diff --git a/helm/.DS_Store b/helm/.DS_Store
new file mode 100644
index 0000000..5008ddf
Binary files /dev/null and b/helm/.DS_Store differ
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
new file mode 100644
index 0000000..ef266fc
--- /dev/null
+++ b/helm/Chart.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+appVersion: "0.0.1.0"
+description: default
+name: docker-osx
+version: 0.1.0
+keywords:
+- docker-osx
diff --git a/helm/README.md b/helm/README.md
new file mode 100644
index 0000000..34fc6a9
--- /dev/null
+++ b/helm/README.md
@@ -0,0 +1,44 @@
+# docker-osx
+
+## Information
+
+This installs `docker-osx` in Kubernetes.
+
+## Features
+
+### What works
+1) Setting cpu/memory options
+1) Setting VNC password
+1) Persistance
+1) Setting SMBIOS
+1) QEMU/virtio cpu changes
+1) Toggling Audio
+1) Additional port forwarding
+1) Kubernetes resource requests/limits
+1) Defining install partition size
+
+### What doesn't/isn't defined
+1) Defining a different version of macOS
+1) Additional QEMU parameters
+1) GPU support
+
+## Requirements
+
+*) Install [host machine requirements](https://github.com/cephasara/Docker-OSX#requirements-kvm-on-the-host)
+ *) Ensure you are running QEMU 5.X
+*) Kubernetes
+*) Helm
+*) `sickcodes/docker-osx-vnc` Docker image
+
+### Build `sickcodes/docker-osx-vnc`
+
+1) Go back to the root directory
+1) Build docker image
+
+ ```
+ docker build \
+ -t sickcodes/docker-osx-vnc:latest \
+ -f vnc-version/Dockerfile .
+ ```
+
+_Do not worry about passing `CPU`, `RAM`, etc as they are handled in `values.yaml` now._
\ No newline at end of file
diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl
new file mode 100644
index 0000000..d4a1b13
--- /dev/null
+++ b/helm/templates/_helpers.tpl
@@ -0,0 +1,32 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "docker-osx.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "docker-osx.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "docker-osx.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/helm/templates/configmap.yaml b/helm/templates/configmap.yaml
new file mode 100644
index 0000000..5af2faa
--- /dev/null
+++ b/helm/templates/configmap.yaml
@@ -0,0 +1,1175 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ template "docker-osx.fullname" . }}-boot-components
+data:
+ config.plist: |-
+
+
+
+
+ ACPI
+
+ Add
+
+
+ Comment
+ add DTGP method
+ Enabled
+
+ Path
+ SSDT-DTGP.aml
+
+
+ Comment
