Compare commits
	
		
			8 Commits
		
	
	
		
			dd8f59c90b
			...
			55ca2b3af4
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 55ca2b3af4 | |||
| 79877d8eae | |||
| c01965b45f | |||
| a55853f4ab | |||
| 9eaaf4a8cc | |||
| e0e2e10fd1 | |||
| 0f14ad0329 | |||
| 99637a0932 | 
| @ -1,4 +1,4 @@ | ||||
| name: Packaging Chart | ||||
| name: Package & Sign Helm Chart | ||||
| 
 | ||||
| on: | ||||
|   release: | ||||
| @ -6,30 +6,75 @@ on: | ||||
| 
 | ||||
| jobs: | ||||
|   build: | ||||
|     runs-on: ubuntu-22.04 | ||||
|     runs-on: ubuntu-24.04 | ||||
|     env: | ||||
|       CHART_DIR:      bookstack/ | ||||
|       CHART_VERSION:  ${{ github.event.release.tag_name }} | ||||
|       GPG_KEY_ID:     ${{ secrets.GPG_KEY_ID }} | ||||
|       PASSPHRASE:     ${{ secrets.GPG_PASSPHRASE }} | ||||
| 
 | ||||
|     steps: | ||||
|       - name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - name: Setup latest Helm | ||||
|         uses: azure/setup-helm@v4.3.0 | ||||
| 
 | ||||
|       # 1) Code auschecken | ||||
|       - uses: actions/checkout@v4 | ||||
| 
 | ||||
|       # 2) Helm installieren | ||||
|       - uses: azure/setup-helm@v4.3.0 | ||||
|         with: | ||||
|           version: latest | ||||
|         id: install | ||||
| 
 | ||||
|       - name: Import GPG key | ||||
|         uses: crazy-max/ghaction-import-gpg@v6 | ||||
|         with: | ||||
|           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | ||||
|           passphrase: ${{ secrets.PASSPHRASE }} | ||||
|           passphrase: ${{ secrets.GPG_PASSPHRASE }} | ||||
|           trust_level: 5 | ||||
|       - name: Export GPG key in legacy format | ||||
| 
 | ||||
|       # 4) “Generation‑1”‑Secret‑Ring für Helm erzeugen (TMP, 600 Rechte) | ||||
|       - name: Build legacy secret-keyring | ||||
|         run: | | ||||
|           gpg --export-secret-keys --output /tmp/keyring.gpg ${{ secrets.GPG_KEY_ID }} | ||||
|       - name: Package Chart | ||||
|           install -m 700 -d /tmp/gpgring | ||||
|           gpg --batch --pinentry-mode loopback \ | ||||
|               --export-secret-keys "$GPG_KEY_ID" \ | ||||
|               --output /tmp/gpgring/secring.gpg | ||||
|           chmod 600 /tmp/gpgring/secring.gpg | ||||
|           echo "$PASSPHRASE" > /tmp/gpgring/passphrase.txt | ||||
|           chmod 600 /tmp/gpgring/passphrase.txt | ||||
| 
 | ||||
|       # 5) Chart bauen & signieren | ||||
|       - name: Package & sign chart | ||||
|         run: | | ||||
|           cp README.md ./charts/bookstack/. | ||||
|           helm dependency build ./charts/bookstack | ||||
|           helm package --version $CHART_VERSION --sign --keyring /tmp/keyring.gpg ./bookstack --dependency-update | ||||
|           curl -u $REPO_CREDENTIALS -F "chart=@bookstack-$CHART_VERSION.tgz" -F "prov=@bookstack-$CHART_VERSION.tgz.prov" https://charts.morlana.net/api/charts | ||||
|           cp README.md "$CHART_DIR"/ | ||||
|           helm dependency build "$CHART_DIR" | ||||
|           helm package "$CHART_DIR" \ | ||||
|                --version "$CHART_VERSION" \ | ||||
|                --sign \ | ||||
|                --key "$GPG_KEY_ID" \ | ||||
|                --keyring /tmp/gpgring/secring.gpg \ | ||||
|                --passphrase-file /tmp/gpgring/passphrase.txt | ||||
| 
 | ||||
|       # 6) In dein internes Chart‑Repo hochladen | ||||
|       - name: Upload to ChartMuseum | ||||
|         env: | ||||
|           REPO_CREDENTIALS: ${{ secrets.REPO_CREDENTIALS }} | ||||
|           CHART_VERSION: ${{ github.event.release.tag_name }} | ||||
|         run: | | ||||
|           curl -H "Authorization: Basic $REPO_CREDENTIALS" \ | ||||
|                -F "chart=@bookstack-$CHART_VERSION.tgz" \ | ||||
|                -F "prov=@bookstack-$CHART_VERSION.tgz.prov" \ | ||||
|                https://charts.morlana.net/api/charts | ||||
| 
 | ||||
|       # 7) Public‑Key aus Repo beilegen und als Release‑Asset anhängen | ||||
|       - name: Attach release assets | ||||
|         uses: softprops/action-gh-release@v2 | ||||
|         with: | ||||
|           tag_name: ${{ github.event.release.tag_name }} | ||||
|           files: | | ||||
|             bookstack-${{ env.CHART_VERSION }}.tgz | ||||
|             bookstack-${{ env.CHART_VERSION }}.tgz.prov | ||||
|             pubkeys/morlana.asc | ||||
| 
 | ||||
|       # 8) Aufräumen (optional, Runner ist ohnehin kurzlebig) | ||||
|       - name: Cleanup sensitive files | ||||
|         if: ${{ always() }} | ||||
|         run: rm -rf /tmp/gpgring | ||||
|  | ||||
							
