master-group/charts
2
0
Fork 0
mirror of https://github.com/k8s-at-home/charts.git synced 2025-02-02 23:39:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

[unifi] Migrate to common library (#1101)

Browse Source
This commit is contained in:
Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs 2021-08-05 23:06:27 +02:00 committed by GitHub
parent 2216127da4
commit d80eeedd4c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
24 changed files with 249 additions and 1532 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
charts/stable/unifi/.helmignore
View File

@ -19,5 +19,8 @@
.project .project
.idea/ .idea/
*.tmproj *.tmproj
.vscode/
# OWNERS file for Kubernetes # OWNERS file for Kubernetes
OWNERS OWNERS
# helm-docs templates
*.gotmpl

9
charts/stable/unifi/Chart.yaml
View File

@ -1,12 +1,11 @@
apiVersion: v2 apiVersion: v2
appVersion: 6.2.25 appVersion: v6.2.26
description: Ubiquiti Network's Unifi Controller description: Ubiquiti Network's Unifi Controller
name: unifi name: unifi
version: 2.0.4 version: 3.0.0
keywords: keywords:
- ubiquiti - ubiquiti
- unifi - unifi
- mongodb
home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/unifi home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/unifi
icon: https://prd-www-cdn.ubnt.com/static/favicon-152.png icon: https://prd-www-cdn.ubnt.com/static/favicon-152.png
sources: sources:
@ -16,3 +15,7 @@ maintainers:
email: jeff@billimek.com email: jeff@billimek.com
- name: mcronce - name: mcronce
email: mike@quadra-tec.net email: mike@quadra-tec.net
dependencies:
- name: common
repository: https://library-charts.k8s-at-home.com
version: 3.3.0

