[unifi] Migrate to common library (#1101)

charts/stable/unifi/.helmignore

@@ -19,5 +19,8 @@
 .project
 .idea/
 *.tmproj
+.vscode/
 # OWNERS file for Kubernetes
 OWNERS
+# helm-docs templates
+*.gotmpl

charts/stable/unifi/Chart.yaml

@@ -1,12 +1,11 @@
 apiVersion: v2
-appVersion: 6.2.25
+appVersion: v6.2.26
 description: Ubiquiti Network's Unifi Controller
 name: unifi
-version: 2.0.4
+version: 3.0.0
 keywords:
   - ubiquiti
   - unifi
-  - mongodb
 home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/unifi
 icon: https://prd-www-cdn.ubnt.com/static/favicon-152.png
 sources:
@@ -16,3 +15,7 @@ maintainers:
     email: jeff@billimek.com
   - name: mcronce
     email: mike@quadra-tec.net
+dependencies:
+- name: common
+  repository: https://library-charts.k8s-at-home.com
+  version: 3.3.0

charts/stable/unifi/README.md

@@ -1,6 +1,6 @@
 # unifi
 
-![Version: 2.0.4](https://img.shields.io/badge/Version-2.0.4-informational?style=flat-square) ![AppVersion: 6.2.25](https://img.shields.io/badge/AppVersion-6.2.25-informational?style=flat-square)
+![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![AppVersion: v6.2.26](https://img.shields.io/badge/AppVersion-v6.2.26-informational?style=flat-square)
 
 Ubiquiti Network's Unifi Controller
 
@@ -16,6 +16,7 @@ Ubiquiti Network's Unifi Controller
 
 | Repository | Name | Version |
 |------------|------|---------|
+| https://library-charts.k8s-at-home.com | common | 3.3.0 |
 
 ## TL;DR
 
@@ -66,143 +67,64 @@ helm install unifi k8s-at-home/unifi -f values.yaml
 
 ### Regarding the services
 
-- `guiService`: Represents the main web UI and is what one would normally point
+By default it is not possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways:
-  the ingress to.
-- `captivePortalService`: This service is used to allow the captive portal webpage
-  to be accessible. It needs to be reachable by the clients connecting to your guest
-  network.
-- `controllerService`: This is needed in order for the unifi devices to talk to
-  the controller and must be otherwise exposed to the network where the unifi
-  devices run. If you run this as a `NodePort` (the default setting), make sure
-  that there is an external load balancer that is directing traffic from port
-  8080 to the `NodePort` for this service.
-- `discoveryService`: This needs to be reachable by the unifi devices on the
-  network similar to the controller `Service` but only during the discovery
-  phase. This is a UDP service.
-- `stunService`: Also used periodically by the unifi devices to communicate
-  with the controller using UDP. See [this article][ubnt 3] and [this other
-  article][ubnt 4] for more information.
-- `syslogService`: Used to capture syslog from Unifi devices if the feature is
-  enabled in the site configuration. This needs to be reachable by Unifi devices
-  on port 5514/UDP.
-- `speedtestService`: Used for mobile speedtest inside the UniFi Mobile app.
-  This needs to be reachable by clients connecting to port 6789/TCP.
 
-### Ingress and HTTPS
+1. Create a separate service containing the UDP ports. This could be done by setting disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`:
 
