From 6cf9ce480877ea5839b719cf932dd1b4a3a50d57 Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 17:26:03 +0000 Subject: [PATCH 1/9] add managing config.ini file as part of chart --- charts/trilium/templates/config.yaml | 44 +++++++++++++++++++++++++++ charts/trilium/templates/release.yaml | 9 ++++++ 2 files changed, 53 insertions(+) create mode 100644 charts/trilium/templates/config.yaml diff --git a/charts/trilium/templates/config.yaml b/charts/trilium/templates/config.yaml new file mode 100644 index 0000000..99de12a --- /dev/null +++ b/charts/trilium/templates/config.yaml @@ -0,0 +1,44 @@ +{{- define "trilium.configini" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-config + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: {{ .Chart.Name }} + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }} +data: + config.ini: | + [General] + # Instance name can be used to distinguish between different instances using backend api.getInstanceName() + instanceName= + + # set to true to allow using Trilium without authentication (makes sense for server build only, desktop build doesn't need password) + noAuthentication=false + + # set to true to disable backups (e.g. because of limited space on server) + noBackup=false + + # Disable automatically generating desktop icon + # noDesktopIcon=true + + [Network] + # host setting is relevant only for web deployments - set the host on which the server will listen + # host=0.0.0.0 + # port setting is relevant only for web deployments, desktop builds run on a fixed port (changeable with TRILIUM_PORT environment variable) + port=8080 + # true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure). + https=false + # path to certificate (run "bash bin/generate-cert.sh" to generate self-signed certificate). Relevant only if https=true + certPath= + keyPath= + # setting to give trust to reverse proxies, a comma-separated list of trusted rev. proxy IPs can be specified (CIDR notation is permitted), + # alternatively 'true' will make use of the leftmost IP in X-Forwarded-For, ultimately an integer can be used to tell about the number of hops between + # Trilium (which is hop 0) and the first trusted rev. proxy. + # once set, expressjs will use the X-Forwarded-For header set by the rev. proxy to determinate the real IPs of clients. + # expressjs shortcuts are supported: loopback(127.0.0.1/8, ::1/128), linklocal(169.254.0.0/16, fe80::/10), uniquelocal(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7) + trustedReverseProxy=true +{{ end }} + diff --git a/charts/trilium/templates/release.yaml b/charts/trilium/templates/release.yaml index cdd186c..dbadae6 100644 --- a/charts/trilium/templates/release.yaml +++ b/charts/trilium/templates/release.yaml @@ -55,6 +55,14 @@ persistence: globalMounts: - path: /home/node/trilium-data readOnly: false + config: + enabled: true + type: configMap + name: {{ .Release.Name }}-config + mountPath: /home/node/trilium-data/config.ini + subPath: config.ini + readOnly: true + service: main: @@ -75,4 +83,5 @@ service: # Merge with ALL the values in `values.yaml` {{- $_ := mergeOverwrite .Values $ctx.Values -}} {{- $_ = include "trilium.hardcodedValues" . | fromYaml | merge $ctx.Values -}} +{{- $_ = include "trilium.configini" . | fromYaml | merge $ctx.Values -}} {{- include "bjw-s.common.loader.all" $ctx }} From ad402be47bc28bae4721ba77ee857cbe6ebe9f00 Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 17:47:05 +0000 Subject: [PATCH 2/9] have config added in manifest --- charts/trilium/templates/config.yaml | 2 -- charts/trilium/templates/release.yaml | 1 - 2 files changed, 3 deletions(-) diff --git a/charts/trilium/templates/config.yaml b/charts/trilium/templates/config.yaml index 99de12a..e1e8a7a 100644 --- a/charts/trilium/templates/config.yaml +++ b/charts/trilium/templates/config.yaml @@ -1,4 +1,3 @@ -{{- define "trilium.configini" -}} apiVersion: v1 kind: ConfigMap metadata: @@ -40,5 +39,4 @@ data: # once set, expressjs will use the X-Forwarded-For header set by the rev. proxy to determinate the real IPs of clients. # expressjs shortcuts are supported: loopback(127.0.0.1/8, ::1/128), linklocal(169.254.0.0/16, fe80::/10), uniquelocal(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7) trustedReverseProxy=true -{{ end }} diff --git a/charts/trilium/templates/release.yaml b/charts/trilium/templates/release.yaml index dbadae6..50f7585 100644 --- a/charts/trilium/templates/release.yaml +++ b/charts/trilium/templates/release.yaml @@ -83,5 +83,4 @@ service: # Merge with ALL the values in `values.yaml` {{- $_ := mergeOverwrite .Values $ctx.Values -}} {{- $_ = include "trilium.hardcodedValues" . | fromYaml | merge $ctx.Values -}} -{{- $_ = include "trilium.configini" . | fromYaml | merge $ctx.Values -}} {{- include "bjw-s.common.loader.all" $ctx }} From 1215f5a7441e282d0e07107901c6b51b97f75a8e Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 18:52:55 +0000 Subject: [PATCH 3/9] enable controlling config.ini in chart values --- charts/trilium/templates/config.yaml | 18 +++++++++--------- charts/trilium/templates/release.yaml | 6 ++++-- charts/trilium/values.yaml | 17 +++++++++++++++++ 3 files changed, 30 insertions(+), 11 deletions(-) diff --git a/charts/trilium/templates/config.yaml b/charts/trilium/templates/config.yaml index e1e8a7a..62323fa 100644 --- a/charts/trilium/templates/config.yaml +++ b/charts/trilium/templates/config.yaml @@ -12,31 +12,31 @@ data: config.ini: | [General] # Instance name can be used to distinguish between different instances using backend api.getInstanceName() - instanceName= + instanceName={{ .Values.trilium.config.general.instanceName }} # set to true to allow using Trilium without authentication (makes sense for server build only, desktop build doesn't need password) - noAuthentication=false + noAuthentication={{ .Values.trilium.config.general.noAuthentication }} # set to true to disable backups (e.g. because of limited space on server) - noBackup=false + noBackup={{ .Values.trilium.config.general.noBackup }} # Disable automatically generating desktop icon # noDesktopIcon=true [Network] # host setting is relevant only for web deployments - set the host on which the server will listen - # host=0.0.0.0 + host={{ .Values.trilium.config.network.host }} # port setting is relevant only for web deployments, desktop builds run on a fixed port (changeable with TRILIUM_PORT environment variable) - port=8080 + port={{ .Values.trilium.config.network.port }} # true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure). - https=false + https={{ .Values.trilium.config.network.https }} # path to certificate (run "bash bin/generate-cert.sh" to generate self-signed certificate). Relevant only if https=true - certPath= - keyPath= + certPath={{ .Values.trilium.config.network.certPath }} + keyPath={{ .Values.trilium.config.network.keyPath }} # setting to give trust to reverse proxies, a comma-separated list of trusted rev. proxy IPs can be specified (CIDR notation is permitted), # alternatively 'true' will make use of the leftmost IP in X-Forwarded-For, ultimately an integer can be used to tell about the number of hops between # Trilium (which is hop 0) and the first trusted rev. proxy. # once set, expressjs will use the X-Forwarded-For header set by the rev. proxy to determinate the real IPs of clients. # expressjs shortcuts are supported: loopback(127.0.0.1/8, ::1/128), linklocal(169.254.0.0/16, fe80::/10), uniquelocal(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7) - trustedReverseProxy=true + trustedReverseProxy={{ .Values.trilium.config.network.trustedReverseProxy }} diff --git a/charts/trilium/templates/release.yaml b/charts/trilium/templates/release.yaml index 50f7585..6b7a997 100644 --- a/charts/trilium/templates/release.yaml +++ b/charts/trilium/templates/release.yaml @@ -59,9 +59,11 @@ persistence: enabled: true type: configMap name: {{ .Release.Name }}-config - mountPath: /home/node/trilium-data/config.ini - subPath: config.ini readOnly: true + globalMounts: + - path: /home/node/trilium-data/config.ini + subPath: config.ini + service: diff --git a/charts/trilium/values.yaml b/charts/trilium/values.yaml index 3c8f630..b5b1f4e 100644 --- a/charts/trilium/values.yaml +++ b/charts/trilium/values.yaml @@ -19,6 +19,23 @@ persistence: enabled: true type: persistentVolumeClaim existingClaim: + +# This is used to modify the config.ini of the Trilium instance +trilium: + config: + general: + instanceName: "" + # Disable authentication to Trilium? (if you're running it on a private network, or have authentication handled by another component) + noAuthentication: false + # Disable backups of the database? + noBackup: false + network: + host: "0.0.0.0" + port: 8081 + https: false + certPath: "" + keyPath: "" + trustedReverseProxy: true #ingress: # main: # enabled: true From a1164615cf37c380260bc266c78f0abfd8209957 Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 18:57:56 +0000 Subject: [PATCH 4/9] this should be 8080 by default --- charts/trilium/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/trilium/values.yaml b/charts/trilium/values.yaml index b5b1f4e..6b68b47 100644 --- a/charts/trilium/values.yaml +++ b/charts/trilium/values.yaml @@ -31,7 +31,7 @@ trilium: noBackup: false network: host: "0.0.0.0" - port: 8081 + port: 8080 https: false certPath: "" keyPath: "" From dd0ed206f0e3bc07a446c12c84c9b6adbf6f4274 Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 19:04:00 +0000 Subject: [PATCH 5/9] increment chart version --- charts/trilium/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/trilium/Chart.yaml b/charts/trilium/Chart.yaml index 6ad5279..5111298 100644 --- a/charts/trilium/Chart.yaml +++ b/charts/trilium/Chart.yaml @@ -8,7 +8,7 @@ description: |- Build your personal knowledge base with Trilium Notes. A hierarchical note taking application with focus on building large personal knowledge bases. annotations: category: Notes -version: 1.1.1 +version: 1.2.0 appVersion: 0.90.4 kubeVersion: ">= 1.19" dependencies: From 57b9055c987fbd2025e625c295289c637705522f Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 19:04:23 +0000 Subject: [PATCH 6/9] change key for config.ini in values.yaml --- charts/trilium/templates/config.yaml | 18 ++++++++--------- charts/trilium/values.yaml | 29 ++++++++++++++-------------- 2 files changed, 23 insertions(+), 24 deletions(-) diff --git a/charts/trilium/templates/config.yaml b/charts/trilium/templates/config.yaml index 62323fa..50c345c 100644 --- a/charts/trilium/templates/config.yaml +++ b/charts/trilium/templates/config.yaml @@ -12,31 +12,31 @@ data: config.ini: | [General] # Instance name can be used to distinguish between different instances using backend api.getInstanceName() - instanceName={{ .Values.trilium.config.general.instanceName }} + instanceName={{ .Values.configini.general.instanceName }} # set to true to allow using Trilium without authentication (makes sense for server build only, desktop build doesn't need password) - noAuthentication={{ .Values.trilium.config.general.noAuthentication }} + noAuthentication={{ .Values.configini.general.noAuthentication }} # set to true to disable backups (e.g. because of limited space on server) - noBackup={{ .Values.trilium.config.general.noBackup }} + noBackup={{ .Values.configini.general.noBackup }} # Disable automatically generating desktop icon # noDesktopIcon=true [Network] # host setting is relevant only for web deployments - set the host on which the server will listen - host={{ .Values.trilium.config.network.host }} + host={{ .Values.configini.network.host }} # port setting is relevant only for web deployments, desktop builds run on a fixed port (changeable with TRILIUM_PORT environment variable) - port={{ .Values.trilium.config.network.port }} + port={{ .Values.configini.network.port }} # true for TLS/SSL/HTTPS (secure), false for HTTP (unsecure). - https={{ .Values.trilium.config.network.https }} + https={{ .Values.configini.network.https }} # path to certificate (run "bash bin/generate-cert.sh" to generate self-signed certificate). Relevant only if https=true - certPath={{ .Values.trilium.config.network.certPath }} - keyPath={{ .Values.trilium.config.network.keyPath }} + certPath={{ .Values.configini.network.certPath }} + keyPath={{ .Values.configini.network.keyPath }} # setting to give trust to reverse proxies, a comma-separated list of trusted rev. proxy IPs can be specified (CIDR notation is permitted), # alternatively 