[dendrite] Add dendrite polylith mode (#1399)

Co-authored-by: S7evinK <s73vink@gmail.com>
Co-authored-by: Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs <me@bjw-s.dev>
Co-authored-by: Till Faelligen <tfaelligen@gmail.com>

.all-contributorsrc

@@ -481,6 +481,33 @@
       "contributions": [
         "code"
       ]
+    },
+    {
+      "login": "psych0d0g",
+      "name": "Lukas Wingerberg",
+      "avatar_url": "https://avatars.githubusercontent.com/u/181302?v=4",
+      "profile": "https://cronix.cc",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "TheDJVG",
+      "name": "TheDJVG",
+      "avatar_url": "https://avatars.githubusercontent.com/u/17107225?v=4",
+      "profile": "http://www.djvg.net",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "rschoultz",
+      "name": "Rickard Schoultz",
+      "avatar_url": "https://avatars.githubusercontent.com/u/727834?v=4",
+      "profile": "https://github.com/rschoultz",
+      "contributions": [
+        "code"
+      ]
     }
   ],
   "contributorsPerLine": 7,

.github/PULL_REQUEST_TEMPLATE.md

@@ -32,8 +32,9 @@ Also don't be worried if the request is closed or not integrated sometimes our p
 <!-- If there's anything else that's important and relevant to your pull request, mention that information here.-->
 
 **Checklist** <!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->
-- [ ] Chart version bumped in `Chart.yaml` according to [semver](http://semver.org/).
 - [ ] Title of the PR starts with chart name (e.g. `[home-assistant]`)
-- [ ] Variables are documented in the README.md (this can be done with using our helm-docs wrapper `./hack/gen-helm-docs.sh stable <chart>`)
+- [ ] Chart version bumped in `Chart.yaml` according to [semver](http://semver.org/).
+- [ ] Chart `artifacthub.io/changes` changelog annotation has been updated in `Chart.yaml`. See [Artifact Hub documentation](https://artifacthub.io/docs/topics/annotations/helm/#supported-annotations) for more info.
+- [ ] Variables have been documented in the `values.yaml` file.
 
 <!-- Keep in mind that if you are submitting a new chart, try to use our [common](https://github.com/k8s-at-home/charts/tree/master/charts/common) library as a dependency. This will help maintaining charts here and keep them consistent between each other -->

.github/actions/collect-changes/action.yaml

@@ -0,0 +1,45 @@
+name: "Collect changes"
+description: "Collects and stores changed files/charts"
+
+outputs:
+  changesDetected:
+    description: "Whether or not changes to charts have been detected"
+    value: ${{ steps.filter.outputs.addedOrModified }}
+  addedOrModifiedFiles:
+    description: "A list of the files changed"
+    value: ${{ steps.filter.outputs.addedOrModified_files }}
+  addedOrModifiedCharts:
+    description: "A list of the charts changed"
+    value: ${{ steps.filter-charts.outputs.addedOrModified }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Collect changed files
+      uses: dorny/paths-filter@v2
+      id: filter
+      with:
+        list-files: shell
+        filters: |
+          addedOrModified:
+            - added|modified: 'charts/**'
+
+    - name: Collect changed charts
+      if: |
+        steps.filter.outputs.addedOrModified == 'true'
+      id: filter-charts
+      shell: bash
+      run: |
+        CHARTS=()
+        PATHS=(${{ steps.filter.outputs.addedOrModified_files }})
+        # Get only the chart paths
+        for CHARTPATH in "${PATHS[@]}"
+        do
+          IFS='/' read -r -a path_parts <<< "${CHARTPATH}"
+          CHARTS+=("${path_parts[1]}/${path_parts[2]}")
+        done
+
+        # Remove duplicates
+        CHARTS=( `printf "%s\n" "${CHARTS[@]}" | sort -u` )
+        # Set output to changed charts
+        printf "::set-output name=addedOrModified::%s\n" "${CHARTS[*]}"

.github/actions/label-from-status/action.yaml

@@ -0,0 +1,48 @@
+name: "Set issue labels based on status"
+description: "Sets / removes issue labels based on CI job status"
+inputs:
+  token:
+    required: true
+    description: "The Github API token to use"
+  issue-number:
+    required: true
+    description: "The issue to label"
+  prefix:
+    required: true
+    description: "The label prefix (e.g. lint, install)"
+  job-status:
+    required: true
+    description: "The status of the CI job"
+  remove-on-skipped:
+    required: false
+    default: false
+    description: "Remove the label if the job was skipped"
+
+runs:
+  using: "composite"
+  steps:
+    - name: Label success
+      uses: andymckay/labeler@1.0.4
+      if: ${{ inputs.job-status == 'success' }}
+      with:
+        repo-token: ${{ inputs.token }}
+        issue-number: ${{ inputs.issue-number }}
+        add-labels: "${{ inputs.prefix }}:ok"
+        remove-labels: "${{ inputs.prefix }}:failed"
+
+    - name: Label failure
+      uses: andymckay/labeler@1.0.4
+      if: ${{ inputs.job-status == 'failure' }}
+      with:
+        repo-token: ${{ inputs.token }}
+        issue-number: ${{ inputs.issue-number }}
+        add-labels: "${{ inputs.prefix }}:failed"
+        remove-labels: "${{ inputs.prefix }}:ok"
+
+    - name: Remove label
+      uses: andymckay/labeler@1.0.4
+      if: ${{ (inputs.job-status == 'skipped') && (inputs.remove-on-skipped == 'true') }}
+      with:
+        repo-token: ${{ inputs.token }}
+        issue-number: ${{ inputs.issue-number }}
+        remove-labels: "${{ inputs.prefix }}:ok, ${{ inputs.prefix }}:failed"

.github/ct-lint.yaml

@@ -10,5 +10,3 @@ chart-repos:
 - k8s-at-home-libraries=https://library-charts.k8s-at-home.com
 - k8s-at-home=https://k8s-at-home.com/charts
 - jetstack=https://charts.jetstack.io
-additional-commands:
-- ./hack/check-releasenotes.sh {{ .Path }}

.github/label-commenter-config.yml

@@ -1,6 +1,6 @@
 ---
 labels:
-  - name: kind:incomplete-template
+  - name: incomplete-template
     labeled:
       issue:
         body: |
@@ -9,7 +9,7 @@ labels:
         locking: lock
         lock_reason: resolved
 
-  - name: kind:support
+  - name: support
     labeled:
       issue:
         body: |
@@ -22,7 +22,7 @@ labels:
           - [GitHub Discussions](https://github.com/k8s-at-home/organization/discussions)
         action: close
 
-  - name: kind:incomplete-docs
+  - name: incomplete-docs
     labeled:
       pr:
         body: |
@@ -31,19 +31,5 @@ labels:
           We have noticed that the chart documentation has not been completely updated for this PR.
           Could you please make sure that the following items have been updated:
           - `version` in `Chart.yaml` has been updated per [semver](http://semver.org/)
-          - `README_CHANGELOG.md.gotmpl` contains a summary of the updates for this new version
+          - The `artifacthub.io/changes` chart annotation contains a summary of the updates for this new version.  See [Artifact Hub documentation](https://artifacthub.io/docs/topics/annotations/helm/#supported-annotations) for more info.
           - [Documentation strings](https://github.com/norwoodj/helm-docs#valuesyaml-metadata) have been added to the keys in `values.yaml`.
-
-          Afterwards you can run `./hack/gen-helm-docs.sh stable <chart>` again to update the chart's `README.md` file.
-
-  - name: kind:incorrect-title
-    labeled:
-      pr:
-        body: |
-          :wave: @{{ pull_request.user.login }}, thanks for taking the time to submit this PR. 🙏🏽
-
-          We have noticed that the PR title does not adhere to our desired format.
-          Could you please make sure that it follows the pattern `[<lowercase chart name>] <Update description>`?
-          Example: `[radarr] Update image version`.
-
-          Thanks!

.github/labels.yaml

@@ -0,0 +1,111 @@
+---
+# CI Status
+- name: "precommit:ok"
+  color: "0E8A16"
+  description: >-
+    CI status: pre-commit validation successful
+- name: "precommit:failed"
+  color: "D93F0B"
+  description: >-
+    CI status: pre-commit validation failed
+- name: "changelog:ok"
+  color: "0E8A16"
+  description: >-
+    CI status: changelog validation successful
+- name: "changelog:failed"
+  color: "D93F0B"
+  description: >-
+    CI status: changelog validation failed
+- name: "lint:ok"
+  color: "0E8A16"
+  description: >-
+    CI status: linting successful
+- name: "lint:failed"
+  color: "D93F0B"
+  description: >-
+    CI status: linting failed
+- name: "install:ok"
+  color: "0E8A16"
+  description: >-
+    CI status: install successful
+- name: "install:failed"
+  color: "D93F0B"
+  description: >-
+    CI status: install failed
+
+# Semantic Type
+- name: type/patch
+  color: "FFEC19"
+- name: type/minor
+  color: "FF9800"
+- name: type/major
+  color: "F6412D"
+
+# Renovate
+- name: renovate/container
+  color: "ffc300"
+- name: renovate/helm
+  color: "ffc300"
+
+# Size
+- name: size/XS
+  color: "009900"
+  description: >-
+    Categorises a PR that changes 0-9 lines, ignoring generated files.
+- name: size/S
+  color: "77bb00"
+  description: >-
+    Categorises a PR that changes 10-29 lines, ignoring generated files.
+- name: size/M
+  color: "eebb00"
+  description: >-
+    Categorises a PR that changes 30-99 lines, ignoring generated files.
+- name: size/L
+  color: "ee9900"
+  description: >-
+    Categorises a PR that changes 100-499 lines, ignoring generated files.
+- name: size/XL
+  color: "ee5500"
+  description: >-
+    Categorises a PR that changes 500-999 lines, ignoring generated files.
+- name: size/XXL
+  color: "ee0000"
+  description: >-
+    Categorises a PR that changes 1000+ lines, ignoring generated files.
+
+# Issue categories
+- name: documentation
+  color: "0075ca"
+- name: bug
+  color: "B60205"
+- name: enhancement
+  color: "a2eeef"
+- name: "help wanted"
+  color: "008672"
+- name: wontfix
+  color: "ffffff"
+- name: "support"
+  color: ffffff
+- name: "incomplete-template"
+  color: ffffff
+
+- name: "new-chart"
+  color: "C2E0C6"
+  description: >-
+    Categorises a PR or issue that references a new Helm chart.
+- name: do-not-merge
+  color: "ee0701"
+  description: >-
+    Categorises a PR that should not be merged in the current state.
+- name: "incomplete-docs"
+  color: B72175
+  description: >-
+    Categorises a PR for which the documentation has not been updated completely.
+- name: keepalive
+  color: "4D28C4"
+  description: >-
+    Categorises a PR or issue that should not be marked as stale.
+- name: stale
+  color: "D4C5F9"
+  description: >-
+    Categorises a PR or issue that has not been active for a specified time.

.github/renovate.json5

@@ -34,23 +34,23 @@
       "branchTopic": "{{{parentDir}}}-{{{depNameSanitized}}}-{{{newMajor}}}{{#if isPatch}}.{{{newMinor}}}{{/if}}.x{{#if isLockfileUpdate}}-lockfile{{/if}}",
       "updateTypes": ["major"],
       "bumpVersion": "major",
-      "labels": ["dependency/major"],
+      "labels": ["type/major"],
       "packageNames": ["common"],
-      "groupName": ["internal major dep"]
+      "groupName": ["common library major"]
     },
     {
       "updateTypes": ["minor"],
       "bumpVersion": "minor",
-      "labels": ["dependency/minor"],
+      "labels": ["type/minor"],
       "packageNames": ["common"],
-      "groupName": ["internal minor dep"]
+      "groupName": ["common library minor"]
     },
     {
       "updateTypes": ["patch"],
       "bumpVersion": "patch",
-      "labels": ["dependency/patch"],
+      "labels": ["type/patch"],
       "packageNames": ["common"],
-      "groupName": ["internal patch dep"]
+      "groupName": ["common library patch"]
     },
     //
     // Other library deps
@@ -60,7 +60,7 @@
       "branchTopic": "{{{parentDir}}}-{{{depNameSanitized}}}-{{{newMajor}}}{{#if isPatch}}.{{{newMinor}}}{{/if}}.x{{#if isLockfileUpdate}}-lockfile{{/if}}",
       "updateTypes": ["major"],
       "bumpVersion": "major",
-      "labels": ["dependency/major"],
+      "labels": ["type/major"],
       "excludePackageNames": ["common"],
       "schedule": [
         "every 3 months on the first day of the month"
@@ -69,9 +69,9 @@
     {
       "updateTypes": ["minor"],
       "bumpVersion": "minor",
-      "labels": ["dependency/minor"],
+      "labels": ["type/minor"],
       "excludePackageNames": ["common"],
-      "groupName": ["external minor dep"],
+      "groupName": ["external dependency minor"],
       "schedule": [
         "every 2 months on the first day of the month"
       ]
@@ -79,9 +79,9 @@
     {
       "updateTypes": ["patch"],
       "bumpVersion": "patch",
-      "labels": ["dependency/patch"],
+      "labels": ["type/patch"],
       "excludePackageNames": ["common"],
-      "groupName": ["external patch dep"],
+      "groupName": ["external dependency patch"],
       "schedule": [
         "every 1 months on the first day of the month"
       ]

.github/scripts/check-releasenotes.sh

@@ -1,13 +1,13 @@
 #!/usr/bin/env bash
 
-set -eu
+set -e
 
 # Check if release notes have been changed
 # Usage ./check-releasenotes.sh path
 
 # require yq
 command -v yq >/dev/null 2>&1 || {
-    echo >&2 "yq (https://github.com/mikefarah/yq) is not installed. Aborting."
+    printf >&2 "%s\n" "yq (https://github.com/mikefarah/yq) is not installed. Aborting."
     exit 1
 }
 
@@ -19,17 +19,20 @@ if [ $# -ge 1 ] && [ -n "$1" ]; then
     root="$1"
     chart_file="${1}/Chart.yaml"
     if [ ! -f "$chart_file" ]; then
-        echo "File ${chart_file} does not exist."
+        printf >&2 "File %s\n does not exist.\n" "${chart_file}"
         exit 1
     fi
 
-    echo "Validating release notes for $root"
-
     cd $root
+
+    if [ -z "$DEFAULT_BRANCH" ]; then
+      DEFAULT_BRANCH=$(git remote show origin | awk '/HEAD branch/ {print $NF}')
+    fi
+
     CURRENT=$(cat Chart.yaml | yq e '.annotations."artifacthub.io/changes"' -P -)
 
     if [ "$CURRENT" == "" ] || [ "$CURRENT" == "null" ]; then
-      echo >&2 "Release notes have not been set for this chart!"
+      printf >&2 "Changelog annotation has not been set in %s!\n" "$chart_file"
       exit 1
     fi
 
@@ -37,10 +40,10 @@ if [ $# -ge 1 ] && [ -n "$1" ]; then
     ORIGINAL=$(git show origin/$DEFAULT_BRANCH:./Chart.yaml | yq e '.annotations."artifacthub.io/changes"' -P -)
 
     if [ "$CURRENT" == "$ORIGINAL" ]; then
-      echo >&2 "Release notes have not been updated!"
+      printf >&2 "Changelog annotation has not been updated in %s!\n" "$chart_file"
       exit 1
     fi
 else
-    echo >&2 "No chart folder has been specified."
+    printf >&2 "%s\n" "No chart folder has been specified."
     exit 1
 fi

.github/scripts/gen-helm-docs.sh

@@ -6,7 +6,7 @@ set -eu
 
 # require helm-docs
 command -v helm-docs >/dev/null 2>&1 || {
-    echo >&2 "helm-docs (https://github.com/norwoodj/helm-docs) is not installed. Aborting."
+    echo >&2 "helm-docs (https://github.com/k8s-at-home/helm-docs) is not installed. Aborting."
     exit 1
 }
 

.github/workflows/charts-changelog.yaml

@@ -0,0 +1,86 @@
+name: "Charts: Update README"
+
+on:
+  workflow_call:
+    inputs:
+      modifiedCharts:
+        required: true
+        type: string
+      isRenovatePR:
+        required: true
+        type: string
+    outputs:
+      commitHash:
+        description: "The most recent commit hash at the end of this workflow"
+        value: ${{ jobs.generate-changelog.outputs.commitHash }}
+
+jobs:
+  validate-changelog:
+    name: Validate changelog
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Check changelog annotations
+        if: inputs.isRenovatePR != 'true'
+        run: |
+          CHARTS=(${{ inputs.modifiedCharts }})
+          for i in "${CHARTS[@]}"
+          do
+              IFS='/' read -r -a chart_parts <<< "$i"
+              ./.github/scripts/check-releasenotes.sh "charts/${chart_parts[0]}/${chart_parts[1]}"
+              echo ""
+          done
+
+  generate-changelog:
+    name: Generate changelog annotations
+    runs-on: ubuntu-latest
+    needs:
+      - validate-changelog
+    outputs:
+      commitHash: ${{ steps.save-commit-hash.outputs.commit_hash }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Install Kubernetes tools
+        if: inputs.isRenovatePR == 'true'
+        uses: yokawasa/action-setup-kube-tools@v0.8.0
+        with:
+          setup-tools: |
+            yq
+          yq: "4.16.2"
+
+      - name: Annotate Charts.yaml for Renovate PR's
+        if: inputs.isRenovatePR == 'true'
+        run: |
+          export DEFAULT_BRANCH=$(git remote show origin | awk '/HEAD branch/ {print $NF}')
+          CHARTS=(${{ inputs.modifiedCharts }})
+          for i in "${CHARTS[@]}"
+          do
+              IFS='/' read -r -a chart_parts <<< "$i"
+                ./.github/scripts/renovate-releasenotes.sh "charts/${chart_parts[0]}/${chart_parts[1]}"
+              echo ""
+          done
+
+      - name: Create commit
+        id: create-commit
+        if: inputs.isRenovatePR == 'true'
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          file_pattern: charts/**/
+          commit_message: "chore: Auto-update chart metadata [skip ci]"
+          commit_user_name: ${{ github.actor }}
+          commit_user_email: ${{ github.actor }}@users.noreply.github.com
+
+      - name: Save commit hash
+        id: save-commit-hash
+        run: |
+          if [ "${{ steps.create-commit.outputs.changes_detected || 'unknown' }}" == "true" ]; then
+            echo '::set-output name=commit_hash::${{ steps.create-commit.outputs.commit_hash }}'
+          else
+            echo "::set-output name=commit_hash::${GITHUB_SHA}"
+          fi

.github/workflows/charts-lint.yaml

@@ -0,0 +1,50 @@
+name: "Charts: Lint"
+
+on:
+  workflow_call:
+    inputs:
+      checkoutCommit:
+        required: true
+        type: string
+
+jobs:
+  lint:
+    name: Lint charts
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Install Kubernetes tools
+        uses: yokawasa/action-setup-kube-tools@v0.8.0
+        with:
+          setup-tools: |
+            helmv3
+          helm: "3.8.0"
+
+      - uses: actions/setup-python@v2
+        with:
+          python-version: "3.10"
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.1.0
+
+      - name: Collect changes
+        id: list-changed
+        run: |
+          EXCLUDED=$(yq eval -o=json '.excluded-charts // []' .github/ct-lint.yaml)
+          CHARTS=$(ct list-changed --config .github/ct-lint.yaml)
+          CHARTS_JSON=$(echo "${CHARTS}" | jq -R -s -c 'split("\n")[:-1]')
+          OUTPUT_JSON=$(echo "{\"excluded\": ${EXCLUDED}, \"all\": ${CHARTS_JSON}}" | jq -c '.all-.excluded')
+          echo ::set-output name=charts::${OUTPUT_JSON}
+          if [[ $(echo ${OUTPUT_JSON} | jq -c '. | length') -gt 0 ]]; then
+            echo "::set-output name=detected::true"
+          fi
+
+      - name: Run chart-testing (lint)
+        id: lint
+        if: steps.list-changed.outputs.detected == 'true'
+        run: ct lint --config .github/ct-lint.yaml

.github/workflows/charts-release.yaml

@@ -6,82 +6,133 @@ on:
   workflow_dispatch:
   push:
     branches:
-    - master
+      - master
     paths:
-    - 'charts/**'
+      - "charts/**"
 
 jobs:
   release:
     runs-on: ubuntu-20.04
     steps:
-    - name: Get k8s-at-home token
-      id: get-app-token
-      uses: getsentry/action-github-app-token@v1
-      with:
-        app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
-        private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
+      - name: Generate Token
+        uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
+          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
 
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        token: ${{ steps.get-app-token.outputs.token }}
-        ref: master
-        fetch-depth: 0
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          fetch-depth: 0
 
-    - name: Configure Git
-      run: |
-        git config user.name "k8s-at-home[bot]"
-        git config user.email "k8s-at-home[bot]@users.noreply.github.com"
+      - name: Install Kubernetes tools
+        uses: yokawasa/action-setup-kube-tools@v0.8.0
+        with:
+          setup-tools: |
+            helmv3
+            yq
+          helm: "3.8.0"
+          yq: "4.16.2"
 
-    - name: Install Helm
-      uses: azure/setup-helm@v1
-      with:
-        version: v3.6.3
+      - name: Install helm-docs
+        run: |
+          wget -O /tmp/helm-docs.deb  https://github.com/k8s-at-home/helm-docs/releases/download/v0.1.1/helm-docs_0.1.1_Linux_x86_64.deb
+          sudo dpkg -i /tmp/helm-docs.deb
 
-    - name: Run chart-releaser
-      uses: helm/chart-releaser-action@v1.2.1
-      with:
-        charts_dir: charts/*
-        charts_repo_url: https://k8s-at-home.com/charts/
-      env:
-        CR_TOKEN: "${{ steps.get-app-token.outputs.token }}"
-        CR_SKIP_EXISTING: "true"
+      - name: Collect changes
+        id: collect-changes
+        uses: ./.github/actions/collect-changes
+
+      - name: Generate README for changed charts
+        if: |
+          steps.collect-changes.outputs.changesDetected == 'true'
+        run: |
+          CHARTS=(${{ steps.collect-changes.outputs.addedOrModifiedCharts }})
+          for i in "${CHARTS[@]}"
+          do
+              IFS='/' read -r -a chart_parts <<< "$i"
+              if [ -f "charts/${chart_parts[0]}"/"${chart_parts[1]}/Chart.yaml" ]; then
+                ./.github/scripts/gen-helm-docs.sh "${chart_parts[0]}" "${chart_parts[1]}"
+              fi
+          done
+
+      - name: Create commit
+        id: create-commit
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          file_pattern: charts/**/
+          commit_message: "chore: Auto-update chart README [skip ci]"
+          commit_user_name: k8s-at-home[bot]
+          commit_user_email: k8s-at-home[bot]@users.noreply.github.com
+          commit_author: k8s-at-home[bot] <k8s-at-home[bot]@users.noreply.github.com>
+
+      - name: Save commit hash
+        id: save-commit-hash
+        run: |
+          if [ "${{ steps.create-commit.outputs.changes_detected || 'unknown' }}" == "true" ]; then
+            echo '::set-output name=commit_hash::${{ steps.create-commit.outputs.commit_hash }}'
+          else
+            echo "::set-output name=commit_hash::${GITHUB_SHA}"
+          fi
+
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          ref: ${{ steps.save-commit-hash.outputs.commit_hash }}
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "k8s-at-home[bot]"
+          git config user.email "k8s-at-home[bot]@users.noreply.github.com"
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.2.1
+        with:
+          charts_dir: charts/*
+          charts_repo_url: https://k8s-at-home.com/charts/
+        env:
+          CR_TOKEN: "${{ steps.generate-token.outputs.token }}"
+          CR_SKIP_EXISTING: "true"
 
   generate-summary:
     name: Auto-generate charts summary
     runs-on: ubuntu-20.04
     needs:
-    - release
+      - release
     steps:
-    - name: Get k8s-at-home token
-      id: get-app-token
-      uses: getsentry/action-github-app-token@v1
-      with:
-        app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
-        private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
+      - name: Generate Token
+        uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
+          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
 
