From 25f6e5f40cdcd4a428a0e4a804c6e8440c756990 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 20 Apr 2025 19:38:28 +0200 Subject: [PATCH 1/6] fix(charts/freeradius): resolved typos and bugs in the chart --- charts/freeradius/Chart.yaml | 2 +- charts/freeradius/templates/Deployment.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/freeradius/Chart.yaml b/charts/freeradius/Chart.yaml index a6a8561..0d078ae 100644 --- a/charts/freeradius/Chart.yaml +++ b/charts/freeradius/Chart.yaml @@ -5,7 +5,7 @@ appVersion: 3.2.7 dependencies: - name: st-common repository: https://startechnica.github.io/apps - version: 0.1.10 + version: 0.1.12 - name: mariadb condition: mariadb.enabled repository: oci://registry-1.docker.io/bitnamicharts diff --git a/charts/freeradius/templates/Deployment.yaml b/charts/freeradius/templates/Deployment.yaml index 2342c74..b20d7d1 100644 --- a/charts/freeradius/templates/Deployment.yaml +++ b/charts/freeradius/templates/Deployment.yaml @@ -246,6 +246,7 @@ spec: /bin/echo "Message-Authenticator = 0x00" | /usr/bin/radclient 127.0.0.1:${FREERADIUS_SITES_STATUS_PORT} status ${FREERADIUS_SITES_STATUS_SECRET} {{- end }} {{- end }} + {{- end }} {{- if .resources }} resources: {{- include "st-common.tplvalues.render" (dict "value" .resources "context" $) | nindent 12 }} {{- else if and .resourcesPreset (ne .resourcesPreset "none") }} From 91743a8f5efae39d7c16dc10468fdceb2ee456c8 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 20 Apr 2025 20:13:09 +0200 Subject: [PATCH 2/6] feat(charts/freeradius): add configuration configMap --- .../templates/ConfigMap/configuration.yaml | 24 +++++++++++++++++++ charts/freeradius/templates/Deployment.yaml | 1 + 2 files changed, 25 insertions(+) create mode 100644 charts/freeradius/templates/ConfigMap/configuration.yaml diff --git a/charts/freeradius/templates/ConfigMap/configuration.yaml b/charts/freeradius/templates/ConfigMap/configuration.yaml new file mode 100644 index 0000000..d4dc0a2 --- /dev/null +++ b/charts/freeradius/templates/ConfigMap/configuration.yaml @@ -0,0 +1,24 @@ +{{- /* +Copyright (c) 2025 Firmansyah Nainggolan. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.configuration }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "freeradius.configurationCM" . }} + namespace: {{ include "st-common.names.namespace" . | quote }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + {{- end }} +data: + radiusd.conf: |- + {{- include "st-common.tplvalues.render" (dict "value" .Values.configuration "context" $) | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/freeradius/templates/Deployment.yaml b/charts/freeradius/templates/Deployment.yaml index b20d7d1..505b714 100644 --- a/charts/freeradius/templates/Deployment.yaml +++ b/charts/freeradius/templates/Deployment.yaml @@ -34,6 +34,7 @@ spec: checksum/configmap-env: {{ include (print $.Template.BasePath "/ConfigMap/envvars.yaml") . | sha256sum }} checksum/configmap-mods: {{ include (print $.Template.BasePath "/ConfigMap/mods-enabled.yaml") . | sha256sum }} checksum/configmap-sites: {{ include (print $.Template.BasePath "/ConfigMap/sites-enabled.yaml") . | sha256sum }} + checksum/configmap-configuration: {{ include (print $.Template.BasePath "/ConfigMap/configuration.yaml") . | sha256sum }} checksum/secret-credentials: {{ include (print $.Template.BasePath "/Secret/credentials.yaml") . | sha256sum }} checksum/secret-sql-tls: {{ include (print $.Template.BasePath "/Secret/sql-tls.yaml") . | sha256sum }} checksum/secret-tls: {{ include (print $.Template.BasePath "/Secret/tls.yaml") . | sha256sum }} From 994a8cfa6da95b4990138983de73a81030f97d0b Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 20 Apr 2025 20:38:39 +0200 Subject: [PATCH 