Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-02-10 20:27:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/ghost] New major version (#6801)

Browse Source 
* [bitnami/ghost] New major version

Signed-off-by: juan131 <juanariza@vmware.com>

* Update container port

Signed-off-by: juan131 <juanariza@vmware.com>

* Recover 'ghostPath' and fix unused values

Signed-off-by: juan131 <juanariza@vmware.com>

* Fix extra empty line

Signed-off-by: juan131 <juanariza@vmware.com>

* Fix "ghost.host" macro

Signed-off-by: juan131 <juanariza@vmware.com>

* Add 'namespace' to every manifest

Signed-off-by: juan131 <juanariza@vmware.com>

* Fix NOTES.txt

Signed-off-by: juan131 <juanariza@vmware.com>

* Update Chart.yaml

* [bitnami/ghost] Update components versions

Signed-off-by: Bitnami Containers <containers@bitnami.com>

Co-authored-by: Bitnami Containers <containers@bitnami.com>
This commit is contained in:
Juan Ariza Toledano
2021-07-07 16:27:09 +02:00
committed by GitHub
parent 91fe89837f
commit 4c7f3aab24
14 changed files with 1042 additions and 780 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bitnami/ghost/Chart.lock
View File

@@ -1,9 +1,9 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 1.6.1
version: 1.7.0
- name: mariadb
repository: https://charts.bitnami.com/bitnami
version: 9.3.16
digest: sha256:7d4c9b96e57e7d108a54c063318c6a0a22aac57fbbe7193d4c972c671d5131bc
generated: "2021-06-30T07:27:22.498729766Z"
digest: sha256:4ca66f6b0c108b28a6f23eed6cc172435809a32f3affcd62c489e852055f38ba
generated: "2021-07-07T13:17:27.058697162Z"

2
bitnami/ghost/Chart.yaml
View File

@@ -33,4 +33,4 @@ name: ghost
sources:
- https://github.com/bitnami/bitnami-docker-ghost
- http://www.ghost.org/
version: 13.0.17
version: 14.0.0