								
								
									
										143
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										143
									
								
								README.md
									
									
									
									
									
								
							| @ -1,3 +1,142 @@ | ||||
| # bookstack-chart | ||||
| # BookStack Helm Chart | ||||
| 
 | ||||
| This is an unofficial Helm Chart for bookstackapp.com | ||||
| Deploys the BookStack wiki platform on Kubernetes with optional MariaDB and Redis sub‑charts. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Versioning | ||||
| 
 | ||||
| The chart uses **dual semantic versioning**: | ||||
| 
 | ||||
| ``` | ||||
| <chart semver>+<upstream BookStack semver> | ||||
| # example: 1.2.3+25.2.3 | ||||
| ``` | ||||
| 
 | ||||
| This allows Helm to track compatibility changes independently from upstream BookStack releases. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Prerequisites | ||||
| 
 | ||||
| * Helm 3 | ||||
| * Kubernetes 1.24+ | ||||
| * (Optional) External MariaDB 10.5+ and/or Redis 6+ instances if you disable the bundled sub‑charts | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Quick start | ||||
| 
 | ||||
| ```bash | ||||
| helm repo add morlana https://charts.morlana.net | ||||
| helm repo update | ||||
| 
 | ||||
| helm install bookstack morlana/bookstack \ | ||||
|   --namespace bookstack --create-namespace | ||||
| ``` | ||||
| 
 | ||||
| The first run generates a **Laravel APP\_KEY** secret. The deployment automatically restarts once the key is present. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Upgrading | ||||
| 
 | ||||
| ```bash | ||||
| helm upgrade bookstack morlana/bookstack -n bookstack --reuse-values | ||||
| ``` | ||||
| 
 | ||||
| Helm recognises new chart versions that follow the `x.y.z+<bookstack>` scheme. Check the upstream project’s release notes as well as the chart’s `CHANGELOG.md` before upgrading across major versions. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Uninstalling | ||||
| 
 | ||||
| ```bash | ||||
| helm uninstall bookstack -n bookstack | ||||
| ``` | ||||
| 
 | ||||
| PersistentVolumeClaims and One-Time generated secrets are **not** removed automatically. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Configuration (excerpt) | ||||
| 
 | ||||
| | Key                             | Description                                         | Default               | | ||||
| | ------------------------------- | --------------------------------------------------- | --------------------- | | ||||
| | `bookstack.image.repository`    | Container image repository                          | `solidnerd`           | | ||||
| | `bookstack.image.name`          | Image name                                          | `bookstack`           | | ||||
| | `bookstack.image.tag`           | Image tag (defaults to upstream version when empty) | `""`                  | | ||||
| | `bookstack.replicaCount`        | Number of pods                                      | `1`                   | | ||||
| | `bookstack.config.app.url`      | Public URL users will access                        | `https://example.com` | | ||||
| | `bookstack.config.app.key`      | Laravel APP\_KEY (auto‑generated if empty)          | `""`                  | | ||||
| | `bookstack.mail.host`           | SMTP host (set to enable e‑mail)                    | `""`                  | | ||||
| | `bookstack.mail.port`           | SMTP port                                           | `1025`                | | ||||
| | `bookstack.persistence.enabled` | Persist uploads and storage                         | `true`                | | ||||
| | `bookstack.persistence.size`    | PVC size                                            | `10Gi`                | | ||||
| | `service.type`                  | Kubernetes Service type                             | `ClusterIP`           | | ||||
| | `ingress.enabled`               | Create an Ingress                                   | `false`               | | ||||
| | `db.enabled`                    | Deploy bundled MariaDB                              | `true`                | | ||||
| | `redis.enabled`                 | Deploy bundled Redis                                | `true`                | | ||||
| 
 | ||||
| Override values with `--set key=value` or put them in `my-values.yaml` and pass `-f`. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Persistence | ||||
