chore(deps): bump helm/chart-releaser-action from 1.6.0 to 1.7.0 (#115 )

feat: add dependabot (#114 )
chore: bump cinny to v4.6.0 (#113 )
2025-04-24 16:39:52 +00:00 · 2025-04-10 17:10:36 +00:00 · 2025-04-10 17:08:43 +00:00 · 2025-04-10 17:01:32 +00:00 · 2025-03-15 15:42:28 +00:00 · 2025-03-15 14:13:20 +00:00
107 changed files with 4460 additions and 33 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
--- a/.github/workflows/chart-releaser.yaml
+++ b/.github/workflows/chart-releaser.yaml
@ -4,6 +4,8 @@ on:
  push:
    branches:
      - master
+    paths:
+      - 'charts/**'

 jobs:
  release-charts:
@ -12,7 +14,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0

@ -22,11 +24,14 @@ jobs:
          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"

      - name: Install Helm
-        uses: azure/setup-helm@v3
+        uses: azure/setup-helm@v4.3.0 # using exact version because of https://github.com/Azure/setup-helm/issues/126
        with:
-          version: v3.10.2
+          version: v3.17.3
+
+      - name: Add Bitnami Helm Repo
+        run: helm repo add bitnami https://charts.bitnami.com/bitnami

      - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.4.1
+        uses: helm/chart-releaser-action@v1.7.0
        env:
          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
--- a/.github/workflows/lint-charts.yaml
+++ b/.github/workflows/lint-charts.yaml
@ -10,14 +10,14 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Install Helm
-        uses: azure/setup-helm@v3
+        uses: azure/setup-helm@v4.3.0 # using exact version because of https://github.com/Azure/setup-helm/issues/126
        with:
-          version: v3.10.2
+          version: v3.17.3

      - name: Lint charts
        run: helm lint charts/*
--- a/21
+++ b/21
@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Thumbscrew
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/README.md
+++ b/README.md
@ -0,0 +1,46 @@
+# Helm Charts!
+
+[![Release Charts](https://github.com/Thumbscrew/k8s-charts/actions/workflows/chart-releaser.yaml/badge.svg)](https://github.com/Thumbscrew/k8s-charts/actions/workflows/chart-releaser.yaml)
+
+A repository of Helm Charts that I have deployed in my own homelab.
+
+##  Usage
+
+[Helm](https://helm.sh) must be installed to use the charts.
+Please refer to Helm's [documentation](https://helm.sh/docs/) to get started.
+
+Once Helm is installed, add the repo as follows:
+
+```bash
+helm repo add thumbscrew https://thumbscrew.github.io/k8s-charts/
+```
+
+Search the repo charts:
+
+```bash
+helm search repo thumbscrew
+```
+
+## Chart Status
+
+I will generally only maintain the charts that I am currently using. See below for which ones I'm maintaining:
+
+|Chart Name|Description|Website|Maintained|
+|----------|-----------|-------|----------|
+|cinny|Cinny Matrix client|https://cinny.in/|Yes|
+|freshrss|RSS reader written in PHP|https://freshrss.org/|Yes|
+|pgadmin|PostgreSQL database management tool|https://www.pgadmin.org/|Yes|
+|unifi-controller|Unifi Controller (using linuxserver.io's image) for managing Unifi hardware||Yes|
+|focalboard|Kanban board software by Mattermost|https://www.focalboard.com/|No|
+|jellyfin|Open source media management system|https://jellyfin.org|Yes|
+|tandoor-recipes|Digital Recipe managment|https://tandoor.dev/|Yes|
+|silverbullet|Note-taking application optimized for people with a hacker mindset|https://silverbullet.md/|No|
+|cyberchef|The Cyber Swiss Army Knife by GCHQ|https://gchq.github.io/CyberChef|Yes|
+
+## Contributing
+
+All contributions welcome!
+
+## License
+
+[MIT License](LICENSE)
--- a/charts/cinny/Chart.yaml
+++ b/charts/cinny/Chart.yaml
@ -22,10 +22,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.1
+version: 3.6.0

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "v2.2.3"
+appVersion: "v4.6.0"
--- a/charts/cinny/README.md
+++ b/charts/cinny/README.md
@ -0,0 +1,47 @@
+# cinny
+
+![Version: 3.6.0](https://img.shields.io/badge/Version-3.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v4.6.0](https://img.shields.io/badge/AppVersion-v4.6.0-informational?style=flat-square)
+
+A Helm chart for the Cinny Matrix Client
+
+**Homepage:** <https://cinny.in/>
+
+## Source Code
+
+* <https://github.com/cinnyapp/cinny>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| customConfig.data.allowCustomHomeservers | bool | `true` | Allow the user to enter a homeserver not in the list |
+| customConfig.data.defaultHomeserver | int | `3` | Index (starting with 0) in homeserverList of the server to display by default |
+| customConfig.data.homeserverList | list | `["converser.eu","envs.net","matrix.org","mozilla.org"]` | List of Matrix homeservers to display |
+| customConfig.enabled | bool | `false` | Enable the use of a custom config.json - see https://github.com/cinnyapp/cinny/blob/dev/config.json |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"ghcr.io/cinnyapp/cinny"` |  |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"cinny.local"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.port | int | `80` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| tolerations | list | `[]` |  |
+
--- a/charts/cinny/values.yaml
+++ b/charts/cinny/values.yaml
@ -5,34 +5,36 @@
 replicaCount: 1

 image:
-  repository: ajbura/cinny
+  repository: ghcr.io/cinnyapp/cinny
  pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
-  tag: "v2.2.3"
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: ""

 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""

 serviceAccount:
-  # Specifies whether a service account should be created
+  # -- Specifies whether a service account should be created
  create: true
-  # Annotations to add to the service account
+  # -- Annotations to add to the service account
  annotations: {}
-  # The name of the service account to use.
-  # If not set and create is true, a name is generated using the fullname template
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template
  name: ""

 customConfig:
+  # -- Enable the use of a custom config.json - see https://github.com/cinnyapp/cinny/blob/dev/config.json
  enabled: false
  data:
+    # -- Index (starting with 0) in homeserverList of the server to display by default
    defaultHomeserver: 3
+    # -- List of Matrix homeservers to display
    homeserverList:
      - converser.eu
      - envs.net
-      - halogen.city
      - matrix.org
      - mozilla.org
+    # -- Allow the user to enter a homeserver not in the list
    allowCustomHomeservers: true

