Merge pull request #488 from Xenion1987/patch-1

disable nginx version output
2026-01-01 03:57:25 +01:00 · 2023-01-14 09:35:35 +11:00 · 2023-01-13 18:37:56 +01:00 · 2022-12-24 14:48:36 +08:00 · 2022-12-23 12:58:42 +08:00 · 2022-12-23 12:53:04 +08:00
62 changed files with 3559 additions and 718 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -7,20 +7,52 @@ assignees: ''

 ---

-# Before creating an issue
+<!-- 
+*** Before creating an issue ***
+*** Be sure the issue isn't yet reported here or dicussed on stackoverflow ***
+-->

-Be sure the issue isn't yet reported here or dicussed on stackoverflow
+**Setup information**
+<!-- Remove accordingly -->
+docker run / docker-compose / Helm

-# Logs
+**Describe the bug**
+A clear and concise description of what the bug is.

-Did you check the logs ?
-If any Error is present there please copy/paste it below 
+**To reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error

+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots/logs**
+If applicable, add screenshots to help explain your problem.
+
+<!-- Did you check the logs? If any Error is present there please copy/paste it below -->
 ```
 Any Error that sucks
 ```

-# Setup information
+**Docker/Kubernetes/Helm**:
+- Output of `docker version`:
+```
+(paste your output here)
+```
+<!-- Additional info if using helm on k8s, add the info below -->
+<!-- Delete this block if not applicable -->
+- Output of `helm version`:
+```
+(paste your output here)
+```
+- Output of `kubectl version`:
+```
+(paste your output here)
+```
+<!-- End Additional info if using helm on k8s -->