'true' will make use of the leftmost IP in X-Forwarded-For, ultimately an integer can be used to tell about the number of hops between # Trilium (which is hop 0) and the first trusted rev. proxy. # once set, expressjs will use the X-Forwarded-For header set by the rev. proxy to determinate the real IPs of clients. # expressjs shortcuts are supported: loopback(127.0.0.1/8, ::1/128), linklocal(169.254.0.0/16, fe80::/10), uniquelocal(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7) - trustedReverseProxy={{ .Values.trilium.config.network.trustedReverseProxy }} + trustedReverseProxy={{ .Values.configini.network.trustedReverseProxy }} diff --git a/charts/trilium/values.yaml b/charts/trilium/values.yaml index 6b68b47..48a5578 100644 --- a/charts/trilium/values.yaml +++ b/charts/trilium/values.yaml @@ -21,21 +21,20 @@ persistence: existingClaim: # This is used to modify the config.ini of the Trilium instance -trilium: - config: - general: - instanceName: "" - # Disable authentication to Trilium? (if you're running it on a private network, or have authentication handled by another component) - noAuthentication: false - # Disable backups of the database? - noBackup: false - network: - host: "0.0.0.0" - port: 8080 - https: false - certPath: "" - keyPath: "" - trustedReverseProxy: true +configini: + general: + instanceName: "" + # Disable authentication to Trilium? (if you're running it on a private network, or have authentication handled by another component) + noAuthentication: false + # Disable backups of the database? + noBackup: false + network: + host: "0.0.0.0" + port: 8080 + https: false + certPath: "" + keyPath: "" + trustedReverseProxy: true #ingress: # main: # enabled: true From f8b235b8e9dc120df6f972c3ffcb099c9bdbca96 Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 19:04:28 +0000 Subject: [PATCH 7/9] update .gitignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 6475961..eda2450 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,5 @@ __snapshot__/ _site/output1.yaml output* + +*.tgz \ No newline at end of file From d76cb7cbfcd3dc84cb75bcc2ac94deef186e58d0 Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 19:22:26 +0000 Subject: [PATCH 8/9] don't mount the config when fixperms is running --- charts/trilium/templates/release.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/charts/trilium/templates/release.yaml b/charts/trilium/templates/release.yaml index 6b7a997..8cd462f 100644 --- a/charts/trilium/templates/release.yaml +++ b/charts/trilium/templates/release.yaml @@ -60,9 +60,11 @@ persistence: type: configMap name: {{ .Release.Name }}-config readOnly: true - globalMounts: - - path: /home/node/trilium-data/config.ini - subPath: config.ini + advancedMounts: + main: + trilium: + - path: /home/node/trilium-data/config.ini + subPath: config.ini From 6834e42a48f065a3845b2c6ae918b7f179666fe8 Mon Sep 17 00:00:00 2001 From: perf3ct Date: Wed, 18 Sep 2024 20:05:11 +0000 Subject: [PATCH 9/9] update README with new values.yaml section explanation --- README.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/README.md b/README.md index 2050300..01a9e61 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,27 @@ controllers: type: daemonset ``` +## Modifying the `config.ini` + +Trilium also has a `config.ini` that allows you to [modify some values](https://github.com/TriliumNext/Notes/blob/7ca4cddc5868f4a80b8804ad93a35bf4bc8cc812/config-sample.ini). The values you set within them are mostly self-explanatory, but if you need to change any of the values, modify the following section within the `values.yaml` to the value you want them to be. + +```yaml +configini: + general: + instanceName: "" + # Disable authentication to Trilium? (if you're running it on a private network, or have authentication handled by another component) + noAuthentication: false + # Disable backups of the database? + noBackup: false + network: + host: "0.0.0.0" + port: 8080 + https: false + certPath: "" + keyPath: "" + trustedReverseProxy: true +``` + ## Development To use Helm in order to create the individual Kubernetes manifests needed to deploy it "by hand", you can use the following commands: