diff --git a/charts/jumpserver/Chart.yaml b/charts/jumpserver/Chart.yaml index 9332331..c26875a 100644 --- a/charts/jumpserver/Chart.yaml +++ b/charts/jumpserver/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: "v2.20.2" +appVersion: "v2.20.3" description: A Helm chart for Deploying Jumpserver on Kubernetes engine: gotpl home: https://jumpserver.org @@ -10,4 +10,4 @@ maintainers: sources: - https://github.com/jumpserver/ name: jumpserver -version: 2.20.2 +version: 2.20.3 diff --git a/charts/jumpserver/README.md b/charts/jumpserver/README.md index 9c6a7be..59488d4 100644 --- a/charts/jumpserver/README.md +++ b/charts/jumpserver/README.md @@ -30,7 +30,7 @@ helm repo add jumpserver https://jumpserver.github.io/helm-charts | `nameOveride` | name override | `nil` | | `fullNameOveride` | full name override | `nil` | | `global.imageRegistry` | 仓库地址 | `docker.io` | -| `global.imageTag` | 版本号 | `v2.20.2 ` | +| `global.imageTag` | 版本号 | `v2.20.3 ` | | `global.imagePullSecrets` | 私有仓库认证凭据 | `nil` | `global.storageClass` | 存储 sc | `nil` | | `ingress.enabled` | 开启 ingress | `true` | diff --git a/charts/jumpserver/templates/celery/deployment-celery.yaml b/charts/jumpserver/templates/celery/deployment-celery.yaml index a39a189..d2d60f0 100644 --- a/charts/jumpserver/templates/celery/deployment-celery.yaml +++ b/charts/jumpserver/templates/celery/deployment-celery.yaml @@ -50,8 +50,6 @@ spec: value: {{ .config.debug | quote }} - name: LOG_LEVEL value: {{ .config.log.level | quote }} - - name: SESSION_EXPIRE_AT_BROWSER_CLOSE - value: "true" - name: HTTP_LISTEN_PORT value: {{ .service.web.port | quote }} - name: WS_LISTEN_PORT @@ -74,9 +72,10 @@ spec: value: {{ include "jumpserver.redis.port" $ | quote }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} - {{- with .env }} - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} livenessProbe: exec: command: diff --git a/charts/jumpserver/templates/core/deployment-core.yaml b/charts/jumpserver/templates/core/deployment-core.yaml index 43b7eb0..e0dc9e4 100644 --- a/charts/jumpserver/templates/core/deployment-core.yaml +++ b/charts/jumpserver/templates/core/deployment-core.yaml @@ -51,8 +51,6 @@ spec: value: {{ .config.debug | quote }} - name: LOG_LEVEL value: {{ .config.log.level | quote }} - - name: SESSION_EXPIRE_AT_BROWSER_CLOSE - value: "true" - name: HTTP_LISTEN_PORT value: {{ .service.web.port | quote }} - name: WS_LISTEN_PORT @@ -75,9 +73,10 @@ spec: value: {{ include "jumpserver.redis.port" $ | quote }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} - {{- with .env }} - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} ports: - name: web containerPort: {{ .service.web.port }} diff --git a/charts/jumpserver/templates/koko/deployment-koko.yaml b/charts/jumpserver/templates/koko/deployment-koko.yaml index 9ab907a..e1f73b4 100644 --- a/charts/jumpserver/templates/koko/deployment-koko.yaml +++ b/charts/jumpserver/templates/koko/deployment-koko.yaml @@ -69,9 +69,10 @@ spec: value: {{ include "jumpserver.redis.port" $ | quote }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} - {{- with .env }} - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} livenessProbe: {{- toYaml .livenessProbe | nindent 12 }} readinessProbe: diff --git a/charts/jumpserver/templates/lion/deployment-lion.yaml b/charts/jumpserver/templates/lion/deployment-lion.yaml index f29692f..80f15b4 100644 --- a/charts/jumpserver/templates/lion/deployment-lion.yaml +++ b/charts/jumpserver/templates/lion/deployment-lion.yaml @@ -54,10 +54,6 @@ spec: value: {{ .config.log.level | quote }} - name: HTTPD_PORT value: {{ .service.web.port | quote }} - - name: JUMPSERVER_ENABLE_FONT_SMOOTHING - value: "true" - - name: JUMPSERVER_COLOR_DEPTH - value: "32" - name: SHARE_ROOM_TYPE value: "redis" - name: REDIS_HOST @@ -66,9 +62,10 @@ spec: value: {{ include "jumpserver.redis.port" $ | quote }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} - {{- with .env }} - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} livenessProbe: {{- toYaml .livenessProbe | nindent 12 }} readinessProbe: diff --git a/charts/jumpserver/templates/omnidb/deployment-omnidb.yaml b/charts/jumpserver/templates/omnidb/deployment-omnidb.yaml index 23ebd5a..f0d232c 100644 --- a/charts/jumpserver/templates/omnidb/deployment-omnidb.yaml +++ b/charts/jumpserver/templates/omnidb/deployment-omnidb.yaml @@ -50,9 +50,10 @@ spec: value: {{ .config.log.level | quote }} - name: listening_port value: {{ .service.web.port | quote }} - {{- with .env }} - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} ports: - name: web containerPort: {{ .service.web.port }} diff --git a/charts/jumpserver/templates/pre-install-initdb.yaml b/charts/jumpserver/templates/pre-install-initdb.yaml index 3091f32..b260913 100644 --- a/charts/jumpserver/templates/pre-install-initdb.yaml +++ b/charts/jumpserver/templates/pre-install-initdb.yaml @@ -59,8 +59,9 @@ spec: value: {{ include "jumpserver.redis.port" $ | quote }} - name: REDIS_PASSWORD value: {{ include "jumpserver.redis.password" $ | quote }} - {{- with .env }} - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} restartPolicy: Never {{- end }} diff --git a/charts/jumpserver/templates/web/deployment-nginx.yaml b/charts/jumpserver/templates/web/deployment-nginx.yaml index 0143f44..b82ad65 100644 --- a/charts/jumpserver/templates/web/deployment-nginx.yaml +++ b/charts/jumpserver/templates/web/deployment-nginx.yaml @@ -41,10 +41,11 @@ spec: command: {{- tpl (toYaml .) $ | nindent 12 }} {{- end }} - {{- with .env }} env: - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} ports: - name: web containerPort: {{ .service.web.port }} diff --git a/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml b/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml index 40a5855..d428217 100644 --- a/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml +++ b/charts/jumpserver/templates/xrdp/deployment-xrdp.yaml @@ -50,9 +50,10 @@ spec: value: {{ .config.log.level | quote }} - name: JUMPSERVER_ENABLE_FONT_SMOOTHING value: "true" - {{- with .env }} - {{- tpl (toYaml .) $ | nindent 12 | quote }} - {{- end }} + {{- range $key, $val := .env }} + - name: {{ $key }} + value: {{ $val | quote }} + {{- end }} ports: - name: rdp containerPort: {{ .service.rdp.port }} diff --git a/charts/jumpserver/values.yaml b/charts/jumpserver/values.yaml index b83dfb1..681bcfd 100644 --- a/charts/jumpserver/values.yaml +++ b/charts/jumpserver/values.yaml @@ -12,7 +12,7 @@ fullnameOverride: "" ## global: imageRegistry: "docker.io" - imageTag: v2.20.2 + imageTag: v2.20.3 ## E.g. # imagePullSecrets: # - myRegistryKeySecretName @@ -20,8 +20,8 @@ global: imagePullSecrets: [] storageClass: "" -## If the MySQL database included in the chart is disabled, JumpServer will -## use below parameters to connect to an external MySQL server. +## Please configure your MySQL server first +## Jumpserver will not start the external MySQL server. ## externalDatabase: engine: mysql @@ -31,8 +31,8 @@ externalDatabase: password: "" database: jumpserver -## If the Redis database included in the chart is disabled, JumpServer will -## use below parameters to connect to an external Redis server. +## Please configure your Redis server first +## Jumpserver will not start the external Redis server. ## externalRedis: host: localhost @@ -85,12 +85,16 @@ core: image: registry: docker.io repository: jumpserver/core - tag: v2.20.2 + tag: v2.20.3 pullPolicy: IfNotPresent command: [] - env: [] + env: + # See: https://docs.jumpserver.org/zh/master/admin-guide/env/#core + SESSION_EXPIRE_AT_BROWSER_CLOSE: true + # SESSION_COOKIE_AGE: 86400 + # SECURITY_VIEW_AUTH_NEED_MFA: true livenessProbe: failureThreshold: 30 @@ -170,12 +174,17 @@ koko: image: registry: docker.io repository: jumpserver/koko - tag: v2.20.2 + tag: v2.20.3 pullPolicy: IfNotPresent command: [] env: [] + # See: https://docs.jumpserver.org/zh/master/admin-guide/env/#koko + # LANGUAGE_CODE: zh + # REUSE_CONNECTION: true + # ENABLE_LOCAL_PORT_FORWARD: true + # ENABLE_VSCODE_SUPPORT: true livenessProbe: failureThreshold: 30 @@ -254,12 +263,20 @@ lion: image: registry: docker.io repository: jumpserver/lion - tag: v2.20.2 + tag: v2.20.3 pullPolicy: IfNotPresent command: [] - env: [] + env: + # See: https://docs.jumpserver.org/zh/master/admin-guide/env/#lion + JUMPSERVER_ENABLE_FONT_SMOOTHING: true + # JUMPSERVER_COLOR_DEPTH: 32 + # JUMPSERVER_ENABLE_WALLPAPER: true + # JUMPSERVER_ENABLE_THEMING: true + # JUMPSERVER_ENABLE_FULL_WINDOW_DRAG: true + # JUMPSERVER_ENABLE_DESKTOP_COMPOSITION: true + # JUMPSERVER_ENABLE_MENU_ANIMATIONS: true livenessProbe: failureThreshold: 30 @@ -336,7 +353,7 @@ omnidb: image: registry: registry.fit2cloud.com repository: jumpserver/omnidb - tag: v2.20.2 + tag: v2.20.3 pullPolicy: IfNotPresent command: [] @@ -413,12 +430,21 @@ xrdp: image: registry: registry.fit2cloud.com repository: jumpserver/xrdp - tag: v2.20.2 + tag: v2.20.3 pullPolicy: IfNotPresent command: [] - env: [] + env: + # tcp_send_buffer_bytes and tcp_recv_buffer_bytes See: https://github.com/neutrinolabs/xrdp/issues/1483 + TCP_SEND_BUFFER_BYTES: 4194304 + TCP_RECV_BUFFER_BYTES: 6291456 + JUMPSERVER_ENABLE_FONT_SMOOTHING: true + # JUMPSERVER_ENABLE_WALLPAPER: true + # JUMPSERVER_ENABLE_THEMING: true + # JUMPSERVER_ENABLE_FULL_WINDOW_DRAG: true + # JUMPSERVER_ENABLE_DESKTOP_COMPOSITION: true + # JUMPSERVER_ENABLE_MENU_ANIMATIONS: true livenessProbe: failureThreshold: 30 @@ -488,12 +514,14 @@ web: image: registry: docker.io repository: jumpserver/web - tag: v2.20.2 + tag: v2.20.3 pullPolicy: IfNotPresent command: [] env: [] + # nginx client_max_body_size, default 4G + # CLIENT_MAX_BODY_SIZE: 4096m livenessProbe: failureThreshold: 30