-What version do you run?
-Do you run docker-compose or a single Dockerfile ?
+**Additional context**
+Add any other context about the problem here.
--- a/.github/ct-install.yaml
+++ b/.github/ct-install.yaml
@@ -0,0 +1,6 @@
+chart-dirs:
+  - charts
+chart-repos:
+  - bitnami=https://charts.bitnami.com/bitnami
+check-version-increment: true
+debug: false
--- a/.github/ct-lint.yaml
+++ b/.github/ct-lint.yaml
@@ -0,0 +1,9 @@
+chart-dirs:
+  - charts
+chart-repos:
+  - bitnami=https://charts.bitnami.com/bitnami
+check-version-increment: true
+debug: false
+validate-chart-schema: true
+validate-maintainers: true
+validate-yaml: true
--- a/.github/workflows/build-image-v4.yaml
+++ b/.github/workflows/build-image-v4.yaml
@@ -0,0 +1,57 @@
+name: Build Container Image v4
+
+# When its time to do a release do a full cross platform build for all supported
+# architectures and push all of them to Docker Hub.
+# Only trigger on semver shaped tags.
+# Ref: https://github.com/metcalfc/docker-action-examples/blob/main/.github/workflows/release.yml
+on:
+  pull_request:
+    paths:
+      - "alpine/4/**"
+  push:
+    paths:
+      - "alpine/4/**"
+    branches:
+      - master
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+        with:
+          platforms: all
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-4-${{ hashFiles('alpine/5/cache_buster') }}-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-4-${{ hashFiles('alpine/5/cache_buster') }}-
+
+      - name: Build
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./alpine/4/
+          build-args: INVOICENINJA_VERSION=4.5.42
+          target: prod
+          platforms: linux/amd64,linux/arm64
+          tags: invoiceninja/invoiceninja:cache
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
--- a/.github/workflows/build-image-v5.yaml
+++ b/.github/workflows/build-image-v5.yaml
@@ -0,0 +1,57 @@
+name: Build Container Image
+
+# When its time to do a release do a full cross platform build for all supported
+# architectures and push all of them to Docker Hub.
+# Only trigger on semver shaped tags.
+# Ref: https://github.com/metcalfc/docker-action-examples/blob/main/.github/workflows/release.yml
+on:
+  pull_request:
+    paths:
+      - "alpine/5/**"
+  push:
+    paths:
+      - "alpine/5/**"
+    branches:
+      - master
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+        with:
+          platforms: all
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-5-${{ hashFiles('alpine/5/cache_buster') }}-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-5-${{ hashFiles('alpine/5/cache_buster') }}-
+
+      - name: Build
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./alpine/5/
+          build-args: INVOICENINJA_VERSION=5-stable
+          target: prod
+          platforms: linux/amd64,linux/arm64
+          tags: invoiceninja/invoiceninja:cache
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
--- a/.github/workflows/build_push.yml
+++ b/.github/workflows/build_push.yml
@@ -1,41 +0,0 @@
-name: Docker images
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  deploy:
-    name: Build images
-    runs-on: ubuntu-latest
-
-    steps:
-        - uses: actions/checkout@v1
-        
-        - name: Login to DockerHub
-          run: echo ${{ secrets.DOCKERHUB_PASSWORD }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
-        
-        - name: Get the latest tag
-          id: vars
-          run: echo ::set-output name=tag::$(echo ${GITHUB_REF:10})
-
-        - name: Build image from alpine - v5
-          run: make build-alpine-v5 TAG="${{steps.vars.outputs.tag}}"
-
-        - name: Push alpine-based image - v5
-          run: make push-alpine-v5 TAG="${{steps.vars.outputs.tag}}"
-
-        - name: Build image from alpine - v4
-          run: make build-alpine TAG="${{steps.vars.outputs.tag}}"
-
-        - name: Push alpine-based image - v4
-          run: make push-alpine TAG="${{steps.vars.outputs.tag}}"
-
-        - name: Build image from debian - v4
-          run: make build-debian TAG="${{steps.vars.outputs.tag}}"
-
-        - name: Push debian-based image - v4
-          run: make push-debian TAG="${{steps.vars.outputs.tag}}"
-
-        - name: Logout from DockerHub
-          run: docker logout
--- a/.github/workflows/publish-image.yaml
+++ b/.github/workflows/publish-image.yaml
@@ -0,0 +1,82 @@
+name: Publish Container Image
+
+# When its time to do a release do a full cross platform build for all supported
+# architectures and push all of them to Docker Hub.
+# Only trigger on semver shaped tags.
+# Ref: https://github.com/metcalfc/docker-action-examples/blob/main/.github/workflows/release.yml
+on:
+  push:
+    tags-ignore:
+      - "invoiceninja-*"
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Prepare
+        id: prep
+        run: |
+          DOCKER_IMAGE=invoiceninja/invoiceninja
+          VERSION=edge
+          if [[ $GITHUB_REF == refs/tags/* ]]; then
+            VERSION=${GITHUB_REF#refs/tags/}
+          fi
+          TAGS="${DOCKER_IMAGE}:${VERSION}"
+          MAJOR="$(echo "${VERSION}" | cut -d. -f1)"
+          MINOR="$(echo "${VERSION}" | cut -d. -f2)"
+          TAGS="$TAGS,${DOCKER_IMAGE}:${MAJOR},${DOCKER_IMAGE}:${MAJOR}.${MINOR}"
+          if [[ $VERSION =~ ^5\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
+            TAGS="$TAGS,${DOCKER_IMAGE}:latest"
+          fi
+          echo ::set-output name=tags::${TAGS}
+          echo ::set-output name=version::${VERSION}
+          echo ::set-output name=major::${MAJOR}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+        with:
+          platforms: all
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ steps.prep.outputs.major }}-${{ hashFiles('alpine/${{ steps.prep.outputs.major }}/cache_buster') }}-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-${{ steps.prep.outputs.major }}-${{ hashFiles('alpine/${{ steps.prep.outputs.major }}/cache_buster') }}-
+
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./alpine/${{ steps.prep.outputs.major }}/
+          build-args: INVOICENINJA_VERSION=${{ steps.prep.outputs.version }}
+          target: prod
+          platforms: linux/amd64,linux/arm64
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.prep.outputs.tags }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+      - name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}
--- a/.github/workflows/release-chart.yaml
+++ b/.github/workflows/release-chart.yaml
@@ -0,0 +1,34 @@
+name: Release Charts
+
+on:
+  push:
+    branches:
+      - master
+    paths:
+      - "charts/**"
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v3
+
+      - name: Add Helm repos
+        run: |
+          helm repo add bitnami https://charts.bitnami.com/bitnami
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.4.1
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
--- a/.github/workflows/test-charts.yaml
+++ b/.github/workflows/test-charts.yaml
@@ -0,0 +1,111 @@
+name: Lint and Test Charts
+
+on:
+  pull_request:
+    paths:
+      - "charts/**"
+
+jobs:
+  lint-chart:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v3
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.9"
+          check-latest: true
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.3.1
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        run: |
+          echo "::set-output name=changed::[\"$(ct list-changed --config .github/ct-lint.yaml)\"]"
+
+      - name: Parse list-changed
+        id: set-matrix
+        env:
+          CHANGED: ${{ steps.list-changed.outputs.changed }}
+        run: |
+          echo "::set-output name=matrix::$(echo "${CHANGED//\\n/\",\"}")"
+
+      - name: Run chart-testing (lint)
+        run: ct lint --config .github/ct-lint.yaml
+
+  kubeconform-chart:
+    runs-on: ubuntu-latest
+    needs:
+      - lint-chart
+    strategy:
+      matrix:
+        chart: ${{ fromJson(needs.lint-chart.outputs.matrix) }}
+        k8s:
+          - "1.25.5"
+          - "1.24.9"
+          - "1.23.15"
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Update Helm depdendencies
+        env:
+          CHART_DIR: ${{ matrix.chart }}
+        run: |
+          helm dependency update "${CHART_DIR}"
+          mkdir tmp
+          helm template "${CHART_DIR}" > tmp/combined.yaml
+
+      - uses: yokawasa/action-setup-kube-tools@v0.9.2
+        with:
+          setup-tools: |
+            kubeconform
+
+      - name: Run kubeconform
+        if: ${{ matrix.k8s }}
+        run: kubeconform -kubernetes-version ${{ matrix.k8s }} tmp/combined.yaml
+
+  install-chart:
+    name: install-chart
+    runs-on: ubuntu-latest
+    needs:
+      - lint-chart
+      - kubeconform-chart
+    strategy:
+      matrix:
+        k8s:
+          - v1.25.3
+          - v1.24.7
+          - v1.23.13
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Create kind ${{ matrix.k8s }} cluster
+        uses: helm/kind-action@v1.4.0
+        with:
+          node_image: kindest/node:${{ matrix.k8s }}
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.9"
+          check-latest: true
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.3.1
+
+      - name: Run chart-testing (install)
+        run: ct install --config .github/ct-install.yaml
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,14 @@
+# OS files
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# Helm
+charts/**/charts/
+
+# Compose filesystem
+/docker
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,76 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at contact@invoiceninja.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq
--- a/50
+++ b/50
@@ -11,18 +11,21 @@ IMAGE="invoiceninja"
 # Check if v5 tag is passed, so that a v5 version should be built
 IS_V5=$(shell echo ${TAG} | egrep ^5)

