aenix-io · kvaps · Sep 9, 2024
@@ -0,0 +1,3 @@
+apiVersion: v2
+name: cozy-guacamole
+version: 0.0.0 # Placeholder, the actual version will be automatically set during the build process
@@ -0,0 +1,5 @@
+update:
+	rm -rf charts
+	helm repo add beryju https://charts.beryju.io
+	helm repo update beryju
+	helm pull beryju/guacamole --untar --untardir charts
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+README.md.gotmpl
@@ -0,0 +1,14 @@
+apiVersion: v1
+appVersion: 1.5.5
+description: Apache Guacamole is a clientless remote desktop gateway. It supports
+  standard protocols like VNC, RDP, and SSH.
+icon: http://guacamole.apache.org/images/guacamole-logo-64.png
+maintainers:
+- email: helm@gavinmogan.com
+  name: Gavin Mogan
+- email: jens@beryju.org
+  name: Jens Langhammer
+name: guacamole
+sources:
+- http://guacamole.apache.org/
+version: 1.4.1
@@ -0,0 +1,84 @@
+guacamole
+=========
+
+## TL;DR;
+
+```console
+$ helm repo add beryju https://charts.beryju.io
+$ helm install guacamole beryju/guacamole
+```
+
+Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.
+
+This is a fork of https://artifacthub.io/packages/helm/halkeye/guacamole, but updated to support newer versions and more settings.
+
+### Dependencies
+
+This chart has a dependency on ``postgresql`` to be up and running _before_ this chart is deployed. The init-container will not fail if the ``postgresql`` service is not found.
+
+Sample ``postgresql`` install which works with the defaults of this chart:
+```console
+helm install postgresql bitnami/postgresql \
+ --set auth.username=guacamole \
+ --set auth.password=password \
+ --set auth.postgresPassword=password \
+ --set auth.database=guacamole --wait
+```
+
+## Changelog
+
+1.3.3 - Fixed ingress api and documented postgresql dependency
+
+1.2.3 - Make guacamole run in ROOT context
+
+0.2.3 - Add support for custom envs
+
+0.2.2 - Update liveness and readiness probe path
+
+0.2.1 - helm-docs doesn't add a tl;dr section, so add it manually
+
+0.2.0 - Apparently I didn't actually use it before, i was running an old copy
+
+* Fixed services to expose the ports properly
+* Auto create the db on init if possible
+
+
+
+## Chart Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| dbcreation.image.pullPolicy | string | `"IfNotPresent"` |  |
+| dbcreation.image.repository | string | `"bitnami/postgresql"` |  |
+| dbcreation.image.tag | string | `"11.7.0-debian-10-r9"` |  |
+| fullnameOverride | string | `""` |  |
+| guacamole.image.pullPolicy | string | `"IfNotPresent"` |  |
+| guacamole.image.repository | string | `"guacamole/guacamole"` |  |
+| guacamole.image.tag | string | `"{{ .Chart.AppVersion }}"` |  |
+| guacd.image.pullPolicy | string | `"IfNotPresent"` |  |
+| guacd.image.repository | string | `"guacamole/guacd"` |  |
+| guacd.image.tag | string | `"{{ .Chart.AppVersion }}"` |  |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"chart-example.local"` |  |
+| ingress.hosts[0].paths | list | `[]` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| postgres.database | string | `"guacamole"` |  |
+| postgres.hostname | string | `"postgresql"` |  |
+| postgres.password | string | `"password"` |  |
+| postgres.port | string | `"5432"` |  |
+| postgres.user | string | `"guacamole"` |  |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.port | int | `80` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.create | bool | `true` |  |
+| serviceAccount.name | string | `nil` |  |
+| tolerations | list | `[]` |  |
+
@@ -0,0 +1,21 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "guacamole.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "guacamole.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "guacamole.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "guacamole.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:80
+{{- end }}
@@ -0,0 +1,56 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "guacamole.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "guacamole.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "guacamole.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "guacamole.labels" -}}
+app.kubernetes.io/name: {{ include "guacamole.name" . }}
+helm.sh/chart: {{ include "guacamole.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "guacamole.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "guacamole.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
@@ -0,0 +1,186 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "guacamole.fullname" . }}-guacamole
+  labels:
+{{ include "guacamole.labels" . | indent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "guacamole.name" . }}-guacamole
+      app.kubernetes.io/instance: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "guacamole.name" . }}-guacamole
+        app.kubernetes.io/instance: {{ .Release.Name }}
+    spec:
+    {{- with .Values.guacamole.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      dnsConfig:
+        options:
+          - name: ndots
+            value: "1"
+      serviceAccountName: {{ template "guacamole.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      initContainers:
+        - name: create-init-db
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.guacamole.image.repository }}:{{ tpl .Values.guacamole.image.tag . }}"
+          imagePullPolicy: {{ .Values.guacamole.image.pullPolicy }}
+          envFrom:
+            - secretRef:
+                name: {{ include "guacamole.fullname" . }}
+          env:
+            - name: POSTGRES_HOSTNAME
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: host
+            - name: POSTGRES_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: port
+            - name: POSTGRES_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: dbname
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: user
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: password
+          volumeMounts:
+            - name: initdb
+              mountPath: /data
+          command: ["/bin/sh"]
+          args:
+            - -c
+            - |
+              /opt/guacamole/bin/initdb.sh --postgresql > /data/initdb.sql
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+        - name: loaddb
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.dbcreation.image.repository }}:{{ .Values.dbcreation.image.tag }}"
+          imagePullPolicy: {{ .Values.dbcreation.image.pullPolicy }}
+          envFrom:
+            - secretRef:
+                name: {{ include "guacamole.fullname" . }}
+          env:
+            - name: POSTGRES_HOSTNAME
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: host
+            - name: POSTGRES_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: port
+            - name: POSTGRES_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: dbname
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: user
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: password
+
+          volumeMounts:
+            - name: initdb
+              mountPath: /data
+          command: ["/bin/sh"]
+          args:
+            - -c
+            - |
+              export PGPASSWORD=$POSTGRES_PASSWORD
+              # most likely already created, so don't fail, just log and move on
+              psql -h $POSTGRES_HOSTNAME -d $POSTGRES_DATABASE -U $POSTGRES_USER -p $POSTGRES_PORT -a -w -f /data/initdb.sql || true
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.guacamole.image.repository }}:{{ tpl .Values.guacamole.image.tag . }}"
+          imagePullPolicy: {{ .Values.guacamole.image.pullPolicy }}
+          envFrom:
+            - secretRef:
+                name: {{ include "guacamole.fullname" . }}
+          env:
+            - name: POSTGRES_HOSTNAME
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: host
+            - name: POSTGRES_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: port
+            - name: POSTGRES_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: dbname
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: user
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: guacamole-db-app
+                  key: password
+
+          ports:
+            - name: http
+              containerPort: 8080
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      volumes:
+        - name: initdb
+          emptyDir: {}