369
bitnami/ghost/README.md
View File

@@ -1,6 +1,6 @@
# Ghost
[Ghost](https://ghost.org/) is one of the most versatile open source content management systems on the market.
[Ghost](https://ghost.org/) is an open source publishing platform designed to create blogs, magazines, and news sites. It includes a simple markdown editor with preview, theming, and SEO built-in to simplify editing.
## TL;DR
@@ -48,168 +48,186 @@ The command removes all the Kubernetes components associated with the chart and
## Parameters
The following table lists the configurable parameters of the Ghost chart and their default values.
### Global parameters
| Parameter | Description | Default |
|---------------------------|-------------------------------------------------|---------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `global.storageClass` | Global storage class for dynamic provisioning | `nil` |
| Name | Description | Value |
| ------------------------- | ----------------------------------------------- | ----- |
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `nil` |
### Common parameters
| Parameter | Description | Default |
|---------------------|------------------------------------------------------------------------------|---------------------------------------------------------|
| `image.registry` | Ghost image registry | `docker.io` |
| `image.repository` | Ghost Image name | `bitnami/ghost` |
| `image.tag` | Ghost Image tag | `{TAG_NAME}` |
| `image.pullPolicy` | Ghost image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `nameOverride` | String to partially override common.names.fullname template | `nil` |
| `fullnameOverride` | String to fully override common.names.fullname template | `nil` |
| `commonLabels` | Labels to add to all deployed objects | `nil` |
| `commonAnnotations` | Annotations to add to all deployed objects | `[]` |
| `extraDeploy` | Array of extra objects to deploy with the release (evaluated as a template). | `nil` |
| Name | Description | Value |
| ------------------- | -------------------------------------------------- | --------------- |
| `kubeVersion` | Override Kubernetes version | `nil` |
| `nameOverride` | String to partially override common.names.fullname | `nil` |
| `fullnameOverride` | String to fully override common.names.fullname | `nil` |
| `commonLabels` | Labels to add to all deployed objects | `{}` |
| `commonAnnotations` | Annotations to add to all deployed objects | `{}` |
| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` |
| `extraDeploy` | Array of extra objects to deploy with the release | `[]` |
### Ghost parameters
| Parameter | Description | Default |
|-----------------------------------------|-----------------------------------------------------------------------------------------------------------------------|---------------------------------------------|
| `affinity` | Map of node/pod affinities | `{}` |
| `allowEmptyPassword` | Allow DB blank passwords | true |
| `args` | Override default container args (useful when using custom images) | `nil` |
| `command` | Override default container command (useful when using custom images) | `nil` |
| `hostAliases` | Add deployment host aliases | `[]` |
| `containerPorts.http` | Sets http port inside Ghost container | `8080` |
| `containerPorts.https` | Sets https port inside Ghost container | `8443` |
| `livenessProbe.enabled` | Would you like a livenessProbe to be enabled | `true` |
| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 120 |
| `livenessProbe.periodSeconds` | How often to perform the probe | 3 |
| `livenessProbe.timeoutSeconds` | When the probe times out | 5 |
| `livenessProbe.failureThreshold` | Minimum consecutive failures to be considered failed | 6 |
| `livenessProbe.successThreshold` | Minimum consecutive successes to be considered successful | 1 |
| `readinessProbe.enabled` | Would you like a readinessProbe to be enabled | `true` |
| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 30 |
| `readinessProbe.periodSeconds` | How often to perform the probe | 3 |
| `readinessProbe.timeoutSeconds` | When the probe times out | 5 |
| `readinessProbe.failureThreshold` | Minimum consecutive failures to be considered failed | 6 |
| `readinessProbe.successThreshold` | Minimum consecutive successes to be considered successful | 1 |
| `podSecurityContext.enabled` | Enable security context | `true` |
| `podSecurityContext.fsGroup` | Group ID for the container | `1001` |
| `podSecurityContext.runAsUser` | User ID for the container | `1001` |
| `containerSecurityContext.enabled` | Enable Ghost containers' Security Context | `true` |
| `containerSecurityContext.runAsUser` | Ghost containers' Security Context | `1001` |
| `containerSecurityContext.runAsNonRoot` | Ghost containers' Security Context Non Root | `true` |
| `customLivenessProbe` | Override default liveness probe | `nil` |
| `customReadinessProbe` | Override default readiness probe | `nil` |
| `existingSecret` | Name of a secret with the application password | `nil` |
| `extraEnvVarsConfigMap` | ConfigMap containing extra env vars | `nil` |
| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `nil` |
| `extraEnvVars` | Extra environment variables | `nil` |
| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `nil` |
| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `nil` |
| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `nil` |
| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `` |
| `ghostHost` | Ghost host to create application URLs | `nil` |
| `ghostPort` | Ghost port to use in application URLs (defaults to `service.port` if `nil`) | `nil` |
| `ghostProtocol` | Protocol (http or https) to use in the application URLs | `http` |
| `ghostPath` | Ghost path to create application URLs | `nil` |
| `ghostUsername` | User of the application | `user@example.com` |
| `ghostPassword` | Application password | Randomly generated |
| `ghostEmail` | Admin email | `user@example.com` |
| `ghostBlogTitle` | Ghost Blog name | `User's Blog` |
| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` |
| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` |
| `nodeSelector` | Node labels for pod assignment | `{}` (The value is evaluated as a template) |
| `persistence.accessMode` | PVC Access Mode for Ghost volume | `ReadWriteOnce` |
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.existingClaim` | An Existing PVC name | `nil` |
| `persistence.path` | Path to mount the Ghost volume at | `/bitnami/ghost` |
| `persistence.size` | PVC Storage Request for Ghost volume | `8Gi` |
| `persistence.storageClass` | PVC Storage Class for Ghost volume | `nil` (uses alpha storage class annotation) |
| `podAnnotations` | Pod annotations | `{}` |
| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `podLabels` | Add additional labels to the pod (evaluated as a template) | `nil` |
| `podSecurityContext.enabled` | Enable Ghost pods' Security Context | `true` |
| `podSecurityContext.fsGroup` | Ghost pods' group ID | `1001` |
| `priorityClassName` | Define the priority class name to use for the ghost pods here. | `""` |
| `replicaCount` | Number of Ghost Pods to run | `1` |
| `resources` | CPU/Memory resource requests/limits | Memory: `512Mi`, CPU: `300m` |
| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `nil` |
| `smtpHost` | SMTP host | `nil` |
| `smtpPort` | SMTP port | `nil` |
| `smtpUser` | SMTP user | `nil` |
| `smtpPassword` | SMTP password | `nil` |
| `smtpFromAddress` | SMTP from address | `nil` |
| `smtpService` | SMTP service | `nil` |
| `tolerations` | Tolerations for pod assignment | `[]` (The value is evaluated as a template) |
| `updateStrategy` | Deployment update strategy | `RollingUpdate` |
### Ghost Image parameters
| Name | Description | Value |
| ------------------- | ------------------------------------------------ | -------------------- |
| `image.registry` | Ghost image registry | `docker.io` |
| `image.repository` | Ghost image repository | `bitnami/ghost` |
| `image.tag` | Ghost image tag (immutable tags are recommended) | `4.8.3-debian-10-r0` |
| `image.pullPolicy` | Ghost image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Ghost image pull secrets | `[]` |
| `image.debug` | Enable image debug mode | `false` |
### Ghost Configuration parameters
| Name | Description | Value |
| -------------------- | -------------------------------------------------------------------- | ------------------ |
| `ghostUsername` | Ghost user name | `user` |
| `ghostPassword` | Ghost user password | `""` |
| `existingSecret` | Name of existing secret containing Ghost credentials | `nil` |
| `ghostEmail` | Ghost user email | `user@example.com` |
| `ghostBlogTitle` | Ghost Blog title | `User's Blog` |
| `ghostHost` | Ghost host to create application URLs | `""` |