+ Fake EC and USBX Power
+ EnĂ¥abled
+
+ Path
+ SSDT-EC.aml
+
+
+ Comment
+ USB 2.0 Injection
+ Enabled
+
+ Path
+ SSDT-EHCI.aml
+
+
+ Comment
+ CPU AGPM Plugin=1
+ Enabled
+
+ Path
+ SSDT-PLUG.aml
+
+
+ Delete
+
+
+ All
+
+ Comment
+ Delete CpuPm
+ Enabled
+
+ OemTableId
+ Q3B1UG0AAAA=
+ TableLength
+ 0
+ TableSignature
+ U1NEVA==
+
+
+ All
+
+ Comment
+ Delete Cpu0Ist
+ Enabled
+
+ OemTableId
+ Q3B1MElzdAA=
+ TableLength
+ 0
+ TableSignature
+ U1NEVA==
+
+
+ Patch
+
+
+ Comment
+ _Q11 to XQ11
+ Count
+ 1
+ Enabled
+
+ Find
+ X1ExMQ==
+ Limit
+ 0
+ Mask
+
+ OemTableId
+
+ Replace
+ WFExMQ==
+ ReplaceMask
+
+ Skip
+ 0
+ TableLength
+ 0
+ TableSignature
+
+
+
+ Comment
+ _Q12 to XQ12
+ Count
+ 1
+ Enabled
+
+ Find
+ X1ExMg==
+ Limit
+ 0
+ Mask
+
+ OemTableId
+
+ Replace
+ WFExMg==
+ ReplaceMask
+
+ Skip
+ 0
+ TableLength
+ 0
+ TableSignature
+
+
+
+ Quirks
+
+ FadtEnableReset
+
+ NormalizeHeaders
+
+ RebaseRegions
+
+ ResetHwSig
+
+ ResetLogoStatus
+
+
+
+ Booter
+
+ MmioWhitelist
+
+ Quirks
+
+ AvoidRuntimeDefrag
+
+ DevirtualiseMmio
+
+ DisableSingleUser
+
+ DisableVariableWrite
+
+ DiscardHibernateMap
+
+ EnableSafeModeSlide
+
+ EnableWriteUnprotector
+
+ ForceExitBootServices
+
+ ProtectMemoryRegions
+
+ ProtectSecureBoot
+
+ ProtectUefiServices
+
+ ProvideCustomSlide
+
+ ProvideMaxSlide
+ 0
+ RebuildAppleMemoryMap
+
+ SetupVirtualMap
+
+ SignalAppleOS
+
+ SyncRuntimePermissions
+
+
+
+ DeviceProperties
+
+ Add
+
+ PciRoot(0x1)/Pci(0x1F,0x0)
+
+ compatible
+ pci8086,2916
+ device-id
+
+ FikA
+
+ name
+ pci8086,2916
+
+
+ Delete
+
+ PciRoot(0x0)/Pci(0x1b,0x0)
+
+ MaximumBootBeepVolume
+
+
+
+ Kernel
+
+ Add
+
+
+ Arch
+ x86_64
+ BundlePath
+ VoodooHDA.kext
+ Comment
+ Patch engine
+ Enabled
+
+ ExecutablePath
+ Contents/MacOS/VoodooHDA
+ MaxKernel
+
+ MinKernel
+ 12.0.0
+ PlistPath
+ Contents/Info.plist
+
+
+ Arch
+ x86_64
+ BundlePath
+ Lilu.kext
+ Comment
+ Patch engine
+ Enabled
+
+ ExecutablePath
+ Contents/MacOS/Lilu
+ MaxKernel
+
+ MinKernel
+ 12.0.0
+ PlistPath
+ Contents/Info.plist
+
+
+ Arch
+ x86_64
+ BundlePath
+ VirtualSMC.kext
+ Comment
+ SMC emulator
+ Enabled
+
+ ExecutablePath
+ Contents/MacOS/VirtualSMC
+ MaxKernel
+
+ MinKernel
+ 12.0.0
+ PlistPath
+ Contents/Info.plist
+
+
+ Arch
+ x86_64
+ BundlePath
+ WhateverGreen.kext
+ Comment
+ Video patches
+ Enabled
+
+ ExecutablePath
+ Contents/MacOS/WhateverGreen
+ MaxKernel
+
+ MinKernel
+ 12.0.0
+ PlistPath
+ Contents/Info.plist
+
+
