docs: update readme to v1 changes (#30)

Co-authored-by: xeruf <27jf@pm.me>
Reviewed-on: #30
Reviewed-by: konrad <k@knt.li>
Co-authored-by: xeruf <git@jfischer.org>
Co-committed-by: xeruf <git@jfischer.org>

.drone.yml

@@ -42,9 +42,10 @@ steps:
     commands:
       - helm dependency update
       - helm package .
-      - curl --user "frederick:$HELM_PASSWORD" -X POST --upload-file vikunja-*.tgz https://kolaente.dev/api/packages/vikunja/helm/api/charts
+      - echo $${HELM_PASSWORD} | helm registry login -u frederick --password-stdin kolaente.dev/vikunja
+      - helm push vikunja-*.tgz oci://kolaente.dev/vikunja   
 ---
 kind: signature
-hmac: 993135e828384d9938343750ed3164c2ae702b87118d28b74ae3e1f522403f61
+hmac: 0f07e164aa169160b10e2813884d8de17a207ac10d4b3f03026e0a9a175acb83
 
 ...

Chart.lock

@@ -1,12 +1,12 @@
 dependencies:
 - name: redis
   repository: https://charts.bitnami.com/bitnami
-  version: 17.11.6
+  version: 18.6.3
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
-  version: 12.1.9
+  version: 16.3.0
 - name: common
   repository: https://bjw-s.github.io/helm-charts
   version: 1.5.1
-digest: sha256:efadd6fed4908e6062d0d227177d5d650e5fe5b9c94f1cc99feb33ce3a1d0916
-generated: "2023-10-05T14:21:22.588364801-07:00"
+digest: sha256:4a2313f157c919ad08b4e8e425e564baf268b3c72fc625d9da5e4d2aada64191
+generated: "2024-12-13T12:48:20.656317575+01:00"

Chart.yaml

@@ -2,25 +2,25 @@ apiVersion: v2
 type: application
 name: vikunja
 home: https://kolaente.dev/vikunja/helm-chart
-icon: https://kolaente.dev/vikunja/helm-chart/raw/commit/d1f609a6c4b4d06c793611f3af812c98e07d502b/icon.png
+icon: https://kolaente.dev/vikunja/helm-chart/raw/main/icon.png
 deprecated: false
 description: |-
   The open-source, self-hostable to-do app. Organize everything, on all platforms.
-  Also one of the two wild South American camelids which live in
-  the high alpine areas of the Andes and a relative of the llama.
 annotations:
   category: TaskTracker
-version: 0.3.0
-appVersion: 0.21.0
+version: 1.0.0
+appVersion: 0.24.6
 kubeVersion: ">= 1.19"
 dependencies:
 - name: redis
   repository: https://charts.bitnami.com/bitnami
-  version: 17.11.6
+  # TODO Consider switch to valkey - staying with pre-fork redis 7.2.4 for now
+  version: 18.6.3
   condition: redis.enabled
 - name: postgresql
-  version: 12.1.9
   repository: https://charts.bitnami.com/bitnami
+  # https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml
+  version: 16.4.5 # Postgres 17.2
   condition: postgresql.enabled
 - name: common
   repository: https://bjw-s.github.io/helm-charts
@@ -30,15 +30,12 @@ keywords:
 - todo
 - to-do
 - task
-- tack-tracker
+- task-tracker
 - project-management
 - self-hosted
 maintainers:
 - name: Vikunja
   url: https://vikunja.io
-- name: Yurii Vlasov
-  email: yuriy@vlasov.pro
-  url: https://vlasov.pro
 sources:
 - https://kolaente.dev/vikunja/helm-chart
 - https://vikunja.io

README.md

@@ -1,27 +1,69 @@
-Vikunja Helm Chart
-===
+# Vikunja Helm Chart
 
-This Helm Chart deploys both the Vikunja [frontend](https://hub.docker.com/r/vikunja/frontend) and Vikunja [api](https://hub.docker.com/r/vikunja/api) containers, in addition to other Kubernetes resources so that you'll have a fully functioning Vikunja deployment quickly. Also, you can deploy Bitnami's [PostgreSQL](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) and [Redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) as subcharts if you want, as Vikunja can utilize them as its database and caching mechanism (respectively).
+This Helm Chart deploys the [Vikunja](https://hub.docker.com/r/vikunja/vikunja) container
+in addition to other Kubernetes resources for a full-featured Vikunja deployment.
+This includes Bitnami's [PostgreSQL](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) 
+and [Redis](https://github.com/bitnami/charts/tree/main/bitnami/redis) as subcharts if you want,
+so Vikunja can use them as database and cache respectively.
 