| `ghostEnableHttps` | Configure Ghost to build application URLs using https | `false` |
| `smtpHost` | SMTP server host | `""` |
| `smtpPort` | SMTP server port | `""` |
| `smtpUser` | SMTP username | `""` |
| `smtpPassword` | SMTP user password | `""` |
| `smtpService` | SMTP service | `""` |
| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `nil` |
| `allowEmptyPassword` | Allow the container to be started with blank passwords | `true` |
| `ghostSkipInstall` | Skip performing the initial bootstrapping for Ghost | `false` |
| `command` | Override default container command (useful when using custom images) | `[]` |
| `args` | Override default container args (useful when using custom images) | `[]` |
| `extraEnvVars` | Array with extra environment variables to add to the Ghost container | `[]` |
| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars | `nil` |
| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars | `nil` |
### Ghost deployment parameters
| Name | Description | Value |
| --------------------------------------- | ----------------------------------------------------------------------------------------- | --------------- |
| `replicaCount` | Number of Ghost replicas to deploy | `1` |
| `updateStrategy.type` | Ghost deployment strategy type | `RollingUpdate` |
| `priorityClassName` | Ghost pod priority class name | `nil` |
| `hostAliases` | Ghost pod host aliases | `[]` |
| `extraVolumes` | Optionally specify extra list of additional volumes for Ghost pods | `[]` |
| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for Ghost container(s) | `[]` |
| `sidecars` | Add additional sidecar containers to the Ghost pod | `{}` |
| `initContainers` | Add additional init containers to the Ghost pods | `{}` |
| `lifecycleHooks` | Add lifecycle hooks to the Ghost deployment | `{}` |
| `podLabels` | Extra labels for Ghost pods | `{}` |
| `podAnnotations` | Annotations for Ghost pods | `{}` |
| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set | `""` |
| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set | `[]` |
| `affinity` | Affinity for pod assignment | `{}` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `tolerations` | Tolerations for pod assignment | `{}` |
| `resources.limits` | The resources limits for the Ghost container | `{}` |
| `resources.requests` | The requested resources for the Ghost container | `{}` |
| `containerPorts.http` | Ghost HTTP container port | `2368` |
| `containerPorts.https` | Ghost HTTPS container port | `2368` |
| `podSecurityContext.enabled` | Enabled Ghost pods' Security Context | `true` |
| `podSecurityContext.fsGroup` | Set Ghost pod's Security Context fsGroup | `1001` |
| `containerSecurityContext.enabled` | Enabled Ghost containers' Security Context | `true` |
| `containerSecurityContext.runAsUser` | Set Ghost container's Security Context runAsUser | `1001` |
| `containerSecurityContext.runAsNonRoot` | Set Ghost container's Security Context runAsNonRoot | `true` |
| `livenessProbe.enabled` | Enable livenessProbe | `true` |
| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` |
| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `readinessProbe.enabled` | Enable readinessProbe | `true` |
| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` |
| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `3` |
| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
| `customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
### Traffic Exposure Parameters
| Parameter | Description | Default |
|-----------------------------------|--------------------------------------------------------------------------------------|--------------------------------|
| `service.type` | Kubernetes Service type | `LoadBalancer` |
| `service.port` | Service HTTP port | `80` |
| `service.nodePorts.http` | Kubernetes http node port | `""` |
| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` |
| `service.loadBalancerIP` | LoadBalancerIP for the Ghost service | `` |
| `service.loadBalancerSourceRanges`| define loadBalancerSourceRanges if the service type is `LoadBalancer` | `[]` |
| `service.annotations` | Service annotations. Evaluated as a template | `{}` |
| `service.extraPorts` | Service extra ports, normally used with the `sidecar` value. Evaluated as a template | `[]` |
| `ingress.enabled` | Enable ingress controller resource | `false` |
| `ingress.certManager` | Add annotations for cert-manager | `false` |
| `ingress.hostname` | Default host for the ingress resource | `ghost.local` |
| `ingress.path` | Default path for the ingress resource | `/` |
| `ingress.tls` | Create TLS Secret | `false` |
| `ingress.annotations` | Ingress annotations | `[]` (evaluated as a template) |
| `ingress.extraHosts[0].name` | Additional hostnames to be covered | `nil` |
| `ingress.extraHosts[0].path` | Additional hostnames to be covered | `nil` |
| `ingress.extraPaths` | Additional arbitrary path/backend objects | `nil` |
| `ingress.extraTls[0].hosts[0]` | TLS configuration for additional hostnames to be covered | `nil` |
| `ingress.extraTls[0].secretName` | TLS configuration for additional hostnames to be covered | `nil` |
| `ingress.secrets[0].name` | TLS Secret Name | `nil` |
| `ingress.secrets[0].certificate` | TLS Secret Certificate | `nil` |
| `ingress.secrets[0].key` | TLS Secret Key | `nil` |
| Name | Description | Value |
| ---------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------ |
| `service.type` | Ghost service type | `LoadBalancer` |
| `service.port` | Ghost service HTTP port | `80` |
| `service.httpsPort` | Ghost service HTTPS port | `443` |
| `service.nodePorts.http` | Node port for HTTP | `nil` |
| `service.nodePorts.https` | Node port for HTTPS | `nil` |
| `service.clusterIP` | Ghost service Cluster IP | `nil` |
| `service.loadBalancerIP` | Ghost service Load Balancer IP | `nil` |
| `service.loadBalancerSourceRanges` | Ghost service Load Balancer sources | `[]` |
| `service.externalTrafficPolicy` | Ghost service external traffic policy | `Cluster` |
| `service.annotations` | Additional custom annotations for Ghost service | `{}` |
| `service.extraPorts` | Extra port to expose on Ghost service | `[]` |
| `ingress.enabled` | Enable ingress record generation for Ghost | `false` |
| `ingress.pathType` | Ingress path type | `ImplementationSpecific` |
| `ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `nil` |
| `ingress.hostname` | Default host for the ingress record | `ghost.local` |
| `ingress.path` | Default path for the ingress record | `ImplementationSpecific` |
| `ingress.annotations` | Additional custom annotations for the ingress record | `{}` |
| `ingress.tls` | Enable TLS configuration for the host defined at `ingress.hostname` parameter | `false` |
| `ingress.certManager` | Add the corresponding annotations for cert-manager integration | `false` |
| `ingress.selfSigned` | Create a TLS secret for this ingress record using self-signed certificates generated by Helm | `false` |
| `ingress.extraHosts` | An array with additional hostname(s) to be covered with the ingress record | `[]` |
| `ingress.extraPaths` | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]` |
| `ingress.extraTls` | TLS configuration for additional hostname(s) to be covered with this ingress record | `[]` |
| `ingress.secrets` | Custom TLS certificates as secrets | `[]` |
### Database parameters
| Parameter | Description | Default |
|---------------------------------------------|--------------------------------------------------------------------------------------------|------------------------------------------------|
| `mariadb.enabled` | Whether to use the MariaDB chart | `true` |
| `mariadb.architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
| `mariadb.auth.rootPassword` | Password for the MariaDB `root` user | _random 10 character alphanumeric string_ |
| `mariadb.auth.database` | Database name to create | `bitnami_ghost` |
| `mariadb.auth.username` | Database user to create | `bn_ghost` |
| `mariadb.auth.password` | Password for the database | _random 10 character long alphanumeric string_ |
| `mariadb.primary.persistence.enabled` | Enable database persistence using PVC | `true` |
| `mariadb.primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `nil` |
| `mariadb.primary.persistence.accessMode` | Database Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `mariadb.primary.persistence.size` | Database Persistent Volume Size | `8Gi` |
| `mariadb.primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `nil` (uses alpha storage class annotation) |
| `mariadb.primary.persistence.hostPath` | Host mount path for MariaDB volume | `nil` (will not mount to a host path) |
| `externalDatabase.user` | Existing username in the external db | `bn_ghost` |