| 
 | ||||
| A single ReadWriteMany PVC is created by default so all replicas share the same data. Customise size, StorageClass or accessMode via `bookstack.persistence.*`. | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Ingress example | ||||
| 
 | ||||
| ```yaml | ||||
| ingress: | ||||
|   enabled: true | ||||
|   class: nginx | ||||
|   hostname: wiki.example.com | ||||
|   tls: | ||||
|     - hosts: [wiki.example.com] | ||||
|       secretName: wiki-tls | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Using external services | ||||
| 
 | ||||
| Disable the sub‑charts and point BookStack at existing database/redis servers: | ||||
| 
 | ||||
| ```yaml | ||||
| db: | ||||
|   enabled: false | ||||
| 
 | ||||
| bookstack: | ||||
|   externalDatabase: | ||||
|     host: mariadb.example.com | ||||
|     database: bookstack | ||||
|     username: bookstack | ||||
|     password: supersecret | ||||
| 
 | ||||
| redis: | ||||
|   enabled: false | ||||
| 
 | ||||
| bookstack: | ||||
|   externalRedis: | ||||
|     servers: redis://:password@redis.example.com:6379/0 | ||||
| ``` | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Backup & restore | ||||
| 
 | ||||
| * **Database**: use `mysqldump` / `mysql` against the MariaDB service (or your external DB). | ||||
| * **Application data**: back up the BookStack PVC with your preferred tool (Velero, restic, etc.). | ||||
| 
 | ||||
| --- | ||||
| 
 | ||||
| ## Contributing | ||||
| 
 | ||||
| Bug reports and pull requests are welcome in the [chart repository](https://git.morlana.online/f.weber/bookstack-chart). | ||||
| For issues specific to BookStack itself, please use the [upstream project’s tracker](https://github.com/BookStackApp/BookStack/issues). | ||||
| 
 | ||||
| Happy documenting! 📚 | ||||
|  | ||||
| @ -84,6 +84,12 @@ spec: | ||||
|             - secretRef: | ||||
|                 name: {{ include "bookstack.secret" . }} | ||||
|             {{- end }} | ||||
|             {{- range $key, $conf := .Values.bookstack.auth }} | ||||
|             {{- if and (ne $key "method") (ne $key "auto.initiate") ($conf.enabled) $conf.existingSecret }} | ||||
|             - secretRef: | ||||
|                 name: {{ $conf.existingSecret }} | ||||
|             {{- end }} | ||||
|             {{- end }} | ||||
|           ports: | ||||
|             - containerPort: 8080 | ||||
|               name: bookstack-http | ||||
|  | ||||
| @ -1,4 +1,4 @@ | ||||
| {{- if or (not .Values.db.enabled) (not (.Values.bookstack.auth | default dict | len | eq 0)) }} | ||||
| {{- if or (not .Values.db.enabled) (not (.Values.bookstack.auth | default dict | len | eq 0)) .Values.bookstack.config.additionalSecrets .Values.bookstack.mail.username .Values.bookstack.config.additionalSecrets .Values.bookstack.mail.password }} | ||||
| apiVersion: v1 | ||||
| kind: Secret | ||||
| type: Opaque | ||||
| @ -32,7 +32,7 @@ data: | ||||
|         $conf.clientSecret | b64enc | quote }} | ||||
|     {{- end }} | ||||
|   {{- end }} | ||||
|   {{- if .Values.bookstack.auth.ldap.enabled }} | ||||
|   {{- if and .Values.bookstack.auth.ldap.enabled (not .Values.bookstack.auth.ldap.existingSecret) }} | ||||
|   LDAP_SERVER: {{ required  | ||||
|         "You have to define a bookstack.auth.ldap.server"  | ||||
|         .Values.bookstack.auth.ldap.server | b64enc | quote }} | ||||
| @ -40,7 +40,16 @@ data: | ||||
|         "You have to define a bookstack.auth.ldap.dn" | ||||
|         .Values.bookstack.auth.ldap.dn | b64enc | quote }} | ||||
|   LDAP_PASS: {{ required | ||||
|         "You have to define a bookstack.auth.ldap.passw" | ||||
|         "You have to define a bookstack.auth.ldap.pass" | ||||
|         .Values.bookstack.auth.ldap.pass | b64enc | quote }} | ||||
|   {{- end }} | ||||
|   {{- if .Values.bookstack.mail.username }} | ||||
|   MAIL_USERNAME: {{ .Values.bookstack.mail.username | b64enc | quote }} | ||||
|   {{- end }} | ||||
|   {{- if .Values.bookstack.mail.password }} | ||||
|   MAIL_PASSWORD: {{ .Values.bookstack.mail.password | b64enc | quote }} | ||||
|   {{- end }} | ||||
|   {{- range $key, $value := .Values.bookstack.config.additionalSecrets }} | ||||
|   {{ $key | snakecase | upper }}: {{ $value | b64enc | quote }} | ||||
|   {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
							