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        token: ${{ steps.get-app-token.outputs.token }}
-        ref: master
-        fetch-depth: 0
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          ref: master
+          fetch-depth: 0
 
-    - name: Install yq
-      uses: chrisdickinson/setup-yq@latest
-      with:
-        yq-version: v4.9.3
+      - name: Install yq
+        uses: chrisdickinson/setup-yq@latest
+        with:
+          yq-version: v4.9.3
 
-    - name: Run script
-      run: |
-        ./hack/gen-chart-summary.sh
+      - name: Run script
+        run: |
+          ./hack/gen-chart-summary.sh
 
-    - name: Create Commit
-      uses: stefanzweifel/git-auto-commit-action@v4
-      with:
-        push_options: --force
-        commit_message: Auto-generate chart summary [no ci]
-        commit_user_name: k8s-at-home[bot]
-        commit_user_email: k8s-at-home[bot]@users.noreply.github.com
-        commit_author: k8s-at-home[bot] <k8s-at-home[bot]@users.noreply.github.com>
-        file_pattern: charts/README.md
+      - name: Create Commit
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          push_options: --force
+          commit_message: Auto-generate chart summary [no ci]
+          commit_user_name: k8s-at-home[bot]
+          commit_user_email: k8s-at-home[bot]@users.noreply.github.com
+          commit_author: k8s-at-home[bot] <k8s-at-home[bot]@users.noreply.github.com>
+          file_pattern: charts/README.md

.github/workflows/charts-test.yaml

@@ -0,0 +1,131 @@
+name: "Charts: Test"
+
+on:
+  workflow_call:
+    inputs:
+      checkoutCommit:
+        required: true
+        type: string
+
+jobs:
+  unit-test:
+    name: Run unit tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Install Kubernetes tools
+        uses: yokawasa/action-setup-kube-tools@v0.8.0
+        with:
+          setup-tools: |
+            helmv3
+          helm: "3.8.0"
+
+      - name: Install Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.7
+
+      - name: Install dependencies
+        env:
+          RUBYJQ_USE_SYSTEM_LIBRARIES: 1
+        run: |
+          sudo apt-get update
+          sudo apt-get install libjq-dev
+          bundle install
+
+      - name: Run tests
+        run: |
+          bundle exec m -r ./test/
+
+  generate-install-matrix:
+    name: Generate matrix for install
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: |
+        {
+          "chart": ${{ steps.list-changed.outputs.charts }}
+        }
+      detected: ${{ steps.list-changed.outputs.detected }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.1.0
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          EXCLUDED=$(yq eval -o=json '.excluded-charts // []' .github/ct-install.yaml)
+          CHARTS=$(ct list-changed --config .github/ct-install.yaml)
+          CHARTS_JSON=$(echo "${CHARTS}" | jq -R -s -c 'split("\n")[:-1]')
+          OUTPUT_JSON=$(echo "{\"excluded\": ${EXCLUDED}, \"all\": ${CHARTS_JSON}}" | jq -c '.all-.excluded')
+          echo ::set-output name=charts::${OUTPUT_JSON}
+          if [[ $(echo ${OUTPUT_JSON} | jq -c '. | length') -gt 0 ]]; then
+            echo "::set-output name=detected::true"
+          fi
+
+  install-charts:
+    needs:
+      - generate-install-matrix
+    if: needs.generate-install-matrix.outputs.detected == 'true'
+    name: Install charts
+    strategy:
+      matrix: ${{ fromJson(needs.generate-install-matrix.outputs.matrix) }}
+      fail-fast: true
+      max-parallel: 15
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Install Kubernetes tools
+        uses: yokawasa/action-setup-kube-tools@v0.8.0
+        with:
+          setup-tools: |
+            helmv3
+          helm: "3.6.3"
+
+      - uses: actions/setup-python@v2
+        with:
+          python-version: "3.10"
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.1.0
+
+      - name: Create k3d cluster
+        uses: nolar/setup-k3d-k3s@v1
+        with:
+          version: v1.19
+
+      - name: Remove node taints
+        run: |
+          kubectl taint --all=true nodes node.cloudprovider.kubernetes.io/uninitialized- || true
+
+      - name: Run chart-testing (install)
+        run: ct install --config .github/ct-install.yaml --charts ${{ matrix.chart }}
+
+  # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
+  install_success:
+    needs:
+      - generate-install-matrix
+      - install-charts
+    if: |
+      always()
+    name: Install successful
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check install matrix status
+        if: ${{ (needs.generate-install-matrix.outputs.detected == 'true') && (needs.install-charts.result != 'success') }}
+        run: exit 1

.github/workflows/charts-validate.yaml

@@ -1,351 +0,0 @@
-name: "Charts: Validate"
-
-on:
-  workflow_dispatch:
-  pull_request:
-    paths:
-      - "charts/**"
-
-concurrency:
-  group: ${{ github.head_ref }}-validate
-  # cancel-in-progress: true
-
-jobs:
-  pr-metadata:
-    name: Collect PR metadata
-    runs-on: ubuntu-20.04
-    outputs:
-      branch: ${{ steps.branch-name.outputs.current_branch }}
-      isFork: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
-      addedOrModified: ${{ steps.filter.outputs.addedOrModified }}
-      addedOrModifiedFiles: ${{ steps.filter.outputs.addedOrModified_files }}
-      addedOrModifiedCharts: ${{ steps.filter-charts.outputs.addedOrModified }}
-    steps:
-      - name: Get branch name
-        id: branch-name
-        uses: tj-actions/branch-names@v5.1
-
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      - name: Collect changed files
-        uses: dorny/paths-filter@v2
-        id: filter
-        with:
-          list-files: shell
-          filters: |
-            addedOrModified:
-              - added|modified: 'charts/**'
-
-      - name: Collect changed charts
-        if: |
-          steps.filter.outputs.addedOrModified == 'true'
-        id: filter-charts
-        run: |
-          CHARTS=()
-          PATHS=(${{ steps.filter.outputs.addedOrModified_files }})
-          # Get only the chart paths
-          for CHARTPATH in "${PATHS[@]}"
-          do
-            IFS='/' read -r -a path_parts <<< "${CHARTPATH}"
-            CHARTS+=("${path_parts[1]}/${path_parts[2]}")
-          done
-
-          # Remove duplicates
-          CHARTS=( `printf "%s\n" "${CHARTS[@]}" | sort -u` )
-          # Set output to changed charts
-          printf "::set-output name=addedOrModified::%s\n" "${CHARTS[*]}"
-
-  generate-readme:
-    name: Generate chart README files
-    runs-on: ubuntu-20.04
-    outputs:
-      commitHash: ${{ steps.create-commit.outputs.commit_hash }}
-    needs:
-      - pr-metadata
-    steps:
-      - name: Checkout
-        if: |
-          needs.pr-metadata.outputs.isFork == 'true'
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-
-      - name: Get app-token
-        uses: getsentry/action-github-app-token@v1
-        id: get-app-token
-        if: |
-          needs.pr-metadata.outputs.isFork == 'false'
-        with:
-          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
-          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
-
-      - name: Checkout with app-token
-        if: |
-          needs.pr-metadata.outputs.isFork == 'false'
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-          token: ${{ steps.get-app-token.outputs.token }}
-
-      - uses: yokawasa/action-setup-kube-tools@v0.8.0
-        if: |
-          needs.pr-metadata.outputs.addedOrModified == 'true'
-        with:
-          setup-tools: |
-            yq
-          yq: "4.16.2"
-
-      - name: Install helm-docs
-        if: |
-          needs.pr-metadata.outputs.addedOrModified == 'true'
-        run: |
-          wget -O /tmp/helm-docs.deb  https://github.com/k8s-at-home/helm-docs/releases/download/v0.1.1/helm-docs_0.1.1_Linux_x86_64.deb
-          sudo dpkg -i /tmp/helm-docs.deb
-
-      - name: Annotate Charts.yaml for Renovate PR's
-        if: |
-          needs.pr-metadata.outputs.addedOrModified == 'true' &&
-          startsWith(needs.pr-metadata.outputs.branch, 'renovate/')
-        run: |
-          export DEFAULT_BRANCH=$(git remote show origin | awk '/HEAD branch/ {print $NF}')
-          CHARTS=(${{ needs.pr-metadata.outputs.addedOrModifiedCharts }})
-          for i in "${CHARTS[@]}"
-          do
-              IFS='/' read -r -a chart_parts <<< "$i"
-              if [ -f "charts/${chart_parts[0]}"/"${chart_parts[1]}/Chart.yaml" ]; then
-                ./hack/renovate-releasenotes.sh "charts/${chart_parts[0]}"/"${chart_parts[1]}"
-              fi
-              echo ""
-          done
-
-      - name: Generate README for changed charts
-        if: |
-          needs.pr-metadata.outputs.addedOrModified == 'true'
-        run: |
-          CHARTS=(${{ needs.pr-metadata.outputs.addedOrModifiedCharts }})
-          for i in "${CHARTS[@]}"
-          do
-              printf "Rendering README for chart %s\n" "${i}"
-              echo " ${i}"
-              IFS='/' read -r -a chart_parts <<< "$i"
-              if [ -f "charts/${chart_parts[0]}"/"${chart_parts[1]}/Chart.yaml" ]; then
-                ./hack/gen-helm-docs.sh "${chart_parts[0]}" "${chart_parts[1]}"
-              fi
-              echo ""
-          done
-
-      - name: Create commit
-        id: create-commit
-        if: |
-          needs.pr-metadata.outputs.addedOrModified == 'true'
-        uses: stefanzweifel/git-auto-commit-action@v4
-        with:
-          file_pattern: charts/**/
-          commit_message: Auto-update chart metadata and README
-          commit_user_name: ${{ github.actor }}
-          commit_user_email: ${{ github.actor }}@users.noreply.github.com
-
-  changes-lint:
-    name: Detect changes for linting
-    runs-on: ubuntu-20.04
-    outputs:
-      matrix: |
-        {
-          "chart": ${{ steps.list-changed.outputs.charts }}
-        }
-      detected: ${{ steps.list-changed.outputs.detected }}
-    needs:
-      - pr-metadata
-      - generate-readme
-    if: |
-      needs.generate-readme.outputs.commitHash == ''
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        fetch-depth: 0
-
-    - name: Set up chart-testing
-      uses: helm/chart-testing-action@v2.1.0
-
-    - name: Run chart-testing (list-changed)
-      id: list-changed
-      run: |
-        EXCLUDED=$(yq eval -o=json '.excluded-charts // []' .github/ct-lint.yaml)
-        CHARTS=$(ct list-changed --config .github/ct-lint.yaml)
-        CHARTS_JSON=$(echo "${CHARTS}" | jq -R -s -c 'split("\n")[:-1]')
-        OUTPUT_JSON=$(echo "{\"excluded\": ${EXCLUDED}, \"all\": ${CHARTS_JSON}}" | jq -c '.all-.excluded')
-        echo ::set-output name=charts::${OUTPUT_JSON}
-        if [[ $(echo ${OUTPUT_JSON} | jq -c '. | length') -gt 0 ]]; then
-          echo "::set-output name=detected::true"
-        fi
-
-  changes-install:
-    name: Detect changes for install
-    runs-on: ubuntu-20.04
-    outputs:
-      matrix: |
-        {
-          "chart": ${{ steps.list-changed.outputs.charts }}
-        }
-      detected: ${{ steps.list-changed.outputs.detected }}
-    needs:
-      - pr-metadata
-      - generate-readme
-    if: |
-      needs.generate-readme.outputs.commitHash == ''
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        fetch-depth: 0
-
-    - name: Set up chart-testing
-      uses: helm/chart-testing-action@v2.1.0
-
-    - name: Run chart-testing (list-changed)
-      id: list-changed
-      run: |
-        EXCLUDED=$(yq eval -o=json '.excluded-charts // []' .github/ct-install.yaml)
-        CHARTS=$(ct list-changed --config .github/ct-install.yaml)
-        CHARTS_JSON=$(echo "${CHARTS}" | jq -R -s -c 'split("\n")[:-1]')
-        OUTPUT_JSON=$(echo "{\"excluded\": ${EXCLUDED}, \"all\": ${CHARTS_JSON}}" | jq -c '.all-.excluded')
-        echo ::set-output name=charts::${OUTPUT_JSON}
-        if [[ $(echo ${OUTPUT_JSON} | jq -c '. | length') -gt 0 ]]; then
-          echo "::set-output name=detected::true"
-        fi
-
-  lint:
-    needs:
-    - changes-lint
-    if:
-      needs.changes-lint.outputs.detected == 'true'
-    name: Lint charts
-    strategy:
-      matrix: ${{ fromJson(needs.changes-lint.outputs.matrix) }}
-      fail-fast: true
-      max-parallel: 15
-    runs-on: ubuntu-20.04
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        fetch-depth: 0
-
-    - name: Install Helm
-      uses: azure/setup-helm@v1
-      with:
-        version: v3.6.3
-
-    - uses: actions/setup-python@v2
-      with:
-        python-version: 3.7
-
-    - name: Set up chart-testing
-      uses: helm/chart-testing-action@v2.1.0
-
-    - name: Run chart-testing (lint)
-      id: lint
-      run: ct lint --config .github/ct-lint.yaml --charts ${{ matrix.chart }}
-
-  # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
-  lint_success:
-    needs:
-    - lint
-    if: ${{ always() }}
-    name: Lint successful
-    runs-on: ubuntu-20.04
-    steps:
-    - name: Check lint matrix status
-      if: ${{ needs.changes-lint.outputs.detected == 'true' && needs.lint.result != 'success' }}
-      run: exit 1
-
-  unittest:
-    needs:
-    - lint_success
-    name: Run unit tests
-    runs-on: ubuntu-20.04
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        fetch-depth: 0
-
-    - name: Install Dev tools
-      run: sudo apt-get update && sudo apt-get install -y jq libjq-dev
-
-    - name: Install Helm
-      uses: azure/setup-helm@v1
-      with:
-        version: v3.6.3
-
-    - name: Install Ruby
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: 2.7
-
-    - name: Install dependencies
-      env:
-        RUBYJQ_USE_SYSTEM_LIBRARIES: 1
-      run: |
-        bundle install
-
-    - name: Run tests
-      run: |
-        bundle exec m -r ./test/
-
-  install:
-    needs:
-    - changes-install
-    - lint_success
-    if:
-      needs.changes-install.outputs.detected == 'true'
-    name: Install charts
-    strategy:
-      matrix: ${{ fromJson(needs.changes-install.outputs.matrix) }}
-      fail-fast: true
-      max-parallel: 15
-    runs-on: ubuntu-20.04
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        fetch-depth: 0
-
-    - name: Install Helm
-      uses: azure/setup-helm@v1
-      with:
-        version: v3.6.3
-
-    - uses: actions/setup-python@v2
-      with:
-        python-version: 3.7
-
-    - name: Set up chart-testing
-      uses: helm/chart-testing-action@v2.1.0
-
-    - name: Create k3d cluster
-      uses: nolar/setup-k3d-k3s@v1
-      with:
-        version: v1.19
-
-    - name: Remove node taints
-      run: |
-        kubectl taint --all=true nodes node.cloudprovider.kubernetes.io/uninitialized- || true
-
-    - name: Run chart-testing (install)
-      run: ct install --config .github/ct-install.yaml --charts ${{ matrix.chart }}
-
-  # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
-  install_success:
-    needs:
-    - changes-install
-    - install
-    if: ${{ always() }}
-    name: Install successful
-    runs-on: ubuntu-20.04
-    steps:
-    - name: Check install matrix status
-      if: ${{ needs.changes-install.outputs.detected == 'true' && needs.install.result != 'success' }}
-      run: exit 1

.github/workflows/meta-label-pr-ci-status.yaml

@@ -0,0 +1,118 @@
+---
+name: "Metadata: Label pull requests CI status"
+
+on:
+  workflow_run:
+    workflows:
+      - "Pull Request: Validate"
+    types:
+      - completed
+
+jobs:
+  label-ci-status:
+    name: Label CI status
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate Token
+        uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
+          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
+
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+
+      - name: Download workflow artifact
+        uses: dawidd6/action-download-artifact@v2.11.0
+        with:
+          github_token: ${{ steps.generate-token.outputs.token }}
+          workflow: pr-validate.yaml
+          run_id: ${{ github.event.workflow_run.id }}
+          name: pr_metadata
+          path: ./pr_metadata
+
+      - name: Read the pr_number file
+        id: pr_num_reader
+        uses: juliangruber/read-file-action@v1.0.0
+        with:
+          path: ./pr_metadata/pr_number.txt
+
+      - name: "Get workflow job status"
+        uses: actions/github-script@v5
+        id: get-workflow-jobs
+        with:
+          github-token: ${{ steps.generate-token.outputs.token }}
+          # https://mhagemann.medium.com/the-ultimate-way-to-slugify-a-url-string-in-javascript-b8e4a0d849e1
+          script: |
+            function slugify(string) {
+              const a = 'àáâäæãåāăąçćčđďèéêëēėęěğǵḧîïíīįìıİłḿñńǹňôöòóœøōõőṕŕřßśšşșťțûüùúūǘůűųẃẍÿýžźż·/_,:;'
+              const b = 'aaaaaaaaaacccddeeeeeeeegghiiiiiiiilmnnnnoooooooooprrsssssttuuuuuuuuuwxyyzzz------'
+              const p = new RegExp(a.split('').join('|'), 'g')
+
+              return string.toString().toLowerCase()
+                .replace(/\s+/g, '-') // Replace spaces with -
+                .replace(p, c => b.charAt(a.indexOf(c))) // Replace special characters
+                .replace(/&/g, '-and-') // Replace & with 'and'
+                .replace(/[^\w\-]+/g, '') // Remove all non-word characters
+                .replace(/\-\-+/g, '-') // Replace multiple - with single -
+                .replace(/^-+/, '') // Trim - from start of text
+                .replace(/-+$/, '') // Trim - from end of text
+            }
+
+            let result = new Object
+
+            const wfJobs = await github.rest.actions.listJobsForWorkflowRun({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              run_id: context.payload.workflow_run.id,
+            })
+
+            for (const job of wfJobs.data.jobs) {
+              result[slugify(job.name)] = job.conclusion
+            }
+
+            console.log(result)
+            return result
+
+      - name: Label pre-commit status
+        uses: ./.github/actions/label-from-status
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          issue-number: ${{ steps.pr_num_reader.outputs.content }}
+          prefix: precommit
+          job-status: |-
+            ${{ fromJSON(steps.get-workflow-jobs.outputs.result).pre-commit-check-run-pre-commit-checks || 'skipped' }}
+          remove-on-skipped: true
+
+      - name: Label changelog status
+        uses: ./.github/actions/label-from-status
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          issue-number: ${{ steps.pr_num_reader.outputs.content }}
+          prefix: changelog
+          job-status: |-
+            ${{ fromJSON(steps.get-workflow-jobs.outputs.result).charts-changelog-validate-changelog || 'skipped' }}
+          remove-on-skipped: true
+
+      - name: Label chart lint status
+        uses: ./.github/actions/label-from-status
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          issue-number: ${{ steps.pr_num_reader.outputs.content }}
+          prefix: lint
+          job-status: |-
+            ${{ fromJSON(steps.get-workflow-jobs.outputs.result).charts-lint-lint-charts || 'skipped' }}
+          remove-on-skipped: true
+
+      - name: Label chart install status
+        uses: ./.github/actions/label-from-status
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          issue-number: ${{ steps.pr_num_reader.outputs.content }}
+          prefix: install
+          job-status: |-
+            ${{ fromJSON(steps.get-workflow-jobs.outputs.result).charts-test-install-successful || 'skipped' }}
+          remove-on-skipped: true

.github/workflows/metadata-label-commenter.yaml

@@ -1,5 +1,5 @@
 ---
-name: 'Metadata: Label Commenter'
+name: "Metadata: Label Commenter"
 
 on:
   issues:
@@ -21,17 +21,18 @@ jobs:
     name: Label commenter
     runs-on: ubuntu-20.04
     steps:
-    - uses: getsentry/action-github-app-token@v1
-      id: get-app-token
-      with:
-        app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
-        private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
+      - name: Generate Token
+        uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
+          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
 
-    - uses: actions/checkout@v2
-      with:
-        token: ${{ steps.get-app-token.outputs.token }}
-        ref: master
+      - uses: actions/checkout@v2
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          ref: master
 
-    - uses: peaceiris/actions-label-commenter@v1
-      with:
-        github_token: ${{ steps.get-app-token.outputs.token }}
+      - uses: peaceiris/actions-label-commenter@v1
+        with:
+          github_token: ${{ steps.generate-token.outputs.token }}

.github/workflows/metadata-label-issues-prs.yaml

@@ -1,71 +0,0 @@
----
-name: "Metadata: Label issues and pull requests"
-
-on:
-  issues:
-    types:
-      - opened
-      - edited
-      - closed
-      - reopened
-  pull_request_target:
-    types:
-      - opened
-      - edited
-      - closed
-      - reopened
-      - ready_for_review
-      - synchronize
-
-jobs:
-  label:
-    name: Label issues and pull requests
-    runs-on: ubuntu-20.04
-    steps:
-    - uses: getsentry/action-github-app-token@v1
-      id: get-app-token
-      with:
-        app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
-        private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
-
-    - uses: Videndum/label-mastermind@2.1.3
-      with:
-        GITHUB_TOKEN: ${{ steps.get-app-token.outputs.token }}
-        configJSON: |
-          {
-            "releaseMastermind": {
-              "labels": {
-                "kind:incorrect-title": {
-                  "name": "kind:incorrect-title",
-                  "colour": "#ffb700",
-                  "description": "Incorrect title"
-                }
-              },
-              "runners": [
-                {
-                  "root": ".",
-                  "versioning": {
-                    "source": "milestones",
-                    "type": "other"
-                  },
-                  "pr": {
-                    "labels": {
-                      "kind:incorrect-title": {
-                        "requires": 2,
-                        "conditions": [
-                          {
-                            "type": "creatorMatches",
-                            "pattern": "^(?!renovate).+"
-                          },
-                          {
-                            "type": "titleMatches",
-                            "pattern": "^(?!\\[[a-z0-9\\-]+\\]\\s.+).+"
-                          }
-                        ]
-                      }
-                    }
-                  }
-                }
-              ]
-            }
-          }