 podAnnotations: {}
--- a/charts/cyberchef/.helmignore
+++ b/charts/cyberchef/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/cyberchef/Chart.yaml
+++ b/charts/cyberchef/Chart.yaml
@ -0,0 +1,37 @@
+apiVersion: v2
+name: cyberchef
+description: A Helm chart for CyberChef, the Cyber Swiss Army Knife
+home: https://gchq.github.io/CyberChef
+sources:
+  - https://github.com/gchq/CyberChef
+keywords:
+  - cyber
+  - cyberchef
+  - tools
+  - hashing
+  - encoding
+  - compression
+  - encrypytion
+  - parsing
+  - open source
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.2.2
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "10.19.4"
--- a/charts/cyberchef/README.md
+++ b/charts/cyberchef/README.md
@ -0,0 +1,55 @@
+# cyberchef
+
+![Version: 0.2.2](https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.19.4](https://img.shields.io/badge/AppVersion-10.19.4-informational?style=flat-square)
+
+A Helm chart for CyberChef, the Cyber Swiss Army Knife
+
+**Homepage:** <https://gchq.github.io/CyberChef>
+
+## Source Code
+
+* <https://github.com/gchq/CyberChef>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| autoscaling.enabled | bool | `false` |  |
+| autoscaling.maxReplicas | int | `100` |  |
+| autoscaling.minReplicas | int | `1` |  |
+| autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"ghcr.io/gchq/cyberchef"` |  |
+| image.tag | string | `""` |  |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"cyberchef.local"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| livenessProbe.httpGet.path | string | `"/"` |  |
+| livenessProbe.httpGet.port | string | `"http"` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| podAnnotations | object | `{}` |  |
+| podLabels | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| readinessProbe.httpGet.path | string | `"/"` |  |
+| readinessProbe.httpGet.port | string | `"http"` |  |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | string | `nil` |  |
+| service.port | int | `80` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` |  |
+| serviceAccount.automount | bool | `true` |  |
+| serviceAccount.create | bool | `true` |  |
+| serviceAccount.name | string | `""` |  |
+| tolerations | list | `[]` |  |
+| volumeMounts | list | `[]` |  |
+| volumes | list | `[]` |  |
+
--- a/charts/cyberchef/templates/NOTES.txt
+++ b/charts/cyberchef/templates/NOTES.txt
@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "cyberchef.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "cyberchef.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "cyberchef.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "cyberchef.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
--- a/charts/cyberchef/templates/_helpers.tpl
+++ b/charts/cyberchef/templates/_helpers.tpl
@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "cyberchef.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "cyberchef.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "cyberchef.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "cyberchef.labels" -}}
+helm.sh/chart: {{ include "cyberchef.chart" . }}
+{{ include "cyberchef.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "cyberchef.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "cyberchef.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "cyberchef.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "cyberchef.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/charts/cyberchef/templates/deployment.yaml
+++ b/charts/cyberchef/templates/deployment.yaml
@ -0,0 +1,68 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "cyberchef.fullname" . }}
+  labels:
+    {{- include "cyberchef.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "cyberchef.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "cyberchef.labels" . | nindent 8 }}
+        {{- with .Values.podLabels }}
+        {{- toYaml . | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "cyberchef.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          livenessProbe:
+            {{- toYaml .Values.livenessProbe | nindent 12 }}
+          readinessProbe:
+            {{- toYaml .Values.readinessProbe | nindent 12 }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          {{- with .Values.volumeMounts }}
+          volumeMounts:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      {{- with .Values.volumes }}
+      volumes:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/charts/cyberchef/templates/hpa.yaml
+++ b/charts/cyberchef/templates/hpa.yaml
@ -0,0 +1,32 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "cyberchef.fullname" . }}
+  labels:
+    {{- include "cyberchef.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "cyberchef.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
--- a/charts/cyberchef/templates/ingress.yaml
+++ b/charts/cyberchef/templates/ingress.yaml
@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "cyberchef.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "cyberchef.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
--- a/charts/cyberchef/templates/service.yaml
+++ b/charts/cyberchef/templates/service.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "cyberchef.fullname" . }}
+  labels:
+    {{- include "cyberchef.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "cyberchef.selectorLabels" . | nindent 4 }}
--- a/charts/cyberchef/templates/serviceaccount.yaml
+++ b/charts/cyberchef/templates/serviceaccount.yaml
@ -0,0 +1,13 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "cyberchef.serviceAccountName" . }}
+  labels:
+    {{- include "cyberchef.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automount }}
+{{- end }}
--- a/charts/cyberchef/templates/tests/test-connection.yaml
+++ b/charts/cyberchef/templates/tests/test-connection.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "cyberchef.fullname" . }}-test-connection"
+  labels:
+    {{- include "cyberchef.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "cyberchef.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
--- a/charts/cyberchef/values.yaml
+++ b/charts/cyberchef/values.yaml
@ -0,0 +1,107 @@
+# Default values for cyberchef.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: ghcr.io/gchq/cyberchef
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Automatically mount a ServiceAccount's API credentials?
+  automount: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+podLabels: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext:
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: cyberchef.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+livenessProbe:
+  httpGet:
+    path: /
+    port: http
+readinessProbe:
+  httpGet:
+    path: /
+    port: http
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80
+
+# Additional volumes on the output Deployment definition.
+volumes: []
+# - name: foo
+#   secret:
+#     secretName: mysecret
+#     optional: false
+
+# Additional volumeMounts on the output Deployment definition.
+volumeMounts: []
+# - name: foo
+#   mountPath: "/etc/foo"
+#   readOnly: true
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- a/charts/focalboard/.helmignore
+++ b/charts/focalboard/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/focalboard/Chart.yaml
+++ b/charts/focalboard/Chart.yaml
@ -0,0 +1,33 @@
+apiVersion: v2
+name: focalboard
+description: A Helm chart for Mattermost Focalboard
+home: https://www.focalboard.com/download/personal-edition/
+sources:
+  - https://github.com/mattermost/focalboard
+keywords:
+  - focalboard
+  - kanban
+  - mattermost
+  - project management
+icon: https://www.focalboard.com/img/logo.svg?version=v2
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.2.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "7.10.0"
--- a/charts/focalboard/README.md
+++ b/charts/focalboard/README.md
@ -0,0 +1,78 @@
+# focalboard
+
+![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 7.10.0](https://img.shields.io/badge/AppVersion-7.10.0-informational?style=flat-square)
+
+A Helm chart for Mattermost Focalboard
+
+**Homepage:** <https://www.focalboard.com/download/personal-edition/>
+
+## Source Code
+
+* <https://github.com/mattermost/focalboard>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| autoscaling.enabled | bool | `false` |  |
+| autoscaling.maxReplicas | int | `100` |  |
+| autoscaling.minReplicas | int | `1` |  |
+| autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
+| config.audit_cfg_file | string | `""` |  |
+| config.authMode | string | `"native"` |  |
+| config.dbconfig | string | `"./focalboard.db?_busy_timeout=5000"` | Default SQLite config. See https://github.com/mattermost/focalboard/blob/main/docker/config.json for PostgreSQL config example |
+| config.dbtableprefix | string | `""` |  |
+| config.dbtype | string | `"sqlite3"` | Possible values 'sqlite' and 'postgres' |
+| config.enableLocalMode | bool | `false` |  |
+| config.enablePublicSharedBoards | bool | `false` |  |
+| config.filesdriver | string | `"local"` |  |
+| config.filespath | string | `"./data/files"` |  |
+| config.localModeSocketLocation | string | `"/var/tmp/focalboard_local.socket"` |  |
+| config.localOnly | bool | `false` |  |
+| config.logging_cfg_file | string | `""` |  |
+| config.port | int | `8000` |  |
+| config.postgres_dbconfig | string | `"dbname=focalboard sslmode=disable"` |  |
+| config.prometheusaddress | string | `":9092"` |  |
+| config.serverRoot | string | `"http://localhost:8000"` |  |
+| config.session_expire_time | int | `2592000` |  |
+| config.session_refresh_time | int | `18000` |  |
+| config.telemetry | bool | `false` |  |
+| config.useSSL | bool | `false` |  |
+| config.webhook_update | list | `[]` |  |
+| config.webpath | string | `"./pack"` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"mattermost/focalboard"` |  |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"focalboard.example.com"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| persistence.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.annotations | object | `{}` |  |
+| persistence.enabled | bool | `false` |  |
+| persistence.existingClaim | string | `""` |  |
+| persistence.size | string | `"10Gi"` |  |
+| persistence.storageClass | string | `""` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.port | int | `8000` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| strategy | string | `"Recreate"` |  |
+| tolerations | list | `[]` |  |
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
--- a/charts/focalboard/templates/NOTES.txt
+++ b/charts/focalboard/templates/NOTES.txt
@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "focalboard.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "focalboard.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "focalboard.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "focalboard.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
--- a/charts/focalboard/templates/_helpers.tpl
+++ b/charts/focalboard/templates/_helpers.tpl
@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "focalboard.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "focalboard.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "focalboard.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "focalboard.labels" -}}
+helm.sh/chart: {{ include "focalboard.chart" . }}
+{{ include "focalboard.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "focalboard.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "focalboard.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "focalboard.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "focalboard.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/charts/focalboard/templates/configmap.yaml
+++ b/charts/focalboard/templates/configmap.yaml
@ -0,0 +1,13 @@
+{{- if .Values.config -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "focalboard.fullname" . }}
+data:
+  {{- with .Values.config }}
+  serverRoot: {{ .serverRoot }}
+  port: "{{ .port }}"
+  config: |
+    {{- toPrettyJson . | nindent 4 -}}
+  {{- end }}
+{{- end }}
--- a/charts/focalboard/templates/deployment.yaml
+++ b/charts/focalboard/templates/deployment.yaml
@ -0,0 +1,93 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "focalboard.fullname" . }}
+  labels:
+    {{- include "focalboard.labels" . | nindent 4 }}
+spec:
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
+  strategy:
+    type: {{ .Values.strategy }}
+  selector:
+    matchLabels:
+      {{- include "focalboard.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "focalboard.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "focalboard.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+          startupProbe:
+            httpGet:
+              path: /
+              port: http
+            periodSeconds: 3
+            failureThreshold: 20
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+          - name: fbdata
+            mountPath: /opt/focalboard/data
+          - name: fbconfig
+            mountPath: /opt/focalboard/config.json
+            subPath: config
+          env:
+            - name: FOCALBOARD_SERVERROOT
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ include "focalboard.fullname" . }}
+                  key: serverRoot
+            - name: FOCALBOARD_PORT
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ include "focalboard.fullname" . }}
+                  key: port
+      volumes:
+      - name: fbdata
+      {{- if .Values.persistence.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "focalboard.fullname" . }}-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      - name: fbconfig
+        configMap:
+          name: {{ include "focalboard.fullname" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/charts/focalboard/templates/hpa.yaml
+++ b/charts/focalboard/templates/hpa.yaml
@ -0,0 +1,28 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "focalboard.fullname" . }}
+  labels:
+    {{- include "focalboard.labels" . | nindent 4 }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "focalboard.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
--- a/charts/focalboard/templates/ingress.yaml
+++ b/charts/focalboard/templates/ingress.yaml
@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "focalboard.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "focalboard.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
--- a/charts/focalboard/templates/pvc.yaml
+++ b/charts/focalboard/templates/pvc.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.enabled -}}
+{{- if not .Values.persistence.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "focalboard.fullname" . }}-pvc
+  labels:
+    {{- include "focalboard.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "focalboard.name" . }}
+    # helm.sh/chart: {{ include "focalboard.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/focalboard/templates/service.yaml
+++ b/charts/focalboard/templates/service.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "focalboard.fullname" . }}
+  labels:
+    {{- include "focalboard.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "focalboard.selectorLabels" . | nindent 4 }}
--- a/charts/focalboard/templates/serviceaccount.yaml
+++ b/charts/focalboard/templates/serviceaccount.yaml
@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "focalboard.serviceAccountName" . }}
+  labels:
+    {{- include "focalboard.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
--- a/charts/focalboard/templates/tests/test-connection.yaml
+++ b/charts/focalboard/templates/tests/test-connection.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "focalboard.fullname" . }}-test-connection"
+  labels:
+    {{- include "focalboard.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "focalboard.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
--- a/charts/focalboard/values.yaml
+++ b/charts/focalboard/values.yaml
@ -0,0 +1,116 @@
+# Default values for focalboard.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+strategy: Recreate
+
+image:
+  repository: mattermost/focalboard
+  pullPolicy: IfNotPresent
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # -- Specifies whether a service account should be created
+  create: true
+  # -- Annotations to add to the service account
+  annotations: {}
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+config:
+  serverRoot: "http://localhost:8000"
+  port: 8000
+  # -- Possible values 'sqlite' and 'postgres'
+  dbtype: sqlite3
+  # -- Default SQLite config. See https://github.com/mattermost/focalboard/blob/main/docker/config.json for PostgreSQL config example
+  dbconfig: "./focalboard.db?_busy_timeout=5000"
+  dbtableprefix: ""
+  postgres_dbconfig: "dbname=focalboard sslmode=disable"
+  useSSL: false
+  webpath: "./pack"
+  filesdriver: local
+  filespath: "./data/files"
+  telemetry: false
+  prometheusaddress: ":9092"
+  webhook_update: []
+  session_expire_time: 2592000
+  session_refresh_time: 18000
+  localOnly: false
+  enableLocalMode: false
+  localModeSocketLocation: "/var/tmp/focalboard_local.socket"
+  authMode: native
+  logging_cfg_file: ""
+  audit_cfg_file: ""
+  enablePublicSharedBoards: false
+
+persistence:
+  enabled: false
+  existingClaim: ""
+  annotations: {}
+  accessMode: ReadWriteOnce
+  storageClass: ""
+  size: 10Gi
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 8000
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: focalboard.example.com
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - focalboard.example.com
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 100
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- a/charts/freshrss/Chart.yaml
+++ b/charts/freshrss/Chart.yaml
@ -23,10 +23,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.1
+version: 1.7.0

 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.20.2"
+appVersion: "1.26.1"
--- a/charts/freshrss/README.md
+++ b/charts/freshrss/README.md
@ -0,0 +1,79 @@
+# freshrss
+
+![Version: 1.7.0](https://img.shields.io/badge/Version-1.7.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.26.1](https://img.shields.io/badge/AppVersion-1.26.1-informational?style=flat-square)
+
+A Helm chart for FreshRSS
+
+**Homepage:** <https://freshrss.org/>
+
+## Source Code
+
+* <https://github.com/FreshRSS/FreshRSS>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| freshrss.autoInstall.apiEnabled | bool | `false` | Enable FreshRSS API |
+| freshrss.autoInstall.baseUrl | string | `"freshrss.local"` | URL for FreshRSS instance |
+| freshrss.autoInstall.db.host | string | `""` | Database hostname |
+| freshrss.autoInstall.db.name | string | `"freshrss"` | Database name |
+| freshrss.autoInstall.db.password | string | `"freshrss"` | Database password |
+| freshrss.autoInstall.db.type | string | `"sqlite"` | Database type - `pgsql`, `mysql` or `sqlite` |
+| freshrss.autoInstall.db.user | string | `"freshrss"` | Database user |
+| freshrss.autoInstall.defaultUser.email | string | `"admin@example.com"` | Email for the default user |
+| freshrss.autoInstall.defaultUser.password | string | `"admin"` | Password for the default user |
+| freshrss.autoInstall.defaultUser.user | string | `"admin"` | Username for the default user |
+| freshrss.autoInstall.enabled | bool | `false` | Enable automatic install - configurable through the web application if disabled |
+| freshrss.autoInstall.language | string | `"en"` | Language short code |
+| freshrss.cron.cronMin | string | `"13,43"` | Minute(s) past the hour to run cron |
+| freshrss.cron.enabled | bool | `false` | Enable Cron to periodically refresh feeds |
+| freshrss.freshEnv | string | `"production"` | Enables additional development information if set to `development` (increases the level of logging and ensures that errors are displayed) |
+| freshrss.oidc | object | `{"clientCryptoKey":"","clientId":"","clientSecret":"","enabled":false,"existingClientSecret":{"clientCryptoKeyKey":"clientCryptoKey","clientIdKey":"clientId","clientSecretKey":"clientSecret","name":""},"providerMetadataUrl":"","remoteUserClaim":"","scopes":[],"session":{"inactivityTimeout":300,"maxDuration":-1,"type":""},"xForwardedHeaders":[]}` | See Configuration Environment Variables at https://freshrss.github.io/FreshRSS/en/admins/16_OpenID-Connect.html |
+| freshrss.oidc.clientCryptoKey | string | `""` | Sets OIDC_CLIENT_CRYPTO_KEY |
+| freshrss.oidc.clientId | string | `""` | Sets OIDC_CLIENT_ID |
+| freshrss.oidc.clientSecret | string | `""` | Sets OIDC_CLIENT_SECRET |
+| freshrss.oidc.enabled | bool | `false` | Sets OIDC_ENABLED to true |
+| freshrss.oidc.existingClientSecret | object | `{"clientCryptoKeyKey":"clientCryptoKey","clientIdKey":"clientId","clientSecretKey":"clientSecret","name":""}` | A Kubernetes secret that contains the clientId, clientSecret and clientCryptoKey |
+| freshrss.oidc.providerMetadataUrl | string | `""` | Sets OIDC_PROVIDER_METADATA_URL |
+| freshrss.oidc.remoteUserClaim | string | `""` | Sets OIDC_REMOTE_USER_CLAIM |
+| freshrss.oidc.scopes | list | `[]` | Sets OIDC_SCOPES (list is concatenated) |
+| freshrss.oidc.session.inactivityTimeout | int | `300` | Sets OIDC_SESSION_INACTIVITY_TIMEOUT |
+| freshrss.oidc.session.maxDuration | int | `-1` | Sets OIDC_SESSION_MAX_DURATION |
+| freshrss.oidc.session.type | string | `""` | Sets OIDC_SESSION_TYPE |
+| freshrss.oidc.xForwardedHeaders | list | `[]` | Sets OIDC_X_FORWARDED_HEADERS (list is concatenated) |
+| freshrss.timezone | string | `"UTC"` | PHP Timezone - see https://www.php.net/timezones |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"freshrss/freshrss"` |  |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"freshrss.local"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| persistence.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.annotations | object | `{}` |  |
+| persistence.enabled | bool | `false` |  |
+| persistence.existingClaim | string | `""` |  |
+| persistence.size | string | `"10Gi"` |  |
+| persistence.storageClass | string | `""` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.port | int | `80` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| strategy.type | string | `"Recreate"` |  |
+| tolerations | list | `[]` |  |
+
--- a/charts/freshrss/templates/deployment.yaml
+++ b/charts/freshrss/templates/deployment.yaml
@ -42,6 +42,10 @@ spec:
              value: {{ .Values.freshrss.timezone }}
            - name: FRESHRSS_ENV
              value: {{ .Values.freshrss.freshEnv }}
+            {{- if .Values.freshrss.cron.enabled }}
+            - name: CRON_MIN
+              value: {{ .Values.freshrss.cron.cronMin }}
+            {{- end }}
            {{- if .Values.freshrss.autoInstall.enabled }}
            - name: FRESHRSS_INSTALL
              value: |-
@ -50,6 +54,13 @@ spec:
              {{- end }}
                --language {{ .Values.freshrss.autoInstall.language }}
                --default_user {{ .Values.freshrss.autoInstall.defaultUser.user }}
+              {{- if ne .Values.freshrss.autoInstall.db.type "sqlite" }}
+                --db-base {{ .Values.freshrss.autoInstall.db.name }}
+                --db-host {{ .Values.freshrss.autoInstall.db.host }}
+                --db-password {{ .Values.freshrss.autoInstall.db.password }}
+                --db-type {{ .Values.freshrss.autoInstall.db.type }}
+                --db-user {{ .Values.freshrss.autoInstall.db.user }}
+              {{- end }}
            - name: FRESHRSS_USER
              value: |-
                {{- with .Values.freshrss.autoInstall.defaultUser }}
@ -59,14 +70,76 @@ spec:
                {{- end }}
                --language {{ .Values.freshrss.autoInstall.language }}
            {{- end }}
+            {{- if .Values.freshrss.oidc.enabled }}
+            - name: OIDC_ENABLED
+              value: "1"
+            {{- with .Values.freshrss.oidc }}
+            - name: OIDC_PROVIDER_METADATA_URL
+              value: {{ .providerMetadataUrl }}
+            {{- if .existingClientSecret.name }}
+            - name: OIDC_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .existingClientSecret.name }}
+                  key: {{ .existingClientSecret.clientIdKey }}
+            - name: OIDC_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .existingClientSecret.name }}
+                  key: {{ .existingClientSecret.clientSecretKey }}
+            - name: OIDC_CLIENT_CRYPTO_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .existingClientSecret.name }}
+                  key: {{ .existingClientSecret.clientCryptoKeyKey }}
+            {{- else }}
+            - name: OIDC_CLIENT_ID
+              value: {{ .clientId }}
+            - name: OIDC_CLIENT_SECRET
+              value: {{ .clientSecretKey }}
+            - name: OIDC_CLIENT_CRYPTO_KEY
+              value: {{ .clientCryptoKey }}
+            {{- end }}
+            {{- if .remoteUserClaim }}
+            - name: OIDC_REMOTE_USER_CLAIM
+              value: {{ .remoteUserClaim }}
+            {{- end }}
+            {{- if .scopes }}
+            - name: OIDC_SCOPES
+              value: {{ printf "%s" (join " " .scopes) }}
+            {{- end }}
+            {{- if .xForwardedHeaders }}
+            - name: OIDC_X_FORWARDED_HEADERS
+              value: {{ printf "%s" (join " " .xForwardedHeaders) }}
+            {{- end }}
+            - name: OIDC_SESSION_INACTIVITY_TIMEOUT
+              value: "{{ .session.inactivityTimeout }}"
+            {{- if ge .session.maxDuration 0.0 }}
+            - name: OIDC_SESSION_MAX_DURATION
+              value: "{{ .session.maxDuration }}"
+            {{- end }}
+            {{- if .session.type }}
+            - name: OIDC_SESSION_TYPE
+              value: {{ .session.type }}
+            {{- end }}
+            {{- end }}
+            {{- end }}
          livenessProbe:
            httpGet:
-              path: /
+              {{- if .Values.freshrss.oidc.enabled }}
+              path: /i/oidc/
+              {{- else }}
+              path: /i/
+              {{- end }}
              port: http
            initialDelaySeconds: 30
          readinessProbe:
            httpGet:
-              path: /
+              {{- if .Values.freshrss.oidc.enabled }}
+              path: /i/oidc/
+              {{- else }}
+              path: /i/
+              {{- end }}
              port: http
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
--- a/charts/freshrss/values.yaml
+++ b/charts/freshrss/values.yaml
@ -9,20 +9,19 @@ strategy:
 image:
  repository: freshrss/freshrss
  pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
-  tag: "1.20.2"
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: ""

 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""

 serviceAccount:
-  # Specifies whether a service account should be created
+  # -- Specifies whether a service account should be created
  create: true
-  # Annotations to add to the service account
+  # -- Annotations to add to the service account
  annotations: {}
-  # The name of the service account to use.
-  # If not set and create is true, a name is generated using the fullname template
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template
  name: ""

 podAnnotations: {}
@ -43,22 +42,78 @@ service:
  port: 80

 freshrss:
+  # -- PHP Timezone - see https://www.php.net/timezones
  timezone: UTC
+  # -- Enables additional development information if set to `development` (increases the level of logging and ensures that errors are displayed)
  freshEnv: production
  autoInstall:
+    # -- Enable automatic install - configurable through the web application if disabled
    enabled: false
+    # -- URL for FreshRSS instance
    baseUrl: freshrss.local
+    # -- Language short code
    language: en
+    # -- Enable FreshRSS API
    apiEnabled: false
-    dbType: sqlite
-    dbBase: freshrss
-    dbHost: ""
-    dbPassword: freshrss
-    dbUser: freshrss
+    db:
+      # -- Database type - `pgsql`, `mysql` or `sqlite`
+      type: sqlite
+      # -- Database name
+      name: freshrss
+      # -- Database hostname
+      host: ""
+      # -- Database password
+      password: freshrss
+      # -- Database user
+      user: freshrss
    defaultUser:
+      # -- Username for the default user
      user: admin
+      # -- Password for the default user
      password: admin
+      # -- Email for the default user
      email: admin@example.com
+  cron:
+    # -- Enable Cron to periodically refresh feeds
+    enabled: false
+    # -- Minute(s) past the hour to run cron
+    cronMin: "13,43"
+  # -- See Configuration Environment Variables at https://freshrss.github.io/FreshRSS/en/admins/16_OpenID-Connect.html
+  oidc:
+    # -- Sets OIDC_ENABLED to true
+    enabled: false
+    # -- Sets OIDC_PROVIDER_METADATA_URL
+    providerMetadataUrl: ""
+    # -- Sets OIDC_CLIENT_ID
+    clientId: ""
+    # -- Sets OIDC_CLIENT_SECRET
+    clientSecret: ""
+    # -- Sets OIDC_CLIENT_CRYPTO_KEY
+    clientCryptoKey: ""
+    # -- A Kubernetes secret that contains the clientId, clientSecret and clientCryptoKey
+    existingClientSecret:
+      name: ""
+      clientIdKey: clientId
+      clientSecretKey: clientSecret
+      clientCryptoKeyKey: clientCryptoKey
+    # -- Sets OIDC_REMOTE_USER_CLAIM
+    remoteUserClaim: ""
+    # -- Sets OIDC_SCOPES (list is concatenated)
+    scopes: []
+      # - openid
+    # -- Sets OIDC_X_FORWARDED_HEADERS (list is concatenated)
+    xForwardedHeaders: []
+      # - Forwarded
+      # - X-Forwarded-Host
+      # - X-Forwarded-Port
+      # - X-Forwarded-Proto
+    session:
+      # -- Sets OIDC_SESSION_INACTIVITY_TIMEOUT
+      inactivityTimeout: 300
+      # -- Sets OIDC_SESSION_MAX_DURATION
+      maxDuration: -1
+      # -- Sets OIDC_SESSION_TYPE
+      type: ""