199
charts/stable/unifi/README.md
View File

@ -1,6 +1,6 @@
# unifi # unifi
![Version: 2.0.4](https://img.shields.io/badge/Version-2.0.4-informational?style=flat-square) ![AppVersion: 6.2.25](https://img.shields.io/badge/AppVersion-6.2.25-informational?style=flat-square) ![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![AppVersion: v6.2.26](https://img.shields.io/badge/AppVersion-v6.2.26-informational?style=flat-square)
Ubiquiti Network's Unifi Controller Ubiquiti Network's Unifi Controller
@ -16,6 +16,7 @@ Ubiquiti Network's Unifi Controller
| Repository | Name | Version | | Repository | Name | Version |
|------------|------|---------| |------------|------|---------|
| https://library-charts.k8s-at-home.com | common | 3.3.0 |
## TL;DR ## TL;DR
@ -66,41 +67,35 @@ helm install unifi k8s-at-home/unifi -f values.yaml
### Regarding the services ### Regarding the services
- `guiService`: Represents the main web UI and is what one would normally point By default it is not possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways:
the ingress to.
- `captivePortalService`: This service is used to allow the captive portal webpage
to be accessible. It needs to be reachable by the clients connecting to your guest
network.
- `controllerService`: This is needed in order for the unifi devices to talk to
the controller and must be otherwise exposed to the network where the unifi
devices run. If you run this as a `NodePort` (the default setting), make sure
that there is an external load balancer that is directing traffic from port
8080 to the `NodePort` for this service.
- `discoveryService`: This needs to be reachable by the unifi devices on the
network similar to the controller `Service` but only during the discovery
phase. This is a UDP service.
- `stunService`: Also used periodically by the unifi devices to communicate
with the controller using UDP. See [this article][ubnt 3] and [this other
article][ubnt 4] for more information.
- `syslogService`: Used to capture syslog from Unifi devices if the feature is
enabled in the site configuration. This needs to be reachable by Unifi devices
on port 5514/UDP.
- `speedtestService`: Used for mobile speedtest inside the UniFi Mobile app.
This needs to be reachable by clients connecting to port 6789/TCP.
### Ingress and HTTPS 1. Create a separate service containing the UDP ports. This could be done by setting disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`:
Unifi does [not support HTTP][unifi] so if you wish to use the guiService, you
need to ensure that you use a backend transport of HTTPS.
An example entry in `values.yaml` to achieve this is as follows:
```yaml
service:
udp:
enabled: true
type: LoadBalancer
# <your other service configuration>
ports:
stun:
enabled: true
port: 3478
protocol: UDP
syslog:
enabled: true
port: 5514
protocol: UDP
discovery:
enabled: true
port: 10001
protocol: UDP
``` ```
ingress:
enabled: true 2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`.
annotations: You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this.
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
``` For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/).
## Values ## Values
@ -108,101 +103,28 @@ ingress:
| Key | Type | Default | Description | | Key | Type | Default | Description |
|-----|------|---------|-------------| |-----|------|---------|-------------|
| GID | int | `999` | | | env | object | See below | environment variables. See more environment variables in the [image documentation](https://github.com/jacobalberty/unifi-docker#environment-variables). |
| UID | int | `999` | | | env.JVM_INIT_HEAP_SIZE | string | `nil` | Java Virtual Machine (JVM) initial, and minimum, heap size Unset value means there is no lower limit |
| affinity | object | `{}` | | | env.JVM_MAX_HEAP_SIZE | string | `"1024M"` | Java Virtual Machine (JVM) maximum heap size For larger installations a larger value is recommended. For memory constrained system this value can be lowered. |
| captivePortalService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | | env.RUNAS_UID0 | string | `"false"` | Run UniFi as root |
| captivePortalService.enabled | bool | `false` | | | env.TZ | string | `"UTC"` | Set the container timezone |
| captivePortalService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | | env.UNIFI_GID | string | `"999"` | Specify the group ID the application will run as |
| captivePortalService.http | int | `8880` | Kubernetes port where the http service is exposed | | env.UNIFI_UID | string | `"999"` | Specify the user ID the application will run as |
| captivePortalService.https | int | `8843` | Kubernetes port where the https service is exposed | | image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| captivePortalService.ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings | | image.repository | string | `"jacobalberty/unifi"` | image repository |
| captivePortalService.labels | object | `{}` | | | image.tag | string | `"v6.2.26"` | image tag |
| captivePortalService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | | ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
| captivePortalService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | | ingress.portal | object | See values.yaml | Enable and configure settings for the captive portal ingress under this key. |
| captivePortalService.type | string | `"ClusterIP"` | Kubernetes service type | | persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
| controllerService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer | | service | object | See values.yaml | Configures service settings for the chart. |
| controllerService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local | | service.main.ports.controller | object | See values.yaml | Configure Controller port used for device command/control |
| controllerService.ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings | | service.main.ports.discovery | object | See values.yaml | Configure device discovery port |
| controllerService.labels | object | `{}` | | | service.main.ports.http | object | See values.yaml | Configure Web interface + API port |
| controllerService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank | | service.main.ports.portal-http | object | See values.yaml | Configure Captive Portal HTTP port |
| controllerService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges | | service.main.ports.portal-https | object | See values.yaml | Configure Captive Portal HTTPS port |
| controllerService.port | int | `8080` | Kubernetes port where the service is exposed | | service.main.ports.speedtest | object | See values.yaml | Configure Speedtest port (used for UniFi mobile speed test) |
| controllerService.type | string | `"NodePort"` | Kubernetes service type | | service.main.ports.stun | object | See values.yaml | Configure STUN port |
| customCert | object | `{"certName":"tls.crt","enabled":false,"isChain":false,"keyName":"tls.key"}` | If you provide your own custom certificate in <unifi-data>/cert you can define the following parameters to configure the controller | | service.main.ports.syslog | object | See values.yaml | Configure remote syslog port |
| deploymentAnnotations | object | `{}` | |
| discoveryService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
| discoveryService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
| discoveryService.labels | object | `{}` | |
| discoveryService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
| discoveryService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
| discoveryService.port | int | `10001` | Kubernetes port where the service is exposed |
| discoveryService.type | string | `"NodePort"` | Kubernetes service type |
| extraConfigFiles | object | `{}` | |
| extraJvmOpts | list | `[]` | |
| extraVolumeMounts | list | `[]` | |
| extraVolumes | list | `[]` | |
| guiService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
| guiService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
| guiService.labels | object | `{}` | |
| guiService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
| guiService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
| guiService.nodePort | int | `nil` | Specify the nodePort value for the LoadBalancer and NodePort service types. ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport |
| guiService.port | int | `8443` | Kubernetes port where the service is exposed |
| guiService.type | string | `"ClusterIP"` | Kubernetes service type |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"jacobalberty/unifi"` | |
| image.tag | string | `"6.2.25"` | |
| ingress | object | `{"annotations":{},"enabled":false,"hosts":["chart-example.local"],"path":"/","tls":[]}` | Ingress settings |
| jvmInitHeapSize | string | `nil` | Java Virtual Machine (JVM) initial, and minimum, heap size Unset value means there is no lower limit |
| jvmMaxHeapSize | string | `"1024M"` | Java Virtual Machine (JVM) maximum heap size For larger installations a larger value is recommended. For memory constrained system this value can be lowered. |
| livenessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":30,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Liveness probe values Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes |
| logging | object | `{"promtail":{"enabled":false,"image":{"pullPolicy":"IfNotPresent","repository":"grafana/promtail","tag":"1.6.0"},"loki":{"url":"http://loki.logs.svc.cluster.local:3100/loki/api/v1/push"}}}` | Logging configuration |
| mongodb | object | `{"databaseName":"unifi","dbUri":"mongodb://mongo/unifi","enabled":false,"statDbUri":"mongodb://mongo/unifi_stat"}` | define an external mongoDB instead of using the built-in mongodb |
| nodeSelector | object | `{}` | |
| persistence.accessMode | string | `"ReadWriteOnce"` | Persistence access modes |
| persistence.enabled | bool | `false` | Use persistent volume to store data |
| persistence.existingClaim | string | `nil` | Use an existing PVC to persist data |
| persistence.size | string | `"5Gi"` | Size of persistent volume claim |
| persistence.skipuninstall | bool | `false` | Do not delete the pvc upon helm uninstall |
| persistence.storageClass | string | `nil` | Type of persistent volume claim |
| podAnnotations | object | `{}` | |
| readinessProbe | object | `{"enabled":true,"failureThreshold":3,"initialDelaySeconds":15,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1}` | Readiness probe values Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes |
| resources | object | `{}` | |
| runAsRoot | bool | `false` | |
| speedtestService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
| speedtestService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
| speedtestService.labels | object | `{}` | |
| speedtestService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
| speedtestService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
| speedtestService.port | int | `6789` | Kubernetes port where the service is exposed |
| speedtestService.type | string | `"ClusterIP"` | Kubernetes service type |
| strategyType | string | `"Recreate"` | upgrade strategy type (e.g. Recreate or RollingUpdate) |
| stunService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
| stunService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
| stunService.labels | object | `{}` | |
| stunService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
| stunService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
| stunService.port | int | `3478` | Kubernetes port where the service is exposed |
| stunService.type | string | `"NodePort"` | Kubernetes service type |
| syslogService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
| syslogService.enabled | bool | `false` | |
| syslogService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
| syslogService.labels | object | `{}` | |
| syslogService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
| syslogService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
| syslogService.port | int | `5514` | Kubernetes port where the service is exposed |
| syslogService.type | string | `"NodePort"` | Kubernetes service type |
| timezone | string | `"UTC"` | |
| tolerations | list | `[]` | |
| unifiedService.annotations | object | `{}` | Provide any additional annotations which may be required. This can be used to set the LoadBalancer service type to internal only. ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer |
| unifiedService.enabled | bool | `false` | |
| unifiedService.externalTrafficPolicy | string | `nil` | Set the externalTrafficPolicy in the Service to either Cluster or Local |
| unifiedService.labels | object | `{}` | |
| unifiedService.loadBalancerIP | string | `nil` | Use loadBalancerIP to request a specific static IP, otherwise leave blank |
| unifiedService.loadBalancerSourceRanges | list | `nil` | loadBalancerSourceRanges |
| unifiedService.nodePort | int | `nil` | Specify the nodePort value for the LoadBalancer and NodePort service types. ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport |
| unifiedService.type | string | `"ClusterIP"` | Kubernetes service type |
## Changelog ## Changelog
@ -210,6 +132,19 @@ All notable changes to this application Helm chart will be documented in this fi
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
### [3.0.0]
#### Changed
- **BREAKING**: Migrated chart to common library. This means that there are many things that work different from before. Please check the `values.yaml` file for the current implementation.
- Changed image tag to `v6.2.26`.
#### Removed
- **BREAKING**: Removed support for deploying a separate MongoDB instance.
- **BREAKING**: Removed support for specifying custom configMaps in chart values.
- **BREAKING**: Removed chart-specific Promtail implementation. This can be replaced by using the common library charts Promtail add-on.
### [2.0.4] ### [2.0.4]
#### Added #### Added
@ -258,9 +193,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- N/A - N/A
[2.0.2]: #2.0.2 [3.0.0]: #300
[2.0.1]: #2.0.1 [2.0.4]: #204
[1.5.3]: #1.5.3 [2.0.2]: #202
[2.0.1]: #201
[1.5.3]: #153
## Support ## Support

21
charts/stable/unifi/README_CHANGELOG.md.gotmpl
View File

@ -9,6 +9,19 @@ All notable changes to this application Helm chart will be documented in this fi
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
### [3.0.0]
#### Changed
- **BREAKING**: Migrated chart to common library. This means that there are many things that work different from before. Please check the `values.yaml` file for the current implementation.
- Changed image tag to `v6.2.26`.
#### Removed
- **BREAKING**: Removed support for deploying a separate MongoDB instance.
- **BREAKING**: Removed support for specifying custom configMaps in chart values.
- **BREAKING**: Removed chart-specific Promtail implementation. This can be replaced by using the common library charts Promtail add-on.
### [2.0.4] ### [2.0.4]
#### Added #### Added
@ -57,7 +70,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- N/A - N/A
[2.0.2]: #2.0.2 [3.0.0]: #300
[2.0.1]: #2.0.1 [2.0.4]: #204
[1.5.3]: #1.5.3 [2.0.2]: #202
[2.0.1]: #201
[1.5.3]: #153
{{- end -}} {{- end -}}

59
charts/stable/unifi/README_CONFIG.md.gotmpl
View File

@ -7,39 +7,34 @@
### Regarding the services ### Regarding the services
- `guiService`: Represents the main web UI and is what one would normally point By default it is not possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways:
the ingress to.
- `captivePortalService`: This service is used to allow the captive portal webpage
to be accessible. It needs to be reachable by the clients connecting to your guest
network.
- `controllerService`: This is needed in order for the unifi devices to talk to
the controller and must be otherwise exposed to the network where the unifi
devices run. If you run this as a `NodePort` (the default setting), make sure
that there is an external load balancer that is directing traffic from port
8080 to the `NodePort` for this service.
- `discoveryService`: This needs to be reachable by the unifi devices on the
network similar to the controller `Service` but only during the discovery
phase. This is a UDP service.
- `stunService`: Also used periodically by the unifi devices to communicate
with the controller using UDP. See [this article][ubnt 3] and [this other
article][ubnt 4] for more information.
- `syslogService`: Used to capture syslog from Unifi devices if the feature is
enabled in the site configuration. This needs to be reachable by Unifi devices
on port 5514/UDP.
- `speedtestService`: Used for mobile speedtest inside the UniFi Mobile app.
This needs to be reachable by clients connecting to port 6789/TCP.
### Ingress and HTTPS 1. Create a separate service containing the UDP ports. This could be done by setting disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`:
Unifi does [not support HTTP][unifi] so if you wish to use the guiService, you
need to ensure that you use a backend transport of HTTPS.
An example entry in `values.yaml` to achieve this is as follows:
```yaml
service:
udp:
enabled: true
type: LoadBalancer
# <your other service configuration>
ports:
stun:
enabled: true
port: 3478
protocol: UDP
syslog:
enabled: true
port: 5514
protocol: UDP
discovery:
enabled: true
port: 10001
protocol: UDP
``` ```
ingress:
enabled: true 2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`.
annotations: You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this.
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
``` For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/).
{{- end -}} {{- end -}}

