henry/HomeLabScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

running cluster with immich, photoprism and authentik

Browse Source
This commit is contained in:
henry
2025-12-29 14:50:44 +01:00
parent 35b7b7b4da
commit 1ab9418379
16 changed files with 499 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
k3s/apps/authentik/helm/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: authentik

28
k3s/apps/authentik/helm/values.yaml Normal file
View File

@@ -0,0 +1,28 @@
namespace: authentik
authentik:
secret_key: "6sNotXqR3cvcVHx3RbYCViX6J/OmMvopb4b7ge80V3EdSgBtWzG0l4SXBPo80J3mRy0BDaCCfb1EZoz+"
# This sends anonymous usage-data, stack traces on errors and
# performance data to sentry.io, and is fully opt-in
error_reporting:
enabled: true
postgresql:
password: "WoPbKRCEeLoLb9J840FqwDE95ergX8CqXq7jC6nbJkoNSiTSlA"
server:
ingress:
# Specify kubernetes ingress controller class name
# ingressClassName: nginx
# enabled: true
# hosts:
# - authentik.henryathome.home64.de
enabled: false
service:
type: NodePort
port: 9000
nodePort: 32222
postgresql:
enabled: true
auth:
password: "WoPbKRCEeLoLb9J840FqwDE95ergX8CqXq7jC6nbJkoNSiTSlA"

BIN
k3s/apps/gitea/gitea-dump-1747479769.zip Normal file
View File

Binary file not shown.

33
k3s/apps/gitea/gitea.yaml
View File

@@ -19,8 +19,8 @@ spec:
- ReadWriteMany - ReadWriteMany
persistentVolumeReclaimPolicy: Retain persistentVolumeReclaimPolicy: Retain
nfs: nfs:
server: 192.168.178.132 server: 192.168.178.166
path: /slowData/gitea/repos path: /export/fastData/gitea/repos
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
@@ -49,8 +49,8 @@ spec:
- ReadWriteOnce - ReadWriteOnce
persistentVolumeReclaimPolicy: Retain persistentVolumeReclaimPolicy: Retain
nfs: nfs:
server: 192.168.178.132 server: 192.168.178.166
path: /slowData/gitea/postgres path: /export/fastData/gitea/postgres
--- ---
apiVersion: v1 apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
@@ -97,6 +97,10 @@ spec:
volumeMounts: volumeMounts:
- name: postgres-storage - name: postgres-storage
mountPath: /var/lib/postgresql/data mountPath: /var/lib/postgresql/data
securityContext:
runAsUser: 1001
runAsGroup: 1000
# fsGroup: 1000
volumes: volumes:
- name: postgres-storage - name: postgres-storage
persistentVolumeClaim: persistentVolumeClaim:
@@ -152,12 +156,26 @@ spec:
value: gitea value: gitea
- name: GITEA__database__PASSWD - name: GITEA__database__PASSWD
value: giteapassword value: giteapassword
- name: GITEA__server__ROOT_URL
value: "https://git.henryathome.home64.de"
- name: GITEA__server__SSH_DOMAIN
value: git.henryathome.home64.de
- name: GITEA__server__START_SSH_SERVER
value: "true"
- name: GITEA__server__SSH_LISTEN_PORT
value: "32000"
- name: GITEA__server__SSH_PORT
value: "32000"
ports: ports:
- containerPort: 3000 # HTTP - containerPort: 3000 # HTTP
- containerPort: 22 # SSH - containerPort: 32000 # SSH
volumeMounts: volumeMounts:
- name: gitea-storage - name: gitea-storage
mountPath: /data mountPath: /data
securityContext:
# runAsUser: 1001
# runAsGroup: 1000
# fsGroup: 1000
volumes: volumes:
- name: gitea-storage - name: gitea-storage
persistentVolumeClaim: persistentVolumeClaim:
@@ -181,5 +199,6 @@ spec:
targetPort: 3000 targetPort: 3000
- name: ssh - name: ssh
protocol: TCP protocol: TCP
port: 22 port: 32000
targetPort: 22 targetPort: 32000
nodePort: 32000

