diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml
index 7756b99..a46e925 100644
--- a/deploy/helm/Chart.yaml
+++ b/deploy/helm/Chart.yaml
@@ -2,10 +2,10 @@ apiVersion: v2
name: wg-portal
description: WireGuard Configuration Portal with LDAP, OAuth, OIDC authentication
# Version is set to ensure compatibility with the chart's Ingress resource.
-kubeVersion: '>=1.19.0'
+kubeVersion: ">=1.19.0"
type: application
home: https://wgportal.org
-icon: https://wgportal.org/assets/images/logo.svg
+icon: https://wgportal.org/latest/assets/images/logo.svg
sources:
- https://github.com/h44z/wg-portal
@@ -16,10 +16,10 @@ annotations:
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.0
+version: 0.6.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
-appVersion: latest
+appVersion: "v2"
diff --git a/deploy/helm/README.md b/deploy/helm/README.md
index 4b1236b..2952870 100644
--- a/deploy/helm/README.md
+++ b/deploy/helm/README.md
@@ -1,6 +1,6 @@
# wg-portal
-  
+  
WireGuard Configuration Portal with LDAP, OAuth, OIDC authentication
@@ -32,13 +32,13 @@ The [Values](#values) section lists the parameters that can be configured during
| nameOverride | string | `""` | Partially override resource names (adds suffix) |
| fullnameOverride | string | `""` | Fully override resource names |
| extraDeploy | list | `[]` | Array of extra objects to deploy with the release |
-| config.advanced | tpl/object | `{}` | Advanced configuration options. |
-| config.auth | tpl/object | `{}` | Auth configuration options. |
-| config.core | tpl/object | `{}` | Core configuration options.
If external admins in `auth` are not defined and there are no `admin_user` and `admin_password` defined here, the default credentials will be generated. |
-| config.database | tpl/object | `{}` | Database configuration options |
-| config.mail | tpl/object | `{}` | Mail configuration options |
-| config.statistics | tpl/object | `{}` | Statistics configuration options |
-| config.web | tpl/object | `{}` | Web configuration options.
`listening_address` will be set automatically from `service.web.port`. `external_url` is required to enable ingress and certificate resources. |
+| config.advanced | tpl/object | `{}` | [Advanced configuration](https://wgportal.org/latest/documentation/configuration/overview/#advanced) options. |
+| config.auth | tpl/object | `{}` | [Auth configuration](https://wgportal.org/latest/documentation/configuration/overview/#auth) options. |
+| config.core | tpl/object | `{}` | [Core configuration](https://wgportal.org/latest/documentation/configuration/overview/#core) options.
If external admins in `auth` are not defined and there are no `admin_user` and `admin_password` defined here, the default credentials will be generated. |
+| config.database | tpl/object | `{}` | [Database configuration](https://wgportal.org/latest/documentation/configuration/overview/#database) options |
+| config.mail | tpl/object | `{}` | [Mail configuration](https://wgportal.org/latest/documentation/configuration/overview/#mail) options |
+| config.statistics | tpl/object | `{}` | [Statistics configuration](https://wgportal.org/latest/documentation/configuration/overview/#statistics) options |
+| config.web | tpl/object | `{}` | [Web configuration](https://wgportal.org/latest/documentation/configuration/overview/#web) options.