| `externalDatabase.password` | Password for the above username | `nil` |
| `externalDatabase.existingSecret` | Name of an existing secret resource containing the DB password in a 'mariadb-password' key | `nil` |
| `externalDatabase.database` | Name of the existing database | `bitnami_ghost` |
| `externalDatabase.host` | Host of the existing database | `nil` |
| `externalDatabase.port` | Port of the existing database | `3306` |
### Persistence Parameters
### Volume Permissions parameters
| Name | Description | Value |
| --------------------------------------------- | ----------------------------------------------------------------------------------------------- | ----------------------- |
| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `true` |
| `persistence.storageClass` | Persistent Volume storage class | `nil` |
| `persistence.annotations` | Additional custom annotations for the PVC | `{}` |
| `persistence.accessModes` | Persistent Volume access modes | `[]` |
| `persistence.size` | Persistent Volume size | `8Gi` |
| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `nil` |
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `10-debian-10-r119` |
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` |
| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` |
| `volumePermissions.securityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
### Database Parameters
| Name | Description | Value |
| ------------------------------------------ | ------------------------------------------------------------------------- | --------------- |
| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` |
| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` |
| `mariadb.auth.rootPassword` | MariaDB root password | `""` |
| `mariadb.auth.database` | MariaDB custom database | `bitnami_ghost` |
| `mariadb.auth.username` | MariaDB custom user name | `bn_ghost` |
| `mariadb.auth.password` | MariaDB custom user password | `""` |
| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` |
| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `nil` |
| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` |
| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` |
| `externalDatabase.host` | External Database server host | `localhost` |
| `externalDatabase.port` | External Database server port | `3306` |
| `externalDatabase.user` | External Database username | `bn_ghost` |
| `externalDatabase.password` | External Database user password | `""` |
| `externalDatabase.database` | External Database database name | `bitnami_ghost` |
| `externalDatabase.existingSecret` | The name of an existing secret with database credentials | `nil` |
| Parameter | Description | Default |
|---------------------------------------|-----------------------------------------------------|---------------------------------------------------------|
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `"10"` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` |
| `volumePermissions.resources` | Init container resource requests/limit | `nil` |
The above parameters map to the env variables defined in [bitnami/ghost](http://github.com/bitnami/bitnami-docker-ghost). For more information please refer to the [bitnami/ghost](http://github.com/bitnami/bitnami-docker-ghost) image documentation.
@@ -225,7 +243,7 @@ The above parameters map to the env variables defined in [bitnami/ghost](http://
> $ gcloud compute addresses create ghost-public-ip
> ```
>
> The reserved IP address can be assigned to the Ghost service by specifying it as the value of the `ghostLoadBalancerIP` parameter while installing the chart.
> The reserved IP address can be assigned to the Ghost service by specifying it as the value of the `service.loadBalancerIP` parameter while installing the chart.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
@@ -255,9 +273,9 @@ It is strongly recommended to use immutable tags in a production environment. Th
Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
### Using an existing database
### External database support
Sometimes you may want to have Ghost connect to an external database rather than installing one inside your cluster, e.g. to use a managed database service, or use run a single database server for all your applications. To do this, the chart allows you to specify credentials for an external database under the [`externalDatabase` parameter](#parameters). You should also disable the MariaDB installation with the `mariadb.enabled` option. For example using the following parameters:
You may want to have Ghost connect to an external database rather than installing one inside your cluster. Typical reasons for this are to use a managed database service, or to share a common database server for all your applications. To achieve this, the chart allows you to specify credentials for an external database with the [`externalDatabase` parameter](#database-parameters). You should also disable the MariaDB installation with the `mariadb.enabled` option. Here is an example:
```console
mariadb.enabled=false
@@ -265,13 +283,48 @@ externalDatabase.host=myexternalhost
externalDatabase.user=myuser
externalDatabase.password=mypassword
externalDatabase.database=mydatabase
externalDatabase.port=3306
```
### Setting Pod's affinity
Refer to the [documentation on using an external database with Ghost](https://docs.bitnami.com/kubernetes/apps/ghost/configuration/use-external-database/) for more information.
This chart allows you to set your custom affinity using the `affinity` parameter. Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
### Configure Ingress
As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters.
This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/master/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/master/bitnami/contour) you can utilize the ingress controller to serve your application.
To enable Ingress integration, set `ingress.enabled` to `true`. The `ingress.hostname` property can be used to set the host name. The `ingress.tls` parameter can be used to add the TLS configuration for this host. It is also possible to have more than one host, with a separate TLS configuration for each host. [Learn more about configuring and using Ingress](https://docs.bitnami.com/kubernetes/apps/ghost/configuration/configure-ingress/).
### Configure TLS Secrets for use with Ingress
The chart also facilitates the creation of TLS secrets for use with the Ingress controller, with different options for certificate management. [Learn more about TLS secrets](https://docs.bitnami.com/kubernetes/apps/ghost/administration/enable-tls-ingress/).
### Configure extra environment variables
To add extra environment variables (useful for advanced operations like custom init scripts), use the `extraEnvVars` property.
```yaml
extraEnvVars:
- name: LOG_LEVEL
value: DEBUG
```
Alternatively, use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values.
### Configure Sidecars and Init Containers
If additional containers are needed in the same pod as Ghost (such as additional metrics or logging exporters), they can be defined using the `sidecars` parameter. Similarly, you can add extra init containers using the `initContainers` parameter.
[Learn more about configuring and using sidecar and init containers](https://docs.bitnami.com/kubernetes/apps/ghost/configuration/configure-sidecar-init-containers/).
### Deploy extra resources
There are cases where you may want to deploy extra objects, such a ConfigMap containing your app's configuration or some extra deployment with a micro service used by your app. For covering this case, the chart allows adding the full specification of other objects using the `extraDeploy` parameter.
### Set Pod affinity
This chart allows you to set custom Pod affinity using the `affinity` parameter(s). Find more information about Pod affinity in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
As an alternative, you can use the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters.
## Persistence
@@ -286,6 +339,12 @@ Find more information about how to deal with common errors related to Bitnami
## Upgrading
### To 14.0.0
Due to recent changes in the container image (see [Notable changes](https://github.com/bitnami/bitnami-docker-ghost#notable-changes)), the major version of the chart has been bumped preemptively.
Compatibility is not guaranteed due to the amount of involved changes, however no breaking changes are expected.
### To 12.0.0
This version standardizes the way of defining Ingress rules. When configuring a single hostname for the Ingress rule, set the `ingress.hostname` value. When defining more than one, set the `ingress.extraHosts` array. Apart from this case, no issues are expected to appear when upgrading.