20
charts/stable/unifi/templates/NOTES.txt
View File

@ -1,19 +1 @@
1. Get the application URL by running these commands: {{- include "common.notes.defaultNotes" . -}}
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }}
{{- else if contains "NodePort" .Values.guiService.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "unifi.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.guiService.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "unifi.fullname" . }}-gui'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "unifi.fullname" . }}-gui -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.guiService.port }}
{{- else if contains "ClusterIP" .Values.guiService.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "unifi.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8443:{.Values.guiService.port}
Visit https://127.0.0.1:8443 to use your application
{{- end }}

52
charts/stable/unifi/templates/_helpers.tpl
View File

@ -1,52 +0,0 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "unifi.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "unifi.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "unifi.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "unifi.labels" -}}
helm.sh/chart: {{ include "unifi.chart" . }}
{{ include "unifi.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "unifi.selectorLabels" -}}
app.kubernetes.io/name: {{ include "unifi.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

64
charts/stable/unifi/templates/captive-ingress.yaml
View File

@ -1,64 +0,0 @@
{{- if (and .Values.captivePortalService.ingress.enabled (not .Values.unifiedService.enabled)) }}
{{- $fullName := include "unifi.fullname" . -}}
{{- $ingressPath := .Values.captivePortalService.ingress.path -}}
{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}}
{{- $captivePortalHttps := .Values.captivePortalService.https -}}
{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}-captive
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.captivePortalService.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if .Values.captivePortalService.ingress.tls }}
tls:
{{- range .Values.captivePortalService.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.captivePortalService.ingress.hosts }}
- host: {{ . }}
http:
paths:
- path: {{ $ingressPath }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}-captiveportalservice
port:
{{- if $captivePortalHttps }}
name: https-captive
{{- else }}
name: http-captive
{{- end }}
{{- else }}
serviceName: {{ $fullName }}-captiveportalservice
{{- if $captivePortalHttps }}
servicePort: https-captive
{{- else }}
servicePort: http-captive
{{- end }}
{{- end -}}
{{- end }}
{{- end }}

60
charts/stable/unifi/templates/captive-svc.yaml
View File

@ -1,60 +0,0 @@
{{ if (and .Values.captivePortalService.enabled (not .Values.unifiedService.enabled)) }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}-captiveportalservice
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.captivePortalService.labels }}
{{ toYaml .Values.captivePortalService.labels | indent 4 }}
{{- end }}
{{- with .Values.captivePortalService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.captivePortalService.type "ClusterIP") (empty .Values.captivePortalService.type)) }}
type: ClusterIP
{{- if .Values.captivePortalService.clusterIP }}
clusterIP: {{ .Values.captivePortalService.clusterIP }}
{{end}}
{{- else if eq .Values.captivePortalService.type "LoadBalancer" }}
type: {{ .Values.captivePortalService.type }}
{{- if .Values.captivePortalService.loadBalancerIP }}
loadBalancerIP: {{ .Values.captivePortalService.loadBalancerIP }}
{{- end }}
{{- if .Values.captivePortalService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.captivePortalService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.captivePortalService.type }}
{{- end }}
{{- if .Values.captivePortalService.externalIPs }}
externalIPs:
{{ toYaml .Values.captivePortalService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.captivePortalService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.captivePortalService.externalTrafficPolicy }}
{{- end }}
ports:
- port: {{ .Values.captivePortalService.http }}
targetPort: http-captive
protocol: TCP
name: http-captive
{{ if (and (eq .Values.captivePortalService.type "NodePort") (not (empty .Values.captivePortalService.http))) }}
nodePort: {{.Values.captivePortalService.http}}
{{ end }}
- port: {{ .Values.captivePortalService.https }}
targetPort: https-captive
protocol: TCP
name: https-captive
{{ if (and (eq .Values.captivePortalService.type "NodePort") (not (empty .Values.captivePortalService.https))) }}
nodePort: {{.Values.captivePortalService.https}}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 6 }}
{{ end }}