-Unifi does [not support HTTP][unifi] so if you wish to use the guiService, you
+```yaml
-need to ensure that you use a backend transport of HTTPS.
+service:
-
+  udp:
-An example entry in `values.yaml` to achieve this is as follows:
-
-```
-ingress:
     enabled: true
-  annotations:
+    type: LoadBalancer
-    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+    # <your other service configuration>
+    ports:
+      stun:
+        enabled: true
+        port: 3478
+        protocol: UDP
+      syslog:
+        enabled: true
+        port: 5514
+        protocol: UDP
+      discovery:
+        enabled: true
+        port: 10001
+        protocol: UDP
 ```
 
+2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`.
+   You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this.
+
+   For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/).
+
 ## Values
 
 **Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| GID | int | `999` |  |
+| env | object | See below | environment variables. See more environment variables in the [image documentation](https://github.com/jacobalberty/unifi-docker#environment-variables). |
-| UID | int | `999` |  |
+| env.JVM_INIT_HEAP_SIZE | string | `nil` | Java Virtual Machine (JVM) initial, and minimum, heap size Unset value means there is no lower limit |
-| affinity | object | `{}` |  |
+| env.JVM_MAX_HEAP_SIZE | string | `"1024M"` | Java Virtual Machine (JVM) maximum heap size For larger installations a larger value is recommended. For memory constrained system this value can be lowered. |
-| captivePortalService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
+| env.RUNAS_UID0 | string | `"false"` | Run UniFi as root |
-| captivePortalService.enabled | bool | `false` |  |
+| env.TZ | string | `"UTC"` | Set the container timezone |
-| captivePortalService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
+| env.UNIFI_GID | string | `"999"` | Specify the group ID the application will run as |
-| captivePortalService.http | int | `8880` | Kubernetes port where the http service is exposed |
+| env.UNIFI_UID | string | `"999"` | Specify the user ID the application will run as |
-| captivePortalService.https | int | `8843` | Kubernetes port where the https service is exposed |
+| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
-| captivePortalService.ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings |
+| image.repository | string | `"jacobalberty/unifi"` | image repository |
-| captivePortalService.labels | object | `{}` |  |
+| image.tag | string | `"v6.2.26"` | image tag |
-| captivePortalService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
+| ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
-| captivePortalService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
+| ingress.portal | object | See values.yaml | Enable and configure settings for the captive portal ingress under this key. |
-| captivePortalService.type | string | `"ClusterIP"` | Kubernetes service type |
+| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
-| controllerService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
+| service | object | See values.yaml | Configures service settings for the chart. |
-| controllerService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
+| service.main.ports.controller | object | See values.yaml | Configure Controller port used for device command/control |
-| controllerService.ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings |
+| service.main.ports.discovery | object | See values.yaml | Configure device discovery port |
-| controllerService.labels | object | `{}` |  |
+| service.main.ports.http | object | See values.yaml | Configure Web interface + API port |
-| controllerService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
+| service.main.ports.portal-http | object | See values.yaml | Configure Captive Portal HTTP port |
-| controllerService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
+| service.main.ports.portal-https | object | See values.yaml | Configure Captive Portal HTTPS port |
-| controllerService.port | int | `8080` | Kubernetes port where the service is exposed |
+| service.main.ports.speedtest | object | See values.yaml | Configure Speedtest port (used for UniFi mobile speed test) |
-| controllerService.type | string | `"NodePort"` | Kubernetes service type |
+| service.main.ports.stun | object | See values.yaml | Configure STUN port |
-| customCert | object | `{"certName":"tls.crt","enabled":false,"isChain":false,"keyName":"tls.key"}` | If you provide your own custom certificate in <unifi-data>/cert you can define the following parameters to configure the controller |
+| service.main.ports.syslog | object | See values.yaml | Configure remote syslog port |
-| deploymentAnnotations | object | `{}` |  |
-| discoveryService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
-| discoveryService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
-| discoveryService.labels | object | `{}` |  |
-| discoveryService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
-| discoveryService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
-| discoveryService.port | int | `10001` | Kubernetes port where the service is exposed |
-| discoveryService.type | string | `"NodePort"` | Kubernetes service type |
-| extraConfigFiles | object | `{}` |  |
-| extraJvmOpts | list | `[]` |  |
-| extraVolumeMounts | list | `[]` |  |
-| extraVolumes | list | `[]` |  |
-| guiService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
-| guiService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
-| guiService.labels | object | `{}` |  |
-| guiService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
-| guiService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
-| guiService.nodePort | int | `nil` | Specify the nodePort value for the LoadBalancer and NodePort service types. ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport |
-| guiService.port | int | `8443` | Kubernetes port where the service is exposed |
-| guiService.type | string | `"ClusterIP"` | Kubernetes service type |
-| image.pullPolicy | string | `"IfNotPresent"` |  |
-| image.repository | string | `"jacobalberty/unifi"` |  |
-| image.tag | string | `"6.2.25"` |  |
-| ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings |
-| jvmInitHeapSize | string | `nil` | Java Virtual Machine (JVM) initial, and minimum, heap size Unset value means there is no lower limit |
-| jvmMaxHeapSize | string | `"1024M"` | Java Virtual Machine (JVM) maximum heap size For larger installations a larger value is recommended. For memory constrained system this value can be lowered. |
-| livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":30,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Liveness probe values Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes |
-| logging | object | `{"promtail":{"enabled":false,"image":{"pullPolicy":"IfNotPresent","repository":"grafana/promtail","tag":"1.6.0"},"loki":{"url":"http://loki.logs.svc.cluster.local:3100/loki/api/v1/push"}}}` | Logging configuration |
-| mongodb | object | `{"databaseName":"unifi","dbUri":"mongodb://mongo/unifi","enabled":false,"statDbUri":"mongodb://mongo/unifi_stat"}` | define an external mongoDB instead of using the built-in mongodb |
-| nodeSelector | object | `{}` |  |
-| persistence.accessMode | string | `"ReadWriteOnce"` | Persistence access modes |
-| persistence.enabled | bool | `false` | Use persistent volume to store data |
-| persistence.existingClaim | string | `nil` | Use an existing PVC to persist data |
-| persistence.size | string | `"5Gi"` | Size of persistent volume claim |
-| persistence.skipuninstall | bool | `false` | Do not delete the pvc upon helm uninstall |
-| persistence.storageClass | string | `nil` | Type of persistent volume claim |
-| podAnnotations | object | `{}` |  |
-| readinessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":15,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Readiness probe values Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes |
-| resources | object | `{}` |  |
-| runAsRoot | bool | `false` |  |
-| speedtestService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
-| speedtestService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
-| speedtestService.labels | object | `{}` |  |
-| speedtestService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
-| speedtestService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
-| speedtestService.port | int | `6789` | Kubernetes port where the service is exposed |
-| speedtestService.type | string | `"ClusterIP"` | Kubernetes service type |
-| strategyType | string | `"Recreate"` | upgrade strategy type (e.g. Recreate or RollingUpdate) |
-| stunService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
-| stunService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
-| stunService.labels | object | `{}` |  |
-| stunService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
-| stunService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
-| stunService.port | int | `3478` | Kubernetes port where the service is exposed |
-| stunService.type | string | `"NodePort"` | Kubernetes service type |
-| syslogService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
-| syslogService.enabled | bool | `false` |  |
-| syslogService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
-| syslogService.labels | object | `{}` |  |
-| syslogService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
-| syslogService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
-| syslogService.port | int | `5514` | Kubernetes port where the service is exposed |
-| syslogService.type | string | `"NodePort"` | Kubernetes service type |
-| timezone | string | `"UTC"` |  |
-| tolerations | list | `[]` |  |
-| unifiedService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
-| unifiedService.enabled | bool | `false` |  |
-| unifiedService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
-| unifiedService.labels | object | `{}` |  |
-| unifiedService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
-| unifiedService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
-| unifiedService.nodePort | int | `nil` | Specify the nodePort value for the LoadBalancer and NodePort service types. ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport |
-| unifiedService.type | string | `"ClusterIP"` | Kubernetes service type |
 
 ## Changelog
 
@@ -210,6 +132,19 @@ All notable changes to this application Helm chart will be documented in this fi
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+### [3.0.0]
+
+#### Changed
+
+- **BREAKING**: Migrated chart to common library. This means that there are many things that work different from before. Please check the `values.yaml` file for the current implementation.
+- Changed image tag to `v6.2.26`.
+
+#### Removed
+
+- **BREAKING**: Removed support for deploying a separate MongoDB instance.
+- **BREAKING**: Removed support for specifying custom configMaps in chart values.
+- **BREAKING**: Removed chart-specific Promtail implementation. This can be replaced by using the common library charts Promtail add-on.
+
 ### [2.0.4]
 
 #### Added
@@ -258,9 +193,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 - N/A
 
-[2.0.2]: #2.0.2
+[3.0.0]: #300
-[2.0.1]: #2.0.1
+[2.0.4]: #204
-[1.5.3]: #1.5.3
+[2.0.2]: #202
+[2.0.1]: #201
+[1.5.3]: #153
 
 ## Support
 

charts/stable/unifi/README_CHANGELOG.md.gotmpl

@@ -9,6 +9,19 @@ All notable changes to this application Helm chart will be documented in this fi
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+### [3.0.0]
+
+#### Changed
+
+- **BREAKING**: Migrated chart to common library. This means that there are many things that work different from before. Please check the `values.yaml` file for the current implementation.
+- Changed image tag to `v6.2.26`.
+
+#### Removed
+
+- **BREAKING**: Removed support for deploying a separate MongoDB instance.
+- **BREAKING**: Removed support for specifying custom configMaps in chart values.
+- **BREAKING**: Removed chart-specific Promtail implementation. This can be replaced by using the common library charts Promtail add-on.
+
 ### [2.0.4]
 
 #### Added
@@ -57,7 +70,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 - N/A
 
-[2.0.2]: #2.0.2
+[3.0.0]: #300
-[2.0.1]: #2.0.1
+[2.0.4]: #204
-[1.5.3]: #1.5.3
+[2.0.2]: #202
+[2.0.1]: #201
+[1.5.3]: #153
 {{- end -}}

charts/stable/unifi/README_CONFIG.md.gotmpl

@@ -7,39 +7,34 @@
 
 ### Regarding the services
 
-- `guiService`: Represents the main web UI and is what one would normally point
+By default it is not possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways:
-  the ingress to.
-- `captivePortalService`: This service is used to allow the captive portal webpage
-  to be accessible. It needs to be reachable by the clients connecting to your guest
-  network.
-- `controllerService`: This is needed in order for the unifi devices to talk to
-  the controller and must be otherwise exposed to the network where the unifi
-  devices run. If you run this as a `NodePort` (the default setting), make sure
-  that there is an external load balancer that is directing traffic from port
-  8080 to the `NodePort` for this service.
-- `discoveryService`: This needs to be reachable by the unifi devices on the
-  network similar to the controller `Service` but only during the discovery
-  phase. This is a UDP service.
-- `stunService`: Also used periodically by the unifi devices to communicate
-  with the controller using UDP. See [this article][ubnt 3] and [this other
-  article][ubnt 4] for more information.
-- `syslogService`: Used to capture syslog from Unifi devices if the feature is 
-  enabled in the site configuration. This needs to be reachable by Unifi devices
-  on port 5514/UDP.
-- `speedtestService`: Used for mobile speedtest inside the UniFi Mobile app.
-  This needs to be reachable by clients connecting to port 6789/TCP.
 
-### Ingress and HTTPS
+1. Create a separate service containing the UDP ports. This could be done by setting disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`:
 
-Unifi does [not support HTTP][unifi] so if you wish to use the guiService, you
+```yaml
-need to ensure that you use a backend transport of HTTPS.
+service:
-
+  udp:
-An example entry in `values.yaml` to achieve this is as follows:
-
-```
-ingress:
     enabled: true
-  annotations:
+    type: LoadBalancer
-    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+    # <your other service configuration>
+    ports:
+      stun:
+        enabled: true
+        port: 3478
+        protocol: UDP
+      syslog:
+        enabled: true
+        port: 5514
+        protocol: UDP
+      discovery:
+        enabled: true
+        port: 10001
+        protocol: UDP
 ```
+
+2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`.
+   You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this.
+
+   For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/).
+
 {{- end -}}