+ Arch
+ x86_64
+ BundlePath
+ AppleALC.kext
+ Comment
+ Audio patches
+ Enabled
+
+ ExecutablePath
+ Contents/MacOS/AppleALC
+ MaxKernel
+
+ MinKernel
+ 12.0.0
+ PlistPath
+ Contents/Info.plist
+
+
+ BundlePath
+ AGPMInjector.kext
+ Comment
+
+ Enabled
+
+ ExecutablePath
+
+ MaxKernel
+
+ MinKernel
+
+ PlistPath
+ Contents/Info.plist
+
+
+ BundlePath
+ USBPorts.kext
+ Comment
+
+ Enabled
+
+ ExecutablePath
+
+ MaxKernel
+
+ MinKernel
+
+ PlistPath
+ Contents/Info.plist
+
+
+ Arch
+ x86_64
+ BundlePath
+ MCEReporterDisabler.kext
+ Comment
+ AppleMCEReporter disabler
+ Enabled
+
+ ExecutablePath
+
+ MaxKernel
+
+ MinKernel
+ 19.0.0
+ PlistPath
+ Contents/Info.plist
+
+
+ Block
+
+
+ Arch
+ Any
+ Comment
+
+ Enabled
+
+ Identifier
+ com.apple.driver.AppleTyMCEDriver
+ MaxKernel
+
+ MinKernel
+
+
+
+ Emulate
+
+ Cpuid1Data
+
+ VAYFAAAAAAAAAAAAAAAAAA==
+
+ Cpuid1Mask
+
+ ////AAAAAAAAAAAAAAAAAA==
+
+
+ Force
+
+
+ Arch
+ Any
+ BundlePath
+ System/Library/Extensions/IONetworkingFamily.kext
+ Comment
+ Patch engine
+ Enabled
+
+ Identifier
+ com.apple.iokit.IONetworkingFamily
+ ExecutablePath
+ Contents/MacOS/IONetworkingFamily
+ MaxKernel
+ 13.99.99
+ MinKernel
+
+ PlistPath
+ Contents/Info.plist
+
+
+ Patch
+
+
+ Base
+ _cpu_topology_sort
+ Comment
+ algrey - cpu_topology_sort -disable _x86_validate_topology
+ Count
+ 1
+ Enabled
+
+ Find
+
+ 6AAA//8=
+
+ Identifier
+ kernel
+ Limit
+ 0
+ Mask
+
+ /wAA//8=
+
+ MaxKernel
+ 20.99.99
+ MinKernel
+ 17.0.0
+ Replace
+
+ Dx9EAAA=
+
+ ReplaceMask
+
+
+ Skip
+ 0
+
+
+ Base
+
+ Comment
+ algrey - cpuid_set_cpufamily - force CPUFAMILY_INTEL_PENRYN
+ Count
+ 1
+ Enabled
+
+ Find
+
+ MduAPQAAAAAGdQA=
+
+ Identifier
+ kernel
+ Limit
+ 0
+ Mask
+
+ /////wAAAP///wA=
+
+ MaxKernel
+ 20.99.99
+ MinKernel
+ 17.0.0
+ Replace
+
+ u7xP6njpXQAAAJA=
+
+ ReplaceMask
+
+
+ Skip
+ 0
+
+
+ Quirks
+
+ AppleCpuPmCfgLock
+
+ AppleXcpmCfgLock
+
+ AppleXcpmExtraMsrs
+
+ AppleXcpmForceBoost
+
+ CustomSMBIOSGuid
+
+ DisableIoMapper
+
+ DisableLinkeditJettison
+
+ DisableRtcChecksum
+
+ DummyPowerManagement
+
+ ExternalDiskIcons
+
+ IncreasePciBarSize
+
+ LapicKernelPanic
+
+ PanicNoKextDump
+
+ PowerTimeoutKernelPanic
+
+ ThirdPartyDrives
+
+ XhciPortLimit
+
+
+ Scheme
+
+ FuzzyMatch
+
+ KernelArch
+ x86_64
+ KernelCache
+ Auto
+
+
+ Misc
+
+ BlessOverride
+
+ Boot
+
+ ConsoleAttributes
+ 0
+ HibernateMode
+ Auto
+ HideAuxiliary
+
+ PickerAttributes
+ 1
+ PickerAudioAssist
+
+ PickerMode
+ External
+ PollAppleHotKeys
+
+ ShowPicker
+
+ TakeoffDelay
+ 0
+ Timeout
+ 0
+
+ Debug
+
+ AppleDebug
+
+ ApplePanic
+
+ DisableWatchDog
+
+ DisplayDelay
+ 0
+ DisplayLevel
+ 2147483650
+ SerialInit
+
+ SysReport
+
+ Target
+ 3
+
+ Entries
+
+ Security
+
+ AllowNvramReset
+
+ AllowSetDefault
+
+ ApECID
+ 0
+ AuthRestart
+
+ BootProtect
+ None
+ DmgLoading
+ Signed
+ EnablePassword
+
+ ExposeSensitiveData
+ 6
+ HaltLevel
+ 2147483648
+ PasswordHash
+
+ PasswordSalt
+
+ ScanPolicy
+ 0
+ SecureBootModel
+ Disabled
+ Vault
+ Optional
+
+ Tools
+
+
+ Arguments
+
+ Auxiliary
+
+ Comment
+ Not signed for security reasons
+ Enabled
+
+ Name
+ UEFI Shell
+ Path
+ OpenShell.efi
+
+
+ Arguments
+ Shutdown
+ Auxiliary
+
+ Comment
+ Perform shutdown
+ Enabled
+
+ Name
+ Shutdown
+ Path
+ ResetSystem.efi
+
+
+
+ NVRAM
+
+ Add
+
+ 4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14
+
+ DefaultBackgroundColor
+ AAAAAA==
+ UIScale
+ AQ==
+
+ 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102
+
+ rtc-blacklist
+
+
+ 7C436110-AB2A-4BBB-A880-FE41995C9F82
+
+ SystemAudioVolume
+ Rg==
+ boot-args
+ -v keepsyms=1 tlbto_us=0 vti=9
+ run-efi-updater
+ No
+ csr-active-config
+ ZwAAAA==
+ prev-lang:kbd
+ ZW4tVVM6MA==
+
+
+ Delete
+
+ 4D1EDE05-38C7-4A6A-9CC6-4BCCA8B38C14
+
+ UIScale
+ DefaultBackgroundColor
+
+ 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102
+
+ rtc-blacklist
+
+ 7C436110-AB2A-4BBB-A880-FE41995C9F82
+
+ boot-args
+
+
+ LegacyEnable
+
+ LegacyOverwrite
+
+ LegacySchema
+
+ 7C436110-AB2A-4BBB-A880-FE41995C9F82
+
+ EFILoginHiDPI
+ EFIBluetoothDelay
+ LocationServicesEnabled
+ SystemAudioVolume
+ SystemAudioVolumeDB
+ SystemAudioVolumeSaved
+ bluetoothActiveControllerInfo
+ bluetoothInternalControllerInfo
+ flagstate
+ fmm-computer-name
+ nvda_drv
+ prev-lang:kbd
+
+ 8BE4DF61-93CA-11D2-AA0D-00E098032B8C
+
+ Boot0080
+ Boot0081
+ Boot0082
+ BootNext
+ BootOrder
+
+
+ WriteFlash
+
+
+ PlatformInfo
+
+ Automatic
+
+ Generic
+
+ AdviseWindows
+
+ MLB
+ {{ .Values.configPlist.MLB }}
+ ROM
+
+ m7zhIYfl
+
+ SpoofVendor
+
+ SystemProductName
+ {{ .Values.configPlist.SystemProductName }}
+ SystemSerialNumber
+ {{ .Values.configPlist.SystemSerialNumber }}
+ SystemUUID
+ {{ .Values.configPlist.SystemUUID }}
+
+ UpdateDataHub
+
+ UpdateNVRAM
+
+ UpdateSMBIOS
+
+ UpdateSMBIOSMode
+ Create
+
+ UEFI
+
+ APFS
+
+ EnableJumpstart
+
+ GlobalConnect
+
+ HideVerbose
+
+ JumpstartHotPlug
