Initial commit

overleaf-helm-chart/Chart.yaml

@@ -0,0 +1,17 @@
+apiVersion: v2
+name: overleaf
+version: 0.1.0
+description: A Helm chart for deploying Overleaf on Kubernetes
+maintainers:
+  - name: Elmar Kresse
+    email: elmar.kresse@stud.htwk-leipzig.de
+keywords:
+  - overleaf
+  - latex
+  - collaboration
+  - helm
+  - kubernetes
+home: https://www.overleaf.com
+sources:
+  - https://github.com/overleaf/overleaf
+icon: https://www.overleaf.com/assets/images/logo.png

overleaf-helm-chart/README.md

@@ -0,0 +1,73 @@
+# Overleaf Helm Chart
+
+This Helm chart deploys Overleaf on a Kubernetes cluster using Traefik for ingress and cert-manager for SSL certificate management. It also utilizes CSI CephFS for persistent storage.
+
+## Prerequisites
+
+- Kubernetes cluster
+- Helm 3.x
+- Traefik installed in the cluster
+- Cert-manager installed in the cluster
+- CSI CephFS storage class configured
+
+## Installation
+
+To install the Overleaf Helm chart, follow these steps:
+
+1. **Clone the repository:**
+
+   ```bash
+   git clone <repository-url>
+   cd overleaf-helm-chart
+   ```
+
+2. **Update the dependencies (if any):**
+
+   ```bash
+   helm dependency update
+   ```
+
+3. **Install the chart:**
+
+   ```bash
+   helm install overleaf ./overleaf-helm-chart
+   ```
+
+   You can customize the installation by providing your own `values.yaml` file:
+
+   ```bash
+   helm install overleaf ./overleaf-helm-chart -f custom-values.yaml
+   ```
+
+## Configuration
+
+The following configuration options are available in `values.yaml`:
+
+- `image.repository`: The Docker image repository for Overleaf.
+- `image.tag`: The Docker image tag for Overleaf.
+- `mongo.storage.size`: The size of the persistent volume for MongoDB.
+- `redis.storage.size`: The size of the persistent volume for Redis.
+- `overleaf.storage.size`: The size of the persistent volume for Overleaf data.
+- `ingress.enabled`: Enable or disable ingress.
+- `ingress.hosts`: The hostnames for the ingress resource.
+- `certManager.enabled`: Enable or disable cert-manager integration.
+
+## Usage
+
+After installation, you can access Overleaf through the configured ingress hostname. Make sure that your DNS is set up to point to the Traefik ingress controller.
+
+## Uninstallation
+
+To uninstall the Overleaf Helm chart, run:
+
+```bash
+helm uninstall overleaf
+```
+
+## Contributing
+
+Contributions are welcome! Please submit a pull request or open an issue for any enhancements or bug fixes.
+
+## License
+
+This project is licensed under the MIT License. See the LICENSE file for details.

overleaf-helm-chart/charts

@@ -0,0 +1 @@
+# This directory is for any dependent charts that your Helm chart may require. It can be empty if there are no dependencies.

overleaf-helm-chart/templates/deployment-mongo.yaml

@@ -0,0 +1,49 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mongo
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: mongo
+  template:
+    metadata:
+      labels:
+        app: mongo
+    spec:
+      securityContext:
+        runAsUser: 1001
+        fsGroup: 0
+      containers:
+        - name: mongo
+          image: {{ .Values.mongo.image }}
+          ports:
+            - containerPort: {{ .Values.mongo.port }}
+          env:
+            - name: MONGODB_REPLICA_SET_MODE
+              value: primary
+            - name: MONGODB_REPLICA_SET_NAME
+              value: {{ .Values.mongo.replSet }}
+            - name: MONGODB_ROOT_USER
+              value: {{ .Values.mongo.rootUser | quote }}
+            - name: MONGODB_ROOT_PASSWORD
+              value: {{ .Values.mongo.rootPassword | quote }}
+            - name: MONGODB_DATABASE
+              value: {{ .Values.mongo.initDb | quote }}
+            - name: MONGODB_REPLICA_SET_KEY
+              value: {{ .Values.mongo.replSetKey | quote }}
+          volumeMounts:
+            - name: mongo-data
+              mountPath: {{ .Values.mongo.volumeMounts.db }}
+          resources:
+            requests:
+              cpu: {{ .Values.resources.mongo.requests.cpu }}
+              memory: {{ .Values.resources.mongo.requests.memory }}
+            limits:
+              cpu: {{ .Values.resources.mongo.limits.cpu }}
+              memory: {{ .Values.resources.mongo.limits.memory }}
+      volumes:
+        - name: mongo-data
+          persistentVolumeClaim:
+            claimName: {{ .Values.persistence.mongoData }}