12
bitnami/ghost/ci/values-with-metrics-and-ingress.yaml Normal file
View File

@@ -0,0 +1,12 @@
# Test values file for generating all of the yaml and check that
# the rendering is correct
service:
type: ClusterIP
ingress:
enabled: true
tls: true
hostname: ghost.local
volumePermissions:
enabled: true
metrics:
enabled: true

84
bitnami/ghost/templates/NOTES.txt
View File

@@ -1,6 +1,9 @@
{{- $ghostPasswordKey := ( include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "ghost-password") ) -}}
{{- $ghostSecretName := (include "common.names.fullname" .) -}}
{{- $databaseSecretName := include "ghost.databaseSecretName" . -}}
{{- if or .Values.mariadb.enabled .Values.externalDatabase.host -}}
{{- if empty (include "ghost.host" .) -}}
###############################################################################
### ERROR: You did not provide an external host in your 'helm install' call ###
@@ -25,16 +28,37 @@ host. To configure Ghost with the URL of your service:
{{- end }}
{{ include "common.utils.secret.getvalue" (dict "secret" $ghostSecretName "field" $ghostPasswordKey "context" $) }}
{{- if .Values.mariadb.auth.rootPassword }}
{{ include "common.utils.secret.getvalue" (dict "secret" $databaseSecretName "field" "mariadb-root-password" "context" $) }}
{{- end }}
{{ include "common.utils.secret.getvalue" (dict "secret" $databaseSecretName "field" "mariadb-password" "context" $) }}
2. Complete your Ghost deployment by running:
{{- if .Values.mariadb.enabled }}
helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \
--set service.type={{ .Values.service.type }},ghostHost=$APP_HOST,ghostPassword=$GHOST_PASSWORD{{ if .Values.mariadb.auth.rootPassword }},mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD{{ end }},mariadb.auth.password=$MARIADB_PASSWORD{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }},global.imagePullSecrets={{ .Values.global.imagePullSecrets }}{{- end }}{{- end }}
--set service.type={{ .Values.service.type }},ghostHost=$APP_HOST,ghostPassword=$GHOST_PASSWORD,mariadb.auth.rootPassword=$MARIADB_ROOT_PASSWORD,mariadb.auth.password=$MARIADB_PASSWORD{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }},global.imagePullSecrets={{ .Values.global.imagePullSecrets }}{{- end }}{{- end }}
{{- else }}
## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ##
helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \
--set service.type={{ .Values.service.type }},ghostHost=$APP_HOST,ghostPassword=$APP_PASSWORD,{{- if contains "NodePort" .Values.service.type }}service.nodePort=$APP_PORT,{{- end }}mariadb.enabled=false{{- if not (empty .Values.externalDatabase.host) }},externalDatabase.host={{ .Values.externalDatabase.host }}{{- end }}{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }}
{{- end }}
{{- else -}}
{{- if .Values.ingress.enabled }}
1. Get the Ghost URL and associate its hostname to your cluster external IP:
export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters
echo "Ghost URL: http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.ingress.hostname }}"
echo "$CLUSTER_IP {{ .Values.ingress.hostname }}" | sudo tee -a /etc/hosts
{{- else }}
1. Get the Ghost URL by running:
{{- if eq .Values.service.type "ClusterIP" }}
@@ -44,6 +68,7 @@ host. To configure Ghost with the URL of your service:
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.names.fullname" . }} {{ default "80" .Values.service.port }}:{{ default "80" .Values.service.port }}
{{- else if eq .Values.service.type "NodePort" }}
export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
export APP_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "common.names.fullname" . }})
@@ -52,34 +77,67 @@ host. To configure Ghost with the URL of your service:
{{- else }}
echo Blog URL : http://{{ include "ghost.endpoint" . }}
echo Admin URL : http://{{ include "ghost.endpoint" . }}ghost
echo Blog URL : http://{{ include "ghost.host" . }}
echo Admin URL : http://{{ include "ghost.host" . }}ghost
{{- end }}
{{- end }}
2. Get your Ghost login credentials by running:
echo Email: {{ .Values.ghostEmail }}
echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} -o jsonpath="{.data.{{- $ghostPasswordKey -}}}" | base64 --decode)
{{- end }}
{{- else -}}
########################################################################################
### ERROR: You did not provide an external database host in your 'helm install' call ###
########################################################################################
This deployment will be incomplete until you configure Ghost with a resolvable database
host. To configure Ghost to use and external database host:
1. Complete your Ghost deployment by running:
{{- if contains "NodePort" .Values.service.type }}
export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.names.fullname" . }}'
export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.names.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
{{- else }}
export APP_HOST=127.0.0.1
{{- end }}
{{ include "common.utils.secret.getvalue" (dict "secret" $ghostSecretName "field" $ghostPasswordKey "context" $) }}
## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ##
helm upgrade --namespace {{ .Release.Namespace }} {{ .Release.Name }} bitnami/{{ .Chart.Name }} \
--set ghostPassword=$APP_PASSWORD,ghostHost=$APP_HOST,service.type={{ .Values.service.type }},mariadb.enabled=false{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }},externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST
{{- end }}
{{ include "common.warnings.rollingTag" .Values.image }}
{{- include "ghost.validateValues" . }}
{{- include "common.warnings.rollingTag" .Values.image }}
{{- $passwordValidationErrors := list -}}
{{- if not .Values.existingSecret -}}
{{- $requiredGhostPassword := dict "valueKey" "ghostPassword" "secret" $ghostSecretName "field" "ghost-password" "context" $ -}}
{{- $requiredGhostPasswordError := include "common.validations.values.single.empty" $requiredGhostPassword -}}
{{- $passwordValidationErrors = append $passwordValidationErrors $requiredGhostPasswordError -}}
{{- end -}}
{{- if .Values.mariadb.enabled }}
{{- $mariadbPasswordValidationErrors := include "common.validations.values.mariadb.passwords" (dict "secret" $databaseSecretName "subchart" true "context" $) -}}
{{- $passwordValidationErrors = append $passwordValidationErrors $mariadbPasswordValidationErrors -}}
{{- end }}
{{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}}
{{- if and (not .Values.mariadb.enabled) .Release.IsUpgrade .Values.externalDatabase.password -}}
{{- $requiredExternalPassword := dict "valueKey" "externalDatabase.password" "secret" $databaseSecretName "field" "mariadb-password" -}}
WARNING: Review values for the following password in the command, if they are correct please ignore this notice.
{{- include "common.validations.values.multiple.empty" (dict "required" (list $requiredExternalPassword) "context" $) -}}
{{- end -}}

