diff --git a/charts/stable/unifi/.helmignore b/charts/stable/unifi/.helmignore index a9fe7278..4379e2b3 100644 --- a/charts/stable/unifi/.helmignore +++ b/charts/stable/unifi/.helmignore @@ -19,5 +19,8 @@ .project .idea/ *.tmproj +.vscode/ # OWNERS file for Kubernetes -OWNERS \ No newline at end of file +OWNERS +# helm-docs templates +*.gotmpl diff --git a/charts/stable/unifi/Chart.yaml b/charts/stable/unifi/Chart.yaml index f2a2f292..5b2f5c4b 100644 --- a/charts/stable/unifi/Chart.yaml +++ b/charts/stable/unifi/Chart.yaml @@ -1,12 +1,11 @@ apiVersion: v2 -appVersion: 6.2.25 +appVersion: v6.2.26 description: Ubiquiti Network's Unifi Controller name: unifi -version: 2.0.4 +version: 3.0.0 keywords: - ubiquiti - unifi - - mongodb home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/unifi icon: https://prd-www-cdn.ubnt.com/static/favicon-152.png sources: @@ -16,3 +15,7 @@ maintainers: email: jeff@billimek.com - name: mcronce email: mike@quadra-tec.net +dependencies: +- name: common + repository: https://library-charts.k8s-at-home.com + version: 3.3.0 diff --git a/charts/stable/unifi/README.md b/charts/stable/unifi/README.md index 6cfa71d0..a00d8b6c 100644 --- a/charts/stable/unifi/README.md +++ b/charts/stable/unifi/README.md @@ -1,6 +1,6 @@ # unifi -![Version: 2.0.4](https://img.shields.io/badge/Version-2.0.4-informational?style=flat-square) ![AppVersion: 6.2.25](https://img.shields.io/badge/AppVersion-6.2.25-informational?style=flat-square) +![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![AppVersion: v6.2.26](https://img.shields.io/badge/AppVersion-v6.2.26-informational?style=flat-square) Ubiquiti Network's Unifi Controller @@ -16,6 +16,7 @@ Ubiquiti Network's Unifi Controller | Repository | Name | Version | |------------|------|---------| +| https://library-charts.k8s-at-home.com | common | 3.3.0 | ## TL;DR @@ -66,41 +67,35 @@ helm install unifi k8s-at-home/unifi -f values.yaml ### Regarding the services -- `guiService`: Represents the main web UI and is what one would normally point - the ingress to. -- `captivePortalService`: This service is used to allow the captive portal webpage - to be accessible. It needs to be reachable by the clients connecting to your guest - network. -- `controllerService`: This is needed in order for the unifi devices to talk to - the controller and must be otherwise exposed to the network where the unifi - devices run. If you run this as a `NodePort` (the default setting), make sure - that there is an external load balancer that is directing traffic from port - 8080 to the `NodePort` for this service. -- `discoveryService`: This needs to be reachable by the unifi devices on the - network similar to the controller `Service` but only during the discovery - phase. This is a UDP service. -- `stunService`: Also used periodically by the unifi devices to communicate - with the controller using UDP. See [this article][ubnt 3] and [this other - article][ubnt 4] for more information. -- `syslogService`: Used to capture syslog from Unifi devices if the feature is - enabled in the site configuration. This needs to be reachable by Unifi devices - on port 5514/UDP. -- `speedtestService`: Used for mobile speedtest inside the UniFi Mobile app. - This needs to be reachable by clients connecting to port 6789/TCP. +By default it is not possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways: -### Ingress and HTTPS - -Unifi does [not support HTTP][unifi] so if you wish to use the guiService, you -need to ensure that you use a backend transport of HTTPS. - -An example entry in `values.yaml` to achieve this is as follows: +1. Create a separate service containing the UDP ports. This could be done by setting disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`: +```yaml +service: + udp: + enabled: true + type: LoadBalancer + # + ports: + stun: + enabled: true + port: 3478 + protocol: UDP + syslog: + enabled: true + port: 5514 + protocol: UDP + discovery: + enabled: true + port: 10001 + protocol: UDP ``` -ingress: - enabled: true - annotations: - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" -``` + +2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`. + You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this. + + For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/). ## Values @@ -108,101 +103,28 @@ ingress: | Key | Type | Default | Description | |-----|------|---------|-------------| -| GID | int | `999` | | -| UID | int | `999` | | -| affinity | object | `{}` | | -| captivePortalService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| captivePortalService.enabled | bool | `false` | | -| captivePortalService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| captivePortalService.http | int | `8880` | Kubernetes port where the http service is exposed | -| captivePortalService.https | int | `8843` | Kubernetes port where the https service is exposed | -| captivePortalService.ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings | -| captivePortalService.labels | object | `{}` | | -| captivePortalService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| captivePortalService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| captivePortalService.type | string | `"ClusterIP"` | Kubernetes service type | -| controllerService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| controllerService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| controllerService.ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings | -| controllerService.labels | object | `{}` | | -| controllerService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| controllerService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| controllerService.port | int | `8080` | Kubernetes port where the service is exposed | -| controllerService.type | string | `"NodePort"` | Kubernetes service type | -| customCert | object | `{"certName":"tls.crt","enabled":false,"isChain":false,"keyName":"tls.key"}` | If you provide your own custom certificate in /cert you can define the following parameters to configure the controller | -| deploymentAnnotations | object | `{}` | | -| discoveryService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| discoveryService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| discoveryService.labels | object | `{}` | | -| discoveryService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| discoveryService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| discoveryService.port | int | `10001` | Kubernetes port where the service is exposed | -| discoveryService.type | string | `"NodePort"` | Kubernetes service type | -| extraConfigFiles | object | `{}` | | -| extraJvmOpts | list | `[]` | | -| extraVolumeMounts | list | `[]` | | -| extraVolumes | list | `[]` | | -| guiService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| guiService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| guiService.labels | object | `{}` | | -| guiService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| guiService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| guiService.nodePort | int | `nil` | Specify the nodePort value for the LoadBalancer and NodePort service types. ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport | -| guiService.port | int | `8443` | Kubernetes port where the service is exposed | -| guiService.type | string | `"ClusterIP"` | Kubernetes service type | -| image.pullPolicy | string | `"IfNotPresent"` | | -| image.repository | string | `"jacobalberty/unifi"` | | -| image.tag | string | `"6.2.25"` | | -| ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings | -| jvmInitHeapSize | string | `nil` | Java Virtual Machine (JVM) initial, and minimum, heap size Unset value means there is no lower limit | -| jvmMaxHeapSize | string | `"1024M"` | Java Virtual Machine (JVM) maximum heap size For larger installations a larger value is recommended. For memory constrained system this value can be lowered. | -| livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":30,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Liveness probe values Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes | -| logging | object | `{"promtail":{"enabled":false,"image":{"pullPolicy":"IfNotPresent","repository":"grafana/promtail","tag":"1.6.0"},"loki":{"url":"http://loki.logs.svc.cluster.local:3100/loki/api/v1/push"}}}` | Logging configuration | -| mongodb | object | `{"databaseName":"unifi","dbUri":"mongodb://mongo/unifi","enabled":false,"statDbUri":"mongodb://mongo/unifi_stat"}` | define an external mongoDB instead of using the built-in mongodb | -| nodeSelector | object | `{}` | | -| persistence.accessMode | string | `"ReadWriteOnce"` | Persistence access modes | -| persistence.enabled | bool | `false` | Use persistent volume to store data | -| persistence.existingClaim | string | `nil` | Use an existing PVC to persist data | -| persistence.size | string | `"5Gi"` | Size of persistent volume claim | -| persistence.skipuninstall | bool | `false` | Do not delete the pvc upon helm uninstall | -| persistence.storageClass | string | `nil` | Type of persistent volume claim | -| podAnnotations | object | `{}` | | -| readinessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":15,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Readiness probe values Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes | -| resources | object | `{}` | | -| runAsRoot | bool | `false` | | -| speedtestService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| speedtestService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| speedtestService.labels | object | `{}` | | -| speedtestService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| speedtestService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| speedtestService.port | int | `6789` | Kubernetes port where the service is exposed | -| speedtestService.type | string | `"ClusterIP"` | Kubernetes service type | -| strategyType | string | `"Recreate"` | upgrade strategy type (e.g. Recreate or RollingUpdate) | -| stunService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| stunService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| stunService.labels | object | `{}` | | -| stunService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| stunService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| stunService.port | int | `3478` | Kubernetes port where the service is exposed | -| stunService.type | string | `"NodePort"` | Kubernetes service type | -| syslogService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| syslogService.enabled | bool | `false` | | -| syslogService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| syslogService.labels | object | `{}` | | -| syslogService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| syslogService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| syslogService.port | int | `5514` | Kubernetes port where the service is exposed | -| syslogService.type | string | `"NodePort"` | Kubernetes service type | -| timezone | string | `"UTC"` | | -| tolerations | list | `[]` | | -| unifiedService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | -| unifiedService.enabled | bool | `false` | | -| unifiedService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | -| unifiedService.labels | object | `{}` | | -| unifiedService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | -| unifiedService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | -| unifiedService.nodePort | int | `nil` | Specify the nodePort value for the LoadBalancer and NodePort service types. ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport | -| unifiedService.type | string | `"ClusterIP"` | Kubernetes service type | +| env | object | See below | environment variables. See more environment variables in the [image documentation](https://github.com/jacobalberty/unifi-docker#environment-variables). | +| env.JVM_INIT_HEAP_SIZE | string | `nil` | Java Virtual Machine (JVM) initial, and minimum, heap size Unset value means there is no lower limit | +| env.JVM_MAX_HEAP_SIZE | string | `"1024M"` | Java Virtual Machine (JVM) maximum heap size For larger installations a larger value is recommended. For memory constrained system this value can be lowered. | +| env.RUNAS_UID0 | string | `"false"` | Run UniFi as root | +| env.TZ | string | `"UTC"` | Set the container timezone | +| env.UNIFI_GID | string | `"999"` | Specify the group ID the application will run as | +| env.UNIFI_UID | string | `"999"` | Specify the user ID the application will run as | +| image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| image.repository | string | `"jacobalberty/unifi"` | image repository | +| image.tag | string | `"v6.2.26"` | image tag | +| ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. | +| ingress.portal | object | See values.yaml | Enable and configure settings for the captive portal ingress under this key. | +| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. | +| service | object | See values.yaml | Configures service settings for the chart. | +| service.main.ports.controller | object | See values.yaml | Configure Controller port used for device command/control | +| service.main.ports.discovery | object | See values.yaml | Configure device discovery port | +| service.main.ports.http | object | See values.yaml | Configure Web interface + API port | +| service.main.ports.portal-http | object | See values.yaml | Configure Captive Portal HTTP port | +| service.main.ports.portal-https | object | See values.yaml | Configure Captive Portal HTTPS port | +| service.main.ports.speedtest | object | See values.yaml | Configure Speedtest port (used for UniFi mobile speed test) | +| service.main.ports.stun | object | See values.yaml | Configure STUN port | +| service.main.ports.syslog | object | See values.yaml | Configure remote syslog port | ## Changelog @@ -210,6 +132,19 @@ All notable changes to this application Helm chart will be documented in this fi The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +### [3.0.0] + +#### Changed + +- **BREAKING**: Migrated chart to common library. This means that there are many things that work different from before. Please check the `values.yaml` file for the current implementation. +- Changed image tag to `v6.2.26`. + +#### Removed + +- **BREAKING**: Removed support for deploying a separate MongoDB instance. +- **BREAKING**: Removed support for specifying custom configMaps in chart values. +- **BREAKING**: Removed chart-specific Promtail implementation. This can be replaced by using the common library charts Promtail add-on. + ### [2.0.4] #### Added @@ -258,9 +193,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - N/A -[2.0.2]: #2.0.2 -[2.0.1]: #2.0.1 -[1.5.3]: #1.5.3 +[3.0.0]: #300 +[2.0.4]: #204 +[2.0.2]: #202 +[2.0.1]: #201 +[1.5.3]: #153 ## Support diff --git a/charts/stable/unifi/README_CHANGELOG.md.gotmpl b/charts/stable/unifi/README_CHANGELOG.md.gotmpl index 7a374b1f..f0dea5da 100644 --- a/charts/stable/unifi/README_CHANGELOG.md.gotmpl +++ b/charts/stable/unifi/README_CHANGELOG.md.gotmpl @@ -9,6 +9,19 @@ All notable changes to this application Helm chart will be documented in this fi The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +### [3.0.0] + +#### Changed + +- **BREAKING**: Migrated chart to common library. This means that there are many things that work different from before. Please check the `values.yaml` file for the current implementation. +- Changed image tag to `v6.2.26`. + +#### Removed + +- **BREAKING**: Removed support for deploying a separate MongoDB instance. +- **BREAKING**: Removed support for specifying custom configMaps in chart values. +- **BREAKING**: Removed chart-specific Promtail implementation. This can be replaced by using the common library charts Promtail add-on. + ### [2.0.4] #### Added @@ -57,7 +70,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), - N/A -[2.0.2]: #2.0.2 -[2.0.1]: #2.0.1 -[1.5.3]: #1.5.3 +[3.0.0]: #300 +[2.0.4]: #204 +[2.0.2]: #202 +[2.0.1]: #201 +[1.5.3]: #153 {{- end -}} diff --git a/charts/stable/unifi/README_CONFIG.md.gotmpl b/charts/stable/unifi/README_CONFIG.md.gotmpl index 8cb5579e..c2eae584 100644 --- a/charts/stable/unifi/README_CONFIG.md.gotmpl +++ b/charts/stable/unifi/README_CONFIG.md.gotmpl @@ -7,39 +7,34 @@ ### Regarding the services -- `guiService`: Represents the main web UI and is what one would normally point - the ingress to. -- `captivePortalService`: This service is used to allow the captive portal webpage - to be accessible. It needs to be reachable by the clients connecting to your guest - network. -- `controllerService`: This is needed in order for the unifi devices to talk to - the controller and must be otherwise exposed to the network where the unifi - devices run. If you run this as a `NodePort` (the default setting), make sure - that there is an external load balancer that is directing traffic from port - 8080 to the `NodePort` for this service. -- `discoveryService`: This needs to be reachable by the unifi devices on the - network similar to the controller `Service` but only during the discovery - phase. This is a UDP service. -- `stunService`: Also used periodically by the unifi devices to communicate - with the controller using UDP. See [this article][ubnt 3] and [this other - article][ubnt 4] for more information. -- `syslogService`: Used to capture syslog from Unifi devices if the feature is - enabled in the site configuration. This needs to be reachable by Unifi devices - on port 5514/UDP. -- `speedtestService`: Used for mobile speedtest inside the UniFi Mobile app. - This needs to be reachable by clients connecting to port 6789/TCP. +By default it is not possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways: -### Ingress and HTTPS - -Unifi does [not support HTTP][unifi] so if you wish to use the guiService, you -need to ensure that you use a backend transport of HTTPS. - -An example entry in `values.yaml` to achieve this is as follows: +1. Create a separate service containing the UDP ports. This could be done by setting disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`: +```yaml +service: + udp: + enabled: true + type: LoadBalancer + # + ports: + stun: + enabled: true + port: 3478 + protocol: UDP + syslog: + enabled: true + port: 5514 + protocol: UDP + discovery: + enabled: true + port: 10001 + protocol: UDP ``` -ingress: - enabled: true - annotations: - nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" -``` + +2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`. + You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this. + + For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/). + {{- end -}} diff --git a/charts/stable/unifi/templates/NOTES.txt b/charts/stable/unifi/templates/NOTES.txt index 1a1ca017..90f7b653 100644 --- a/charts/stable/unifi/templates/NOTES.txt +++ b/charts/stable/unifi/templates/NOTES.txt @@ -1,19 +1 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} -{{- end }} -{{- else if contains "NodePort" .Values.guiService.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "unifi.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.guiService.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "unifi.fullname" . }}-gui' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "unifi.fullname" . }}-gui -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.guiService.port }} -{{- else if contains "ClusterIP" .Values.guiService.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "unifi.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8443:{.Values.guiService.port} - Visit https://127.0.0.1:8443 to use your application -{{- end }} +{{- include "common.notes.defaultNotes" . -}} diff --git a/charts/stable/unifi/templates/_helpers.tpl b/charts/stable/unifi/templates/_helpers.tpl deleted file mode 100644 index cb030c3a..00000000 --- a/charts/stable/unifi/templates/_helpers.tpl +++ /dev/null @@ -1,52 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "unifi.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "unifi.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "unifi.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "unifi.labels" -}} -helm.sh/chart: {{ include "unifi.chart" . }} -{{ include "unifi.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "unifi.selectorLabels" -}} -app.kubernetes.io/name: {{ include "unifi.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} \ No newline at end of file diff --git a/charts/stable/unifi/templates/captive-ingress.yaml b/charts/stable/unifi/templates/captive-ingress.yaml deleted file mode 100644 index a3f6d2b9..00000000 --- a/charts/stable/unifi/templates/captive-ingress.yaml +++ /dev/null @@ -1,64 +0,0 @@ -{{- if (and .Values.captivePortalService.ingress.enabled (not .Values.unifiedService.enabled)) }} -{{- $fullName := include "unifi.fullname" . -}} -{{- $ingressPath := .Values.captivePortalService.ingress.path -}} -{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}} -{{- $captivePortalHttps := .Values.captivePortalService.https -}} -{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }}-captive - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.captivePortalService.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if .Values.captivePortalService.ingress.tls }} - tls: - {{- range .Values.captivePortalService.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range .Values.captivePortalService.ingress.hosts }} - - host: {{ . }} - http: - paths: - - path: {{ $ingressPath }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }}-captiveportalservice - port: - {{- if $captivePortalHttps }} - name: https-captive - {{- else }} - name: http-captive - {{- end }} - {{- else }} - serviceName: {{ $fullName }}-captiveportalservice - {{- if $captivePortalHttps }} - servicePort: https-captive - {{- else }} - servicePort: http-captive - {{- end }} - {{- end -}} - {{- end }} -{{- end }} diff --git a/charts/stable/unifi/templates/captive-svc.yaml b/charts/stable/unifi/templates/captive-svc.yaml deleted file mode 100644 index 6c1156e7..00000000 --- a/charts/stable/unifi/templates/captive-svc.yaml +++ /dev/null @@ -1,60 +0,0 @@ -{{ if (and .Values.captivePortalService.enabled (not .Values.unifiedService.enabled)) }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }}-captiveportalservice - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.captivePortalService.labels }} -{{ toYaml .Values.captivePortalService.labels | indent 4 }} -{{- end }} -{{- with .Values.captivePortalService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.captivePortalService.type "ClusterIP") (empty .Values.captivePortalService.type)) }} - type: ClusterIP - {{- if .Values.captivePortalService.clusterIP }} - clusterIP: {{ .Values.captivePortalService.clusterIP }} - {{end}} -{{- else if eq .Values.captivePortalService.type "LoadBalancer" }} - type: {{ .Values.captivePortalService.type }} - {{- if .Values.captivePortalService.loadBalancerIP }} - loadBalancerIP: {{ .Values.captivePortalService.loadBalancerIP }} - {{- end }} - {{- if .Values.captivePortalService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.captivePortalService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.captivePortalService.type }} -{{- end }} -{{- if .Values.captivePortalService.externalIPs }} - externalIPs: -{{ toYaml .Values.captivePortalService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.captivePortalService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.captivePortalService.externalTrafficPolicy }} - {{- end }} - ports: - - port: {{ .Values.captivePortalService.http }} - targetPort: http-captive - protocol: TCP - name: http-captive -{{ if (and (eq .Values.captivePortalService.type "NodePort") (not (empty .Values.captivePortalService.http))) }} - nodePort: {{.Values.captivePortalService.http}} -{{ end }} - - port: {{ .Values.captivePortalService.https }} - targetPort: https-captive - protocol: TCP - name: https-captive -{{ if (and (eq .Values.captivePortalService.type "NodePort") (not (empty .Values.captivePortalService.https))) }} - nodePort: {{.Values.captivePortalService.https}} -{{ end }} - selector: - {{- include "unifi.selectorLabels" . | nindent 6 }} -{{ end }} diff --git a/charts/stable/unifi/templates/common.yaml b/charts/stable/unifi/templates/common.yaml new file mode 100644 index 00000000..e022719f --- /dev/null +++ b/charts/stable/unifi/templates/common.yaml @@ -0,0 +1,11 @@ +{{- include "common.values.setup" . }} + +{{/* Append the hardcoded settings */}} +{{- define "unifi.harcodedValues" -}} +env: + UNIFI_STDOUT: "true" +{{- end -}} +{{- $_ := mergeOverwrite .Values (include "unifi.harcodedValues" . | fromYaml) -}} + +{{/* Render the templates */}} +{{ include "common.all" . }} diff --git a/charts/stable/unifi/templates/configmap.yaml b/charts/stable/unifi/templates/configmap.yaml deleted file mode 100644 index 463abb10..00000000 --- a/charts/stable/unifi/templates/configmap.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.extraConfigFiles }} -kind: ConfigMap -apiVersion: v1 -metadata: - name: {{ template "unifi.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -data: -{{ toYaml .Values.extraConfigFiles | indent 2 }} -{{- end }} diff --git a/charts/stable/unifi/templates/controller-ingress.yaml b/charts/stable/unifi/templates/controller-ingress.yaml deleted file mode 100644 index 9868c9aa..00000000 --- a/charts/stable/unifi/templates/controller-ingress.yaml +++ /dev/null @@ -1,55 +0,0 @@ -{{- if (and .Values.controllerService.ingress.enabled (not .Values.unifiedService.enabled)) }} -{{- $fullName := include "unifi.fullname" . -}} -{{- $ingressPath := .Values.controllerService.ingress.path -}} -{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}} -{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }}-controller - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- with .Values.controllerService.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if .Values.controllerService.ingress.tls }} - tls: - {{- range .Values.controllerService.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range .Values.controllerService.ingress.hosts }} - - host: {{ . }} - http: - paths: - - path: {{ $ingressPath }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }}-controller - port: - name: controller - {{- else -}} - serviceName: {{ $fullName }}-controller - servicePort: controller - {{- end }} - {{- end }} -{{- end }} diff --git a/charts/stable/unifi/templates/controller-svc.yaml b/charts/stable/unifi/templates/controller-svc.yaml deleted file mode 100644 index ca3dc9a7..00000000 --- a/charts/stable/unifi/templates/controller-svc.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{ if not .Values.unifiedService.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }}-controller - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.controllerService.labels }} -{{ toYaml .Values.controllerService.labels | indent 4 }} -{{- end }} -{{- with .Values.controllerService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.controllerService.type "ClusterIP") (empty .Values.controllerService.type)) }} - type: ClusterIP - {{- if .Values.controllerService.clusterIP }} - clusterIP: {{ .Values.controllerService.clusterIP }} - {{end}} -{{- else if eq .Values.controllerService.type "LoadBalancer" }} - type: {{ .Values.controllerService.type }} - {{- if .Values.controllerService.loadBalancerIP }} - loadBalancerIP: {{ .Values.controllerService.loadBalancerIP }} - {{- end }} - {{- if .Values.controllerService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.controllerService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.controllerService.type }} -{{- end }} -{{- if .Values.controllerService.externalIPs }} - externalIPs: -{{ toYaml .Values.controllerService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.controllerService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.controllerService.externalTrafficPolicy }} - {{- end }} - ports: - - port: {{ .Values.controllerService.port }} - targetPort: controller - protocol: TCP - name: controller -{{ if (and (eq .Values.controllerService.type "NodePort") (not (empty .Values.controllerService.nodePort))) }} - nodePort: {{.Values.controllerService.nodePort}} -{{ end }} - selector: - {{- include "unifi.selectorLabels" . | nindent 4 }} -{{ end }} diff --git a/charts/stable/unifi/templates/deployment.yaml b/charts/stable/unifi/templates/deployment.yaml deleted file mode 100644 index 0aee69f6..00000000 --- a/charts/stable/unifi/templates/deployment.yaml +++ /dev/null @@ -1,219 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "unifi.fullname" . }} - {{- if .Values.deploymentAnnotations }} - annotations: - {{- range $key, $value := .Values.deploymentAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - replicas: 1 - strategy: - type: {{ .Values.strategyType }} - selector: - matchLabels: - {{- include "unifi.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.podAnnotations }} - annotations: - {{- range $key, $value := .Values.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - spec: - containers: - {{- if .Values.logging.promtail.enabled }} - - name: {{ .Chart.Name }}-promtail - image: "{{ .Values.logging.promtail.image.repository }}:{{ .Values.logging.promtail.image.tag }}" - imagePullPolicy: {{ .Values.logging.promtail.image.pullPolicy }} - args: - - -config.file=/etc/promtail/promtail.yaml - volumeMounts: - - name: promtail-config - mountPath: /etc/promtail/promtail.yaml - subPath: promtail.yaml - readOnly: true - - mountPath: /unifi/log - name: unifi-data - subPath: {{ ternary "log" (printf "%s/%s" .Values.persistence.subPath "log") (empty .Values.persistence.subPath) }} - {{- end }} - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - ports: - - name: https-gui - containerPort: {{ .Values.guiService.port }} - protocol: TCP - - name: controller - containerPort: {{ .Values.controllerService.port }} - protocol: TCP - - name: discovery - containerPort: 10001 - protocol: UDP - - name: stun - containerPort: 3478 - protocol: UDP - - name: syslog - containerPort: 5514 - protocol: UDP - {{- if .Values.captivePortalService.enabled }} - - name: http-captive - containerPort: {{ .Values.captivePortalService.http }} - protocol: TCP - - name: https-captive - containerPort: {{ .Values.captivePortalService.https }} - protocol: TCP - {{- end }} - - name: speedtest - containerPort: 6789 - protocol: TCP - {{- if not .Values.runAsRoot }} - securityContext: - capabilities: - add: - - SETFCAP - {{- end }} - {{- if .Values.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /status - port: https-gui - scheme: HTTPS - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /status - port: https-gui - scheme: HTTPS - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - env: - - name: UNIFI_HTTP_PORT - value: "{{ .Values.controllerService.port }}" - - name: UNIFI_HTTPS_PORT - value: "{{ .Values.guiService.port }}" - - name: TZ - value: "{{ .Values.timezone }}" - - name: RUNAS_UID0 - value: "{{ .Values.runAsRoot }}" - - name: UNIFI_UID - value: "{{ .Values.UID }}" - - name: UNIFI_GID - value: "{{ .Values.GID }}" - - name: UNIFI_STDOUT - value: "true" - {{- if .Values.extraJvmOpts }} - - name: JVM_EXTRA_OPTS - value: "{{- join " " .Values.extraJvmOpts }}" - {{- end }} - {{- if .Values.jvmInitHeapSize }} - - name: JVM_INIT_HEAP_SIZE - value: "{{ .Values.jvmInitHeapSize }}" - {{- end }} - {{- if .Values.jvmMaxHeapSize }} - - name: JVM_MAX_HEAP_SIZE - value: "{{ .Values.jvmMaxHeapSize }}" - {{- end }} - {{- if .Values.mongodb.enabled }} - - name: DB_URI - value: "{{ .Values.mongodb.dbUri }}" - - name: STATDB_URI - value: "{{ .Values.mongodb.statDbUri }}" - - name: DB_NAME - value: "{{ .Values.mongodb.databaseName }}" - {{- end }} - {{- if and .Values.customCert .Values.customCert.enabled }} - - name: CERT_IS_CHAIN - value: "{{ .Values.customCert.isChain }}" - - name: CERTNAME - value: "{{ .Values.customCert.certName }}" - - name: CERT_PRIVATE_NAME - value: "{{ .Values.customCert.keyName }}" - {{- end }} - volumeMounts: - - mountPath: /unifi/data - name: unifi-data - subPath: {{ ternary "data" (printf "%s/%s" .Values.persistence.subPath "data") (empty .Values.persistence.subPath) }} - - mountPath: /unifi/log - name: unifi-data - subPath: {{ ternary "log" (printf "%s/%s" .Values.persistence.subPath "log") (empty .Values.persistence.subPath) }} - - mountPath: /unifi/cert - {{- if and .Values.customCert .Values.customCert.enabled .Values.customCert.certSecret }} - name: unifi-cert-secret - {{- else }} - name: unifi-data - subPath: {{ ternary "cert" (printf "%s/%s" .Values.persistence.subPath "cert") (empty .Values.persistence.subPath) }} - {{- end }} - - mountPath: /unifi/init.d - name: unifi-data - subPath: {{ ternary "init.d" (printf "%s/%s" .Values.persistence.subPath "init.d") (empty .Values.persistence.subPath) }} - {{- if .Values.extraConfigFiles }} - - name: extra-config - mountPath: /configmap - {{- end }} - {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 12 }}{{ end }} - resources: -{{ toYaml .Values.resources | indent 12 }} - volumes: - - name: unifi-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "unifi.fullname" . }}{{- end }} - {{- else }} - emptyDir: {} - {{ end }} - {{- if .Values.extraConfigFiles }} - - name: extra-config - configMap: - name: {{ template "unifi.fullname" . }} - {{- end }} - {{- if and .Values.customCert .Values.customCert.enabled .Values.customCert.certSecret }} - - name: unifi-cert-secret - secret: - secretName: "{{ .Values.customCert.certSecret }}" - {{- end }} - {{- if .Values.logging.promtail.enabled }} - - name: promtail-config - projected: - defaultMode: 0444 - sources: - - configMap: - name: {{ template "unifi.fullname" . }}-promtail - items: - - key: promtail.yaml - path: promtail.yaml - {{- end }} - {{- if .Values.extraVolumes }}{{ toYaml .Values.extraVolumes | trim | nindent 8 }}{{ end }} - {{- with .Values.nodeSelector }} - nodeSelector: -{{ toYaml . | indent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: -{{ toYaml . | indent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: -{{ toYaml . | indent 8 }} - {{- end }} diff --git a/charts/stable/unifi/templates/discovery-svc.yaml b/charts/stable/unifi/templates/discovery-svc.yaml deleted file mode 100644 index 8567d62b..00000000 --- a/charts/stable/unifi/templates/discovery-svc.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{ if not .Values.unifiedService.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }}-discovery - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.discoveryService.labels }} -{{ toYaml .Values.discoveryService.labels | indent 4 }} -{{- end }} -{{- with .Values.discoveryService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.discoveryService.type "ClusterIP") (empty .Values.discoveryService.type)) }} - type: ClusterIP - {{- if .Values.discoveryService.clusterIP }} - clusterIP: {{ .Values.discoveryService.clusterIP }} - {{end}} -{{- else if eq .Values.discoveryService.type "LoadBalancer" }} - type: {{ .Values.discoveryService.type }} - {{- if .Values.discoveryService.loadBalancerIP }} - loadBalancerIP: {{ .Values.discoveryService.loadBalancerIP }} - {{- end }} - {{- if .Values.discoveryService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.discoveryService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.discoveryService.type }} -{{- end }} -{{- if .Values.discoveryService.externalIPs }} - externalIPs: -{{ toYaml .Values.discoveryService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.discoveryService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.discoveryService.externalTrafficPolicy }} - {{- end }} - ports: - - port: {{ .Values.discoveryService.port }} - targetPort: discovery - protocol: UDP - name: discovery -{{ if (and (eq .Values.discoveryService.type "NodePort") (not (empty .Values.discoveryService.nodePort))) }} - nodePort: {{.Values.discoveryService.nodePort}} -{{ end }} - selector: - {{- include "unifi.selectorLabels" . | nindent 4 }} -{{ end }} diff --git a/charts/stable/unifi/templates/gui-svc.yaml b/charts/stable/unifi/templates/gui-svc.yaml deleted file mode 100644 index da260214..00000000 --- a/charts/stable/unifi/templates/gui-svc.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{ if not .Values.unifiedService.