4
k3s/nfs-pv/nfs-pv.yaml → k3s/apps/nfs-pv/nfs-pv.yaml
View File

@@ -10,5 +10,5 @@ spec:
storageClassName: nfs storageClassName: nfs
persistentVolumeReclaimPolicy: Retain # Optional: verhindert, dass K8s dein Share löscht persistentVolumeReclaimPolicy: Retain # Optional: verhindert, dass K8s dein Share löscht
nfs: nfs:
path: /fastData/photos path: /export/slowData/photos
server: 192.168.178.132 server: 192.168.178.166

14
k3s/apps/photo/immich/immich-data-pv.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: immich-data-pv
spec:
capacity:
storage: 100Gi # Irgendwas großzügiges, spielt bei NFS weniger Rolle
accessModes:
- ReadWriteMany # GANZ WICHTIG!
storageClassName: nfs
persistentVolumeReclaimPolicy: Retain # Optional: verhindert, dass K8s dein Share löscht
nfs:
path: /export/fastData/immichData
server: 192.168.178.166

4
k3s/apps/photo/immich/immich-db-deployment.yaml
View File

@@ -40,6 +40,10 @@ spec:
mountPath: /var/lib/postgresql/data mountPath: /var/lib/postgresql/data
subPath: postgres subPath: postgres
resources: {} resources: {}
securityContext:
runAsUser: 1001
runAsGroup: 1000
# fsGroup: 2000
volumes: volumes:
- name: pgdata - name: pgdata
persistentVolumeClaim: persistentVolumeClaim:

4
k3s/apps/photo/immich/immich-db-pv.yaml
View File

@@ -12,6 +12,6 @@ spec:
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany
nfs: nfs:
path: /slowData/immichDB # Static path on the NFS server path: /export/fastData/immichDB # Static path on the NFS server
server: 192.168.178.132 # Your NFS server's IP server: 192.168.178.166 # Your NFS server's IP
persistentVolumeReclaimPolicy: Retain persistentVolumeReclaimPolicy: Retain

4
k3s/apps/photo/immich/immich-library-pv.yaml
View File

@@ -12,5 +12,5 @@ spec:
accessModes: accessModes:
- ReadWriteMany - ReadWriteMany
nfs: nfs:
path: /fastData/immichLibrary # Static path on the NFS server path: /export/fastData/immichLibrary # Static path on the NFS server
server: 192.168.178.132 server: 192.168.178.166

4
k3s/apps/photo/immich/immich-server-deployment.yaml
View File

@@ -88,6 +88,10 @@ spec:
subPath: library subPath: library
- name: ext-library - name: ext-library
mountPath: /photos mountPath: /photos
# securityContext:
# runAsUser: 1001
# runAsGroup: 1000
# fsGroup: 2000
volumes: volumes:
- name: library - name: library
persistentVolumeClaim: persistentVolumeClaim:

15
k3s/apps/photo/photoprism/immich-db-pvc.yaml Normal file
View File

@@ -0,0 +1,15 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: immich-db-pvc
namespace: photoprism
labels:
app: immich
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 20Gi # Match or be less than the PV's capacity
volumeName: immich-db-pv # Bind explicitly to the PV created above
storageClassName: nfs

20
k3s/apps/photo/photoprism/mariadb-pv.yaml
View File

@@ -1,13 +1,17 @@
apiVersion: v1
kind: PersistentVolume kind: PersistentVolume
apiVersion: v1
metadata: metadata:
name: mariadb-pv name: mariadb-db-pv
namespace: photoprism
labels:
app: photoprism-mariadb
spec: spec:
capacity: capacity:
storage: 50Gi storage: 20Gi # Adjust the storage size as needed
storageClassName: nfs
accessModes: accessModes:
- ReadWriteOnce - ReadWriteMany
persistentVolumeReclaimPolicy: Retain # Optional: verhindert, dass K8s dein Share löscht nfs:
storageClassName: local-path path: /fastData/photoprismDB # Static path on the NFS server
hostPath: server: 192.168.178.166 # Your NFS server's IP
path: /slowData/photoprismDB persistentVolumeReclaimPolicy: Retain