59
bitnami/ghost/templates/_helpers.tpl
View File

@@ -29,13 +29,6 @@ Return the proper Docker Image Registry Secret Names
{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.volumePermissions.image) "global" .Values.global) }}
{{- end -}}
{{/*
Return the proper Storage Class
*/}}
{{- define "ghost.storageClass" -}}
{{ include "common.storage.class" ( dict "persistence" .Values.persistence "global" .Values.global) }}
{{- end -}}
{{/*
Get the user defined LoadBalancerIP for this release.
Note, returns 127.0.0.1 if using ClusterIP.
@@ -53,18 +46,13 @@ Gets the host to be used for this application.
If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty.
*/}}
{{- define "ghost.host" -}}
{{- default (include "ghost.serviceIP" .) .Values.ghostHost -}}
{{- if .Values.ingress.enabled }}
{{- printf "%s%s" .Values.ingress.hostname .Values.ingress.path | default "" -}}
{{- else if .Values.ghostHost -}}
{{- printf "%s%s" .Values.ghostHost .Values.ghostPath | default "" -}}
{{- else -}}
{{- include "ghost.serviceIP" . -}}
{{- end -}}
{{/*
Gets the endpoint to be used for this application.
If not using ClusterIP, or if a host or LoadBalancerIP is not defined, the value will be empty.
*/}}
{{- define "ghost.endpoint" -}}
{{- $host := include "ghost.host" . -}}
{{- $path := trimSuffix "/" (trimPrefix "/" .Values.ghostPath) -}}
{{- printf "%s/%s" $host $path -}}
{{- end -}}
{{/*
@@ -120,10 +108,41 @@ Return the MariaDB Secret Name
*/}}
{{- define "ghost.databaseSecretName" -}}
{{- if .Values.mariadb.enabled }}
{{- printf "%s" (include "ghost.mariadb.fullname" .) -}}
{{- if .Values.mariadb.auth.existingSecret -}}
{{- printf "%s" .Values.mariadb.auth.existingSecret -}}
{{- else -}}
{{- printf "%s" (include "ghost.mariadb.fullname" .) -}}
{{- end -}}
{{- else if .Values.externalDatabase.existingSecret -}}
{{- printf "%s" .Values.externalDatabase.existingSecret -}}
{{- else -}}
{{- printf "%s-%s" (include "common.names.fullname" .) "external-db" -}}
{{- printf "%s-externaldb" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/*
Compile all warnings into a single message.
*/}}
{{- define "ghost.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "ghost.validateValues.database" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}
{{/* Validate values of Ghost - Database */}}
{{- define "ghost.validateValues.database" -}}
{{- if and (not .Values.mariadb.enabled) (or (empty .Values.externalDatabase.host) (empty .Values.externalDatabase.port) (empty .Values.externalDatabase.database)) -}}
ghost: database
You disable the MariaDB installation but you did not provide the required parameters
to use an external database. To use an external database, please ensure you provide
(at least) the following values:
externalDatabase.host=DB_SERVER_HOST
externalDatabase.database=DB_NAME
externalDatabase.port=DB_SERVER_PORT
{{- end -}}
{{- end -}}