								
								
									
										569
									
								
								bookstack/values.schema.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										569
									
								
								bookstack/values.schema.json
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,569 @@ | ||||
| { | ||||
|   "$schema": "https://json-schema.org/draft-07/schema#", | ||||
|   "type": "object", | ||||
|   "properties": { | ||||
|     "global": { | ||||
|       "type": "object", | ||||
|       "description": "Global settings for all applications.", | ||||
|       "additionalProperties": false, | ||||
|       "properties": { | ||||
|         "imageRegistry": { | ||||
|           "type": "string", | ||||
|           "description": "The image registry to use for all applications. This is used to pull the images from the registry.", | ||||
|           "default": "" | ||||
|         }, | ||||
|         "imagePullSecrets": { | ||||
|           "type": "array", | ||||
|           "description": "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod", | ||||
|           "items": { | ||||
|             "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.31.6/_definitions.json#/definitions/io.k8s.api.core.v1.LocalObjectReference" | ||||
|           }, | ||||
|           "x-kubernetes-patch-merge-key": "name", | ||||
|           "x-kubernetes-patch-strategy": "merge", | ||||
|           "default": [] | ||||
|         }, | ||||
|         "defaultStorageClass": { | ||||
|           "type": "string", | ||||
|           "description": "The default storage class to use for all applications. This is used to create persistent volumes for the applications.", | ||||
|           "default": "" | ||||
|         }, | ||||
|         "clusterDomain": { | ||||
|           "type": "string", | ||||
|           "description": "The domain name of the cluster. This is used to resolve services within the cluster.", | ||||
|           "default": "cluster.local" | ||||
|         } | ||||
|       } | ||||
|     }, | ||||
|     "bookstack": { | ||||
|       "type": "object", | ||||
|       "description": "", | ||||
|       "additionalProperties": false, | ||||
|       "properties": { | ||||
|         "image": { | ||||
|           "type": "object", | ||||
|           "description": "", | ||||
|           "additionalProperties": false, | ||||
|           "properties": { | ||||
|             "registry": { | ||||
|               "type": "string", | ||||
|               "description": "The image registry to use for all applications. This is used to pull the images from the registry.", | ||||
|               "default": "" | ||||
|             }, | ||||
|             "repository": { | ||||
|               "type": "string", | ||||
|               "description": "The repository of the image.", | ||||
|               "default": "solidnerd" | ||||
|             }, | ||||
|             "name": { | ||||
|               "type": "string", | ||||
|               "description": "The name of the image.", | ||||
|               "default": "bookstack" | ||||
|             }, | ||||
|             "tag": { | ||||
|               "type": "string", | ||||
|               "description": "Tag of the application you want to deploy. Could be a version number, commit sha or bad practice like \"latest\", \"dev\", \"qs\", \"prd\"", | ||||
|               "default": "" | ||||
|             }, | ||||
|             "imagePullSecrets": { | ||||
|               "type": "array", | ||||
|               "description": "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod", | ||||
|               "items": { | ||||
|                 "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.31.6/_definitions.json#/definitions/io.k8s.api.core.v1.LocalObjectReference" | ||||
|               }, | ||||
|               "x-kubernetes-patch-merge-key": "name", | ||||
|               "x-kubernetes-patch-strategy": "merge", | ||||
|               "default": [] | ||||
|             }, | ||||
|             "pullPolicy": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "Always" | ||||
|             } | ||||
|           } | ||||
|         }, | ||||
|         "replicaCount": { | ||||
|           "type": "integer", | ||||
|           "description": "The number of replicas to run.", | ||||
|           "default": 1 | ||||
|         }, | ||||
|         "updateStrategy": { | ||||
|           "description": "The update strategy to use for the deployment.", | ||||
|           "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.31.6/_definitions.json#/definitions/io.k8s.api.apps.v1.DeploymentStrategy" | ||||
|         }, | ||||
|         "externalDatabase": { | ||||
|           "type": "object", | ||||
|           "description": "If you want to use an external database, set this to true and provide the connection details.", | ||||
|           "additionalProperties": false, | ||||
|           "properties": { | ||||
|             "host": { | ||||
|               "type": "string", | ||||
|               "description": "The host (including port) of the external database." | ||||
|             }, | ||||
|             "database": { | ||||
|               "type": "string", | ||||
|               "description": "The name of the database." | ||||
|             }, | ||||
|             "username": { | ||||
|               "type": "string", | ||||
|               "description": "The username for the external database." | ||||
|             }, | ||||
|             "password": { | ||||
|               "type": "string", | ||||
|               "description": "The password for the external database." | ||||
|             } | ||||
|           }, | ||||
|           "required": [ | ||||
|             "host", | ||||
|             "database", | ||||
|             "username", | ||||
|             "password" | ||||
|           ] | ||||
|         }, | ||||
|         "externalRedis": { | ||||
|           "type": "object", | ||||
|           "description": "If you want to use an external redis, set this to true and provide the connection details.", | ||||
|           "additionalProperties": false, | ||||
|           "properties": { | ||||
|             "servers": { | ||||
|               "type": "string", | ||||
|               "description": "One or more redis servers. See bookstack documentation for more details." | ||||
|             } | ||||
|           }, | ||||
|           "required": [ | ||||
|             "servers" | ||||
|           ] | ||||
|         }, | ||||
|         "config": { | ||||
|           "type": "object", | ||||
|           "description": "Bookstack application configuration section.", | ||||
|           "properties": { | ||||
|             "app": { | ||||
|               "type": "object", | ||||
|               "additionalProperties": true, | ||||
|               "description": "These settings will be provided as environment variables to bookstack. All of them will be automatically prefixed with \"APP_\" and the upper-case version of the provided key. e.g. \"url\" will be \"APP_URL\". If you have variables like \"APP_DEFAULT_DARK_MODE\" replace underscores with \".\" e.g. \"default.dark.mode\".", | ||||
|               "properties": { | ||||
|                 "key": { | ||||
|                   "type": [ | ||||
|                     "string", | ||||
|                     "null" | ||||
|                   ], | ||||
|                   "description": "If not provided a random key will be generated on the first deployment", | ||||
|                   "default": null | ||||
|                 }, | ||||
|                 "url": { | ||||
|                   "type": "string", | ||||
|                   "description": "" | ||||
|                 } | ||||
|               }, | ||||
|               "required": [ | ||||
|                 "url" | ||||
|               ] | ||||
|             }, | ||||
|             "additional": { | ||||
|               "type": "object", | ||||
|               "additionalProperties": true, | ||||
|               "description": "Here you can define environment variables by yourself which don't have a specific prefix e.g. \"STORAGE_TYPE\". Set it like key-value yaml pairs. For example: \"STORAGE_TYPE\": \"local\". Don't replace \"_\" with \".\"!" | ||||
|             }, | ||||
|             "additionalSecrets": { | ||||
|               "type": "object", | ||||
|               "additionalProperties": true, | ||||
|               "description": "It's like \"additional\" section but the values will be stored in a Kubernetes secret. Base64 encoding will be done by the chart, so you have to input the clear values." | ||||
|             } | ||||
|           }, | ||||
|           "required": [ | ||||
|             "app" | ||||
|           ] | ||||
|         }, | ||||
|         "mail": { | ||||
|           "type": "object", | ||||
|           "description": "Bookstack mail settings. If your needed values are not listed here, you can also set them if the values are prefixed with \"MAIL_\". If you need \"MAIL_VERIFY_SSL\" write it as \"verify.ssl\".", | ||||
|           "additionalProperties": true, | ||||
|           "properties": { | ||||
|             "driver": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "smtp", | ||||
|               "enum": [ | ||||
|                 "smtp", | ||||
|                 "sendmail" | ||||
|               ] | ||||
|             }, | ||||
|             "host": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "" | ||||
|             }, | ||||
|             "from": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "bookstack@cluster.local" | ||||
|             }, | ||||
|             "from.name": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "BookStack" | ||||
|             }, | ||||
|             "username": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "changeme" | ||||
|             }, | ||||
|             "password": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "changeme" | ||||
|             }, | ||||
|             "port": { | ||||
|               "type": "integer", | ||||
|               "description": "", | ||||
|               "default": 1025 | ||||
|             }, | ||||
|             "encryption": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "null", | ||||
|               "enum": [ | ||||
|                 "tls", | ||||
|                 "null" | ||||
|               ] | ||||
|             }, | ||||
|             "verify.ssl": { | ||||
|               "type": "boolean", | ||||
|               "description": "", | ||||