-## Requirements
+See https://artifacthub.io/packages/helm/vikunja/vikunja 
+for version information and installation instructions.
 
-- Kubernetes >= 1.19  
-- Helm >= 3
+## Upgrading to v1
+
+Both Vikunja containers got merged into one with Vikunja version 0.23.
+A separate `frontend` configuration is now obsolete,
+so deleting that and renaming the key `api` to `vikunja`
+should "just work".
+The only other major change is that the `configMaps.config` key was renamed to `api-config` 
+to highlight again that it only applies to the API.
+The Configmap name in the cluster stays the same.
 
 ## Quickstart
 
-The majority of default values defined in `values.yaml` should be compatible for your deployment. Additionally, if you utilize an Ingress for both the API and Frontend, you will be able to access the frontend out of the box. However, it won't have any default credentials. So, you'll need to create an account using the registration button.
+Define ingress settings according to your controller to access the application.
+You can configure Vikunja API options as yaml under `vikunja.configMaps.api-config.data.config.yml`:
+https://vikunja.io/docs/config-options
 
-That should be it!
+For example, you can disable registration (if you do not with to allow others to register on your Vikunja),
+by providing the following values in your `values.yaml`:
+
+```yaml
+vikunja:
+  configMaps:
+    api-config:
+      enabled: true
+      data:
+        config.yml:
+          service:
+            enableregistration: false
+```
+
+You can still create new users by executing the following command in the `vikunja` container:
+
+```bash
+./vikunja user create --email <user@email.com> --user <user1> --password <password123>
+```
+
+## Advanced Features
+
+### Replicas
+
+To effectively run multiple replicas of the API, 
+make sure to set up the redis cache as well
+by setting `vikunja.configMaps.api-config.data.config.yml.keyvalue.type` to `redis`,
+configuring the redis subchart (see [values.yaml](./values.yaml#L119))
+and the connection [in Vikunja](https://vikunja.io/docs/config-options/#redis)
 
 ### Use an existing file volume claim
 
-In the `values.yaml` file, you can either define your own existing Persistent Volume Claim (PVC) or have the chart create one on your behalf.
+In the `values.yaml` file, you can either define your own existing Persistent Volume Claim (PVC) 
+or have the chart create one on your behalf.
 
 To have the chart use your pre-existing PVC:
 
 ```yaml
-api:
+vikunja:
   persistence:
     data:
       enabled: true
@@ -32,59 +74,96 @@ To have the chart create one on your behalf:
 