+# Version of Invoice Ninja. As the tag can be something like 5.0.4-p1, the version is 5.0.4.
+# This supports changes to the Dockerfiles with always the same Invoice Ninja version
+VERSION=$(shell echo ${TAG} | sed "s/-.*//")

 # Building docker images based on alpine.
 # Assigned tags:
-#   - :alpine
-#   - :alpine-<RELEASE VERSION>
+#   - :4
+#   - :<RELEASE VERSION>
 .PHONY: build-alpine
 build-alpine:
 ifeq ($(IS_V5),)
-	$(info Make: Building "$(TAG)" tagged images from alpine.)
-	@docker build -t ${HUB_NAMESPACE}/${IMAGE}:alpine-${TAG} --build-arg INVOICENINJA_VERSION=${TAG} --file ./alpine/Dockerfile .
-	# Tag as alpine-4
-	@docker tag ${HUB_NAMESPACE}/${IMAGE}:alpine-${TAG} ${HUB_NAMESPACE}/${IMAGE}:alpine-4
+	$(info Make: Building "$(VERSION)" tagged images from alpine.)
+	@docker build -t ${HUB_NAMESPACE}/${IMAGE}:${VERSION} --build-arg INVOICENINJA_VERSION=${VERSION} ./alpine/4/
+	# Tag as 4
+	@docker tag ${HUB_NAMESPACE}/${IMAGE}:alpine-${VERSION} ${HUB_NAMESPACE}/${IMAGE}:4
 	$(info Make: Done.)
 endif

@@ -30,18 +33,18 @@ endif
 push-alpine:
 ifeq ($(IS_V5),)
 	$(info Make: Pushing tagged images from alpine.)
-	@docker push ${HUB_NAMESPACE}/${IMAGE}:alpine-${TAG}
-	@docker push ${HUB_NAMESPACE}/${IMAGE}:alpine-4
+	@docker push ${HUB_NAMESPACE}/${IMAGE}:${VERSION}
+	@docker push ${HUB_NAMESPACE}/${IMAGE}:4
 	$(info Make: Done.)
 endif