13
k3s/apps/photo/photoprism/mariadb-pv.yaml.old Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: mariadb-pv
spec:
capacity:
storage: 50Gi
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain # Optional: verhindert, dass K8s dein Share löscht
storageClassName: local-path
hostPath:
path: /slowData/photoprismDB

13
k3s/apps/photo/photoprism/mariadb.yaml
View File

@@ -4,13 +4,14 @@ metadata:
name: mariadb name: mariadb
namespace: photoprism namespace: photoprism
spec: spec:
storageClassName: local-path
volumeName: mariadb-pv
accessModes: accessModes:
- ReadWriteOnce - ReadWriteMany
resources: resources:
requests: requests:
storage: 50Gi storage: 20Gi # Match or be less than the PV's capacity
volumeName: mariadb-db-pv # Bind explicitly to the PV created above
storageClassName: nfs
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
@@ -42,6 +43,10 @@ spec:
volumeMounts: volumeMounts:
- mountPath: /var/lib/mysql - mountPath: /var/lib/mysql
name: mariadb name: mariadb
securityContext:
runAsUser: 1001
runAsGroup: 1000
# fsGroup: 2000
volumes: volumes:
- name: mariadb - name: mariadb
persistentVolumeClaim: persistentVolumeClaim:

18
k3s/apps/photo/photoprism/photoprism.yaml
View File

@@ -52,7 +52,7 @@ spec:
- name: PHOTOPRISM_AUTH_MODE - name: PHOTOPRISM_AUTH_MODE
value: password value: password
- name: PHOTOPRISM_SITE_URL - name: PHOTOPRISM_SITE_URL
value: https://photoprism.henryathome.home64.de value: https://henrysfotos.henryathome.home64.de
- name: PHOTOPRISM_INDEX_WORKERS - name: PHOTOPRISM_INDEX_WORKERS
value: "3" value: "3"
- name: PHOTOPRISM_INDEX_SCHEDULE - name: PHOTOPRISM_INDEX_SCHEDULE
@@ -68,6 +68,19 @@ spec:
value: photoprism value: photoprism
- name: PHOTOPRISM_DATABASE_PASSWORD - name: PHOTOPRISM_DATABASE_PASSWORD
value: photoprism value: photoprism
- name: PHOTOPRISM_UID
value: "1001"
- name: PHOTOPRISM_GID
value: "1000"
- name: PHOTOPRISM_DISABLE_CHOWN
value: "true"
resources:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "500m"
memory: "512Mi"
volumeMounts: volumeMounts:
- mountPath: /photoprism/ - mountPath: /photoprism/
name: photoprism-storage name: photoprism-storage
@@ -76,6 +89,9 @@ spec:
# - mountPath: /photoprism/originals # - mountPath: /photoprism/originals
# name: photoprism-storage # name: photoprism-storage
# name: photoprism-originals # name: photoprism-originals
# securityContext:
# runAsUser: 1000
# runAsGroup: 1000
volumes: volumes:
- name: photoprism-storage - name: photoprism-storage
persistentVolumeClaim: persistentVolumeClaim:

347
k3s/get_helm.sh Executable file
View File

@@ -0,0 +1,347 @@
#!/usr/bin/env bash
# Copyright The Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# The install script is based off of the MIT-licensed script from glide,
# the package manager for Go: https://github.com/Masterminds/glide.sh/blob/master/get
: ${BINARY_NAME:="helm"}
: ${USE_SUDO:="true"}
: ${DEBUG:="false"}
: ${VERIFY_CHECKSUM:="true"}
: ${VERIFY_SIGNATURES:="false"}
: ${HELM_INSTALL_DIR:="/usr/local/bin"}
: ${GPG_PUBRING:="pubring.kbx"}
HAS_CURL="$(type "curl" &> /dev/null && echo true || echo false)"
HAS_WGET="$(type "wget" &> /dev/null && echo true || echo false)"
HAS_OPENSSL="$(type "openssl" &> /dev/null && echo true || echo false)"
HAS_GPG="$(type "gpg" &> /dev/null && echo true || echo false)"
HAS_GIT="$(type "git" &> /dev/null && echo true || echo false)"
HAS_TAR="$(type "tar" &> /dev/null && echo true || echo false)"
# initArch discovers the architecture for this system.
initArch() {
ARCH=$(uname -m)
case $ARCH in
armv5*) ARCH="armv5";;
armv6*) ARCH="armv6";;
armv7*) ARCH="arm";;
aarch64) ARCH="arm64";;
x86) ARCH="386";;
x86_64) ARCH="amd64";;
i686) ARCH="386";;
i386) ARCH="386";;
esac
}
# initOS discovers the operating system for this system.
initOS() {
OS=$(echo `uname`|tr '[:upper:]' '[:lower:]')
case "$OS" in
# Minimalist GNU for Windows
mingw*|cygwin*) OS='windows';;
esac
}
# runs the given command as root (detects if we are root already)
runAsRoot() {
if [ $EUID -ne 0 -a "$USE_SUDO" = "true" ]; then
sudo "${@}"
else
"${@}"
fi
}
# verifySupported checks that the os/arch combination is supported for
# binary builds, as well whether or not necessary tools are present.
verifySupported() {
local supported="darwin-amd64\ndarwin-arm64\nlinux-386\nlinux-amd64\nlinux-arm\nlinux-arm64\nlinux-loong64\nlinux-ppc64le\nlinux-s390x\nlinux-riscv64\nwindows-amd64\nwindows-arm64"
if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then
echo "No prebuilt binary for ${OS}-${ARCH}."
echo "To build from source, go to https://github.com/helm/helm"
exit 1
fi
if [ "${HAS_CURL}" != "true" ] && [ "${HAS_WGET}" != "true" ]; then
echo "Either curl or wget is required"
exit 1
fi
if [ "${VERIFY_CHECKSUM}" == "true" ] && [ "${HAS_OPENSSL}" != "true" ]; then
echo "In order to verify checksum, openssl must first be installed."
echo "Please install openssl or set VERIFY_CHECKSUM=false in your environment."
exit 1
fi
if [ "${VERIFY_SIGNATURES}" == "true" ]; then
if [ "${HAS_GPG}" != "true" ]; then
echo "In order to verify signatures, gpg must first be installed."
echo "Please install gpg or set VERIFY_SIGNATURES=false in your environment."
exit 1
fi
if [ "${OS}" != "linux" ]; then
echo "Signature verification is currently only supported on Linux."
echo "Please set VERIFY_SIGNATURES=false or verify the signatures manually."
exit 1
fi
fi
if [ "${HAS_GIT}" != "true" ]; then
echo "[WARNING] Could not find git. It is required for plugin installation."
fi
if [ "${HAS_TAR}" != "true" ]; then
echo "[ERROR] Could not find tar. It is required to extract the helm binary archive."
exit 1
fi
}
# checkDesiredVersion checks if the desired version is available.
checkDesiredVersion() {
if [ "x$DESIRED_VERSION" == "x" ]; then
# Get tag from release URL
local latest_release_url="https://get.helm.sh/helm4-latest-version"
local latest_release_response=""
if [ "${HAS_CURL}" == "true" ]; then
latest_release_response=$( curl -L --silent --show-error --fail "$latest_release_url" 2>&1 || true )
elif [ "${HAS_WGET}" == "true" ]; then