 persistence:
  enabled: false
--- a/charts/jellyfin/.helmignore
+++ b/charts/jellyfin/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/jellyfin/Chart.yaml
+++ b/charts/jellyfin/Chart.yaml
@ -0,0 +1,34 @@
+apiVersion: v2
+name: jellyfin
+description: A Helm chart for Jellyfin, the Free Software Media System that puts you in control of managing and streaming your media.
+home: https://jellyfin.org
+sources:
+  - https://github.com/jellyfin/jellyfin
+keywords:
+  - jellyfin
+  - media
+  - management
+  - video
+  - open source
+icon: https://jellyfin.org/images/logo.svg
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.3.3
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "10.10.6"
--- a/charts/jellyfin/README.md
+++ b/charts/jellyfin/README.md
@ -0,0 +1,49 @@
+# jellyfin
+
+![Version: 1.3.3](https://img.shields.io/badge/Version-1.3.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 10.10.6](https://img.shields.io/badge/AppVersion-10.10.6-informational?style=flat-square)
+
+A Helm chart for Jellyfin, the Free Software Media System that puts you in control of managing and streaming your media.
+
+**Homepage:** <https://jellyfin.org>
+
+## Source Code
+
+* <https://github.com/jellyfin/jellyfin>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"jellyfin/jellyfin"` |  |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"jellyfin.example.com"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| jellyfin.publishedServerUrl | string | `""` | See PublishedServerUrl at https://jellyfin.org/docs/general/administration/configuration#main-configuration-options |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| persistence.cache | object | `{"accessMode":"ReadWriteOnce","annotations":{},"enabled":false,"existingClaim":"","size":"10Gi","storageClass":""}` | Persistence config for the /cache volume |
+| persistence.config | object | `{"accessMode":"ReadWriteOnce","annotations":{},"enabled":false,"existingClaim":"","size":"1Gi","storageClass":""}` | Persistence config for the /config volume |
+| persistence.media | object | `{"accessMode":"ReadWriteOnce","annotations":{},"enabled":false,"existingClaim":"","size":"10Gi","storageClass":""}` | Persistence config for the /media volume |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| resources | object | `{}` |  |
+| securityContext.readOnlyRootFilesystem | bool | `false` |  |
+| securityContext.runAsGroup | int | `1000` |  |
+| securityContext.runAsNonRoot | bool | `true` |  |
+| securityContext.runAsUser | int | `1000` |  |
+| service.port | int | `8096` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| tolerations | list | `[]` |  |
+
--- a/charts/jellyfin/templates/NOTES.txt
+++ b/charts/jellyfin/templates/NOTES.txt
@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "jellyfin.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "jellyfin.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "jellyfin.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "jellyfin.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
--- a/charts/jellyfin/templates/_helpers.tpl
+++ b/charts/jellyfin/templates/_helpers.tpl
@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "jellyfin.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "jellyfin.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "jellyfin.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "jellyfin.labels" -}}
+helm.sh/chart: {{ include "jellyfin.chart" . }}
+{{ include "jellyfin.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "jellyfin.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "jellyfin.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "jellyfin.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "jellyfin.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/charts/jellyfin/templates/deployment.yaml
+++ b/charts/jellyfin/templates/deployment.yaml
@ -0,0 +1,98 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "jellyfin.fullname" . }}
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      {{- include "jellyfin.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "jellyfin.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "jellyfin.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: http
+            periodSeconds: 10
+          startupProbe:
+            httpGet:
+              path: /health
+              port: http
+            periodSeconds: 10
+            failureThreshold: 6
+          {{- if .Values.jellyfin.publishedServerUrl }}
+          env:
+            - name: JELLYFIN_PublishedServerUrl
+              value: {{ .Values.jellyfin.publishedServerUrl }}
+          {{- end }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+          - name: jellyfin-config
+            mountPath: /config
+          - name: jellyfin-media
+            mountPath: /media
+          - name: jellyfin-cache
+            mountPath: /cache
+      volumes:
+      - name: jellyfin-config
+      {{- if .Values.persistence.config.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.config.existingClaim }}{{ .Values.persistence.config.existingClaim }}{{- else }}{{ template "jellyfin.fullname" . }}-config-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      - name: jellyfin-media
+      {{- if .Values.persistence.media.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.media.existingClaim }}{{ .Values.persistence.media.existingClaim }}{{- else }}{{ template "jellyfin.fullname" . }}-media-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      - name: jellyfin-cache
+      {{- if .Values.persistence.cache.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.cache.existingClaim }}{{ .Values.persistence.cache.existingClaim }}{{- else }}{{ template "jellyfin.fullname" . }}-cache-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/charts/jellyfin/templates/ingress.yaml
+++ b/charts/jellyfin/templates/ingress.yaml
@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "jellyfin.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
--- a/charts/jellyfin/templates/pvc-cache.yaml
+++ b/charts/jellyfin/templates/pvc-cache.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.cache.enabled -}}
+{{- if not .Values.persistence.cache.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "jellyfin.fullname" . }}-pvc
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "jellyfin.name" . }}
+    # helm.sh/chart: {{ include "jellyfin.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.cache.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.cache.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.cache.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.cache.size | quote }}
+{{- if .Values.persistence.cache.storageClass }}
+{{- if (eq "-" .Values.persistence.cache.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.cache.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/jellyfin/templates/pvc-config.yaml
+++ b/charts/jellyfin/templates/pvc-config.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.config.enabled -}}
+{{- if not .Values.persistence.config.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "jellyfin.fullname" . }}-pvc
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "jellyfin.name" . }}
+    # helm.sh/chart: {{ include "jellyfin.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.config.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.config.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.config.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.config.size | quote }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/jellyfin/templates/pvc-media.yaml
+++ b/charts/jellyfin/templates/pvc-media.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.media.enabled -}}
+{{- if not .Values.persistence.media.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "jellyfin.fullname" . }}-pvc
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "jellyfin.name" . }}
+    # helm.sh/chart: {{ include "jellyfin.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.media.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.media.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.media.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.media.size | quote }}
+{{- if .Values.persistence.media.storageClass }}
+{{- if (eq "-" .Values.persistence.media.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.media.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/jellyfin/templates/service.yaml
+++ b/charts/jellyfin/templates/service.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "jellyfin.fullname" . }}
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "jellyfin.selectorLabels" . | nindent 4 }}
--- a/charts/jellyfin/templates/serviceaccount.yaml
+++ b/charts/jellyfin/templates/serviceaccount.yaml
@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "jellyfin.serviceAccountName" . }}
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
--- a/charts/jellyfin/templates/tests/test-connection.yaml
+++ b/charts/jellyfin/templates/tests/test-connection.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "jellyfin.fullname" . }}-test-connection"
+  labels:
+    {{- include "jellyfin.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "jellyfin.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
--- a/charts/jellyfin/values.yaml
+++ b/charts/jellyfin/values.yaml
@ -0,0 +1,103 @@
+# Default values for jellyfin.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  repository: jellyfin/jellyfin
+  pullPolicy: IfNotPresent
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # -- Specifies whether a service account should be created
+  create: true
+  # -- Annotations to add to the service account
+  annotations: {}
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext:
+  # capabilities:
+  #   drop:
+  #   - ALL
+  readOnlyRootFilesystem: false
+  runAsNonRoot: true
+  runAsUser: 1000
+  runAsGroup: 1000
+
+jellyfin:
+  # -- See PublishedServerUrl at https://jellyfin.org/docs/general/administration/configuration#main-configuration-options
+  publishedServerUrl: ""
+
+persistence:
+  # -- Persistence config for the /config volume
+  config:
+    enabled: false
+    existingClaim: ""
+    annotations: {}
+    accessMode: ReadWriteOnce
+    storageClass: ""
+    size: 1Gi
+  # -- Persistence config for the /media volume
+  media:
+    enabled: false
+    existingClaim: ""
+    annotations: {}
+    accessMode: ReadWriteOnce
+    storageClass: ""
+    size: 10Gi
+  # -- Persistence config for the /cache volume
+  cache:
+    enabled: false
+    existingClaim: ""
+    annotations: {}
+    accessMode: ReadWriteOnce
+    storageClass: ""
+    size: 10Gi
+
+service:
+  type: ClusterIP
+  port: 8096
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: jellyfin.example.com
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- a/charts/pgadmin/.helmignore
+++ b/charts/pgadmin/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/pgadmin/Chart.yaml
+++ b/charts/pgadmin/Chart.yaml
@ -0,0 +1,33 @@
+apiVersion: v2
+name: pgadmin
+description: A Helm chart for pgAdmin, the open source PostgreSQL administration tool.
+home: https://www.pgadmin.org/
+sources:
+  - https://github.com/pgadmin-org/pgadmin4
+keywords:
+  - pgadmin
+  - postgres
+  - postgresql
+  - database
+  - administration
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 2.8.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "8.12"
--- a/charts/pgadmin/README.md
+++ b/charts/pgadmin/README.md
@ -0,0 +1,50 @@
+# pgadmin
+
+![Version: 2.8.0](https://img.shields.io/badge/Version-2.8.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 8.12](https://img.shields.io/badge/AppVersion-8.12-informational?style=flat-square)
+
+A Helm chart for pgAdmin, the open source PostgreSQL administration tool.
+
+**Homepage:** <https://www.pgadmin.org/>
+
+## Source Code
+
+* <https://github.com/pgadmin-org/pgadmin4>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| env | list | `[{"name":"PGADMIN_DEFAULT_EMAIL","value":"user@domain.com"},{"name":"PGADMIN_DEFAULT_PASSWORD","value":"SuperSecret"}]` | Environment variables for the pgAdmin container. See https://www.pgadmin.org/docs/pgadmin4/latest/container_deployment.html#environment-variables. |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"dpage/pgadmin4"` |  |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"pgadmin.domain.com"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| persistence.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.annotations | object | `{}` |  |
+| persistence.enabled | bool | `false` |  |
+| persistence.existingClaim | string | `""` |  |
+| persistence.size | string | `"1Gi"` |  |
+| persistence.storageClass | string | `""` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.port | int | `80` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| tolerations | list | `[]` |  |
+
--- a/charts/pgadmin/templates/NOTES.txt
+++ b/charts/pgadmin/templates/NOTES.txt
@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "pgadmin.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "pgadmin.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "pgadmin.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "pgadmin.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
--- a/charts/pgadmin/templates/_helpers.tpl
+++ b/charts/pgadmin/templates/_helpers.tpl
@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "pgadmin.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "pgadmin.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "pgadmin.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "pgadmin.labels" -}}
+helm.sh/chart: {{ include "pgadmin.chart" . }}
+{{ include "pgadmin.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "pgadmin.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "pgadmin.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "pgadmin.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "pgadmin.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/charts/pgadmin/templates/deployment.yaml
+++ b/charts/pgadmin/templates/deployment.yaml
@ -0,0 +1,76 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "pgadmin.fullname" . }}
+  labels:
+    {{- include "pgadmin.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      {{- include "pgadmin.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "pgadmin.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "pgadmin.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          env:
+            {{- toYaml .Values.env | nindent 12 }}
+          livenessProbe:
+            httpGet:
+              path: /login
+              port: http
+          startupProbe:
+            httpGet:
+              path: /login
+              port: http
+            periodSeconds: 3
+            failureThreshold: 10
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+          - name: pgadmin-config
+            mountPath: /var/lib/pgadmin
+      volumes:
+      - name: pgadmin-config
+      {{- if .Values.persistence.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "pgadmin.fullname" . }}-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/charts/pgadmin/templates/ingress.yaml
+++ b/charts/pgadmin/templates/ingress.yaml
@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "pgadmin.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "pgadmin.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
--- a/charts/pgadmin/templates/pvc.yaml
+++ b/charts/pgadmin/templates/pvc.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.enabled -}}
+{{- if not .Values.persistence.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "pgadmin.fullname" . }}-pvc
+  labels:
+    {{- include "pgadmin.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "pgadmin.name" . }}
+    # helm.sh/chart: {{ include "pgadmin.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/pgadmin/templates/service.yaml
+++ b/charts/pgadmin/templates/service.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "pgadmin.fullname" . }}
+  labels:
+    {{- include "pgadmin.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "pgadmin.selectorLabels" . | nindent 4 }}
--- a/charts/pgadmin/templates/serviceaccount.yaml
+++ b/charts/pgadmin/templates/serviceaccount.yaml
@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "pgadmin.serviceAccountName" . }}
+  labels:
+    {{- include "pgadmin.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
--- a/charts/pgadmin/templates/tests/test-connection.yaml
+++ b/charts/pgadmin/templates/tests/test-connection.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "pgadmin.fullname" . }}-test-connection"
+  labels:
+    {{- include "pgadmin.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "pgadmin.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
--- a/charts/pgadmin/values.yaml
+++ b/charts/pgadmin/values.yaml
@ -0,0 +1,89 @@
+# Default values for pgadmin.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: dpage/pgadmin4
+  pullPolicy: IfNotPresent
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # -- Specifies whether a service account should be created
+  create: true
+  # -- Annotations to add to the service account
+  annotations: {}
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: pgadmin.domain.com
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: pgadmin-tls
+  #    hosts:
+  #      - pgadmin.domain.com
+
+# -- Environment variables for the pgAdmin container. See https://www.pgadmin.org/docs/pgadmin4/latest/container_deployment.html#environment-variables.
+env:
+  - name: PGADMIN_DEFAULT_EMAIL
+    value: user@domain.com
+  - name: PGADMIN_DEFAULT_PASSWORD
+    value: SuperSecret
+
+persistence:
+  enabled: false
+  existingClaim: ""
+  annotations: {}
+  accessMode: ReadWriteOnce
+  storageClass: ""
+  size: 1Gi
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- a/charts/silverbullet/.helmignore
+++ b/charts/silverbullet/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/silverbullet/Chart.yaml
+++ b/charts/silverbullet/Chart.yaml
@ -0,0 +1,31 @@
+apiVersion: v2
+name: silverbullet
+description: A Helm chart for SilverBullet - a note-taking application optimized for people with a hacker mindset
+home: https://silverbullet.md/
+sources:
+  - https://github.com/silverbulletmd/silverbullet
+keywords:
+  - silverbullet
+  - markdown
+  - notes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.2.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "0.9.2"
--- a/charts/silverbullet/README.md
+++ b/charts/silverbullet/README.md
@ -0,0 +1,53 @@
+# silverbullet
+
+![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.2](https://img.shields.io/badge/AppVersion-0.9.2-informational?style=flat-square)
+
+A Helm chart for SilverBullet - a note-taking application optimized for people with a hacker mindset
+
+**Homepage:** <https://silverbullet.md/>
+
+## Source Code
+
+* <https://github.com/silverbulletmd/silverbullet>
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"zefhemel/silverbullet"` |  |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"silverbullet.local"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| persistence.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.annotations | object | `{}` |  |
+| persistence.enabled | bool | `false` | Persistence config for the /space volume |
+| persistence.existingClaim | string | `""` |  |
+| persistence.size | string | `"1Gi"` |  |
+| persistence.storageClass | string | `""` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| resources | object | `{}` |  |
+| securityContext.readOnlyRootFilesystem | bool | `true` |  |
+| securityContext.runAsNonRoot | bool | `true` |  |
+| securityContext.runAsUser | int | `1000` |  |
+| service.port | int | `3000` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` |  |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| silverbullet.authentication | bool | `true` | Enable/disable user and password authentication |
+| silverbullet.pass | string | `"silverbullet"` | Password to use for logging in |
+| silverbullet.user | string | `"admin"` | Username to use for logging in |
+| tolerations | list | `[]` |  |
+
--- a/charts/silverbullet/templates/NOTES.txt
+++ b/charts/silverbullet/templates/NOTES.txt
@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "silverbullet.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "silverbullet.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "silverbullet.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "silverbullet.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
--- a/charts/silverbullet/templates/_helpers.tpl
+++ b/charts/silverbullet/templates/_helpers.tpl
@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "silverbullet.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "silverbullet.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "silverbullet.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "silverbullet.labels" -}}
+helm.sh/chart: {{ include "silverbullet.chart" . }}
+{{ include "silverbullet.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "silverbullet.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "silverbullet.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "silverbullet.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "silverbullet.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/charts/silverbullet/templates/deployment.yaml
+++ b/charts/silverbullet/templates/deployment.yaml
@ -0,0 +1,77 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "silverbullet.fullname" . }}
+  labels:
+    {{- include "silverbullet.labels" . | nindent 4 }}
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      {{- include "silverbullet.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "silverbullet.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "silverbullet.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          env:
+          {{- if .Values.silverbullet.authentication }}
+            - name: SB_USER
+              value: "{{ .Values.silverbullet.user }}:{{ .Values.silverbullet.pass }}"
+          {{- end }}
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+          - name: silverbullet-data
+            mountPath: /space
+      volumes:
+      - name: silverbullet-data
+      {{- if .Values.persistence.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "silverbullet.fullname" . }}-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/charts/silverbullet/templates/ingress.yaml
+++ b/charts/silverbullet/templates/ingress.yaml
@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "silverbullet.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "silverbullet.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
--- a/charts/silverbullet/templates/pvc.yaml
+++ b/charts/silverbullet/templates/pvc.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.enabled -}}
+{{- if not .Values.persistence.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "silverbullet.fullname" . }}-pvc
+  labels:
+    {{- include "silverbullet.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "silverbullet.name" . }}
+    # helm.sh/chart: {{ include "silverbullet.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/silverbullet/templates/service.yaml
+++ b/charts/silverbullet/templates/service.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "silverbullet.fullname" . }}
+  labels:
+    {{- include "silverbullet.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "silverbullet.selectorLabels" . | nindent 4 }}
--- a/charts/silverbullet/templates/serviceaccount.yaml
+++ b/charts/silverbullet/templates/serviceaccount.yaml
@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "silverbullet.serviceAccountName" . }}
+  labels:
+    {{- include "silverbullet.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
--- a/charts/silverbullet/templates/tests/test-connection.yaml
+++ b/charts/silverbullet/templates/tests/test-connection.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "silverbullet.fullname" . }}-test-connection"
+  labels:
+    {{- include "silverbullet.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "silverbullet.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
--- a/charts/silverbullet/values.yaml
+++ b/charts/silverbullet/values.yaml
@ -0,0 +1,89 @@
+# Default values for silverbullet.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  repository: zefhemel/silverbullet
+  pullPolicy: IfNotPresent
+  # -- Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # -- Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext:
+  readOnlyRootFilesystem: true
+  runAsNonRoot: true
+  runAsUser: 1000
+  # capabilities:
+  #   drop:
+  #   - ALL
+
+service:
+  type: ClusterIP
+  port: 3000
+
+silverbullet:
+  # -- Enable/disable user and password authentication
+  authentication: true
+  # -- Username to use for logging in
+  user: admin
+  # -- Password to use for logging in
+  pass: silverbullet
+
+persistence:
+  # -- Persistence config for the /space volume
+  enabled: false
+  existingClaim: ""
+  annotations: {}
+  accessMode: ReadWriteOnce
+  storageClass: ""
+  size: 1Gi
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: silverbullet.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: silverbullet-tls
+  #    hosts:
+  #      - silverbullet.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- a/charts/tandoor-recipes/.gitignore
+++ b/charts/tandoor-recipes/.gitignore
@ -0,0 +1 @@
+charts/*.tgz
--- a/charts/tandoor-recipes/.helmignore
+++ b/charts/tandoor-recipes/.helmignore
@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/tandoor-recipes/Chart.lock
+++ b/charts/tandoor-recipes/Chart.lock
@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 15.5.38
+digest: sha256:c133bfa16af929e2c75bbf00d0527d92feda59e14892fd9260f098b3e4a777c1
+generated: "2025-02-11T19:49:24.230917816Z"
--- a/charts/tandoor-recipes/Chart.yaml
+++ b/charts/tandoor-recipes/Chart.yaml
@ -0,0 +1,31 @@
+apiVersion: v2
+name: tandoor-recipes
+description: A Helm chart for Tandoor Recipes, a digital recipe manager
+icon: https://github.com/vabene1111/recipes/raw/develop/docs/logo_color.svg
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.5.31"
+
+dependencies:
+  - name: postgresql
+    version: ^15.5.38
+    repository: https://charts.bitnami.com/bitnami
+    condition: postgresql.enabled
--- a/charts/tandoor-recipes/README.md
+++ b/charts/tandoor-recipes/README.md
@ -0,0 +1,64 @@
+# tandoor-recipes
+
+![Version: 1.1.0](https://img.shields.io/badge/Version-1.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.5.31](https://img.shields.io/badge/AppVersion-1.5.31-informational?style=flat-square)
+
+A Helm chart for Tandoor Recipes, a digital recipe manager
+
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | postgresql | ^15.5.38 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| externalPostgresql.database | string | `"recipes"` |  |
+| externalPostgresql.enabled | bool | `false` | Use an external PostgreSQL database |
+| externalPostgresql.port | int | `5432` |  |
+| externalPostgresql.username | string | `"recipes"` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"ghcr.io/tandoorrecipes/recipes"` |  |
+| image.tag | string | `""` |  |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"recipes.local"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| persistence.media.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.media.annotations | object | `{}` |  |
+| persistence.media.enabled | bool | `false` | Enable persistence for media files |
+| persistence.media.existingClaim | string | `""` |  |
+| persistence.media.size | string | `"1Gi"` |  |
+| persistence.media.storageClass | string | `""` |  |
+| persistence.static.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.static.annotations | object | `{}` |  |
+| persistence.static.enabled | bool | `false` | Enable persistence for static files |
+| persistence.static.existingClaim | string | `""` |  |
+| persistence.static.size | string | `"1Gi"` |  |
+| persistence.static.storageClass | string | `""` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| postgresql.auth.database | string | `"recipes"` |  |
+| postgresql.auth.password | string | `"recipes"` |  |
+| postgresql.auth.username | string | `"recipes"` |  |
+| postgresql.enabled | bool | `true` | Deploy Bitnami PostgreSQL sub-chart |
+| recipes.secretKey | string | `""` | Secret key used by Djano - see https://docs.tandoor.dev/system/configuration/#secret-key |
+| replicaCount | int | `1` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.port | int | `8080` |  |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| tolerations | list | `[]` |  |
+
--- a/charts/tandoor-recipes/templates/NOTES.txt
+++ b/charts/tandoor-recipes/templates/NOTES.txt
@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "tandoor-recipes.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "tandoor-recipes.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "tandoor-recipes.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "tandoor-recipes.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
--- a/charts/tandoor-recipes/templates/_helpers.tpl
+++ b/charts/tandoor-recipes/templates/_helpers.tpl
@ -0,0 +1,140 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "tandoor-recipes.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "tandoor-recipes.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "tandoor-recipes.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "tandoor-recipes.labels" -}}
+helm.sh/chart: {{ include "tandoor-recipes.chart" . }}
+{{ include "tandoor-recipes.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "tandoor-recipes.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "tandoor-recipes.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "tandoor-recipes.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "tandoor-recipes.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "tandoor-recipes.postgresql.fullname" -}}
+{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Set postgres host
+*/}}
+{{- define "tandoor-recipes.postgresql.host" -}}
+{{- if .Values.postgresql.enabled -}}
+{{- template "tandoor-recipes.postgresql.fullname" . -}}
+{{- else -}}
+{{ required "A valid externalPostgresql.host is required" .Values.externalPostgresql.host }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set postgres secret
+*/}}
+{{- define "tandoor-recipes.postgresql.secret" -}}
+{{- if .Values.postgresql.enabled -}}
+{{- template "tandoor-recipes.postgresql.fullname" . -}}
+{{- else -}}
+{{- template "tandoor-recipes.fullname" . -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set postgres port
+*/}}
+{{- define "tandoor-recipes.postgresql.port" -}}
+{{- if .Values.postgresql.enabled -}}
+{{- if .Values.postgresql.service -}}
+{{- .Values.postgresql.service.port | default 5432 }}
+{{- else -}}
+5432
+{{- end -}}
+{{- else -}}
+{{- required "A valid externalPostgresql.port is required" .Values.externalPostgresql.port -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set postgresql username
+*/}}
+{{- define "tandoor-recipes.postgresql.username" -}}
+{{- if .Values.postgresql.enabled -}}
+{{ required "A valid postgresql.auth.username is required" .Values.postgresql.auth.username }}
+{{- else -}}
+{{ required "A valid externalPostgresql.username is required" .Values.externalPostgresql.username }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set postgresql password
+*/}}
+{{- define "tandoor-recipes.postgresql.password" -}}
+{{- if .Values.postgresql.enabled -}}
+{{ required "A valid postgresql.auth.password is required" .Values.postgresql.auth.password }}
+{{- else if not (and .Values.externalPostgresql.existingSecret .Values.externalPostgresql.existingSecretPasswordKey) -}}
+{{ required "A valid externalPostgresql.password is required" .Values.externalPostgresql.password }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set postgresql database
+*/}}
+{{- define "tandoor-recipes.postgresql.database" -}}
+{{- if .Values.postgresql.enabled -}}
+{{- .Values.postgresql.auth.database | default "recipes" }}
+{{- else -}}
+{{ required "A valid externalPostgresql.database is required" .Values.externalPostgresql.database }}
+{{- end -}}
+{{- end -}}
--- a/charts/tandoor-recipes/templates/deployment.yaml
+++ b/charts/tandoor-recipes/templates/deployment.yaml
@ -0,0 +1,109 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "tandoor-recipes.fullname" . }}
+  labels:
+    {{- include "tandoor-recipes.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      {{- include "tandoor-recipes.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "tandoor-recipes.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "tandoor-recipes.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.service.port }}
+              protocol: TCP
+          env:
+            - name: DB_ENGINE
+              value: django.db.backends.postgresql
+            - name: POSTGRES_HOST
+              value: {{ include "tandoor-recipes.postgresql.host" . }}
+            - name: POSTGRES_PORT
+              value: {{ include "tandoor-recipes.postgresql.port" . | quote }}
+            - name: POSTGRES_USER
+              value: {{ include "tandoor-recipes.postgresql.username" . }}
+            {{- if or .Values.postgresql.enabled .Values.externalPostgresql.existingSecret }}
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  {{- if .Values.postgresql.enabled }}
+                  name: {{ .Values.postgresql.existingSecret | default (include "tandoor-recipes.postgresql.fullname" .) }}
+                  key: password
+                  {{- else }}
+                  name: {{ .Values.externalPostgresql.existingSecret }}
+                  key: {{ .Values.externalPostgresql.existingSecretPasswordKey }}
+                  {{- end }}
+            {{- end }}
+            - name: POSTGRES_DB
+              value: {{ include "tandoor-recipes.postgresql.database" . }}
+            - name: SECRET_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: recipes-secret-key
+                  key: password
+          livenessProbe:
+            httpGet:
+              path: /accounts/login/
+              port: http
+          readinessProbe:
+            httpGet:
+              path: /accounts/login/
+              port: http
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+          - name: static
+            mountPath: /opt/recipes/staticfiles
+          - name: media
+            mountPath: /opt/recipes/mediafiles
+      volumes:
+      - name: static
+      {{- if .Values.persistence.static.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.static.existingClaim }}{{ .Values.persistence.static.existingClaim }}{{- else }}{{ template "tandoor-recipes.fullname" . }}-static-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      - name: media
+      {{- if .Values.persistence.media.enabled }}
+        persistentVolumeClaim:
+          claimName: {{ if .Values.persistence.media.existingClaim }}{{ .Values.persistence.media.existingClaim }}{{- else }}{{ template "tandoor-recipes.fullname" . }}-media-pvc{{- end }}
+      {{- else }}
+        emptyDir: {}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/charts/tandoor-recipes/templates/ingress.yaml
+++ b/charts/tandoor-recipes/templates/ingress.yaml
@ -0,0 +1,61 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "tandoor-recipes.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
+  {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
+  {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
+  {{- end }}
+{{- end }}
+{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1
+{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "tandoor-recipes.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
+  ingressClassName: {{ .Values.ingress.className }}
+  {{- end }}
+  {{- if .Values.ingress.tls }}
+  tls:
+    {{- range .Values.ingress.tls }}
+    - hosts:
+        {{- range .hosts }}
+        - {{ . | quote }}
+        {{- end }}
+      secretName: {{ .secretName }}
+    {{- end }}
+  {{- end }}
+  rules:
+    {{- range .Values.ingress.hosts }}
+    - host: {{ .host | quote }}
+      http:
+        paths:
+          {{- range .paths }}
+          - path: {{ .path }}
+            {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
+            pathType: {{ .pathType }}
+            {{- end }}
+            backend:
+              {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else }}