 ```yaml
 # You can find the default values 
-api:
+vikunja:
   enabled: true
   persistence:
     data:
       enabled: true
       accessMode: ReadWriteOnce
       size: 10Gi
+      mountPath: /app/vikunja/files
       storageClass: storage-class
 ```
 
+### Utilizing environment variables from Kubernetes secrets
+
+Each environment variable that is "injected" into a pod can be sourced from a Kubernetes secret.
+This is useful when you wish to add values that you would rather keep as secrets in your GitOps repo
+as environment variables in the pods.
+
+Assuming that you had a Kubernetes secret named `vikunja-env`, 
+this is how you would add the value stored at key `VIKUNJA_DATABASE_PASSWORD` as the environment variable named `VIKUNJA_DATABASE_PASSWORD`:
+
+```yaml
+vikunja:
+  env:
+    VIKUNJA_DATABASE_PASSWORD:
+      valueFrom:
+        secretKeyRef:
+          name: vikunja-env
+          key: VIKUNJA_DATABASE_PASSWORD
+    VIKUNJA_DATABASE_USERNAME: "db-user"
+```
+
+If the keys within the secret are the names of environment variables,
+you can simplify passing multiple values to this:
+
+```yaml
+vikunja:
+  envFrom:
+    - secretRef:
+      name: vikunja-secret-env
+  env:
+    VIKUNJA_DATABASE_USERNAME: "db-user"
+```
+
+This will add all keys within the Kubernetes secret named `vikunja-secret-env` as environment variables to the `vikunja` pod. Additionally, if you did not have the key `VIKUNJA_DATABASE_USERNAME` in the `vikunja-secret-env` secret, you could still define it as an environment variable seen above.
+
+How the `envFrom` key works can be seen [here](https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L155).
+
+### Utilizing a Kubernetes secret as the `config.yml` file instead of a ConfigMap
+
+If you did not wish to use the ConfigMap provided by the chart, and instead wished to mount your own Kubernetes secret as the `config.yml` file in the `vikunja` pod, you could provide values such as the following (assuming `asdf-my-custom-secret1` was the name of the secret that had the `config.yml` file):
+
+```yaml
+vikunja:
+  persistence:
+    config:
+      type: secret
+      name: asdf-my-custom-secret1
+```
+
+Then your secret should look something like the following so that it will mount properly:
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: asdf-my-custom-secret1
+  namespace: vikunja
+type: Opaque
+stringData:
+  config.yml: |
+    key1: value1
+    key2: value2
+    key3: value3
+```
+
 ### Modifying Deployed Resources
 
-Often times, modifications need to be made to a Helm chart to allow it to operate in your Kubernetes cluster. By utilizing bjw-s's `common` library, there are quite a few options that can be easily modified.
+Oftentimes, modifications need to be made to a Helm chart to allow it to operate in your Kubernetes cluster.
+Anything you see [in bjw-s' `common` library](https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml),
+including the top-level keys, can be added and subtracted from this chart's `values.yaml`, 
+underneath the `vikunja` and (optionally) `typesense` key.
 
-Anything you see [here](https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml), including the top-level keys, can be added and subtracted from this chart's `values.yaml`, underneath the `api`, `frontend`, and (optionally) `typesense` key.
-
-For example, if you wished to create a `serviceAccount` as can be seen [here](https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L85-L87) for the `api` pod:
+For example, if you wished to create a `serviceAccount` as can be seen [here](https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L85-L87) for the `vikunja` pod:
 
