added helm chart (#217)

Signed-off-by: Miguel Ángel Ortuño <[email protected]>

.gitignore

@@ -48,3 +48,7 @@ build
 # BoltDB default database file
 .jackal.db
 
+# Helm
+charts/
+requirements.lock
+

CHANGELOG.md

@@ -2,10 +2,6 @@
 
 ## jackal - main / unreleased
 
-## 0.59.0 (2022/03/26)
-
-* [FEATURE] Improve k8s compatibility. [#219](https://github.com/ortuman/jackal/pull/219), [#220](https://github.com/ortuman/jackal/pull/220), 
-
 ## 0.58.0 (2022/03/04)
 
 * [FEATURE] Added BoltDB repository type. [#212](https://github.com/ortuman/jackal/pull/212)

README.md

@@ -59,6 +59,28 @@ or environment variable:
 $ env JACKAL_CONFIG_FILE=/your-custom-path/your-config.yaml jackal
 ```
 
+### Helm chart
+
+To make it easy to install jackal via Helm in Kubernetes a chart has been included into this repository.<br/> 
+
+After customizing your own [values.yaml](helm/values.yaml) file run the following command to install and configure all required components under `jackal` namespace.   
+
+```sh
+sh ./helm/scripts/install <your_custom_values>.yaml
+```
+
+In turn, an active chart can be updated by running the upgrade script as follows:
+
+```sh
+sh ./helm/scripts/upgrade <your_custom_values>.yaml
+```
+
+On the other hand, you can also remove the jackal chart from your Kubernetes cluster by running the uninstall script: 
+
+```sh
+sh ./helm/scripts/uninstall
+```
+
 ### PostgreSQL database creation
 
 Create a user and a database for that user:

config/example.config.yaml

@@ -29,7 +29,7 @@
 #  pgsql:
 #    host: 127.0.0.1:5432
 #    user: jackal
-#    password: password
+#    password: a-secret-key
 #    database: jackal
 #    max_open_conns: 16
 #
@@ -44,11 +44,12 @@
 #  kv:
 #    type: etcd
 #    etcd:
+#      username: root
 #      endpoints:
 #        - http://127.0.0.1:2379
-#
-#  server:
-#    port: 14369
+
+  server:
+    port: 14369
 
 shapers:
   - name: super

helm/Chart.yaml

@@ -0,0 +1,26 @@
+apiVersion: "v1"
+name: jackal
+version: 1.0.0
+appVersion: v0.59.0
+kubeVersion: "^1.10.0-0"
+description: "Instant messaging server for the Extensible Messaging and Presence Protocol (XMPP)."
+home: https://github.com/ortuman/jackal
+icon: https://raw.githubusercontent.com/ortuman/jackal/main/logos/logo-0.png
+sources:
+  - https://github.com/ortuman/jackal
+keywords:
+  - jackal
+  - xmpp
+  - chat
+  - asynchronous
+  - messaging
+maintainers:
+  - name: Jackal Maintainers
+    email: [email protected]
+dependencies:
+  - name: etcd
+    version: 7.0.2
+    repository: https://charts.bitnami.com/bitnami
+  - name: postgresql-ha
+    version: 8.6.13
+    repository: https://charts.bitnami.com/bitnami

helm/scripts/install.sh

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+set -eufo pipefail
+
+command -v helm >/dev/null 2>&1 || { echo "helm not installed, aborting." >&2; exit 1; }
+
+if [ "$#" -eq 0 ] || [ -z "$1" ]; then
+   echo "A custom values.yaml file must be provided"
+   exit 1;
+fi
+
+helm install jackal helm/ --dependency-update --create-namespace --namespace=jackal -f "$1"
+

helm/scripts/uninstall.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -eufo pipefail
+
+command -v helm >/dev/null 2>&1 || { echo "helm not installed, aborting." >&2; exit 1; }
+
+helm uninstall jackal --namespace=jackal

helm/scripts/upgrade.sh

@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+set -eufo pipefail
+
+command -v kubectl >/dev/null 2>&1 || { echo "kubectl not installed, aborting." >&2; exit 1; }
+command -v helm >/dev/null 2>&1 || { echo "helm not installed, aborting." >&2; exit 1; }
+
+if [ $# -eq 0 ] || [ -z $1 ]; then
+   echo "A custom values.yaml file must be provided"
+   exit 1;
+fi
+