`listening_address` will be set automatically from `service.web.port`. `external_url` is required to enable ingress and certificate resources. |
| revisionHistoryLimit | string | `10` | The number of old ReplicaSets to retain to allow rollback. |
| workloadType | string | `"Deployment"` | Workload type - `Deployment` or `StatefulSet` |
| strategy | object | `{"type":"RollingUpdate"}` | Update strategy for the workload Valid values are: `RollingUpdate` or `Recreate` for Deployment, `RollingUpdate` or `OnDelete` for StatefulSet |
@@ -73,6 +73,7 @@ The [Values](#values) section lists the parameters that can be configured during
| service.web.annotations | object | `{}` | Annotations for the web service |
| service.web.type | string | `"ClusterIP"` | Web service type |
| service.web.port | int | `8888` | Web service port Used for the web interface listener |
+| service.web.appProtocol | string | `"http"` | Web service appProtocol. Will be auto set to `https` if certificate is enabled. |
| service.wireguard.annotations | object | `{}` | Annotations for the WireGuard service |
| service.wireguard.type | string | `"LoadBalancer"` | Wireguard service type |
| service.wireguard.ports | list | `[51820]` | Wireguard service ports. Exposes the WireGuard ports for created interfaces. Lowerest port is selected as start port for the first interface. Increment next port by 1 for each additional interface. |
diff --git a/deploy/helm/templates/_service.tpl b/deploy/helm/templates/_service.tpl
index 72234be..7e6cdb6 100644
--- a/deploy/helm/templates/_service.tpl
+++ b/deploy/helm/templates/_service.tpl
@@ -51,3 +51,16 @@ spec:
{{- end }}
selector: {{- include "wg-portal.selectorLabels" .context | nindent 4 }}
{{- end -}}
+
+{{/*
+Define the service port template for the web port
+*/}}
+{{- define "wg-portal.service.webPort" -}}
+name: web
+port: {{ .Values.service.web.port }}
+protocol: TCP
+targetPort: web
+{{- if semverCompare ">=1.20-0" .Capabilities.KubeVersion.Version }}
+appProtocol: {{ ternary "https" .Values.service.web.appProtocol .Values.certificate.enabled }}
+{{- end -}}
+{{- end -}}
diff --git a/deploy/helm/templates/service.yaml b/deploy/helm/templates/service.yaml
index 808f990..dbe5dd5 100644
--- a/deploy/helm/templates/service.yaml
+++ b/deploy/helm/templates/service.yaml
@@ -1,4 +1,4 @@
-{{- $portsWeb := list (dict "name" "web" "port" .Values.service.web.port "protocol" "TCP" "targetPort" "web") -}}
+{{- $portsWeb := list (include "wg-portal.service.webPort" . | fromYaml) -}}
{{- $ports := list -}}
{{- range $idx, $port := .Values.service.wireguard.ports -}}
{{- $name := printf "wg%d" $idx -}}
diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
index a7f1ed8..b92c08d 100644
--- a/deploy/helm/values.yaml
+++ b/deploy/helm/values.yaml
@@ -3,37 +3,36 @@
# Declare variables to be passed into your templates.
# -- Partially override resource names (adds suffix)
-nameOverride: ''
+nameOverride: ""
# -- Fully override resource names
-fullnameOverride: ''
+fullnameOverride: ""
# -- Array of extra objects to deploy with the release
extraDeploy: []
-# https://github.com/h44z/wg-portal/blob/master/README.md#configuration-options
config:
- # -- (tpl/object) Advanced configuration options.
+ # -- (tpl/object) [Advanced configuration](https://wgportal.org/latest/documentation/configuration/overview/#advanced) options.
advanced: {}
- # -- (tpl/object) Auth configuration options.
+ # -- (tpl/object) [Auth configuration](https://wgportal.org/latest/documentation/configuration/overview/#auth) options.
auth: {}
- # -- (tpl/object) Core configuration options.
+ # -- (tpl/object) [Core configuration](https://wgportal.org/latest/documentation/configuration/overview/#core) options.
# If external admins in `auth` are not defined and
# there are no `admin_user` and `admin_password` defined here,
# the default credentials will be generated.
core: {}
- # -- (tpl/object) Database configuration options
+ # -- (tpl/object) [Database configuration](https://wgportal.org/latest/documentation/configuration/overview/#database) options
database: {}
- # -- (tpl/object) Mail configuration options
+ # -- (tpl/object) [Mail configuration](https://wgportal.org/latest/documentation/configuration/overview/#mail) options
mail: {}
- # -- (tpl/object) Statistics configuration options
+ # -- (tpl/object) [Statistics configuration](https://wgportal.org/latest/documentation/configuration/overview/#statistics) options
statistics: {}
- # -- (tpl/object) Web configuration options.
+ # -- (tpl/object) [Web configuration](https://wgportal.org/latest/documentation/configuration/overview/#web) options.
