From 55e68166620cf27729cc1e2eb60ea64980d438f4 Mon Sep 17 00:00:00 2001
From: nold <nold@gnu.one>
Date: Wed, 28 Sep 2022 16:22:07 +0200
Subject: [PATCH] add(ntfy)

---
 projects/ntfy/project.yml          |  7 +++
 projects/ntfy/values/heimdall.yaml | 52 ++++++++++++++++
 projects/ntfy/values/ntfy.yaml     | 95 ++++++++++++++++++++++++++++++
 3 files changed, 154 insertions(+)
 create mode 100644 projects/ntfy/project.yml
 create mode 100644 projects/ntfy/values/heimdall.yaml
 create mode 100644 projects/ntfy/values/ntfy.yaml

diff --git a/projects/ntfy/project.yml b/projects/ntfy/project.yml
new file mode 100644
index 00000000..aea15c7e
--- /dev/null
+++ b/projects/ntfy/project.yml
@@ -0,0 +1,7 @@
+config:
+  description: Notification Service
+apps:
+- name: ntfy
+  repoURL: https://charts.truecharts.org
+  chart: ntfy
+  targetRevision: 2.0.37
diff --git a/projects/ntfy/values/heimdall.yaml b/projects/ntfy/values/heimdall.yaml
new file mode 100644
index 00000000..fe00fecc
--- /dev/null
+++ b/projects/ntfy/values/heimdall.yaml
@@ -0,0 +1,52 @@
+image:
+  repository: tccr.io/truecharts/heimdall
+  tag: v2.4.13
+  pullPolicy: IfNotPresent
+
+securityContext:
+  readOnlyRootFilesystem: false
+  runAsNonRoot: false
+
+podSecurityContext:
+  runAsUser: 0
+  runAsGroup: 0
+
+service:
+  main:
+    ports:
+      main:
+        port: 10014
+        targetPort: 80
+
+ingress:
+  main:
+    enabled: true
+    enableFixedMiddlewares: false
+    annotations:
+      cert-manager.io/cluster-issuer: vault-issuer
+      traefik.ingress.kubernetes.io/router.tls: 'true'
+    hosts:
+    - host: heimdall.dc
+      paths:
+      - path: /
+        pathType: Prefix
+    tls:
+    - secretName: heimdall-tls
+      hosts:
+      - heimdall.dc
+
+
+probes:
+  startup:
+    enabled: true
+
+persistence:
+  config:
+    enabled: true
+    mountPath: "/config"
+
+portal:
+  enabled: false
+
+env:
+  APP_URL: https://home.dc
diff --git a/projects/ntfy/values/ntfy.yaml b/projects/ntfy/values/ntfy.yaml
new file mode 100644
index 00000000..ecf91854
--- /dev/null
+++ b/projects/ntfy/values/ntfy.yaml
@@ -0,0 +1,95 @@
+image:
+  repository: tccr.io/truecharts/ntfy
+  tag: 1.28.0
+
+extraArgs: ["serve"]
+
+securityContext:
+  readOnlyRootFilesystem: false
+  runAsNonRoot: true
+
+podSecurityContext:
+  runAsUser: 1000
+  runAsGroup: 1000
+  fsGroup: 1000
+
+env:
+  NTFY_LISTEN_HTTP: ":{{ .Values.service.main.ports.main.port }}"
+  # User Defined
+  NTFY_BASE_URL: "https://notify.dc"
+  NTFY_BEHIND_PROXY: false
+  ENABLE_FIREBASE_FILE: false
+  ENABLE_CACHE_FILE: false
+  ENABLE_ATTACHMENT_CACHE_DIR: false
+  ENABLE_AUTH_FILE: false
+  # NTFY_CACHE_DURATION: "12h"
+  # NTFY_KEEPALIVE_INTERVAL: "45s"
+  # NTFY_MANAGER_INTERVAL: "1m"
+  # NTFY_GLOBAL_TOPIC_LIMIT: 15000
+  # NTFY_VISITOR_SUBSCRIPTION_LIMIT: 30
+  # NTFY_VISITOR_ATTACHMENT_TOTAL_SIZE_LIMIT: "100M"
+  # NTFY_VISITOR_ATTACHMENT_DAILY_BANDWIDTH_LIMIT: "500M"
+  # NTFY_VISITOR_REQUEST_LIMIT_BURST: 60
+  # NTFY_VISITOR_REQUEST_LIMIT_REPLENISH: "5s"
+  # NTFY_VISITOR_REQUEST_LIMIT_EXEMPT_HOSTS: ""
+  # NTFY_VISITOR_EMAIL_LIMIT_BURST: 16
+  # NTFY_VISITOR_EMAIL_LIMIT_REPLENISH: "1h"
+  # NTFY_ATTACHMENT_TOTAL_SIZE_LIMIT: "5G"
+  # NTFY_ATTACHMENT_FILE_SIZE_LIMIT: "15M"
+  # NTFY_ATTACHMENT_EXPIRY_DURATION: "3h"
+  # NTFY_AUTH_DEFAULT_ACCESS: "read-write"
+  # NTFY_SMTP_SENDER_ADDR: ""
+  # NTFY_SMTP_SENDER_USER: ""
+  # NTFY_SMTP_SENDER_PASS: ""
+  # NTFY_SMTP_SENDER_FROM: ""
+  # NTFY_SMTP_SERVER_LISTEN: ""
+  # NTFY_SMTP_SERVER_DOMAIN: ""
+  # NTFY_SMTP_SERVER_ADDR_PREFIX: ""
+
+envFrom:
+  - configMapRef:
+      name: '{{ include "tc.common.names.fullname" . }}-ntfy'
+
+service:
+  main:
+    ports:
+      main:
+        port: 10222
+
+ingress:
+  main:
+    enabled: true
+    enableFixedMiddlewares: false
+    annotations:
+      cert-manager.io/cluster-issuer: vault-issuer
+      traefik.ingress.kubernetes.io/router.tls: 'true'
+    hosts:
+    - host: notify.dc
+      paths:
+      - path: /
+        pathType: Prefix
+    tls:
+    - secretName: notify-tls
+      hosts:
+      - notify.dc
+
+persistence:
+  config:
+    enabled: true
+    mountPath: "/etc/ntfy"
+  cache:
+    enabled: true
+    mountPath: "/var/cache/ntfy"
+
+configmap:
+  ntfy:
+    enabled: true
+    data:
+      # If a path is set, it enables this options. To disable set to emtpy path
+      NTFY_ATTACHMENT_CACHE_DIR: '{{ ternary "/var/cache/ntfy/attachments" "" .Values.env.ENABLE_ATTACHMENT_CACHE_DIR }}'
+      NTFY_CACHE_FILE: '{{ ternary "/var/cache/ntfy/cache.db" "" .Values.env.ENABLE_CACHE_FILE }}'
+      NTFY_AUTH_FILE: '{{ ternary "/etc/ntfy/user.db" "" .Values.env.ENABLE_AUTH_FILE }}'
+      NTFY_FIREBASE_KEY_FILE: '{{ ternary "/etc/ntfy/firebase-key.json" "" .Values.env.ENABLE_FIREBASE_FILE }}'
+
+portal:
+  enabled: false