+export POSTGRESQL_PASSWORD=$(kubectl get secret --namespace "jackal" jackal-postgresql-ha-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode)
+export REPMGR_PASSWORD=$(kubectl get secret --namespace "jackal" jackal-postgresql-ha-postgresql -o jsonpath="{.data.repmgr-password}" | base64 --decode)
+export ADMIN_PASSWORD=$(kubectl get secret --namespace "jackal" jackal-postgresql-ha-pgpool -o jsonpath="{.data.admin-password}" | base64 --decode)
+
+helm upgrade jackal helm/ --dependency-update \
+--set postgresql-ha.postgresql.password=$POSTGRESQL_PASSWORD \
+--set postgresql-ha.postgresql.repmgrPassword=$REPMGR_PASSWORD \
+--set postgresql-ha.pgpool.adminPassword=$ADMIN_PASSWORD \
+--namespace=jackal \
+-f "$1"

helm/sql/postgres.up.psql

@@ -0,0 +1,172 @@
+/*
+ Copyright 2022 The jackal Authors
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+*/
+
+-- Functions to manage updated_at timestamps
+
+CREATE OR REPLACE FUNCTION enable_updated_at(_tbl regclass) RETURNS VOID AS $$
+BEGIN
+    EXECUTE format('CREATE TRIGGER set_updated_at BEFORE UPDATE ON %s
+                    FOR EACH ROW EXECUTE PROCEDURE set_updated_at()', _tbl);
+END;
+$$ LANGUAGE plpgsql;
+
+CREATE OR REPLACE FUNCTION set_updated_at() RETURNS trigger AS $$
+BEGIN
+    IF (
+        NEW IS DISTINCT FROM OLD AND
+        NEW.updated_at IS NOT DISTINCT FROM OLD.updated_at
+    ) THEN
+        NEW.updated_at := current_timestamp;
+    END IF;
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+-- users
+
+CREATE TABLE IF NOT EXISTS users (
+    username         VARCHAR(1023) PRIMARY KEY,
+    h_sha_1          TEXT NOT NULL,
+    h_sha_256        TEXT NOT NULL,
+    h_sha_512        TEXT NOT NULL,
+    h_sha3_512       TEXT NOT NULL,
+    salt             TEXT NOT NULL,
+    iteration_count  INT NOT NULL,
+    pepper_id        VARCHAR(1023) NOT NULL,
+    updated_at       TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at       TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW()
+);
+
+SELECT enable_updated_at('users');
+
+-- last
+
+CREATE TABLE IF NOT EXISTS last (
+    username   VARCHAR(1023) PRIMARY KEY,
+    status     TEXT NOT NULl,
+    seconds    BIGINT NOT NULL,
+    updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW()
+);
+
+SELECT enable_updated_at('last');
+
+-- capabilities
+
+CREATE TABLE IF NOT EXISTS capabilities (
+    node       VARCHAR(1023) NOT NULL,
+    ver        VARCHAR(1023) NOT NULL,
+    features   TEXT ARRAY,
+    updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+
+    PRIMARY KEY (node, ver)
+);
+
+SELECT enable_updated_at('capabilities');
+
+-- offline_messages
+
+CREATE TABLE IF NOT EXISTS offline_messages (
+    id         SERIAL PRIMARY KEY,
+    username   VARCHAR(1023) NOT NULL,
+    message    BYTEA NOT NULL,
+    created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW()
+);
+
+CREATE INDEX IF NOT EXISTS i_offline_messages_username ON offline_messages(username);
+
+-- blocklist_items
+
+CREATE TABLE IF NOT EXISTS blocklist_items (
+    username   VARCHAR(1023) NOT NULL,
+    jid        TEXT NOT NULL,
+    updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+
+    PRIMARY KEY(username, jid)
+);
+
+SELECT enable_updated_at('blocklist_items');
+
+-- private_storage
+
+CREATE TABLE IF NOT EXISTS private_storage (
+    username        VARCHAR(1023) NOT NULL,
+    namespace       VARCHAR(512) NOT NULL,
+    data            BYTEA NOT NULL,
+    updated_at      TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at      TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+
+    PRIMARY KEY (username, namespace)
+);
+
+SELECT enable_updated_at('private_storage');
+
+-- roster_notifications
+
+CREATE TABLE IF NOT EXISTS roster_notifications (