+              serviceName: {{ $fullName }}
+              servicePort: {{ $svcPort }}
+              {{- end }}
+          {{- end }}
+    {{- end }}
+{{- end }}
--- a/charts/tandoor-recipes/templates/pvc-media.yaml
+++ b/charts/tandoor-recipes/templates/pvc-media.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.media.enabled -}}
+{{- if not .Values.persistence.media.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "tandoor-recipes.fullname" . }}-media-pvc
+  labels:
+    {{- include "tandoor-recipes.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "tandoor-recipes.name" . }}
+    # helm.sh/chart: {{ include "tandoor-recipes.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.media.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.media.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.media.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.media.size | quote }}
+{{- if .Values.persistence.media.storageClass }}
+{{- if (eq "-" .Values.persistence.media.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.media.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/tandoor-recipes/templates/pvc-static.yaml
+++ b/charts/tandoor-recipes/templates/pvc-static.yaml
@ -0,0 +1,32 @@
+{{- if .Values.persistence.static.enabled -}}
+{{- if not .Values.persistence.static.existingClaim -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "tandoor-recipes.fullname" . }}-static-pvc
+  labels:
+    {{- include "tandoor-recipes.labels" . | nindent 4 }}
+    # app.kubernetes.io/name: {{ include "tandoor-recipes.name" . }}
+    # helm.sh/chart: {{ include "tandoor-recipes.chart" . }}
+    # app.kubernetes.io/instance: {{ .Release.Name }}
+    # app.kubernetes.io/managed-by: {{ .Release.Service }}
+    # app.kubernetes.io/component: app
+{{- if .Values.persistence.static.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.static.annotations | indent 4 }}
+{{- end }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.static.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.static.size | quote }}
+{{- if .Values.persistence.static.storageClass }}
+{{- if (eq "-" .Values.persistence.static.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.static.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
+{{- end -}}
--- a/charts/tandoor-recipes/templates/secret.yaml
+++ b/charts/tandoor-recipes/templates/secret.yaml
@ -0,0 +1,12 @@
+{{- if empty .Values.secretKey }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: "recipes-secret-key"
+type: Opaque
+data:
+  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "recipes-secret-key") | default dict }}
+  {{- $secretData := (get $secretObj "data") | default dict }}
+  {{- $secretKey := (get $secretData "recipes-secret-key") | default (randAlphaNum 64 | b64enc) }}
+  password: {{ $secretKey | quote }}
+{{- end }}
--- a/charts/tandoor-recipes/templates/service.yaml
+++ b/charts/tandoor-recipes/templates/service.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "tandoor-recipes.fullname" . }}
+  labels:
+    {{- include "tandoor-recipes.labels" . | nindent 4 }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: http
+      protocol: TCP
+      name: http
+  selector:
+    {{- include "tandoor-recipes.selectorLabels" . | nindent 4 }}
--- a/charts/tandoor-recipes/templates/serviceaccount.yaml
+++ b/charts/tandoor-recipes/templates/serviceaccount.yaml
@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "tandoor-recipes.serviceAccountName" . }}
+  labels:
+    {{- include "tandoor-recipes.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
--- a/charts/tandoor-recipes/templates/tests/test-connection.yaml
+++ b/charts/tandoor-recipes/templates/tests/test-connection.yaml
@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "tandoor-recipes.fullname" . }}-test-connection"
+  labels:
+    {{- include "tandoor-recipes.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "tandoor-recipes.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
--- a/charts/tandoor-recipes/values.yaml
+++ b/charts/tandoor-recipes/values.yaml
@ -0,0 +1,116 @@
+# Default values for tandoor-recipes.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: ghcr.io/tandoorrecipes/recipes
+  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+  tag: ""
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # -- Specifies whether a service account should be created
+  create: true
+  # -- Annotations to add to the service account
+  annotations: {}
+  # -- The name of the service account to use. If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+service:
+  type: ClusterIP
+  port: 8080
+
+externalPostgresql:
+  # -- Use an external PostgreSQL database
+  enabled: false
+  # host: postgres
+  port: 5432
+  database: recipes
+  username: recipes
+  # password: recipes
+  # existingSecret: recipes
+  # existingSecretPasswordKey: password
+
+postgresql:
+  # -- Deploy Bitnami PostgreSQL sub-chart
+  enabled: true
+  auth:
+    database: recipes
+    username: recipes
+    password: recipes
+
+
+recipes:
+  # -- Secret key used by Djano - see https://docs.tandoor.dev/system/configuration/#secret-key
+  secretKey: ""
+
+persistence:
+  static:
+    # -- Enable persistence for static files
+    enabled: false
+    existingClaim: ""
+    annotations: {}
+    accessMode: ReadWriteOnce
+    storageClass: ""
+    size: 1Gi
+  media:
+    # -- Enable persistence for media files
+    enabled: false
+    existingClaim: ""
+    annotations: {}
+    accessMode: ReadWriteOnce
+    storageClass: ""
+    size: 1Gi
+
+ingress:
+  enabled: false
+  className: ""
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: recipes.local
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: []
+  #  - secretName: recipes-tls
+  #    hosts:
+  #      - recipes.local
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
--- a/charts/unifi-controller/.gitignore
+++ b/charts/unifi-controller/.gitignore
@ -0,0 +1,2 @@
+values.test.yaml
+charts/*.tgz
--- a/charts/unifi-controller/.helmignore
+++ b/charts/unifi-controller/.helmignore
@ -0,0 +1,26 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+
+# Test values
+values.test.yaml
--- a/charts/unifi-controller/Chart.lock
+++ b/charts/unifi-controller/Chart.lock
@ -0,0 +1,6 @@
+dependencies:
+- name: mongodb
+  repository: https://charts.bitnami.com/bitnami
+  version: 15.3.0
+digest: sha256:f6cc8e47d7f68e327889b4807f488a346c70c7da8c80ea623aa7a1a8c6d95877
+generated: "2024-05-10T21:31:20.762106802+01:00"
--- a/charts/unifi-controller/Chart.yaml
+++ b/charts/unifi-controller/Chart.yaml
@ -0,0 +1,30 @@
+apiVersion: v2
+name: unifi-controller
+description: A Helm chart for the Unifi Controller
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 3.0.1
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "8.1.127"
+
+dependencies:
+  - name: mongodb
+    version: ^15.3.0
+    repository: https://charts.bitnami.com/bitnami
+    condition: mongodb.enabled
--- a/charts/unifi-controller/README.md
+++ b/charts/unifi-controller/README.md
@ -0,0 +1,63 @@
+# unifi-controller
+
+![Version: 3.0.1](https://img.shields.io/badge/Version-3.0.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 8.1.127](https://img.shields.io/badge/AppVersion-8.1.127-informational?style=flat-square)
+
+A Helm chart for the Unifi Controller
+
+## Requirements
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | mongodb | ^15.3.0 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| affinity | object | `{}` |  |
+| config.jvmMemory.limit | string | `"default"` | Integer value in MB or `default` for memory limit for JVM |
+| config.jvmMemory.startup | string | `"default"` | Integer value in MB or `default` for startup memory for JVM |
+| config.timezone | string | `"Etc/UTC"` | Timezone - see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List |
+| externalMongodb.database | string | `"unifi"` |  |
+| externalMongodb.enabled | bool | `false` | Use an external MongoDB database |
+| externalMongodb.port | int | `27017` |  |
+| externalMongodb.username | string | `"unifi"` |  |
+| fullnameOverride | string | `""` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"lscr.io/linuxserver/unifi-network-application"` |  |
+| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
+| imagePullSecrets | list | `[]` |  |
+| ingress.annotations | object | `{}` |  |
+| ingress.className | string | `""` |  |
+| ingress.enabled | bool | `false` |  |
+| ingress.hosts[0].host | string | `"unifi-controller.local"` |  |
+| ingress.hosts[0].paths[0].path | string | `"/"` |  |
+| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` |  |
+| ingress.tls | list | `[]` |  |
+| mongodb.auth.databases[0] | string | `"unifi"` |  |
+| mongodb.auth.passwords[0] | string | `"unifi"` |  |
+| mongodb.auth.rootPassword | string | `"unifi"` |  |
+| mongodb.auth.rootUser | string | `"root"` |  |
+| mongodb.auth.usernames[0] | string | `"unifi"` |  |
+| mongodb.enabled | bool | `true` | Deploy Bitnami MongoDB sub-chart |
+| mongodb.initdbScriptsConfigMap | string | `"initdb-scripts"` |  |
+| nameOverride | string | `""` |  |
+| nodeSelector | object | `{}` |  |
+| persistence.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.annotations | object | `{}` |  |
+| persistence.enabled | bool | `false` |  |
+| persistence.existingClaim | string | `""` |  |
+| persistence.size | string | `"1Gi"` |  |
+| persistence.storageClass | string | `""` |  |
+| podAnnotations | object | `{}` |  |
+| podSecurityContext | object | `{}` |  |
+| resources | object | `{}` |  |
+| securityContext | object | `{}` |  |
+| service.annotations | object | `{}` |  |
+| service.combinedProtocols | bool | `true` | Use the same service for TCP and UDP ports - set to disabled if using a LoadBalancer with MetalLB |
+| service.type | string | `"ClusterIP"` |  |
+| serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
+| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
+| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
+| tolerations | list | `[]` |  |
+
--- a/charts/unifi-controller/templates/NOTES.txt
+++ b/charts/unifi-controller/templates/NOTES.txt
@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "unifi-controller.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "unifi-controller.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "unifi-controller.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "unifi-controller.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
--- a/charts/unifi-controller/templates/_helpers.tpl
+++ b/charts/unifi-controller/templates/_helpers.tpl
@ -0,0 +1,140 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "unifi-controller.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "unifi-controller.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "unifi-controller.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "unifi-controller.labels" -}}
+helm.sh/chart: {{ include "unifi-controller.chart" . }}
+{{ include "unifi-controller.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "unifi-controller.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "unifi-controller.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "unifi-controller.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "unifi-controller.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "unifi-controller.mongodb.fullname" -}}
+{{- printf "%s-%s" .Release.Name "mongodb" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Set mongodb host
+*/}}
+{{- define "unifi-controller.mongodb.host" -}}
+{{- if .Values.mongodb.enabled -}}
+{{- template "unifi-controller.mongodb.fullname" . -}}
+{{- else -}}
+{{ required "A valid externalMongodb.host is required" .Values.externalMongodb.host }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set mongodb secret
+*/}}
+{{- define "unifi-controller.mongodb.secret" -}}
+{{- if .Values.mongodb.enabled -}}
+{{- template "unifi-controller.mongodb.fullname" . -}}
+{{- else -}}
+{{- template "unifi-controller.fullname" . -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set mongodb port
+*/}}
+{{- define "unifi-controller.mongodb.port" -}}
+{{- if .Values.mongodb.enabled -}}
+{{- if .Values.mongodb.service -}}