3/6] feat(chart/freeradius): allow specifying additional env vars and storing those in the Secret --- .../templates/ConfigMap/clients.yaml | 6 +++-- .../templates/ConfigMap/envvars.yaml | 6 +++-- .../templates/ConfigMap/mods-enabled.yaml | 6 +++-- .../templates/ConfigMap/sites-enabled.yaml | 6 +++-- charts/freeradius/templates/Deployment.yaml | 13 ++++++---- .../templates/Secret/credentials.yaml | 6 +++-- .../freeradius/templates/Secret/envvars.yaml | 24 +++++++++++++++++++ .../freeradius/templates/Secret/sql-tls.yaml | 6 +++-- charts/freeradius/templates/Secret/tls.yaml | 6 +++-- charts/freeradius/values.yaml | 19 ++++++++++----- 10 files changed, 74 insertions(+), 24 deletions(-) create mode 100644 charts/freeradius/templates/Secret/envvars.yaml diff --git a/charts/freeradius/templates/ConfigMap/clients.yaml b/charts/freeradius/templates/ConfigMap/clients.yaml index afbe928..0634e78 100644 --- a/charts/freeradius/templates/ConfigMap/clients.yaml +++ b/charts/freeradius/templates/ConfigMap/clients.yaml @@ -10,12 +10,14 @@ kind: ConfigMap metadata: name: {{ printf "%s-clients" (include "st-common.names.fullname" .) }} namespace: {{ include "st-common.names.namespace" . | quote }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} {{- end }} data: clients.conf: |- diff --git a/charts/freeradius/templates/ConfigMap/envvars.yaml b/charts/freeradius/templates/ConfigMap/envvars.yaml index 2b6b3a1..1ecb0c2 100644 --- a/charts/freeradius/templates/ConfigMap/envvars.yaml +++ b/charts/freeradius/templates/ConfigMap/envvars.yaml @@ -8,12 +8,14 @@ kind: ConfigMap metadata: name: {{ include "freeradius.names.envvars" . }} namespace: {{ include "st-common.names.namespace" . | quote }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} {{- end }} data: FREERADIUS_ENABLE_TLS: {{ ternary "true" "false" .Values.tls.enabled | quote }} diff --git a/charts/freeradius/templates/ConfigMap/mods-enabled.yaml b/charts/freeradius/templates/ConfigMap/mods-enabled.yaml index 169bc9f..d859ece 100644 --- a/charts/freeradius/templates/ConfigMap/mods-enabled.yaml +++ b/charts/freeradius/templates/ConfigMap/mods-enabled.yaml @@ -8,12 +8,14 @@ kind: ConfigMap metadata: name: {{ printf "%s-mods" (include "st-common.names.fullname" .) }} namespace: {{ include "st-common.names.namespace" . | quote }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} {{- end }} data: {{- if .Values.modsEnabled.sql.enabled }} diff --git a/charts/freeradius/templates/ConfigMap/sites-enabled.yaml b/charts/freeradius/templates/ConfigMap/sites-enabled.yaml index d751767..348d13b 100644 --- a/charts/freeradius/templates/ConfigMap/sites-enabled.yaml +++ b/charts/freeradius/templates/ConfigMap/sites-enabled.yaml @@ -8,12 +8,14 @@ kind: ConfigMap metadata: name: {{ printf "%s-sites" (include "st-common.names.fullname" .) }} namespace: {{ include "st-common.names.namespace" . | quote }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} {{- end }} data: {{ (.Files.Glob "files/sites-available/default").AsConfig | indent 2 }} diff --git a/charts/freeradius/templates/Deployment.yaml b/charts/freeradius/templates/Deployment.yaml index 505b714..f3868f5 100644 --- a/charts/freeradius/templates/Deployment.yaml +++ b/charts/freeradius/templates/Deployment.yaml @@ -38,6 +38,7 @@ spec: checksum/secret-credentials: {{ include (print $.Template.BasePath "/Secret/credentials.yaml") . | sha256sum }} checksum/secret-sql-tls: {{ include (print $.Template.BasePath "/Secret/sql-tls.yaml") . | sha256sum }} checksum/secret-tls: {{ include (print $.Template.BasePath "/Secret/tls.yaml") . | sha256sum }} + checksum/secret-env: {{ include (print $.Template.BasePath "/Secret/envvars.yaml") . | sha256sum }} {{- if .Values.podAnnotations }} {{- include "st-common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} @@ -173,13 +174,17 @@ spec: envFrom: - configMapRef: name: {{ include "freeradius.names.envvars" . }} - {{- if .Values.extraEnvVarsCM }} + {{- if .Values.extraSecretEnvVars }} + - secretRef: + name: {{ include "freeradius.names.envvars" . }} + {{- end }} + {{- if .Values.extraEnvVarsExistingCM }} - configMapRef: - name: {{ .Values.extraEnvVarsCM }} + name: {{ .Values.extraEnvVarsExistingCM }} {{- end }} - {{- if .Values.extraEnvVarsSecret }} + {{- if .Values.extraEnvVarsExistingSecret }} - secretRef: - name: {{ .Values.extraEnvVarsSecret }} + name: {{ .Values.extraEnvVarsExistingSecret }} {{- end }} {{- if .Values.lifecycleHooks }} lifecycle: {{- include "st-common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} diff --git a/charts/freeradius/templates/Secret/credentials.yaml b/charts/freeradius/templates/Secret/credentials.yaml index 6618ad5..930ef07 100644 --- a/charts/freeradius/templates/Secret/credentials.yaml +++ b/charts/freeradius/templates/Secret/credentials.yaml @@ -10,13 +10,15 @@ kind: Secret metadata: name: {{ $secretName }} namespace: {{ include "st-common.names.namespace" . | quote }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} + labels: app.kubernetes.io/component: freeradius + {{- include "st-common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} {{- end }} type: Opaque data: diff --git a/charts/freeradius/templates/Secret/envvars.yaml b/charts/freeradius/templates/Secret/envvars.yaml new file mode 100644 index 0000000..59911e6 --- /dev/null +++ b/charts/freeradius/templates/Secret/envvars.yaml @@ -0,0 +1,24 @@ +{{- /* +Copyright (c) 2025 Firmansyah Nainggolan. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.extraSecretEnvVars }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "freeradius.names.envvars" . }} + namespace: {{ include "st-common.names.namespace" . | quote }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }} + {{- end }} +type: Opaque +stringData: + {{- include "st-common.tplvalues.render" (dict "value" .Values.extraSecretEnvVars "context" $) | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/charts/freeradius/templates/Secret/sql-tls.yaml b/charts/freeradius/templates/Secret/sql-tls.yaml index e49a5e2..a605a50 100644 --- a/charts/freeradius/templates/Secret/sql-tls.yaml +++ b/charts/freeradius/templates/Secret/sql-tls.yaml @@ -16,9 +16,11 @@ metadata: name: {{ include "st-common.names.fullname" . }}-sql-tls namespace: {{ include "st-common.names.namespace" . | quote }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} diff --git a/charts/freeradius/templates/Secret/tls.yaml b/charts/freeradius/templates/Secret/tls.yaml index 3b182d5..2a943cb 100644 --- a/charts/freeradius/templates/Secret/tls.yaml +++ b/charts/freeradius/templates/Secret/tls.yaml @@ -16,9 +16,11 @@ metadata: name: {{ include "st-common.names.fullname" . }}-tls namespace: {{ include "st-common.names.namespace" . | quote }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} diff --git a/charts/freeradius/values.yaml b/charts/freeradius/values.yaml index 62c1dc7..8b43e2a 100644 --- a/charts/freeradius/values.yaml +++ b/charts/freeradius/values.yaml @@ -391,16 +391,23 @@ extraFlags: "" ## @param extraEnvVars Extra environment variables to be set on FreeRADIUS containers ## E.g. ## extraEnvVars: -## - name: TZ -## value: "Europe/Paris" +## - name: TZ +## value: "Europe/Paris" ## extraEnvVars: [] -## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars for FreeRADIUS containers + +## @param extraSecretEnvVars Extra environment variables to be stored in Secret and set on FreeRADIUS containers +## E.g. +## extraSecretEnvVars: +## FREERADIUS_PROXY_SECRET: test123456 +extraSecretEnvVars: {} + +## @param extraEnvVarsExistingCM Name of existing ConfigMap containing extra env vars for FreeRADIUS containers ## -extraEnvVarsCM: "" -## @param extraEnvVarsSecret Name of existing Secret containing extra env vars for FreeRADIUS containers +extraEnvVarsExistingCM: "" +## @param extraEnvVarsExistingSecret Name of existing Secret containing extra env vars for FreeRADIUS containers ## -extraEnvVarsSecret: "" +extraEnvVarsExistingSecret: "" ## @section Persistence Parameters From 01f3b536fc6b2139d5ee0d8cf0a732b8145f98bc Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 20 Apr 2025 21:04:51 +0200 Subject: [PATCH 4/6] fix(chart/freeradius): tls cert-manager support typo --- charts/freeradius/templates/Certificate.yaml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/charts/freeradius/templates/Certificate.yaml b/charts/freeradius/templates/Certificate.yaml index 9a65f83..fe71321 100644 --- a/charts/freeradius/templates/Certificate.yaml +++ b/charts/freeradius/templates/Certificate.yaml @@ -4,7 +4,7 @@ SPDX-License-Identifier: APACHE-2.0 */}} {{- if and (include "freeradius.createTlsSecret" .) .Values.tls.autoGenerator.certmanager.enabled }} -{{- if not (eq (include "st-common.capabilities.certManager.apiVersion" .) "false") }} +{{- if not (eq (include "st-common.capabilities.certmanager.apiVersion" .) "false") }} {{- $releaseNamespace := include "st-common.names.namespace" . }} {{- $clusterDomain := .Values.clusterDomain }} {{- $fullname := include "st-common.names.fullname" . }} @@ -13,25 +13,26 @@ SPDX-License-Identifier: APACHE-2.0 {{/* {{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc" $serviceName $releaseNamespace) (printf "%s.%s" $serviceName $releaseNamespace) $fullname }} */}} -apiVersion: {{ include "st-common.capabilities.certManager.apiVersion" . }} +apiVersion: {{ include "st-common.capabilities.certmanager.apiVersion" . }} kind: Certificate metadata: name: {{ include "st-common.names.fullname" . }}-tls namespace: {{ include "st-common.names.namespace" . | quote }} {{- if .Values.commonAnnotations }} - annotations: {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} - labels: {{- include "st-common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} + annotations: + {{- include "st-common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} + labels: + {{- include "st-common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "st-common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }} + {{- end }} spec: secretName: {{ include "freeradius.tlsSecretName" . }} issuerRef: group: cert-manager.io kind: {{ .Values.tls.autoGenerator.certmanager.issuerKind }} name: {{ .Values.tls.autoGenerator.certmanager.issuerName }} - #name: letsencrypt-prd privateKey: algorithm: ECDSA rotationPolicy: Always From d78297bfeddf42998427ad2b0a430a56c676446c Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 20 Apr 2025 21:58:41 +0200 Subject: [PATCH 5/6] feat(chart/freeradius): allow configuring cert-manager Certificate from values this allows eg. to define only publicly available domains and use Let's Encrypt to generate certificate --- charts/freeradius/templates/Certificate.yaml | 31 ++++++-------------- charts/freeradius/values.yaml | 21 +++++++++++++ 2 files changed, 30 insertions(+), 22 deletions(-) diff --git a/charts/freeradius/templates/Certificate.yaml b/charts/freeradius/templates/Certificate.yaml index fe71321..34b3bdc 100644 --- a/charts/freeradius/templates/Certificate.yaml +++ b/charts/freeradius/templates/Certificate.yaml @@ -5,14 +5,6 @@ SPDX-License-Identifier: APACHE-2.0 {{- if and (include "freeradius.createTlsSecret" .) .Values.tls.autoGenerator.certmanager.enabled }} {{- if not (eq (include "st-common.capabilities.certmanager.apiVersion" .) "false") }} -{{- $releaseNamespace := include "st-common.names.namespace" . }} -{{- $clusterDomain := .Values.clusterDomain }} -{{- $fullname := include "st-common.names.fullname" . }} -{{- $serviceName := include "st-common.names.fullname" . }} -{{- $altNames := list (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc" $serviceName $releaseNamespace) (printf "%s.