charts/stable/unifi/templates/NOTES.txt

@@ -1,19 +1 @@
-1. Get the application URL by running these commands:
+{{- include "common.notes.defaultNotes" . -}}
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
-  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
-{{- end }}
-{{- else if contains "NodePort" .Values.guiService.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "unifi.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.guiService.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "unifi.fullname" . }}-gui'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "unifi.fullname" . }}-gui -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
-  echo http://$SERVICE_IP:{{ .Values.guiService.port }}
-{{- else if contains "ClusterIP" .Values.guiService.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "unifi.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8443:{.Values.guiService.port}
-  Visit https://127.0.0.1:8443 to use your application
-{{- end }}

charts/stable/unifi/templates/_helpers.tpl

@@ -1,52 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "unifi.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "unifi.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "unifi.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Common labels
-*/}}
-{{- define "unifi.labels" -}}
-helm.sh/chart: {{ include "unifi.chart" . }}
-{{ include "unifi.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- end }}
-
-{{/*
-Selector labels
-*/}}
-{{- define "unifi.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "unifi.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}

charts/stable/unifi/templates/captive-ingress.yaml

@@ -1,64 +0,0 @@
-{{- if (and .Values.captivePortalService.ingress.enabled (not .Values.unifiedService.enabled)) }}
-{{- $fullName := include "unifi.fullname" . -}}
-{{- $ingressPath := .Values.captivePortalService.ingress.path -}}
-{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}}
-{{- $captivePortalHttps := .Values.captivePortalService.https -}}
-{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1
-{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1beta1
-{{- else -}}
-apiVersion: extensions/v1beta1
-{{- end }}
-kind: Ingress
-metadata:
-  name: {{ $fullName }}-captive
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- with .Values.captivePortalService.ingress.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if .Values.captivePortalService.ingress.tls }}
-  tls:
-  {{- range .Values.captivePortalService.ingress.tls }}
-    - hosts:
-      {{- range .hosts }}
-        - {{ . | quote }}
-      {{- end }}
-      secretName: {{ .secretName }}
-  {{- end }}
-{{- end }}
-  rules:
-    {{- range .Values.captivePortalService.ingress.hosts }}
-    - host: {{ . }}
-      http:
-        paths:
-          - path: {{ $ingressPath }}
-            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
-            pathType: Prefix
-            {{- end }}
-            backend:
-            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
-              service:
-                name: {{ $fullName }}-captiveportalservice
-                port:
-                  {{- if $captivePortalHttps }}
-                  name: https-captive
-                  {{- else }}
-                  name: http-captive
-                  {{- end }}
-            {{- else }}
-              serviceName: {{ $fullName }}-captiveportalservice
-              {{- if $captivePortalHttps }}
-              servicePort: https-captive
-              {{- else }}
-              servicePort: http-captive
-              {{- end }}
-            {{- end -}}
-    {{- end }}
-{{- end }}

charts/stable/unifi/templates/captive-svc.yaml

@@ -1,60 +0,0 @@
-{{ if (and .Values.captivePortalService.enabled (not .Values.unifiedService.enabled)) }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}-captiveportalservice
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.captivePortalService.labels }}
-{{ toYaml .Values.captivePortalService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.captivePortalService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.captivePortalService.type "ClusterIP") (empty .Values.captivePortalService.type)) }}
-  type: ClusterIP
-  {{- if .Values.captivePortalService.clusterIP }}
-  clusterIP: {{ .Values.captivePortalService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.captivePortalService.type "LoadBalancer" }}
-  type: {{ .Values.captivePortalService.type }}
-  {{- if .Values.captivePortalService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.captivePortalService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.captivePortalService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.captivePortalService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.captivePortalService.type }}
-{{- end }}
-{{- if .Values.captivePortalService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.captivePortalService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.captivePortalService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.captivePortalService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - port: {{ .Values.captivePortalService.http }}
-      targetPort: http-captive
-      protocol: TCP
-      name: http-captive
-{{ if (and (eq .Values.captivePortalService.type "NodePort") (not (empty .Values.captivePortalService.http))) }}
-      nodePort: {{.Values.captivePortalService.http}}
-{{ end }}
-    - port: {{ .Values.captivePortalService.https }}
-      targetPort: https-captive
-      protocol: TCP
-      name: https-captive
-{{ if (and (eq .Values.captivePortalService.type "NodePort") (not (empty .Values.captivePortalService.https))) }}
-      nodePort: {{.Values.captivePortalService.https}}
-{{ end }}
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 6 }}
-{{ end }}

charts/stable/unifi/templates/common.yaml

@@ -0,0 +1,11 @@
+{{- include "common.values.setup" . }}
+
+{{/* Append the hardcoded settings */}}
+{{- define "unifi.harcodedValues" -}}
+env:
+  UNIFI_STDOUT: "true"
+{{- end -}}
+{{- $_ := mergeOverwrite .Values (include "unifi.harcodedValues" . | fromYaml) -}}
+
+{{/* Render the templates */}}
+{{ include "common.all" . }}

charts/stable/unifi/templates/configmap.yaml

@@ -1,13 +0,0 @@
-{{- if .Values.extraConfigFiles }}
-kind: ConfigMap
-apiVersion: v1
-metadata:
-  name: {{ template "unifi.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-data:
-{{ toYaml .Values.extraConfigFiles | indent 2 }}
-{{- end }}

charts/stable/unifi/templates/controller-ingress.yaml

@@ -1,55 +0,0 @@
-{{- if (and .Values.controllerService.ingress.enabled (not .Values.unifiedService.enabled)) }}
-{{- $fullName := include "unifi.fullname" . -}}
-{{- $ingressPath := .Values.controllerService.ingress.path -}}
-{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}}
-{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1
-{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1beta1
-{{- else -}}
-apiVersion: extensions/v1beta1
-{{- end }}
-kind: Ingress
-metadata:
-  name: {{ $fullName }}-controller
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- with .Values.controllerService.ingress.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if .Values.controllerService.ingress.tls }}
-  tls:
-  {{- range .Values.controllerService.ingress.tls }}
-    - hosts:
-      {{- range .hosts }}
-        - {{ . | quote }}
-      {{- end }}
-      secretName: {{ .secretName }}
-  {{- end }}
-{{- end }}
-  rules:
-  {{- range .Values.controllerService.ingress.hosts }}
-    - host: {{ . }}
-      http:
-        paths:
-          - path: {{ $ingressPath }}
-            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
-            pathType: Prefix
-            {{- end }}
-            backend:
-            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
-              service:
-                name: {{ $fullName }}-controller
-                port:
-                  name: controller
-            {{- else -}}
-              serviceName: {{ $fullName }}-controller
-              servicePort: controller
-            {{- end }}
-  {{- end }}
-{{- end }}