11
charts/stable/unifi/templates/common.yaml Normal file
View File

@ -0,0 +1,11 @@
{{- include "common.values.setup" . }}
{{/* Append the hardcoded settings */}}
{{- define "unifi.harcodedValues" -}}
env:
UNIFI_STDOUT: "true"
{{- end -}}
{{- $_ := mergeOverwrite .Values (include "unifi.harcodedValues" . | fromYaml) -}}
{{/* Render the templates */}}
{{ include "common.all" . }}

13
charts/stable/unifi/templates/configmap.yaml
View File

@ -1,13 +0,0 @@
{{- if .Values.extraConfigFiles }}
kind: ConfigMap
apiVersion: v1
metadata:
name: {{ template "unifi.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
{{ toYaml .Values.extraConfigFiles | indent 2 }}
{{- end }}

55
charts/stable/unifi/templates/controller-ingress.yaml
View File

@ -1,55 +0,0 @@
{{- if (and .Values.controllerService.ingress.enabled (not .Values.unifiedService.enabled)) }}
{{- $fullName := include "unifi.fullname" . -}}
{{- $ingressPath := .Values.controllerService.ingress.path -}}
{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}}
{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}-controller
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.controllerService.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if .Values.controllerService.ingress.tls }}
tls:
{{- range .Values.controllerService.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.controllerService.ingress.hosts }}
- host: {{ . }}
http:
paths:
- path: {{ $ingressPath }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ $fullName }}-controller
port:
name: controller
{{- else -}}
serviceName: {{ $fullName }}-controller
servicePort: controller
{{- end }}
{{- end }}
{{- end }}

53
charts/stable/unifi/templates/controller-svc.yaml
View File

@ -1,53 +0,0 @@
{{ if not .Values.unifiedService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}-controller
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.controllerService.labels }}
{{ toYaml .Values.controllerService.labels | indent 4 }}
{{- end }}
{{- with .Values.controllerService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.controllerService.type "ClusterIP") (empty .Values.controllerService.type)) }}
type: ClusterIP
{{- if .Values.controllerService.clusterIP }}
clusterIP: {{ .Values.controllerService.clusterIP }}
{{end}}
{{- else if eq .Values.controllerService.type "LoadBalancer" }}
type: {{ .Values.controllerService.type }}
{{- if .Values.controllerService.loadBalancerIP }}
loadBalancerIP: {{ .Values.controllerService.loadBalancerIP }}
{{- end }}
{{- if .Values.controllerService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.controllerService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.controllerService.type }}
{{- end }}
{{- if .Values.controllerService.externalIPs }}
externalIPs:
{{ toYaml .Values.controllerService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.controllerService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.controllerService.externalTrafficPolicy }}
{{- end }}
ports:
- port: {{ .Values.controllerService.port }}
targetPort: controller
protocol: TCP
name: controller
{{ if (and (eq .Values.controllerService.type "NodePort") (not (empty .Values.controllerService.nodePort))) }}
nodePort: {{.Values.controllerService.nodePort}}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 4 }}
{{ end }}

219
charts/stable/unifi/templates/deployment.yaml
View File

@ -1,219 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "unifi.fullname" . }}
{{- if .Values.deploymentAnnotations }}
annotations:
{{- range $key, $value := .Values.deploymentAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
replicas: 1
strategy:
type: {{ .Values.strategyType }}
selector:
matchLabels:
{{- include "unifi.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Values.podAnnotations }}
annotations:
{{- range $key, $value := .Values.podAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
containers:
{{- if .Values.logging.promtail.enabled }}
- name: {{ .Chart.Name }}-promtail
image: "{{ .Values.logging.promtail.image.repository }}:{{ .Values.logging.promtail.image.tag }}"
imagePullPolicy: {{ .Values.logging.promtail.image.pullPolicy }}
args:
- -config.file=/etc/promtail/promtail.yaml
volumeMounts:
- name: promtail-config
mountPath: /etc/promtail/promtail.yaml
subPath: promtail.yaml
readOnly: true
- mountPath: /unifi/log
name: unifi-data
subPath: {{ ternary "log" (printf "%s/%s" .Values.persistence.subPath "log") (empty .Values.persistence.subPath) }}
{{- end }}
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: https-gui
containerPort: {{ .Values.guiService.port }}
protocol: TCP
- name: controller
containerPort: {{ .Values.controllerService.port }}
protocol: TCP
- name: discovery
containerPort: 10001
protocol: UDP
- name: stun
containerPort: 3478
protocol: UDP
- name: syslog
containerPort: 5514
protocol: UDP
{{- if .Values.captivePortalService.enabled }}
- name: http-captive
containerPort: {{ .Values.captivePortalService.http }}
protocol: TCP
- name: https-captive
containerPort: {{ .Values.captivePortalService.https }}
protocol: TCP
{{- end }}
- name: speedtest
containerPort: 6789
protocol: TCP
{{- if not .Values.runAsRoot }}
securityContext:
capabilities:
add:
- SETFCAP
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /status
port: https-gui
scheme: HTTPS
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /status
port: https-gui
scheme: HTTPS
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
env:
- name: UNIFI_HTTP_PORT
value: "{{ .Values.controllerService.port }}"
- name: UNIFI_HTTPS_PORT
value: "{{ .Values.guiService.port }}"
- name: TZ
value: "{{ .Values.timezone }}"
- name: RUNAS_UID0
value: "{{ .Values.runAsRoot }}"
- name: UNIFI_UID
value: "{{ .Values.UID }}"
- name: UNIFI_GID
value: "{{ .Values.GID }}"
- name: UNIFI_STDOUT
value: "true"
{{- if .Values.extraJvmOpts }}
- name: JVM_EXTRA_OPTS
value: "{{- join " " .Values.extraJvmOpts }}"
{{- end }}
{{- if .Values.jvmInitHeapSize }}
- name: JVM_INIT_HEAP_SIZE
value: "{{ .Values.jvmInitHeapSize }}"
{{- end }}
{{- if .Values.jvmMaxHeapSize }}
- name: JVM_MAX_HEAP_SIZE
value: "{{ .Values.jvmMaxHeapSize }}"
{{- end }}
{{- if .Values.mongodb.enabled }}
- name: DB_URI
value: "{{ .Values.mongodb.dbUri }}"
- name: STATDB_URI
value: "{{ .Values.mongodb.statDbUri }}"
- name: DB_NAME
value: "{{ .Values.mongodb.databaseName }}"
{{- end }}
{{- if and .Values.customCert .Values.customCert.enabled }}
- name: CERT_IS_CHAIN
value: "{{ .Values.customCert.isChain }}"
- name: CERTNAME
value: "{{ .Values.customCert.certName }}"
- name: CERT_PRIVATE_NAME
value: "{{ .Values.customCert.keyName }}"
{{- end }}
volumeMounts:
- mountPath: /unifi/data
name: unifi-data
subPath: {{ ternary "data" (printf "%s/%s" .Values.persistence.subPath "data") (empty .Values.persistence.subPath) }}
- mountPath: /unifi/log
name: unifi-data
subPath: {{ ternary "log" (printf "%s/%s" .Values.persistence.subPath "log") (empty .Values.persistence.subPath) }}
- mountPath: /unifi/cert
{{- if and .Values.customCert .Values.customCert.enabled .Values.customCert.certSecret }}
name: unifi-cert-secret
{{- else }}
name: unifi-data
subPath: {{ ternary "cert" (printf "%s/%s" .Values.persistence.subPath "cert") (empty .Values.persistence.subPath) }}
{{- end }}
- mountPath: /unifi/init.d
name: unifi-data
subPath: {{ ternary "init.d" (printf "%s/%s" .Values.persistence.subPath "init.d") (empty .Values.persistence.subPath) }}
{{- if .Values.extraConfigFiles }}
- name: extra-config
mountPath: /configmap
{{- end }}
{{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 12 }}{{ end }}
resources:
{{ toYaml .Values.resources | indent 12 }}
volumes:
- name: unifi-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "unifi.fullname" . }}{{- end }}
{{- else }}
emptyDir: {}
{{ end }}
{{- if .Values.extraConfigFiles }}
- name: extra-config
configMap:
name: {{ template "unifi.fullname" . }}
{{- end }}
{{- if and .Values.customCert .Values.customCert.enabled .Values.customCert.certSecret }}
- name: unifi-cert-secret
secret:
secretName: "{{ .Values.customCert.certSecret }}"
{{- end }}
{{- if .Values.logging.promtail.enabled }}
- name: promtail-config
projected:
defaultMode: 0444
sources:
- configMap:
name: {{ template "unifi.fullname" . }}-promtail
items:
- key: promtail.yaml
path: promtail.yaml
{{- end }}
{{- if .Values.extraVolumes }}{{ toYaml .Values.extraVolumes | trim | nindent 8 }}{{ end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}