%s" $serviceName $releaseNamespace) $fullname }} -{{/* -{{- $altNames := list (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc" $serviceName $releaseNamespace) (printf "%s.%s" $serviceName $releaseNamespace) $fullname }} -*/}} apiVersion: {{ include "st-common.capabilities.certmanager.apiVersion" . }} kind: Certificate metadata: @@ -33,23 +25,18 @@ spec: group: cert-manager.io kind: {{ .Values.tls.autoGenerator.certmanager.issuerKind }} name: {{ .Values.tls.autoGenerator.certmanager.issuerName }} + {{- if .Values.tls.autoGenerator.certmanager.privateKey }} privateKey: - algorithm: ECDSA - rotationPolicy: Always - size: 256 + {{- include "st-common.tplvalues.render" (dict "value" .Values.tls.autoGenerator.certmanager.privateKey "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.tls.autoGenerator.certmanager.subject }} subject: - organizations: - - {{ .Release.Name | quote }} - organizationalUnits: - - {{ include "st-common.names.fullname" . }} + {{- include "st-common.tplvalues.render" (dict "value" .Values.tls.autoGenerator.certmanager.subject "context" $) | nindent 4 }} + {{- end }} + {{- if .Values.tls.autoGenerator.certmanager.dnsNames }} dnsNames: - - {{ .Values.ingress.hostname | quote }} - {{- range .Values.ingress.extraHosts }} - - {{ .name | quote }} - {{- end }} - {{- with $altNames }} - {{- toYaml . | nindent 4 }} - {{- end }} + {{- include "st-common.tplvalues.render" (dict "value" .Values.tls.autoGenerator.certmanager.dnsNames "context" $) | nindent 4 }} + {{- end }} {{- end }} {{- end }} --- \ No newline at end of file diff --git a/charts/freeradius/values.yaml b/charts/freeradius/values.yaml index 8b43e2a..68089b3 100644 --- a/charts/freeradius/values.yaml +++ b/charts/freeradius/values.yaml @@ -906,6 +906,27 @@ tls: enabled: false issuerKind: ClusterIssuer issuerName: selfsigned-issuer + privateKey: + algorithm: ECDSA + rotationPolicy: Always + size: 256 + subject: |- + organizations: + - {{ .Release.Name | quote }} + organizationalUnits: + - {{ include "st-common.names.fullname" . | quote }} + dnsNames: |- + {{- $releaseNamespace := include "st-common.names.namespace" . }} + {{- $clusterDomain := .Values.clusterDomain }} + {{- $serviceName := include "st-common.names.fullname" . }} + {{- $altNames := list (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc" $serviceName $releaseNamespace) (printf "%s.%s" $serviceName $releaseNamespace) $serviceName -}} + - {{ .Values.ingress.hostname | quote }} + {{- range .Values.ingress.extraHosts }} + - {{ .name | quote }} + {{- end }} + {{- with $altNames }} + {{ toYaml . }} + {{- end }} ## @param tls.certificatesSecret Name of the secret that contains the certificates ## certificatesSecret: "" From 4bbccce2338225465fdae093610816559374a0c4 Mon Sep 17 00:00:00 2001 From: JuniorJPDJ Date: Sun, 20 Apr 2025 22:54:50 +0200 Subject: [PATCH 6/6] chore(charts/freeradius): bump version to 1.0.4 --- charts/freeradius/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/freeradius/Chart.yaml b/charts/freeradius/Chart.yaml index 0d078ae..04658f4 100644 --- a/charts/freeradius/Chart.yaml +++ b/charts/freeradius/Chart.yaml @@ -30,4 +30,4 @@ sources: - https://freeradius.org/ - https://github.com/FreeRADIUS/freeradius-server type: application -version: 1.0.3 \ No newline at end of file +version: 1.0.4 \ No newline at end of file