charts/stable/unifi/templates/controller-svc.yaml

@@ -1,53 +0,0 @@
-{{ if not .Values.unifiedService.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}-controller
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.controllerService.labels }}
-{{ toYaml .Values.controllerService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.controllerService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.controllerService.type "ClusterIP") (empty .Values.controllerService.type)) }}
-  type: ClusterIP
-  {{- if .Values.controllerService.clusterIP }}
-  clusterIP: {{ .Values.controllerService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.controllerService.type "LoadBalancer" }}
-  type: {{ .Values.controllerService.type }}
-  {{- if .Values.controllerService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.controllerService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.controllerService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.controllerService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.controllerService.type }}
-{{- end }}
-{{- if .Values.controllerService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.controllerService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.controllerService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.controllerService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - port: {{ .Values.controllerService.port }}
-      targetPort: controller
-      protocol: TCP
-      name: controller
-{{ if (and (eq .Values.controllerService.type "NodePort") (not (empty .Values.controllerService.nodePort))) }}
-      nodePort: {{.Values.controllerService.nodePort}}
-{{ end }}
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 4 }}
-{{ end }}

charts/stable/unifi/templates/deployment.yaml

@@ -1,219 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ template "unifi.fullname" . }}
-  {{- if .Values.deploymentAnnotations }}
-  annotations:
-    {{- range $key, $value := .Values.deploymentAnnotations }}
-    {{ $key }}: {{ $value | quote }}
-    {{- end }}
-  {{- end }}
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-spec:
-  replicas: 1
-  strategy:
-    type: {{ .Values.strategyType }}
-  selector:
-    matchLabels:
-      {{- include "unifi.selectorLabels" . | nindent 6 }}
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: {{ include "unifi.name" . }}
-        app.kubernetes.io/instance: {{ .Release.Name }}
-      {{- if .Values.podAnnotations }}
-      annotations:
-        {{- range $key, $value := .Values.podAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-        {{- end }}
-      {{- end }}
-    spec:
-      containers:
-      {{- if .Values.logging.promtail.enabled }}
-        - name: {{ .Chart.Name }}-promtail
-          image: "{{ .Values.logging.promtail.image.repository }}:{{ .Values.logging.promtail.image.tag }}"
-          imagePullPolicy: {{ .Values.logging.promtail.image.pullPolicy }}
-          args:
-          - -config.file=/etc/promtail/promtail.yaml
-          volumeMounts:
-          - name: promtail-config
-            mountPath: /etc/promtail/promtail.yaml
-            subPath: promtail.yaml
-            readOnly: true
-          - mountPath: /unifi/log
-            name: unifi-data
-            subPath: {{ ternary "log" (printf "%s/%s" .Values.persistence.subPath "log") (empty .Values.persistence.subPath) }}
-      {{- end }}      
-        - name: {{ .Chart.Name }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          ports:
-            - name: https-gui
-              containerPort: {{ .Values.guiService.port }}
-              protocol: TCP
-            - name: controller
-              containerPort: {{ .Values.controllerService.port }}
-              protocol: TCP
-            - name: discovery
-              containerPort: 10001
-              protocol: UDP
-            - name: stun
-              containerPort: 3478
-              protocol: UDP
-            - name: syslog
-              containerPort: 5514
-              protocol: UDP
-            {{- if .Values.captivePortalService.enabled }}
-            - name: http-captive
-              containerPort: {{ .Values.captivePortalService.http }}
-              protocol: TCP
-            - name: https-captive
-              containerPort: {{ .Values.captivePortalService.https }}
-              protocol: TCP
-            {{- end }}
-            - name: speedtest
-              containerPort: 6789
-              protocol: TCP
-          {{- if not .Values.runAsRoot }}
-          securityContext:
-            capabilities:
-              add:
-                - SETFCAP
-          {{- end }}
-          {{- if .Values.livenessProbe.enabled }}
-          livenessProbe:
-            httpGet:
-              path: /status
-              port: https-gui
-              scheme: HTTPS
-            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
-            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
-            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
-            successThreshold: {{ .Values.livenessProbe.successThreshold }}
-            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
-          {{- end }}
-          {{- if .Values.readinessProbe.enabled }}
-          readinessProbe:
-            httpGet:
-              path: /status
-              port: https-gui
-              scheme: HTTPS
-            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
-            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
-            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
-            successThreshold: {{ .Values.readinessProbe.successThreshold }}
-            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
-          {{- end }}
-          env:
-            - name: UNIFI_HTTP_PORT
-              value: "{{ .Values.controllerService.port }}"
-            - name: UNIFI_HTTPS_PORT
-              value: "{{ .Values.guiService.port }}"
-            - name: TZ
-              value: "{{ .Values.timezone }}"
-            - name: RUNAS_UID0
-              value: "{{ .Values.runAsRoot }}"
-            - name: UNIFI_UID
-              value: "{{ .Values.UID }}"
-            - name: UNIFI_GID
-              value: "{{ .Values.GID }}"
-            - name: UNIFI_STDOUT
-              value: "true"
-            {{- if .Values.extraJvmOpts }}
-            - name: JVM_EXTRA_OPTS
-              value: "{{- join " " .Values.extraJvmOpts }}"
-            {{- end }}
-            {{- if .Values.jvmInitHeapSize }}
-            - name: JVM_INIT_HEAP_SIZE
-              value: "{{ .Values.jvmInitHeapSize }}"
-            {{- end }}
-            {{- if .Values.jvmMaxHeapSize }}
-            - name: JVM_MAX_HEAP_SIZE
-              value: "{{ .Values.jvmMaxHeapSize }}"
-            {{- end }}
-            {{- if .Values.mongodb.enabled }}
-            - name: DB_URI
-              value: "{{ .Values.mongodb.dbUri }}"
-            - name: STATDB_URI
-              value: "{{ .Values.mongodb.statDbUri }}"
-            - name: DB_NAME
-              value: "{{ .Values.mongodb.databaseName }}"
-            {{- end }}
-            {{- if and .Values.customCert .Values.customCert.enabled }}
-            - name: CERT_IS_CHAIN
-              value: "{{ .Values.customCert.isChain }}"
-            - name: CERTNAME
-              value: "{{ .Values.customCert.certName }}"
-            - name: CERT_PRIVATE_NAME
-              value: "{{ .Values.customCert.keyName }}"
-            {{- end }}
-          volumeMounts:
-            - mountPath: /unifi/data
-              name: unifi-data
-              subPath: {{ ternary "data" (printf "%s/%s" .Values.persistence.subPath "data") (empty .Values.persistence.subPath) }}
-            - mountPath: /unifi/log
-              name: unifi-data
-              subPath: {{ ternary "log" (printf "%s/%s" .Values.persistence.subPath "log") (empty .Values.persistence.subPath) }}
-            - mountPath: /unifi/cert
-              {{- if and .Values.customCert .Values.customCert.enabled .Values.customCert.certSecret }}
-              name: unifi-cert-secret
-              {{- else }}
-              name: unifi-data
-              subPath: {{ ternary "cert" (printf "%s/%s" .Values.persistence.subPath "cert") (empty .Values.persistence.subPath) }}
-              {{- end }}
-            - mountPath: /unifi/init.d
-              name: unifi-data
-              subPath: {{ ternary "init.d" (printf "%s/%s" .Values.persistence.subPath "init.d") (empty .Values.persistence.subPath) }}
-            {{- if .Values.extraConfigFiles }}
-            - name: extra-config
-              mountPath: /configmap
-            {{- end }}
-            {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 12 }}{{ end }}
-          resources:
-{{ toYaml .Values.resources | indent 12 }}
-      volumes:
-        - name: unifi-data
-        {{- if .Values.persistence.enabled }}
-          persistentVolumeClaim:
-            claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "unifi.fullname" . }}{{- end }}
-        {{- else }}
-          emptyDir: {}
-        {{ end }}
-        {{- if .Values.extraConfigFiles }}
-        - name: extra-config
-          configMap:
-            name: {{ template "unifi.fullname" . }}
-        {{- end }}
-        {{- if and .Values.customCert .Values.customCert.enabled .Values.customCert.certSecret }}
-        - name: unifi-cert-secret
-          secret:
-            secretName: "{{ .Values.customCert.certSecret }}"
-        {{- end }}
-        {{- if .Values.logging.promtail.enabled }}
-        - name: promtail-config
-          projected:
-            defaultMode: 0444
-            sources:
-            - configMap:
-                name: {{ template "unifi.fullname" . }}-promtail
-                items:
-                  - key: promtail.yaml
-                    path: promtail.yaml
-        {{- end }}        
-        {{- if .Values.extraVolumes  }}{{ toYaml .Values.extraVolumes | trim | nindent 8 }}{{ end }}
-    {{- with .Values.nodeSelector }}
-      nodeSelector:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-    {{- with .Values.affinity }}
-      affinity:
-{{ toYaml . | indent 8 }}
-    {{- end }}
-    {{- with .Values.tolerations }}
-      tolerations:
-{{ toYaml . | indent 8 }}
-    {{- end }}