.github/workflows/metadata-label-pr-ci-status.yaml

@@ -1,126 +0,0 @@
----
-name: "Metadata: Label pull requests CI status"
-
-on:
-  workflow_run:
-    workflows:
-    - "Pre-commit consistency check"
-    - "Charts: Validate"
-    types:
-    - completed
-
-jobs:
-  label-precommit:
-    name: Label pre-commit status
-    runs-on: ubuntu-20.04
-    if: "${{ github.event.workflow.name == 'Pre-commit consistency check' }}"
-    steps:
-    - uses: getsentry/action-github-app-token@v1
-      id: get-app-token
-      with:
-        app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
-        private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
-
-    - name: "Get information about the origin 'CI' run"
-      uses: potiuk/get-workflow-origin@v1_3
-      id: source-run-info
-      with:
-        token: ${{ steps.get-app-token.outputs.token }}
-        sourceRunId: ${{ github.event.workflow_run.id }}
-
-    - name: Label precommit success
-      uses: andymckay/labeler@1.0.4
-      if: ${{ github.event.workflow_run.conclusion == 'success' }}
-      with:
-        repo-token: ${{ steps.get-app-token.outputs.token }}
-        issue-number: ${{ steps.source-run-info.outputs.pullRequestNumber }}
-        add-labels: "precommit:ok"
-        remove-labels: "precommit:failed"
-
-    - name: Label precommit failure
-      uses: andymckay/labeler@1.0.4
-      if: ${{ github.event.workflow_run.conclusion == 'failure' }}
-      with:
-        repo-token: ${{ steps.get-app-token.outputs.token }}
-        issue-number: ${{ steps.source-run-info.outputs.pullRequestNumber }}
-        add-labels: "precommit:failed"
-        remove-labels: "precommit:ok"
-
-  label-lint-install:
-    name: Label lint and install status
-    runs-on: ubuntu-20.04
-    if: "${{ github.event.workflow.name == 'Charts: Validate' }}"
-    steps:
-    - uses: getsentry/action-github-app-token@v1
-      id: get-app-token
-      with:
-        app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
-        private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
-
-    - name: "Get information about the origin 'CI' run"
-      uses: potiuk/get-workflow-origin@v1_3
-      id: source-run-info
-      with:
-        token: ${{ steps.get-app-token.outputs.token }}
-        sourceRunId: ${{ github.event.workflow_run.id }}
-
-    - name: "Get workflow job status"
-      uses: actions/github-script@v5
-      id: get-workflow-jobs
-      with:
-        github-token: ${{ steps.get-app-token.outputs.token }}
-        script: |
-          let result = new Object
-
-          const wfJobs = await github.rest.actions.listJobsForWorkflowRun({
-            owner: context.repo.owner,
-            repo: context.repo.repo,
-            run_id: context.payload.workflow_run.id,
-          })
-
-          for (const job of wfJobs.data.jobs) {
-            if (job.name === 'Lint successful') {
-              result['lint'] = job.conclusion
-            } else if (job.name === 'Install successful') {
-              result['install'] = job.conclusion
-            }
-          }
-
-          console.log(result)
-          return result
-
-    - name: Label lint success
-      uses: andymckay/labeler@1.0.4
-      if: ${{ fromJSON(steps.get-workflow-jobs.outputs.result).lint == 'success' }}
-      with:
-        repo-token: ${{ steps.get-app-token.outputs.token }}
-        issue-number: ${{ steps.source-run-info.outputs.pullRequestNumber }}
-        add-labels: "lint:ok"
-        remove-labels: "lint:failed"
-
-    - name: Label lint failure
-      uses: andymckay/labeler@1.0.4
-      if: ${{ fromJSON(steps.get-workflow-jobs.outputs.result).lint == 'failure' }}
-      with:
-        repo-token: ${{ steps.get-app-token.outputs.token }}
-        issue-number: ${{ steps.source-run-info.outputs.pullRequestNumber }}
-        add-labels: "lint:failed"
-        remove-labels: "lint:ok"
-
-    - name: Label install success
-      uses: andymckay/labeler@1.0.4
-      if: ${{ fromJSON(steps.get-workflow-jobs.outputs.result).install == 'success' }}
-      with:
-        repo-token: ${{ steps.get-app-token.outputs.token }}
-        issue-number: ${{ steps.source-run-info.outputs.pullRequestNumber }}
-        add-labels: "install:ok"
-        remove-labels: "install:failed"
-
-    - name: Label install failure
-      uses: andymckay/labeler@1.0.4
-      if: ${{ fromJSON(steps.get-workflow-jobs.outputs.result).install == 'failure' }}
-      with:
-        repo-token: ${{ steps.get-app-token.outputs.token }}
-        issue-number: ${{ steps.source-run-info.outputs.pullRequestNumber }}
-        add-labels: "install:failed"
-        remove-labels: "install:ok"

.github/workflows/metadata-label-pr.yaml

@@ -0,0 +1,39 @@
+---
+name: "Metadata: Label pull requests"
+
+on:
+  pull_request_target:
+    types:
+      - opened
+      - edited
+      - closed
+      - reopened
+      - ready_for_review
+      - synchronize
+
+jobs:
+  label-size:
+    name: Label Size
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate Token
+        uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
+          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
+
+      - name: Label Size
+        uses: pascalgn/size-label-action@v0.4.3
+        env:
+          GITHUB_TOKEN: "${{ steps.generate-token.outputs.token }}"
+        with:
+          sizes: >
+            {
+              "0": "XS",
+              "20": "S",
+              "50": "M",
+              "200": "L",
+              "800": "XL",
+              "2000": "XXL"
+            }

.github/workflows/pr-metadata.yaml

@@ -0,0 +1,60 @@
+name: "Pull Request: Get metadata"
+
+on:
+  workflow_call:
+    outputs:
+      isRenovatePR:
+        description: "Is the PR coming from Renovate?"
+        value: ${{ jobs.pr-metadata.outputs.isRenovatePR }}
+      isFork:
+        description: "Is the PR coming from a forked repo?"
+        value: ${{ jobs.pr-metadata.outputs.isFork }}
+      addedOrModified:
+        description: "Does the PR contain any changes?"
+        value: ${{ jobs.pr-changes.outputs.addedOrModified }}
+      addedOrModifiedFiles:
+        description: "A list of the files changed in this PR"
+        value: ${{ jobs.pr-changes.outputs.addedOrModifiedFiles }}
+      addedOrModifiedCharts:
+        description: "A list of the charts changed in this PR"
+        value: ${{ jobs.pr-changes.outputs.addedOrModifiedCharts }}
+
+jobs:
+  pr-metadata:
+    name: Collect PR metadata
+    runs-on: ubuntu-latest
+    outputs:
+      isRenovatePR: ${{ startsWith(steps.branch-name.outputs.current_branch, 'renovate/') }}
+      isFork: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+    steps:
+      - name: Get branch name
+        id: branch-name
+        uses: tj-actions/branch-names@v5.1
+
+      - name: Save PR data to file
+        env:
+          PR_NUMBER: ${{ github.event.number }}
+        run: |
+          echo $PR_NUMBER > pr_number.txt
+
+      - name: Store pr data in artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: pr_metadata
+          path: ./pr_number.txt
+          retention-days: 5
+
+  pr-changes:
+    name: Collect PR changes
+    runs-on: ubuntu-latest
+    outputs:
+      addedOrModified: ${{ steps.collect-changes.outputs.changesDetected }}
+      addedOrModifiedFiles: ${{ steps.collect-changes.outputs.addedOrModifiedFiles }}
+      addedOrModifiedCharts: ${{ steps.collect-changes.outputs.addedOrModifiedCharts }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Collect changes
+        id: collect-changes
+        uses: ./.github/actions/collect-changes

.github/workflows/pr-validate.yaml

@@ -0,0 +1,47 @@
+name: "Pull Request: Validate"
+
+on:
+  pull_request:
+    branches:
+      - master
+
+concurrency:
+  group: ${{ github.head_ref }}-pr-validate
+  # cancel-in-progress: true
+
+jobs:
+  pr-metadata:
+    uses: k8s-at-home/charts/.github/workflows/pr-metadata.yaml@master
+
+  pre-commit-check:
+    uses: k8s-at-home/charts/.github/workflows/pre-commit-check.yaml@master
+    needs:
+      - pr-metadata
+    with:
+      modifiedFiles: ${{ needs.pr-metadata.outputs.addedOrModifiedFiles }}
+
+  charts-changelog:
+    uses: k8s-at-home/charts/.github/workflows/charts-changelog.yaml@master
+    needs:
+      - pr-metadata
+      - pre-commit-check
+    with:
+      isRenovatePR: ${{ needs.pr-metadata.outputs.isRenovatePR }}
+      modifiedCharts: ${{ needs.pr-metadata.outputs.addedOrModifiedCharts }}
+
+  charts-lint:
+    uses: k8s-at-home/charts/.github/workflows/charts-lint.yaml@master
+    needs:
+      - pr-metadata
+      - charts-changelog
+    with:
+      checkoutCommit: ${{ needs.charts-changelog.outputs.commitHash }}
+
+  charts-test:
+    uses: k8s-at-home/charts/.github/workflows/charts-test.yaml@master
+    needs:
+      - pr-metadata
+      - charts-changelog
+      - charts-lint
+    with:
+      checkoutCommit: ${{ needs.charts-changelog.outputs.commitHash }}

.github/workflows/pre-commit-check.yaml

@@ -1,41 +1,21 @@
 name: "Pre-commit consistency check"
 
 on:
-  workflow_dispatch:
-  pull_request:
-
-concurrency:
-  group: ${{ github.head_ref }}-precommit
-  cancel-in-progress: true
+  workflow_call:
+    inputs:
+      modifiedFiles:
+        required: true
+        type: string
 
 jobs:
   pre-commit-check:
     name: Run pre-commit checks
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-      with:
-        fetch-depth: 0
+      - name: Checkout
+        uses: actions/checkout@v2
 
-    - uses: dorny/paths-filter@v2
-      id: filter
-      with:
-        list-files: shell
-        filters: |
-          addedOrModified:
-            - added|modified: '**'
-
-    # run only if changed files were detected
-    - name: Run against changes
-      uses: pre-commit/action@v2.0.3
-      if: steps.filter.outputs.addedOrModified == 'true'
-      with:
-        extra_args: --files ${{ steps.filter.outputs.addedOrModified_files }}
-
-    # run if no changed files were detected (e.g. workflow_dispatch on master branch)
-    - name: Run against all files
-      uses: pre-commit/action@v2.0.3
-      if: steps.filter.outputs.addedOrModified != 'true'
-      with:
-        extra_args: --all-files
+      - name: Run against changes
+        uses: pre-commit/action@v2.0.3
+        with:
+          extra_args: --files ${{ inputs.modifiedFiles }}

.github/workflows/schedule-sync-labels.yaml

@@ -0,0 +1,32 @@
+---
+name: "Schedule: Sync labels"
+
+on: # yamllint disable-line rule:truthy
+  workflow_dispatch:
+  schedule:
+    - cron: "0 * * * *"
+
+jobs:
+  labels:
+    name: Sync Labels
+    runs-on: ubuntu-latest
+    if: github.repository == 'k8s-at-home/charts'
+    steps:
+      - name: Generate Token
+        uses: tibdex/github-app-token@v1
+        id: generate-token
+        with:
+          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
+          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
+
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+
+      - name: Sync Labels
+        uses: EndBug/label-sync@v2
+        with:
+          config-file: .github/labels.yaml
+          token: "${{ steps.generate-token.outputs.token }}"
+          delete-other-labels: true

.github/workflows/stale.yaml

@@ -1,6 +1,7 @@
 ---
 name: "Mark or close stale issues and PRs"
 on:
+  workflow_dispatch:
   schedule:
     # Run the stalebot every day at 8pm UTC
     - cron: "00 20 * * *"
@@ -9,11 +10,19 @@ jobs:
   stale:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/stale@v4
+      - name: Generate Token
+        uses: tibdex/github-app-token@v1
+        id: generate-token
         with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          days-before-issue-stale: 90
-          days-before-pr-stale: 90
+          app_id: ${{ secrets.K8S_AT_HOME_APP_ID }}
+          private_key: ${{ secrets.K8S_AT_HOME_APP_PRIVATE_KEY }}
+
+      - name: Check for stale issues and PRs
+        uses: actions/stale@v4
+        with:
+          repo-token: ${{ steps.generate-token.outputs.token }}
+          days-before-issue-stale: 60
+          days-before-pr-stale: 60
           days-before-close: 14
           days-before-pr-close: 14
           stale-issue-message: >

README.md

@@ -1,6 +1,6 @@
 # Helm charts
 <!-- ALL-CONTRIBUTORS-BADGE:START - Do not remove or modify this section -->
-[![All Contributors](https://img.shields.io/badge/all_contributors-53-orange.svg?style=flat-square)](#contributors-)
+[![All Contributors](https://img.shields.io/badge/all_contributors-56-orange.svg?style=flat-square)](#contributors-)
 <!-- ALL-CONTRIBUTORS-BADGE:END -->
 
 [![docs](https://img.shields.io/badge/docs-rtfm-yellow?logo=gitbook&logoColor=white&style=for-the-badge)](https://docs.k8s-at-home.com/)
@@ -115,6 +115,9 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
     <td align="center"><a href="https://www.carrierlost.net"><img src="https://avatars.githubusercontent.com/u/969721?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Roberto Santalla</b></sub></a><br /><a href="https://github.com/k8s-at-home/charts/commits?author=roobre" title="Code">💻</a></td>
     <td align="center"><a href="http://www.greghaskins.com"><img src="https://avatars.githubusercontent.com/u/285310?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Greg Haskins</b></sub></a><br /><a href="https://github.com/k8s-at-home/charts/commits?author=greghaskins" title="Code">💻</a></td>
     <td align="center"><a href="https://github.com/jlrgraham"><img src="https://avatars.githubusercontent.com/u/2184689?v=4?s=100" width="100px;" alt=""/><br /><sub><b>jlrgraham</b></sub></a><br /><a href="https://github.com/k8s-at-home/charts/commits?author=jlrgraham" title="Code">💻</a></td>
+    <td align="center"><a href="https://cronix.cc"><img src="https://avatars.githubusercontent.com/u/181302?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Lukas Wingerberg</b></sub></a><br /><a href="https://github.com/k8s-at-home/charts/commits?author=psych0d0g" title="Code">💻</a></td>
+    <td align="center"><a href="http://www.djvg.net"><img src="https://avatars.githubusercontent.com/u/17107225?v=4?s=100" width="100px;" alt=""/><br /><sub><b>TheDJVG</b></sub></a><br /><a href="https://github.com/k8s-at-home/charts/commits?author=TheDJVG" title="Code">💻</a></td>
+    <td align="center"><a href="https://github.com/rschoultz"><img src="https://avatars.githubusercontent.com/u/727834?v=4?s=100" width="100px;" alt=""/><br /><sub><b>Rickard Schoultz</b></sub></a><br /><a href="https://github.com/k8s-at-home/charts/commits?author=rschoultz" title="Code">💻</a></td>
   </tr>
 </table>
 

charts/README.md

@@ -26,10 +26,12 @@
 | [deluge](stable/deluge) | Deluge is a torrent download client |
 | [dizquetv](stable/dizquetv) | Create live TV channel streams from media on your Plex servers. |
 | [dnsmadeeasy-webhook](stable/dnsmadeeasy-webhook) | Cert-Manager Webhook for DNSMadeEasy |
+| [dokuwiki](stable/dokuwiki) | DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database. |
 | [double-take](stable/double-take) | Unified UI and API for processing and training images for facial recognition. |
 | [dsmr-reader](stable/dsmr-reader) | DSMR-protocol reader, telegram data storage and energy consumption visualizer. |
 | [duplicati](stable/duplicati) | Store securely encrypted backups on cloud storage services! |
 | [emby](stable/emby) | Emby Server is a home media server |
+| [error-pages](stable/error-pages) | Server error pages in the docker image |
 | [esphome](stable/esphome) | ESPHome is a system to control your ESP8266/ESP32 by simple yet powerful configuration files and control them remotely through Home Automation systems. |
 | [facebox](stable/facebox) | Facebox detects and identifies faces in photos. You can teach facebox with as little as one sample image. |
 | [filebrowser](stable/filebrowser) | filebrowser provides a file managing interface within a specified directory |
@@ -67,6 +69,7 @@
 | [lidarr](stable/lidarr) | Looks and smells like Sonarr but made for music |
 | [littlelink-server](stable/littlelink-server) | A lightweight open source alternative to linktree |
 | [lychee](stable/lychee) | Lychee is a free photo-management tool, which runs on your server or web-space |
+| [maddy](stable/maddy) | Maddy Mail Server |
 | [magic-mirror](stable/magic-mirror) | magic-mirror helm package |
 | [mealie](stable/mealie) | Mealie is a self hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in Vue for a pleasant user experience for the whole family. |
 | [miniflux](stable/miniflux) | Miniflux is a minimalist and opinionated feed reader. |
@@ -99,8 +102,10 @@
 | [piaware](stable/piaware) | Program for forwarding ADS-B data to FlightAware |
 | [plex](stable/plex) | Plex Media Server |
 | [pod-gateway](stable/pod-gateway) | Admision controller to change the default gateway and DNS server of PODs |
+| [powerdns-admin](stable/powerdns-admin) | A PowerDNS web interface with advanced features |
 | [powerdns](stable/powerdns) | PowerDNS is a DNS server, written in C++ and licensed under the GPL. It runs on most Unix derivatives. PowerDNS features a large number of different backends ranging from simple BIND style zonefiles to relational databases and load balancing/failover algorithms. A DNS recursor is provided as a separate program. |
 | [pretend-youre-xyzzy](stable/pretend-youre-xyzzy) | pretend-youre-xyzzy, a cards against humanity clone |
+| [privatebin](stable/privatebin) | A minimalist, open source online pastebin running on an Nginx, php-fpm & Alpine Linux stack |
 | [promcord](stable/promcord) | Discord bot that provides metrics from a Discord server |
 | [prometheus-nut-exporter](stable/prometheus-nut-exporter) | Prometheus NUT Exporter a service monitor to send NUT server metrics to a Prometheus instance. |
 | [protonmail-bridge](stable/protonmail-bridge) | Container for protonmail bridge to work on the network. |
@@ -108,6 +113,7 @@
 | [pyload](stable/pyload) | pyLoad is a Free and Open Source download manager written in Python and designed to be extremely lightweight, easily extensible and fully manageable via web. |
 | [qbittorrent](stable/qbittorrent) | qBittorrent is a cross-platform free and open-source BitTorrent client |
 | [radarr](stable/radarr) | A fork of Sonarr to work with movies à la Couchpotato |
+| [radicale](stable/radicale) | A simple CalDAV (calendar) and CardDAV (contact) server. |
 | [readarr](stable/readarr) | A fork of Radarr to work with Books & AudioBooks |
 | [recipes](stable/recipes) | Recipes is a Django application to manage, tag and search recipes using either built in models or external storage providers hosting PDF's, Images or other files. |
 | [reg](stable/reg) | Docker registry v2 command line client and repo listing generator with security checks. |
@@ -170,3 +176,4 @@
 | [seafile](incubator/seafile) | seafile helm package |
 | [sinusbot](incubator/sinusbot) | TeamSpeak & Discord Bot |
 | [teamspeak](incubator/teamspeak) | TeamSpeak Server |
+| [torrserver](incubator/torrserver) | TorrServer streams torrent to http |

charts/incubator/dendrite/Chart.yaml

@@ -1,9 +1,9 @@
 ---
 apiVersion: v2
-appVersion: 0.5.1
+appVersion: 0.6.2
 description: Dendrite Matrix Homeserver
 name: dendrite
-version: 1.0.1
+version: 3.0.0
 kubeVersion: ">=1.16.0-0"
 keywords:
   - dendrite
@@ -11,6 +11,7 @@ keywords:
   - homeserver
   - monolith
   - federation
+  - polylith
 home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/dendrite
 sources:
   - https://github.com/matrix-org/dendrite
@@ -26,7 +27,77 @@ dependencies:
     version: 10.14.4
     repository: https://charts.bitnami.com/bitnami
     condition: postgresql.enabled
+  - name: nats
+    version: 0.12.1
+    repository: https://nats-io.github.io/k8s/helm/charts/
+    condition: nats.enabled
+  # Client API
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: clientapi
+    condition: dendrite.polylithEnabled
+  # Media API
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: mediaapi
+    condition: dendrite.polylithEnabled
+  # Sync API
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: syncapi
+    condition: dendrite.polylithEnabled
+  # Room Server
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: roomserver
+    condition: dendrite.polylithEnabled
+  # EDU Server
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: eduserver
+    condition: dendrite.polylithEnabled
+  # Federation API
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: federationapi
+    condition: dendrite.polylithEnabled
+  # Key Server
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: keyserver
+    condition: dendrite.polylithEnabled
+  # User API
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: userapi
+    condition: dendrite.polylithEnabled
+  # App Service API
+  - name: common
+    repository: https://library-charts.k8s-at-home.com
+    version: 4.3.0
+    alias: appserviceapi
+    condition: dendrite.polylithEnabled
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: Upgraded `postgresql` chart dependency to version `10.14.4`.
+      description: Refactored values for polylith mode
+    - kind: changed
+      description: Split out volume template defintions into separate file
+    - kind: fix
+      description: NAT subchart indentation
+    - kind: fix
+      description: MSC's config and updated config version
+    - kind: changed
+      description: Bumped app version to v0.6.2
+    - kind: added
+      description: Support for polylith deployment
+    - kind: changed
+      description: Rename secret fields for consistency

charts/incubator/dendrite/README.md

@@ -1,6 +1,6 @@
 # dendrite
 
-![Version: 1.0.1](https://img.shields.io/badge/Version-1.0.1-informational?style=flat-square) ![AppVersion: 0.5.1](https://img.shields.io/badge/AppVersion-0.5.1-informational?style=flat-square)
+![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![AppVersion: 0.6.2](https://img.shields.io/badge/AppVersion-0.6.2-informational?style=flat-square)
 
 Dendrite Matrix Homeserver
 
@@ -21,6 +21,16 @@ Kubernetes: `>=1.16.0-0`
 |------------|------|---------|
 | https://charts.bitnami.com/bitnami | postgresql | 10.14.4 |
 | https://library-charts.k8s-at-home.com | common | 4.3.0 |
+| https://library-charts.k8s-at-home.com | federationapi(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | clientapi(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | mediaapi(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | syncapi(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | roomserver(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | eduserver(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | keyserver(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | userapi(common) | 4.3.0 |
+| https://library-charts.k8s-at-home.com | appserviceapi(common) | 4.3.0 |
+| https://nats-io.github.io/k8s/helm/charts/ | nats | 0.12.1 |
 
 ## TL;DR
 
@@ -69,7 +79,14 @@ helm install dendrite k8s-at-home/dendrite -f values.yaml
 
 ## Custom configuration
 
-N/A
+### Polylith Ingress
+
+Due to the complexity of setting up ingress for each individual component it
+is left up to the individual to add the necessary ingress fields to polylith deployments.
+
+For more information see:
+- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy
+- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf
 