 ```yaml
-api:
+vikunja:
   serviceAccount: 
     create: true
 ```
 
-Then, (for some reason), if you wished to deploy the `frontend` as a `DaemonSet` ([as can be seen here](https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L12-L17)), you could do the following:
-
-```yaml
-frontend:
-  controller:
-    type: daemonset
-```  
-
-### Another Example of Modifying `config.yml` (Enabling Registration)
-
-You can disable registration (if you do not with to allow others to register on your Vikunja), by providing the following values in your `values.yaml`:
-
-```yaml
-api:
-  configMaps:
-    config:
-      enabled: true
-      data:
-        config.yml:
-          service:
-            enableregistration: false
-```
-
-If you need to create another user, you could opt to execute the following command on the `api` container:
-
-```bash
-./vikunja user create --email <user@email.com> --user <user1> --password <password123>
-```
-
 ## Publishing
 
 The following steps are automatically performed when a git tag for a new version is pushed to the repository.

artifacthub-repo.yml

@@ -0,0 +1,9 @@
+# Artifact Hub repository metadata file
+# https://artifacthub.io/docs/topics/repositories/helm-charts/#oci-support
+# publish via:
+# oras push kolaente.dev/vikunja/vikunja:artifacthub.io --config artifacthub.config.json:application/vnd.cncf.artifacthub.config.v1+yaml artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml
+repositoryID: 14bd8402-9829-4f9b-b71e-e496fc1307f5
+owners: # (optional, used to claim repository ownership)
+  - name: kolaente
+    email: artifacthub@kolaente.de
+

artifacthub.config.json

@@ -0,0 +1 @@
+{}

templates/frontend.yaml

@@ -1,29 +0,0 @@
-{{- define "vikunja.frontend.hardcodedValues" -}}
-global:
-  nameOverride: frontend
-
-service:
-  main:
-    enabled: true
-    primary: true
-    type: ClusterIP
-    ports:
-      http:
-        enabled: true
-        primary: true
-        port: 80
-        protocol: HTTP
-
-env:
-  {{- if .Values.api.ingress.main.enabled }}
-  VIKUNJA_API_URL: "http://{{ index .Values.api.ingress.main.hosts 0 "host" }}{{ index .Values.api.ingress.main.hosts 0 "path" }}"
-  {{ end }}
-
-{{ end }}
-
-{{ if .Values.frontend.enabled }}
-{{- $ctx := deepCopy . -}}
-{{- $_ := get .Values "frontend" | mergeOverwrite $ctx.Values -}}
-{{- $_ = include "vikunja.frontend.hardcodedValues" . | fromYaml | merge $ctx.Values -}}
-{{- include "bjw-s.common.loader.all" $ctx }}
-{{ end }}

templates/vikunja.yaml

@@ -1,9 +1,7 @@
-{{- define "vikunja.api.hardcodedValues" -}}
-global:
-  nameOverride: api
-
+{{- define "vikunja.vikunja.hardcodedValues" -}}
 service:
   main:
+    controller: main
     enabled: true
     primary: true
     type: ClusterIP
@@ -14,6 +12,9 @@ service:
         port: 3456
         protocol: HTTP
 
+podSecurityContext:
+  fsGroup: 1000
+
 persistence:
   config:
     enabled: true
@@ -46,23 +47,9 @@ env:
 {{ if .Values.typesense.enabled }}
   VIKUNJA_TYPESENSE_ENABLED: "true"
 {{ end }}
-{{ if and .Values.frontend.ingress.enabled .Values.api.configMaps.config.enabled}}
-  # The configuration for Vikunja's api.
-  # https://vikunja.io/docs/config-options/
-  VIKUNJA_SERVICE_FRONTENDURL: "http://{{ index .Values.frontend.ingress.main.hosts 0 "host" }}{{ index .Values.frontend.ingress.main.hosts 0 "path" }}"
 {{ end }}
 
-# Logic to decide what the api URL should be
-{{ if .Values.frontend.ingress.enabled }}
-  VIKUNJA_FRONTEND_URL: "http://{{ index .Values.frontend.ingress.main.hosts 0 "host" }}{{ index .Values.frontend.ingress.main.hosts 0 "path" }}"
-{{ end }}
-{{ end }}
-
-
-
-{{ if .Values.api.enabled }}
 {{- $ctx := deepCopy . -}}
-{{- $_ := get .Values "api" | mergeOverwrite $ctx.Values -}}
-{{- $_ = include "vikunja.api.hardcodedValues" . | fromYaml | merge $ctx.Values -}}
+{{- $_ := get .Values "vikunja" | mergeOverwrite $ctx.Values -}}
+{{- $_ = include "vikunja.vikunja.hardcodedValues" . | fromYaml | merge $ctx.Values -}}
 {{- include "bjw-s.common.loader.all" $ctx }}
-{{ end }}

values.yaml

@@ -4,27 +4,24 @@
 ## Refer there for more detail about the supported values.
 ## Any values that you find in the above `values.yaml` can be provided to this chart and are then rendered.
 
-image:
-  tag: 0.21.0
-
 ######################
 # VIKUNJA COMPONENTS #
 ######################
 # You can find the default values that this `values.yaml` overrides, in the comment at the top of this file.
-api:
-  enabled: true
+vikunja:
   image:
-    repository: vikunja/api
-    tag: 0.21.0
-    pullPolicy: IfNotPresent
+    repository: vikunja/vikunja
+    #tag: "latest"
+    #pullPolicy: Always
   persistence:
-    # This is your Vikunja data will live, you can either let
-    # the chart create a new PVC for you or provide an existing one.
+    # This is where your Vikunja data lives,
+    # provide an existing PVC or let one be autocreated
     data:
       enabled: true
       # existingClaim: # your-claim
       accessMode: ReadWriteOnce
-      size: 10Gi
+      size: 2Gi
