[misc] improving some docs

cryptpad · Sep 22, 2023 · 104a51d · 104a51d
1 parent 1606542
commit 104a51d
Show file tree

Hide file tree

Showing 4 changed files with 179 additions and 28 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -8,6 +8,7 @@ on:
       - '.github/**'
       - 'charts/**'
       - '!**.md'
+      - '!**.md.gotmpl'
 
 jobs:
 

diff --git a/charts/cryptpad/README.md b/charts/cryptpad/README.md
@@ -13,6 +13,30 @@ helm repo add cryptpad-github https://cryptpad.github.io/helm
 helm install cryptpad cryptpad-github/cryptpad
 ```
 
+### Configure and Customization
+
+Values example of how customize your intance:
+
+```yaml
+# https://docs.cryptpad.org/en/admin_guide/installation.html#configure-cryptpad
+config:
+  adminKeys: [
+    "[[email protected]/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]",
+  ]
+
+# https://docs.cryptpad.org/en/admin_guide/customization.html#application-config
+application_config:
+  availableLanguages: [ 'en', 'de', 'fr', 'pt-br' ]
+  availablePadTypes: [ 'drive', 'teams', 'sheet', 'doc', 'presentation', 'pad', 'kanban', 'code', 'form', 'poll', 'whiteboard',
+                                'file', 'contacts', 'slide', 'convert', 'diagram' ]
+  privacy: |
+    {
+      "default": 'https://example.com/privacy.html',
+      "en": 'https://example.com/privacy.en.html', // in case English is not your default language
+      "de": 'https://example.com/privacy.de.html', // you get the idea?
+    }
+```
+
 ## Requirements
 
 | Repository | Name | Version |
@@ -24,22 +48,41 @@ helm install cryptpad cryptpad-github/cryptpad
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | affinity | object | `{}` | Values for the Affinity |
-| apiDomain | string | `""` | CryptPad API subdomain FQDN |
 | application_config | string | `nil` | Configuration of the [application](https://docs.cryptpad.org/en/admin_guide/customization.html#application-config) |
 | autoscaling.enabled | bool | `false` | Enable the Autoscaling |
 | autoscaling.maxReplicas | int | `100` | Maximum numbers of replicas |
 | autoscaling.minReplicas | int | `1` | Minimal numbers of replicas |
 | autoscaling.targetCPUUtilizationPercentage | int | `80` | Percentage of the targeted CPU Utilization |
 | autoscaling.targetMemoryUtilizationPercentage | int | `80` | Percentage of the targeted Memory Utilization |
-| config | object | `{"adminKeys":[],"archivePath":"./data/archive","blobPath":"./blob","blobStagingPath":"./data/blobstage","blockPath":"./block","decreePath":"./data/decrees","filePath":"./datastore/","httpAddress":"0.0.0.0","installMethod":"helm-docker","logFeedback":false,"logLevel":"info","logPath":"./data/logs","logToStdout":false,"pinPath":"./data/pins","taskPath":"./data/tasks","verbose":false}` | [Configuration of Cryptpad](https://docs.cryptpad.org/en/admin_guide/installation.html#admin-cryptpad-config) |
+| config.adminKeys | list | `[]` | Public signing key of users to give admin panel access |
+| config.archivePath | string | `"./data/archive"` | Directory to archive data for a configurable period before deleting it.  |
+| config.blobPath | string | `"./blob"` | Directory to store encrypted files that was uploaded.  |
+| config.blobStagingPath | string | `"./data/blobstage"` | Directory to store incomplete blobs in a 'staging' area until they are fully uploaded.  |
+| config.blockPath | string | `"./block"` | Directory to store authenticated blocks.  |
+| config.decreePath | string | `"./data/decrees"` | TODO |
+| config.filePath | string | `"./datastore/"` | Directory where files/documents should be stored.  |
+| config.httpAddress | string | `"0.0.0.0"` | httpAddress specifies the address on which the nodejs server should be accessible. |
+| config.installMethod | string | `"helm-docker"` |  |
+| config.logFeedback | bool | `false` | Enable feedback log, but requires feedback on log level to work.  |
+| config.logLevel | string | `"info"` | Change log level from this list below by order of importance: (silly, verbose, debug, feedback, info, warn, error).  |
+| config.logPath | string | `"./data/logs"` | Directory to store logging events.  |
+| config.logToStdout | bool | `false` | Log activity to stdout, this may be useful for debugging |
+| config.pinPath | string | `"./data/pins"` | Directory to store documents that was pinned to to be stored by the server indefinitely.  |
+| config.taskPath | string | `"./data/tasks"` | Directory to store a list of scheduled tasks.  |
+| config.verbose | bool | `false` | Enable verbose logging |