 ## Values
 
@@ -77,17 +94,20 @@ N/A
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
+| appserviceapi | object | See values.yaml | Configure the app service api. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| appserviceapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| appserviceapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| appserviceapi.image.tag | string | `"v0.6.2"` | image tag |
+| clientapi | object | See values.yaml | Configuration for the client api component. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| clientapi.config.captcha | object | See values.yaml | Configure captcha for registration |
+| clientapi.config.rate_limiting | object | values.yaml | Configure rate limiting. |
+| clientapi.config.registration_disabled | bool | `false` | Enable or disable registration for this homeserver. |
+| clientapi.config.registration_shared_secret | string | `""` | Shared secret that allows registration, despite registration_disabled. |
+| clientapi.config.turn | object | See values.yaml | Configure TURN |
+| clientapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| clientapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| clientapi.image.tag | string | `"v0.6.2"` | image tag |
 | dendrite | object | See values.yaml | Configuration for Dendrite. For more information see [the sample denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
-| dendrite.components | object | See values.yaml | Configure the dendrite components. |
-| dendrite.components.app_service_api | object | See values.yaml | Configure the App Service API |
-| dendrite.components.client_api | object | `{"captcha":{"enabled":false,"recaptcha_bypass_secret":"","recaptcha_private_key":"","recaptcha_public_key":"","recaptcha_siteverify_api":""},"rate_limiting":{"cooloff_ms":500,"enabled":true,"threshold":5},"registration_disabled":false,"registration_shared_secret":"","turn":{"turn_password":"","turn_shared_secret":"","turn_uris":[],"turn_user_lifetime":"","turn_username":""}}` | Configure the Client API |
-| dendrite.components.client_api.captcha | object | See values.yaml | Configure captcha for registration |
-| dendrite.components.client_api.rate_limiting | object | values.yaml | Configure rate limiting. |
-| dendrite.components.client_api.registration_disabled | bool | `false` | Enable or disable registration for this homeserver. |
-| dendrite.components.client_api.registration_shared_secret | string | `""` | Shared secret that allows registration, despite registration_disabled. |
-| dendrite.components.client_api.turn | object | See values.yaml | Configure TURN |
-| dendrite.components.federation_api | object | values.yaml | Configure the Federation API |
-| dendrite.components.media_api | object | values.yaml | Configure the Media API |
 | dendrite.database | object | See values.yaml | Configure database connection parameters. |
 | dendrite.global | object | See values.yaml | Configure the global settings for dendrite. |
 | dendrite.global.dns_cache | object | See values.yaml | Configure DNS cache. |
@@ -95,39 +115,82 @@ N/A
 | dendrite.global.key_validity_period | string | `"168h0m0s"` | Configure the key_validity period |
 | dendrite.global.metrics | object | See values.yaml | Configure prometheus metrics collection for dendrite. |
 | dendrite.global.metrics.enabled | bool | See values.yaml | If enabled, metrics collection will be enabled |
+| dendrite.global.mscs | list | `[]` | Configure experimental MSC's |
 | dendrite.global.server_name | string | `"localhost"` | (required) Configure the server name for the dendrite instance. |
 | dendrite.global.trusted_third_party_id_servers | list | `["matrix.org","vector.im"]` | Configure the list of domains the server will trust as identity servers |
 | dendrite.global.well_known_server_name | string | `""` | Configure the well-known server name and optional port |
 | dendrite.logging | list | See values.yaml | Configure logging. |
-| dendrite.matrix_key_secret | object | See values.yaml | If enabled, use an existing secret for matrix_key.pem. Otherwise a matrix_key.pem must be mounted to `/etc/dendrite`. |
+| dendrite.matrix_key_secret.create | bool | `false` | Create matrix_key secret using the keyBody below. |
+| dendrite.matrix_key_secret.existingSecret | string | `""` | Use an existing secret |
+| dendrite.matrix_key_secret.keyBody | string | `""` | New Key Body |
+| dendrite.matrix_key_secret.secretPath | string | `"matrix_key.pem"` | Field in the secret to get the key from |
+| dendrite.polylithEnabled | bool | `false` | Enable polylith deployment |
 | dendrite.tls_secret | object | See values.yaml | If enabled, use an existing secrets for the TLS certificate and key. Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at `/etc/dendrite`. |
 | dendrite.tracing | object | See values.yaml | Configure opentracing. |
-| image | object | `{"pullPolicy":"IfNotPresent","repository":"matrixdotorg/dendrite-monolith","tag":"v0.5.1"}` |  IMPORTANT NOTE This chart inherits from our common library chart. You can check the default values/options here: https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml |
+| eduserver | object | values.yaml | Configure the edu server For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| eduserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| eduserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| eduserver.image.tag | string | `"v0.6.2"` | image tag |
+| federationapi | object | values.yaml | Configure the Federation API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| federationapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| federationapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| federationapi.image.tag | string | `"v0.6.2"` | image tag |
+| image | object | `{"pullPolicy":"IfNotPresent","repository":"matrixdotorg/dendrite-monolith","tag":"v0.6.2"}` |  IMPORTANT NOTE This chart inherits from our common library chart. You can check the default values/options here: https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml |
 | image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
 | image.repository | string | `"matrixdotorg/dendrite-monolith"` | image repository |
-| image.tag | string | `"v0.5.1"` | image tag |
+| image.tag | string | `"v0.6.2"` | image tag |
 | ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
+| keyserver | object | See values.yaml | Configure the key server. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| keyserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| keyserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| keyserver.image.tag | string | `"v0.6.2"` | image tag |
+| mediaapi | object | values.yaml | Configure the Media API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| mediaapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| mediaapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| mediaapi.image.tag | string | `"v0.6.2"` | image tag |
+| nats.enabled | bool | See value.yaml | Enable and configure NATS for dendrite. Can be disabled for monolith deployments - an internal NATS server will be used in its place. |
+| nats.nats.image | string | `"nats:2.7.1-alpine"` |  |
+| nats.nats.jetstream.enabled | bool | `true` |  |
 | persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
+| persistence.jetstream | object | See values.yaml | Configure Jetsream persistence. This is highly recommended in production. |
 | postgresql.enabled | bool | See value.yaml | Enable and configure postgres as the database for dendrite. |
+| postgresql.image.repository | string | `"bitnami/postgresql"` |  |
+| postgresql.image.tag | string | `"14.1.0"` |  |
+| postgresql.initdbScriptsConfigMap | string | `"dendrite-postgresql-init-scripts"` |  |
 | postgresql.persistence.enabled | bool | `false` |  |
 | postgresql.postgresqlDatabase | string | `"dendrite"` |  |
 | postgresql.postgresqlPassword | string | `"changeme"` |  |
 | postgresql.postgresqlUsername | string | `"dendrite"` |  |
+| roomserver | object | values.yaml | Configure the Room Server For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| roomserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| roomserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| roomserver.image.tag | string | `"v0.6.2"` | image tag |
 | service | object | See values.yaml | If added dendrite will start a HTTP and HTTPS listener args:   - "--tls-cert=server.crt"   - "--tls-key=server.key" -- Configures service settings for the chart. |
 | service.main.ports.http | object | See values.yaml | Configures the default HTTP listener for dendrite |
 | service.main.ports.https | object | See values.yaml | Configures the HTTPS listener for dendrite |
+| syncapi | object | values.yaml | Configure the Sync API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| syncapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| syncapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| syncapi.image.tag | string | `"v0.6.2"` | image tag |
+| userapi | object | values.yaml | Configure the User API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
+| userapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| userapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| userapi.image.tag | string | `"v0.6.2"` | image tag |
 
 ## Changelog
 
-### Version 1.0.1
+### Version 3.0.0
 
 #### Added
 
-N/A
+* Support for polylith deployment
 
 #### Changed
 
-* Upgraded `postgresql` chart dependency to version `10.14.4`.
+* Refactored values for polylith mode
+* Split out volume template defintions into separate file
+* Bumped app version to v0.6.2
+* Rename secret fields for consistency
 
 #### Fixed
 

charts/incubator/dendrite/README_CONFIG.md.gotmpl

@@ -5,5 +5,13 @@
 {{- define "custom.custom.configuration" -}}
 {{ template "custom.custom.configuration.header" . }}
 
-N/A
+### Polylith Ingress
+
+Due to the complexity of setting up ingress for each individual component it
+is left up to the individual to add the necessary ingress fields to polylith deployments.
+
+For more information see:
+- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy
+- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf
+
 {{- end -}}

charts/incubator/dendrite/ci/ct-values.yaml

@@ -1,11 +1,10 @@
 ---
 dendrite:
   matrix_key_secret:
-    enabled: true
-secret:
-  matrix_key.pem: |
-    -----BEGIN MATRIX PRIVATE KEY-----
-    Key-ID: ed25519:P8gZqV
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
 
-    qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
-    -----END MATRIX PRIVATE KEY-----
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----

charts/incubator/dendrite/ci/nats-values.yaml

@@ -0,0 +1,12 @@
+---
+dendrite:
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
+nats:
+  enabled: true

charts/incubator/dendrite/ci/polylith-basic-values.yaml

@@ -0,0 +1,13 @@
+---
+dendrite:
+  polylithEnabled: true
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
+nats:
+  enabled: true

charts/incubator/dendrite/ci/polylith-full-values.yaml

@@ -0,0 +1,18 @@
+---
+dendrite:
+  polylithEnabled: true
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
+nats:
+  enabled: true
+persistence:
+  jetstream:
+    enabled: true
+postgresql:
+  enabled: true

charts/incubator/dendrite/ci/postresql-values.yaml

@@ -0,0 +1,12 @@
+---
+dendrite:
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
+postgresql:
+  enabled: true

charts/incubator/dendrite/templates/_helper.tpl

@@ -0,0 +1,3 @@
+{{- define "dendrite.names.key" -}}
+    {{- default (printf "%s-key" (include "common.names.fullname" .)) .Values.dendrite.matrix_key_secret.existingSecret -}}
+{{- end -}}

charts/incubator/dendrite/templates/common.yaml

@@ -1,50 +1,25 @@
-{{ include "common.values.setup" . }}
-
-{{- define "dendrite.keyVolume" -}}
-enabled: {{ .Values.dendrite.matrix_key_secret.enabled | quote }}
-type: "custom"
-volumeSpec:
-  secret:
-    defaultMode: 0600
-    secretName: {{ default (include "common.names.fullname" .) .Values.dendrite.matrix_key_secret.secretName }}
-subPath:
-  - path: {{ .Values.dendrite.matrix_key_secret.key }}
-    mountPath: "/etc/dendrite/matrix_key.pem"
-{{- end -}}
-{{- define "dendrite.tlsVolume" -}}
-enabled: {{ .Values.dendrite.tls_secret.enabled }}
-type: "custom"
-volumeSpec:
-  secret:
-    defaultMode: 0600
-    secretName: {{ .Values.dendrite.tls_secret.secretName }}
-subPath:
-  - path: {{ .Values.dendrite.tls_secret.crtKey }}
-    mountPath: "/etc/dendrite/server.crt"
-  - path: {{ .Values.dendrite.tls_secret.keyKey }}
-    mountPath: "/etc/dendrite/server.key"
-{{- end -}}
-{{- define "dendrite.configVolume" -}}
-enabled: "true"
-type: "custom"
-volumeSpec:
-  secret:
-    defaultMode: 0600
-    secretName: {{ include "common.names.fullname" . }}-config
-subPath:
-  - path: dendrite.yaml
-    mountPath: "/etc/dendrite/dendrite.yaml"
-{{- end -}}
-{{- $_ := set .Values.persistence "dendrite-key" (include "dendrite.keyVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "dendrite-config" (include "dendrite.configVolume" . | fromYaml) -}}
-{{- $_ := set .Values.persistence "dendrite-tls" (include "dendrite.tlsVolume" . | fromYaml) -}}
-{{- define "postgresql.initdbScripts" -}}
-create_db.sh: |
-  #!/bin/sh
-  for db in userapi_accounts userapi_devices mediaapi syncapi roomserver keyserver federationapi appservice naffka; do
-  createdb -U dendrite -O dendrite dendrite_$db
-  done
-{{- end -}}
-{{- $_ := set .Values.postgresql "initdbScripts" (include "postgresql.initdbScripts" . | fromYaml) -}}
-
-{{ include "common.all" . }}
+{{- if .Values.dendrite.polylithEnabled }}
+  {{ $components := list "clientapi" "appserviceapi" "federationapi" "userapi" "keyserver" "mediaapi" "syncapi" "roomserver" "eduserver" }}
+  {{- range $components }}
+    {{- include "common.values.setup" (index $.Subcharts .) }}
+    {{- with (index $.Values .) }}
+      {{- if not .persistence }}
+        {{- $_ := set . "persistence" (dict)}}
+      {{- end }}
+      {{- $_ := set .persistence "dendrite-key" (include "dendrite.keyVolume" $ | fromYaml) -}}
+      {{- $_ := set .persistence "dendrite-config" (include "dendrite.configVolume" $ | fromYaml) -}}
+      {{- $_ := set .persistence "dendrite-tls" (include "dendrite.tlsVolume" $ | fromYaml) -}}
+      {{- $_ := set .persistence "jetstream" $.Values.persistence.jetstream -}}
+    {{- end }}
+    {{- include "common.all" (index $.Subcharts .) }}
+  {{- end }}
+  {{- with (index $.Values "mediaapi") }}
+    {{- $_ := set .persistence "media" $.Values.persistence.media -}}
+  {{- end }}
+{{- else }}
+  {{ include "common.values.setup" . }}
+  {{- $_ := set .Values.persistence "dendrite-key" (include "dendrite.keyVolume" . | fromYaml) -}}
+  {{- $_ := set .Values.persistence "dendrite-config" (include "dendrite.configVolume" . | fromYaml) -}}
+  {{- $_ := set .Values.persistence "dendrite-tls" (include "dendrite.tlsVolume" . | fromYaml) -}}
+  {{ include "common.all" . }}
+{{- end }}

charts/incubator/dendrite/templates/dendrite-config.yaml

@@ -1,6 +1,6 @@
 {{- $connectionString := "file:" -}}
 {{- if .Values.postgresql.enabled}}
-{{- $connectionString = print "postgresql://" .Values.postgresql.postgresqlUsername ":" .Values.postgresql.postgresqlPassword "@dendrite-postgresql/" -}}
+{{- $connectionString = print "postgresql://" .Values.postgresql.postgresqlUsername ":" .Values.postgresql.postgresqlPassword "@" (include "common.names.fullname" .)  "-postgresql/" -}}
 {{- end}}
 ---
 apiVersion: v1
@@ -10,7 +10,7 @@ metadata:
 type: Opaque
 stringData:
   dendrite.yaml: |
-    version: 1
+    version: 2
     global:
       server_name: {{ required "A server_name must be provided." .Values.dendrite.global.server_name | quote }}
       private_key: matrix_key.pem
@@ -18,14 +18,16 @@ stringData:
       well_known_server_name: {{ default "" .Values.dendrite.global.well_known_server_name | quote }}
       trusted_third_party_id_servers:
       {{- toYaml .Values.dendrite.global.trusted_third_party_id_servers | nindent 8 }}
-      kafka:
+      jetstream:
+        addresses:
+          {{- if .Values.nats.enabled }}
+          - {{ template "common.names.fullname" . }}-nats:4222
+          {{- else }}
+          []
+          {{- end }}
+        in_memory: {{ not .Values.persistence.jetstream.enabled }}
+        storage_path: {{ .Values.persistence.jetstream.mountPath }}
         topic_prefix: "Dendrite"
-        use_naffka: true
-        naffka_database:
-          connection_string: {{ $connectionString }}dendrite_naffka?sslmode=disable
-          max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
-          max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
-          conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
       metrics:
         enabled: {{ default false .Values.dendrite.global.metrics.enabled }}
         basic_auth:
@@ -37,40 +39,40 @@ stringData:
         cache_lifetime: {{ default "5m" .Values.dendrite.global.dns_cache.cache_lifetime }}
     app_service_api:
       internal_api:
-        listen: http://0.0.0.0:7777
-        connect: http://appservice_api:7777
+        listen: http://0.0.0.0:{{ .Values.appserviceapi.service.main.ports.internal.port }}
+        connect: http://{{ include "common.names.fullname" . }}-appserviceapi:{{ .Values.appserviceapi.service.main.ports.internal.port }}
       database:
         connection_string: {{ $connectionString }}dendrite_appservice?sslmode=disable
         max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
         max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
         conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
-      config_files: {{- toYaml .Values.dendrite.components.app_service_api.config_files | nindent 8 }}
+      config_files: {{- toYaml .Values.appserviceapi.config.config_files | nindent 8 }}
     client_api:
       internal_api:
-        listen: http://0.0.0.0:7771
-        connect: http://client_api:7771
+        listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.internal.port }}
+        connect: http://{{ include "common.names.fullname" . }}-clientapi:{{ .Values.clientapi.service.main.ports.internal.port }}
       external_api:
-        listen: http://0.0.0.0:8071
-      registration_disabled: {{ default false .Values.dendrite.components.client_api.registration_disabled }}
-      registration_shared_secret: {{ default "" .Values.dendrite.components.client_api.registration_shared_secret | quote }}
-      enable_registration_captcha: {{ default false .Values.dendrite.components.client_api.captcha.enabled }}
-      recaptcha_public_key: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_public_key | quote }}
-      recaptcha_private_key: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_private_key | quote }}
-      recaptcha_bypass_secret: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_bypass_secret | quote }}
-      recaptcha_siteverify_api: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_siteverify_api | quote }}
-      turn: {{- toYaml .Values.dendrite.components.client_api.turn | nindent 8 }}
+        listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.external.port }}
+      registration_disabled: {{ default false .Values.clientapi.config.registration_disabled }}
+      registration_shared_secret: {{ default "" .Values.clientapi.config.registration_shared_secret | quote }}
+      enable_registration_captcha: {{ default false .Values.clientapi.config.captcha.enabled }}
+      recaptcha_public_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_public_key | quote }}
+      recaptcha_private_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_private_key | quote }}
+      recaptcha_bypass_secret: {{ default "" .Values.clientapi.config.captcha.recaptcha_bypass_secret | quote }}
+      recaptcha_siteverify_api: {{ default "" .Values.clientapi.config.captcha.recaptcha_siteverify_api | quote }}
+      turn: {{- toYaml .Values.clientapi.config.turn | nindent 8 }}
       rate_limiting:
-        enabled: {{ default true .Values.dendrite.components.client_api.rate_limiting.enabled }}
-        threshold: {{ default 5 .Values.dendrite.components.client_api.rate_limiting.threshold }}
-        cooloff_ms: {{ default 500 .Values.dendrite.components.client_api.rate_limiting.cooloff_ms }}
+        enabled: {{ default true .Values.clientapi.config.rate_limiting.enabled }}
+        threshold: {{ default 5 .Values.clientapi.config.rate_limiting.threshold }}
+        cooloff_ms: {{ default 500 .Values.clientapi.config.rate_limiting.cooloff_ms }}
     edu_server:
       internal_api:
         listen: http://0.0.0.0:7778
-        connect: http://edu_server:7778
+        connect: http://{{ include "common.names.fullname" . }}-eduserver:7778
     federation_api:
       internal_api:
         listen: http://0.0.0.0:7772
-        connect: http://federation_api:7772
+        connect: http://{{ include "common.names.fullname" . }}-federationapi:7772
       external_api:
         listen: http://0.0.0.0:8072
       database:
@@ -78,20 +80,20 @@ stringData:
         max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
         max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
         conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
-      federation_certificates: {{- toYaml .Values.dendrite.components.federation_api.federation_certificates | nindent 8 }}
-      send_max_retries: {{ default 16 .Values.dendrite.components.federation_api.send_max_retries }}
-      disable_tls_validation: {{ default false .Values.dendrite.components.federation_api.disable_tls_validation }}
+      federation_certificates: {{- toYaml .Values.federationapi.config.federation_certificates | nindent 8 }}
+      send_max_retries: {{ default 16 .Values.federationapi.config.send_max_retries }}
+      disable_tls_validation: {{ default false .Values.federationapi.config.disable_tls_validation }}
       proxy_outbound:
-        enabled: {{ default false .Values.dendrite.components.federation_api.proxy_outbound.enabled }}
-        protocol: {{ default "http" .Values.dendrite.components.federation_api.proxy_outbound.protocol | quote }}
-        host: {{ default "localhost" .Values.dendrite.components.federation_api.proxy_outbound.host | quote }}
-        port: {{ default 8080 .Values.dendrite.components.federation_api.proxy_outbound.port }}
-      key_perspectives: {{- toYaml .Values.dendrite.components.federation_api.key_perspectives | nindent 8 }}
-      prefer_direct_fetch: {{ default false .Values.dendrite.components.federation_api.prefer_direct_fetch }}
+        enabled: {{ default false .Values.federationapi.config.proxy_outbound.enabled }}
+        protocol: {{ default "http" .Values.federationapi.config.proxy_outbound.protocol | quote }}
+        host: {{ default "localhost" .Values.federationapi.config.proxy_outbound.host | quote }}
+        port: {{ default 8080 .Values.federationapi.config.proxy_outbound.port }}
+      key_perspectives: {{- toYaml .Values.federationapi.config.key_perspectives | nindent 8 }}
+      prefer_direct_fetch: {{ default false .Values.federationapi.config.prefer_direct_fetch }}
     key_server:
       internal_api:
         listen: http://0.0.0.0:7779
-        connect: http://key_server:7779
+        connect: http://{{ include "common.names.fullname" . }}-keyserver:7779
       database:
         connection_string: {{ $connectionString }}dendrite_keyserver?sslmode=disable
         max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
@@ -100,7 +102,7 @@ stringData:
     media_api:
       internal_api:
         listen: http://0.0.0.0:7774
-        connect: http://media_api:7774
+        connect: http://{{ include "common.names.fullname" . }}-mediaapi:7774
       external_api:
         listen: http://0.0.0.0:8074
       database:
@@ -108,15 +110,22 @@ stringData:
         max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
         max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
         conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
-      base_path: {{ default "/var/dendrite/media" .Values.dendrite.components.media_api.base_path | quote }}
-      max_file_size_bytes: {{ default 10485760 .Values.dendrite.components.media_api.max_file_size_bytes }}
-      dynamic_thumbnails: {{ default false .Values.dendrite.components.media_api.dynamic_thumbnails }}
-      max_thumbnail_generators: {{ default 10 .Values.dendrite.components.media_api.max_thumbnail_generators }}
-      thumbnail_sizes: {{- toYaml .Values.dendrite.components.media_api.thumbnail_sizes | nindent 8 }}
+      base_path: {{ default "/var/dendrite/media" .Values.mediaapi.config.base_path | quote }}
+      max_file_size_bytes: {{ int ( default 10485760 .Values.mediaapi.config.max_file_size_bytes ) }}
+      dynamic_thumbnails: {{ default false .Values.mediaapi.config.dynamic_thumbnails }}
+      max_thumbnail_generators: {{ default 10 .Values.mediaapi.config.max_thumbnail_generators }}
+      thumbnail_sizes: {{- toYaml .Values.mediaapi.config.thumbnail_sizes | nindent 8 }}
+    mscs:
+      mscs: {{ .Values.dendrite.global.mscs | toYaml | nindent 8 }}
+      database:
+        connection_string: {{ $connectionString }}dendrite_mscs?sslmode=disable
+        max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
+        max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
+        conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
     room_server:
       internal_api:
         listen: http://0.0.0.0:7770
-        connect: http://room_server:7770
+        connect: http://{{ include "common.names.fullname" . }}-roomserver:7770
       database:
         connection_string: {{ $connectionString }}dendrite_roomserver?sslmode=disable
         max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
@@ -125,7 +134,7 @@ stringData:
     sync_api:
       internal_api:
         listen: http://0.0.0.0:7773
-        connect: http://sync_api:7773
+        connect: http://{{ include "common.names.fullname" . }}-syncapi:7773
       external_api:
           listen: http://0.0.0.0:8073
       database:
@@ -136,7 +145,7 @@ stringData:
     user_api:
       internal_api:
         listen: http://0.0.0.0:7781
-        connect: http://user_api:7781
+        connect: http://{{ include "common.names.fullname" . }}-userapi:7781
       account_database:
         connection_string: {{ $connectionString }}dendrite_userapi_accounts?sslmode=disable
         max_open_conns: {{ .Values.dendrite.database.max_open_conns }}

charts/incubator/dendrite/templates/matrix-key-secret.yaml

@@ -0,0 +1,9 @@
+{{- if .Values.dendrite.matrix_key_secret.create }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "dendrite.names.key" . }}
+stringData:
+  {{ .Values.dendrite.matrix_key_secret.secretPath }}: | {{ .Values.dendrite.matrix_key_secret.keyBody | nindent 4 }}
+{{- end }}

charts/incubator/dendrite/templates/postgresql-initdb.yaml

@@ -0,0 +1,14 @@
+{{- if .Values.postgresql.enabled }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  creationTimestamp: null
+  name: {{ .Values.postgresql.initdbScriptsConfigMap | quote }}
+data:
+  create-db.sh: |
+    #!/bin/sh
+    for db in userapi_accounts userapi_devices mediaapi syncapi roomserver keyserver federationapi appservice naffka; do
+    createdb -U {{ .Values.postgresql.postgresqlUsername }} -O {{ .Values.postgresql.postgresqlUsername }} dendrite_$db
+    done
+{{- end }}

charts/incubator/dendrite/templates/volumes.yaml

@@ -0,0 +1,35 @@
+{{- define "dendrite.keyVolume" -}}
+enabled: {{ .Values.dendrite.matrix_key_secret.enabled }}
+type: "custom"
+volumeSpec:
+  secret:
+    defaultMode: 0600
+    secretName: {{ include "dendrite.names.key" . }}
+subPath:
+  - path: {{ .Values.dendrite.matrix_key_secret.secretPath }}
+    mountPath: "/etc/dendrite/matrix_key.pem"
+{{- end -}}
+{{- define "dendrite.tlsVolume" -}}
+enabled: {{ .Values.dendrite.tls_secret.enabled }}
+type: "custom"
+volumeSpec:
+  secret:
+    defaultMode: 0600
+    secretName: {{ .Values.dendrite.tls_secret.existingSecret }}
+subPath:
+  - path: {{ .Values.dendrite.tls_secret.crtPath }}
+    mountPath: "/etc/dendrite/server.crt"
+  - path: {{ .Values.dendrite.tls_secret.keyPath }}
+    mountPath: "/etc/dendrite/server.key"
+{{- end -}}
+{{- define "dendrite.configVolume" -}}
+enabled: true
+type: "custom"
+volumeSpec:
+  secret:
+    defaultMode: 0600
+    secretName: {{ include "common.names.fullname" . }}-config
+subPath:
+  - path: dendrite.yaml
+    mountPath: "/etc/dendrite/dendrite.yaml"
+{{- end -}}

charts/incubator/dendrite/values.yaml

@@ -10,7 +10,7 @@ image:
   # -- image repository
   repository: matrixdotorg/dendrite-monolith
   # -- image tag
-  tag: "v0.5.1"
+  tag: "v0.6.2"
   # -- image pull policy
   pullPolicy: IfNotPresent
 
@@ -47,27 +47,304 @@ persistence:
   media:
     enabled: false
     mountPath: &mediaPath /var/dendrite/media
+    accessMode: ReadWriteOnce
+    size: 5Gi
+  # -- Configure Jetsream persistence. This is highly recommended in production.
+  # @default -- See values.yaml
+  jetstream:
+    enabled: false
+    mountPath: /var/dendrite/jetstream
+    accessMode: ReadWriteOnce
+    size: 1Gi
+
+# -- Configure the key server.
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- See values.yaml
+keyserver:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7779
+  args: "keyserver"
+
+# -- Configure the app service api.
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- See values.yaml
+appserviceapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7777
+  args: "appservice"
+  config:
+    config_files: []
+
+# -- Configuration for the client api component.
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- See values.yaml
+clientapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7771
+        external:
+          enabled: true
+          port: 8071
+  args: "clientapi"
+  config:
+    # -- Enable or disable registration for this homeserver.
+    registration_disabled: false
+    # -- Shared secret that allows registration, despite registration_disabled.
+    registration_shared_secret: ""
+    # -- Configure captcha for registration
+    # @default -- See values.yaml
+    captcha:
+      enabled: false
+      recaptcha_public_key: ""
+      recaptcha_private_key: ""
+      recaptcha_bypass_secret: ""
+      recaptcha_siteverify_api: ""
+    # -- Configure TURN
+    # @default -- See values.yaml
+    turn:
+      turn_user_lifetime: ""
+      turn_uris: []
+      turn_shared_secret: ""
+      turn_username: ""
+      turn_password: ""
+    # -- Configure rate limiting.
+    # @default -- values.yaml
+    rate_limiting:
+      enabled: true
+      threshold: 5
+      cooloff_ms: 500
+
+# -- Configure the Federation API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- values.yaml
+federationapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7772
+        external:
+          enabled: true
+          port: 8072
+  args: "federationapi"
+  config:
+    federation-certificates: []
+    send-max_retires: 16
+    disable_tls_validation: false
+    proxy_outbound:
+      enabled: false
+      protocol: http
+      host: localhost
+      port: 8080
+    key_perspectives:
+      - server_name: matrix.org
+        keys:
+          - key_id: ed25519:auto
+            public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
+          - key_id: ed25519:a_RXGa
+            public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
+    prefer_direct_fetch: false
+
+# -- Configure the User API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- values.yaml
+userapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7781
+  args: "userapi"
+
+# -- Configure the Sync API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- values.yaml
+syncapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7773
+        external:
+          enabled: true
+          port: 8073
+  args: "syncapi"
+
+# -- Configure the Room Server
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- values.yaml
+roomserver:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7770
+  args: "roomserver"
+
+# -- Configure the edu server
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- values.yaml
+eduserver:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7778
+  args: "eduserver"
+
+# -- Configure the Media API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
+# @default -- values.yaml
+mediaapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    tag: "v0.6.2"
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7774
+        external:
+          enabled: true
+          port: 8074
+  args: "mediaapi"
+  config:
+    base_path: *mediaPath
+    max_file_size_bytes: 10485760
+    dynamic_thumbnails: false
+    max_thumbnail_generators: 10
+    thumbnail_sizes:
+      - width: 32
+        height: 32
+        method: crop
+      - width: 96
+        height: 96
+        method: crop
+      - width: 640
+        height: 480
+        method: scale
 
 # -- Configuration for Dendrite.
 # For more information see [the sample
 # denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
 # @default -- See values.yaml
 dendrite:
+  # -- Enable polylith deployment
+  polylithEnabled: false
   # -- If enabled, use an existing secrets for the TLS certificate and key.
   # Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at
   # `/etc/dendrite`.
   # @default -- See values.yaml
   tls_secret:
     enabled: false
-    secretName: "dendrite-tls"
-    crtKey: tls.crt
-    keyKey: tls.key
-  # -- If enabled, use an existing secret for matrix_key.pem. Otherwise a
-  # matrix_key.pem must be mounted to `/etc/dendrite`.
-  # @default -- See values.yaml
+    existingSecret: ""
+    crtPath: tls.crt
+    keyPath: tls.key
   matrix_key_secret:
-    enabled: false
-    key: matrix_key.pem
+    # -- Create matrix_key secret using the keyBody below.
+    create: false
+    # -- New Key Body
+    keyBody: ""
+    # -- Use an existing secret
+    existingSecret: ""
+    # -- Field in the secret to get the key from
+    secretPath: matrix_key.pem
+
   # -- Configure database connection parameters.
   # @default -- See values.yaml
   database:
@@ -104,77 +381,9 @@ dendrite:
       enabled: false
       cache_size: 256
       cache_lifetime: "5m"
-  # -- Configure the dendrite components.
-  # @default -- See values.yaml
-  components:
-    # -- Configure the App Service API
-    # @default -- See values.yaml
-    app_service_api:
-      config_files: []
-    # -- Configure the Client API
-    client_api:
-      # -- Enable or disable registration for this homeserver.
-      registration_disabled: false
-      # -- Shared secret that allows registration, despite registration_disabled.
-      registration_shared_secret: ""
-      # -- Configure captcha for registration
-      # @default -- See values.yaml
-      captcha:
-        enabled: false
-        recaptcha_public_key: ""
-        recaptcha_private_key: ""
-        recaptcha_bypass_secret: ""
-        recaptcha_siteverify_api: ""
-      # -- Configure TURN
-      # @default -- See values.yaml
-      turn:
-        turn_user_lifetime: ""
-        turn_uris: []
-        turn_shared_secret: ""
-        turn_username: ""
-        turn_password: ""
-      # -- Configure rate limiting.
-      # @default -- values.yaml
-      rate_limiting:
-        enabled: true
-        threshold: 5
-        cooloff_ms: 500
-    # -- Configure the Federation API
-    # @default -- values.yaml
-    federation_api:
-      federation_certificates: []
-      send_max_retires: 16
-      disable_tls_validation: false
-      proxy_outbound:
-        enabled: false
-        protocol: http
-        host: localhost
-        port: 8080
-      key_perspectives:
-        - server_name: matrix.org
-          keys:
-            - key_id: ed25519:auto
-              public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
-            - key_id: ed25519:a_RXGa
-              public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
-      prefer_direct_fetch: false
-    # -- Configure the Media API
-    # @default -- values.yaml
-    media_api:
-      base_path: *mediaPath
-      max_file_size_bytes: 10485760
-      dynamic_thumbnails: false
-      max_thumbnail_generators: 10
-      thumbnail_sizes:
-        - width: 32
-          height: 32
-          method: crop
-        - width: 96
-          height: 96
-          method: crop
-        - width: 640
-          height: 480
-          method: scale
+    # -- Configure experimental MSC's
+    mscs: []
+
   # -- Configure opentracing.
   # @default -- See values.yaml
   tracing:
@@ -189,6 +398,7 @@ dendrite:
       headers: null
       baggage_restrictions: null
       throttler: null
+
   # -- Configure logging.
   # @default -- See values.yaml
   logging:
@@ -201,8 +411,22 @@ postgresql:
   # -- Enable and configure postgres as the database for dendrite.
   # @default -- See value.yaml
   enabled: false
+  image:
+    repository: bitnami/postgresql
+    tag: "14.1.0"
   postgresqlUsername: dendrite
   postgresqlPassword: changeme
   postgresqlDatabase: dendrite
   persistence:
     enabled: false
+  initdbScriptsConfigMap: "dendrite-postgresql-init-scripts"
+
+nats:
+  # -- Enable and configure NATS for dendrite. Can be disabled for monolith
+  # deployments - an internal NATS server will be used in its place.
+  # @default -- See value.yaml
+  enabled: false
+  nats:
+    image: nats:2.7.1-alpine
+    jetstream:
+      enabled: true

charts/incubator/teamspeak/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: 3.13.6
 description: TeamSpeak Server
 name: teamspeak
-version: 0.3.0
+version: 0.4.0
 kubeVersion: ">=1.16.0-0"
 keywords:
   - teamspeak
@@ -20,4 +20,6 @@ dependencies:
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: Upgraded `common` chart dependency to version `4.3.0`.
+      description: Merged ports into single service.
+    - kind: added
+      description: Added metrics sidecar.

charts/incubator/teamspeak/README.md

@@ -1,6 +1,6 @@
 # teamspeak
 
-![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![AppVersion: 3.13.6](https://img.shields.io/badge/AppVersion-3.13.6-informational?style=flat-square)
+![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![AppVersion: 3.13.6](https://img.shields.io/badge/AppVersion-3.13.6-informational?style=flat-square)
 
 TeamSpeak Server
 
@@ -67,7 +67,29 @@ helm install teamspeak k8s-at-home/teamspeak -f values.yaml
 
 ## Custom configuration
 
-N/A
+### Regarding the services
+
+By default, it is not yet possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways:
+
+1. Create a separate service containing the UDP ports. This could be done by disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`:
+
+```yaml
+service:
+  udp:
+    enabled: true
+    type: LoadBalancer
+    # <your other service configuration>
+    ports:
+      voice:
+        enabled: true
+        port: 9987
+        protocol: UDP
+```
+
+2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`.
+   You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this.
+
+   For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/).
 
 ## Values
 
@@ -75,10 +97,21 @@ N/A
 
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
-| env | string | See below | environment variables. See more environment variables in the [teamspeak image documentation](https://hub.docker.com/_/teamspeak). |
+| env | object | See below | environment variables. See more environment variables in the [teamspeak image documentation](https://hub.docker.com/_/teamspeak). |
 | image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
 | image.repository | string | `"teamspeak"` | image repository |
 | image.tag | string | `"3.13.6"` | image tag |
+| metrics.enabled | bool | See values.yaml | Enable and configure ts3exporter sidecar and Prometheus serviceMonitor. |
+| metrics.exporter.env.enableChannelMetrics | bool | `false` | Set to true to enable gathering of channel metrics |
+| metrics.exporter.env.port | int | `9189` | metrics port |
+| metrics.exporter.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| metrics.exporter.image.repository | string | `"quay.io/ricardbejarano/ts3exporter"` | image repository |
+| metrics.exporter.image.tag | string | `"0.0.7"` | image tag |
+| metrics.prometheusRule | object | See values.yaml | Enable and configure Prometheus Rules for the chart under this key. |
+| metrics.prometheusRule.rules | list | See prometheusrules.yaml | Configure additionial rules for the chart under this key. |
+| metrics.serviceMonitor.interval | string | `"1m"` |  |
+| metrics.serviceMonitor.labels | object | `{}` |  |
+| metrics.serviceMonitor.scrapeTimeout | string | `"30s"` |  |
 | nodeSelector | object | `{"kubernetes.io/arch":"amd64"}` | The TeamSpeak server binary is only available for x86_64. |
 | persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
 | probes.liveness.custom | bool | `true` |  |
@@ -91,15 +124,15 @@ N/A
 
 ## Changelog
 
-### Version 0.3.0
+### Version 0.4.0
 
 #### Added
 
-N/A
+* Added metrics sidecar.
 
 #### Changed
 
-* Upgraded `common` chart dependency to version `4.3.0`.
+* Merged ports into single service.
 
 #### Fixed
 

charts/incubator/teamspeak/README_CONFIG.md.gotmpl

@@ -5,5 +5,27 @@
 {{- define "custom.custom.configuration" -}}
 {{ template "custom.custom.configuration.header" . }}
 
-N/A
+### Regarding the services
+
+By default, it is not yet possible to combine TCP and UDP ports on a service with `type: LoadBalancer`. This can be solved in a number of ways:
+
+1. Create a separate service containing the UDP ports. This could be done by disabling the UDP ports under `service.main.ports` and adding the following in your `values.yaml`:
+
+```yaml
+service:
+  udp:
+    enabled: true
+    type: LoadBalancer
+    # <your other service configuration>
+    ports:
+      voice:
+        enabled: true
+        port: 9987
+        protocol: UDP
+```
+
+2. Since Kubernetes 1.20 there is a feature gate that can be enabled to allow TCP and UDP ports to coexist on Services with `type: Loadbalancer`.
+   You will need to enable the `MixedProtocolLBService` feature gate in order to achieve this.
+
+   For more information about feature gates, please see [the docs](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/).
 {{- end -}}

charts/incubator/teamspeak/templates/common.yaml

@@ -1 +1,79 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "common.values.setup" . }}
+
+{{/*
+If there's an existing secret, reuse it, otherwise generate a new one.
+*/}}
+{{- define "teamspeak.serveradmin-password" -}}
+{{- $secret := (lookup "v1" "Secret" .Release.Namespace (include "common.names.fullname" .) ) -}}
+  {{- if $secret -}}
+    {{-  index $secret "data" "serveradmin_password" -}}
+  {{- else -}}
+    {{- randAlphaNum 32 | b64enc | quote -}}
+  {{- end -}}
+{{- end -}}
+
+{{/* Append the hardcoded settings */}}
+{{- define "teamspeak.harcodedValues" -}}
+{{- if not .Values.env.TS3SERVER_SERVERADMIN_PASSWORD }}
+env:
+  TS3SERVER_SERVERADMIN_PASSWORD:
+    valueFrom:
+      secretKeyRef:
+        name: {{ include "common.names.fullname" . }}
+        key: serveradmin_password
+{{- end }}
+{{- if .Values.metrics.enabled }}
+additionalContainers:
+  exporter:
+    name: exporter
+    image: "{{ .Values.metrics.exporter.image.repository }}:{{ .Values.metrics.exporter.image.tag }}"
+    imagePullPolicy: {{ .Values.metrics.exporter.image.pullPolicy }}
+    args:
+      - -listen
+      - :{{ .Values.metrics.exporter.env.port }}
+      {{- if .Values.metrics.exporter.env.enableChannelMetrics }}
+      - -enablechannelmetrics
+      {{- end }}
+    env:
+      - name: SERVERQUERY_PASSWORD
+        {{- $value := .Values.env.TS3SERVER_SERVERADMIN_PASSWORD }}
+        {{- if $value }}
+        {{- if kindIs "map" $value -}}
+          {{- if hasKey $value "value" }}
+            {{- $value = $value.value -}}
+          {{- else if hasKey $value "valueFrom" }}
+            {{- toYaml $value | nindent 8 }}
+          {{- else }}
+            {{- dict "valueFrom" $value | toYaml | nindent 8 }}
+          {{- end }}
+        {{- else }}
+          {{- if kindIs "string" $value }}
+            {{- $value = tpl $value $ }}
+          {{- end }}
+        value: {{ quote $value }}
+        {{- end }}
+        {{- else }}
+        valueFrom:
+          secretKeyRef:
+            name: {{ include "common.names.fullname" . }}
+            key: serveradmin_password
+        {{- end }}
+    ports:
+      - name: metrics
+        containerPort: {{ .Values.metrics.exporter.env.port }}
+
+service:
+  metrics:
+    enabled: true
+    ports:
+      metrics:
+        enabled: true
+        protocol: TCP
+        port: {{ .Values.metrics.exporter.env.port }}
+{{- end }}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values (include "teamspeak.harcodedValues" . | fromYaml) -}}
+
+{{/* Render the templates */}}
 {{ include "common.all" . }}

charts/incubator/teamspeak/templates/prometheusrules.yaml

@@ -0,0 +1,36 @@
+{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: PrometheusRule
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+    {{- with .Values.metrics.prometheusRule.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  groups:
+    - name: {{ include "common.names.fullname" . }}
+      rules:
+        - alert: Ts3ExporterAbsent
+          annotations:
+            description: ts3exporter has disappeared from Prometheus service discovery.
+            summary: ts3exporter is down.
+          expr: |
+            absent(up{job=~".*{{ include "common.names.fullname" . }}.*"} == 1)
+          for: 5m
+          labels:
+            severity: critical
+        - alert: TeamSpeakDown
+          annotations:
+            description: TeamSpeak service is down.
+            summary: TeamSpeak is down.
+          expr: |
+            ts3_serverinfo_online{job=~".*{{ include "common.names.fullname" . }}.*"} == 0
+          for: 5m
+          labels:
+            severity: critical
+        {{- with .Values.metrics.prometheusRule.rules }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+{{- end }}

charts/incubator/teamspeak/templates/secret.yaml

@@ -0,0 +1,11 @@
+{{- if not .Values.env.TS3SERVER_SERVERADMIN_PASSWORD }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+type: Opaque
+data:
+  serveradmin_password: {{ template "teamspeak.serveradmin-password" . }}
+{{- end }}

charts/incubator/teamspeak/templates/servicemonitor.yaml

@@ -0,0 +1,24 @@
+{{- if .Values.metrics.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+    {{- with .Values.metrics.serviceMonitor.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "common.labels.selectorLabels" . | nindent 6 }}
+  endpoints:
+    - port: metrics
+      {{- with .Values.metrics.serviceMonitor.interval }}
+      interval: {{ . }}
+      {{- end }}
+      {{- with .Values.metrics.serviceMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ . }}
+      {{- end }}
+      path: /metrics
+{{- end }}

charts/incubator/teamspeak/values.yaml

@@ -16,7 +16,14 @@ image:
 # -- environment variables. See more environment variables in the [teamspeak image documentation](https://hub.docker.com/_/teamspeak).
 # @default -- See below
 env:
+  TZ: UTC
   # TS3SERVER_LICENSE: accept
+  # TS3SERVER_SERVERADMIN_PASSWORD:
+  #   valueFrom:
+  #     secretKeyRef:
+  #       name: teamspeak
+  #       key: serveradmin_password
+
 
 # -- Configures service settings for the chart.
 # @default -- See values.yaml
@@ -26,20 +33,17 @@ service:
       http:
         enabled: false
         primary: false
-      voice:
-        enabled: true
-        primary: true
-        port: 9987
-        protocol: UDP
-  tcp:
-    enabled: true
-    ports:
       serverquery:
         enabled: true
         port: 10011
       filetransfer:
         enabled: true
         port: 30033
+      voice:
+        enabled: true
+        primary: true
+        port: 9987
+        protocol: UDP
 
 probes:
   readiness:
@@ -65,6 +69,45 @@ persistence:
     enabled: false
     mountPath: /var/ts3server
 
+metrics:
+  # -- Enable and configure ts3exporter sidecar and Prometheus serviceMonitor.
+  # @default -- See values.yaml
+  enabled: false
+  serviceMonitor:
+    interval: 1m
+    scrapeTimeout: 30s
+    labels: {}
+  # -- Enable and configure Prometheus Rules for the chart under this key.
+  # @default -- See values.yaml
+  prometheusRule:
+    enabled: false
+    labels: {}
+    # -- Configure additionial rules for the chart under this key.
+    # @default -- See prometheusrules.yaml
+    rules: []
+      # - alert: TeamSpeakDown
+      #   annotations:
+      #     description: Teamspeak service is down.
+      #     summary: Teamspeak is down.
+      #   expr: |
+      #     ts3_serverinfo_online == 0
+      #   for: 5m
+      #   labels:
+      #     severity: critical
+  exporter:
+    image:
+      # -- image repository
+      repository: quay.io/ricardbejarano/ts3exporter
+      # -- image tag
+      tag: 0.0.7
+      # -- image pull policy
+      pullPolicy: IfNotPresent
+    env:
+      # -- metrics port
+      port: 9189
+      # -- Set to true to enable gathering of channel metrics
+      enableChannelMetrics: false
+
 # -- The TeamSpeak server binary is only available for x86_64.
 nodeSelector:
   kubernetes.io/arch: amd64

charts/incubator/torrserver/.helmignore

@@ -0,0 +1,26 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl

charts/incubator/torrserver/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+appVersion: 1.0.111
+description: TorrServer streams torrent to http
+name: torrserver
+version: 1.0.0
+kubeVersion: ">=1.16.0-0"
+keywords:
+- torrserver
+home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/torrserver
+icon: https://github.com/YouROK/TorrServer/raw/6868979f1fee009204ffe272f89905fcaa03fb72/server/web/pages/template/pages/apple-touch-icon.png
+sources:
+- https://github.com/MGlants/docker-torrserver
+- https://github.com/YouROK/TorrServer
+maintainers:
+- name: MGlants
+  email: mark@glants.xyz
+dependencies:
+- name: common
+  repository: https://library-charts.k8s-at-home.com
+  version: 4.3.0
+annotations:
+  artifacthub.io/changes: |
+    - kind: added
+      description: Initial version

charts/incubator/torrserver/README.md

@@ -0,0 +1,119 @@
+# torrserver
+
+![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![AppVersion: 1.0.111](https://img.shields.io/badge/AppVersion-1.0.111-informational?style=flat-square)
+
+TorrServer streams torrent to http
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+
+## Source Code
+
+* <https://github.com/MGlants/docker-torrserver>
+* <https://github.com/YouROK/TorrServer>
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://library-charts.k8s-at-home.com | common | 4.3.0 |
+
+## TL;DR
+
+```console
+helm repo add k8s-at-home https://k8s-at-home.com/charts/
+helm repo update
+helm install torrserver k8s-at-home/torrserver
+```
+
+## Installing the Chart
+
+To install the chart with the release name `torrserver`
+
+```console
+helm install torrserver k8s-at-home/torrserver
+```
+
+## Uninstalling the Chart
+
+To uninstall the `torrserver` deployment
+
+```console
+helm uninstall torrserver
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+
+## Configuration
+
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install torrserver \
+  --set env.TZ="America/New York" \
+    k8s-at-home/torrserver
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install torrserver k8s-at-home/torrserver -f values.yaml
+```
+
+## Custom configuration
+
+N/A
+
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| env | object | See below | environment variables. See more environment variables in the [torrserver documentation](https://torrserver.org/docs). |
+| env.TS_CONF_PATH | string | `"/data"` | Set data dir |
+| env.TS_TORR_DIRL | string | `"/data/torrents"` | Set torrent-tiles dir |
+| env.TZ | string | `"UTC"` | Set the container timezone |
+| hostNetwork | bool | `false` | Set this to `true` to allow using DLNA |
+| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| image.repository | string | `"smailkoz/torrserver"` | image repository |
+| image.tag | string | chart.appVersion | image tag |
+| ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
+| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
+| service | object | See values.yaml | Configures service settings for the chart. |
+
+## Changelog
+
+### Version 1.0.0
+
+#### Added
+
+* Initial version
+
+#### Changed
+
+N/A
+
+#### Fixed
+
+N/A
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/torrserver?modal=changelog)
+
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1)