charts/stable/unifi/templates/discovery-svc.yaml

@@ -1,53 +0,0 @@
-{{ if not .Values.unifiedService.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}-discovery
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.discoveryService.labels }}
-{{ toYaml .Values.discoveryService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.discoveryService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.discoveryService.type "ClusterIP") (empty .Values.discoveryService.type)) }}
-  type: ClusterIP
-  {{- if .Values.discoveryService.clusterIP }}
-  clusterIP: {{ .Values.discoveryService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.discoveryService.type "LoadBalancer" }}
-  type: {{ .Values.discoveryService.type }}
-  {{- if .Values.discoveryService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.discoveryService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.discoveryService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.discoveryService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.discoveryService.type }}
-{{- end }}
-{{- if .Values.discoveryService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.discoveryService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.discoveryService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.discoveryService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - port: {{ .Values.discoveryService.port }}
-      targetPort: discovery
-      protocol: UDP
-      name: discovery
-{{ if (and (eq .Values.discoveryService.type "NodePort") (not (empty .Values.discoveryService.nodePort))) }}
-      nodePort: {{.Values.discoveryService.nodePort}}
-{{ end }}
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 4 }}
-{{ end }}

charts/stable/unifi/templates/gui-svc.yaml

@@ -1,53 +0,0 @@
-{{ if not .Values.unifiedService.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}-gui
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.guiService.labels }}
-{{ toYaml .Values.guiService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.guiService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.guiService.type "ClusterIP") (empty .Values.guiService.type)) }}
-  type: ClusterIP
-  {{- if .Values.guiService.clusterIP }}
-  clusterIP: {{ .Values.guiService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.guiService.type "LoadBalancer" }}
-  type: {{ .Values.guiService.type }}
-  {{- if .Values.guiService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.guiService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.guiService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.guiService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.guiService.type }}
-{{- end }}
-{{- if .Values.guiService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.guiService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.guiService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.guiService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - name: https-gui
-      port: {{ .Values.guiService.port }}
-      protocol: TCP
-      targetPort: https-gui
-{{ if (and (eq .Values.guiService.type "NodePort") (not (empty .Values.guiService.nodePort))) }}
-      nodePort: {{.Values.guiService.nodePort}}
-{{ end }}
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 4 }}
-{{ end }}

charts/stable/unifi/templates/ingress.yaml

@@ -1,60 +0,0 @@
-{{- if .Values.ingress.enabled -}}
-{{- $fullName := include "unifi.fullname" . -}}
-{{- $ingressPath := .Values.ingress.path -}}
-{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}}
-{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1
-{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1beta1
-{{- else -}}
-apiVersion: extensions/v1beta1
-{{- end }}
-kind: Ingress
-metadata:
-  name: {{ $fullName }}
-{{- with .Values.ingress.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-  labels:
-    {{- include "unifi.labels" . | nindent 4 }}
-spec:
-{{- if .Values.ingress.tls }}
-  tls:
-  {{- range .Values.ingress.tls }}
-    - hosts:
-      {{- range .hosts }}
-        - {{ . | quote }}
-      {{- end }}
-      secretName: {{ .secretName }}
-  {{- end }}
-{{- end }}
-  rules:
-    {{- range .Values.ingress.hosts }}
-    - host: {{ . }}
-      http:
-        paths:
-          - path: {{ $ingressPath }}
-            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
-            pathType: Prefix
-            {{- end }}
-            backend:
-            {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
-              service:
-                {{- if $unifiedServiceEnabled }}
-                name: {{ $fullName }}
-                {{- else }}
-                name: {{ $fullName }}-gui
-                {{- end }}
-                port:
-                  name: https-gui
-            {{- else -}}
-              {{- if $unifiedServiceEnabled }}
-              serviceName: {{ $fullName }}
-              {{- else }}
-              serviceName: {{ $fullName }}-gui
-              {{- end }}
-              servicePort: https-gui
-            {{- end -}}
-  {{- end }}
-{{- end }}

charts/stable/unifi/templates/promtail-configmap.yaml

@@ -1,34 +0,0 @@
-{{- if .Values.logging.promtail.enabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ template "unifi.fullname" . }}-promtail
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-data:
-  promtail.yaml: |
-    server:
-      disable: true
-    positions:
-      filename: /tmp/positions.yaml
-    clients:
-    - url: {{ .Values.logging.promtail.loki.url }}
-    scrape_configs:
-    - job_name: unifi-logs
-      static_configs:
-      - targets:
-          - localhost
-        labels:
-          job: unifi-logs
-          __path__: "/unifi/log/*.log"
-    - job_name: unifi-remote-logs
-      static_configs:
-      - targets:
-          - localhost
-        labels:
-          job: unifi-remote-logs
-          __path__: "/unifi/log/remote/*.log"
-{{- end }}

