diff --git a/.github/workflows/chart-release.yml b/.github/workflows/chart-release.yml index f318de8..f6d32e9 100644 --- a/.github/workflows/chart-release.yml +++ b/.github/workflows/chart-release.yml @@ -1,6 +1,13 @@ # yamllint disable rule:line-length --- -# This is a basic workflow to help you get started with Actions +# This automatic helm chart releaser Github Action that uses Microsofts Azure setup-helm +# * https://github.com/Azure/setup-helm +# and helm's chart-releaser-action which uses the https://github.com/helm/chart-releaser image +# * https://github.com/helm/chart-releaser-action +# +# It only creates a new package when there is not yet one in the same version +# It will not automatically mark the new release as latest +# name: Release helm chart @@ -49,3 +56,4 @@ jobs: env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" CR_SKIP_EXISTING: true + MARK_AS_LATEST: false diff --git a/DEVEL.md b/DEVEL.md new file mode 100644 index 0000000..2e6487e --- /dev/null +++ b/DEVEL.md @@ -0,0 +1,169 @@ +# Development Setup + +The following is done on a Fedora Desktop to run a minikube rootless setup. For setting it up you need administrative rights. + +## Prepare the system + +First install the required network component `slirp4netns` + +```bash +sudo dnf install slirp4netns +``` + +Now map additional UIDs and GIDs for your user, to be able to use the users IDs from inside the containers. + +* https://docs.podman.io/en/latest/markdown/podman.1.html?highlight=rootless#rootless-mode + +Map additional UID/GID for your user: + +```bash +sudo usermod --add-subuids 10000-75535 USERNAME +sudo usermod --add-subgids 10000-75535 USERNAME +``` + +So this was the only parts where root priviledges are needed. + +## Prepare minicube + +Now install and setup minikube with the calico network driver. Assuming you have `~/bin` in your `$PATH` environment variable. + +```bash +wget https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 -O ~/bin/minikube +chmod 755 ~/bin/minikube + +minikube config set rootless true +minikube config set driver podman +minikube config set container-runtime containerd + +minikube start --cni calico +``` + +Now you have a running cluster on your machine. + +Minikube comes with a integrated `kubectl` command. So you can run `kubectl` commands, without downloaded `kubectl` binary: + +```bash +minikube kubectl -- get pods -A +``` + +But for using `helm` and our convenience, we install `kubectl` alongside `minikube`: + +```bash +wget "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" -O ~/bin/kubectl +``` + +Finally we install `helm`, into `~/bin`: + +```bash +export HELM_INSTALL_DIR=~/bin; export USE_SUDO=false; curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash +``` + +## Setup wger + +You can install wger without any changes to the `values.yaml`, this will run wger in development mode. + +First clone the `wger-helm-charts` repository and optionally create `your_values.yaml` file: + +```bash +git clone https://github.com/wger-project/helm-charts.git +cd helm-charts +vi your_values.yaml +``` + +The following is a example of `your_values.yaml`: + +```yaml +app: + environment: + # x-real-ip - remote ip - x-forward-for - + - name: GUNICORN_CMD_ARGS + value: "--timeout 240 --workers=2 --access-logformat '%({x-real-ip}i)s %(l)s %(h)s %(l)s %({x-forwarded-for}i)s %(l)s %(t)s \"%(r)s\" %(s)s %(b)s \"%(f)s\" \"%(a)s\"' --access-logfile - --error-logfile -" + nginx: + enabled: true + axes: + enabled: true +celery: + enabled: true + flower: + enabled: true +``` + +Deploy the helm chart from the cloned git repo. Omit `-f ../../your_values.yaml` when you don't have the file: + +```bash +cd helm-charts/charts/wger +helm dependency update +helm upgrade --install wger . -n wger --create-namespace -f ../../your_values.yaml +``` + +To access the webinterface, you can port forward `8000` from the wger app to a port on your machine, be aware you need a high port number, which doesn't require root priviledges. + +```bash +export POD=$(kubectl get pods -n wger -l "app.kubernetes.io/name=wger-app" -o jsonpath="{.items[0].metadata.name}") +echo "wger runs on: http://localhost:10001"; kubectl -n wger port-forward ${POD} 10001:8000 +``` + +Go to http://localhost:10001 and login as `admin` `adminadmin` ;-) + +## Advanced Setup + +When you