# `listening_address` will be set automatically from `service.web.port`.
# `external_url` is required to enable ingress and certificate resources.
web: {}
# -- The number of old ReplicaSets to retain to allow rollback.
# @default -- `10`
-revisionHistoryLimit: ''
+revisionHistoryLimit: ""
# -- Workload type - `Deployment` or `StatefulSet`
workloadType: Deployment
# -- Update strategy for the workload
@@ -49,7 +48,7 @@ image:
# -- Image pull policy
pullPolicy: IfNotPresent
# -- Overrides the image tag whose default is the chart appVersion
- tag: ''
+ tag: ""
# -- Image pull secrets
imagePullSecrets: []
@@ -73,14 +72,14 @@ sidecarContainers: []
# -- Set DNS policy for the pod.
# Valid values are `ClusterFirstWithHostNet`, `ClusterFirst`, `Default` or `None`.
# @default -- `"ClusterFirst"`
-dnsPolicy: ''
+dnsPolicy: ""
# -- Restart policy for all containers within the pod.
# Valid values are `Always`, `OnFailure` or `Never`.
# @default -- `"Always"`
-restartPolicy: ''
+restartPolicy: ""
# -- Use the host's network namespace.
# @default -- `false`.
-hostNetwork: ''
+hostNetwork: ""
# -- Resources requests and limits
resources: {}
# -- Overwrite pod command
@@ -123,6 +122,8 @@ service:
# -- Web service port
# Used for the web interface listener
port: 8888
+ # -- Web service appProtocol. Will be auto set to `https` if certificate is enabled.
+ appProtocol: http
wireguard:
# -- Annotations for the WireGuard service
annotations: {}
@@ -141,7 +142,7 @@ ingress:
# -- Specifies whether an ingress resource should be created
enabled: false
# -- Ingress class name
- className: ''
+ className: ""
# -- Ingress annotations
annotations: {}
# -- Ingress TLS configuration.
@@ -153,17 +154,17 @@ certificate:
enabled: false
issuer:
# -- Certificate issuer name
- name: ''
+ name: ""
# -- Certificate issuer kind (ClusterIssuer or Issuer)
- kind: ''
+ kind: ""
# -- Certificate issuer group
group: cert-manager.io
# -- Optional. [Documentation](https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources)
- duration: ''
+ duration: ""
# -- Optional. [Documentation](https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources)
- renewBefore: ''
+ renewBefore: ""
# -- Optional. [Documentation](https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources)
- commonName: ''
+ commonName: ""
# -- Optional. [Documentation](https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources)
emailAddresses: []
# -- Optional. [Documentation](https://cert-manager.io/docs/usage/certificate/#creating-certificate-resources)
@@ -188,7 +189,7 @@ persistence:
annotations: {}
# -- Persistent Volume storage class.
# If undefined (the default) cluster's default provisioner will be used.
- storageClass: ''
+ storageClass: ""
# -- Persistent Volume Access Mode
accessMode: ReadWriteOnce
# -- Persistent Volume size
@@ -203,7 +204,7 @@ serviceAccount:
automount: false
# -- The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
- name: ''
+ name: ""
monitoring:
# -- Enable Prometheus monitoring.
@@ -220,15 +221,15 @@ monitoring:
annotations: {}
# -- Interval at which metrics should be scraped. If not specified `config.statistics.data_collection_interval` interval is used.
# @default -- `1m`
- interval: ''
+ interval: ""
# -- Relabelings to samples before ingestion.
metricRelabelings: []
# -- Relabelings to samples before scraping.
relabelings: []
# -- Timeout after which the scrape is ended If not specified, the Prometheus global scrape interval is used.
- scrapeTimeout: ''
+ scrapeTimeout: ""
# -- The label to use to retrieve the job name from.
- jobLabel: ''
+ jobLabel: ""
# -- Transfers labels on the Kubernetes Pod onto the target.
podTargetLabels: {}
@@ -241,4 +242,4 @@ monitoring:
labels: {}
# -- Dashboard ConfigMap namespace
# Overrides the namespace for the dashboard ConfigMap.
- namespace: ''
+ namespace: ""
diff --git a/docs/documentation/getting-started/kubernetes.md b/docs/documentation/getting-started/helm.md
similarity index 100%
rename from docs/documentation/getting-started/kubernetes.md
rename to docs/documentation/getting-started/helm.md
diff --git a/mkdocs.yml b/mkdocs.yml
index bb63200..c6e418e 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -63,7 +63,7 @@ nav:
- Getting Started:
- Binaries: documentation/getting-started/binaries.md
- Docker: documentation/getting-started/docker.md
- - Kubernetes: documentation/getting-started/kubernetes.md
+ - Helm: documentation/getting-started/helm.md
- Sources: documentation/getting-started/sources.md
- Configuration:
- Overview: documentation/configuration/overview.md