charts/stable/unifi/templates/pvc.yaml

@@ -1,24 +0,0 @@
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  name: {{ template "unifi.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-spec:
-  accessModes:
-    - {{ .Values.persistence.accessMode | quote }}
-  resources:
-    requests:
-      storage: {{ .Values.persistence.size | quote }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
-  storageClassName: ""
-{{- else }}
-  storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
-{{- end -}}

charts/stable/unifi/templates/speedtest-svc.yaml

@@ -1,53 +0,0 @@
-{{ if not .Values.unifiedService.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}-speedtest
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.speedtestService.labels }}
-{{ toYaml .Values.speedtestService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.speedtestService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.speedtestService.type "ClusterIP") (empty .Values.speedtestService.type)) }}
-  type: ClusterIP
-  {{- if .Values.speedtestService.clusterIP }}
-  clusterIP: {{ .Values.speedtestService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.speedtestService.type "LoadBalancer" }}
-  type: {{ .Values.speedtestService.type }}
-  {{- if .Values.speedtestService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.speedtestService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.speedtestService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.speedtestService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.speedtestService.type }}
-{{- end }}
-{{- if .Values.speedtestService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.speedtestService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.speedtestService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.speedtestService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - port: {{ .Values.speedtestService.port }}
-      targetPort: speedtest
-      protocol: TCP
-      name: speedtest
-{{ if (and (eq .Values.speedtestService.type "NodePort") (not (empty .Values.speedtestService.nodePort))) }}
-      nodePort: {{.Values.speedtestService.nodePort}}
-{{ end }}
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 4 }}
-{{ end }}

charts/stable/unifi/templates/stun-svc.yaml

@@ -1,53 +0,0 @@
-{{ if not .Values.unifiedService.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}-stun
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.stunService.labels }}
-{{ toYaml .Values.stunService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.stunService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.stunService.type "ClusterIP") (empty .Values.stunService.type)) }}
-  type: ClusterIP
-  {{- if .Values.stunService.clusterIP }}
-  clusterIP: {{ .Values.stunService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.stunService.type "LoadBalancer" }}
-  type: {{ .Values.stunService.type }}
-  {{- if .Values.stunService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.stunService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.stunService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.stunService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.stunService.type }}
-{{- end }}
-{{- if .Values.stunService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.stunService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.stunService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.stunService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - port: {{ .Values.stunService.port }}
-      targetPort: stun
-      protocol: UDP
-      name: stun
-{{ if (and (eq .Values.stunService.type "NodePort") (not (empty .Values.stunService.nodePort))) }}
-      nodePort: {{.Values.stunService.nodePort}}
-{{ end }}
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 4 }}
-{{ end }}

charts/stable/unifi/templates/syslog-svc.yaml

@@ -1,53 +0,0 @@
-{{ if and (not (.Values.unifiedService.enabled)) .Values.syslogService.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}-syslog
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.syslogService.labels }}
-{{ toYaml .Values.syslogService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.syslogService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.syslogService.type "ClusterIP") (empty .Values.syslogService.type)) }}
-  type: ClusterIP
-  {{- if .Values.syslogService.clusterIP }}
-  clusterIP: {{ .Values.syslogService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.syslogService.type "LoadBalancer" }}
-  type: {{ .Values.syslogService.type }}
-  {{- if .Values.syslogService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.syslogService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.syslogService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.syslogService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.syslogService.type }}
-{{- end }}
-{{- if .Values.syslogService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.syslogService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.syslogService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.syslogService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - port: {{ .Values.syslogService.port }}
-      targetPort: syslog
-      protocol: UDP
-      name: syslog
-{{ if (and (eq .Values.syslogService.type "NodePort") (not (empty .Values.syslogService.nodePort))) }}
-      nodePort: {{.Values.syslogService.nodePort}}
-{{ end }}
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 4 }}
-{{ end }}

charts/stable/unifi/templates/unified-svc.yaml

@@ -1,106 +0,0 @@
-{{ if .Values.unifiedService.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "unifi.fullname" . }}
-  labels:
-    app.kubernetes.io/name: {{ include "unifi.name" . }}
-    helm.sh/chart: {{ include "unifi.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-{{- if .Values.unifiedService.labels }}
-{{ toYaml .Values.unifiedService.labels | indent 4 }}
-{{- end }}
-{{- with .Values.unifiedService.annotations }}
-  annotations:
-{{ toYaml . | indent 4 }}
-{{- end }}
-spec:
-{{- if (or (eq .Values.unifiedService.type "ClusterIP") (empty .Values.unifiedService.type)) }}
-  type: ClusterIP
-  {{- if .Values.unifiedService.clusterIP }}
-  clusterIP: {{ .Values.unifiedService.clusterIP }}
-  {{end}}
-{{- else if eq .Values.unifiedService.type "LoadBalancer" }}
-  type: {{ .Values.unifiedService.type }}
-  {{- if .Values.unifiedService.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.unifiedService.loadBalancerIP }}
-  {{- end }}
-  {{- if .Values.unifiedService.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges:
-{{ toYaml .Values.unifiedService.loadBalancerSourceRanges | indent 4 }}
-  {{- end -}}
-{{- else }}
-  type: {{ .Values.unifiedService.type }}
-{{- end }}
-{{- if .Values.unifiedService.externalIPs }}
-  externalIPs:
-{{ toYaml .Values.unifiedService.externalIPs | indent 4 }}
-{{- end }}
-  {{- if .Values.unifiedService.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.unifiedService.externalTrafficPolicy }}
-  {{- end }}
-  ports:
-    - port: {{ .Values.controllerService.port }}
-      targetPort: controller
-      protocol: TCP
-      name: controller
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.controllerService.nodePort))) }}
-      nodePort: {{.Values.controllerService.nodePort}}
-{{ end }}
-    - port: {{ .Values.discoveryService.port }}
-      targetPort: discovery
-      protocol: UDP
-      name: discovery
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.discoveryService.nodePort))) }}
-      nodePort: {{.Values.discoveryService.nodePort}}
-{{ end }}
-    - port: {{ .Values.stunService.port }}
-      targetPort: stun
-      protocol: UDP
-      name: stun
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.stunService.nodePort))) }}
-      nodePort: {{.Values.stunService.nodePort}}
-{{ end }}
-    - port: {{ .Values.syslogService.port }}
-      targetPort: syslog
-      protocol: UDP
-      name: syslog
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.syslogService.nodePort))) }}
-      nodePort: {{.Values.syslogService.nodePort}}
-{{ end }}
-    - name: https-gui
-      port: {{ .Values.guiService.port }}
-      protocol: TCP
-      targetPort: https-gui
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.guiService.nodePort))) }}
-      nodePort: {{.Values.guiService.nodePort}}
-{{ end }}
-{{ if .Values.captivePortalService.enabled }}
-    - name: http-captive
-      port: {{ .Values.captivePortalService.http }}
-      protocol: TCP
-      targetPort: http-captive
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.captivePortalService.http))) }}
-      nodePort: {{.Values.captivePortalService.http}}
-{{ end }}
-    - name: https-captive
-      port: {{ .Values.captivePortalService.https }}
-      protocol: TCP
-      targetPort: https-captive
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.captivePortalService.https))) }}
-      nodePort: {{.Values.captivePortalService.https}}
-{{ end }}
-    - port: {{ .Values.speedtestService.port }}
-      targetPort: speedtest
-      protocol: TCP
-      name: speedtest
-{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.speedtestService.nodePort))) }}
-      nodePort: {{.Values.speedtestService.nodePort}}
-{{ end }}
-{{ end }}
-
-  selector:
-    {{- include "unifi.selectorLabels" . | nindent 4 }}
-{{ end }}
-

charts/stable/unifi/values.yaml

@@ -1,350 +1,126 @@
-# Default values for unifi.
+#
-# This is a YAML-formatted file.
+# IMPORTANT NOTE
-# Declare variables to be passed into your templates.
+#
-
+# This chart inherits from our common library chart. You can check the default values/options here:
-# -- upgrade strategy type (e.g. Recreate or RollingUpdate)
+# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
-strategyType: Recreate
+#
 
 image:
+  # -- image repository
   repository: jacobalberty/unifi
-  tag: 6.2.25
+  # -- image tag
+  tag: v6.2.26
+  # -- image pull policy
   pullPolicy: IfNotPresent
 