+      mountPath: /app/vikunja/files
       # storageClass: storage-class
   ingress:
     main:
@@ -35,86 +32,60 @@ api:
       hosts:
         - host: vikunja.local
           paths:
-            - path: "/api/v1"
+            - path: /
       tls: []
   configMaps:
-    # The configuration for Vikunja's api.
+    # The configuration for Vikunja's api
     # https://vikunja.io/docs/config-options/
-    config:
+    api-config:
       enabled: true
       data:
         config.yml: |
-          # Vikunja needs to know the frontend URL for password reset emails.
-          # So you might need to provide its value, if you're not using an ingress.
-          # service:
-          #   frontendUrl: http://vikunja.local
-
           typesense:
-            # Typesense will only work if it is enabled below (typesense.enabled).
-            url: "{{ printf "%s-typesense" .Release.Name }}:8108"
+            # These configuration values will automatically apply
+            # if the integrated Typesense is enabled below (typesense.enabled)
+            url: "http://{{ printf "%s-typesense" .Release.Name }}:8108"
             apiKey: "{{ .Values.typesense.env.TYPESENSE_API_KEY }}"
           redis:
-            # Redis will only work if it is enabled below (redis.enabled).
-            host: "{{ printf "%s-redis-master" .Release.Name }}:6379"
+            # These configuration values will automatically apply
+            # if the integrated Redis is enabled below (redis.enabled)
+            host: "http://{{ printf "%s-redis-master" .Release.Name }}:6379"
             db: "{{ .Release.Name }}"
   env:
     # To utilize a secret in the environment variables, you can do something like the following: https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L141-L145
     # You could also use MySQL or SQLite, but we recommend PostgreSQL.
     # https://vikunja.io/docs/config-options/#type
     VIKUNJA_DATABASE_TYPE: "postgres"
-    VIKUNJA_DATABASE_USER: "{{ .Values.postgresql.global.postgresql.auth.username }}"
-    VIKUNJA_DATABASE_PASSWORD: "{{ .Values.postgresql.global.postgresql.auth.password }}"
-    VIKUNJA_DATABASE_NAME: "{{ .Values.postgresql.global.postgresql.auth.database }}"
-
-frontend:
-  enabled: true
-  # You can add any of the top-level keys in the common chart's `values.yaml` to override them here.
-  # For example, this values.yaml file overrides the image values, located here:
-  # https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L63-L69
-  image:
-    repository: vikunja/frontend
-    tag: 0.21.0
-    pullPolicy: IfNotPresent
-  # You can use either a `service` or an `ingress` to interact with Vikunja's frontend.
-  # `Ingress` is the recommended option, but you can still set the `service` to
-  # `LoadBalancer` or another service type.
-  # https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L294-L354
-  service:
-    main:
-      type: ClusterIP
-
-  # https://github.com/bjw-s/helm-charts/blob/a081de53024d8328d1ae9ff7e4f6bc500b0f3a29/charts/library/common/values.yaml#L393-L436
-  ingress:
-    main:
-      enabled: true
-      annotations:
-        # proxy-body-size is set to 0 to remove the body limit on file uploads
-        nginx.ingress.kubernetes.io/proxy-body-size: "0"
-      hosts:
-        # This is just an example. You should change this to your own domain.
-        - host: vikunja.local
-          paths:
-            - path: "/"
-      tls: []
-  # If you've used the "built-in" ingress in the api section, you don't need to specify VIKUNJA_API_URL as an environment variable here.
-  # If you've used something else, you'll need to provide the URL to the API here.
-  # env:
-  # VIKUNJA_API_URL: http://vikunja.local/api
+    VIKUNJA_DATABASE_USER: "{{ coalesce .Values.postgresql.global.postgresql.auth.username .Values.postgresql.auth.username }}"
+    VIKUNJA_DATABASE_PASSWORD: "{{ coalesce .Values.postgresql.global.postgresql.auth.password .Values.postgresql.auth.password }}"
+    VIKUNJA_DATABASE_NAME: "{{ coalesce .Values.postgresql.global.postgresql.auth.database .Values.postgresql.auth.database }}"
 
 ##########################
 # END VIKUNJA COMPONENTS #
 ##########################
 
 # Optional Dependencies
+
+#  ┬─┐┌─┐┐─┐┌┐┐┌─┐┬─┐┬─┐┐─┐┐─┐┬
+#  │─┘│ │└─┐ │ │ ┬│┬┘├─ └─┐│ ││
+#  ┘  ┘─┘──┘ ┘ ┘─┘┘└┘┴─┘──┘└─\┘─┘
+# Please refer to PostgreSQL subchart for a full list of possible values
+# https://github.com/bitnami/charts/tree/main/bitnami/postgresql/#parameters
 postgresql:
   enabled: true
-  global:
-    postgresql:
-      auth:
-        username: vikunja
-        database: vikunja
-        password: vikunja
+  primary:
+    networkPolicy:
+      enabled: false
+  auth:
+    username: vikunja
+    database: vikunja
+    password: vikunja
 
+#  ┬─┐┬─┐┬─┐o┐─┐
+#  │┬┘├─ │ ││└─┐
+#  ┘└┘┴─┘┘─┘┘──┘
+# Please refer to Redis subchart for a full list of possible values
+# https://github.com/bitnami/charts/tree/main/bitnami/redis/#parameters
 redis:
   enabled: false
   architecture: standalone