overleaf-helm-chart/templates/deployment-redis.yaml

@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      labels:
+        app: redis
+    spec:
+      containers:
+        - name: redis
+          image: {{ .Values.redis.image }}
+          ports:
+            - containerPort: {{ .Values.redis.port }}
+          volumeMounts:
+            - name: redis-data
+              mountPath: {{ .Values.redis.volumeMount }}
+          resources:
+            requests:
+              cpu: {{ .Values.resources.redis.requests.cpu }}
+              memory: {{ .Values.resources.redis.requests.memory }}
+            limits:
+              cpu: {{ .Values.resources.redis.limits.cpu }}
+              memory: {{ .Values.resources.redis.limits.memory }}
+      volumes:
+        - name: redis-data
+          persistentVolumeClaim:
+            claimName: {{ .Values.persistence.redisData }}

overleaf-helm-chart/templates/deployment-sharelatex.yaml

@@ -0,0 +1,62 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: overleaf
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: overleaf
+  template:
+    metadata:
+      labels:
+        app: overleaf
+    spec:
+      containers:
+        - name: overleaf
+          image: {{ .Values.overleaf.image }}
+          ports:
+            - containerPort: {{ .Values.overleaf.port }}
+          env:
+            - name: OVERLEAF_APP_NAME
+              value: {{ .Values.overleaf.appName | quote }}
+            - name: OVERLEAF_SITE_LANGUAGE
+              value: {{ .Values.overleaf.siteLanguage | quote }}
+            - name: OVERLEAF_MONGO_URL
+              value: 'mongodb://{{ .Values.mongo.rootUser }}:{{ .Values.mongo.rootPassword }}@mongo:27017/{{ .Values.mongo.initDb }}?replicaSet={{ .Values.mongo.replSet }}'
+            - name: OVERLEAF_REDIS_HOST
+              value: redis
+            - name: REDIS_HOST
+              value: redis
+            - name: ENABLED_LINKED_FILE_TYPES
+              value: project_file,project_output_file
+            - name: ENABLE_CONVERSIONS
+              value: {{ .Values.overleaf.enableConversions | quote }}
+            - name: EMAIL_CONFIRMATION_DISABLED
+              value: {{ .Values.overleaf.emailConfirmationDisabled | quote }}
+            - name: TEXMFVAR
+              value: {{ .Values.overleaf.texmfvar | quote }}
+            - name: OVERLEAF_SITE_URL
+              value: {{ .Values.overleaf.siteUrl | quote }}
+            - name: OVERLEAF_NAV_TITLE
+              value: {{ .Values.overleaf.navTitle | quote }}
+            - name: OVERLEAF_ADMIN_EMAIL
+              value: {{ .Values.overleaf.adminEmail | quote }}
+            - name: OVERLEAF_LEFT_FOOTER
+              value: {{ .Values.overleaf.leftFooter | quote }}
+            - name: OVERLEAF_RIGHT_FOOTER
+              value: {{ .Values.overleaf.rightFooter | quote }}
+          volumeMounts:
+            - name: overleaf-data
+              mountPath: {{ .Values.overleaf.volumeMount }}
+          resources:
+            requests:
+              cpu: {{ .Values.resources.overleaf.requests.cpu }}
+              memory: {{ .Values.resources.overleaf.requests.memory }}
+            limits:
+              cpu: {{ .Values.resources.overleaf.limits.cpu }}
+              memory: {{ .Values.resources.overleaf.limits.memory }}
+      volumes:
+        - name: overleaf-data
+          persistentVolumeClaim:
+            claimName: {{ .Values.persistence.overleafData }}