charts/incubator/torrserver/README.md.gotmpl

@@ -0,0 +1,176 @@
+{{- define "custom.repository.organization" -}}
+k8s-at-home
+{{- end -}}
+
+{{- define "custom.repository.url" -}}
+https://github.com/k8s-at-home/charts
+{{- end -}}
+
+{{- define "custom.helm.url" -}}
+https://k8s-at-home.com/charts/
+{{- end -}}
+
+{{- define "custom.helm.path" -}}
+{{ template "custom.repository.organization" . }}/{{ template "chart.name" . }}
+{{- end -}}
+
+{{- define "custom.notes" -}}
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+{{- end -}}
+
+{{- define "custom.requirements" -}}
+## Requirements
+
+{{ template "chart.kubeVersionLine" . }}
+{{- end -}}
+
+{{- define "custom.dependencies" -}}
+## Dependencies
+
+{{ template "chart.requirementsTable" . }}
+{{- end -}}
+
+{{- define "custom.install.tldr" -}}
+## TL;DR
+
+```console
+helm repo add {{ template "custom.repository.organization" . }} {{ template "custom.helm.url" . }}
+helm repo update
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.install" -}}
+## Installing the Chart
+
+To install the chart with the release name `{{ template "chart.name" . }}`
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.uninstall" -}}
+## Uninstalling the Chart
+
+To uninstall the `{{ template "chart.name" . }}` deployment
+
+```console
+helm uninstall {{ template "chart.name" . }}
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+{{- end -}}
+
+{{- define "custom.configuration.header" -}}
+## Configuration
+{{- end -}}
+
+{{- define "custom.configuration.readValues" -}}
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+{{- end -}}
+
+{{- define "custom.configuration.example.set" -}}
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install {{ template "chart.name" . }} \
+  --set env.TZ="America/New York" \
+    {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.configuration.example.file" -}}
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }} -f values.yaml
+```
+{{- end -}}
+
+{{- define "custom.valuesSection" -}}
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+{{ template "chart.valuesTable" . }}
+{{- end -}}
+
+{{- define "custom.support" -}}
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+{{- end -}}
+
+{{- define "custom.changelog" -}}
+{{ $changeTypes := list "added" "changed" "fixed" }}
+## Changelog
+
+### Version {{ template "chart.version" . }}
+
+{{ range $changeType := $changeTypes }}
+  {{- with (index $.Annotations "artifacthub.io/changes") }}
+    {{- print "#### " ($changeType | title)  | nindent 0  }}
+    {{- print "" | nindent 0  }}
+    {{- $changesFound := false }}
+    {{- range (print "changes:\n" . | fromYaml).changes }}
+      {{- if eq .kind $changeType }}
+        {{- print "* " .description  | nindent 0 }}
+        {{- $changesFound = true }}
+      {{- end }}
+    {{- end }}
+    {{- if not $changesFound }}
+      {{- print "N/A" | nindent 0 }}
+    {{- end }}
+    {{- print "" | nindent 0  }}
+  {{- end }}
+{{- end }}
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/{{- template "chart.name" . }}?modal=changelog)
+
+{{- end -}}
+
+{{ template "chart.header" . }}
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "custom.notes" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "custom.requirements" . }}
+
+{{ template "custom.dependencies" . }}
+
+{{ template "custom.install.tldr" . }}
+
+{{ template "custom.install" . }}
+
+{{ template "custom.uninstall" . }}
+
+{{ template "custom.configuration.header" . }}
+
+{{ template "custom.configuration.readValues" . }}
+
+{{ template "custom.configuration.example.set" . }}
+
+{{ template "custom.configuration.example.file" . }}
+
+{{ template "custom.custom.configuration" . }}
+
+{{ template "custom.valuesSection" . }}
+
+{{ template "custom.changelog" . }}
+
+{{ template "custom.support" . }}
+
+{{ template "helm-docs.versionFooter" . }}
+{{ "" }}

charts/incubator/torrserver/README_CONFIG.md.gotmpl

@@ -0,0 +1,9 @@
+{{- define "custom.custom.configuration.header" -}}
+## Custom configuration
+{{- end -}}
+
+{{- define "custom.custom.configuration" -}}
+{{ template "custom.custom.configuration.header" . }}
+
+N/A
+{{- end -}}

charts/incubator/torrserver/templates/NOTES.txt

@@ -0,0 +1 @@
+{{- include "common.notes.defaultNotes" . -}}

charts/incubator/torrserver/templates/common.yaml

@@ -0,0 +1 @@
+{{ include "common.all" . }}

charts/incubator/torrserver/values.yaml

@@ -0,0 +1,48 @@
+#
+# IMPORTANT NOTE
+#
+# This chart inherits from our common library chart. You can check the default values/options here:
+# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
+#
+
+image:
+  # -- image repository
+  repository: smailkoz/torrserver
+  # -- image tag
+  # @default -- chart.appVersion
+  tag:
+  # -- image pull policy
+  pullPolicy: IfNotPresent
+
+# -- environment variables. See more environment variables in the [torrserver documentation](https://torrserver.org/docs).
+# @default -- See below
+env:
+  # -- Set the container timezone
+  TZ: UTC
+  # -- Set data dir
+  TS_CONF_PATH: /data
+  # -- Set torrent-tiles dir
+  TS_TORR_DIRL: /data/torrents
+
+# -- Set this to `true` to allow using DLNA
+hostNetwork: false
+# -- Configures service settings for the chart.
+# @default -- See values.yaml
+service:
+  main:
+    ports:
+      http:
+        port: 8090
+
+ingress:
+  # -- Enable and configure ingress settings for the chart under this key.
+  # @default -- See values.yaml
+  main:
+    enabled: false
+
+# -- Configure persistence settings for the chart under this key.
+# @default -- See values.yaml
+persistence:
+  data:
+    enabled: false
+    mountPath: /data

charts/stable/deconz/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: 2.12.01
+appVersion: 2.12.06
 description: deCONZ is an easy to use control software, with which you can set up and control Zigbee networks of any size without further programming effort.
 name: deconz
-version: 6.2.0
+version: 6.3.0
 kubeVersion: ">=1.16.0-0"
 keywords:
   - deconz
@@ -13,7 +13,7 @@ home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/deconz
 icon: https://avatars1.githubusercontent.com/u/4217524?s=400&v=4
 sources:
   - https://github.com/dresden-elektronik/deconz-rest-plugin
-  - https://github.com/marthoc/docker-deconz
+  - https://github.com/deconz-community/deconz-docker
 maintainers:
   - name: billimek
     email: jeff@billimek.com
@@ -24,4 +24,8 @@ dependencies:
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: Upgraded `common` chart dependency to version `4.3.0`.
+      description: Changed repository from `marthoc/deconz` to `deconzcommunity/deconz`.
+    - kind: changed
+      description: Bumped application version to `2.12.06` from https://phoscon.de/en/changelog/.
+    - kind: changed
+      description: Changed config mounthPath to `/opt/deCONZ` as required by new image.

charts/stable/deconz/README.md

@@ -1,6 +1,6 @@
 # deconz
 
-![Version: 6.2.0](https://img.shields.io/badge/Version-6.2.0-informational?style=flat-square) ![AppVersion: 2.12.01](https://img.shields.io/badge/AppVersion-2.12.01-informational?style=flat-square)
+![Version: 6.3.0](https://img.shields.io/badge/Version-6.3.0-informational?style=flat-square) ![AppVersion: 2.12.06](https://img.shields.io/badge/AppVersion-2.12.06-informational?style=flat-square)
 
 deCONZ is an easy to use control software, with which you can set up and control Zigbee networks of any size without further programming effort.
 
@@ -9,7 +9,7 @@ deCONZ is an easy to use control software, with which you can set up and control
 ## Source Code
 
 * <https://github.com/dresden-elektronik/deconz-rest-plugin>
-* <https://github.com/marthoc/docker-deconz>
+* <https://github.com/deconz-community/deconz-docker>
 
 ## Requirements
 
@@ -86,8 +86,8 @@ N/A
 | env.DECONZ_WS_PORT | int | `443` | Websocket listen port |
 | env.TZ | string | `"UTC"` | Set the container timezone |
 | image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
-| image.repository | string | `"marthoc/deconz"` | image repository |
-| image.tag | string | `"2.12.01"` | image tag |
+| image.repository | string | `"deconzcommunity/deconz"` | image repository |
+| image.tag | string | `"2.12.06"` | image tag |
 | ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
 | persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
 | persistence.usb | object | See values.yaml | Configure a hostPathMount to mount a USB device in the container. |
@@ -96,7 +96,7 @@ N/A
 
 ## Changelog
 
-### Version 6.2.0
+### Version 6.3.0
 
 #### Added
 
@@ -104,7 +104,9 @@ N/A
 
 #### Changed
 
-* Upgraded `common` chart dependency to version `4.3.0`.
+* Changed repository from `marthoc/deconz` to `deconzcommunity/deconz`.
+* Bumped application version to `2.12.06` from https://phoscon.de/en/changelog/.
+* Changed config mounthPath to `/opt/deCONZ` as required by new image.
 
 #### Fixed
 
@@ -120,6 +122,3 @@ A historical overview of changes can be found on [ArtifactHUB](https://artifacth
 - Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
 - Ask a [question](https://github.com/k8s-at-home/organization/discussions)
 - Join our [Discord](https://discord.gg/sTMX7Vh) community
-
-----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1)

charts/stable/deconz/values.yaml

@@ -7,9 +7,9 @@
 
 image:
   # -- image repository
-  repository: marthoc/deconz
+  repository: deconzcommunity/deconz
     # -- image tag
-  tag: 2.12.01
+  tag: 2.12.06
   # -- image pull policy
   pullPolicy: IfNotPresent
 
@@ -63,7 +63,7 @@ securityContext:
 persistence:
   config:
     enabled: false
-    mountPath: /root/.local/share/dresden-elektronik/deCONZ
+    mountPath: /opt/deCONZ
   # -- Configure a hostPathMount to mount a USB device in the container.
   # @default -- See values.yaml
   usb:

charts/stable/dnsmadeeasy-webhook/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: 1.2.0
 description: Cert-Manager Webhook for DNSMadeEasy
 name: dnsmadeeasy-webhook
-version: 4.4.0
+version: 4.4.1
 keywords:
   - cert-manager
   - dnsmadeeasy
@@ -21,9 +21,9 @@ dependencies:
     version: 4.3.0
   - name: cert-manager
     repository: https://charts.jetstack.io
-    version: v1.6.1
+    version: v1.6.2
     condition: cert-manager.enabled
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: Upgraded `common` chart dependency to version `4.3.0`.
+      description: Upgraded `cert-manager` chart dependency to version `v1.6.2`.

charts/stable/dnsmadeeasy-webhook/README.md

@@ -1,6 +1,6 @@
 # dnsmadeeasy-webhook
 
-![Version: 4.4.0](https://img.shields.io/badge/Version-4.4.0-informational?style=flat-square) ![AppVersion: 1.2.0](https://img.shields.io/badge/AppVersion-1.2.0-informational?style=flat-square)
+![Version: 4.4.1](https://img.shields.io/badge/Version-4.4.1-informational?style=flat-square) ![AppVersion: 1.2.0](https://img.shields.io/badge/AppVersion-1.2.0-informational?style=flat-square)
 
 Cert-Manager Webhook for DNSMadeEasy
 
@@ -17,7 +17,7 @@ Cert-Manager Webhook for DNSMadeEasy
 
 | Repository | Name | Version |
 |------------|------|---------|
-| https://charts.jetstack.io | cert-manager | v1.6.1 |
+| https://charts.jetstack.io | cert-manager | v1.6.2 |
 | https://library-charts.k8s-at-home.com | common | 4.3.0 |
 
 ## TL;DR
@@ -87,7 +87,7 @@ N/A
 
 ## Changelog
 
-### Version 4.4.0
+### Version 4.4.1
 
 #### Added
 
@@ -95,7 +95,7 @@ N/A
 
 #### Changed
 
-* Upgraded `common` chart dependency to version `4.3.0`.
+* Upgraded `cert-manager` chart dependency to version `v1.6.2`.
 
 #### Fixed
 

charts/stable/dokuwiki/.helmignore

@@ -0,0 +1,26 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl

charts/stable/dokuwiki/Chart.yaml

@@ -0,0 +1,25 @@
+apiVersion: v2
+appVersion: 20200729.0.0
+description: DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database.
+name: dokuwiki
+version: 1.0.0
+kubeVersion: ">=1.16.0-0"
+keywords:
+- dokuwiki
+- wiki
+home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/dokuwiki
+icon: https://www.dokuwiki.org/lib/tpl/dokuwiki/images/logo.png
+sources:
+- https://github.com/splitbrain/dokuwiki
+- https://github.com/linuxserver/docker-dokuwiki
+maintainers:
+- name: psych0d0g
+  email: psych0d0g@users.noreply.github.com
+dependencies:
+- name: common
+  repository: https://library-charts.k8s-at-home.com
+  version: 4.3.0
+annotations:
+  artifacthub.io/changes: |
+    - kind: added
+      description: Initial chart version

charts/stable/dokuwiki/README.md

@@ -0,0 +1,116 @@
+# dokuwiki
+
+![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![AppVersion: 20200729.0.0](https://img.shields.io/badge/AppVersion-20200729.0.0-informational?style=flat-square)
+
+DokuWiki is a simple to use and highly versatile Open Source wiki software that doesn't require a database.
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+
+## Source Code
+
+* <https://github.com/splitbrain/dokuwiki>
+* <https://github.com/linuxserver/docker-dokuwiki>
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://library-charts.k8s-at-home.com | common | 4.3.0 |
+
+## TL;DR
+
+```console
+helm repo add k8s-at-home https://k8s-at-home.com/charts/
+helm repo update
+helm install dokuwiki k8s-at-home/dokuwiki
+```
+
+## Installing the Chart
+
+To install the chart with the release name `dokuwiki`
+
+```console
+helm install dokuwiki k8s-at-home/dokuwiki
+```
+
+## Uninstalling the Chart
+
+To uninstall the `dokuwiki` deployment
+
+```console
+helm uninstall dokuwiki
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+
+## Configuration
+
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install dokuwiki \
+  --set env.TZ="America/New York" \
+    k8s-at-home/dokuwiki
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install dokuwiki k8s-at-home/dokuwiki -f values.yaml
+```
+
+## Custom configuration
+
+N/A
+
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| env | object | See below (only deviations from the default settings are specified) | environment variables. See [image docs](https://docs.kanboard.org/en/latest/admin_guide/docker.html#environment-variables) and [application docs](# https://docs.kanboard.org/en/latest/admin_guide/config_file.html) for more details. |
+| env.TZ | string | `"Europe/London"` | Application Timezone |
+| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| image.repository | string | `"linuxserver/dokuwiki"` | image repository |
+| image.tag | string | `"version-2020-07-29"` | image tag |
+| ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
+| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
+| service | object | See values.yaml | Configures service settings for the chart. |
+
+## Changelog
+
+### Version 1.0.0
+
+#### Added
+
+* Initial chart version
+
+#### Changed
+
+N/A
+
+#### Fixed
+
+N/A
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/dokuwiki?modal=changelog)
+
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1)

charts/stable/dokuwiki/README.md.gotmpl

@@ -0,0 +1,176 @@
+{{- define "custom.repository.organization" -}}
+k8s-at-home
+{{- end -}}
+
+{{- define "custom.repository.url" -}}
+https://github.com/k8s-at-home/charts
+{{- end -}}
+
+{{- define "custom.helm.url" -}}
+https://k8s-at-home.com/charts/
+{{- end -}}
+
+{{- define "custom.helm.path" -}}
+{{ template "custom.repository.organization" . }}/{{ template "chart.name" . }}
+{{- end -}}
+
+{{- define "custom.notes" -}}
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+{{- end -}}
+
+{{- define "custom.requirements" -}}
+## Requirements
+
+{{ template "chart.kubeVersionLine" . }}
+{{- end -}}
+
+{{- define "custom.dependencies" -}}
+## Dependencies
+
+{{ template "chart.requirementsTable" . }}
+{{- end -}}
+
+{{- define "custom.install.tldr" -}}
+## TL;DR
+
+```console
+helm repo add {{ template "custom.repository.organization" . }} {{ template "custom.helm.url" . }}
+helm repo update
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.install" -}}
+## Installing the Chart
+
+To install the chart with the release name `{{ template "chart.name" . }}`
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.uninstall" -}}
+## Uninstalling the Chart
+
+To uninstall the `{{ template "chart.name" . }}` deployment
+
+```console
+helm uninstall {{ template "chart.name" . }}
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+{{- end -}}
+
+{{- define "custom.configuration.header" -}}
+## Configuration
+{{- end -}}
+
+{{- define "custom.configuration.readValues" -}}
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+{{- end -}}
+
+{{- define "custom.configuration.example.set" -}}
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install {{ template "chart.name" . }} \
+  --set env.TZ="America/New York" \
+    {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.configuration.example.file" -}}
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }} -f values.yaml
+```
+{{- end -}}
+
+{{- define "custom.valuesSection" -}}
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+{{ template "chart.valuesTable" . }}
+{{- end -}}
+
+{{- define "custom.support" -}}
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+{{- end -}}
+
+{{- define "custom.changelog" -}}
+{{ $changeTypes := list "added" "changed" "fixed" }}
+## Changelog
+
+### Version {{ template "chart.version" . }}
+
+{{ range $changeType := $changeTypes }}
+  {{- with (index $.Annotations "artifacthub.io/changes") }}
+    {{- print "#### " ($changeType | title)  | nindent 0  }}
+    {{- print "" | nindent 0  }}
+    {{- $changesFound := false }}
+    {{- range (print "changes:\n" . | fromYaml).changes }}
+      {{- if eq .kind $changeType }}
+        {{- print "* " .description  | nindent 0 }}
+        {{- $changesFound = true }}
+      {{- end }}
+    {{- end }}
+    {{- if not $changesFound }}
+      {{- print "N/A" | nindent 0 }}
+    {{- end }}
+    {{- print "" | nindent 0  }}
+  {{- end }}
+{{- end }}
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/{{- template "chart.name" . }}?modal=changelog)
+
+{{- end -}}
+
+{{ template "chart.header" . }}
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "custom.notes" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "custom.requirements" . }}
+
+{{ template "custom.dependencies" . }}
+
+{{ template "custom.install.tldr" . }}
+
+{{ template "custom.install" . }}
+
+{{ template "custom.uninstall" . }}
+
+{{ template "custom.configuration.header" . }}
+
+{{ template "custom.configuration.readValues" . }}
+
+{{ template "custom.configuration.example.set" . }}
+
+{{ template "custom.configuration.example.file" . }}
+
+{{ template "custom.custom.configuration" . }}
+
+{{ template "custom.valuesSection" . }}
+
+{{ template "custom.changelog" . }}
+
+{{ template "custom.support" . }}
+
+{{ template "helm-docs.versionFooter" . }}
+{{ "" }}

charts/stable/dokuwiki/README_CONFIG.md.gotmpl

@@ -0,0 +1,9 @@
+{{- define "custom.custom.configuration.header" -}}
+## Custom configuration
+{{- end -}}
+
+{{- define "custom.custom.configuration" -}}
+{{ template "custom.custom.configuration.header" . }}
+
+N/A
+{{- end -}}

charts/stable/dokuwiki/templates/NOTES.txt

@@ -0,0 +1 @@
+{{- include "common.notes.defaultNotes" . -}}

charts/stable/dokuwiki/templates/common.yaml

@@ -0,0 +1 @@
+{{ include "common.all" . }}

charts/stable/dokuwiki/values.yaml

@@ -0,0 +1,42 @@
+# IMPORTANT NOTE
+#
+# This chart inherits from our common library chart. You can check the default values/options here:
+# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
+#
+
+image:
+  # -- image repository
+  repository: linuxserver/dokuwiki
+  # -- image tag
+  tag: version-2020-07-29
+  # -- image pull policy
+  pullPolicy: IfNotPresent
+
+# -- environment variables. See [image docs](https://docs.kanboard.org/en/latest/admin_guide/docker.html#environment-variables)
+# and [application docs](# https://docs.kanboard.org/en/latest/admin_guide/config_file.html) for more details.
+# @default -- See below (only deviations from the default settings are specified)
+env:
+  # Application Configuration
+  # -- Application Timezone
+  TZ: UTC
+
+# -- Configures service settings for the chart.
+# @default -- See values.yaml
+service:
+  main:
+    ports:
+      http:
+        port: 80
+
+ingress:
+  # -- Enable and configure ingress settings for the chart under this key.
+  # @default -- See values.yaml
+  main:
+    enabled: false
+
+# -- Configure persistence settings for the chart under this key.
+# @default -- See values.yaml
+persistence:
+  data:
+    enabled: false
+    mountPath: /config

charts/stable/error-pages/.helmignore

@@ -0,0 +1,26 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl

charts/stable/error-pages/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+appVersion: 2.6.0
+description: Server error pages in the docker image
+name: error-pages
+version: 1.0.0
+kubeVersion: ">=1.16.0-0"
+keywords:
+- traefik
+- error-pages
+home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/error-pages
+icon: https://hsto.org/webt/rm/9y/ww/rm9ywwx3gjv9agwkcmllhsuyo7k.png
+sources:
+- https://github.com/tarampampam/error-pages
+maintainers:
+- name: billimek
+  email: jeff@billimek.com
+dependencies:
+- name: common
+  repository: https://library-charts.k8s-at-home.com
+  version: 4.3.0
+annotations:
+  artifacthub.io/changes: |
+    - kind: added
+      description: Initial version

charts/stable/error-pages/README.md

@@ -0,0 +1,156 @@
+# error-pages
+
+![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![AppVersion: 2.6.0](https://img.shields.io/badge/AppVersion-2.6.0-informational?style=flat-square)
+
+Server error pages in the docker image
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+
+## Source Code
+
+* <https://github.com/tarampampam/error-pages>
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://library-charts.k8s-at-home.com | common | 4.3.0 |
+
+## TL;DR
+
+```console
+helm repo add k8s-at-home https://k8s-at-home.com/charts/
+helm repo update
+helm install error-pages k8s-at-home/error-pages
+```
+
+## Installing the Chart
+
+To install the chart with the release name `error-pages`
+
+```console
+helm install error-pages k8s-at-home/error-pages
+```
+
+## Uninstalling the Chart
+
+To uninstall the `error-pages` deployment
+
+```console
+helm uninstall error-pages
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+
+## Configuration
+
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install error-pages \
+  --set env.TZ="America/New York" \
+    k8s-at-home/error-pages
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install error-pages k8s-at-home/error-pages -f values.yaml
+```
+
+## Custom configuration
+
+For use with Traefik you will also need to create a `IngressRoute` and `Middleware`, see the examples below:
+
+```yaml
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: error-pages
+  namespace: networking
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - kind: Rule
+      match: HostRegexp(`{host:.+}`)
+      priority: 1
+      services:
+        - kind: Service
+          name: error-pages
+          port: 8080
+  tls:
+    secretName: error-pages-tls
+```
+
+```yaml
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: error-pages
+  namespace: networking
+spec:
+  errors:
+    status:
+      - "400-599"
+    query: /{status}.html
+    service:
+      name: error-pages
+      port: 8080
+```
+
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| env | object | See below | environment variables. See the [error-pages documentation](https://github.com/tarampampam/error-pages/wiki/HTTP-server) for more info. |
+| env.SHOW_DETAILS | string | `"false"` | Enable details on error pages |
+| env.TEMPLATE_NAME | string | `"l7-dark"` | Set the template |
+| env.TZ | string | `"UTC"` | Set the container timezone |
+| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| image.repository | string | `"ghcr.io/tarampampam/error-pages"` | image repository |
+| image.tag | string | `"2.6.0"` | image tag |
+| ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
+| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
+| service.main.ports.http.port | int | `8080` |  |
+
+## Changelog
+
+### Version 1.0.0
+
+#### Added
+
+* Initial version
+
+#### Changed
+
+N/A
+
+#### Fixed
+
+N/A
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/error-pages?modal=changelog)
+
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1)

