From cbf41e2feb0fac83dc57f90abecdbb5160995626 Mon Sep 17 00:00:00 2001
From: xeruf <27jf@pm.me>
Date: Fri, 13 Dec 2024 19:09:49 +0100
Subject: [PATCH] penpot: migrate to official chart

---
 .../penpot-secrets/penpot-variables.yaml      |  2 +-
 apps/design/penpot/penpot-pvc.yaml            |  2 +-
 apps/design/penpot/penpot-release.yaml        |  4 +-
 .../penpot/penpot-values-configmap.yaml       | 68 ++++++++++---------
 infrastructure/sources/penpot.yaml            |  8 +++
 5 files changed, 49 insertions(+), 35 deletions(-)
 create mode 100644 infrastructure/sources/penpot.yaml

diff --git a/apps/design/penpot-secrets/penpot-variables.yaml b/apps/design/penpot-secrets/penpot-variables.yaml
index b89df98..d96f131 100644
--- a/apps/design/penpot-secrets/penpot-variables.yaml
+++ b/apps/design/penpot-secrets/penpot-variables.yaml
@@ -6,4 +6,4 @@ metadata:
   namespace: flux-system
 spec:
   fields:
-  - fieldName: password
+  - fieldName: api_key
diff --git a/apps/design/penpot/penpot-pvc.yaml b/apps/design/penpot/penpot-pvc.yaml
index 24c63e2..a9222c9 100644
--- a/apps/design/penpot/penpot-pvc.yaml
+++ b/apps/design/penpot/penpot-pvc.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: penpot-data
+  name: penpot-assets
   namespace: stackspout
   labels:
     stackspin.net/backupSet: "penpot"
diff --git a/apps/design/penpot/penpot-release.yaml b/apps/design/penpot/penpot-release.yaml
index d5a81cd..391b46b 100644
--- a/apps/design/penpot/penpot-release.yaml
+++ b/apps/design/penpot/penpot-release.yaml
@@ -8,10 +8,10 @@ spec:
   chart:
     spec:
       chart: penpot
-      version: 4.0.12
+      version: 0.5.0
       sourceRef:
         kind: HelmRepository
-        name: truecharts
+        name: penpot
         namespace: flux-system
   interval: 5m
   valuesFrom:
diff --git a/apps/design/penpot/penpot-values-configmap.yaml b/apps/design/penpot/penpot-values-configmap.yaml
index a6eb361..4d1f98f 100644
--- a/apps/design/penpot/penpot-values-configmap.yaml
+++ b/apps/design/penpot/penpot-values-configmap.yaml
@@ -18,25 +18,32 @@ data:
       existingClaim: "penpot-data"
 
     ingress:
-      main:
-        enabled: true
-        annotations:
-          kubernetes.io/tls-acme: "true"
-        hosts:
-          - host: "${penpot_domain}"
-            paths:
-               - path: /
-                 pathType: Prefix
-        tls:
-          - secretName: penpot-tls
-            hosts:
-              - "${penpot_domain}"
-        integrations:
-          certManager:
-            enabled: true
-    penpot:
-      public_uri: "https://${penpot_domain}"
-      #registration_domain_whitelist: []
+      enabled: true
+      annotations:
+        kubernetes.io/tls-acme: "true"
+      hosts: ["${penpot_domain}"]
+      #  - host: "${penpot_domain}"
+      #    paths:
+      #       - path: /
+      #         pathType: Prefix
+      tls:
+        - secretName: penpot-tls
+          hosts:
+            - "${penpot_domain}"
+      integrations:
+        certManager:
+          enabled: true
+
+    config:
+      publicUri: "https://${penpot_domain}"
+      #apiSecretKey: "W8oErul6XcazLUhpsP_y0zttNSx_EkItWmD0TKTEvJuWSsjvkfEHxk9uNmrCOZ-p_Y6gIRV7yqQ4j04JcQX3xg"
+      apiSecretKey: "${api_key}"
+      # -- Comma separated list of allowed domains to register. Empty to allow all domains.
+      registrationDomainWhitelist: "ftt.gmbh"
+      telemetryEnabled: false
+      # -- The feature flags to enable. Check [the official docs](https://help.penpot.app/technical-guide/configuration/) for more info.
+      # @section -- Configuration parameters
+      #flags: "enable-registration enable-login-with-password disable-email-verification enable-smtp"
       #flags:
       #  backend_api_doc: false
       #  cors: false
@@ -50,24 +57,23 @@ data:
       #  registration: true
       #  secure_session_cookies: true
       #  user_feedback: false
-      identity_providers:
-        oidc:
-          enabled: true
-          client_id: "${client_id}"
-          client_secret: "${client_secret}"
-          base_uri: "https://${hydra_domain}"
-          #autoDiscoverUrl: 'https://${hydra_domain}/.well-known/openid-configuration'
       smtp:
         enabled: "${outgoing_mail_enabled}"
         host: "${outgoing_mail_smtp_host}"
         port: "${outgoing_mail_smtp_port}"
         username: "${outgoing_mail_smtp_user}"
-        pass: "${outgoing_mail_smtp_password}"
-        default_from: "${outgoing_mail_from_address}"
-        default_reply_to: "${outgoing_mail_from_address}"
+        password: "${outgoing_mail_smtp_password}"
+        defaultFrom: "${outgoing_mail_from_address}"
+        defaultReplyTo: "${outgoing_mail_from_address}"
+      providers:
+        oidc:
+          enabled: true
+          clientID: "${client_id}"
+          clientSecret: "${client_secret}"
+          baseURI: "https://${hydra_domain}"
+          #autoDiscoverUrl: 'https://${hydra_domain}/.well-known/openid-configuration'
 
     persistence:
       assets:
         enabled: true
-        mountPath: /opt/data/assets
-        targetSelectAll: true
+        existingClaim: "penpot-assets"
diff --git a/infrastructure/sources/penpot.yaml b/infrastructure/sources/penpot.yaml
new file mode 100644
index 0000000..538f76e
--- /dev/null
+++ b/infrastructure/sources/penpot.yaml
@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: penpot
+  namespace: flux-system
+spec:
+  interval: 60m
+  url: https://helm.penpot.app/