-
Notifications
You must be signed in to change notification settings - Fork 301
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
NAS-121539 / 23.10 / Add ClamAV to
community train (#1139)
* add clamav * add initial clamav * update readmes * move to community * no need for hostnet * change image * remove redundant group * add email * bump common * add metadata
- Loading branch information
Showing
18 changed files
with
478 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| dependencies: | ||
| - name: common | ||
| repository: file://../../../common | ||
| version: 1.0.6 | ||
| digest: sha256:2f1f31c15fb7f92db141a66adbb8d23a8598727730050a3883a211763a4e5472 | ||
| generated: "2023-04-28T16:05:12.034666174+03:00" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| name: clamav | ||
| description: ClamAV is an open source (GPLv2) anti-virus toolkit. | ||
| annotations: | ||
| title: Clam AV | ||
| type: application | ||
| version: 1.0.0 | ||
| apiVersion: v2 | ||
| appVersion: '1.0.1' | ||
| kubeVersion: '>=1.16.0-0' | ||
| maintainers: | ||
| - name: truenas | ||
| url: https://www.truenas.com/ | ||
| email: [email protected] | ||
| dependencies: | ||
| - name: common | ||
| repository: file://../../../common | ||
| version: 1.0.6 | ||
| home: https://www.clamav.net/ | ||
| icon: https://raw.githubusercontent.com/micahsnyder/clamav-documentation/main/src/images/logo.png | ||
| sources: | ||
| - https://docs.clamav.net/ | ||
| - https://github.com/truenas/charts/tree/master/community/clamav | ||
| - https://www.clamav.net/ | ||
| keywords: | ||
| - anti-virus | ||
| - clamav |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| # ClamAV | ||
|
|
||
| [ClamAV](https://www.clamav.net/) - ClamAV® is an open-source antivirus engine for detecting trojans, viruses, malware & other malicious threats. | ||
|
|
||
| - App runs as `root` user |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| # ClamAV | ||
|
|
||
| [ClamAV](https://www.clamav.net/) - ClamAV® is an open-source antivirus engine for detecting trojans, viruses, malware & other malicious threats. | ||
|
|
||
| - App runs as `root` user |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| clamavStorage: | ||
| sigdb: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/sig-db | ||
| scandir: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/scan-dir |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| clamavStorage: | ||
| sigdb: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/sig-db | ||
| scandir: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/scan-dir | ||
|
|
||
| clamavConfig: | ||
| disableMilterd: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| clamavStorage: | ||
| sigdb: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/sig-db | ||
| scandir: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/scan-dir | ||
|
|
||
| clamavConfig: | ||
| disableClamd: true |
10 changes: 10 additions & 0 deletions
10
library/ix-dev/community/clamav/ci/no-freshclamd-values.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| clamavStorage: | ||
| sigdb: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/sig-db | ||
| scandir: | ||
| type: hostPath | ||
| hostPath: /mnt/{{ .Release.Name }}/scan-dir | ||
|
|
||
| clamavConfig: | ||
| disableFreshClamd: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| icon_url: https://raw.githubusercontent.com/micahsnyder/clamav-documentation/main/src/images/logo.png | ||
| categories: | ||
| - anti-virus | ||
| - clamav |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| runAsContext: | ||
| - userName: root | ||
| groupName: root | ||
| gid: 0 | ||
| uid: 0 | ||
| description: ClamAV runs as root user. | ||
| capabilities: | ||
| - name: CHOWN | ||
| description: ClamAV is able to chown files. | ||
| - name: FOWNER | ||
| description: ClamAV is able bypass permission checks for it's sub-processes. | ||
| - name: DAC_OVERRIDE | ||
| description: ClamAV is able to bypass permission checks. | ||
| - name: SETGID | ||
| description: ClamAV is able to set group ID for it's sub-processes. | ||
| - name: SETUID | ||
| description: ClamAV is able to set user ID for it's sub-processes. | ||
| hostMounts: [] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,208 @@ | ||
| groups: | ||
| - name: ClamAV Configuration | ||
| description: Configure ClamAV | ||
| - name: Network Configuration | ||
| description: Configure Network for ClamAV | ||
| - name: Storage Configuration | ||
| description: Configure Storage for ClamAV | ||
| - name: Resources Configuration | ||
| description: Configure Resources for ClamAV | ||
|
|
||
| questions: | ||
|
|
||
| - variable: clamavConfig | ||
| label: "" | ||
| group: ClamAV Configuration | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: disableClamd | ||
| label: Disable ClamD | ||
| description: Do not start Clam daemon | ||
| schema: | ||
| type: boolean | ||