|               "default": true | ||||
|             }, | ||||
|             "sendmail.command": { | ||||
|               "type": "string" | ||||
|             } | ||||
|           }, | ||||
|           "required": [ | ||||
|             "driver" | ||||
|           ] | ||||
|         }, | ||||
|         "auth": { | ||||
|           "type": "object", | ||||
|           "description": "", | ||||
|           "additionalProperties": false, | ||||
|           "properties": { | ||||
|             "method": { | ||||
|               "type": "string", | ||||
|               "description": "See for more information: https://github.com/BookStackApp/BookStack/blob/development/.env.example.complete#L149" | ||||
|             }, | ||||
|             "auto.initiate": { | ||||
|               "type": "boolean", | ||||
|               "default": false, | ||||
|               "description": "See for more information: https://github.com/BookStackApp/BookStack/blob/development/.env.example.complete#L153" | ||||
|             }, | ||||
|             "oidc": { | ||||
|               "type": "object", | ||||
|               "description": "Here you can define BookStack OIDC settings. To set additional values not listed here define them in lowercase and replace \"_\" with \".\" in variable names. E.g. \"OIDC_ISSUER_DISCOVER\" as \"issuer.discover\"", | ||||
|               "required": ["enabled"], | ||||
|               "additionalProperties": true, | ||||
|               "properties": { | ||||
|                 "name": { | ||||
|                   "type": "string", | ||||
|                   "description": "", | ||||
|                   "default": "Open ID Connect" | ||||
|                 }, | ||||
|                 "clientId": { | ||||
|                   "type": "string", | ||||
|                   "description": "", | ||||
|                   "default": "" | ||||
|                 }, | ||||
|                 "clientSecret": { | ||||
|                   "type": "string", | ||||
|                   "description": "", | ||||
|                   "default": "" | ||||
|                 }, | ||||
|                 "issuer": { | ||||
|                   "type": "string", | ||||
|                   "description": "", | ||||
|                   "default": "" | ||||
|                 } | ||||
|               } | ||||
|             }, | ||||
|             "azure": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"AZURE_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "discord": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"DISCORD_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "facebook": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"FACEBOOK_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "github": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"GITHUB_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "gitlab": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"GITLAB_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "google": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"GOOGLE_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "okta": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"OKTA_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "slack": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"SLACK_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "twitch": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"TWITCH_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "twitter": { | ||||
|               "description": "Enable or disable social auth option. You can set additional values like auto registration by replacing \"_\" with \".\" and in lowercase e.g. \"TWITTER_AUTO_REGISTER\" as \"auto.register\". You don't need the social auth key as a prefix.", | ||||
|               "$ref": "#/definitions/socialAuth" | ||||
|             }, | ||||
|             "ldap": { | ||||
|               "type": "object", | ||||
|               "description": "Enable or disable social auth option. You can set additional values like email attribute by replacing \"_\" with \".\" and in lowercase e.g. \"LDAP_EMAIL_ATTRIBUTE\" as \"email.attribute\". You don't need the \"LDAP_\" key as a prefix.", | ||||
|               "additionalProperties": true, | ||||
|               "properties": { | ||||
|                 "enabled": { | ||||
|                   "type": "boolean", | ||||
|                   "default": "false", | ||||
|                   "description": "Wether LDAP auth is enabled" | ||||
|                 }, | ||||
|                 "server": { | ||||
|                   "type": "string", | ||||
|                   "default": "", | ||||
|                   "description": "The LDAP server to connect to." | ||||
|                 }, | ||||
|                 "dn": { | ||||
|                   "type": "string", | ||||
|                   "default": "", | ||||
|                   "description": "User DN used for authentication" | ||||
|                 }, | ||||
|                 "pass": { | ||||
|                   "type": "string", | ||||
|                   "default": "", | ||||
|                   "description": "Password used for authentication" | ||||
|                 }, | ||||
|                 "base.dn": { | ||||
|                   "type": "string", | ||||