 | cpadConfig | string | `"/cryptpad/config/config.js"` | File to mount for the CPAD Configuration (`CPAD_CONF`) |
-| filesDomain | string | `""` | CryptPad files subdomain FQDN |
 | fullnameOverride | string | `""` |  |
-| http2Disable | string | `""` | Disable HTTP2 |
-| image | object | `{"pullPolicy":"IfNotPresent","repository":"cryptpad/cryptpad","tag":"version-5.4.0"}` | Parameters for the Cryptpad image used |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"cryptpad/cryptpad"` |  |
+| image.tag | string | `"version-5.4.0"` |  |
 | imagePullSecrets | list | `[]` |  |
-| ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"localhost","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}],"tls":[]}` | Values for the ingress |
-| ingress.enabled | bool | `false` | Enable the ingress |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"localhost"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
 | nameOverride | string | `""` |  |
 | nodeSelector | object | `{}` | Values for the Node Selector |
 | persistence.cryptpad.blob.accessModes[0] | string | `"ReadWriteOnce"` |  |
@@ -77,21 +120,50 @@ helm install cryptpad cryptpad-github/cryptpad
 | persistence.enabled | bool | `true` | Enable the persistence |
 | podAnnotations | object | `{}` | Annotations for the Pod |
 | podSecurityContext | object | `{"fsGroup":4001}` | Security context for the Pod |
-| realIpHeader | string | `""` | Header to get client IP from (`X-Real-IP` or `X-Forwarded-For`) |
-| realIpRecursive | string | `""` | Instruct Nginx to perform a recursive search to find client's real IP (`on`/`off`) (see [ngx_http_realip_module](https://nginx.org/en/docs/http/ngx_http_realip_module.html)) |
 | replicaCount | int | `1` | Number of replicas |
 | resources | object | `{}` | Specify default resources. We usually recommend not to specify default resources and to leave this as a conscious choice for the user. This also increases chances charts run on environments with little resources, such as Minikube. |
 | securityContext | object | `{}` | Security context |
-| service | object | `{"externalIPs":[],"externalPort":80,"internalPort":"http","name":"http","portName":"node","sessionAffinity":"ClientIP","type":"ClusterIP"}` | Values for the service |
+| service.externalIPs | list | `[]` |  |
+| service.externalPort | int | `80` |  |
+| service.internalPort | string | `"http"` |  |
+| service.name | string | `"http"` |  |
+| service.portName | string | `"node"` |  |
+| service.sessionAffinity | string | `"ClientIP"` |  |
+| service.type | string | `"ClusterIP"` |  |
 | serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
 | serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
-| tlsCert | string | `""` | Path to TLS certificate file |
-| tlsDhParam | string | `""` | Path to Diffie-Hellman parameters file |
-| tlsKey | string | `""` | Path to TLS private key file |
 | tolerations | list | `[]` | Values for the Tolerations |
-| trustedProxy | string | `""` | Trusted proxy address or CIDR |
 | workloadStateful | bool | `true` | Enable to choose witch kind of workload will be used: (true) StatefulSet or (false) for Deployment |
 
+## Backup
+
+Important volumes or paths (in case different solution like empty/sidecar backup tools) to be considered:
+
+* **cryptpad-blob** volume, or **/cryptpad/blob**
+* **cryptpad-block** volume, or **/cryptpad/block**
+* **cryptpad-data** volume, or **/cryptpad/data**
+* **cryptpad-datastore** volume, or **/cryptpad/datastore**
+
+And configuration file or command line with preferences used to install Helm release.
+
+There are some tools that can manage the backups on k8s workloads. We can suggest [Velero](https://velero.io/), as we already used on some internal clusters.
+
+There is specific product documentation on: https://docs.cryptpad.org/en/admin_guide/maintenance.html#backup-and-migration
+
+## Logging
+
+Current logging resources are standard [Kubernetes logging](https://kubernetes.io/docs/concepts/cluster-administration/logging/).
+
+Example of how change log levels from instance: 
+
+```yaml
+config:
+  verbose: false
+  logToStdout: false
+  logLevel: 'info'
+  logFeedback: false
+```
+
 ----------------------------------------------
 Autogenerated from chart metadata using [helm-docs v1.11.2](https://github.com/norwoodj/helm-docs/releases/v1.11.2) 
diff --git a/charts/cryptpad/README.md.gotmpl b/charts/cryptpad/README.md.gotmpl
@@ -12,8 +12,61 @@ helm repo add cryptpad-github https://cryptpad.github.io/helm
 helm install cryptpad cryptpad-github/cryptpad 
 ```
 