-# If enabled, the controller, discovery, GUI, STUN and syslog services will not be
+# -- environment variables. See more environment variables in the [image documentation](https://github.com/jacobalberty/unifi-docker#environment-variables).
-# created.
+# @default -- See below
-# Instead, one service will be created with the port and nodePort settings from
+env:
-# controllerService, discoveryService, guiService, stunService and syslogService.
+  # -- Set the container timezone
-# This is useful if, for example, the ClusterIP network is routable and being
+  TZ: UTC
-# accessed directly by access points, and the APs don't have a way to discern
+  # -- Run UniFi as root
-# different services on different IPs.
+  RUNAS_UID0: "false"
-unifiedService:
+  # -- Specify the user ID the application will run as
-  enabled: false
+  UNIFI_UID: "999"
-  # -- Kubernetes service type
+  # -- Specify the group ID the application will run as
-  type: ClusterIP
+  UNIFI_GID: "999"
-  # -- (int) Specify the nodePort value for the LoadBalancer and NodePort service types.
+  # -- Java Virtual Machine (JVM) initial, and minimum, heap size
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+  # Unset value means there is no lower limit
-  #
+  JVM_INIT_HEAP_SIZE:
-  nodePort:
+  # -- Java Virtual Machine (JVM) maximum heap size
-  # -- Provide any additional annotations which may be required. This can be used to
+  # For larger installations a larger value is recommended.
-  # set the LoadBalancer service type to internal only.
+  # For memory constrained system this value can be lowered.
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
+  JVM_MAX_HEAP_SIZE: 1024M
-  annotations: {}
-  labels: {}
-  # -- Use loadBalancerIP to request a specific static IP,
-  # otherwise leave blank
-  loadBalancerIP:
-  # -- (list) loadBalancerSourceRanges
-  loadBalancerSourceRanges:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
-  externalTrafficPolicy:
 
-guiService:
+# -- Configures service settings for the chart.
-  # -- Kubernetes service type
+# @default -- See values.yaml
-  type: ClusterIP
+service:
-  # -- Kubernetes port where the service is exposed
+  main:
+    ports:
+      # -- Configure Web interface + API port
+      # @default -- See values.yaml
+      http:
         port: 8443
-  # -- (int) Specify the nodePort value for the LoadBalancer and NodePort service types.
+      # -- Configure Controller port used for device command/control
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+      # @default -- See values.yaml
-  #
+      controller:
-  nodePort:
+        enabled: true
-  # -- Provide any additional annotations which may be required. This can be used to
-  # set the LoadBalancer service type to internal only.
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
-  annotations: {}
-  labels: {}
-  # -- Use loadBalancerIP to request a specific static IP,
-  # otherwise leave blank
-  loadBalancerIP:
-  # -- (list) loadBalancerSourceRanges
-  loadBalancerSourceRanges:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
-  externalTrafficPolicy:
-
-captivePortalService:
-  enabled: false
-  # -- Kubernetes service type
-  type: ClusterIP
-  # -- Kubernetes port where the http service is exposed
-  http: 8880
-  # -- Kubernetes port where the https service is exposed
-  https: 8843
-  # -- Provide any additional annotations which may be required. This can be used to
-  # set the LoadBalancer service type to internal only.
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
-  annotations: {}
-  labels: {}
-  # -- Use loadBalancerIP to request a specific static IP,
-  # otherwise leave blank
-  loadBalancerIP:
-  # -- (list) loadBalancerSourceRanges
-  loadBalancerSourceRanges:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
-  externalTrafficPolicy:
-
-  # -- Ingress settings
-  ingress:
-    enabled: false
-    annotations: {}
-    path: /
-    hosts:
-      - chart-example.local
-    tls: []
-
-controllerService:
-  # -- Kubernetes service type
-  type: NodePort
-  # -- Kubernetes port where the service is exposed
         port: 8080
-  # -- Provide any additional annotations which may be required. This can be used to
+        protocol: TCP
-  # set the LoadBalancer service type to internal only.
+      # -- Configure Captive Portal HTTP port
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
+      # @default -- See values.yaml
-  annotations: {}
+      portal-http:
-  labels: {}
-  # -- Use loadBalancerIP to request a specific static IP,
-  # otherwise leave blank
-  loadBalancerIP:
-  # -- (list) loadBalancerSourceRanges
-  loadBalancerSourceRanges:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
-  externalTrafficPolicy:
-
-  # -- Ingress settings
-  ingress:
         enabled: false
-    annotations: {}
+        port: 8880
-    path: /
+        protocol: HTTP
-    hosts:
+      # -- Configure Captive Portal HTTPS port
-      - chart-example.local
+      # @default -- See values.yaml
-    tls: []
+      portal-https:
-
-stunService:
-  # -- Kubernetes service type
-  type: NodePort
-  # -- Kubernetes port where the service is exposed
-  port: 3478
-  # -- Provide any additional annotations which may be required. This can be used to
-  # set the LoadBalancer service type to internal only.
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
-  annotations: {}
-  labels: {}
-  # -- Use loadBalancerIP to request a specific static IP,
-  # otherwise leave blank
-  loadBalancerIP:
-  # -- (list) loadBalancerSourceRanges
-  loadBalancerSourceRanges:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
-  externalTrafficPolicy:
-
-discoveryService:
-  # -- Kubernetes service type
-  type: NodePort
-  # -- Kubernetes port where the service is exposed
-  port: 10001
-  # -- Provide any additional annotations which may be required. This can be used to
-  # set the LoadBalancer service type to internal only.
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
-  annotations: {}
-  labels: {}
-  # -- Use loadBalancerIP to request a specific static IP,
-  # otherwise leave blank
-  loadBalancerIP:
-  # -- (list) loadBalancerSourceRanges
-  loadBalancerSourceRanges:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
-  externalTrafficPolicy:
-
-syslogService:
         enabled: false
-  # -- Kubernetes service type
+        port: 8843
-  type: NodePort
+        protocol: HTTPS
-  # -- Kubernetes port where the service is exposed
+      # -- Configure Speedtest port (used for UniFi mobile speed test)
-  port: 5514
+      # @default -- See values.yaml
-  # -- Provide any additional annotations which may be required. This can be used to
+      speedtest:
-  # set the LoadBalancer service type to internal only.
+        enabled: true
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
-  annotations: {}
-  labels: {}
-  # -- Use loadBalancerIP to request a specific static IP,
-  # otherwise leave blank
-  loadBalancerIP:
-  # -- (list) loadBalancerSourceRanges
-  loadBalancerSourceRanges:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
-  externalTrafficPolicy:
-
-speedtestService:
-  # -- Kubernetes service type
-  type: ClusterIP
-  # -- Kubernetes port where the service is exposed
         port: 6789
-  # -- Provide any additional annotations which may be required. This can be used to
+        protocol: TCP
-  # set the LoadBalancer service type to internal only.
+      # -- Configure STUN port
-  # ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
+      # @default -- See values.yaml
-  annotations: {}
+      stun:
-  labels: {}
+        enabled: true
-  # -- Use loadBalancerIP to request a specific static IP,
+        port: 3478
-  # otherwise leave blank
+        protocol: UDP
-  loadBalancerIP:
+      # -- Configure remote syslog port
-  # -- (list) loadBalancerSourceRanges
+      # @default -- See values.yaml
-  loadBalancerSourceRanges:
+      syslog:
-  # -- Set the externalTrafficPolicy in the Service to either Cluster or Local
+        enabled: true
-  externalTrafficPolicy:
+        port: 5514
+        protocol: UDP
+      # -- Configure device discovery port
+      # @default -- See values.yaml
+      discovery:
+        enabled: true
+        port: 10001
+        protocol: UDP
 