|                   "default": "", | ||||
|                   "description": "LDAP Base search dn" | ||||
|                 } | ||||
|               }, | ||||
|               "required": ["enabled"] | ||||
|             } | ||||
|           } | ||||
|         }, | ||||
|         "extraEnv": { | ||||
|           "type": "object", | ||||
|           "additionalProperties": { | ||||
|             "type": ["string", "object"], | ||||
|             "description": "Extra environment variables for bookstack. Could be a simple string or a valueFrom..." | ||||
|           } | ||||
|         }, | ||||
|         "persistence": { | ||||
|           "type": "object", | ||||
|           "description": "Defines volume settings for data persistence in bookstack", | ||||
|           "additionalProperties": false, | ||||
|           "properties": { | ||||
|             "enabled": { | ||||
|               "type": "boolean", | ||||
|               "default": true, | ||||
|               "description": "Wether volume will be created" | ||||
|             }, | ||||
|             "size": { | ||||
|               "type": "string", | ||||
|               "default": "10Gi", | ||||
|               "description": "The size of the volume which will be created. Be careful some storage interfaces don't support resizing." | ||||
|             }, | ||||
|             "storageClass": { | ||||
|               "type": "string", | ||||
|               "description": "", | ||||
|               "default": "" | ||||
|             }, | ||||
|             "accessMode": { | ||||
|               "type": "string", | ||||
|               "default": "ReadWriteMany", | ||||
|               "description": "Access mode to define how many times the volume could be mounted." | ||||
|             } | ||||
|           }, | ||||
|           "required": ["enabled", "size", "accessMode"] | ||||
|         } | ||||
|       } | ||||
|     }, | ||||
|     "ingress": { | ||||
|       "type": "object", | ||||
|       "description": "Here you can define the ingress settings for your application. This is only needed if you want to expose your application to the outside world.", | ||||
|       "additionalProperties": false, | ||||
|       "properties": { | ||||
|         "enabled": { | ||||
|           "type": "boolean", | ||||
|           "description": "Enable the ingress", | ||||
|           "default": false | ||||
|         }, | ||||
|         "annotations": { | ||||
|           "annotations": { | ||||
|             "additionalProperties": { | ||||
|               "type": "string" | ||||
|             }, | ||||
|             "description": "You can add these Kubernetes annotations to specific Ingress objects to customize their behavior.\n!!! tip Annotation keys and values can only be strings. Other types, such as boolean or numeric values must be quoted, i.e. \"true\", \"false\", \"100\". More info: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md", | ||||
|             "type": "object" | ||||
|           } | ||||
|         }, | ||||
|         "tls": { | ||||
|           "description": "tls represents the TLS configuration. Currently the Ingress only supports a single TLS port, 443. If multiple members of this list specify different hosts, they will be multiplexed on the same port according to the hostname specified through the SNI TLS extension, if the ingress controller fulfilling the ingress supports SNI.", | ||||
|           "items": { | ||||
|             "$ref": "https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.31.6/_definitions.json#/definitions/io.k8s.api.networking.v1.IngressTLS" | ||||
|           }, | ||||
|           "type": "array", | ||||
|           "x-kubernetes-list-type": "atomic" | ||||
|         }, | ||||
|         "class": { | ||||
|           "type": "string", | ||||
|           "description": "The class of the ingress. This is used to select the ingress controller that should handle this ingress. If not set, the default ingress class will be used." | ||||
|         }, | ||||
|         "hostname": { | ||||
|           "type": "string", | ||||
|           "description": "The hostname for the ingress. This is used to route traffic to the correct service." | ||||
|         }, | ||||
|         "path": { | ||||
|           "type": "string", | ||||
|           "description": "The path for the ingress. This is used to route traffic to the correct service.", | ||||
|           "default": "/" | ||||
|         }, | ||||
|         "pathType": { | ||||
|           "type": "string", | ||||
|           "description": "The path type for the ingress. This is used to route traffic to the correct service.", | ||||
|           "enum": [ | ||||
|             "Exact", | ||||
|             "Prefix", | ||||
|             "ImplementationSpecific" | ||||
|           ], | ||||
|           "default": "Prefix" | ||||
|         } | ||||
|       }, | ||||
|       "required": [ | ||||
|         "enabled", | ||||
|         "hostname", | ||||
|         "path", | ||||
|         "pathType" | ||||
|       ] | ||||
|     }, | ||||
|     "service": { | ||||
|       "type": "object", | ||||
|       "description": "Here you can define the service settings for your application.", | ||||
