LICENCE_KEY
+              value: "{{ .Values.caduser.maxmindLicenceKey }}"
+            - name: MOODLE_BASE_URL
+              value: "{{ .Values.caduser.moodleBaseUrl }}"
+            - name: MOODLE_API_TOKEN
+              value: "{{ .Values.caduser.moodleApiToken }}"
+            - name: LANG
+              value: "pt_BR.UTF-8"
+          volumeMounts:
+            - mountPath: /srv/interlegis/caduser/media
+              name: media
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 60
+            failureThreshold: 3
+            periodSeconds: 60
+            successThreshold: 1
+            timeoutSeconds: 5
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 30
+            failureThreshold: 3
+            periodSeconds: 30
+            successThreshold: 1
+            timeoutSeconds: 5      
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      volumes:
+      - name: media
+      {{- if .Values.persistence.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ include "caduser.fullname" . }}-media
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      affinity:
+        podAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          {{- if eq .Values.persistence.accessMode "ReadWriteOnce" }}
+            - weight: 100
+              podAffinityTerm:
+                labelSelector:
+                  matchExpressions:
+                  - key: app.kubernetes.io/name
+                    operator: In
+                    values:
+                    - {{ include "caduser.name" . }}
+                topologyKey: kubernetes.io/hostname
+          {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

charts/caduser/v0.1.0/templates/hpa.yaml

@@ -0,0 +1,28 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "caduser.fullname" . }}
+  labels:
+    {{- include "caduser.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "caduser.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+  {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+  {{- end }}
+  {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+  {{- end }}
+{{- end }}

charts/caduser/v0.1.0/templates/ingress.yaml

@@ -0,0 +1,36 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "caduser.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "caduser.labels" . | nindent 4 }}
+  annotations:
+    kubernetes.io/ingress.class: {{ .Values.ingress.class }}
+{{- if .Values.ingress.tls.enabled }}
+    cert-manager.io/cluster-issuer: letsencrypt-production
+{{- end }}
+    {{- with .Values.ingress.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+{{- if .Values.ingress.tls.enabled }}
+  tls:
+    - hosts:
+        - {{ .Values.caduser.hostname }}
+      secretName: {{ $fullName }}-tls
+{{- end }}
+  rules:
+    - host: {{ .Values.caduser.hostname }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+{{- end }}

charts/caduser/v0.1.0/templates/postgresql-cluster.yaml

@@ -0,0 +1,34 @@
+{{- if .Values.postgresql.enabled }}
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: {{ .Values.postgresql.clusterName }}
+  labels:
+    {{- include "caduser.labels" . | nindent 4 }}
+spec:
+  instances: {{ .Values.postgresql.instances }}
+  
+  imageName: {{ .Values.postgresql.image }}
+  
+  bootstrap:
+    initdb:
+      database: {{ .Values.postgresql.databaseName }}
+      owner: {{ .Values.postgresql.owner }}
+      localeCollate: {{ .Values.postgresql.initdb.localeCollate }}
+      localeCType: {{ .Values.postgresql.initdb.localeCType }}
+      encoding: {{ .Values.postgresql.initdb.encoding }}
+  
+  storage:
+    size: {{ .Values.postgresql.storageSize }}
+{{- if .Values.postgresql.storageClass }}
+    storageClass: {{ .Values.postgresql.storageClass }}
+{{- end }}
+  
+  resources:
+    {{- toYaml .Values.postgresql.resources | nindent 4 }}
+  
+{{- if .Values.postgresql.superuserSecret }}
+  superuserSecret:
+    name: {{ .Values.postgresql.superuserSecret }}
+{{- end }}
+{{- end }}

charts/caduser/v0.1.0/templates/pvc-media.yaml

@@ -0,0 +1,21 @@
+{{- if .Values.persistence.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "caduser.fullname" . }}-media
+  labels:
+    {{- include "caduser.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: {{ .Values.persistence.storageClass }}
+{{- end }}
+{{- end }}
+{{- end }}

charts/caduser/v0.1.0/templates/service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "caduser.fullname" . }}
+  labels:
+    {{- include "caduser.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "caduser.selectorLabels" . | nindent 4 }}

charts/caduser/v0.1.0/templates/serviceaccount.yaml

@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "caduser.serviceAccountName" . }}
+  labels:
+    {{- include "caduser.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}

charts/caduser/v0.1.0/values.yaml

@@ -0,0 +1,134 @@
+# Default values for caduser.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: porto.interlegis.leg.br/ilb/caduser
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext:
+  fsGroup: 101    # GID for the volume
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 80
+
+persistence:
+  enabled: false
+  #storageClass: ""
+  accessMode: ReadWriteOnce
+  size: 2Gi
+
+caduser:
+  adminUsers: "admin@example.com"
+  debug: 'False'
+  emailPort: 25
+  emailHost: smtp.domain.net
+  emailHostUser: ""
+  emailHostPassword: ""
+  emailSubjectPrefix: "[CadUser]"
+  emailUseLocaltime: 'False'
+  emailUseTls: 'False'
+  emailUseSsl: 'False'
+  emailTimeout: 10
+  defaultFromEmail: no-reply@domain.net
+  maxmindAccountId: ""
+  maxmindLicenceKey: ""
+  moodleBaseUrl: ""
+  moodleApiToken: ""
+  hostname: 'caduser.domain.net'
+
+ingress:
+  enabled: true
+  class: nginx
+  tls:
+    enabled: true
+  # extra annotations only
+  annotations: {}
+
+postgresql:
+  # CloudNativePG cluster configuration
+  enabled: true
+  clusterName: caduser-pg
+  instances: 1
+  image: ghcr.io/cloudnative-pg/postgresql:17.2
+  databaseName: caduser
+  owner: caduser
+  storageSize: 1Gi
+  #storageClass: ""
+  superuserSecret: ""  # If empty, will be auto-generated
+  # Locale settings for Brazilian Portuguese
+  initdb:
+    localeCollate: pt_BR.UTF-8
+    localeCType: pt_BR.UTF-8
+    encoding: UTF8
+  resources:
+    requests:
+      cpu: 40m
+      memory: 128Mi
+    limits:
+      cpu: 1000m
+      memory: 512Mi
+
+memcached:
+  enabled: true
+  image:
+    repository: memcached
+    tag: "1.6.40"
+  service:
+    port: 11211
+  resources:
+    requests:
+      cpu: 20m
+      memory: 64Mi
+    limits:
+      cpu: 100m
+      memory: 128Mi
+
+resources:
+  limits:
+    cpu: 1000m
+    memory: 1000Mi
+  requests:
+    cpu: 35m
+    memory: 512Mi
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}