53
charts/stable/unifi/templates/discovery-svc.yaml
View File

@ -1,53 +0,0 @@
{{ if not .Values.unifiedService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}-discovery
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.discoveryService.labels }}
{{ toYaml .Values.discoveryService.labels | indent 4 }}
{{- end }}
{{- with .Values.discoveryService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.discoveryService.type "ClusterIP") (empty .Values.discoveryService.type)) }}
type: ClusterIP
{{- if .Values.discoveryService.clusterIP }}
clusterIP: {{ .Values.discoveryService.clusterIP }}
{{end}}
{{- else if eq .Values.discoveryService.type "LoadBalancer" }}
type: {{ .Values.discoveryService.type }}
{{- if .Values.discoveryService.loadBalancerIP }}
loadBalancerIP: {{ .Values.discoveryService.loadBalancerIP }}
{{- end }}
{{- if .Values.discoveryService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.discoveryService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.discoveryService.type }}
{{- end }}
{{- if .Values.discoveryService.externalIPs }}
externalIPs:
{{ toYaml .Values.discoveryService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.discoveryService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.discoveryService.externalTrafficPolicy }}
{{- end }}
ports:
- port: {{ .Values.discoveryService.port }}
targetPort: discovery
protocol: UDP
name: discovery
{{ if (and (eq .Values.discoveryService.type "NodePort") (not (empty .Values.discoveryService.nodePort))) }}
nodePort: {{.Values.discoveryService.nodePort}}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 4 }}
{{ end }}

53
charts/stable/unifi/templates/gui-svc.yaml
View File

@ -1,53 +0,0 @@
{{ if not .Values.unifiedService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}-gui
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.guiService.labels }}
{{ toYaml .Values.guiService.labels | indent 4 }}
{{- end }}
{{- with .Values.guiService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.guiService.type "ClusterIP") (empty .Values.guiService.type)) }}
type: ClusterIP
{{- if .Values.guiService.clusterIP }}
clusterIP: {{ .Values.guiService.clusterIP }}
{{end}}
{{- else if eq .Values.guiService.type "LoadBalancer" }}
type: {{ .Values.guiService.type }}
{{- if .Values.guiService.loadBalancerIP }}
loadBalancerIP: {{ .Values.guiService.loadBalancerIP }}
{{- end }}
{{- if .Values.guiService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.guiService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.guiService.type }}
{{- end }}
{{- if .Values.guiService.externalIPs }}
externalIPs:
{{ toYaml .Values.guiService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.guiService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.guiService.externalTrafficPolicy }}
{{- end }}
ports:
- name: https-gui
port: {{ .Values.guiService.port }}
protocol: TCP
targetPort: https-gui
{{ if (and (eq .Values.guiService.type "NodePort") (not (empty .Values.guiService.nodePort))) }}
nodePort: {{.Values.guiService.nodePort}}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 4 }}
{{ end }}

60
charts/stable/unifi/templates/ingress.yaml
View File

@ -1,60 +0,0 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "unifi.fullname" . -}}
{{- $ingressPath := .Values.ingress.path -}}
{{- $unifiedServiceEnabled := .Values.unifiedService.enabled -}}
{{- if semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
labels:
{{- include "unifi.labels" . | nindent 4 }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ . }}
http:
paths:
- path: {{ $ingressPath }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
service:
{{- if $unifiedServiceEnabled }}
name: {{ $fullName }}
{{- else }}
name: {{ $fullName }}-gui
{{- end }}
port:
name: https-gui
{{- else -}}
{{- if $unifiedServiceEnabled }}
serviceName: {{ $fullName }}
{{- else }}
serviceName: {{ $fullName }}-gui
{{- end }}
servicePort: https-gui
{{- end -}}
{{- end }}
{{- end }}