+    contact     VARCHAR(1023) NOT NULL,
+    jid         TEXT NOT NULL,
+    presence    BYTEA NOT NULL,
+    updated_at  TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at  TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+
+    PRIMARY KEY (contact, jid)
+);
+
+SELECT enable_updated_at('roster_notifications');
+
+-- roster_items
+
+CREATE TABLE IF NOT EXISTS roster_items (
+    username        VARCHAR(1023) NOT NULL,
+    jid             TEXT NOT NULL,
+    name            TEXT NOT NULL,
+    subscription    TEXT NOT NULL,
+    groups          TEXT ARRAY,
+    ask             BOOL NOT NULL,
+    updated_at      TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at      TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+
+    PRIMARY KEY (username, jid)
+);
+
+SELECT enable_updated_at('roster_items');
+
+-- roster_versions
+
+CREATE TABLE IF NOT EXISTS roster_versions (
+    username   VARCHAR(1023) NOT NULL,
+    ver        INT NOT NULL DEFAULT 1,
+    updated_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+
+    PRIMARY KEY (username)
+);
+
+SELECT enable_updated_at('roster_versions');
+
+-- vcards
+
+CREATE TABLE IF NOT EXISTS vcards (
+    username        VARCHAR(1023) PRIMARY KEY,
+    vcard           BYTEA NOT NULL,
+    updated_at      TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW(),
+    created_at      TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW()
+);
+
+SELECT enable_updated_at('vcards');

helm/templates/_config-render.tpl

@@ -0,0 +1,72 @@
+###~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~###
+###                jackal configuration file                 ###
+###~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~###
+
+logger:
+  level: {{ .Values.jackal.config.logger.level }}
+
+http:
+  port: {{ .Values.jackal.config.http.port }}
+
+admin:
+  port: {{ .Values.jackal.config.admin.port }}
+
+{{ if .Values.jackal.config.domains }}
+hosts:
+{{ toYaml .Values.jackal.config.domains | indent 6 }}
+{{ end }}
+
+{{ if .Values.jackal.config.peppers }}
+peppers:
+{{ toYaml .Values.jackal.config.peppers | indent 6 }}
+{{ end }}
+
+storage:
+  type: pgsql
+  pgsql:
+    host: jackal-postgresql-ha-pgpool.{{ .Release.Namespace }}.svc.cluster.local:5432
+    user: jackal
+    database: jackal
+    max_open_conns: {{ .Values.jackal.config.storage.maxConns }}
+    max_idle_conns: {{ .Values.jackal.config.storage.maxIdleConns }}
+    conn_max_lifetime: {{ .Values.jackal.config.storage.connMaxLifetime }}
+    conn_max_idle_time: {{ .Values.jackal.config.storage.connMaxIdleTime }}
+
+{{ if .Values.redis.enabled }}
+  cache:
+    type: redis
+    redis:
+      srv: _redis._tcp.redis-headless.{{ .Release.Namespace }}.svc.cluster.local
+{{ end }}
+
+cluster:
+  type: kv
+  kv:
+    type: etcd
+    etcd:
+      endpoints:
+      - http://jackal-etcd.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.etcd.containerPorts.client }}
+
+  server:
+    port: {{ .Values.jackal.config.cluster.server.port }}
+
+{{ if .Values.jackal.config.shapers }}
+shapers:
+{{ toYaml .Values.jackal.config.shapers | indent 2 }}
+{{ end }}
+
+c2s:
+{{ toYaml .Values.jackal.config.c2s | indent 2 }}
+
+s2s:
+{{ toYaml .Values.jackal.config.s2s | indent 2 }}
+
+{{ if .Values.jackal.config.modules }}
+modules:
+{{ toYaml .Values.jackal.config.modules | indent 2 }}
+{{ end }}
+
+{{ if .Values.jackal.config.components }}
+components:
+{{ toYaml .Values.jackal.config.components | indent 2 }}
+{{ end }}

helm/templates/_helpers.tpl

@@ -0,0 +1,6 @@
+{{/*
+Calculate the config from structured and unstructred text input
+*/}}
+{{- define "jackal.calculatedConfig" -}}
+{{ include (print $.Template.BasePath "/_config-render.tpl") . }}
+{{- end -}}