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }}-gui - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.guiService.labels }} -{{ toYaml .Values.guiService.labels | indent 4 }} -{{- end }} -{{- with .Values.guiService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.guiService.type "ClusterIP") (empty .Values.guiService.type)) }} - type: ClusterIP - {{- if .Values.guiService.clusterIP }} - clusterIP: {{ .Values.guiService.clusterIP }} - {{end}} -{{- else if eq .Values.guiService.type "LoadBalancer" }} - type: {{ .Values.guiService.type }} - {{- if .Values.guiService.loadBalancerIP }} - loadBalancerIP: {{ .Values.guiService.loadBalancerIP }} - {{- end }} - {{- if .Values.guiService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.guiService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.guiService.type }} -{{- end }} -{{- if .Values.guiService.externalIPs }} - externalIPs: -{{ toYaml .Values.guiService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.guiService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.guiService.externalTrafficPolicy }} - {{- end }} - ports: - - name: https-gui - port: {{ .Values.guiService.port }} - protocol: TCP - targetPort: https-gui -{{ if (and (eq .Values.guiService.type "NodePort") (not (empty .Values.guiService.nodePort))) }} - nodePort: {{.Values.guiService.nodePort}} -{{ end }} - selector: - {{- include "unifi.selectorLabels" . | nindent 4 }} -{{ end }} diff --git a/charts/stable/unifi/templates/ingress.yaml b/charts/stable/unifi/templates/ingress.yaml deleted file mode 100644 index 9e83650a..00000000 --- a/charts/stable/unifi/templates/ingress.yaml +++ /dev/null @@ -1,60 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "unifi.fullname" . -}} -{{- $ingressPath := .Values.ingress.path -}} -{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}} -{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} -{{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} - labels: - {{- include "unifi.labels" . | nindent 4 }} -spec: -{{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ . }} - http: - paths: - - path: {{ $ingressPath }} - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: Prefix - {{- end }} - backend: - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - service: - {{- if $unifiedServiceEnabled }} - name: {{ $fullName }} - {{- else }} - name: {{ $fullName }}-gui - {{- end }} - port: - name: https-gui - {{- else -}} - {{- if $unifiedServiceEnabled }} - serviceName: {{ $fullName }} - {{- else }} - serviceName: {{ $fullName }}-gui - {{- end }} - servicePort: https-gui - {{- end -}} - {{- end }} -{{- end }} diff --git a/charts/stable/unifi/templates/promtail-configmap.yaml b/charts/stable/unifi/templates/promtail-configmap.yaml deleted file mode 100644 index 4f233afc..00000000 --- a/charts/stable/unifi/templates/promtail-configmap.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- if .Values.logging.promtail.enabled }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "unifi.fullname" . }}-promtail - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -data: - promtail.yaml: | - server: - disable: true - positions: - filename: /tmp/positions.yaml - clients: - - url: {{ .Values.logging.promtail.loki.url }} - scrape_configs: - - job_name: unifi-logs - static_configs: - - targets: - - localhost - labels: - job: unifi-logs - __path__: "/unifi/log/*.log" - - job_name: unifi-remote-logs - static_configs: - - targets: - - localhost - labels: - job: unifi-remote-logs - __path__: "/unifi/log/remote/*.log" -{{- end }} diff --git a/charts/stable/unifi/templates/pvc.yaml b/charts/stable/unifi/templates/pvc.yaml deleted file mode 100644 index 041ca563..00000000 --- a/charts/stable/unifi/templates/pvc.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ template "unifi.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} \ No newline at end of file diff --git a/charts/stable/unifi/templates/speedtest-svc.yaml b/charts/stable/unifi/templates/speedtest-svc.yaml deleted file mode 100644 index f59f1f73..00000000 --- a/charts/stable/unifi/templates/speedtest-svc.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{ if not .Values.unifiedService.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }}-speedtest - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.speedtestService.labels }} -{{ toYaml .Values.speedtestService.labels | indent 4 }} -{{- end }} -{{- with .Values.speedtestService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.speedtestService.type "ClusterIP") (empty .Values.speedtestService.type)) }} - type: ClusterIP - {{- if .Values.speedtestService.clusterIP }} - clusterIP: {{ .Values.speedtestService.clusterIP }} - {{end}} -{{- else if eq .Values.speedtestService.type "LoadBalancer" }} - type: {{ .Values.speedtestService.type }} - {{- if .Values.speedtestService.loadBalancerIP }} - loadBalancerIP: {{ .Values.speedtestService.loadBalancerIP }} - {{- end }} - {{- if .Values.speedtestService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.speedtestService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.speedtestService.type }} -{{- end }} -{{- if .Values.speedtestService.externalIPs }} - externalIPs: -{{ toYaml .Values.speedtestService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.speedtestService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.speedtestService.externalTrafficPolicy }} - {{- end }} - ports: - - port: {{ .Values.speedtestService.port }} - targetPort: speedtest - protocol: TCP - name: speedtest -{{ if (and (eq .Values.speedtestService.type "NodePort") (not (empty .Values.speedtestService.nodePort))) }} - nodePort: {{.Values.speedtestService.nodePort}} -{{ end }} - selector: - {{- include "unifi.selectorLabels" . | nindent 4 }} -{{ end }} diff --git a/charts/stable/unifi/templates/stun-svc.yaml b/charts/stable/unifi/templates/stun-svc.yaml deleted file mode 100644 index bd766eef..00000000 --- a/charts/stable/unifi/templates/stun-svc.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{ if not .Values.unifiedService.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }}-stun - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.stunService.labels }} -{{ toYaml .Values.stunService.labels | indent 4 }} -{{- end }} -{{- with .Values.stunService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.stunService.type "ClusterIP") (empty .Values.stunService.type)) }} - type: ClusterIP - {{- if .Values.stunService.clusterIP }} - clusterIP: {{ .Values.stunService.clusterIP }} - {{end}} -{{- else if eq .Values.stunService.type "LoadBalancer" }} - type: {{ .Values.stunService.type }} - {{- if .Values.stunService.loadBalancerIP }} - loadBalancerIP: {{ .Values.stunService.loadBalancerIP }} - {{- end }} - {{- if .Values.stunService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.stunService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.stunService.type }} -{{- end }} -{{- if .Values.stunService.externalIPs }} - externalIPs: -{{ toYaml .Values.stunService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.stunService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.stunService.externalTrafficPolicy }} - {{- end }} - ports: - - port: {{ .Values.stunService.port }} - targetPort: stun - protocol: UDP - name: stun -{{ if (and (eq .Values.stunService.type "NodePort") (not (empty .Values.stunService.nodePort))) }} - nodePort: {{.Values.stunService.nodePort}} -{{ end }} - selector: - {{- include "unifi.selectorLabels" . | nindent 4 }} -{{ end }} diff --git a/charts/stable/unifi/templates/syslog-svc.yaml b/charts/stable/unifi/templates/syslog-svc.yaml deleted file mode 100644 index d37e404e..00000000 --- a/charts/stable/unifi/templates/syslog-svc.yaml +++ /dev/null @@ -1,53 +0,0 @@ -{{ if and (not (.Values.unifiedService.enabled)) .Values.syslogService.