diff --git a/.idea/.gitignore b/.idea/.gitignore
new file mode 100644
index 0000000..8bf4d45
--- /dev/null
+++ b/.idea/.gitignore
@@ -0,0 +1,6 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
diff --git a/.idea/humhub-chart.iml b/.idea/humhub-chart.iml
new file mode 100644
index 0000000..5e764c4
--- /dev/null
+++ b/.idea/humhub-chart.iml
@@ -0,0 +1,9 @@
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
new file mode 100644
index 0000000..6194755
--- /dev/null
+++ b/.idea/modules.xml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7c4a278
--- /dev/null
+++ b/README.md
@@ -0,0 +1,25 @@
+HumHub Helm Chart
+=================
+
+Unofficial Helm Chart for HumHub - an Open Source Social Network.
+Maintained by Riotkit Tech Collective, which is a non-profit, grassroot, activist collective maintaining software for activists network.
+
+What is HumHub?
+---------------
+
+HumHub is an open source social network platform with a wide variety of use cases as social intranet, community or collaboration platform. HumHub consists of a core application, which can be extended through additional modules and adjusted to your needs by many configuration options.
+
+**Common use cases for HumHub are:**
+- Activist networks
+- Neighbourhood & family networks
+- Public or private communities
+- Enterprise Social Intranet
+- Schools
+- Agencies
+- Municipality
+- Associations
+
+Support
+-------
+
+Each Helm release supports single HumHub version defined in `appVersion` of the [Chart.yaml](charts/humhub/Chart.yaml)
diff --git a/charts/humhub/.helmignore b/charts/humhub/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/humhub/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/humhub/Chart.yaml b/charts/humhub/Chart.yaml
new file mode 100644
index 0000000..4c89285
--- /dev/null
+++ b/charts/humhub/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: humhub
+description: "HumHub is a free social network software and framework built to give you the tools to make communication and collaboration easy and successful."
+type: application
+version: 0.1.0
+appVersion: "1.13.0"
diff --git a/charts/humhub/templates/NOTES.txt b/charts/humhub/templates/NOTES.txt
new file mode 100644
index 0000000..7bc381c
--- /dev/null
+++ b/charts/humhub/templates/NOTES.txt
@@ -0,0 +1,33 @@
+Riotkit's HumHub Helm Chart
+===========================
+
+Thanks for choosing, hope for a cooperation! Feel free to contribute, as our "manpower" is very limited.
+We are an anarchist tech collective aiming to provide images, Helm Charts, Ansible playbooks for activist networks and not only.
+
+With 161 greetings,
+Riotkit
+
+---
+
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+ {{- range .paths }}
+ http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+ {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "humhub.fullname" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "humhub.fullname" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "humhub.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+ echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "humhub.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
diff --git a/charts/humhub/templates/_helpers.tpl b/charts/humhub/templates/_helpers.tpl
new file mode 100644
index 0000000..5b58ec2
--- /dev/null
+++ b/charts/humhub/templates/_helpers.tpl
@@ -0,0 +1,55 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "humhub.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{- define "humhub.pvcName" -}}
+{{- default .Values.pvc.name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "humhub.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "humhub.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "humhub.labels" -}}
+helm.sh/chart: {{ include "humhub.chart" . }}
+{{ include "humhub.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "humhub.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "humhub.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
diff --git a/charts/humhub/templates/deployment.yaml b/charts/humhub/templates/deployment.yaml
new file mode 100644
index 0000000..702f9fb
--- /dev/null
+++ b/charts/humhub/templates/deployment.yaml
@@ -0,0 +1,102 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "humhub.fullname" . }}
+ labels:
+ {{- include "humhub.labels" . | nindent 4 }}
+spec:
+ {{- if not .Values.autoscaling.enabled }}
+ replicas: {{ .Values.replicaCount }}
+ {{- end }}
+ selector:
+ matchLabels:
+ {{- include "humhub.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "humhub.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ automountServiceAccountToken: false
+ securityContext:
+ {{- if .Values.podSecurityContext }}
+ {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ {{ else }}
+ {{- toYaml .Values.defaults.podSecurityContext | nindent 8 }}
+ {{- end }}
+ initContainers:
+ {{ if .Values.chownInitContainer.enabled }}
+ - name: set-volume-permissions
+ image: {{ .Values.chownInitContainer.image }}
+ command: ['sh', '-c', 'chown 100:101 {{- range $name, $path := .Values.defaults.mounts }}/mnt/{{ $path }} {{ end }}']
+ securityContext:
+ runAsNonRoot: false
+ runAsUser: 0
+ runAsGroup: 0
+ volumeMounts:
+ {{- range $name, $path := .Values.defaults.mounts }}
+ {{- if $path }}
+ - mountPath: /mnt/{{ $path }}
+ name: data
+ {{- end }}
+ {{- end }}
+ {{ end }}
+ volumes:
+ - name: data
+ persistentVolumeClaim:
+ claimName: {{ include "humhub.pvcName" . }}
+ readOnly: false
+ containers:
+ - name: humhub
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ ports:
+ - name: http
+ containerPort: 80
+ protocol: TCP
+ volumeMounts:
+ {{- range $name, $path := .Values.defaults.mounts }}
+ {{- if $path }}
+ - mountPath: /mnt/{{ $path }}
+ name: data
+ {{- end }}
+ {{- end }}
+ startupProbe:
+ {{ toYaml .Values.health.startupProbe | nindent 14 }}
+ httpGet:
+ path: /
+ port: http
+ livenessProbe:
+ {{ toYaml .Values.health.livenessProbe | nindent 14 }}
+ httpGet:
+ path: /
+ port: http
+ readinessProbe:
+ {{ toYaml .Values.health.readinessProbe | nindent 14 }}
+ httpGet:
+ path: /
+ port: http
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
diff --git a/charts/humhub/templates/hpa.yaml b/charts/humhub/templates/hpa.yaml
new file mode 100644
index 0000000..9741784
--- /dev/null
+++ b/charts/humhub/templates/hpa.yaml
@@ -0,0 +1,28 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "humhub.fullname" . }}
+ labels:
+ {{- include "humhub.labels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "humhub.fullname" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/charts/humhub/templates/ingress.yaml b/charts/humhub/templates/ingress.yaml
new file mode 100644
index 0000000..5ebeeea
--- /dev/null
+++ b/charts/humhub/templates/ingress.yaml
@@ -0,0 +1,37 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "humhub.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ {{- include "humhub.labels" . | nindent 4 }}
+ {{- with .Values.ingress.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ .path }}
+ backend:
+ serviceName: {{ $fullName }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
diff --git a/charts/humhub/templates/service.yaml b/charts/humhub/templates/service.yaml
new file mode 100644
index 0000000..fd1f59b
--- /dev/null
+++ b/charts/humhub/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "humhub.fullname" . }}
+ labels:
+ {{- include "humhub.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ {{- include "humhub.selectorLabels" . | nindent 4 }}
diff --git a/charts/humhub/templates/tests/test-connection.yaml b/charts/humhub/templates/tests/test-connection.yaml
new file mode 100644
index 0000000..fdddc28
--- /dev/null
+++ b/charts/humhub/templates/tests/test-connection.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+ name: "{{ include "humhub.fullname" . }}-test-connection"
+ labels:
+ {{- include "humhub.labels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": test
+spec:
+ containers:
+ - name: wget
+ image: busybox
+ command: ['wget']
+ args: ['{{ include "humhub.fullname" . }}:{{ .Values.service.port }}']
+ restartPolicy: Never
diff --git a/charts/humhub/values.yaml b/charts/humhub/values.yaml
new file mode 100644
index 0000000..b4d780c
--- /dev/null
+++ b/charts/humhub/values.yaml
@@ -0,0 +1,89 @@
+replicaCount: 1
+
+image:
+ repository: ghcr.io/mriedmann/humhub-allinone
+ pullPolicy: IfNotPresent
+ tag: ""
+
+# -- Use PRIVILEGED init container to correct permissions of your volumes (NOTICE: it does not fix them recursively)
+chownInitContainer:
+ enabled: true
+ image: busybox:1.36.0-musl
+
+health:
+ startupProbe:
+ # defaults to 300s (5m) - give the migration script a time
+ periodSeconds: 5
+ failureThreshold: 60
+ livenessProbe:
+ periodSeconds: 55
+ failureThreshold: 1
+ readinessProbe:
+ periodSeconds: 30
+ failureThreshold: 1
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+podAnnotations: {}
+podSecurityContext: {}
+
+securityContext:
+ capabilities:
+ drop: ["ALL"]
+ runAsNonRoot: false
+
+service:
+ type: ClusterIP
+ port: 80
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+# hosts:
+# - host: chart-example.local
+# paths:
+# - path: /
+# backend:
+# serviceName: chart-example.local
+# servicePort: 80
+# tls: []
+# - secretName: chart-example-tls
+# hosts:
+# - chart-example.local
+
+# -- Pod resources
+resources: {}
+
+# -- Autoscaling: Officially not supported, but available. Use at own risk!
+autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 100
+ targetCPUUtilizationPercentage: 80
+ # targetMemoryUtilizationPercentage: 80
+
+# -- Stick Pods to a node
+nodeSelector: {}
+
+# -- Allow execution on given node pools
+tolerations: []
+
+# -- Groups pods by nodes. Keep them together or separated
+affinity: {}
+
+pvc:
+ name: humhub-pv
+
+defaults:
+ podSecurityContext:
+ fsGroup: 101
+ fsGroupChangePolicy: Always
+ # -- Syntax: mount name: directory in the root application directory. Overwrite with empty value to skip mounting
+ mounts:
+ uploads: uploads
+ assets: assets
+ modules: protected/modules
+ themes: themes