141
bitnami/ghost/templates/deployment.yaml
View File

@@ -3,6 +3,7 @@ apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: ghost
{{- if .Values.commonLabels }}
@@ -15,9 +16,7 @@ spec:
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
replicas: {{ .Values.replicaCount }}
{{- if .Values.updateStrategy }}
strategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
{{- end }}
strategy: {{- include "common.tplvalues.render" (dict "value" .Values.updateStrategy "context" $ ) | nindent 4 }}
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
@@ -25,9 +24,13 @@ spec:
{{- if .Values.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.podAnnotations "context" $ ) | nindent 8 }}
{{- end }}
annotations:
{{- if or (not .Values.existingSecret) (and (not .Values.smtpExistingSecret) .Values.smtpPassword) }}
checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.podAnnotations "context" $ ) | nindent 8 }}
{{- end }}
spec:
{{- include "ghost.imagePullSecrets" . | nindent 6 }}
{{- if .Values.hostAliases }}
@@ -53,32 +56,45 @@ spec:
{{- if .Values.podSecurityContext.enabled }}
securityContext: {{- omit .Values.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
{{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) .Values.initContainers }}
initContainers:
{{- if not .Values.podSecurityContext.enabled }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
- name: volume-permissions
image: {{ include "ghost.volumePermissions.image" . }}
imagePullPolicy: "{{ .Values.volumePermissions.image.pullPolicy }}"
command: ['sh', '-c', 'chmod -R g+rwX {{ .Values.persistence.path }}']
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command:
- /bin/bash
args:
- -ec
- |
mkdir -p /bitnami/ghost
chown -R "{{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}" /bitnami/ghost
{{- if eq ( toString ( .Values.volumePermissions.securityContext.runAsUser )) "auto"}}
securityContext: {{- omit .Values.volumePermissions.securityContext "runAsUser" | toYaml | nindent 12 }}
{{- else }}
securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- end }}
volumeMounts:
- mountPath: {{ .Values.persistence.path }}
name: ghost-data
{{- end }}
{{- if .Values.initContainers }}
{{ include "common.tplvalues.render" ( dict "value" .Values.initContainers "context" $ ) | indent 8 }}
- name: ghost-data
mountPath: /bitnami/ghost
{{- end }}
{{- if .Values.initContainers }}
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- end }}
containers:
- name: {{ include "common.names.fullname" . }}
image: {{ include "ghost.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.lifecycleHooks }}
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.lifecycleHooks }}
lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }}
{{- end }}
@@ -86,11 +102,13 @@ spec:
args: {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }}
{{- end }}
env:
- name: BITNAMI_DEBUG
value: {{ ternary "true" "false" .Values.image.debug | quote }}
- name: ALLOW_EMPTY_PASSWORD
value: {{ ternary "yes" "no" .Values.allowEmptyPassword | quote }}
- name: MARIADB_HOST
- name: GHOST_DATABASE_HOST
value: {{ include "ghost.databaseHost" . | quote }}
- name: MARIADB_PORT_NUMBER
- name: GHOST_DATABASE_PORT_NUMBER
value: {{ include "ghost.databasePort" . | quote }}
- name: GHOST_DATABASE_NAME
value: {{ include "ghost.databaseName" . | quote }}
@@ -102,11 +120,9 @@ spec:
name: {{ include "ghost.databaseSecretName" . }}
key: mariadb-password
- name: GHOST_HOST
value: {{ include "ghost.endpoint" . | quote }}
- name: GHOST_PROTOCOL
value: {{ .Values.ghostProtocol | quote }}
value: {{ include "ghost.host" . | quote }}
- name: GHOST_PORT_NUMBER
value: {{ default .Values.service.port .Values.ghostPort | quote }}
value: {{ ternary .Values.containerPorts.https .Values.containerPorts.http .Values.ghostEnableHttps | quote }}
- name: GHOST_USERNAME
value: {{ .Values.ghostUsername | quote }}
- name: GHOST_PASSWORD
@@ -116,89 +132,86 @@ spec:
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "ghost-password") }}
- name: GHOST_EMAIL
value: {{ .Values.ghostEmail | quote }}
- name: BLOG_TITLE
- name: GHOST_BLOG_TITLE
value: {{ .Values.ghostBlogTitle | quote }}
- name: GHOST_ENABLE_HTTPS
value: {{ ternary "yes" "no" .Values.ghostEnableHttps | quote }}
- name: GHOST_EXTERNAL_HTTP_PORT_NUMBER
value: {{ .Values.service.port | quote }}
- name: GHOST_EXTERNAL_HTTPS_PORT_NUMBER
value: {{ .Values.service.httpsPort | quote }}
- name: GHOST_SKIP_BOOTSTRAP
value: {{ ternary "yes" "no" .Values.ghostSkipInstall | quote }}
{{- if .Values.smtpHost }}
- name: SMTP_HOST
- name: GHOST_SMTP_HOST
value: {{ .Values.smtpHost | quote }}
{{- end }}
{{- if .Values.smtpPort }}
- name: SMTP_PORT
- name: GHOST_SMTP_PORT
value: {{ .Values.smtpPort | quote }}
{{- end }}
{{- if .Values.smtpUser }}
- name: SMTP_USER
- name: GHOST_SMTP_USER
value: {{ .Values.smtpUser | quote }}
{{- end }}
{{- if .Values.smtpPassword }}
- name: SMTP_PASSWORD
- name: GHOST_SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "common.secrets.name" (dict "existingSecret" .Values.existingSecret "context" $) }}
key: {{ include "common.secrets.key" (dict "existingSecret" .Values.existingSecret "key" "smtp-password") }}
{{- end }}
{{- if .Values.smtpFromAddress }}
- name: SMTP_FROM_ADDRESS
value: {{ .Values.smtpFromAddress | quote }}
{{- end }}
{{- if .Values.smtpService }}
- name: SMTP_SERVICE
- name: GHOST_SMTP_SERVICE
value: {{ .Values.smtpService | quote }}
{{- end }}
{{- if .Values.extraEnvVars }}
{{- include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $ ) | nindent 12 }}
{{- end }}
{{- if or .Values.extraEnvVarsConfigMap .Values.extraEnvVarsSecret }}
{{- if or .Values.extraEnvVarsCM .Values.extraEnvVarsSecret }}
envFrom:
{{- if .Values.extraEnvVarsConfigMap }}
{{- if .Values.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsConfigMap "context" $ ) }}
name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVarsSecret "context" $ ) }}
name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
{{- end }}
{{- end }}
ports:
{{- if .Values.ghostEnableHttps }}
- name: https
containerPort: {{ .Values.containerPorts.https }}
protocol: TCP
{{- else }}
- name: http
containerPort: 2368
containerPort: {{ .Values.containerPorts.http }}
protocol: TCP
{{- end }}
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: {{ .Values.ghostPath }}
path: /
port: http
httpHeaders:
- name: Host
value: {{ include "ghost.host" . | quote }}
{{- if eq .Values.ghostProtocol "https" }}
- name: X-Forwarded-Proto
value: https
{{- end }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
{{- else if .Values.customLivenessProbe }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: {{ .Values.ghostPath }}
path: /
port: http
httpHeaders:
- name: Host
value: {{ include "ghost.host" . | quote }}
{{- if eq .Values.ghostProtocol "https" }}
- name: X-Forwarded-Proto
value: https
{{- end }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
{{- else if .Values.customReadinessProbe }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }}
{{- end }}
@@ -207,13 +220,13 @@ spec:
{{- end }}
volumeMounts:
- name: ghost-data
mountPath: {{ .Values.persistence.path }}
{{- if .Values.extraVolumeMounts }}
{{- include "common.tplvalues.render" ( dict "value" .Values.extraVolumeMounts "context" $ ) | nindent 12 }}
{{- end }}
{{- if .Values.sidecars }}
{{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $ ) | nindent 8 }}
{{- end }}
mountPath: /bitnami/ghost
{{- if .Values.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
{{- if .Values.sidecars }}
{{- include "common.tplvalues.render" ( dict "value" .Values.sidecars "context" $) | nindent 8 }}
{{- end }}
volumes:
- name: ghost-data
{{- if .Values.persistence.enabled }}
@@ -223,6 +236,6 @@ spec:
emptyDir: {}
{{- end }}
{{- if .Values.extraVolumes }}
{{- include "common.tplvalues.render" ( dict "value" .Values.extraVolumes "context" $ ) | nindent 8 }}
{{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end -}}