+### Configure and Customization 
+
+Values example of how customize your intance: 
+
+```yaml
+# https://docs.cryptpad.org/en/admin_guide/installation.html#configure-cryptpad
+config:
+  adminKeys: [
+    "[[email protected]/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]",
+  ]
+
+# https://docs.cryptpad.org/en/admin_guide/customization.html#application-config
+application_config:
+  availableLanguages: [ 'en', 'de', 'fr', 'pt-br' ]
+  availablePadTypes: [ 'drive', 'teams', 'sheet', 'doc', 'presentation', 'pad', 'kanban', 'code', 'form', 'poll', 'whiteboard',
+                                'file', 'contacts', 'slide', 'convert', 'diagram' ]
+  privacy: |
+    {
+      "default": 'https://example.com/privacy.html',
+      "en": 'https://example.com/privacy.en.html', // in case English is not your default language
+      "de": 'https://example.com/privacy.de.html', // you get the idea?
+    }
+```
+
 {{ template "chart.requirementsSection" . }}
 
 {{ template "chart.valuesSection" . }}
 
+## Backup 
+
+Important volumes or paths (in case different solution like empty/sidecar backup tools) to be considered: 
+
+* **cryptpad-blob** volume, or **/cryptpad/blob**
+* **cryptpad-block** volume, or **/cryptpad/block**
+* **cryptpad-data** volume, or **/cryptpad/data**
+* **cryptpad-datastore** volume, or **/cryptpad/datastore**
+
+And configuration file or command line with preferences used to install Helm release. 
+
+There are some tools that can manage the backups on k8s workloads. We can suggest [Velero](https://velero.io/), as we already used on some internal clusters.
+
+There is specific product documentation on: https://docs.cryptpad.org/en/admin_guide/maintenance.html#backup-and-migration
+
+## Logging
+
+Current logging resources are standard [Kubernetes logging](https://kubernetes.io/docs/concepts/cluster-administration/logging/). 
+
+Example of how change log levels from instance:  
+
+```yaml
+config:
+  verbose: false
+  logToStdout: false
+  logLevel: 'info'
+  logFeedback: false
+```
+
 {{ template "helm-docs.versionFooter" . }} 
diff --git a/charts/cryptpad/values.yaml b/charts/cryptpad/values.yaml
@@ -8,7 +8,7 @@ replicaCount: 1
 # -- Enable to choose witch kind of workload will be used: (true) StatefulSet or (false) for Deployment
 workloadStateful: true
 
-# -- Parameters for the Cryptpad image used
+# Parameters for the Cryptpad image used
 image:
   pullPolicy: IfNotPresent
   repository: cryptpad/cryptpad
@@ -32,63 +32,88 @@ application_config:
 cpadConfig: "/cryptpad/config/config.js"
 
 # https://docs.cryptpad.org/en/admin_guide/installation.html#admin-cryptpad-config
-# -- [Configuration of Cryptpad](https://docs.cryptpad.org/en/admin_guide/installation.html#admin-cryptpad-config)
+# [Configuration of Cryptpad](https://docs.cryptpad.org/en/admin_guide/installation.html#admin-cryptpad-config)
 config:
   #########################
   # NETWORK CONFIGURATION #
   #########################
+  # -- httpAddress specifies the address on which the nodejs server should be accessible.
   httpAddress: '0.0.0.0'
 