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }}-syslog - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.syslogService.labels }} -{{ toYaml .Values.syslogService.labels | indent 4 }} -{{- end }} -{{- with .Values.syslogService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.syslogService.type "ClusterIP") (empty .Values.syslogService.type)) }} - type: ClusterIP - {{- if .Values.syslogService.clusterIP }} - clusterIP: {{ .Values.syslogService.clusterIP }} - {{end}} -{{- else if eq .Values.syslogService.type "LoadBalancer" }} - type: {{ .Values.syslogService.type }} - {{- if .Values.syslogService.loadBalancerIP }} - loadBalancerIP: {{ .Values.syslogService.loadBalancerIP }} - {{- end }} - {{- if .Values.syslogService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.syslogService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.syslogService.type }} -{{- end }} -{{- if .Values.syslogService.externalIPs }} - externalIPs: -{{ toYaml .Values.syslogService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.syslogService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.syslogService.externalTrafficPolicy }} - {{- end }} - ports: - - port: {{ .Values.syslogService.port }} - targetPort: syslog - protocol: UDP - name: syslog -{{ if (and (eq .Values.syslogService.type "NodePort") (not (empty .Values.syslogService.nodePort))) }} - nodePort: {{.Values.syslogService.nodePort}} -{{ end }} - selector: - {{- include "unifi.selectorLabels" . | nindent 4 }} -{{ end }} diff --git a/charts/stable/unifi/templates/unified-svc.yaml b/charts/stable/unifi/templates/unified-svc.yaml deleted file mode 100644 index 363b84db..00000000 --- a/charts/stable/unifi/templates/unified-svc.yaml +++ /dev/null @@ -1,106 +0,0 @@ -{{ if .Values.unifiedService.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "unifi.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "unifi.name" . }} - helm.sh/chart: {{ include "unifi.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.unifiedService.labels }} -{{ toYaml .Values.unifiedService.labels | indent 4 }} -{{- end }} -{{- with .Values.unifiedService.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: -{{- if (or (eq .Values.unifiedService.type "ClusterIP") (empty .Values.unifiedService.type)) }} - type: ClusterIP - {{- if .Values.unifiedService.clusterIP }} - clusterIP: {{ .Values.unifiedService.clusterIP }} - {{end}} -{{- else if eq .Values.unifiedService.type "LoadBalancer" }} - type: {{ .Values.unifiedService.type }} - {{- if .Values.unifiedService.loadBalancerIP }} - loadBalancerIP: {{ .Values.unifiedService.loadBalancerIP }} - {{- end }} - {{- if .Values.unifiedService.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.unifiedService.loadBalancerSourceRanges | indent 4 }} - {{- end -}} -{{- else }} - type: {{ .Values.unifiedService.type }} -{{- end }} -{{- if .Values.unifiedService.externalIPs }} - externalIPs: -{{ toYaml .Values.unifiedService.externalIPs | indent 4 }} -{{- end }} - {{- if .Values.unifiedService.externalTrafficPolicy }} - externalTrafficPolicy: {{ .Values.unifiedService.externalTrafficPolicy }} - {{- end }} - ports: - - port: {{ .Values.controllerService.port }} - targetPort: controller - protocol: TCP - name: controller -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.controllerService.nodePort))) }} - nodePort: {{.Values.controllerService.nodePort}} -{{ end }} - - port: {{ .Values.discoveryService.port }} - targetPort: discovery - protocol: UDP - name: discovery -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.discoveryService.nodePort))) }} - nodePort: {{.Values.discoveryService.nodePort}} -{{ end }} - - port: {{ .Values.stunService.port }} - targetPort: stun - protocol: UDP - name: stun -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.stunService.nodePort))) }} - nodePort: {{.Values.stunService.nodePort}} -{{ end }} - - port: {{ .Values.syslogService.port }} - targetPort: syslog - protocol: UDP - name: syslog -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.syslogService.nodePort))) }} - nodePort: {{.Values.syslogService.nodePort}} -{{ end }} - - name: https-gui - port: {{ .Values.guiService.port }} - protocol: TCP - targetPort: https-gui -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.guiService.nodePort))) }} - nodePort: {{.Values.guiService.nodePort}} -{{ end }} -{{ if .Values.captivePortalService.enabled }} - - name: http-captive - port: {{ .Values.captivePortalService.http }} - protocol: TCP - targetPort: http-captive -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.captivePortalService.http))) }} - nodePort: {{.Values.captivePortalService.http}} -{{ end }} - - name: https-captive - port: {{ .Values.captivePortalService.https }} - protocol: TCP - targetPort: https-captive -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.captivePortalService.https))) }} - nodePort: {{.Values.captivePortalService.https}} -{{ end }} - - port: {{ .Values.speedtestService.port }} - targetPort: speedtest - protocol: TCP - name: speedtest -{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.speedtestService.nodePort))) }} - nodePort: {{.Values.speedtestService.nodePort}} -{{ end }} -{{ end }} - - selector: - {{- include "unifi.selectorLabels" . | nindent 4 }} -{{ end }} - diff --git a/charts/stable/unifi/values.yaml b/charts/stable/unifi/values.yaml index c3bc2d99..e0e978a6 100644 --- a/charts/stable/unifi/values.yaml +++ b/charts/stable/unifi/values.yaml @@ -1,350 +1,126 @@ -# Default values for unifi. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# -- upgrade strategy type (e.g. Recreate or RollingUpdate) -strategyType: Recreate +# +# IMPORTANT NOTE +# +# This chart inherits from our common library chart. You can check the default values/options here: +# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml +# image: + # -- image repository repository: jacobalberty/unifi - tag: 6.2.25 + # -- image tag + tag: v6.2.26 + # -- image pull policy pullPolicy: IfNotPresent -# If enabled, the controller, discovery, GUI, STUN and syslog services will not be -# created. -# Instead, one service will be created with the port and nodePort settings from -# controllerService, discoveryService, guiService, stunService and syslogService. -# This is useful if, for example, the ClusterIP network is routable and being -# accessed directly by access points, and the APs don't have a way to discern -# different services on different IPs. -unifiedService: - enabled: false - # -- Kubernetes service type - type: ClusterIP - # -- (int) Specify the nodePort value for the LoadBalancer and NodePort service types. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - # - nodePort: - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: +# -- environment variables. See more environment variables in the [image documentation](https://github.com/jacobalberty/unifi-docker#environment-variables). +# @default -- See below +env: + # -- Set the container timezone + TZ: UTC + # -- Run UniFi as root + RUNAS_UID0: "false" + # -- Specify the user ID the application will run as + UNIFI_UID: "999" + # -- Specify the group ID the application will run as + UNIFI_GID: "999" + # -- Java Virtual Machine (JVM) initial, and minimum, heap size + # Unset value means there is no lower limit + JVM_INIT_HEAP_SIZE: + # -- Java Virtual Machine (JVM) maximum heap size + # For larger installations a larger value is recommended. + # For memory constrained system this value can be lowered. + JVM_MAX_HEAP_SIZE: 1024M -guiService: - # -- Kubernetes service type - type: ClusterIP - # -- Kubernetes port where the service is exposed - port: 8443 - # -- (int) Specify the nodePort value for the LoadBalancer and NodePort service types. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport - # - nodePort: - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: +# -- Configures service settings for the chart. +# @default -- See values.yaml +service: + main: + ports: + # -- Configure Web interface + API port + # @default -- See values.yaml + http: + port: 8443 + # -- Configure Controller port used for device command/control + # @default -- See values.yaml + controller: + enabled: true + port: 8080 + protocol: TCP + # -- Configure Captive Portal HTTP port + # @default -- See values.yaml + portal-http: + enabled: false + port: 8880 + protocol: HTTP + # -- Configure Captive Portal HTTPS port + # @default -- See values.yaml + portal-https: + enabled: false + port: 8843 + protocol: HTTPS + # -- Configure Speedtest port (used for UniFi mobile speed test) + # @default -- See values.yaml + speedtest: + enabled: true + port: 6789 + protocol: TCP + # -- Configure STUN port + # @default -- See values.yaml + stun: + enabled: true + port: 3478 + protocol: UDP + # -- Configure remote syslog port + # @default -- See values.yaml + syslog: + enabled: true + port: 5514 + protocol: UDP + # -- Configure device discovery port + # @default -- See values.yaml + discovery: + enabled: true + port: 10001 + protocol: UDP -captivePortalService: - enabled: false - # -- Kubernetes service type - type: ClusterIP - # -- Kubernetes port where the http service is exposed - http: 8880 - # -- Kubernetes port where the https service is exposed - https: 8843 - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: - - # -- Ingress settings - ingress: - enabled: false - annotations: {} - path: / - hosts: - - chart-example.local - tls: [] - -controllerService: - # -- Kubernetes service type - type: NodePort - # -- Kubernetes port where the service is exposed - port: 8080 - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: - - # -- Ingress settings - ingress: - enabled: false - annotations: {} - path: / - hosts: - - chart-example.local - tls: [] - -stunService: - # -- Kubernetes service type - type: NodePort - # -- Kubernetes port where the service is exposed - port: 3478 - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: - -discoveryService: - # -- Kubernetes service type - type: NodePort - # -- Kubernetes port where the service is exposed - port: 10001 - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: - -syslogService: - enabled: false - # -- Kubernetes service type - type: NodePort - # -- Kubernetes port where the service is exposed - port: 5514 - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: - -speedtestService: - # -- Kubernetes service type - type: ClusterIP - # -- Kubernetes port where the service is exposed - port: 6789 - # -- Provide any additional annotations which may be required. This can be used to - # set the LoadBalancer service type to internal only. - # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer - annotations: {} - labels: {} - # -- Use loadBalancerIP to request a specific static IP, - # otherwise leave blank - loadBalancerIP: - # -- (list) loadBalancerSourceRanges - loadBalancerSourceRanges: - # -- Set the externalTrafficPolicy in the Service to either Cluster or Local - externalTrafficPolicy: - - -# -- Ingress settings ingress: - enabled: false - annotations: {} - path: / - hosts: - - chart-example.local - tls: [] - -timezone: UTC - -runAsRoot: false -UID: 999 -GID: 999 - -# -- If you provide your own custom certificate in /cert -# you can define the following parameters to configure the controller -customCert: - enabled: false - isChain: false - certName: tls.crt - keyName: tls.key - # If you want to store certificate and its key as a Kubernetes tls secret - # you can pass the name of that secret using certSecret variable - # certSecret: unifi-tls - -# -- Logging configuration -logging: - promtail: + # -- Enable and configure ingress settings for the chart under this key. + # @default -- See values.yaml + main: enabled: false - image: - repository: grafana/promtail - tag: 1.6.0 - pullPolicy: IfNotPresent - loki: - url: http://loki.logs.svc.cluster.local:3100/loki/api/v1/push + annotations: + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + traefik.ingress.kubernetes.io/service.serversscheme: https -# -- define an external mongoDB instead of using the built-in mongodb -mongodb: - enabled: false - dbUri: mongodb://mongo/unifi - statDbUri: mongodb://mongo/unifi_stat - databaseName: unifi + # -- Enable and configure settings for the captive portal ingress under this key. + # @default -- See values.yaml + portal: + enabled: false + annotations: + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + traefik.ingress.kubernetes.io/service.serversscheme: https + ingressClassName: # "nginx" + + hosts: + - ## Host address. Helm template can be passed. + host: + ## Configure the paths for the host + paths: + - ## Path. Helm template can be passed. + path: / + ## Ignored if not kubeVersion >= 1.14-0 + pathType: Prefix + service: + ## Overrides the service name reference for this path + name: main + ## Overrides the service port reference for this path + port: portal-https + +# -- Configure persistence settings for the chart under this key. +# @default -- See values.yaml persistence: - # -- Use persistent volume to store data - enabled: false - # -- (string) Type of persistent volume claim - storageClass: - # -- (string) Use an existing PVC to persist data - existingClaim: - # -- Persistence access modes - accessMode: ReadWriteOnce - # -- Size of persistent volume claim - size: 5Gi - # -- Do not delete the pvc upon helm uninstall - skipuninstall: false - -extraVolumes: [] - ## specify additional volume to be used by extraVolumeMounts inside unifi container - # - name: additional-volume - # hostPath: - # path: /path/on/host - # type: DirectoryOrCreate - -extraVolumeMounts: [] - ## specify additional VolumeMount to be mounted inside unifi container - # - name: additional-volume - # mountPath: /path/in/container - -extraJvmOpts: [] - ## Extra java options - ## Here are some examples of valid JVM options: - ## - # - "-XX:MaxMetaspaceSize=256m" - # - "-Dlog4j.configurationFile=file:/configmap/log4j2.xml" - # - "-Dsystem_ip=1.2.3.4" - -# -- Java Virtual Machine (JVM) initial, and minimum, heap size -# Unset value means there is no lower limit -jvmInitHeapSize: - -# -- Java Virtual Machine (JVM) maximum heap size -# For larger installations a larger value is recommended. -# For memory constrained system this value can be lowered. -jvmMaxHeapSize: 1024M - -extraConfigFiles: {} - ## Specify additional config files which are mounted to /configmap - ## Here is an example for a custom log4j config: - ## - # log4j2.xml: |- - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - # - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -# -- Liveness probe values -# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - -# -- Readiness probe values -# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -readinessProbe: - enabled: true - initialDelaySeconds: 15 - periodSeconds: 10 - timeoutSeconds: 1 - failureThreshold: 3 - successThreshold: 1 - -nodeSelector: {} - -tolerations: [] - -affinity: {} - -podAnnotations: {} - -deploymentAnnotations: {} + data: + enabled: false + mountPath: /unifi/data