6
bitnami/ghost/templates/secrets-external-db.yaml → bitnami/ghost/templates/external-db-secrets.yaml
View File

@@ -2,7 +2,8 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ printf "%s-%s" (include "common.names.fullname" .) "external-db" }}
name: {{ printf "%s-externaldb" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: ghost
{{- if .Values.commonLabels }}
@@ -13,7 +14,6 @@ metadata:
{{- end }}
type: Opaque
data:
{{- if .Values.externalDatabase.password }}
mariadb-password: {{ .Values.externalDatabase.password | b64enc | quote }}
{{- end }}
{{- end }}

29
bitnami/ghost/templates/ingress.yaml
View File

@@ -1,22 +1,25 @@
{{- if .Values.ingress.enabled }}
apiVersion: {{ template "common.capabilities.ingress.apiVersion" . }}
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ include "common.names.fullname" . }}
name: {{ template "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: ghost
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.ingress.annotations .Values.commonAnnotations .Values.ingress.certManager }}
annotations:
{{- if .Values.ingress.certManager }}
{{- if .Values.ingress.certManager }}
kubernetes.io/tls-acme: "true"
{{- end }}
{{- if .Values.ingress.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if $.Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.ingress.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
rules:
@@ -43,15 +46,15 @@ spec:
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http" "context" $) | nindent 14 }}
{{- end }}
{{- if or .Values.ingress.tls .Values.ingress.extraTls }}
{{- if or (and .Values.ingress.tls (or .Values.ingress.certManager .Values.ingress.selfSigned)) .Values.ingress.extraTls }}
tls:
{{- if .Values.ingress.tls }}
{{- if and .Values.ingress.tls (or .Values.ingress.certManager .Values.ingress.selfSigned) }}
- hosts:
- {{ .Values.ingress.hostname }}
- {{ .Values.ingress.hostname | quote }}
secretName: {{ printf "%s-tls" .Values.ingress.hostname }}
{{- end }}
{{- if .Values.ingress.extraTls }}
{{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }}
{{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}

19
bitnami/ghost/templates/pvc.yaml
View File

@@ -3,19 +3,32 @@ kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: ghost
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- if or .Values.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- if not (empty .Values.persistence.accessModes) }}
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
{{- else }}
- {{ .Values.persistence.accessMode | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{ include "ghost.storageClass" . }}
{{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }}
{{- end -}}

14
bitnami/ghost/templates/secrets.yaml
View File

@@ -1,10 +1,10 @@
{{- if empty .Values.existingSecret }}
{{- if or (not .Values.existingSecret) (and (not .Values.smtpExistingSecret) .Values.smtpPassword) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}
name: {{ template "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: ghost
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
@@ -13,12 +13,16 @@ metadata:
{{- end }}
type: Opaque
data:
{{- if not .Values.existingSecret }}
{{- if .Values.ghostPassword }}
ghost-password: {{ default "" .Values.ghostPassword | b64enc | quote }}
ghost-password: {{ .Values.ghostPassword | b64enc | quote }}
{{- else }}
ghost-password: {{ randAlphaNum 10 | b64enc | quote }}
{{- end }}
{{- end }}
{{- if and .Values.smtpPassword (not .Values.smtpExistingSecret) }}
{{- if .Values.smtpPassword }}
smtp-password: {{ default "" .Values.smtpPassword | b64enc | quote }}
smtp-password: {{ .Values.smtpPassword | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}

30
bitnami/ghost/templates/svc.yaml
View File

@@ -2,11 +2,13 @@ apiVersion: v1
kind: Service
metadata:
name: {{ include "common.names.fullname" . }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: ghost
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.service.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.service.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }}
@@ -14,27 +16,45 @@ metadata:
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
{{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }}
externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }}
{{- end }}
{{- if eq .Values.service.type "LoadBalancer" }}
loadBalancerIP: {{ default "" .Values.service.loadBalancerIP | quote }}
{{- if (and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges) }}
loadBalancerSourceRanges: {{- toYaml . | nindent 4 }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges: {{ toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }}
{{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
ports:
{{- if .Values.ghostEnableHttps }}
- name: https
port: {{ .Values.service.httpsPort }}
protocol: TCP
targetPort: https
{{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.https))) }}
nodePort: {{ .Values.service.nodePorts.https }}
{{- else if eq .Values.service.type "ClusterIP" }}
nodePort: null
{{- end }}
{{- else }}
- name: http
port: {{ .Values.service.port }}
protocol: TCP
targetPort: http
{{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.http))) }}
nodePort: {{ .Values.service.nodePorts.http }}
{{- else if eq .Values.service.type "ClusterIP" }}
nodePort: null
{{- end }}
{{- end }}
{{- if .Values.service.extraPorts }}
{{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }}
{{- end }}
selector: {{ include "common.labels.matchLabels" . | nindent 4 }}
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: ghost

25
bitnami/ghost/templates/tls-secrets.yaml
View File

@@ -1,11 +1,12 @@
{{- if .Values.ingress.enabled }}
{{- if .Values.ingress.secrets }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}
namespace: {{ $.Release.Namespace | quote }}
labels: {{- include "common.labels.standard" $ | nindent 4 }}
app.kubernetes.io/component: ghost
{{- if $.Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
@@ -19,3 +20,25 @@ data:
---
{{- end }}
{{- end }}
{{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
{{- $ca := genCA "ghost-ca" 365 }}
{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }}
apiVersion: v1
kind: Secret
metadata:
name: {{ printf "%s-tls" .Values.ingress.hostname }}
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: kubernetes.io/tls
data:
tls.crt: {{ $cert.Cert | b64enc | quote }}
tls.key: {{ $cert.Key | b64enc | quote }}
ca.crt: {{ $ca.Cert | b64enc | quote }}
{{- end }}
{{- end }}

1026
bitnami/ghost/values.yaml
View File

File diff suppressed because it is too large Load Diff