+
+ MinDate
+ -1
+ MinVersion
+ -1
+
+ Audio
+
+ AudioCodec
+ 0
+ AudioDevice
+ PciRoot(0x1)/Pci(0x1,0x0)/Pci(0x0,0x1)
+ AudioOut
+ 0
+ AudioSupport
+
+ MinimumVolume
+ 20
+ PlayChime
+
+ VolumeAmplifier
+ 0
+
+ ConnectDrivers
+
+ Drivers
+
+ VBoxHfs.efi
+ OpenRuntime.efi
+ OpenCanopy.efi
+ #AudioDxe.efi
+ #OpenUsbKbDxe.efi
+ #UsbMouseDxe.efi
+ #Ps2KeyboardDxe.efi
+ #Ps2MouseDxe.efi
+ #HiiDatabase.efi
+ #NvmExpressDxe.efi
+ #XhciDxe.efi
+ #ExFatDxe.efi
+ #PartitionDxe.efi
+ #CrScreenshotDxe.efi
+
+ Input
+
+ KeyFiltering
+
+ KeyForgetThreshold
+ 5
+ KeyMergeThreshold
+ 2
+ KeySupport
+
+ KeySupportMode
+ Auto
+ KeySwap
+
+ PointerSupport
+
+ PointerSupportMode
+ ASUS
+ TimerResolution
+ 50000
+
+ Output
+
+ ClearScreenOnModeSwitch
+
+ ConsoleMode
+
+ DirectGopRendering
+
+ IgnoreTextInGraphics
+
+ ProvideConsoleGop
+
+ ReconnectOnResChange
+
+ ReplaceTabWithSpace
+
+ Resolution
+ 1920x1080@32
+ SanitiseClearScreen
+
+ TextRenderer
+ BuiltinGraphics
+ UgaPassThrough
+
+
+ ProtocolOverrides
+
+ AppleAudio
+
+ AppleBootPolicy
+
+ AppleDebugLog
+
+ AppleEvent
+
+ AppleFramebufferInfo
+
+ AppleImageConversion
+
+ AppleImg4Verification
+
+ AppleKeyMap
+
+ AppleRtcRam
+
+ AppleSecureBoot
+
+ AppleSmcIo
+
+ AppleUserInterfaceTheme
+
+ DataHub
+
+ DeviceProperties
+
+ FirmwareVolume
+
+ HashServices
+
+ OSInfo
+
+ UnicodeCollation
+
+
+ Quirks
+
+ DeduplicateBootOrder
+
+ ExitBootServicesDelay
+ 0
+ IgnoreInvalidFlexRatio
+
+ ReleaseUsbOwnership
+
+ RequestBootVarRouting
+
+ TscSyncTimeout
+ 0
+ UnblockFsConnect
+
+
+
+
+
+ macOS-libvirt-Catalina.xml: |-
+
+
+
+ macOS
+ 2aca0dd6-cec9-4717-9ab2-0b7b13d111c3
+ macOS
+ {{ .Values.resources.requests.memory | trimSuffix "Mi" }}
+ {{ .Values.resources.requests.memory | trimSuffix "Mi" }}
+ {{ .Values.resources.requests.cpu }}
+
+ hvm
+
+ /home/CHANGEME/OSX-KVM/OVMF_CODE.fd
+ /home/CHANGEME/OSX-KVM/OVMF_VARS-1024x768.fd
+
+
+
+
+
+
+
+
+
+
+ destroy
+ restart
+ restart
+
+ /usr/bin/qemu-system-x86_64
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Launch_custom.sh: |-
+ #/bin/sh
+
+ if ! [ -f "/system_image/{{ .Values.serverName }}/mac_hdd_ng.img" ]; then
+ echo "Creating a ${SIZE} /system_image/{{ .Values.serverName }}/mac_hdd_ng.img for system partition.."
+ qemu-img create -f qcow2 /system_image/{{ .Values.serverName }}/mac_hdd_ng.img "{{ .Values.qemu.diskSize }}"
+ rm -f BaseSystem.dmg
+ else
+ echo 'Image already created. Skipping creation..'