latest_release_response=$( wget "$latest_release_url" -q -O - 2>&1 || true )
fi
TAG=$( echo "$latest_release_response" | grep '^v[0-9]' )
if [ "x$TAG" == "x" ]; then
printf "Could not retrieve the latest release tag information from %s: %s\n" "${latest_release_url}" "${latest_release_response}"
exit 1
fi
else
TAG=$DESIRED_VERSION
fi
}
# checkHelmInstalledVersion checks which version of helm is installed and
# if it needs to be changed.
checkHelmInstalledVersion() {
if [[ -f "${HELM_INSTALL_DIR}/${BINARY_NAME}" ]]; then
local version=$("${HELM_INSTALL_DIR}/${BINARY_NAME}" version --template="{{ .Version }}")
if [[ "$version" == "$TAG" ]]; then
echo "Helm ${version} is already ${DESIRED_VERSION:-latest}"
return 0
else
echo "Helm ${TAG} is available. Changing from version ${version}."
return 1
fi
else
return 1
fi
}
# downloadFile downloads the latest binary package and also the checksum
# for that binary.
downloadFile() {
HELM_DIST="helm-$TAG-$OS-$ARCH.tar.gz"
DOWNLOAD_URL="https://get.helm.sh/$HELM_DIST"
CHECKSUM_URL="$DOWNLOAD_URL.sha256"
HELM_TMP_ROOT="$(mktemp -dt helm-installer-XXXXXX)"
HELM_TMP_FILE="$HELM_TMP_ROOT/$HELM_DIST"
HELM_SUM_FILE="$HELM_TMP_ROOT/$HELM_DIST.sha256"
echo "Downloading $DOWNLOAD_URL"
if [ "${HAS_CURL}" == "true" ]; then
curl -SsL "$CHECKSUM_URL" -o "$HELM_SUM_FILE"
curl -SsL "$DOWNLOAD_URL" -o "$HELM_TMP_FILE"
elif [ "${HAS_WGET}" == "true" ]; then
wget -q -O "$HELM_SUM_FILE" "$CHECKSUM_URL"
wget -q -O "$HELM_TMP_FILE" "$DOWNLOAD_URL"
fi
}
# verifyFile verifies the SHA256 checksum of the binary package
# and the GPG signatures for both the package and checksum file
# (depending on settings in environment).
verifyFile() {
if [ "${VERIFY_CHECKSUM}" == "true" ]; then
verifyChecksum
fi
if [ "${VERIFY_SIGNATURES}" == "true" ]; then
verifySignatures
fi
}
# installFile installs the Helm binary.
installFile() {
HELM_TMP="$HELM_TMP_ROOT/$BINARY_NAME"
mkdir -p "$HELM_TMP"
tar xf "$HELM_TMP_FILE" -C "$HELM_TMP"
HELM_TMP_BIN="$HELM_TMP/$OS-$ARCH/helm"
echo "Preparing to install $BINARY_NAME into ${HELM_INSTALL_DIR}"
runAsRoot cp "$HELM_TMP_BIN" "$HELM_INSTALL_DIR/$BINARY_NAME"
echo "$BINARY_NAME installed into $HELM_INSTALL_DIR/$BINARY_NAME"
}
# verifyChecksum verifies the SHA256 checksum of the binary package.
verifyChecksum() {
printf "Verifying checksum... "
local sum=$(openssl sha1 -sha256 ${HELM_TMP_FILE} | awk '{print $2}')
local expected_sum=$(cat ${HELM_SUM_FILE})
if [ "$sum" != "$expected_sum" ]; then
echo "SHA sum of ${HELM_TMP_FILE} does not match. Aborting."
exit 1
fi
echo "Done."
}
# verifySignatures obtains the latest KEYS file from GitHub main branch
# as well as the signature .asc files from the specific GitHub release,
# then verifies that the release artifacts were signed by a maintainer's key.
verifySignatures() {
printf "Verifying signatures... "
local keys_filename="KEYS"
local github_keys_url="https://raw.githubusercontent.com/helm/helm/main/${keys_filename}"
if [ "${HAS_CURL}" == "true" ]; then
curl -SsL "${github_keys_url}" -o "${HELM_TMP_ROOT}/${keys_filename}"
elif [ "${HAS_WGET}" == "true" ]; then
wget -q -O "${HELM_TMP_ROOT}/${keys_filename}" "${github_keys_url}"
fi
local gpg_keyring="${HELM_TMP_ROOT}/keyring.gpg"
local gpg_homedir="${HELM_TMP_ROOT}/gnupg"
mkdir -p -m 0700 "${gpg_homedir}"
local gpg_stderr_device="/dev/null"
if [ "${DEBUG}" == "true" ]; then
gpg_stderr_device="/dev/stderr"
fi
gpg --batch --quiet --homedir="${gpg_homedir}" --import "${HELM_TMP_ROOT}/${keys_filename}" 2> "${gpg_stderr_device}"