charts/stable/error-pages/README.md.gotmpl

@@ -0,0 +1,176 @@
+{{- define "custom.repository.organization" -}}
+k8s-at-home
+{{- end -}}
+
+{{- define "custom.repository.url" -}}
+https://github.com/k8s-at-home/charts
+{{- end -}}
+
+{{- define "custom.helm.url" -}}
+https://k8s-at-home.com/charts/
+{{- end -}}
+
+{{- define "custom.helm.path" -}}
+{{ template "custom.repository.organization" . }}/{{ template "chart.name" . }}
+{{- end -}}
+
+{{- define "custom.notes" -}}
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+{{- end -}}
+
+{{- define "custom.requirements" -}}
+## Requirements
+
+{{ template "chart.kubeVersionLine" . }}
+{{- end -}}
+
+{{- define "custom.dependencies" -}}
+## Dependencies
+
+{{ template "chart.requirementsTable" . }}
+{{- end -}}
+
+{{- define "custom.install.tldr" -}}
+## TL;DR
+
+```console
+helm repo add {{ template "custom.repository.organization" . }} {{ template "custom.helm.url" . }}
+helm repo update
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.install" -}}
+## Installing the Chart
+
+To install the chart with the release name `{{ template "chart.name" . }}`
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.uninstall" -}}
+## Uninstalling the Chart
+
+To uninstall the `{{ template "chart.name" . }}` deployment
+
+```console
+helm uninstall {{ template "chart.name" . }}
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+{{- end -}}
+
+{{- define "custom.configuration.header" -}}
+## Configuration
+{{- end -}}
+
+{{- define "custom.configuration.readValues" -}}
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+{{- end -}}
+
+{{- define "custom.configuration.example.set" -}}
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install {{ template "chart.name" . }} \
+  --set env.TZ="America/New York" \
+    {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.configuration.example.file" -}}
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }} -f values.yaml
+```
+{{- end -}}
+
+{{- define "custom.valuesSection" -}}
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+{{ template "chart.valuesTable" . }}
+{{- end -}}
+
+{{- define "custom.support" -}}
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+{{- end -}}
+
+{{- define "custom.changelog" -}}
+{{ $changeTypes := list "added" "changed" "fixed" }}
+## Changelog
+
+### Version {{ template "chart.version" . }}
+
+{{ range $changeType := $changeTypes }}
+  {{- with (index $.Annotations "artifacthub.io/changes") }}
+    {{- print "#### " ($changeType | title)  | nindent 0  }}
+    {{- print "" | nindent 0  }}
+    {{- $changesFound := false }}
+    {{- range (print "changes:\n" . | fromYaml).changes }}
+      {{- if eq .kind $changeType }}
+        {{- print "* " .description  | nindent 0 }}
+        {{- $changesFound = true }}
+      {{- end }}
+    {{- end }}
+    {{- if not $changesFound }}
+      {{- print "N/A" | nindent 0 }}
+    {{- end }}
+    {{- print "" | nindent 0  }}
+  {{- end }}
+{{- end }}
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/{{- template "chart.name" . }}?modal=changelog)
+
+{{- end -}}
+
+{{ template "chart.header" . }}
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "custom.notes" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "custom.requirements" . }}
+
+{{ template "custom.dependencies" . }}
+
+{{ template "custom.install.tldr" . }}
+
+{{ template "custom.install" . }}
+
+{{ template "custom.uninstall" . }}
+
+{{ template "custom.configuration.header" . }}
+
+{{ template "custom.configuration.readValues" . }}
+
+{{ template "custom.configuration.example.set" . }}
+
+{{ template "custom.configuration.example.file" . }}
+
+{{ template "custom.custom.configuration" . }}
+
+{{ template "custom.valuesSection" . }}
+
+{{ template "custom.changelog" . }}
+
+{{ template "custom.support" . }}
+
+{{ template "helm-docs.versionFooter" . }}
+{{ "" }}

charts/stable/error-pages/README_CONFIG.md.gotmpl

@@ -0,0 +1,50 @@
+{{- define "custom.custom.configuration.header" -}}
+## Custom configuration
+{{- end -}}
+
+{{- define "custom.custom.configuration" -}}
+{{ template "custom.custom.configuration.header" . }}
+
+For use with Traefik you will also need to create a `IngressRoute` and `Middleware`, see the examples below:
+
+```yaml
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: error-pages
+  namespace: networking
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - kind: Rule
+      match: HostRegexp(`{host:.+}`)
+      priority: 1
+      services:
+        - kind: Service
+          name: error-pages
+          port: 8080
+  tls:
+    secretName: error-pages-tls
+```
+
+```yaml
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: error-pages
+  namespace: networking
+spec:
+  errors:
+    status:
+      - "400-599"
+    query: /{status}.html
+    service:
+      name: error-pages
+      port: 8080
+```
+
+
+{{- end -}}

charts/stable/error-pages/templates/NOTES.txt

@@ -0,0 +1 @@
+{{- include "common.notes.defaultNotes" . -}}

charts/stable/error-pages/templates/common.yaml

@@ -0,0 +1 @@
+{{ include "common.all" . }}

charts/stable/error-pages/values.yaml

@@ -0,0 +1,42 @@
+#
+# IMPORTANT NOTE
+#
+# This chart inherits from our common library chart. You can check the default values/options here:
+# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
+#
+
+image:
+  # -- image repository
+  repository: ghcr.io/tarampampam/error-pages
+  # -- image tag
+  tag: 2.6.0
+  # -- image pull policy
+  pullPolicy: IfNotPresent
+
+# -- environment variables. See the [error-pages documentation](https://github.com/tarampampam/error-pages/wiki/HTTP-server) for more info.
+# @default -- See below
+env:
+  # -- Set the container timezone
+  TZ: UTC
+  # -- Set the template
+  TEMPLATE_NAME: l7-dark
+  # -- Enable details on error pages
+  SHOW_DETAILS: "false"
+
+service:
+  main:
+    ports:
+      http:
+        port: 8080
+
+ingress:
+  # -- Enable and configure ingress settings for the chart under this key.
+  # @default -- See values.yaml
+  main:
+    enabled: false
+
+# -- Configure persistence settings for the chart under this key.
+# @default -- See values.yaml
+persistence:
+  config:
+    enabled: false

charts/stable/ghost/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: 4.27.2
 description: Ghost is a blogging and publishing software
 name: ghost
-version: 1.1.0
+version: 1.1.2
 kubeVersion: ">=1.19.0-0"
 keywords:
   - ghost
@@ -25,7 +25,5 @@ dependencies:
     condition: mariadb.enabled
 annotations:
   artifacthub.io/changes: |
-    - kind: changed
-      description: Upgraded `common` chart dependency to version `4.3.0`.
-    - kind: changed
-      description: Upgraded `mariadb` chart dependency to version `10.2.0`.
+    - kind: fixed
+      description: Fixed database host to match mariadb-svc

charts/stable/ghost/README.md

@@ -1,6 +1,6 @@
 # ghost
 
-![Version: 1.1.0](https://img.shields.io/badge/Version-1.1.0-informational?style=flat-square) ![AppVersion: 4.27.2](https://img.shields.io/badge/AppVersion-4.27.2-informational?style=flat-square)
+![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![AppVersion: 4.27.2](https://img.shields.io/badge/AppVersion-4.27.2-informational?style=flat-square)
 
 Ghost is a blogging and publishing software
 
@@ -80,7 +80,7 @@ N/A
 | env.NODE_ENV | string | `"production"` |  |
 | env.database__client | string | `"mysql"` |  |
 | env.database__connection__database | string | `"ghost"` |  |
-| env.database__connection__host | string | `"mariadb"` |  |
+| env.database__connection__host | string | `"ghost-mariadb"` |  |
 | env.database__connection__password | string | `"ghost"` |  |
 | env.database__connection__user | string | `"ghost"` |  |
 | env.url | string | `"http://some-ghost.example.com"` |  |
@@ -100,7 +100,7 @@ N/A
 
 ## Changelog
 
-### Version 1.1.0
+### Version 1.1.2
 
 #### Added
 
@@ -108,12 +108,11 @@ N/A
 
 #### Changed
 
-* Upgraded `common` chart dependency to version `4.3.0`.
-* Upgraded `mariadb` chart dependency to version `10.2.0`.
+N/A
 
 #### Fixed
 
-N/A
+* Fixed database host to match mariadb-svc
 
 ### Older versions
 

charts/stable/ghost/templates/common.yaml

@@ -3,11 +3,10 @@
 
 {{/* Append the hardcoded settings */}}
 {{- define "ghost.hardcodedValues" -}}
-
-persistence:
   {{- if not .Values.persistence.content.enabled }}
+persistence:
   content:
-    enabled: "true"
+    enabled: true
     type: "emptyDir"
   {{- end }}
 {{- end -}}

charts/stable/ghost/values.yaml

@@ -17,7 +17,7 @@ image:
 env:
   url: "http://some-ghost.example.com"
   database__client: mysql
-  database__connection__host: mariadb
+  database__connection__host: ghost-mariadb
   database__connection__user: ghost
   database__connection__password: ghost
   database__connection__database: ghost

charts/stable/grocy/Chart.yaml

@@ -1,8 +1,8 @@
 apiVersion: v2
-appVersion: v3.0.1
+appVersion: version-v3.1.3
 description: ERP beyond your fridge - grocy is a web-based self-hosted groceries & household management solution for your home
 name: grocy
-version: 8.2.0
+version: 8.3.0
 kubeVersion: ">=1.16.0-0"
 keywords:
   - grocy
@@ -20,4 +20,6 @@ dependencies:
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: Upgraded `common` chart dependency to version `4.3.0`.
+      description: Updated application version to v3.1.3.
+    - kind: added
+      description: Added `emptyDir` volume for the viewcache in order to prevent problems when upgrading the image that would require manual intervention.

charts/stable/grocy/README.md

@@ -1,6 +1,6 @@
 # grocy
 
-![Version: 8.2.0](https://img.shields.io/badge/Version-8.2.0-informational?style=flat-square) ![AppVersion: v3.0.1](https://img.shields.io/badge/AppVersion-v3.0.1-informational?style=flat-square)
+![Version: 8.3.0](https://img.shields.io/badge/Version-8.3.0-informational?style=flat-square) ![AppVersion: version-v3.1.3](https://img.shields.io/badge/AppVersion-version--v3.1.3-informational?style=flat-square)
 
 ERP beyond your fridge - grocy is a web-based self-hosted groceries & household management solution for your home
 
@@ -81,22 +81,23 @@ N/A
 | env.TZ | string | `"UTC"` | Set the container timezone |
 | image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
 | image.repository | string | `"linuxserver/grocy"` | image repository |
-| image.tag | string | `"version-v3.0.1"` | image tag |
+| image.tag | string | chart.appVersion | image tag |
 | ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
 | persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
+| persistence.viewcache | object | `{"enabled":true,"mountPath":"/config/data/viewcache","type":"emptyDir"}` |  there will cases of blank pages when upgrading the image that require manually clearing the directory |
 | service | object | See values.yaml | Configures service settings for the chart. |
 
 ## Changelog
 
-### Version 8.2.0
+### Version 8.3.0
 
 #### Added
 
-N/A
+* Added `emptyDir` volume for the viewcache in order to prevent problems when upgrading the image that would require manual intervention.
 
 #### Changed
 
-* Upgraded `common` chart dependency to version `4.3.0`.
+* Updated application version to v3.1.3.
 
 #### Fixed
 

charts/stable/grocy/values.yaml

@@ -9,7 +9,8 @@ image:
   # -- image repository
   repository: linuxserver/grocy
   # -- image tag
-  tag: version-v3.0.1
+  # @default -- chart.appVersion
+  tag:
   # -- image pull policy
   pullPolicy: IfNotPresent
 
@@ -42,3 +43,10 @@ ingress:
 persistence:
   config:
     enabled: false
+  # Let the viewcache only persist for the lifetime of the pod, otherwise
+  # there will cases of blank pages when upgrading the image that require
+  # manually clearing the directory
+  viewcache:
+    enabled: true
+    type: emptyDir
+    mountPath: /config/data/viewcache

charts/stable/lidarr/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: v1.0.0.2255
 description: Looks and smells like Sonarr but made for music
 name: lidarr
-version: 13.2.0
+version: 14.0.0
 kubeVersion: ">=1.16.0-0"
 keywords:
   - lidarr
@@ -23,4 +23,4 @@ dependencies:
 annotations:
   artifacthub.io/changes: |
     - kind: changed
-      description: Upgraded `common` chart dependency to version `4.3.0`.
+      description: Updated exportarr to v1.0.0

charts/stable/lidarr/README.md

@@ -1,6 +1,6 @@
 # lidarr
 
-![Version: 13.2.0](https://img.shields.io/badge/Version-13.2.0-informational?style=flat-square) ![AppVersion: v1.0.0.2255](https://img.shields.io/badge/AppVersion-v1.0.0.2255-informational?style=flat-square)
+![Version: 14.0.0](https://img.shields.io/badge/Version-14.0.0-informational?style=flat-square) ![AppVersion: v1.0.0.2255](https://img.shields.io/badge/AppVersion-v1.0.0.2255-informational?style=flat-square)
 
 Looks and smells like Sonarr but made for music
 
@@ -88,7 +88,7 @@ N/A
 | metrics.exporter.env.unknownQueueItems | bool | `false` | Set to true to enable gathering unknown queue items |
 | metrics.exporter.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
 | metrics.exporter.image.repository | string | `"ghcr.io/onedr0p/exportarr"` | image repository |
-| metrics.exporter.image.tag | string | `"v0.6.2"` | image tag |
+| metrics.exporter.image.tag | string | `"v1.0.0"` | image tag |
 | metrics.prometheusRule | object | See values.yaml | Enable and configure Prometheus Rules for the chart under this key. |
 | metrics.prometheusRule.rules | list | See prometheusrules.yaml | Configure additionial rules for the chart under this key. |
 | metrics.serviceMonitor.interval | string | `"3m"` |  |
@@ -100,7 +100,7 @@ N/A
 
 ## Changelog
 
-### Version 13.2.0
+### Version 14.0.0
 
 #### Added
 
@@ -108,7 +108,7 @@ N/A
 
 #### Changed
 
-* Upgraded `common` chart dependency to version `4.3.0`.
+* Updated exportarr to v1.0.0
 
 #### Fixed
 

charts/stable/lidarr/ci/ct-exportarr-values.yaml

@@ -7,9 +7,9 @@ persistence:
 additionalContainers:
   exportarr:
     name: exportarr
-    image: ghcr.io/onedr0p/exportarr:v0.6.1
+    image: ghcr.io/onedr0p/exportarr:v1.0.0
     imagePullPolicy: IfNotPresent
-    args: ["exportarr", "lidarr"]
+    args: ["lidarr"]
     env:
     - name: PORT
       value: "32123"

charts/stable/lidarr/templates/common.yaml

@@ -9,7 +9,7 @@ additionalContainers:
     name: exporter
     image: "{{ .Values.metrics.exporter.image.repository }}:{{ .Values.metrics.exporter.image.tag }}"
     imagePullPolicy: {{ .Values.metrics.exporter.image.pullPolicy }}
-    args: ["exportarr", "lidarr"]
+    args: ["lidarr"]
     env:
       - name: URL
         value: "http://localhost"

charts/stable/lidarr/values.yaml

@@ -97,7 +97,7 @@ metrics:
       # -- image repository
       repository: ghcr.io/onedr0p/exportarr
       # -- image tag
-      tag: v0.6.2
+      tag: v1.0.0
       # -- image pull policy
       pullPolicy: IfNotPresent
     env:

charts/stable/maddy/.helmignore

@@ -0,0 +1,26 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+# OWNERS file for Kubernetes
+OWNERS
+# helm-docs templates
+*.gotmpl

charts/stable/maddy/Chart.yaml

@@ -0,0 +1,31 @@
+apiVersion: v2
+appVersion: v0.5.2
+description: Maddy Mail Server
+name: maddy
+version: 2.0.0
+kubeVersion: ">=1.16.0-0"
+keywords:
+- maddy
+- mail
+home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/maddy
+# Project has no icon yet
+# icon: https://maddy.org/icon
+sources:
+- https://github.com/foxcpp/maddy
+maintainers:
+- name: angelnu
+  email: git@angelnu.com
+dependencies:
+- name: common
+  repository: https://library-charts.k8s-at-home.com
+  version: 4.3.0
+- name: postgresql
+  version: 10.14.4
+  repository: https://charts.bitnami.com/bitnami
+  condition: postgresql.enabled
+annotations:
+  artifacthub.io/changes: |
+    - kind: changed
+      description: **Breaking**: `alias` content moved from `maddy.alias` to `maddy.config_files.alias`
+    - kid: added
+      description: additional settings for imap and local_mailboxes under `extra_settings`.

charts/stable/maddy/README.md

@@ -0,0 +1,146 @@
+# maddy
+
+![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![AppVersion: v0.5.2](https://img.shields.io/badge/AppVersion-v0.5.2-informational?style=flat-square)
+
+Maddy Mail Server
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+
+## Source Code
+
+* <https://github.com/foxcpp/maddy>
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | postgresql | 10.14.4 |
+| https://library-charts.k8s-at-home.com | common | 4.3.0 |
+
+## TL;DR
+
+```console
+helm repo add k8s-at-home https://k8s-at-home.com/charts/
+helm repo update
+helm install maddy k8s-at-home/maddy
+```
+
+## Installing the Chart
+
+To install the chart with the release name `maddy`
+
+```console
+helm install maddy k8s-at-home/maddy
+```
+
+## Uninstalling the Chart
+
+To uninstall the `maddy` deployment
+
+```console
+helm uninstall maddy
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+
+## Configuration
+
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install maddy \
+  --set env.TZ="America/New York" \
+    k8s-at-home/maddy
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install maddy k8s-at-home/maddy -f values.yaml
+```
+
+## Custom configuration
+
+After you have deployed the Helm chart you need to update your DNS. See
+[Maddy initial setup instructions](https://maddy.email/tutorials/setting-up/)
+about how to do this.
+
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| image.repository | string | `"foxcpp/maddy"` | image repository |
+| image.tag | string | chart.appVersion | image tag |
+| maddy.auth.ldap | object | See [See Maddy auth](https://maddy.email/man/_generated_maddy-auth.5/#configuration-directives_5) | If type is ldap the following options are required |
+| maddy.auth.ldap."bind plain" | string | `"\"cn=maddy,ou=people,dc=maddy,dc=test\" \"123456\""` | Specify initial bind credentials. Not required ('bind off') if DN template is used. |
+| maddy.auth.ldap.base_dn | string | `"\"ou=people,dc=maddy,dc=test\""` | Specify base_dn to lookup DN. |
+| maddy.auth.ldap.connect_timeout | string | `"1m"` | Timeout for initial connection to the directory server. |
+| maddy.auth.ldap.debug | string | `"off"` | Enable verbose logging. You don't need that unless you are reporting a bug. |
+| maddy.auth.ldap.dn_template | string | `"\"cn={username},ou=people,dc=maddy,dc=test\""` | Specify DN template to skip lookup. |
+| maddy.auth.ldap.filter | string | `"\"(&(objectClass=posixAccount)(uid={username}))\""` | Specify filter to lookup DN. |
+| maddy.auth.ldap.starttls | string | `"off"` | Whether to upgrade connection to TLS using STARTTLS. |
+| maddy.auth.ldap.urls | string | `"ldap://maddy.test:389"` | URLs of the directory servers to use. First available server is used - no load-balancing is done. |
+| maddy.auth.type | string | `"sql"` | Where to store authorised users. Valid values are `sql` and `ldap` |
+| maddy.config_files.alias | string | `"## Replace 'cat' with any domain to 'dog'.\n## E.g. cat@example.net -> dog@example.net\n# cat: dog\n\n## Replace cat@example.org with cat@example.com.\n## Takes priority over the previous line.\n#cat@example.org: cat@example.com\n"` | Alias file used in smtp_rule See [alias examples](https://maddy.email/man/_generated_maddy-filters.5/). |
+| maddy.extra_settings.imap | object | `{}` | Additional settings for imap backend |
+| maddy.extra_settings.local_mailboxes | object | `{}` | Additional settings for local_mailboxes storage |
+| maddy.hostname | string | `"mx.example.com"` | Hostname the service will listen to (incoming SMTP and IMAP) |
+| maddy.primary_domain | string | `"example.com"` | Primary domain - will be included in SMTP protocol |
+| maddy.secondary_domains | string | `nil` | Space separated list of additional domains this server handles |
+| maddy.smtp_rules | object | See values.yaml | The main part of the configuration - rules for the smtp pipelines. You can define multiple blocks. Content comes from the chart when setting `file` (see files/smtp_rules folder) and/or the custom block |
+| maddy.sql.postgres_dsn | object | See [Go DSN](https://pkg.go.dev/github.com/lib/pq?utm_source=godoc#hdr-Connection_String_Parameters) | If type is postgres configure the Data Source Name (DSN) |
+| maddy.sql.postgres_dsn.dbname | string | DB name set in embedded postgres chart | The name of the DB |
+| maddy.sql.postgres_dsn.host | string | host of embedded postgres chart | The host to connect to |
+| maddy.sql.postgres_dsn.password | string | user set in embedded postgres chart | The DB user password |
+| maddy.sql.postgres_dsn.sslmode | string | `"disable"` | SSL model for the DB disable - No SSL require - Always SSL (skip verification) verify-ca - Always SSL (verify that the certificate presented by the             server was signed by a trusted CA) verify-full - Always SSL (verify that the certification presented by               the server was signed by a trusted CA and the server host name               matches the one in the certificate) |
+| maddy.sql.postgres_dsn.user | string | user set in embedded postgres chart | The DB user |
+| maddy.sql.type | string | `"sqlite3"` | DB type to use. Supported are `sqlite3` and `postgres` Database is used to store IMAP indexes and (when not using LDAP) authorized users |
+| maddy.tls_secret_name | string | `"myTLSSecret"` | name of K8S secret containing the cert and key to use by maddy. |
+| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
+| postgresql | object | see bellow | Bitnami postgres chart. For more options see https://github.com/bitnami/charts/tree/master/bitnami/postgresql |
+| postgresql.enabled | bool | `false` | Enable if you want to use the embedded postgresql chart (not neeeded if you use your own postgres DB). |
+| postgresql.persistence.enabled | bool | `false` | if database is stored to a PVC. Set to true when you are done testing. |
+| postgresql.postgresqlDatabase | string | `"postgres"` | Postgres database password |
+| postgresql.postgresqlPassword | string | `"changeme"` | Postgres database password |
+| postgresql.postgresqlUsername | string | `"postgres"` | Postgres database user name |
+| service | object | See values.yaml | Configures service settings for the chart. |
+
+## Changelog
+
+### Version 2.0.0
+
+#### Added
+
+N/A
+
+#### Changed
+
+N/A
+
+#### Fixed
+
+N/A
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/maddy?modal=changelog)
+
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1)