| default: false | ||
| - variable: disableFreshClamd | ||
| label: Disable FreshClamD | ||
| description: Do not start the FreshClam daemon | ||
| schema: | ||
| type: boolean | ||
| default: false | ||
| - variable: disableMilterd | ||
| label: Disable MilterD | ||
| description: Do not start the ClamAV-Milter daemon | ||
| schema: | ||
| type: boolean | ||
| default: true | ||
| - variable: clamdStartupTimeout | ||
| label: ClamD Startup Timeout | ||
| description: Seconds to wait for ClamD to start | ||
| schema: | ||
| type: int | ||
| default: 1800 | ||
| required: true | ||
| - variable: freshclamChecks | ||
| label: Fresh Clam Checks | ||
| description: Times to check per day for a new database. | ||
| schema: | ||
| type: int | ||
| default: 1 | ||
| min: 1 | ||
| max: 50 | ||
| required: true | ||
| - variable: additionalEnvs | ||
| label: Additional Environment Variables | ||
| description: Configure additional environment variables for ClamAV. | ||
| schema: | ||
| type: list | ||
| default: [] | ||
| items: | ||
| - variable: env | ||
| label: Environment Variable | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: name | ||
| label: Name | ||
| schema: | ||
| type: string | ||
| required: true | ||
| - variable: value | ||
| label: Value | ||
| schema: | ||
| type: string | ||
| required: true | ||
|
|
||
| - variable: clamavNetwork | ||
| label: "" | ||
| group: Network Configuration | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: clamdPort | ||
| label: ClamD Port | ||
| description: The port for the ClamAV ClamD | ||
| schema: | ||
| type: int | ||
| default: 30000 | ||
| min: 9000 | ||
| max: 65535 | ||
| required: true | ||
| - variable: milterdPort | ||
| label: MilterD Port | ||
| description: The port for the ClamAV MilterD | ||
| schema: | ||
| type: int | ||
| default: 30001 | ||
| min: 9000 | ||
| max: 65535 | ||
| required: true | ||
|
|
||
| - variable: clamavStorage | ||
| label: "" | ||
| group: Storage Configuration | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: sigdb | ||
| label: ClamAV Signature Database Storage | ||
| description: The path to store ClamAV Signature Database. | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: type | ||
| label: Type | ||
| description: | | ||
| ixVolume: Is dataset created automatically by the system.</br> | ||
| Host Path: Is a path that already exists on the system. | ||
| schema: | ||
| type: string | ||
| required: true | ||
| default: ixVolume | ||
| enum: | ||
| - value: hostPath | ||
| description: Host Path (Path that already exists on the system) | ||
| - value: ixVolume | ||
| description: ixVolume (Dataset created automatically by the system) | ||
| - variable: datasetName | ||
| label: Dataset Name | ||
| schema: | ||
| type: string | ||
| show_if: [["type", "=", "ixVolume"]] | ||
| required: true | ||
| hidden: true | ||
| immutable: true | ||
| default: sig-db | ||
| $ref: | ||
| - "normalize/ixVolume" | ||
| - variable: hostPath | ||
| label: Host Path | ||
| schema: | ||
| type: hostpath | ||
| show_if: [["type", "=", "hostPath"]] | ||
| immutable: true | ||
| required: true | ||
| - variable: scandir | ||
| label: ClamAV Scan Storage | ||
| description: The path to store ClamAV Scan storage. | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: type | ||
| label: Type | ||
| description: | | ||
| ixVolume: Is dataset created automatically by the system.</br> | ||
| Host Path: Is a path that already exists on the system. | ||
| schema: | ||
| type: string | ||
| required: true | ||
| default: ixVolume | ||
| enum: | ||
| - value: hostPath | ||
| description: Host Path (Path that already exists on the system) | ||
| - value: ixVolume | ||
| description: ixVolume (Dataset created automatically by the system) | ||
| - variable: datasetName | ||
| label: Dataset Name | ||
| schema: | ||
| type: string | ||
| show_if: [["type", "=", "ixVolume"]] | ||
| required: true | ||
| hidden: true | ||
| immutable: true | ||
| default: scan-dir | ||
| $ref: | ||
| - "normalize/ixVolume" | ||
| - variable: hostPath | ||
| label: Host Path | ||
| schema: | ||
| type: hostpath | ||
| show_if: [["type", "=", "hostPath"]] | ||
| immutable: true | ||
| required: true | ||
|
|
||
| - variable: resources | ||
| label: "" | ||
| group: Resources Configuration | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: limits | ||
| label: Limits | ||
| schema: | ||
| type: dict | ||
| attrs: | ||
| - variable: cpu | ||
| label: CPU | ||
| description: CPU limit for ClamAV. | ||
| schema: | ||
| type: string | ||
| default: 4000m | ||
| required: true | ||
| - variable: memory | ||
| label: Memory | ||
| description: Memory limit for ClamAV. | ||
| schema: | ||
| type: string | ||
| default: 8Gi | ||
| required: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {{ include "ix.v1.common.lib.chart.notes" $ }} |
Oops, something went wrong.