overleaf-helm-chart/templates/ingress.yaml

@@ -0,0 +1,27 @@
+{{- if .Values.ingress.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: overleaf-ingress
+  annotations:
+    kubernetes.io/ingress.class: "traefik"
+    cert-manager.io/cluster-issuer: "{{ .Values.ingress.certManagerIssuer }}"
+    # Traefik spezifisch: Enable HTTPS redirect (optional)
+    traefik.ingress.kubernetes.io/redirect-entry-point: websecure
+spec:
+  tls:
+    - hosts:
+        - {{ .Values.ingress.host | quote }}
+      secretName: {{ .Values.ingress.tlsSecretName }}
+  rules:
+    - host: {{ .Values.ingress.host | quote }}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: overleaf
+                port:
+                  number: 80
+{{- end }}

overleaf-helm-chart/templates/pvc.yaml

@@ -0,0 +1,39 @@
+{{- if .Values.persistence.enabled }}
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Values.persistence.overleafData }}
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: {{ .Values.persistence.storageClassName }}
+  resources:
+    requests:
+      storage: 5Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Values.persistence.redisData }}
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: {{ .Values.persistence.storageClassName }}
+  resources:
+    requests:
+      storage: 2Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Values.persistence.mongoData }}
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: {{ .Values.persistence.storageClassName }}
+  resources:
+    requests:
+      storage: 5Gi
+---
+{{- end }}

overleaf-helm-chart/templates/service-mongo.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: mongo
+spec:
+  ports:
+    - port: {{ .Values.mongo.port }}
+      targetPort: {{ .Values.mongo.port }}
+  selector:
+    app: mongo

overleaf-helm-chart/templates/service-redis.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis
+spec:
+  ports:
+    - port: {{ .Values.redis.port }}
+      targetPort: {{ .Values.redis.port }}
+  selector:
+    app: redis

overleaf-helm-chart/templates/service-sharelatex.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: overleaf
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: {{ .Values.overleaf.port }}
+  selector:
+    app: overleaf

overleaf-helm-chart/values.yaml

@@ -0,0 +1,68 @@
+overleaf:
+  image: overleafcep/sharelatex:5.5.1-ext-v3
+  appName: "Overleaf FSR-IM"
+  siteLanguage: "de"
+  siteUrl: "https://overleaf.fsr.imn.htwk-leipzig.de"
+  navTitle: "Overleaf FSR-IM"
+  adminEmail: "fsrim@htwk-leipzig.de"
+  leftFooter: '[{"text": "© Overleaf 2025 Powered by FSR-IM"} ]'
+  rightFooter: '[{"text": "<a href=\"https://gitlab.dit.htwk-leipzig.de/fsr-im\">Gitlab</a>"} ]'
+  port: 80
+  volumeMount: /var/lib/overleaf
+  enableConversions: "true"
+  emailConfirmationDisabled: "true"
+  texmfvar: /var/lib/overleaf/tmp/texmf-var
+
+redis:
+  image: redis:6.2
+  port: 6379
+  volumeMount: /data
+
+mongo:
+  image: mongo:7.0
+  port: 27017
+  replSet: overleaf
+  initDb: overleaf
+  volumeMounts:
+    db: /data/db
+  rootUser: root
+  rootPassword: 45fg2465g3645tgg563456
+  replSetKey: "543gv0h3v8z7t6i39v87ztv35v"
+
+persistence:
+  enabled: true
+  overleafData: overleaf-data
+  redisData: redis-data
+  mongoData: mongo-data
+  storageClassName: csi-cephfs-sc
+
+resources:
+  overleaf:
+    limits:
+      cpu: "1000m"
+      memory: "8Gi"
+    requests:
+      cpu: "800m"
+      memory: "2Gi"
+
+  redis:
+    limits:
+      cpu: "1000m"
+      memory: "4Gi"
+    requests:
+      cpu: "800m"
+      memory: "2Gi"
+
+  mongo:
+    limits:
+      cpu: "1000m"
+      memory: "4Gi"
+    requests:
+      cpu: "800m"
+      memory: "2Gi"
+
+ingress:
+  enabled: true
+  host: "overleaf.fsr.imn.htwk-leipzig.de"
+  certManagerIssuer: "letsencrypt-prod"  # ClusterIssuer Name, anpassen falls anders
+  tlsSecretName: "overleaf-tls"