charts/stable/maddy/README.md.gotmpl

@@ -0,0 +1,176 @@
+{{- define "custom.repository.organization" -}}
+k8s-at-home
+{{- end -}}
+
+{{- define "custom.repository.url" -}}
+https://github.com/k8s-at-home/charts
+{{- end -}}
+
+{{- define "custom.helm.url" -}}
+https://k8s-at-home.com/charts/
+{{- end -}}
+
+{{- define "custom.helm.path" -}}
+{{ template "custom.repository.organization" . }}/{{ template "chart.name" . }}
+{{- end -}}
+
+{{- define "custom.notes" -}}
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/k8s-at-home/charts/issues/new/choose)**
+{{- end -}}
+
+{{- define "custom.requirements" -}}
+## Requirements
+
+{{ template "chart.kubeVersionLine" . }}
+{{- end -}}
+
+{{- define "custom.dependencies" -}}
+## Dependencies
+
+{{ template "chart.requirementsTable" . }}
+{{- end -}}
+
+{{- define "custom.install.tldr" -}}
+## TL;DR
+
+```console
+helm repo add {{ template "custom.repository.organization" . }} {{ template "custom.helm.url" . }}
+helm repo update
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.install" -}}
+## Installing the Chart
+
+To install the chart with the release name `{{ template "chart.name" . }}`
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.uninstall" -}}
+## Uninstalling the Chart
+
+To uninstall the `{{ template "chart.name" . }}` deployment
+
+```console
+helm uninstall {{ template "chart.name" . }}
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+{{- end -}}
+
+{{- define "custom.configuration.header" -}}
+## Configuration
+{{- end -}}
+
+{{- define "custom.configuration.readValues" -}}
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+{{- end -}}
+
+{{- define "custom.configuration.example.set" -}}
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install {{ template "chart.name" . }} \
+  --set env.TZ="America/New York" \
+    {{ template "custom.helm.path" . }}
+```
+{{- end -}}
+
+{{- define "custom.configuration.example.file" -}}
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install {{ template "chart.name" . }} {{ template "custom.helm.path" . }} -f values.yaml
+```
+{{- end -}}
+
+{{- define "custom.valuesSection" -}}
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+{{ template "chart.valuesTable" . }}
+{{- end -}}
+
+{{- define "custom.support" -}}
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/k8s-at-home/charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+{{- end -}}
+
+{{- define "custom.changelog" -}}
+{{ $changeTypes := list "added" "changed" "fixed" }}
+## Changelog
+
+### Version {{ template "chart.version" . }}
+
+{{ range $changeType := $changeTypes }}
+  {{- with (index $.Annotations "artifacthub.io/changes") }}
+    {{- print "#### " ($changeType | title)  | nindent 0  }}
+    {{- print "" | nindent 0  }}
+    {{- $changesFound := false }}
+    {{- range (print "changes:\n" . | fromYaml).changes }}
+      {{- if eq .kind $changeType }}
+        {{- print "* " .description  | nindent 0 }}
+        {{- $changesFound = true }}
+      {{- end }}
+    {{- end }}
+    {{- if not $changesFound }}
+      {{- print "N/A" | nindent 0 }}
+    {{- end }}
+    {{- print "" | nindent 0  }}
+  {{- end }}
+{{- end }}
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/k8s-at-home/{{- template "chart.name" . }}?modal=changelog)
+
+{{- end -}}
+
+{{ template "chart.header" . }}
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "custom.notes" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "custom.requirements" . }}
+
+{{ template "custom.dependencies" . }}
+
+{{ template "custom.install.tldr" . }}
+
+{{ template "custom.install" . }}
+
+{{ template "custom.uninstall" . }}
+
+{{ template "custom.configuration.header" . }}
+
+{{ template "custom.configuration.readValues" . }}
+
+{{ template "custom.configuration.example.set" . }}
+
+{{ template "custom.configuration.example.file" . }}
+
+{{ template "custom.custom.configuration" . }}
+
+{{ template "custom.valuesSection" . }}
+
+{{ template "custom.changelog" . }}
+
+{{ template "custom.support" . }}
+
+{{ template "helm-docs.versionFooter" . }}
+{{ "" }}

charts/stable/maddy/README_CONFIG.md.gotmpl

@@ -0,0 +1,11 @@
+{{- define "custom.custom.configuration.header" -}}
+## Custom configuration
+{{- end -}}
+
+{{- define "custom.custom.configuration" -}}
+{{ template "custom.custom.configuration.header" . }}
+
+After you have deployed the Helm chart you need to update your DNS. See
+[Maddy initial setup instructions](https://maddy.email/tutorials/setting-up/)
+about how to do this.
+{{- end -}}

charts/stable/maddy/ci/ct-values.yaml

@@ -0,0 +1,95 @@
+secret:
+  # These are dummy keys not used outside test
+  tls.crt: |
+    -----BEGIN CERTIFICATE-----
+    MIIFazCCA1OgAwIBAgIUZbgDUsWP0qXbhbXbEhnj5eJVeNAwDQYJKoZIhvcNAQEL
+    BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
+    GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMjAxMjMyMjU2MDdaFw0yMzAx
+    MjMyMjU2MDdaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
+    HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggIiMA0GCSqGSIb3DQEB
+    AQUAA4ICDwAwggIKAoICAQCjcRK1LMlRW5rCnTm1o85GR8JqXjvOpi1UoHwLnnhR
+    SdbbUIt+5iR6r2b9RQrv1AS8r/5rXaW6xp+pQfu7aTfOHygp0PKxkTCy1bF384Pm
+    RCsFopdvW/L0myg+irluldR/vzmw4FLDEoUyIc6FAWou8+wBkJOMCqG933Afef09
+    JamB8AwbtuhHVP0JI3jQihaZ7N9zng/kqcpUuesfu8RWr/WGgAjuLnlxU9DchwQm
+    QaTSzWvqamNLNVbCWfBNNZ5mj6FTwsH4RpaTzj+jgy1kc1/X0sjMgJV77y7IF/kA
+    qDGZ9Gn6VhfdGjAdRxQ1lazcwAn2/7/+2bfJxhyywYwZbH0fjMK54jL50kJSrk1k
+    tDIHfTUcNsntZ7NhBFjUHR58l66QV6t8R2hzAv+F6zgpU0UzynJbCaOp8Fqj2B2M
+    V9S/XgStFzbBL4rEt2qUBHC+28V3gvhSbq/F/mpgOAxGHn9itqPym5HFuUCoa/PB
+    ozv548oSQt+KCbhJlqJgYR1ShZfEloC9HZrdP2bC+aM0vaR3RGNJfA81tHk1cRLQ
+    gQNuFzzdiCPi3YPxWbH3mLVROrqj8Pbwvqxxt9E+XKClEPZ891A9KCJrzD0tQKbN
+    K1fe0ACABwMo6uRmpitvxcacaSvU1VzqC6daHdFMVK6368xrjgpWwar6JJ9XSzeN
+    mwIDAQABo1MwUTAdBgNVHQ4EFgQU4Fnp9UecLzcHUW2Ho7f4fP375+IwHwYDVR0j
+    BBgwFoAU4Fnp9UecLzcHUW2Ho7f4fP375+IwDwYDVR0TAQH/BAUwAwEB/zANBgkq
+    hkiG9w0BAQsFAAOCAgEAMaoKr3wbyhHYMZsAOWhETcEZ62nNFIb1rTkqjcBND7Gj
+    ruf2Qax5aNDkyf9Uy9Kpx96k7W3KMTgqNsmyq53Yt09SNzy3+aqG36WnpX+JKoP9
+    9Mt2U6OYQXqGDVuEVOc2+GnWwM6UNd4CELMFHtyNErCiapR2M/y/2L3koZZYkkvC
+    RsnEJ8wjOqgZtxMRWGXqZebhr+zfLXya+0INdXRYEMiJBPTGw0AQTRIcY8VDpmTZ
+    XsQDSwALay3/kYxdhZ7cjTUlBjOtpXzOSbPoCrdrAWZ0d7Yacyzxz2XclaJ7WJEX
+    uLPCHvA6EaSEz4wEp4YACTR739cCr9SmqkSb6RqTf1JoYVluImZMegtehEJ1Fwqs
+    ekW+xrp8tYj4mXLaCUboNknpuEsuQCHbxVaZsoEMQpUhCYQPTMjZ7EEQN3enYsyB
+    gXA7eoLVVO9qpZXovuIP0dKVTE3THsZyf20Vp86qYzSxXnsu1eR3WinewyKb0kl1
+    URR1pBgwTn7kNjyNmQxPmzETuW4UjhwEX16Qy3Hmvq0guuPnVTpfv711SkK7kamZ
+    9qUWDwMks4/JESwmvDjTo/RPvSQYdFiX4xSUYaMXQQQRwZjfZBUjfd/sKH7Szrsh
+    kaWj0jqst1nkKL/VKszKh0n0jxweqcHMjPqbEwsiODRioxp0vTLzv46+CPsNusg=
+    -----END CERTIFICATE-----
+  tls.key: |
+    -----BEGIN PRIVATE KEY-----
+    MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCjcRK1LMlRW5rC
+    nTm1o85GR8JqXjvOpi1UoHwLnnhRSdbbUIt+5iR6r2b9RQrv1AS8r/5rXaW6xp+p
+    Qfu7aTfOHygp0PKxkTCy1bF384PmRCsFopdvW/L0myg+irluldR/vzmw4FLDEoUy
+    Ic6FAWou8+wBkJOMCqG933Afef09JamB8AwbtuhHVP0JI3jQihaZ7N9zng/kqcpU
+    uesfu8RWr/WGgAjuLnlxU9DchwQmQaTSzWvqamNLNVbCWfBNNZ5mj6FTwsH4RpaT
+    zj+jgy1kc1/X0sjMgJV77y7IF/kAqDGZ9Gn6VhfdGjAdRxQ1lazcwAn2/7/+2bfJ
+    xhyywYwZbH0fjMK54jL50kJSrk1ktDIHfTUcNsntZ7NhBFjUHR58l66QV6t8R2hz
+    Av+F6zgpU0UzynJbCaOp8Fqj2B2MV9S/XgStFzbBL4rEt2qUBHC+28V3gvhSbq/F
+    /mpgOAxGHn9itqPym5HFuUCoa/PBozv548oSQt+KCbhJlqJgYR1ShZfEloC9HZrd
+    P2bC+aM0vaR3RGNJfA81tHk1cRLQgQNuFzzdiCPi3YPxWbH3mLVROrqj8Pbwvqxx
+    t9E+XKClEPZ891A9KCJrzD0tQKbNK1fe0ACABwMo6uRmpitvxcacaSvU1VzqC6da
+    HdFMVK6368xrjgpWwar6JJ9XSzeNmwIDAQABAoICAD+BF7u9gxtRdHhZjqq80tEL
+    4MZjhulsOADBunDpSeaLwifEy+6qjVH+BQ4zXWSCBLUrzLb61AIWWsLxGFZhM4Wr
+    JXfZ7/J+b2WNEj+BJqa5pd2ypxRlrajNAH4MeLA3FzHrowbOolmZQJeR+yRCwHct
+    321cN3gaSW30+yO/yl2P3KTYGFxMXUQaCZcbaT3d6Zo1Jz1NFO/L6Qmyk2DpHAhy
+    pft0lAO3mwglgOmurDYRG3Gsz1ltrNb0CpnJSE03oCxJcm2RJrzI8IjNgnyN4308
+    NuksxUhwTaSx8oNcjStsLpmbFfJmsS7/leJKU9feKCQ9maGXDYqAHaEQkOYDveMj
+    5Y6chEt+tp7+01WNrHzFU3FkClJ0RatRECXy7vrOUpC8f5SqnYW98JWe/KfRraiM
+    gXCkT3nbjHGc/6aniSOCS8H9CjrZCtDTVro9iI81fevQCA5rxKQPRoB2QQAcxPfW
+    YtUTcm/aSnovvUh2CU23Q8Ji7AlrHzQVH4fuuiAtvN+f0cpHRmwyP8jMV3rUAC9f
+    NJHoYBhJVbvnV7wVfbDjTVKme9gJXuXmTkPlzZIkbR/zANHfLBx8th4g4zPuseDw
+    T8uh4vY35Xq0giWAREC3UXt5mJxZjGNsp6svuHfBoi/VJbj1WeJOpZZmfjPvFAeP
+    b/vxchzAQbiofRBIH3rBAoIBAQDVC+5bYSJ0XgBIgh30sp6nbHXsL8rjCVnqAElL
+    WqhELP8Oo2AOh1wKSd78ewdimYpnTxJY3rcZUVElMYgfsXUoWnvQBVz/dYnV/jre
+    cXZNgrMW4tpSX+6u1pr3AryPqe/FzN8XhIgLkC6r/tl5E7mghpBOZhQXZPjKNgxh
+    K/ZfUVLHkSl54467u1Nqol3n4iB5md8ZCmbVRvuLQWAN/zgbLMvBTVXkzFGM3owz
+    7aAE9fk4Sa7u600Njut94Xb+sVFhY2JeP/dJ9lp9AhKoGKby94vMfmpr/L80W1WV
+    IEZcJ4CPOMLLdx1v5NJIk3iCWriE9uPU2Yt4dcGcPtdP0nN3AoIBAQDEZNyQA9Au
+    MVQLYErprfie01WnQwVB0NOasvEWKJRE5zSES5lhz26zcd11ub/G5UtBb4YpRXvG
+    b6ah+BdisFe76TXfv9tcJDQSIlGBcKnrPIelzSfO2GlXBpy0jNAoDTLsvLGQFnSm
+    GaxXvPDGdia6Y8Mcw/q4TPkd2pPtTHEqmmbiH5kCjGrbW9kr3fqhC5nxKWMJoMfa
+    1qbEZ/mbcC7ymqftZTW17nTfM6YXhD37LyyT2JQsc28qIda+d6cEHp8vXb2v/91d
+    NcXt3XdifZJHUEqJsz8A/9ksu38ETKKD0j7sohloNdPsBwD+7953H7vO1MW37F5d
+    FrrNfKRIclf9AoIBAB61zJMhilzp2/KXxwep49LQgKMeNInLpEll5yrUk6LYNZ//
+    ju4pNuxIv7r3ZRYied/wdv2WhSBCJ4dL/4pKA1Bg0q4mx8QPRmIxdnzwMBR2PaiT
+    5NKw/2/2gXoPy+yNm4GQyavTL+Uy0Hd8kg6w+DYaj5ytfEHvDSng5qHvO2F8EImx
+    9B+c3MtU8m5Rn2W4o+PDeXRbmn0t8T6emuEJpCXOrEReCH6lsS+0ONOXclSkvFsP
+    zAampoHI00te/88w8kEumVRqthPUTjDs5pGSlCY75swAgQi18z3x2IFZmKraCt8a
+    WIIJ1pV1j5Zko59uwmBwUmExRriDiPgj2tenx3sCggEBALuHoAC4U2o4Wgs+2GmI
+    YJWwMOK1IWj2MYhPg9vnxaSBrWkCEyUNgKRCfvgx9QjD2/dQuafhHE6gQFn63sGy
+    pyPcjT/pIFo8i6ghMvjJjsb7ln9ghbmCdhvOSYYxy3XjHJRnnZl7h8kvTJy+4p5v
+    JY3nQuDN1jNz9JBoLcZyrsDCjKkxCNchI8vwSVAU94Qd4tIf9dy0tQGm47k5m2Os
+    XHf165HIid/+IYUb+WYNNW4LXqKSNPK5CxYNF9PpxwYtA02kUkOjq0mc1jHKvnvC
+    chI8feA801Vt+H85ThDZ6Hi9Iq6sHlyewYxoJ7BHdYMEPz5Bd8anInf7A0bB1NEE
+    tjUCggEBAJvvZTVymzj8X0y16EiAs9sUZCxltgbVeJOaYw+b87GU01am5Idod9CU
+    GG0v5UdfGmFqap/OHQJE2ae6wNPyTLf2Jk7JTk8uARiVGRqhmQZgxCG9IWp8UDog
+    5QNr5ahRhAaEHR7IZu03MtmViwN3y/CGaLycmA5T9dDle/Cu7BStqI74VHafUjvz
+    eqLe3Veec4pvSbRbAtaCv1NsfAXOu/hWC6WsQxIWtqzypEFcVVH3EzWTTMeCgV62
+    vOUqPaiqwZUxfzKbPVg2aCYCDSau/a7O0g54/OjnmujuTgvU6M68E66+Rg2EPRh7
+    LlEj5P4CZ1a6mRjUphWK++ggYhqEtp4=
+    -----END PRIVATE KEY-----
+
+
+maddy:
+  tls_secret_name: '{{ include "common.names.fullname" . }}'
+
+service:
+  main:
+    type: ClusterIP   # LoadBalancer does not work in test env

charts/stable/maddy/files/maddy.conf

@@ -0,0 +1,130 @@
+## Maddy Mail Server - default configuration file (2021-08-16)
+# Suitable for small-scale deployments. Uses its own format for local users DB,
+# should be managed via maddyctl utility.
+#
+# See tutorials at https://maddy.email for guidance on typical
+# configuration changes.
+#
+# See manual pages (also available at https://maddy.email) for reference
+# documentation.
+
+# ----------------------------------------------------------------------------
+# Base variables
+
+$(hostname) = {{ .Values.maddy.hostname }}
+$(primary_domain) = {{ .Values.maddy.primary_domain }}
+$(local_domains) = $(primary_domain) {{ if .Values.maddy.secondary_domains }}{{ .Values.maddy.secondary_domains }}{{ end }}
+$(alias_file) = /config/aliases
+
+# ----------------------------------------------------------------------------
+# Persistency path
+
+state_dir {{ .Values.persistence.data.mountPath }}
+
+# ----------------------------------------------------------------------------
+# TLS server certs (IMAP and SMTP)
+
+tls file /certificates/tls.crt /certificates/tls.key
+
+# ----------------------------------------------------------------------------
+# Open Metrics
+
+{{ if .Values.service.openmetrics.ports.openmetrics.enabled -}}
+openmetrics tcp://127.0.0.1:{{ .Values.service.openmetrics.ports.openmetrics.port }} { }
+{{- else -}}
+# Not enabled in Helm
+{{- end }}
+
+
+# ----------------------------------------------------------------------------
+# Local storage & authentication
+
+# pass_table provides local hashed passwords storage for authentication of
+# users. It can be configured to use any "table" module, in default
+# configuration a table in SQLite DB is used.
+# Table can be replaced to use e.g. a file for passwords. Or pass_table module
+# can be replaced altogether to use some external source of credentials (e.g.
+# PAM, /etc/shadow file).
+#
+# If table module supports it (sql_table does) - credentials can be managed
+# using 'maddyctl creds' command.
+
+{{ if eq .Values.maddy.auth.type "sql" -}}
+auth.pass_table local_authdb {
+    table sql_table {
+    {{- if eq .Values.maddy.sql.type "sqlite3" }}
+        driver sqlite3
+        dsn credentials.db
+        table_name passwords
+    {{- else if eq .Values.maddy.sql.type "postgres" }}
+        driver postgres
+        dsn {{ $.Values.maddy.sql.postgres_dsn_line  }}
+        table_name passwords
+    {{- else }}
+        {{- fail (printf "Not a valid sql type (%s)" .Values.maddy.sql.type ) }}
+    {{- end }}
+    }
+}
+{{- else if eq .Values.maddy.auth.type "ldap" -}}
+auth.ldap local_authdb {
+    {{- range $option, $value := .Values.maddy.auth.ldap }}
+    {{ $option}} {{ $value }}
+    {{- end }}
+}
+{{- else -}}
+{{- fail (printf "Not a valid auth type (%s)" .Values.maddy.auth.type ) }}
+{{- end }}
+
+# imapsql module stores all indexes and metadata necessary for IMAP using a
+# relational database. It is used by IMAP endpoint for mailbox access and
+# also by SMTP & Submission endpoints for delivery of local messages.
+#
+# IMAP accounts, mailboxes and all message metadata can be inspected using
+# imap-* subcommands of maddyctl utility.
+
+storage.imapsql local_mailboxes {
+{{- if eq .Values.maddy.sql.type "sqlite3" }}
+    driver sqlite3
+    dsn imapsql.db
+{{- else if eq .Values.maddy.sql.type "postgres" }}
+    driver postgres
+    dsn {{ $.Values.maddy.sql.postgres_dsn_line }}
+{{- else }}
+    {{- fail (printf "Not a valid sql type (%s)" .Values.maddy.sql.type ) }}
+{{- end }}
+    # Other settings
+    {{- range $option, $value := .Values.maddy.extra_settings.local_mailboxes }}
+    {{ $option }} {{ tpl $value $ }}
+    {{- end }}
+}
+
+# ----------------------------------------------------------------------------
+# SMTP endpoints + message routing
+
+hostname $(hostname)
+
+{{ range $name, $rule := .Values.maddy.smtp_rules -}}
+{{- if $rule.enabled }}
+## Rule {{ $name }}
+{{- if $rule.file }}
+### from file "{{ $rule.file }}"
+{{ tpl ($.Files.Get (printf "files/smtp_rules/%s" $rule.file) ) $ }}
+{{- end }}
+{{- if $rule.custom }}
+### from custom block"
+{{ tpl $rule.custom $ }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+# ----------------------------------------------------------------------------
+# IMAP endpoints
+
+imap tls://0.0.0.0:{{ .Values.service.main.ports.imaps.port }} tcp://0.0.0.0:{{ .Values.service.main.ports.imap.port }} {
+    auth &local_authdb
+    storage &local_mailboxes
+    # Other settings
+    {{- range $option, $value := .Values.maddy.extra_settings.imap }}
+    {{ $option }} {{ tpl $value $ }}
+    {{- end }}
+}

charts/stable/maddy/files/smtp_rules/default.conf

@@ -0,0 +1,122 @@
+table.chain local_rewrites {
+    optional_step regexp "(.+)\+(.+)@(.+)" "$1@$3"
+    optional_step static {
+        entry postmaster postmaster@$(primary_domain)
+    }
+    optional_step file $(alias_file)
+}
+
+msgpipeline local_routing {
+    # Insert handling for special-purpose local domains here.
+    # e.g.
+    # destination lists.example.org {
+    #     deliver_to lmtp tcp://127.0.0.1:8024
+    # }
+
+    destination postmaster $(local_domains) {
+        modify {
+            replace_rcpt &local_rewrites
+        }
+
+        deliver_to &local_mailboxes
+    }
+
+    default_destination {
+        reject 550 5.1.1 "User doesn't exist"
+    }
+}
+
+smtp tcp://0.0.0.0:25 {
+    limits {
+        # Up to 20 msgs/sec across max. 10 SMTP connections.
+        all rate 20 1s
+        all concurrency 10
+    }
+
+    dmarc yes
+    check {
+        require_mx_record
+        dkim
+        spf
+    }
+
+    source $(local_domains) {
+        reject 501 5.1.8 "Use Submission for outgoing SMTP"
+    }
+    default_source {
+        destination postmaster $(local_domains) {
+            deliver_to &local_routing
+        }
+        default_destination {
+            reject 550 5.1.1 "User doesn't exist"
+        }
+    }
+}
+
+
+# Outgoing email
+
+submission tls://0.0.0.0:465 tcp://0.0.0.0:587 {
+    limits {
+        # Up to 50 msgs/sec across any amount of SMTP connections.
+        all rate 50 1s
+    }
+
+    auth &local_authdb
+
+    source $(local_domains) {
+        check {
+            authorize_sender {
+                prepare_email &local_rewrites
+                user_to_email identity
+            }
+        }
+
+        destination postmaster $(local_domains) {
+            deliver_to &local_routing
+        }
+        default_destination {
+            modify {
+                dkim $(primary_domain) $(local_domains) default
+            }
+            deliver_to &remote_queue
+        }
+    }
+    default_source {
+        reject 501 5.1.8 "Non-local sender domain"
+    }
+}
+
+target.remote outbound_delivery {
+    limits {
+        # Up to 20 msgs/sec across max. 10 SMTP connections
+        # for each recipient domain.
+        destination rate 20 1s
+        destination concurrency 10
+    }
+    mx_auth {
+        dane
+        mtasts {
+            cache fs
+            fs_dir mtasts_cache/
+        }
+        local_policy {
+            min_tls_level encrypted
+            min_mx_level none
+        }
+    }
+}
+
+target.queue remote_queue {
+    target &outbound_delivery
+
+    autogenerated_msg_domain $(primary_domain)
+    bounce {
+        destination postmaster $(local_domains) {
+            deliver_to &local_routing
+        }
+        default_destination {
+            reject 550 5.0.0 "Refusing to send DSNs to non-local addresses"
+        }
+    }
+}