   ####################
   # Database Volumes #
   ####################
+  # -- Directory where files/documents should be stored. 
   filePath: './datastore/'
+  # -- Directory to archive data for a configurable period before deleting it. 
   archivePath: './data/archive'
+  # -- Directory to store documents that was pinned to to be stored by the server indefinitely. 
   pinPath: './data/pins'
+  # -- Directory to store a list of scheduled tasks. 
   taskPath: './data/tasks'
+  # -- Directory to store authenticated blocks. 
   blockPath: './block'
+  # -- Directory to store encrypted files that was uploaded. 
   blobPath: './blob'
+  # -- Directory to store incomplete blobs in a 'staging' area until they are fully uploaded. 
   blobStagingPath: './data/blobstage'
+  # -- TODO
   decreePath: './data/decrees'
+  # -- Directory to store logging events. 
   logPath: './data/logs'
 
   #############
   # Debugging #
   #############
+  # -- Enable verbose logging
   verbose: false
+  # -- Log activity to stdout, this may be useful for debugging
   logToStdout: false
+  # -- Change log level from this list below by order of importance: (silly, verbose, debug, feedback, info, warn, error). 
   logLevel: 'info'
+  # -- Enable feedback log, but requires feedback on log level to work. 
   logFeedback: false
 
   # Surplus information
   installMethod: 'helm-docker'
 
   # Administrator keys
   # https://docs.cryptpad.org/en/admin_guide/installation.html#configure-administrators
+  # -- Public signing key of users to give admin panel access
   adminKeys: []
   # adminKeys: [
   #   "[[email protected]/YZgXQxKR0Rcb6r6CmxHPdAGLVludrAF2lEnkbx1vVOo=]",
   # ]
 
+# TODO: remove 
 # Check values on https://github.com/xwiki-labs/cryptpad-docker#environment-variables
 # For CPAD_MAIN_DOMAIN and CPAD_SANDBOX_DOMAIN values httpUnsafeOrigin and httpSafeOrigin will be used.
-# -- CryptPad API subdomain FQDN
+# CryptPad API subdomain FQDN
+# @ignore
 apiDomain: ""
-# -- CryptPad files subdomain FQDN
+# CryptPad files subdomain FQDN
+# @ignore
 filesDomain: ""
-# -- Trusted proxy address or CIDR
+# Trusted proxy address or CIDR
+# @ignore
 trustedProxy: ""
-# -- Header to get client IP from (`X-Real-IP` or `X-Forwarded-For`)
+# Header to get client IP from (`X-Real-IP` or `X-Forwarded-For`)
+# @ignore
 realIpHeader: ""
-# -- Instruct Nginx to perform a recursive search to find client's real IP (`on`/`off`) (see [ngx_http_realip_module](https://nginx.org/en/docs/http/ngx_http_realip_module.html))
+# Instruct Nginx to perform a recursive search to find client's real IP (`on`/`off`) (see [ngx_http_realip_module](https://nginx.org/en/docs/http/ngx_http_realip_module.html))
+# @ignore
 realIpRecursive: ""
-# -- Path to TLS certificate file
+# Path to TLS certificate file
+# @ignore
 tlsCert: ""
-# -- Path to TLS private key file
+# Path to TLS private key file
+# @ignore
 tlsKey: ""
-# -- Path to Diffie-Hellman parameters file
+# Path to Diffie-Hellman parameters file
+# @ignore
 tlsDhParam: ""
-# -- Disable HTTP2
+# Disable HTTP2
+# @ignore
 http2Disable: ""
 
 imagePullSecrets: []
@@ -120,7 +145,7 @@ securityContext: {}
   # runAsNonRoot: true
   # runAsUser: 1000
 
-# -- Values for the service
+# Values for the service
 service:
   portName: node
   name: http
@@ -134,9 +159,9 @@ service:
   # Reference: https://kubernetes.io/docs/reference/networking/virtual-ips/#session-affinity
   sessionAffinity: ClientIP
 
-# -- Values for the ingress
+# Values for the ingress
 ingress:
-  # -- Enable the ingress
+  # Enable the ingress
   enabled: false
   className: ""
   annotations: {}