activated `nginx` persistent storage will be automatically activated as a requirement. You can see the volumes (pv) and it's claims (pvc): + +```bash +kubectl get pv +kubectl get pvc -n wger +``` + +**@todo sorry but, mounting with rootless podman and minikube doesn't work yet** + +There is a special claim `code` which will not be created but will overload the wger django code, this can be used to mount your local development code into the setup. + +First checkout the code to in the example i use `$HOME/test/wger`. + +As minikube is running in a VM we first need to mount the local files into the minikube VM to make it available for the kubernetes cluster. You can login to the minikube VM with `minikube ssh`. + +Now mount the folder into the minikube system, i use `/wger-code` here. + +```bash +minikube stop +minikube start --cni calico --mount-string="$HOME/test/wger:/wger-code" +# or +minikube mount $HOME/test/wger:/wger-code +``` + +Add the following to `your_values.yaml`. + +```yaml +app: + persistence: + existingClaim: + code: wger-code +``` + +Manually create a volume and claim for your local wger code. For this add a new file `wger-code.yaml` and apply it to the cluster: + +```yaml +TBD +``` + +```bash +kubectl create ns wger +kubectl apply -n wger -f ../../wger-code-volume.yaml +``` + +Activate the new values with the `wger-code` volume in the containers: + +```bash +helm upgrade --install wger . -n wger --create-namespace -f ../../your_values.yaml +``` + +## Uninstall wger + +To uninstall: + +```bash +helm -n wger uninstall wger +kubectl -n wger delete -f ../../wger-code-volume.yaml +kubectl delete ns wger +``` + diff --git a/README.md b/README.md index 027ba3c..68c50f7 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,9 @@ # wger -Helm charts for wger deployment on Kubernetes +Helm charts for wger deployment on Kubernetes. + +* https://wger.readthedocs.io + ## TL;DR @@ -428,6 +431,8 @@ Generally persistent volumes needs to be configured depending on your setup. ## Developing locally +The following is a basic instruction, for a more in-depth manual please have a look at [DEVEL.md](DEVEL.md). It also covers mounting the wger django code into the container. + In order to develop locally, you will need [minikube](https://minikube.sigs.k8s.io/docs/) installed. It sets a local Kubernetes cluster that you can use for testing the Helm chart. @@ -467,10 +472,9 @@ $ export POD=$(kubectl get pods -n wger -l "app.kubernetes.io/name=wger-app" -o $ kubectl -n wger exec -it $POD -c wger -- bash wger@wger-app-86c65dcbb9-9ftr6:~/src$ -# start a local proxy to test the web interface -# Wger will then be available on http://localhost:8001/api/v1/namespaces/wger/services/wger-http:8000/proxy/en -$ kubectl proxy -Starting to serve on 127.0.0.1:8001 +# start a port forwarding to access the webinterface +$ echo "wger runs on: http://localhost:10001" +$ kubectl -n wger port-forward ${POD} 10001:8000 # when you are finished with the testing, stop minikube $ minikube stop diff --git a/charts/wger/Chart.yaml b/charts/wger/Chart.yaml index 7709f53..e7b331b 100644 --- a/charts/wger/Chart.yaml +++ b/charts/wger/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -version: 0.1.6-rc.1 +version: 0.1.7 appVersion: latest name: wger description: A Helm chart for Wger installation on Kubernetes diff --git a/charts/wger/templates/_helpers.tpl b/charts/wger/templates/_helpers.tpl index b2dc75a..d1da762 100644 --- a/charts/wger/templates/_helpers.tpl +++ b/charts/wger/templates/_helpers.tpl @@ -45,7 +45,11 @@ environment: # django general {{- if .Values.ingress.enabled }} - name: SITE_URL - value: {{ .Values.ingress.url | quote }} + {{- if .Values.ingress.tls }} + value: "https://{{ .Values.ingress.url }}" + {{- else }} + value: "http://{{ .Values.ingress.url }}" + {{- end }} - name: CSRF_TRUSTED_ORIGINS value: "http://{{ .Values.ingress.url }},https://{{ .Values.ingress.url }},http://127.0.0.1,https://127.0.0.1,http://localhost,https://localhost" {{- else }} diff --git a/charts/wger/values.yaml b/charts/wger/values.yaml index 4a2ab06..06e72fc 100644 --- a/charts/wger/values.yaml +++ b/charts/wger/values.yaml @@ -17,6 +17,7 @@ app: securityContext: fsGroup: 1000 persistence: + # this will be overriden to `true` when nginx is enabled enabled: false storageClass: null accessModes: