From 86fe8a5deb1f8a425be289fc0988bb40d79ee7bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Joa=CC=83o=20Pacheco?= Date: Tue, 4 Apr 2023 22:47:57 +0100 Subject: [PATCH] Add helm chart --- charts/socks5-server/.helmignore | 23 ++++ charts/socks5-server/Chart.yaml | 18 +++ charts/socks5-server/templates/NOTES.txt | 7 ++ charts/socks5-server/templates/_helpers.tpl | 70 ++++++++++++ .../socks5-server/templates/deployment.yaml | 103 ++++++++++++++++++ charts/socks5-server/templates/service.yaml | 20 ++++ .../templates/serviceaccount.yaml | 16 +++ charts/socks5-server/values.yaml | 77 +++++++++++++ 8 files changed, 334 insertions(+) create mode 100644 charts/socks5-server/.helmignore create mode 100644 charts/socks5-server/Chart.yaml create mode 100644 charts/socks5-server/templates/NOTES.txt create mode 100644 charts/socks5-server/templates/_helpers.tpl create mode 100644 charts/socks5-server/templates/deployment.yaml create mode 100644 charts/socks5-server/templates/service.yaml create mode 100644 charts/socks5-server/templates/serviceaccount.yaml create mode 100644 charts/socks5-server/values.yaml diff --git a/charts/socks5-server/.helmignore b/charts/socks5-server/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/socks5-server/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/socks5-server/Chart.yaml b/charts/socks5-server/Chart.yaml new file mode 100644 index 0000000..7da7346 --- /dev/null +++ b/charts/socks5-server/Chart.yaml @@ -0,0 +1,18 @@ +apiVersion: v2 +name: socks5-server +description: Socks5-server is a simple socks5 server using go-socks5 with authentication, allowed ips list and destination FQDNs filtering. +type: application +version: 1.0.0 +appVersion: 0.0.3 +keywords: + - kubernetes + - socks5 + - socks5-server + - service + - proxy +home: https://github.com/serjs/socks5-server +sources: + - https://github.com/serjs/socks5-server +maintainers: + - name: joaoss35 + email: joaopachecos@hotmail.com diff --git a/charts/socks5-server/templates/NOTES.txt b/charts/socks5-server/templates/NOTES.txt new file mode 100644 index 0000000..ec2b140 --- /dev/null +++ b/charts/socks5-server/templates/NOTES.txt @@ -0,0 +1,7 @@ +*********************************************************************** +* Socks5-Server * +*********************************************************************** + Chart version: {{ .Chart.Version }} + App version: {{ .Chart.AppVersion }} + Image tag: {{ include "socks5.image" . }} +*********************************************************************** diff --git a/charts/socks5-server/templates/_helpers.tpl b/charts/socks5-server/templates/_helpers.tpl new file mode 100644 index 0000000..3dc062c --- /dev/null +++ b/charts/socks5-server/templates/_helpers.tpl @@ -0,0 +1,70 @@ +{{/* +The chart name +*/}} +{{- define "socks5-server.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +If release name contains chart name it will be used as a full name. +*/}} +{{- define "socks5-server.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Define the chart name and version, just like the chart label. +*/}} +{{- define "socks5-server.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Define some common labels +*/}} +{{- define "socks5-server.labels" -}} +helm.sh/chart: {{ include "socks5-server.chart" . }} +{{ include "socks5-server.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Values.commonLabels }} +{{ toYaml . }} +{{- end }} +{{- end }} + +{{/* +Define the selector labels +*/}} +{{- define "socks5-server.selectorLabels" -}} +app.kubernetes.io/name: {{ include "socks5-server.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Defime the service account anme +*/}} +{{- define "socks5-server.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "socks5-server.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Define the image +*/}} +{{- define "socks5.image" -}} +{{- printf "%s:%s" .Values.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.image.tag) }} +{{- end }} diff --git a/charts/socks5-server/templates/deployment.yaml b/charts/socks5-server/templates/deployment.yaml new file mode 100644 index 0000000..9b73a15 --- /dev/null +++ b/charts/socks5-server/templates/deployment.yaml @@ -0,0 +1,103 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "socks5-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "socks5-server.labels" . | nindent 4 }} + {{- with .Values.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: 1 + selector: + matchLabels: + {{- include "socks5-server.selectorLabels" . | nindent 6 }} + strategy: + {{- toYaml .Values.deploymentStrategy | nindent 4 }} + template: + metadata: + labels: + {{- include "socks5-server.selectorLabels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "socks5-server.serviceAccountName" . }} + {{- with .Values.shareProcessNamespace }} + shareProcessNamespace: {{ . }} + {{- end }} + {{- with .Values.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} + {{- with .Values.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ . }} + {{- end }} + {{- with .Values.dnsPolicy }} + dnsPolicy: {{ . }} + {{- end }} + containers: + - name: socks5-server + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + image: {{ include "socks5.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.env }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} + args: + {{- range .Values.extraArgs }} + - {{ tpl . $ }} + {{- end }} + ports: + - name: socks5 + protocol: TCP + containerPort: 1080 + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 12 }} + {{- if .Values.extraVolumeMounts }} + volumeMounts: + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- end }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.extraVolumes }} + volumes: + {{- with .Values.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/socks5-server/templates/service.yaml b/charts/socks5-server/templates/service.yaml new file mode 100644 index 0000000..53e0411 --- /dev/null +++ b/charts/socks5-server/templates/service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "socks5-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "socks5-server.labels" . | nindent 4 }} + {{- with .Values.service.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + selector: + {{- include "socks5-server.selectorLabels" . | nindent 4 }} + ports: + - name: socks5 + port: {{ .Values.service.port }} + targetPort: socks5 + protocol: TCP diff --git a/charts/socks5-server/templates/serviceaccount.yaml b/charts/socks5-server/templates/serviceaccount.yaml new file mode 100644 index 0000000..3aa0472 --- /dev/null +++ b/charts/socks5-server/templates/serviceaccount.yaml @@ -0,0 +1,16 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "socks5-server.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "socks5-server.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/socks5-server/values.yaml b/charts/socks5-server/values.yaml new file mode 100644 index 0000000..2e9e35d --- /dev/null +++ b/charts/socks5-server/values.yaml @@ -0,0 +1,77 @@ +# socks5-server values file YAML-formatted= + +image: + repository: "serjs/go-socks5-proxy" + # Define this override v{{ .Chart.AppVersion }}, which is the default + tag: "v0.0.3" + pullPolicy: IfNotPresent + +imagePullSecrets: [] + +nameOverride: "" +fullnameOverride: "" + +commonLabels: {} + +serviceAccount: + create: true + annotations: {} + labels: {} + # Defaults to the the fullname template if empty + name: "" + +deploymentAnnotations: {} + +podLabels: {} + +podAnnotations: {} + +shareProcessNamespace: false + +podSecurityContext: + fsGroup: 65534 + +securityContext: + runAsNonRoot: true + runAsUser: 65534 + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + +# Defaults to `ClusterFirst` +dnsPolicy: + +priorityClassName: "" + +terminationGracePeriodSeconds: + +env: + # - name: PROXY_USER + # value: "foo" + # - name: PROXY_PASSWORD + # value: "bar" + # - name: PROXY_PORT + # value: "1080" + +service: + port: 1080 + annotations: {} + +extraVolumes: [] + +extraVolumeMounts: [] + +resources: {} + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +topologySpreadConstraints: [] + +extraArgs: [] + +deploymentStrategy: + type: RollingUpdate