|       "additionalProperties": false, | ||||
|       "properties": { | ||||
|         "port": { | ||||
|           "type": "integer", | ||||
|           "description": "The port that the service should listen on.", | ||||
|           "default": 8080 | ||||
|         }, | ||||
|         "type": { | ||||
|           "type": "string", | ||||
|           "enum": [ | ||||
|             "ClusterIP", | ||||
|             "NodePort", | ||||
|             "LoadBalancer", | ||||
|             "Headless" | ||||
|           ], | ||||
|           "description": "The type of the service. This defines how the service is exposed or not.", | ||||
|           "default": "ClusterIP" | ||||
|         }, | ||||
|         "loadBalancerIP": { | ||||
|           "type": [ | ||||
|             "string", | ||||
|             "null" | ||||
|           ], | ||||
|           "description": "LoadBalancerIP is the IP address that will be assigned to the service when it is created. This is only used if the service type is LoadBalancer.", | ||||
|           "default": "" | ||||
|         }, | ||||
|         "nodePort": { | ||||
|           "type": [ | ||||
|             "integer", | ||||
|             "string", | ||||
|             "null" | ||||
|           ], | ||||
|           "description": "NodePort is the port that will be assigned to the service when it is created. This is only used if the service type is NodePort.", | ||||
|           "default": "" | ||||
|         }, | ||||
|         "clusterIP": { | ||||
|           "type": [ | ||||
|             "string", | ||||
|             "null" | ||||
|           ], | ||||
|           "description": "ClusterIP is the IP address that will be assigned to the service when it is created. This is only used if the service type is ClusterIP.", | ||||
|           "default": "" | ||||
|         } | ||||
|       }, | ||||
|       "required": [ | ||||
|         "port", | ||||
|         "type" | ||||
|       ] | ||||
|     }, | ||||
|     "db": { | ||||
|       "type": "object", | ||||
|       "description": "Here you can define the database settings for your application.", | ||||
|       "additionalProperties": true, | ||||
|       "properties": { | ||||
|         "enabled": { | ||||
|           "type": "boolean", | ||||
|           "description": "Whether this deployment is enabled", | ||||
|           "default": true | ||||
|         } | ||||
|       }, | ||||
|       "required": [ | ||||
|         "enabled" | ||||
|       ] | ||||
|     }, | ||||
|     "redis": { | ||||
|       "type": "object", | ||||
|       "description": "Here you can define the redis settings for your application.", | ||||
|       "additionalProperties": true, | ||||
|       "properties": { | ||||
|         "enabled": { | ||||
|           "type": "boolean", | ||||
|           "description": "Whether this deployment is enabled", | ||||
|           "default": true | ||||
|         } | ||||
|       }, | ||||
|       "required": [ | ||||
|         "enabled" | ||||
|       ] | ||||
|     } | ||||
|   }, | ||||
|   "required": [ | ||||
|     "global", | ||||
|     "bookstack", | ||||
|     "db", | ||||
|     "redis", | ||||
|     "service", | ||||
|     "ingress" | ||||
|   ], | ||||
|   "definitions": { | ||||
|     "socialAuth": { | ||||
|       "type": "object", | ||||
|       "additionalProperties": true, | ||||
|       "properties": { | ||||
|         "enabled": { | ||||
|           "type": "boolean", | ||||
|           "description": "Whether this auth option is enabled", | ||||
|           "default": false | ||||
|         }, | ||||
|         "appId": { | ||||
|           "type": "string", | ||||
|           "description": "", | ||||
|           "default": "" | ||||
|         }, | ||||
|         "appSecret": { | ||||
|           "type": "string", | ||||
|           "description": "", | ||||
|           "default": "" | ||||
|         } | ||||
|       } | ||||
|     } | ||||
|   } | ||||
| } | ||||
| @ -18,12 +18,8 @@ bookstack: | ||||
|     app: | ||||
|       key: "" | ||||
|       url: "https://example.com" | ||||
|       views.books: list | ||||
|       views.bookshelves: grid | ||||
|       views.bookshelf: grid | ||||
|       default.dark.mode: true | ||||
|     additional: | ||||
|       DISABLE_EXTERNAL_SERVICES: false | ||||
|     additional: {} | ||||
|     additionalSecrets: {} | ||||
|   mail: | ||||
|     driver: "smtp" | ||||
|     host: "" | ||||
|  | ||||
							
								
								
									
										10
									
								
								pubkeys/morlana.asc
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								pubkeys/morlana.asc
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,10 @@ | ||||
| -----BEGIN PGP PUBLIC KEY BLOCK----- | ||||
| 
 | ||||
| mDMEaBxO9xYJKwYBBAHaRw8BAQdA/7OLLFRkqsTzyufHwHVgB7M6XoX9+df8qCvi | ||||
| u5xQM7i0OE1vcmxhbmEgQ0kgU2lnbmluZyBLZXkgPGNvbnRhY3QrZGV2ZWxvcG1l | ||||
| bnRAbW9ybGFuYS5uZXQ+iJYEExYIAD4WIQS84h7qJd4UtBgZbaH/b3JG+qmcMAUC | ||||
| aBxO9wIbAwUJAeEzgAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRD/b3JG+qmc | ||||
| MLuMAQDM/CPa1DO31dmcI5Xtt9uK3svdv3mZl5GGqqTylcYTXgD+LL4/OPp7XHx+ | ||||
| WTf9NitfTlwpRKJJWec7vp2NG0NQ8wg= | ||||
| =ACKv | ||||
| -----END PGP PUBLIC KEY BLOCK----- | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user