gpg --batch --no-default-keyring --keyring "${gpg_homedir}/${GPG_PUBRING}" --export > "${gpg_keyring}"
local github_release_url="https://github.com/helm/helm/releases/download/${TAG}"
if [ "${HAS_CURL}" == "true" ]; then
curl -SsL "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" -o "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc"
curl -SsL "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" -o "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc"
elif [ "${HAS_WGET}" == "true" ]; then
wget -q -O "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc"
wget -q -O "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" "${github_release_url}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc"
fi
local error_text="If you think this might be a potential security issue,"
error_text="${error_text}\nplease see here: https://github.com/helm/community/blob/master/SECURITY.md"
local num_goodlines_sha=$(gpg --verify --keyring="${gpg_keyring}" --status-fd=1 "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256.asc" 2> "${gpg_stderr_device}" | grep -c -E '^\[GNUPG:\] (GOODSIG|VALIDSIG)')
if [[ ${num_goodlines_sha} -lt 2 ]]; then
echo "Unable to verify the signature of helm-${TAG}-${OS}-${ARCH}.tar.gz.sha256!"
echo -e "${error_text}"
exit 1
fi
local num_goodlines_tar=$(gpg --verify --keyring="${gpg_keyring}" --status-fd=1 "${HELM_TMP_ROOT}/helm-${TAG}-${OS}-${ARCH}.tar.gz.asc" 2> "${gpg_stderr_device}" | grep -c -E '^\[GNUPG:\] (GOODSIG|VALIDSIG)')
if [[ ${num_goodlines_tar} -lt 2 ]]; then
echo "Unable to verify the signature of helm-${TAG}-${OS}-${ARCH}.tar.gz!"
echo -e "${error_text}"
exit 1
fi
echo "Done."
}
# fail_trap is executed if an error occurs.
fail_trap() {
result=$?
if [ "$result" != "0" ]; then
if [[ -n "$INPUT_ARGUMENTS" ]]; then
echo "Failed to install $BINARY_NAME with the arguments provided: $INPUT_ARGUMENTS"
help
else
echo "Failed to install $BINARY_NAME"
fi
echo -e "\tFor support, go to https://github.com/helm/helm."
fi
cleanup
exit $result
}
# testVersion tests the installed client to make sure it is working.
testVersion() {
set +e
HELM="$(command -v $BINARY_NAME)"
if [ "$?" = "1" ]; then
echo "$BINARY_NAME not found. Is $HELM_INSTALL_DIR on your "'$PATH?'
exit 1
fi
set -e
}
# help provides possible cli installation arguments
help () {
echo "Accepted cli arguments are:"
echo -e "\t[--help|-h ] ->> prints this help"
echo -e "\t[--version|-v <desired_version>] . When not defined it fetches the latest release tag from the Helm CDN"
echo -e "\te.g. --version v4.0.0 or -v canary"
echo -e "\t[--no-sudo] ->> install without sudo"
}
# cleanup temporary files to avoid https://github.com/helm/helm/issues/2977
cleanup() {
if [[ -d "${HELM_TMP_ROOT:-}" ]]; then
rm -rf "$HELM_TMP_ROOT"
fi
}
# Execution
#Stop execution on any error
trap "fail_trap" EXIT
set -e
# Set debug if desired
if [ "${DEBUG}" == "true" ]; then
set -x
fi
# Parsing input arguments (if any)
export INPUT_ARGUMENTS="${@}"
set -u
while [[ $# -gt 0 ]]; do
case $1 in
'--version'|-v)
shift
if [[ $# -ne 0 ]]; then
export DESIRED_VERSION="${1}"
if [[ "$1" != "v"* ]]; then
echo "Expected version arg ('${DESIRED_VERSION}') to begin with 'v', fixing..."
export DESIRED_VERSION="v${1}"
fi
else
echo -e "Please provide the desired version. e.g. --version v4.0.0 or -v canary"
exit 0
fi
;;
'--no-sudo')
USE_SUDO="false"
;;
'--help'|-h)
help
exit 0
;;
*) exit 1
;;
esac
shift
done
set +u
initArch
initOS
verifySupported
checkDesiredVersion
if ! checkHelmInstalledVersion; then
downloadFile
verifyFile
installFile
fi
testVersion
cleanup