-
-# -- Ingress settings
 ingress:
+  # -- Enable and configure ingress settings for the chart under this key.
+  # @default -- See values.yaml
+  main:
     enabled: false
-  annotations: {}
+    annotations:
-  path: /
+      nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+      traefik.ingress.kubernetes.io/service.serversscheme: https
+
+  # -- Enable and configure settings for the captive portal ingress under this key.
+  # @default -- See values.yaml
+  portal:
+    enabled: false
+    annotations:
+      nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+      traefik.ingress.kubernetes.io/service.serversscheme: https
+
+    ingressClassName:  # "nginx"
+
     hosts:
-    - chart-example.local
+      -  ## Host address. Helm template can be passed.
-  tls: []
+        host:
-
+        ## Configure the paths for the host
-timezone: UTC
+        paths:
-
+          -  ## Path. Helm template can be passed.
-runAsRoot: false
+            path: /
-UID: 999
+            ## Ignored if not kubeVersion >= 1.14-0
-GID: 999
+            pathType: Prefix
-
+            service:
-# -- If you provide your own custom certificate in <unifi-data>/cert
+              ## Overrides the service name reference for this path
-# you can define the following parameters to configure the controller
+              name: main
-customCert:
+              ## Overrides the service port reference for this path
-  enabled: false
+              port: portal-https
-  isChain: false
-  certName: tls.crt
-  keyName: tls.key
-  # If you want to store certificate and its key as a Kubernetes tls secret
-  # you can pass the name of that secret using certSecret variable
-  # certSecret: unifi-tls
-
-# -- Logging configuration
-logging:
-  promtail:
-    enabled: false
-    image:
-      repository: grafana/promtail
-      tag: 1.6.0
-      pullPolicy: IfNotPresent
-    loki:
-      url: http://loki.logs.svc.cluster.local:3100/loki/api/v1/push
-
-# -- define an external mongoDB instead of using the built-in mongodb
-mongodb:
-  enabled: false
-  dbUri: mongodb://mongo/unifi
-  statDbUri: mongodb://mongo/unifi_stat
-  databaseName: unifi
 
+# -- Configure persistence settings for the chart under this key.
+# @default -- See values.yaml
 persistence:
-  # -- Use persistent volume to store data
+  data:
     enabled: false
-  # -- (string) Type of persistent volume claim
+    mountPath: /unifi/data
-  storageClass:
-  # -- (string) Use an existing PVC to persist data
-  existingClaim:
-  # -- Persistence access modes
-  accessMode: ReadWriteOnce
-  # -- Size of persistent volume claim
-  size: 5Gi
-  # -- Do not delete the pvc upon helm uninstall
-  skipuninstall: false
-
-extraVolumes: []
-  ## specify additional volume to be used by extraVolumeMounts inside unifi container
-  # - name: additional-volume
-  #   hostPath:
-  #     path: /path/on/host
-  #     type: DirectoryOrCreate
-
-extraVolumeMounts: []
-  ## specify additional VolumeMount to be mounted inside unifi container
-  # - name: additional-volume
-  #   mountPath: /path/in/container
-
-extraJvmOpts: []
-  ## Extra java options
-  ## Here are some examples of valid JVM options:
-  ##
-  # - "-XX:MaxMetaspaceSize=256m"
-  # - "-Dlog4j.configurationFile=file:/configmap/log4j2.xml"
-  # - "-Dsystem_ip=1.2.3.4"
-
-# -- Java Virtual Machine (JVM) initial, and minimum, heap size
-# Unset value means there is no lower limit
-jvmInitHeapSize:
-
-# -- Java Virtual Machine (JVM) maximum heap size
-# For larger installations a larger value is recommended.
-# For memory constrained system this value can be lowered.
-jvmMaxHeapSize: 1024M
-
-extraConfigFiles: {}
-  ## Specify additional config files which are mounted to /configmap
-  ## Here is an example for a custom log4j config:
-  ##
-  # log4j2.xml: |-
-  #   <?xml version="1.0" encoding="UTF-8"?>
-  #   <Configuration>
-  #     <Appenders>
-  #       <InMemoryAppender name="InMemoryAppender" activatedLogging="false">
-  #         <PatternLayout pattern="[%d{ISO8601}] &lt;%t&gt; %-5p %-6c{1} - %m%n" />
-  #       </InMemoryAppender>
-  #       <RollingFile name="server_log" fileName="logs/server.log" filePattern="logs/server.log.%i">
-  #         <PatternLayout pattern="[%d{ISO8601}] &lt;%t&gt; %-5p %-6c{1} - %m%n" />
-  #         <SizeBasedTriggeringPolicy size="10 MB"/>
-  #         <DefaultRolloverStrategy max="3" fileIndex="min" />
-  #       </RollingFile>
-  #       <Console name="STDOUT" target="SYSTEM_OUT">
-  #         <PatternLayout pattern="&lt;%t&gt; %-5p %-6c{1} - %m%n"/>
-  #       </Console>
-  #     </Appenders>
-  #     <Loggers>
-  #       <Root level="INFO">
-  #         <AppenderRef ref="InMemoryAppender" />
-  #         <AppenderRef ref="server_log" />
-  #         <AppenderRef ref="STDOUT" />
-  #       </Root>
-  #     </Loggers>
-  #   </Configuration>
-
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
-  #  cpu: 100m
-  #  memory: 128Mi
-  # requests:
-  #  cpu: 100m
-  #  memory: 128Mi
-
-# -- Liveness probe values
-# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
-livenessProbe:
-  enabled: true
-  initialDelaySeconds: 30
-  periodSeconds: 10
-  timeoutSeconds: 1
-  failureThreshold: 3
-  successThreshold: 1
-
-# -- Readiness probe values
-# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
-readinessProbe:
-  enabled: true
-  initialDelaySeconds: 15
-  periodSeconds: 10
-  timeoutSeconds: 1
-  failureThreshold: 3
-  successThreshold: 1
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}
-
-podAnnotations: {}
-
-deploymentAnnotations: {}