+ fi
+
+ sudo rm -f /tmp/.X99-lock
+
+ export DISPLAY=:99
+
+ vncpasswd -f < vncpasswd_file > ${HOME}/.vnc/passwd
+ /usr/bin/Xvnc -geometry 1920x1080 -rfbauth "${HOME}/.vnc/passwd" :99 &
+ #!/bin/sh
+ set -eu
+ sudo chown $(id -u):$(id -g) /dev/kvm 2>/dev/null || true
+ sudo chown -R $(id -u):$(id -g) /dev/snd 2>/dev/null || true
+ exec qemu-system-x86_64 -m {{ .Values.resources.requests.memory | trimSuffix "i" }} \
+ -cpu {{ .Values.qemu.cpu }} \
+ -machine q35,accel=kvm:tcg \
+ -smp {{ .Values.resources.requests.cpu }},cores={{ .Values.resources.requests.cpu }} \
+ -usb -device usb-kbd -device usb-tablet \
+ -device isa-applesmc,osk=ourhardworkbythesewordsguardedpleasedontsteal\(c\)AppleComputerInc \
+ -drive if=pflash,format=raw,readonly,file=/home/arch/OSX-KVM/OVMF_CODE.fd \
+ -drive if=pflash,format=raw,file=/home/arch/OSX-KVM/OVMF_VARS-1024x768.fd \
+ -smbios type=2 \
+ {{- if .Values.qemu.audio.enabled }}
+ -audiodev {{ .Values.qemu.audo.driver }},id=hda -device ich9-intel-hda -device hda-duplex,audiodev=hda \ \
+ {{- end }}
+ -device ich9-ahci,id=sata \
+ -drive id=OpenCoreBoot,if=none,snapshot=on,format=qcow2,file=/home/arch/OSX-KVM/OpenCore-Catalina/OpenCore.qcow2 \
+ -device ide-hd,bus=sata.2,drive=OpenCoreBoot \
+ -device ide-hd,bus=sata.3,drive=InstallMedia \
+ -drive id=InstallMedia,if=none,file=/home/arch/OSX-KVM/BaseSystem.img,format=qcow2 \
+ -drive id=MacHDD,if=none,file=/system_image/{{ .Values.serverName }}/mac_hdd_ng.img,format=qcow2 \
+ -device ide-hd,bus=sata.4,drive=MacHDD \
+ -netdev user,id=net0,hostfwd=tcp::${INTERNAL_SSH_PORT:-10022}-:22,hostfwd=tcp::${SCREEN_SHARE_PORT:-5900}-:5900,{{ .Values.qemu.netdev.extraArgs }} -device e1000-82545em,netdev=net0,id=net0,mac=52:54:00:09:49:17 \
+ -monitor stdio \
+ -vga vmware \
+ ${EXTRA:-}
+ vncpasswd_file: |-
+ {{ .Values.vnc.password }}
+
diff --git a/helm/templates/data-pvc.yaml b/helm/templates/data-pvc.yaml
new file mode 100644
index 0000000..b637eb6
--- /dev/null
+++ b/helm/templates/data-pvc.yaml
@@ -0,0 +1,28 @@
+{{- if and .Values.persistence.data.enabled (not .Values.persistence.data.existingClaim) }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ template "docker-osx.fullname" . }}-config
+ labels:
+ app: {{ template "docker-osx.name" . }}
+ chart: {{ template "docker-osx.chart" . }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ {{- with .Values.persistence.annotations }}
+ annotations:
+{{ toYaml . | indent 4 }}
+ {{- end }}
+spec:
+ accessModes:
+ - {{ .Values.persistence.config.accessMode | quote }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.config.size | quote }}
+{{- if .Values.persistence.config.storageClass }}
+{{- if (eq "-" .Values.persistence.config.storageClass) }}
+ storageClassName: ""
+ {{- else }}
+ storageClassName: "{{ .Values.persistence.config.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml
new file mode 100644
index 0000000..e22daed
--- /dev/null
+++ b/helm/templates/deployment.yaml
@@ -0,0 +1,124 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "docker-osx.fullname" . }}
+ labels:
+ app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+ helm.sh/chart: {{ include "docker-osx.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ spec:
+ containers:
+ - name: {{ .Chart.Name }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ securityContext:
+ allowPrivilegeEscalation: true
+ readOnlyRootFilesystem: false
+ privileged: true
+ capabilities:
+ add:
+ - net_raw
+ - NET_ADMIN
+ ports:
+ - name: http
+ containerPort: {{ .Values.service.port }}
+ protocol: TCP
+ livenessProbe:
+ tcpSocket:
+ port: http
+ readinessProbe:
+ tcpSocket:
+ port: http
+ env:
+ - name: CORES
+ value: "{{ .Values.resources.requests.cpu }}"
+ - name: SMP
+ value: "{{ .Values.resources.requests.cpu }}"
+ - name: RAM
+ value: "{{ .Values.resources.requests.memory | trimSuffix "Mi" }}"
+ - name: TZ
+ value: "{{ .Values.tz }}"
+ resources:
+{{ toYaml .Values.resources | indent 10 }}
+ volumeMounts:
+ - mountPath: /home/arch/OSX-KVM/config.plist
+ subPath: config.plist
+ name: boot-components
+ - mountPath: /home/arch/OSX-KVM/macOS-libvirt-Catalina.xml
+ subPath: macOS-libvirt-Catalina.xml
+ name: boot-components
+ - mountPath: /home/arch/OSX-KVM/Launch_custom.sh
+ subPath: Launch_custom.sh
+ name: boot-components
+ - mountPath: /home/arch/OSX-KVM/vncpasswd_file
+ subPath: vncpasswd_file
+ name: boot-components
+ - mountPath: /dev/kvm
+ name: kvm
+ - mountPath: /dev/net/tun
+ name: tun
+ - mountPath: /dev/vfio/vfio
+ name: vfio
+ - mountPath: /dev/snd
+ name: snd
+ - mountPath: /tmp/.X11-unix
+ name: x11
+ {{- if .Values.persistence.data.enabled }}
+ - name: data
+ mountPath: /mnt/data
+ {{- end }}
+ {{- if .Values.extraVolumeMounts }}{{ toYaml .Values.extraVolumeMounts | trim | nindent 8 }}{{ end }}
+ # args:
+ # -
+ volumes:
+ - name: boot-components
+ configMap:
+ name: {{ template "docker-osx.fullname" . }}-boot-components
+ items:
+ - key: config.plist
+ path: config.plist
+ - key: macOS-libvirt-Catalina.xml
+ path: macOS-libvirt-Catalina.xml
+ - key: Launch_custom.sh
+ path: Launch_custom.sh
+ - key: vncpasswd_file
+ path: vncpasswd_file
+ - name: kvm
+ hostPath:
+ path: /dev/kvm
+ - name: tun
+ hostPath:
+ path: /dev/net/tun
+ - name: vfio
+ hostPath:
+ path: /dev/vfio/vfio
+ - name: snd
+ hostPath:
+ path: /dev/snd
+ - name: x11
+ hostPath:
+ path: /dev/ssd_data/default/{{ .Release.Name }}/.X11-unix
+ {{- if .Values.persistence.data.enabled }}
+ - name: data
+ persistentVolumeClaim:
+ claimName: {{ if .Values.persistence.data.existingClaim }}{{ .Values.persistence.data.existingClaim }}{{- else }}{{ template "docker-osx.fullname" . }}-data{{- end }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- if .Values.extraVolumes }}{{ toYaml .Values.extraVolumes | trim | nindent 6 }}{{ end }}
+{{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml
new file mode 100644
index 0000000..0220524
--- /dev/null
+++ b/helm/templates/ingress.yaml
@@ -0,0 +1,39 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "docker-osx.fullname" . -}}
+{{- $ingressPath := .Values.ingress.path -}}
+apiVersion: extensions/v1
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+ helm.sh/chart: {{ include "docker-osx.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ {{- with .Values.ingress.annotations }}
+ annotations:
+ {{ toYaml . | indent 4 }}
+ {{- end }}
+
+spec:
+{{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+{{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ . | quote }}
+ http:
+ paths:
+ - path: {{ $ingressPath }}
+ backend:
+ serviceName: {{ $fullName }}
+ servicePort: http
+ {{- end }}
+{{- end }}
diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml
new file mode 100644
index 0000000..3161a34
--- /dev/null
+++ b/helm/templates/service.yaml
@@ -0,0 +1,30 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "docker-osx.fullname" . }}
+ labels:
+ app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+ helm.sh/chart: {{ include "docker-osx.chart" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.port }}
+ targetPort: {{ .Values.service.targetPort }}
+ protocol: TCP
+ name: http
+ - port: 8888
+ targetPort: 5999
+ protocol: TCP
+ name: vnc
+ - port: 1359
+ targetPort: 1359
+ protocol: TCP
+ name: airmessage
+ selector:
+ app.kubernetes.io/name: {{ include "docker-osx.name" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ {{- if .Values.service.ip }}
+ loadBalancerIP: {{ .Values.service.ip }}
+ {{- end }}
\ No newline at end of file
diff --git a/helm/values.yaml b/helm/values.yaml
new file mode 100644
index 0000000..44193dd
--- /dev/null
+++ b/helm/values.yaml
@@ -0,0 +1,106 @@
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+ repository: sickcodes/docker-osx-vnc
+ tag: latest
+ pullPolicy: IfNotPresent
+
+# Please note, this must be a directory name within `/system_image` mounted at the bottom in extraVolumeMounts
+serverName: server
+
+# SMBIOS settings (please be sure to update these as to use something unique for iServices)
+configPlist:
+ SystemProductName: iMacPro1,1
+ MLB: D25338500GUF8YLJA
+ SystemSerialNumber: D25LF7ZEF8JC
+ SystemUUID: 139C94D6-A533-47D2-874F-D365BFD8B047
+
+# This defines QEMU and virtlo parameters
+qemu:
+ cpu: Penryn,vendor=GenuineIntel,+hypervisor,+invtsc,kvm=on,+fma,+avx,+avx2,+aes,+ssse3,+sse4_2,+popcnt,+sse4a,+bmi1,+bmi2
+ diskSize: 128G
+ audio:
+ enabled: true
+ driver: alsa
+ netdev:
+ extraArgs:
+
+# Password for accessing vm over vnc
+vnc:
+ password: updateme
+
+nameOverride: ""
+fullnameOverride: ""
+
+service:
+ type: LoadBalancer
+ ip: 192.168.1.10
+ targetPort: 50922
+ port: 10022
+
+ingress:
+ enabled: false
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+ paths:
+ - /
+ hosts:
+ - docker-osx.local
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+# Note: seems that host needs around x5 the cpu and x8 memory limits allocated to MacOS
+# when under load. This may be due to my personal hardware or inefficencies such as
+# software GPU rendering. Otherwise the pod will be killed due to OOMing.
+#
+# Warning: do not perform unit conversion on cpu and memory requests, as these units
+# are tied qemu and virtio settings. Also, only use intergers for cpu requests.
+resources:
+ limits:
+ cpu: 10
+ memory: 33554Mi
+ requests:
+ cpu: 2
+ memory: 4096Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+persistence:
+ data:
+ enabled: false
+ ## configuration data Persistent Volume Storage Class
+ ## If defined, storageClassName:
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ # storageClass: "-"
+ ##
+ ## If you want to reuse an existing claim, you can pass the name of the PVC using
+ ## the existingClaim variable
+ existingClaim: docker-osx
+ accessMode: ReadWriteOnce
+ size: 5Gi
+
+# Any extra volumes to define for the pod
+extraVolumes:
+ - name: data
+ hostPath:
+ path: /mnt/data/default/docker_osx/
+ type: DirectoryOrCreate
+
+# Any extra volume mounts to define for the containers
+extraVolumeMounts:
+ - name: data
+ mountPath: /system_image