Merge branch 'map'

helm/charts/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: tum-gis-iot-stack-k8s
 description: Helm Chart for the TUM-GI IoT stack.
 type: application
-version: 0.1.7
+version: 0.1.9
 appVersion: "0.0.1"
 
 dependencies:
@@ -24,6 +24,9 @@ dependencies:
   - name: certIssuer
     version: "*"
     condition: certIssuer.enabled
+  - name: caddy
+    version: "*"
+    condition: caddy.enabled
   - name: ingress-nginx
     alias: ingress-nginx
     condition: ingress-nginx.enabled

helm/charts/charts/caddy/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+name: caddy
+description: Caddy webserver
+type: application
+version: 0.1.0
+appVersion: "2.5.2-alpine"

helm/charts/charts/caddy/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "caddy.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "caddy.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "caddy.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "caddy.labels" -}}
+helm.sh/chart: {{ include "caddy.chart" . }}
+{{ include "caddy.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "caddy.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "caddy.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "caddy.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "caddy.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

helm/charts/charts/caddy/templates/caddy-configMap.yml

@@ -0,0 +1,14 @@
+{{- if .Values.enabled -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "caddy.fullname" . }}-cfg-settings
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "caddy.labels" . | nindent 4 }}
+    app.kubernetes.io/part-of: tum-gis-iot-stack-k8s
+    app.kubernetes.io/component: {{ .Values.component }}
+data:
+  Caddyfile: {{- .Values.caddyfile | toYaml | indent 1 }}
+
+{{- end -}}

helm/charts/charts/caddy/templates/caddy-ingress-subpath.yml

@@ -0,0 +1,39 @@
+{{- if .Values.enabled -}}
+{{- if .Values.http.subpath -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ include "caddy.fullname" . }}-ing-subpath
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "caddy.labels" . | nindent 4 }}
+    app.kubernetes.io/part-of: tum-gis-iot-stack-k8s
+    app.kubernetes.io/component: {{ .Values.component }}
+  annotations:
+    cert-manager.io/issuer: {{ .Values.global.ingress.certManager.issuer |
+      default .Values.ingress.certManager.issuer | quote }}
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/rewrite-target: "/$2"
+    {{ if .Values.http.subpath -}}
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      rewrite ^/{{ .Values.http.subpath }}$ /{{ .Values.http.subpath }}/ redirect;
+    {{- end }}
+spec:
+  ingressClassName: nginx
+  tls:
+  - hosts:
+    - {{ .Values.global.fqdn | default .Values.http.domain }}
+    secretName: "{{ .Values.global.fqdn | default .Values.http.domain }}-cert"
+  rules:
+  - host: {{ .Values.global.fqdn | default .Values.http.domain }}
+    http:
+      paths:
+      - path:  /{{ .Values.http.subpath }}(/|$)(.*)
+        pathType: Prefix
+        backend:
+          service:
+            name: {{ .Chart.Name }}-svc
+            port:
+              number: 80
+{{- end -}}
+{{- end -}}

helm/charts/charts/caddy/templates/caddy-ingress.yml

@@ -0,0 +1,35 @@
+{{- if .Values.enabled -}}
+{{- if not .Values.http.subpath -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ include "caddy.fullname" . }}-ing
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "caddy.labels" . | nindent 4 }}
+    app.kubernetes.io/part-of: tum-gis-iot-stack-k8s
+    app.kubernetes.io/component: {{ .Values.component }}
+  annotations:
+    cert-manager.io/issuer: {{ .Values.global.ingress.certManager.issuer |
+      default .Values.ingress.certManager.issuer | quote }}
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/rewrite-target: "/$1"
+spec:
+  ingressClassName: nginx
+  tls:
+  - hosts:
+    - {{ .Values.global.fqdn | default .Values.http.domain }}
+    secretName: "{{ .Values.global.fqdn | default .Values.http.domain }}-cert"
+  rules:
+  - host: {{ .Values.global.fqdn | default .Values.http.domain }}
+    http:
+      paths:
+      - path:  /(.*)
+        pathType: Prefix
+        backend:
+          service:
+            name: {{ .Chart.Name }}-svc
+            port:
+              number: 80
+{{- end -}}
+{{- end -}}