+{{- .Values.mongodb.service.port | default 27017 }}
+{{- else -}}
+5432
+{{- end -}}
+{{- else -}}
+{{- required "A valid externalMongodb.port is required" .Values.externalMongodb.port -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set mongodb username
+*/}}
+{{- define "unifi-controller.mongodb.username" -}}
+{{- if .Values.mongodb.enabled -}}
+{{ required "A valid mongodb.auth.usernames is required" (first .Values.mongodb.auth.usernames) }}
+{{- else -}}
+{{ required "A valid externalMongodb.username is required" .Values.externalMongodb.username }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set mongodb password
+*/}}
+{{- define "unifi-controller.mongodb.password" -}}
+{{- if .Values.mongodb.enabled -}}
+{{ required "A valid mongodb.auth.passwords is required" (first .Values.mongodb.auth.passwords) }}
+{{- else if not (and .Values.externalMongodb.existingSecret .Values.externalMongodb.existingSecretPasswordKey) -}}
+{{ required "A valid externalMongodb.password is required" .Values.externalMongodb.password }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Set mongodb database
+*/}}
+{{- define "unifi-controller.mongodb.database" -}}
+{{- if .Values.mongodb.enabled -}}
+{{- (first .Values.mongodb.auth.databases) | default "unifi" }}
+{{- else -}}
+{{ required "A valid externalMongodb.database is required" .Values.externalMongodb.database }}
+{{- end -}}
+{{- end -}}
--- a/charts/unifi-controller/templates/configmap.yaml
+++ b/charts/unifi-controller/templates/configmap.yaml
@ -0,0 +1,10 @@
+{{- if .Values.mongodb.enabled -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: initdb-scripts
+data:
+    init-mongo.js: |
+      db = db.getSiblingDB("{{ include "unifi-controller.mongodb.database" . }}");
+      db.grantRolesToUser("{{ include "unifi-controller.mongodb.username" . }}", [{role: "dbOwner", db: "{{ include "unifi-controller.mongodb.database" . }}_stat"}])
+{{- end }}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
dependabot[bot]	7c862dae67	chore(deps): bump helm/chart-releaser-action from 1.6.0 to 1.7.0 (#115 )	2025-04-10 17:10:36 +00:00
Thumbscrew	fc734049d6	feat: add dependabot (#114 )	2025-04-10 17:08:43 +00:00
Thumbscrew	032f9cee76	chore: bump cinny to v4.6.0 (#113 )	2025-04-10 17:01:32 +00:00
Thumbscrew	8b3e446306	chore: bump jellyfin to 10.10.6 (#112 )	2025-03-15 15:42:28 +00:00
Thumbscrew	c715704829	chore: bump cinny to v4.5.1 (#111 )	2025-03-15 14:13:20 +00:00
Thumbscrew	bc3791acbb	chore: bump FreshRSS to 1.26.1 (#110 )	2025-03-15 14:03:33 +00:00
Thumbscrew	37a2e2975f	fix(freshrss): liveness and readiness probes should use the oidc path when OIDC is enabled (#109 )	2025-03-15 14:00:15 +00:00
Thumbscrew	43fcfff735	fix(freshrss): update OIDC_ENABLED env var to 1 as true does not seem to work (#108 )	2025-03-11 17:08:30 +00:00
Thumbscrew	8f2499b55e	feat: add OIDC config for Freshrss (#107 )	2025-03-11 13:09:24 +00:00
Thumbscrew	b9020d4dfe	chore: bump cinny to v4.4.0 (#105 )	2025-02-23 13:18:47 +00:00
Thumbscrew	69a3e98a06	chore: bump cinny to v4.3.2 (#104 )	2025-02-19 22:22:38 +00:00
Thumbscrew	60ac495446	chore: bump cinny to v4.3.0 (#103 )	2025-02-14 11:07:47 +00:00
Thumbscrew	0536cc5aba	chore: bump tandoor-recipes to 1.5.31 and postgres to 15.5.38 (#102 )	2025-02-11 19:59:32 +00:00
Thumbscrew	7fc31fc801	chore: update Jellyfin to 10.10.5 (#101 )	2025-01-25 20:57:25 +00:00
Thumbscrew	b69786527a	chore: bump Cyberchef to 10.19.4 (#100 )	2024-12-27 16:47:29 +00:00
Thumbscrew	ccc8a0fe8f	chore: bump FreshRSS to 1.25.0 (#99 )	2024-12-27 16:43:53 +00:00
Thumbscrew	50613c8765	chore: bump Jellyfin to 10.10.3 (#98 )	2024-12-27 16:38:46 +00:00
Thumbscrew	2d7d16737c	chore: bump cinny to v4.2.3 (#97 )	2024-11-12 12:44:08 +00:00
Thumbscrew	b83e852b9d	chore: bump jellyfin to 10.10.1 (#96 )	2024-11-04 12:12:23 +00:00
Thumbscrew	31ec74eed2	docs: mark focalboard and silverbullet as unmaintained (#95 )	2024-09-23 18:32:45 +00:00
Thumbscrew	00845219c1	chore: bump pgadmin to 8.12 (#94 )	2024-09-23 18:30:49 +00:00
Thumbscrew	f69551bd62	chore: bump pgadmin to 8.7 (#93 )	2024-09-23 18:29:03 +00:00
Thumbscrew	2dcb29f18c	chore: bump pgadmin to 8.6 (#92 )	2024-09-23 18:25:46 +00:00
Thumbscrew	973cf0cdd0	chore: bump freshrss to 1.24.2 (#91 )	2024-09-23 18:20:57 +00:00
Thumbscrew	28149e8509	chore: bump jellyfin to 10.9.11 (#90 )	2024-09-23 18:16:23 +00:00
Thumbscrew	7e9c364644	chore: bump jellyfin to 10.9.10 (#89 )	2024-09-23 18:14:52 +00:00
Thumbscrew	e20a2df69c	chore: bump cinny to v4.2.1 (#88 )	2024-09-23 18:12:19 +00:00
Thumbscrew	33ca25a347	chore: bump silverbullet to 0.9.2 (#87 )	2024-08-18 18:13:23 +00:00
Thumbscrew	71b2429456	chore: bump cyberchef to 10.19.2 (#86 )	2024-08-18 17:35:28 +00:00
Thumbscrew	0760f71bb1	chore: bump cyberchef to 10.19.1 (#85 )	2024-08-18 17:33:39 +00:00
Thumbscrew	a7a3a9a538	chore: bump jellyfin to 10.9.9 (#84 )	2024-08-18 16:21:59 +00:00
Thumbscrew	02343200dd	chore: bump jellyfin to 10.9.8 (#83 )	2024-08-18 16:20:31 +00:00
Thumbscrew	a0acc10dba	chore: bump cinny to v4.1.0 (#82 )	2024-08-16 22:20:59 +00:00
Thumbscrew	8433955b4f	chore: bump cinny to v4.0.3 (#81 )	2024-07-28 12:39:01 +00:00
Thumbscrew	68d3b2a7b1	chore: bump jellyfin to 10.9.7 (#80 )	2024-07-16 20:24:33 +00:00
Thumbscrew	d24860aa5d	feat: CyberChef chart (#79 )	2024-07-13 21:53:53 +00:00
Thumbscrew	b09fbf4303	fix: external mongo values (#78 )	2024-07-13 21:17:11 +00:00
Thumbscrew	ca8620cafe	feat: replace deprecated Unifi controller with Unifi Network Application (#77 )	2024-07-13 15:18:51 +00:00
Thumbscrew	c3ae45852d	chore: bump freshrss to 1.24.1 (#76 )	2024-06-06 20:34:35 +00:00
Thumbscrew	f805f9d579	chore: bump jellyfin to 10.9.6 (#75 )	2024-06-06 20:32:08 +00:00
Thumbscrew	0cde0b894a	chore: bump jellyfin to 10.9.5 (#74 )	2024-06-06 20:30:02 +00:00
Thumbscrew	b53fb31cf6	chore: bump jellyfin to 10.9.4 (#73 )	2024-06-06 20:27:56 +00:00
Thumbscrew	1203b8a693	chore: bump jellyfin to 10.9.3 (#72 )	2024-05-27 19:22:34 +00:00
Thumbscrew	e609c9f122	chore: bump jellyfin to 10.9.2 (#71 )	2024-05-25 16:30:48 +00:00
Thumbscrew	1577d19b31	chore: bump freshrss to 1.24.0 (#70 )	2024-05-25 16:24:34 +00:00
Thumbscrew	8404c02d02	chore: bump pgadmin to 8.5 (#69 )	2024-04-06 16:07:31 +00:00
Thumbscrew	8d96241dc9	chore: update tandoor-recipes to 1.5.16 (#68 ) update bitnami-postgresql to 15.2.4 revert startupProbe to readinessProbe	2024-04-06 16:04:35 +00:00
Thumbscrew	b70163cea1	fix: increase startupProbe failureThreshold (#67 )	2024-03-18 20:08:50 +00:00
Thumbscrew	25c69e5cb3	chore: bump pgadmin to 8.4 (#66 )	2024-03-16 18:05:09 +00:00
Thumbscrew	4ec99d4e9a	chore: bump pgadmin to 8.3 (#65 )	2024-03-16 18:03:27 +00:00
Thumbscrew	515ccba8b7	chore: bump silverbullet to 0.7.6 (#64 )	2024-03-16 17:54:10 +00:00
Thumbscrew	829030e476	chore: bump tandoor 1.5.14 (#63 )	2024-03-16 17:29:41 +00:00
Thumbscrew	85673aae0a	chore: bump tandoor-recipes to 1.5.13 (#62 )	2024-03-16 16:20:51 +00:00
Thumbscrew	0edd260675	chore: bump tandoor-recipes to 1.5.12 (#61 )	2024-03-16 16:17:45 +00:00
Thumbscrew	2e0637bcd7	chore: upgrade postgresql chart to 14.3.3 (#60 )	2024-03-16 16:14:16 +00:00
Thumbscrew	cb85166fd3	chore: upgrade actions/checkout to v4 (#59 )	2024-03-06 21:47:55 +00:00
Thumbscrew	b25ecdc938	chore: bump silverbullet to 0.7.5 (#58 )	2024-02-29 23:08:42 +00:00
Thumbscrew	b1403ccd9c	chore: bump silverbullet to 0.7.3 (#57 )	2024-02-27 19:21:10 +00:00
Thumbscrew	2c625fe9ae	chore: bump helm in workflows to 3.14.1 (#56 )	2024-02-14 21:57:00 +00:00
Thumbscrew	3909f439ed	chore: update setup-helm action to v4 (#55 )	2024-02-14 21:49:47 +00:00
Thumbscrew	1c27124be9	feat: SilverBullet chart (#54 )	2024-02-14 21:39:42 +00:00
Thumbscrew	ae11cb1378	fix: missing postgres password when using existing secret in tandoor-recipes (#53 )	2024-01-29 15:37:05 +00:00
Thumbscrew	a8593ca31e	fix: bump tandoor-recipes chart version to force re-release (#52 )	2024-01-29 14:48:16 +00:00
Thumbscrew	b0aacfda3d	fix: add Bitnami repo to helm before releasing charts (#51 )	2024-01-29 14:44:41 +00:00
Thumbscrew	80ba067911	feat: Tandoor recipes chart (#50 )	2024-01-29 14:37:59 +00:00
Thumbscrew	03ffb38197	chore: bump pgadmin to 8.2 (#49 )	2024-01-20 12:51:48 +00:00
Thumbscrew	3c9e112232	chore: bump chart-releaser action to 1.6.0 (#48 )	2024-01-20 12:48:33 +00:00
Thumbscrew	3667ed5e07	chore: bump freshrss to 1.23.1 (#47 )	2024-01-04 21:40:07 +00:00
Thumbscrew	39904dba6a	chore: bump pgadmin to 8.1 (#46 )	2023-12-24 16:08:53 +00:00
Thumbscrew	c1355e3f30	chore: bump freshrss to 1.23.0 (#45 )	2023-12-24 16:05:01 +00:00
Thumbscrew	a7e041aff6	chore: bump jellyfin to 10.8.13 (#44 )	2023-11-29 20:47:46 +00:00
Thumbscrew	9c224b0b93	chore: bump Unifi controller appVersion to 8.0.7 (#43 )	2023-11-27 22:47:46 +00:00
Thumbscrew	7cefb6dfdf	feat: bump pgAdmin appVersion to 8.0 (#42 )	2023-11-27 22:40:09 +00:00
Thumbscrew	4e3f267474	chore: bump freshrss appVersion to 1.22.1 (#41 )	2023-11-15 22:04:15 +00:00
Thumbscrew	bc274c2069	chore: bump freshrss appVersion to 1.22.0 (#40 )	2023-11-15 21:59:44 +00:00
Thumbscrew	02b710ee02	feat: update Jellyfin healthcheck to use /health (#39 )	2023-11-06 23:23:00 +00:00
Thumbscrew	a427ad6fa0	chore: bump unifi to 7.5.187 (#38 )	2023-11-05 22:10:10 +00:00
Thumbscrew	6c80c22cab	chore: bump Cinny to 3.2.0 (#37 )	2023-11-05 22:01:38 +00:00
Thumbscrew	9ab5dc4379	chore: bump Jellyfin to 10.8.12 (#36 )	2023-11-05 22:00:24 +00:00
Thumbscrew	0ba7640c12	chore: bump Cinny to 3.1.0 (#35 )	2023-10-27 16:26:46 +01:00
Thumbscrew	59da75e15d	fix: typo in Jellyfin chart (#34 )	2023-10-23 23:52:36 +01:00
Thumbscrew	f11c08b4ca	fix: add missing PublishedServerUrl config option (#33 )	2023-10-23 23:47:04 +01:00
Thumbscrew	b76c06fed4	fix: various Jellyfin chart bugs (#32 )	2023-10-23 23:37:07 +01:00
Thumbscrew	a0dd2a5eab	feat: Jellyfin chart (#31 )	2023-10-23 22:06:45 +01:00
Thumbscrew	1e71c8f79d	chore: bump Cinny to v3.0.0 (#30 )	2023-10-22 13:40:51 +01:00
Thumbscrew	df63f72724	chore: bump pgadmin to 7.8 (#29 )	2023-10-19 21:33:05 +01:00
Thumbscrew	73dff6e67e	chore: bump pgadmin to 7.7 (#28 )	2023-09-23 15:18:30 +01:00
Thumbscrew	c11351b80e	chore: bump unifi controller chart to 7.5.174 (#27 )	2023-09-23 15:00:20 +01:00
Thumbscrew	2fdc84e9b1	chore: bump pgadmin to 7.6 (#26 )	2023-09-07 23:10:07 +01:00
Thumbscrew	d971b9c838	chore: bump pgadmin to 7.5 (#25 )	2023-09-07 23:05:54 +01:00
Thumbscrew	0db9a85829	feat: add missing DB config to FreshRSS autoinstall (#24 )	2023-07-21 18:52:04 +01:00
Thumbscrew	b05307c782	chore: bump pgadmin to 7.4 (#23 )	2023-07-13 20:34:22 +01:00
Thumbscrew	364b23444e	chore: bump unifi to 7.4.162 (#22 )	2023-07-13 20:22:45 +01:00
Thumbscrew	79ccf8ad7d	chore: bump unifi chart appVersion to 7.4.156 (#21 )	2023-06-10 12:21:45 +01:00
Thumbscrew	455aa95d76	docs: add helm-docs to focalboard (#20 )	2023-05-25 13:54:00 +01:00
Thumbscrew	31876251ed	docs: fix duplicated URL (#19 )	2023-05-25 13:48:30 +01:00
Thumbscrew	874800bc2c	feat: focalboard chart (#18 )	2023-05-25 13:45:37 +01:00
Thumbscrew	84df69e04f	chore: update helm to 3.12.0 in lint-charts (#17 )	2023-05-25 13:11:24 +01:00
Thumbscrew	ba2ce1802a	chore: add README and LICENSE (#16 )	2023-05-25 13:09:30 +01:00
Thumbscrew	f19dc95826	feat: add path filter to chart-releaser and update deps (#15 )	2023-05-25 12:51:33 +01:00
Thumbscrew	bf2eb55b57	feat: new pgAdmin4 chart (#14 )	2023-04-30 19:20:19 +01:00
Thumbscrew	3108620dc4	chore: bump all chart versions following README updates (#13 )	2023-04-26 21:51:53 +01:00
Thumbscrew	6b0b80b27d	docs: add helm docs (#12 )	2023-04-26 21:44:19 +01:00
Thumbscrew	a34f4a61cf	fix: bump Cinny chart version (#11 )	2023-03-30 19:05:55 +01:00
Thumbscrew	3c7783daeb	feat: bump Cinny to 2.2.6 (#10 )	2023-03-30 19:04:05 +01:00
Thumbscrew	ee4f1603e0	feat: update health check path for FreshRSS (#9 )	2023-03-27 22:23:15 +01:00
Thumbscrew	8cf887a0be	feat: unifi-controller chart (#8 )	2023-03-26 21:16:41 +01:00
Thumbscrew	1737e1b68d	chore: bump freshrss chart to 1.21.0 (#7 )	2023-03-06 11:15:21 +00:00
Thumbscrew	0e9277e4cb	feat(freshrss): add configuration to enable cron (#6 )	2023-02-05 15:10:49 +00:00
Thumbscrew	e2341daf14	chore(cinny): bump Cinny to 2.2.4 (#5 )	2023-01-30 10:17:41 +00:00