34
charts/stable/unifi/templates/promtail-configmap.yaml
View File

@ -1,34 +0,0 @@
{{- if .Values.logging.promtail.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "unifi.fullname" . }}-promtail
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
promtail.yaml: |
server:
disable: true
positions:
filename: /tmp/positions.yaml
clients:
- url: {{ .Values.logging.promtail.loki.url }}
scrape_configs:
- job_name: unifi-logs
static_configs:
- targets:
- localhost
labels:
job: unifi-logs
__path__: "/unifi/log/*.log"
- job_name: unifi-remote-logs
static_configs:
- targets:
- localhost
labels:
job: unifi-remote-logs
__path__: "/unifi/log/remote/*.log"
{{- end }}

24
charts/stable/unifi/templates/pvc.yaml
View File

@ -1,24 +0,0 @@
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "unifi.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end -}}

53
charts/stable/unifi/templates/speedtest-svc.yaml
View File

@ -1,53 +0,0 @@
{{ if not .Values.unifiedService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}-speedtest
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.speedtestService.labels }}
{{ toYaml .Values.speedtestService.labels | indent 4 }}
{{- end }}
{{- with .Values.speedtestService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.speedtestService.type "ClusterIP") (empty .Values.speedtestService.type)) }}
type: ClusterIP
{{- if .Values.speedtestService.clusterIP }}
clusterIP: {{ .Values.speedtestService.clusterIP }}
{{end}}
{{- else if eq .Values.speedtestService.type "LoadBalancer" }}
type: {{ .Values.speedtestService.type }}
{{- if .Values.speedtestService.loadBalancerIP }}
loadBalancerIP: {{ .Values.speedtestService.loadBalancerIP }}
{{- end }}
{{- if .Values.speedtestService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.speedtestService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.speedtestService.type }}
{{- end }}
{{- if .Values.speedtestService.externalIPs }}
externalIPs:
{{ toYaml .Values.speedtestService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.speedtestService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.speedtestService.externalTrafficPolicy }}
{{- end }}
ports:
- port: {{ .Values.speedtestService.port }}
targetPort: speedtest
protocol: TCP
name: speedtest
{{ if (and (eq .Values.speedtestService.type "NodePort") (not (empty .Values.speedtestService.nodePort))) }}
nodePort: {{.Values.speedtestService.nodePort}}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 4 }}
{{ end }}

53
charts/stable/unifi/templates/stun-svc.yaml
View File

@ -1,53 +0,0 @@
{{ if not .Values.unifiedService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}-stun
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.stunService.labels }}
{{ toYaml .Values.stunService.labels | indent 4 }}
{{- end }}
{{- with .Values.stunService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.stunService.type "ClusterIP") (empty .Values.stunService.type)) }}
type: ClusterIP
{{- if .Values.stunService.clusterIP }}
clusterIP: {{ .Values.stunService.clusterIP }}
{{end}}
{{- else if eq .Values.stunService.type "LoadBalancer" }}
type: {{ .Values.stunService.type }}
{{- if .Values.stunService.loadBalancerIP }}
loadBalancerIP: {{ .Values.stunService.loadBalancerIP }}
{{- end }}
{{- if .Values.stunService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.stunService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.stunService.type }}
{{- end }}
{{- if .Values.stunService.externalIPs }}
externalIPs:
{{ toYaml .Values.stunService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.stunService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.stunService.externalTrafficPolicy }}
{{- end }}
ports:
- port: {{ .Values.stunService.port }}
targetPort: stun
protocol: UDP
name: stun
{{ if (and (eq .Values.stunService.type "NodePort") (not (empty .Values.stunService.nodePort))) }}
nodePort: {{.Values.stunService.nodePort}}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 4 }}
{{ end }}

53
charts/stable/unifi/templates/syslog-svc.yaml
View File

@ -1,53 +0,0 @@
{{ if and (not (.Values.unifiedService.enabled)) .Values.syslogService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}-syslog
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.syslogService.labels }}
{{ toYaml .Values.syslogService.labels | indent 4 }}
{{- end }}
{{- with .Values.syslogService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.syslogService.type "ClusterIP") (empty .Values.syslogService.type)) }}
type: ClusterIP
{{- if .Values.syslogService.clusterIP }}
clusterIP: {{ .Values.syslogService.clusterIP }}
{{end}}
{{- else if eq .Values.syslogService.type "LoadBalancer" }}
type: {{ .Values.syslogService.type }}
{{- if .Values.syslogService.loadBalancerIP }}
loadBalancerIP: {{ .Values.syslogService.loadBalancerIP }}
{{- end }}
{{- if .Values.syslogService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.syslogService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.syslogService.type }}
{{- end }}
{{- if .Values.syslogService.externalIPs }}
externalIPs:
{{ toYaml .Values.syslogService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.syslogService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.syslogService.externalTrafficPolicy }}
{{- end }}
ports:
- port: {{ .Values.syslogService.port }}
targetPort: syslog
protocol: UDP
name: syslog
{{ if (and (eq .Values.syslogService.type "NodePort") (not (empty .Values.syslogService.nodePort))) }}
nodePort: {{.Values.syslogService.nodePort}}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 4 }}
{{ end }}

106
charts/stable/unifi/templates/unified-svc.yaml
View File

@ -1,106 +0,0 @@
{{ if .Values.unifiedService.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "unifi.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "unifi.name" . }}
helm.sh/chart: {{ include "unifi.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.unifiedService.labels }}
{{ toYaml .Values.unifiedService.labels | indent 4 }}
{{- end }}
{{- with .Values.unifiedService.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if (or (eq .Values.unifiedService.type "ClusterIP") (empty .Values.unifiedService.type)) }}
type: ClusterIP
{{- if .Values.unifiedService.clusterIP }}
clusterIP: {{ .Values.unifiedService.clusterIP }}
{{end}}
{{- else if eq .Values.unifiedService.type "LoadBalancer" }}
type: {{ .Values.unifiedService.type }}
{{- if .Values.unifiedService.loadBalancerIP }}
loadBalancerIP: {{ .Values.unifiedService.loadBalancerIP }}
{{- end }}
{{- if .Values.unifiedService.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.unifiedService.loadBalancerSourceRanges | indent 4 }}
{{- end -}}
{{- else }}
type: {{ .Values.unifiedService.type }}
{{- end }}
{{- if .Values.unifiedService.externalIPs }}
externalIPs:
{{ toYaml .Values.unifiedService.externalIPs | indent 4 }}
{{- end }}
{{- if .Values.unifiedService.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.unifiedService.externalTrafficPolicy }}
{{- end }}
ports:
- port: {{ .Values.controllerService.port }}
targetPort: controller
protocol: TCP
name: controller
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.controllerService.nodePort))) }}
nodePort: {{.Values.controllerService.nodePort}}
{{ end }}
- port: {{ .Values.discoveryService.port }}
targetPort: discovery
protocol: UDP
name: discovery
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.discoveryService.nodePort))) }}
nodePort: {{.Values.discoveryService.nodePort}}
{{ end }}
- port: {{ .Values.stunService.port }}
targetPort: stun
protocol: UDP
name: stun
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.stunService.nodePort))) }}
nodePort: {{.Values.stunService.nodePort}}
{{ end }}
- port: {{ .Values.syslogService.port }}
targetPort: syslog
protocol: UDP
name: syslog
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.syslogService.nodePort))) }}
nodePort: {{.Values.syslogService.nodePort}}
{{ end }}
- name: https-gui
port: {{ .Values.guiService.port }}
protocol: TCP
targetPort: https-gui
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.guiService.nodePort))) }}
nodePort: {{.Values.guiService.nodePort}}
{{ end }}
{{ if .Values.captivePortalService.enabled }}
- name: http-captive
port: {{ .Values.captivePortalService.http }}
protocol: TCP
targetPort: http-captive
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.captivePortalService.http))) }}
nodePort: {{.Values.captivePortalService.http}}
{{ end }}
- name: https-captive
port: {{ .Values.captivePortalService.https }}
protocol: TCP
targetPort: https-captive
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.captivePortalService.https))) }}
nodePort: {{.Values.captivePortalService.https}}
{{ end }}
- port: {{ .Values.speedtestService.port }}
targetPort: speedtest
protocol: TCP
name: speedtest
{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.speedtestService.nodePort))) }}
nodePort: {{.Values.speedtestService.nodePort}}
{{ end }}
{{ end }}
selector:
{{- include "unifi.selectorLabels" . | nindent 4 }}
{{ end }}

452
charts/stable/unifi/values.yaml
View File

@ -1,350 +1,126 @@
# Default values for unifi. #
# This is a YAML-formatted file. # IMPORTANT NOTE
# Declare variables to be passed into your templates. #
# This chart inherits from our common library chart. You can check the default values/options here:
# -- upgrade strategy type (e.g. Recreate or RollingUpdate) # https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
strategyType: Recreate #
image: image:
# -- image repository
repository: jacobalberty/unifi repository: jacobalberty/unifi
tag: 6.2.25 # -- image tag
tag: v6.2.26
# -- image pull policy
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# If enabled, the controller, discovery, GUI, STUN and syslog services will not be # -- environment variables. See more environment variables in the [image documentation](https://github.com/jacobalberty/unifi-docker#environment-variables).
# created. # @default -- See below
# Instead, one service will be created with the port and nodePort settings from env:
# controllerService, discoveryService, guiService, stunService and syslogService. # -- Set the container timezone
# This is useful if, for example, the ClusterIP network is routable and being TZ: UTC
# accessed directly by access points, and the APs don't have a way to discern # -- Run UniFi as root
# different services on different IPs. RUNAS_UID0: "false"
unifiedService: # -- Specify the user ID the application will run as
enabled: false UNIFI_UID: "999"
# -- Kubernetes service type # -- Specify the group ID the application will run as
type: ClusterIP UNIFI_GID: "999"
# -- (int) Specify the nodePort value for the LoadBalancer and NodePort service types. # -- Java Virtual Machine (JVM) initial, and minimum, heap size
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport # Unset value means there is no lower limit
# JVM_INIT_HEAP_SIZE:
nodePort: # -- Java Virtual Machine (JVM) maximum heap size
# -- Provide any additional annotations which may be required. This can be used to # For larger installations a larger value is recommended.
# set the LoadBalancer service type to internal only. # For memory constrained system this value can be lowered.
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer JVM_MAX_HEAP_SIZE: 1024M
annotations: {}
labels: {}
# -- Use loadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP:
# -- (list) loadBalancerSourceRanges
loadBalancerSourceRanges:
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local
externalTrafficPolicy:
guiService: # -- Configures service settings for the chart.
# -- Kubernetes service type # @default -- See values.yaml
type: ClusterIP service:
# -- Kubernetes port where the service is exposed main:
port: 8443 ports:
# -- (int) Specify the nodePort value for the LoadBalancer and NodePort service types. # -- Configure Web interface + API port
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport # @default -- See values.yaml
# http:
nodePort: port: 8443
# -- Provide any additional annotations which may be required. This can be used to # -- Configure Controller port used for device command/control
# set the LoadBalancer service type to internal only. # @default -- See values.yaml
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer controller:
annotations: {} enabled: true
labels: {} port: 8080
# -- Use loadBalancerIP to request a specific static IP, protocol: TCP
# otherwise leave blank # -- Configure Captive Portal HTTP port
loadBalancerIP: # @default -- See values.yaml
# -- (list) loadBalancerSourceRanges portal-http:
loadBalancerSourceRanges: enabled: false
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local port: 8880
externalTrafficPolicy: protocol: HTTP
# -- Configure Captive Portal HTTPS port
# @default -- See values.yaml
portal-https:
enabled: false
port: 8843
protocol: HTTPS
# -- Configure Speedtest port (used for UniFi mobile speed test)
# @default -- See values.yaml
speedtest:
enabled: true
port: 6789
protocol: TCP
# -- Configure STUN port
# @default -- See values.yaml
stun:
enabled: true
port: 3478
protocol: UDP
# -- Configure remote syslog port
# @default -- See values.yaml
syslog:
enabled: true
port: 5514
protocol: UDP
# -- Configure device discovery port
# @default -- See values.yaml
discovery:
enabled: true
port: 10001
protocol: UDP
captivePortalService:
enabled: false
# -- Kubernetes service type
type: ClusterIP
# -- Kubernetes port where the http service is exposed
http: 8880
# -- Kubernetes port where the https service is exposed
https: 8843
# -- Provide any additional annotations which may be required. This can be used to
# set the LoadBalancer service type to internal only.
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
labels: {}
# -- Use loadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP:
# -- (list) loadBalancerSourceRanges
loadBalancerSourceRanges:
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local
externalTrafficPolicy:
# -- Ingress settings
ingress:
enabled: false
annotations: {}
path: /
hosts:
- chart-example.local
tls: []
controllerService:
# -- Kubernetes service type
type: NodePort
# -- Kubernetes port where the service is exposed
port: 8080
# -- Provide any additional annotations which may be required. This can be used to
# set the LoadBalancer service type to internal only.
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
labels: {}
# -- Use loadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP:
# -- (list) loadBalancerSourceRanges
loadBalancerSourceRanges:
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local
externalTrafficPolicy:
# -- Ingress settings
ingress:
enabled: false
annotations: {}
path: /
hosts:
- chart-example.local
tls: []
stunService:
# -- Kubernetes service type
type: NodePort
# -- Kubernetes port where the service is exposed
port: 3478
# -- Provide any additional annotations which may be required. This can be used to
# set the LoadBalancer service type to internal only.
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
labels: {}
# -- Use loadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP:
# -- (list) loadBalancerSourceRanges
loadBalancerSourceRanges:
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local
externalTrafficPolicy:
discoveryService:
# -- Kubernetes service type
type: NodePort
# -- Kubernetes port where the service is exposed
port: 10001
# -- Provide any additional annotations which may be required. This can be used to
# set the LoadBalancer service type to internal only.
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
labels: {}
# -- Use loadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP:
# -- (list) loadBalancerSourceRanges
loadBalancerSourceRanges:
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local
externalTrafficPolicy:
syslogService:
enabled: false
# -- Kubernetes service type
type: NodePort
# -- Kubernetes port where the service is exposed
port: 5514
# -- Provide any additional annotations which may be required. This can be used to
# set the LoadBalancer service type to internal only.
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
labels: {}
# -- Use loadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP:
# -- (list) loadBalancerSourceRanges
loadBalancerSourceRanges:
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local
externalTrafficPolicy:
speedtestService:
# -- Kubernetes service type
type: ClusterIP
# -- Kubernetes port where the service is exposed
port: 6789
# -- Provide any additional annotations which may be required. This can be used to
# set the LoadBalancer service type to internal only.
# ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
annotations: {}
labels: {}
# -- Use loadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP:
# -- (list) loadBalancerSourceRanges
loadBalancerSourceRanges:
# -- Set the externalTrafficPolicy in the Service to either Cluster or Local
externalTrafficPolicy:
# -- Ingress settings
ingress: ingress:
enabled: false # -- Enable and configure ingress settings for the chart under this key.
annotations: {} # @default -- See values.yaml
path: / main:
hosts:
- chart-example.local
tls: []
timezone: UTC
runAsRoot: false
UID: 999
GID: 999
# -- If you provide your own custom certificate in <unifi-data>/cert
# you can define the following parameters to configure the controller
customCert:
enabled: false
isChain: false
certName: tls.crt
keyName: tls.key
# If you want to store certificate and its key as a Kubernetes tls secret
# you can pass the name of that secret using certSecret variable
# certSecret: unifi-tls
# -- Logging configuration
logging:
promtail:
enabled: false enabled: false
image: annotations:
repository: grafana/promtail nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
tag: 1.6.0 traefik.ingress.kubernetes.io/service.serversscheme: https
pullPolicy: IfNotPresent
loki:
url: http://loki.logs.svc.cluster.local:3100/loki/api/v1/push
# -- define an external mongoDB instead of using the built-in mongodb # -- Enable and configure settings for the captive portal ingress under this key.
mongodb: # @default -- See values.yaml
enabled: false portal:
dbUri: mongodb://mongo/unifi enabled: false
statDbUri: mongodb://mongo/unifi_stat annotations:
databaseName: unifi nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
traefik.ingress.kubernetes.io/service.serversscheme: https
ingressClassName: # "nginx"
hosts:
- ## Host address. Helm template can be passed.
host:
## Configure the paths for the host
paths:
- ## Path. Helm template can be passed.
path: /
## Ignored if not kubeVersion >= 1.14-0
pathType: Prefix
service:
## Overrides the service name reference for this path
name: main
## Overrides the service port reference for this path
port: portal-https
# -- Configure persistence settings for the chart under this key.
# @default -- See values.yaml
persistence: persistence:
# -- Use persistent volume to store data data:
enabled: false enabled: false
# -- (string) Type of persistent volume claim mountPath: /unifi/data
storageClass:
# -- (string) Use an existing PVC to persist data
existingClaim:
# -- Persistence access modes
accessMode: ReadWriteOnce
# -- Size of persistent volume claim
size: 5Gi
# -- Do not delete the pvc upon helm uninstall
skipuninstall: false
extraVolumes: []
## specify additional volume to be used by extraVolumeMounts inside unifi container
# - name: additional-volume
# hostPath:
# path: /path/on/host
# type: DirectoryOrCreate
extraVolumeMounts: []
## specify additional VolumeMount to be mounted inside unifi container
# - name: additional-volume
# mountPath: /path/in/container
extraJvmOpts: []
## Extra java options
## Here are some examples of valid JVM options:
##
# - "-XX:MaxMetaspaceSize=256m"
# - "-Dlog4j.configurationFile=file:/configmap/log4j2.xml"
# - "-Dsystem_ip=1.2.3.4"
# -- Java Virtual Machine (JVM) initial, and minimum, heap size
# Unset value means there is no lower limit
jvmInitHeapSize:
# -- Java Virtual Machine (JVM) maximum heap size
# For larger installations a larger value is recommended.
# For memory constrained system this value can be lowered.
jvmMaxHeapSize: 1024M
extraConfigFiles: {}
## Specify additional config files which are mounted to /configmap
## Here is an example for a custom log4j config:
##
# log4j2.xml: |-
# <?xml version="1.0" encoding="UTF-8"?>
# <Configuration>
# <Appenders>
# <InMemoryAppender name="InMemoryAppender" activatedLogging="false">
# <PatternLayout pattern="[%d{ISO8601}] &lt;%t&gt; %-5p %-6c{1} - %m%n" />
# </InMemoryAppender>
# <RollingFile name="server_log" fileName="logs/server.log" filePattern="logs/server.log.%i">
# <PatternLayout pattern="[%d{ISO8601}] &lt;%t&gt; %-5p %-6c{1} - %m%n" />
# <SizeBasedTriggeringPolicy size="10 MB"/>
# <DefaultRolloverStrategy max="3" fileIndex="min" />
# </RollingFile>
# <Console name="STDOUT" target="SYSTEM_OUT">
# <PatternLayout pattern="&lt;%t&gt; %-5p %-6c{1} - %m%n"/>
# </Console>
# </Appenders>
# <Loggers>
# <Root level="INFO">
# <AppenderRef ref="InMemoryAppender" />
# <AppenderRef ref="server_log" />
# <AppenderRef ref="STDOUT" />
# </Root>
# </Loggers>
# </Configuration>
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- Liveness probe values
# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
# -- Readiness probe values
# Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
readinessProbe:
enabled: true
initialDelaySeconds: 15
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
nodeSelector: {}
tolerations: []
affinity: {}
podAnnotations: {}
deploymentAnnotations: {}