helm/charts/charts/caddy/templates/caddy-pvc.yml

@@ -0,0 +1,23 @@
+{{- if .Values.enabled -}}
+{{- if .Values.persistence.enabled -}}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "caddy.fullname" . }}-pvc
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "caddy.labels" . | nindent 4 }}
+    app.kubernetes.io/part-of: tum-gis-iot-stack-k8s
+    app.kubernetes.io/component: {{ .Values.component }}
+spec:
+  storageClassName: {{ .Values.persistence.storageClassName }}
+  accessModes:
+  {{- range .Values.persistence.data.accessModes }}
+    - {{ . }}
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.data.capacity }}
+
+{{- end -}}
+{{- end -}}

helm/charts/charts/caddy/templates/caddy-service-headless.yml

@@ -0,0 +1,20 @@
+{{- if .Values.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Chart.Name }}-svc-headless
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "caddy.labels" . | nindent 4 }}
+    app.kubernetes.io/part-of: tum-gis-iot-stack-k8s
+    app.kubernetes.io/component: {{ .Values.component }}
+spec:
+  clusterIP: None
+  selector:
+      {{- include "caddy.selectorLabels" . | nindent 6 }}
+      app.kubernetes.io/component: {{ .Values.component }}
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+{{- end -}}

helm/charts/charts/caddy/templates/caddy-service.yml

@@ -0,0 +1,20 @@
+{{- if .Values.enabled -}}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Chart.Name }}-svc
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "caddy.labels" . | nindent 4 }}
+    app.kubernetes.io/part-of: tum-gis-iot-stack-k8s
+    app.kubernetes.io/component: {{ .Values.component }}
+spec:
+  type: ClusterIP
+  selector:
+    {{- include "caddy.selectorLabels" . | nindent 4 }}
+    app.kubernetes.io/component: {{ .Values.component }}
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+{{- end -}}

helm/charts/charts/caddy/templates/caddy-statefulset.yml

@@ -0,0 +1,70 @@
+{{- if .Values.enabled -}}
+{{- if .Values.persistence.enabled -}}
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "caddy.fullname" . }}-{{ .Values.component }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels:
+    {{- include "caddy.labels" . | nindent 4 }}
+    app.kubernetes.io/part-of: tum-gis-iot-stack-k8s
+    app.kubernetes.io/component: {{ .Values.component }}
+spec:
+  serviceName: {{ .Chart.Name }}-svc-headless
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "caddy.selectorLabels" . | nindent 6 }}
+      app.kubernetes.io/component: {{ .Values.component }}
+  template:
+    metadata:
+      labels:
+        {{- include "caddy.selectorLabels" . | nindent 8 }}
+        app.kubernetes.io/component: {{ .Values.component }}
+    spec:
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: caddy-pvc
+        - name: settings
+          configMap:
+            name: caddy-cfg-settings
+      containers:
+        - name: caddy
+          image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: web
+              containerPort: 80
+
+          volumeMounts:
+            - name: html
+              mountPath: /html
+            - name: settings
+              mountPath: "/etc/caddy"
+              readOnly: true
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+
+      volumes:
+        - name: html
+          persistentVolumeClaim:
+            claimName: {{ include "caddy.fullname" . }}-pvc
+        - name: settings
+          configMap:
+            name: {{ include "caddy.fullname" . }}-cfg-settings
+
+{{- end -}}
+{{- end -}}

helm/charts/charts/caddy/values.yaml

@@ -0,0 +1,45 @@
+enabled: true
+component: frontend
+replicaCount: 1
+
+http:
+  # Do not append or prepend :// or /
+  protocol: https
+  domain:
+  subpath:
+
+image:
+  registry: caddy
+  repository: caddy
+  tag: 2.5.2-alpine
+  pullPolicy: IfNotPresent
+
+ingress:
+  certManager:
+    issuer: letsencrypt-staging
+
+persistence:
+  enabled: true
+  storageClassName: azurefile-csi
+  data:
+    mountPath: /usr/share/caddy
+    accessModes:
+      - ReadOnlyMany
+    capacity: 4Gi
+
+resources:
+  limits:
+    cpu: 500m
+    memory: 500Mi
+  requests:
+    cpu: 100m
+    memory: 250Mi
+
+nodeSelector: {}
+tolerations: []
+affinity: {}
+
+caddyfile: |-
+  :80 {
+    file_server
+  }

helm/charts/values.yaml

@@ -16,15 +16,27 @@ global:
       username: postgres
       password: changeMe
 
+caddy:
+  enabled: false
+
 frostdb:
   enabled: true
 
+frostweb:
+  enabled: true
+
+nodered:
+  enabled: false
+
 grafana:
   enabled: true
 
 grafana7:
   enabled: false
 
+certIssuer:
+  enabled: true
+
 cert-manager:
   enabled: false