diff --git a/charts/incubator/plausible/Chart.yaml b/charts/incubator/plausible/Chart.yaml index 4b01f36e4834..a6e954f8373e 100644 --- a/charts/incubator/plausible/Chart.yaml +++ b/charts/incubator/plausible/Chart.yaml @@ -1,17 +1,13 @@ apiVersion: v2 -appVersion: "1.5.1" +appVersion: "2.0.0" dependencies: - name: common repository: https://library-charts.truecharts.org - version: 11.1.2 - - condition: postgresql.enabled - name: postgresql - repository: https://deps.truecharts.org/ - version: 11.0.31 + version: 14.0.2 - condition: clickhouse.enabled name: clickhouse repository: https://deps.truecharts.org/ - version: 3.0.21 + version: 7.0.1 deprecated: false description: Plausible is lightweight and open source web analytics. No cookies and fully compliant with GDPR, CCPA and PECR. home: https://truecharts.org/charts/incubator/plausible @@ -32,7 +28,7 @@ sources: - https://github.com/plausible/analytics - https://github.com/plausible/hosting type: application -version: 4.0.25 +version: 5.0.0 annotations: truecharts.org/catagories: | - analytics diff --git a/charts/incubator/plausible/questions.yaml b/charts/incubator/plausible/questions.yaml index d70ea2ae8c98..45026cb380fc 100644 --- a/charts/incubator/plausible/questions.yaml +++ b/charts/incubator/plausible/questions.yaml @@ -27,43 +27,29 @@ questions: type: string default: http://localhost required: true - - variable: DISABLE_AUTH - label: DISABLE_AUTH - description: Disables authentication completely, no registration, login will be shown. - schema: - type: boolean - default: false - variable: DISABLE_REGISTRATION label: DISABLE_REGISTRATION - description: Disables registration of new users, keep your admin credentials handy ;) - schema: - type: boolean - default: false - - variable: ADMIN_USER_NAME - label: ADMIN_USER_NAME - description: Admin user's name (First Install Only) - schema: - type: string - default: admin - required: true - - variable: ADMIN_USER_EMAIL - label: ADMIN_USER_EMAIL - description: The default ("admin") user email (First Install Only) + description: Restricts registration of new users. schema: type: string - default: admin@example.com required: true - - variable: ADMIN_USER_PWD - label: ADMIN_USER_PWD - description: The default ("admin") user password (First Install Only) + default: "true" + enum: + - value: "true" + description: Full restriction + - value: "false" + description: No restriction + - value: invite_only + description: Only invited users can register + - variable: LOG_FAILED_LOGIN_ATTEMPTS + label: LOG_FAILED_LOGIN_ATTEMPTS + description: Controls whether to log warnings about failed login attempts. schema: - type: string - default: "" - required: true - private: true + type: boolean + default: false - variable: CLICKHOUSE_FLUSH_INTERVAL_MS label: CLICKHOUSE_FLUSH_INTERVAL_MS - description: nterval (in milliseconds) between flushing events and sessions data to Clickhouse. Consult Clickhouse docs before changing it. + description: Interval (in milliseconds) between flushing events and sessions data to Clickhouse. Consult Clickhouse docs before changing it. schema: type: int default: 5000 @@ -82,6 +68,12 @@ questions: type: string default: hello@plausible.local required: true + - variable: MAILER_NAME + label: MAILER_NAME + description: The display name for the sender (from). + schema: + type: string + default: "" - variable: SMTP_HOST_ADDR label: SMTP_HOST_ADDR description: The host address of your smtp server. @@ -134,13 +126,78 @@ questions: description: Bamboo.SMTPAdapter - value: Bamboo.PostmarkAdapter description: Bamboo.PostmarkAdapter + - value: Bamboo.MailgunAdapter + description: Bamboo.MailgunAdapter + - value: Bamboo.MandrillAdapter + description: Bamboo.MandrillAdapter + - value: Bamboo.SendGridAdapter + description: Bamboo.SendGridAdapter - variable: POSTMARK_API_KEY label: POSTMARK_API_KEY - description: Enter your API key. + description: Required. Enter your API key. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.PostmarkAdapter"]] + type: string + default: "" + private: true + - variable: MAILGUN_API_KEY + label: MAILGUN_API_KEY + description: Required. Enter your API key. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MailgunAdapter"]] + type: string + default: "" + private: true + - variable: MAILGUN_DOMAIN + label: MAILGUN_DOMAIN + description: Required. Enter your Mailgun domain. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MailgunAdapter"]] + type: string + default: "" + - variable: MAILGUN_BASE_URI + label: MAILGUN_BASE_URI + description: This is optional. Mailgun makes a difference in the API base URL between sender domains from within the EU and outside. By default, the base URL is set to https://api.mailgun.net/v3. To override this you can pass https://api.eu.mailgun.net/v3 if you are using an EU domain. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MailgunAdapter"]] + type: string + default: "" + - variable: MANDRILL_API_KEY + label: MANDRILL_API_KEY + description: Required. Enter your API key. + schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.MandrillAdapter"]] + type: string + default: "" + private: true + - variable: SENDGRID_API_KEY + label: SENDGRID_API_KEY + description: Required. Enter your API key. schema: + show_if: [["MAILER_ADAPTER", "=", "Bamboo.SendGridAdapter"]] type: string default: "" private: true + - variable: MAXMIND_LICENSE_KEY + label: MAXMIND_LICENSE_KEY + description: MaxMind license key to automatically download and update the database + schema: + type: string + default: "" + private: true + - variable: MAXMIND_EDITION + label: MAXMIND_EDITION + description: MaxMind database edition to use (only if MAXMIND_LICENSE_KEY is set) + schema: + show_if: [["MAXMIND_LICENSE_KEY", "!=", ""]] + type: string + required: true + default: GeoLite2-City + enum: + - value: GeoLite2-City + description: GeoLite2-City + - value: GeoLite2-Country + description: GeoLite2-Country - variable: GOOGLE_CLIENT_ID label: GOOGLE_CLIENT_ID description: The Client ID from the Google API Console for your Plausible Analytics project @@ -170,15 +227,11 @@ questions: description: warn - value: error description: error + # Include{containerConfig} +# Include{podOptions} # Include{serviceRoot} - - variable: main - label: "Main Service" - description: "The Primary service on which the healthcheck runs, often the webUI" - schema: - additional_attrs: true - type: dict - attrs: +# Include{serviceMain} # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main @@ -218,12 +271,12 @@ questions: schema: type: int default: 1000 - - variable: runAsGroup - label: "runAsGroup" - description: "The groupID this App of the user running the application" - schema: - type: int - default: 1000 + - variable: runAsGroup + label: "runAsGroup" + description: "The groupID this App of the user running the application" + schema: + type: int + default: 1000 # Include{securityContextContainer} # Include{securityContextAdvanced} # Include{securityContextPod} diff --git a/charts/incubator/plausible/templates/_configmap.tpl b/charts/incubator/plausible/templates/_configmap.tpl new file mode 100644 index 000000000000..743160042fb1 --- /dev/null +++ b/charts/incubator/plausible/templates/_configmap.tpl @@ -0,0 +1,21 @@ +{{- define "plausible.configmap" -}} +enabled: true +data: + BASE_URL: {{ .Values.plausible.BASE_URL | quote }} + DISABLE_REGISTRATION: {{ .Values.plausible.DISABLE_REGISTRATION | quote }} + LOG_FAILED_LOGIN_ATTEMPTS: {{ .Values.plausible.LOG_FAILED_LOGIN_ATTEMPTS | quote }} + + CLICKHOUSE_FLUSH_INTERVAL_MS: {{ .Values.plausible.CLICKHOUSE_FLUSH_INTERVAL_MS | quote }} + CLICKHOUSE_MAX_BUFFER_SIZE: {{ .Values.plausible.CLICKHOUSE_MAX_BUFFER_SIZE | quote }} + + SMTP_HOST_ADDR: {{ .Values.plausible.SMTP_HOST_ADDR | quote }} + SMTP_HOST_PORT: {{ .Values.plausible.SMTP_HOST_PORT | quote }} + SMTP_HOST_SSL_ENABLED: {{ .Values.plausible.SMTP_HOST_SSL_ENABLED | quote }} + SMTP_RETRIES: {{ .Values.plausible.SMTP_RETRIES | quote }} + MAILER_ADAPTER: {{ .Values.plausible.MAILER_ADAPTER | quote }} + MAILGUN_BASE_URI: {{ .Values.plausible.MAILGUN_BASE_URI | quote }} + + MAXMIND_EDITION: {{ .Values.plausible.MAXMIND_EDITION | quote }} + + LOG_LEVEL: {{ .Values.plausible.LOG_LEVEL | quote }} +{{- end }} diff --git a/charts/incubator/plausible/templates/_env.tpl b/charts/incubator/plausible/templates/_env.tpl deleted file mode 100644 index a8fe6ae1c44b..000000000000 --- a/charts/incubator/plausible/templates/_env.tpl +++ /dev/null @@ -1,56 +0,0 @@ -{{/* Plausible environment variables */}} -{{- define "plausible.env" -}} -{{- $configName := printf "%s-env-config" (include "tc.common.names.fullname" .) }} -{{- $secretName := printf "%s-env-secret" (include "tc.common.names.fullname" .) }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ $configName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -data: - BASE_URL: {{ .Values.plausible.BASE_URL | quote }} - DISABLE_AUTH: {{ .Values.plausible.DISABLE_AUTH | quote }} - DISABLE_REGISTRATION: {{ .Values.plausible.DISABLE_REGISTRATION | quote }} - - CLICKHOUSE_FLUSH_INTERVAL_MS: {{ .Values.plausible.CLICKHOUSE_FLUSH_INTERVAL_MS | quote }} - CLICKHOUSE_MAX_BUFFER_SIZE: {{ .Values.plausible.CLICKHOUSE_MAX_BUFFER_SIZE | quote }} - - SMTP_HOST_ADDR: {{ .Values.plausible.SMTP_HOST_ADDR | quote }} - SMTP_HOST_PORT: {{ .Values.plausible.SMTP_HOST_PORT | quote }} - SMTP_HOST_SSL_ENABLED: {{ .Values.plausible.SMTP_HOST_SSL_ENABLED | quote }} - SMTP_RETRIES: {{ .Values.plausible.SMTP_RETRIES | quote }} - MAILER_ADAPTER: {{ .Values.plausible.MAILER_ADAPTER | quote }} - - LOG_LEVEL: {{ .Values.plausible.LOG_LEVEL | quote }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ $secretName }} - labels: - {{- include "tc.common.labels" . | nindent 4 }} -stringData: - {{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }} - SECRET_KEY_BASE: {{ index .data "SECRET_KEY_BASE" | b64dec }} - {{- else }} - {{- /* The plain value of SECRET_KEY_BASE is also base64 encoded */}} - SECRET_KEY_BASE: {{ randAlphaNum 65 | b64enc }} - {{- end }} - - ADMIN_USER_NAME: {{ .Values.plausible.ADMIN_USER_NAME | quote }} - ADMIN_USER_EMAIL: {{ .Values.plausible.ADMIN_USER_EMAIL | quote }} - ADMIN_USER_PWD: {{ .Values.plausible.ADMIN_USER_PWD | quote }} - - DATABASE_URL: {{ get .Values.postgresql.url "complete-noql" }} - CLICKHOUSE_DATABASE_URL: {{ .Values.clickhouse.url.complete }} - - MAILER_EMAIL: {{ .Values.plausible.MAILER_EMAIL | quote }} - SMTP_USER_NAME: {{ .Values.plausible.SMTP_USER_NAME | quote }} - SMTP_USER_PWD: {{ .Values.plausible.SMTP_USER_PWD | quote }} - POSTMARK_API_KEY: {{ .Values.plausible.POSTMARK_API_KEY | quote }} - - GOOGLE_CLIENT_ID: {{ .Values.plausible.GOOGLE_CLIENT_ID | quote }} - GOOGLE_CLIENT_SECRET: {{ .Values.plausible.GOOGLE_CLIENT_SECRET | quote }} -{{- end }} diff --git a/charts/incubator/plausible/templates/_secret.tpl b/charts/incubator/plausible/templates/_secret.tpl new file mode 100644 index 000000000000..89fb003e0943 --- /dev/null +++ b/charts/incubator/plausible/templates/_secret.tpl @@ -0,0 +1,28 @@ +{{- define "plausible.secret" -}} +enabled: true +data: + {{- with (lookup "v1" "Secret" .Release.Namespace "plausible-secret") }} + SECRET_KEY_BASE: {{ index .data "SECRET_KEY_BASE" | b64dec }} + {{- else }} + {{- /* The plain value of SECRET_KEY_BASE is also base64 encoded */}} + SECRET_KEY_BASE: {{ randAlphaNum 86 | b64enc }} + {{- end }} + + DATABASE_URL: {{ .Values.cnpg.main.creds.std }} + CLICKHOUSE_DATABASE_URL: {{ .Values.clickhouse.creds.complete }} + + MAILER_EMAIL: {{ .Values.plausible.MAILER_EMAIL | quote }} + MAILER_NAME: {{ .Values.plausible.MAILER_NAME | quote }} + SMTP_USER_NAME: {{ .Values.plausible.SMTP_USER_NAME | quote }} + SMTP_USER_PWD: {{ .Values.plausible.SMTP_USER_PWD | quote }} + POSTMARK_API_KEY: {{ .Values.plausible.POSTMARK_API_KEY | quote }} + MAILGUN_API_KEY: {{ .Values.plausible.MAILGUN_API_KEY | quote }} + MAILGUN_DOMAIN: {{ .Values.plausible.MAILGUN_DOMAIN | quote }} + MANDRILL_API_KEY: {{ .Values.plausible.MANDRILL_API_KEY | quote }} + SENDGRID_API_KEY: {{ .Values.plausible.SENDGRID_API_KEY | quote }} + + MAXMIND_LICENSE_KEY: {{ .Values.plausible.MAXMIND_LICENSE_KEY | quote }} + + GOOGLE_CLIENT_ID: {{ .Values.plausible.GOOGLE_CLIENT_ID | quote }} + GOOGLE_CLIENT_SECRET: {{ .Values.plausible.GOOGLE_CLIENT_SECRET | quote }} +{{- end }} diff --git a/charts/incubator/plausible/templates/common.yaml b/charts/incubator/plausible/templates/common.yaml index 21d4eeef6459..9b96a04dd5e7 100644 --- a/charts/incubator/plausible/templates/common.yaml +++ b/charts/incubator/plausible/templates/common.yaml @@ -1,8 +1,17 @@ {{/* Make sure all variables are set properly */}} -{{- include "tc.common.loader.init" . }} +{{- include "tc.v1.common.loader.init" . }} -{{/* Plausible environment variables */}} -{{- include "plausible.env" . }} +{{/* Render Plausible configmap */}} +{{- $config := include "plausible.configmap" . | fromYaml -}} +{{- if $config -}} + {{- $_ := set .Values.configmap "plausible-config" $config -}} +{{- end -}} + +{{/* Render Plausible secret */}} +{{- $secret := include "plausible.secret" . | fromYaml -}} +{{- if $secret -}} + {{- $_ := set .Values.secret "plausible-secret" $secret -}} +{{- end -}} {{/* Render the templates */}} -{{ include "tc.common.loader.apply" . }} +{{ include "tc.v1.common.loader.apply" . }} diff --git a/charts/incubator/plausible/values.yaml b/charts/incubator/plausible/values.yaml index 5d251cf336df..55806d280f3c 100644 --- a/charts/incubator/plausible/values.yaml +++ b/charts/incubator/plausible/values.yaml @@ -1,7 +1,7 @@ image: - repository: plausible/analytics + repository: tccr.io/truecharts/plausible pullPolicy: IfNotPresent - tag: v1.5.1@sha256:3fbdcfac56ffa79e778e9e4bc1ca8c4dca0d7deb330ed5694f59eaa1125cc0a8 + tag: v2.0.0@sha256:1ef59e863cfdcddc308d4ec743091bc8eda4f62e16b269cf4d778c89b8c02a68 # Plausible self-hosting documentation # https://plausible.io/docs/self-hosting @@ -9,13 +9,8 @@ image: plausible: # Server BASE_URL: http://localhost - DISABLE_AUTH: false - DISABLE_REGISTRATION: false - - # Default User - ADMIN_USER_NAME: admin - ADMIN_USER_EMAIL: admin@example.com - ADMIN_USER_PWD: P@ssw0rd + DISABLE_REGISTRATION: "true" + LOG_FAILED_LOGIN_ATTEMPTS: false # Database CLICKHOUSE_FLUSH_INTERVAL_MS: 5000 @@ -23,6 +18,7 @@ plausible: # Mailer/SMTP Setup MAILER_EMAIL: hello@plausible.local + MAILER_NAME: "" SMTP_HOST_ADDR: localhost SMTP_HOST_PORT: 25 SMTP_USER_NAME: "" @@ -31,6 +27,16 @@ plausible: SMTP_RETRIES: 2 MAILER_ADAPTER: Bamboo.SMTPAdapter POSTMARK_API_KEY: "" + MAILGUN_API_KEY: "" + MAILGUN_DOMAIN: "" + MAILGUN_BASE_URI: "" + MANDRILL_API_KEY: "" + SENDGRID_API_KEY: "" + + # IP Geolocation + # todo(investigate where automatic updates are stored and configure storage accordingly) + MAXMIND_LICENSE_KEY: "" + MAXMIND_EDITION: GeoLite2-City # Google Search Integration GOOGLE_CLIENT_ID: "" @@ -39,78 +45,84 @@ plausible: # Logging LOG_LEVEL: warn -securityContext: - readOnlyRootFilesystem: false - -podSecurityContext: - runAsUser: 1000 - runAsGroup: 1000 - -envFrom: - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-env-config' - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-env-secret' - -installContainers: - plausible-install: - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - envFrom: - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-env-config' - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-env-secret' - command: [sh] - args: - - -c - - >- - /entrypoint.sh db createdb && - /entrypoint.sh db migrate && - /entrypoint.sh db init-admin - -upgradeContainers: - plausible-upgrade: - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - envFrom: - - configMapRef: - name: '{{ include "tc.common.names.fullname" . }}-env-config' - - secretRef: - name: '{{ include "tc.common.names.fullname" . }}-env-secret' - command: [sh] - args: - - -c - - /entrypoint.sh db migrate +workload: + main: + podSpec: + initContainers: + db-create: + type: install + enabled: true + imageSelector: image + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: false + envFrom: + - configMapRef: + name: plausible-config + - secretRef: + name: plausible-secret + command: sh + args: + - -c + - /entrypoint.sh db createdb && /entrypoint.sh db migrate + db-migrate: + type: upgrade + enabled: true + imageSelector: image + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: false + envFrom: + - configMapRef: + name: plausible-config + - secretRef: + name: plausible-secret + command: sh + args: + - -c + - /entrypoint.sh db migrate + containers: + main: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: false + envFrom: + - configMapRef: + name: plausible-config + - secretRef: + name: plausible-secret + probes: + liveness: + type: http + path: /api/health + readiness: + type: http + path: /api/health + startup: + type: http + path: /api/health service: main: ports: main: targetPort: 8000 - protocol: HTTP port: 10277 -probes: - liveness: - type: HTTP - path: /api/health - readiness: - type: HTTP - path: /api/health - startup: - type: HTTP - path: /api/health - -postgresql: - enabled: true - existingSecret: dbcreds - postgresqlUsername: plausible - postgresqlDatabase: plausible +cnpg: + main: + enabled: true + user: plausible + database: plausible clickhouse: enabled: true - existingSecret: clickhousecreds clickhouseUsername: plausible clickhouseDatabase: plausible portal: - enabled: true + open: + enabled: true diff --git a/tools/gen-cat.sh b/tools/gen-cat.sh index 68618bb829e5..66e71e8d5f1b 100755 --- a/tools/gen-cat.sh +++ b/tools/gen-cat.sh @@ -194,6 +194,7 @@ copy_docs() { prep_helm() { if [[ -z "$standalone" ]]; then helm repo add truecharts https://charts.truecharts.org + helm repo add truecharts-deps https://deps.truecharts.org helm repo add truecharts-library https://library-charts.truecharts.org helm repo update fi