 .PHONY: build-alpine-v5
 build-alpine-v5:
 ifneq ($(IS_V5),)
-	$(info Make: Building "$(TAG)" tagged images from alpine.)
-	@docker build -t ${HUB_NAMESPACE}/${IMAGE}:${TAG} --build-arg INVOICENINJA_VERSION=${TAG} --file ./alpine/Dockerfile_v5 .
-	@docker tag ${HUB_NAMESPACE}/${IMAGE}:${TAG} ${HUB_NAMESPACE}/${IMAGE}:5
-	@docker tag ${HUB_NAMESPACE}/${IMAGE}:${TAG} ${HUB_NAMESPACE}/${IMAGE}:latest
+	$(info Make: Building "$(VERSION)" tagged images from alpine.)
+	@docker build -t ${HUB_NAMESPACE}/${IMAGE}:${VERSION} --build-arg INVOICENINJA_VERSION=${VERSION} ./alpine/5/
+	@docker tag ${HUB_NAMESPACE}/${IMAGE}:${VERSION} ${HUB_NAMESPACE}/${IMAGE}:5
+	@docker tag ${HUB_NAMESPACE}/${IMAGE}:${VERSION} ${HUB_NAMESPACE}/${IMAGE}:latest
 	$(info Make: Done.)
 endif

@@ -49,28 +52,7 @@ endif
 push-alpine-v5:
 ifneq ($(IS_V5),)
 	$(info Make: Pushing tagged images from alpine.)
-	@docker push ${HUB_NAMESPACE}/${IMAGE}:${TAG}
+	@docker push ${HUB_NAMESPACE}/${IMAGE}:${VERSION}
 	@docker push ${HUB_NAMESPACE}/${IMAGE}:5
 	@docker push ${HUB_NAMESPACE}/${IMAGE}:latest
 endif
-
-# Building docker images based on debian.
-# Assigned tags:
-#   - :latest
-#   - :<RELEASE VERSION>
-.PHONY: build-debian
-build-debian:
-ifeq ($(IS_V5),)
-	$(info Make: Building "$(TAG)" tagged images from debian.)
-	@docker build -t ${HUB_NAMESPACE}/${IMAGE}:${TAG} --build-arg INVOICENINJA_VERSION=${TAG} --file ./debian/Dockerfile .
-	$(info Make: Done.)
-endif
-
-.PHONY: push-debian
-push-debian:
-ifeq ($(IS_V5),)
-	$(info Make: Pushing tagged images from debian.)
-	@docker push ${HUB_NAMESPACE}/${IMAGE}:${TAG}
-	@docker push ${HUB_NAMESPACE}/${IMAGE}:latest
-	$(info Make: Done.)
-endif
--- a/README.md
+++ b/README.md
@@ -1,184 +1,107 @@
 ![Docker images](https://github.com/invoiceninja/dockerfiles/workflows/Docker%20images/badge.svg)
 [![Docker image, latest](https://img.shields.io/docker/image-size/invoiceninja/invoiceninja/latest?label=latest)](https://hub.docker.com/r/invoiceninja/invoiceninja)
 [![Docker image, alpine](https://img.shields.io/docker/image-size/invoiceninja/invoiceninja/alpine?label=alpine)](https://hub.docker.com/r/invoiceninja/invoiceninja)
+[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/invoiceninja)](https://artifacthub.io/packages/search?repo=invoiceninja)
+[![Pusblish Image](https://github.com/invoiceninja/dockerfiles/actions/workflows/publish-image.yaml/badge.svg)](https://github.com/invoiceninja/dockerfiles/actions/workflows/publish-image.yaml) [![Cache v5 Image](https://github.com/invoiceninja/dockerfiles/actions/workflows/build-image-v5.yaml/badge.svg)](https://github.com/invoiceninja/dockerfiles/actions/workflows/build-image-v5.yaml)

-# Docker for [Invoice Ninja](https://www.invoiceninja.com/) 
-
-:bulb: Please consider posting your question on [StackOverflow](https://stackoverflow.com/) as this widens the audience that can help you. Just use the tag `invoice-ninja` and we are there to help. This is mostly related to the usage of Invoice Ninja and the docker setup.
-If you feel your question is directly related to a code change or you want to sent in a change + PR Github is the right place, of course.
+# Docker for [Invoice Ninja](https://www.invoiceninja.com/)

 :crown: **Features**

 :lock: Automatic HTTPS (:heart: [Caddy](https://caddyserver.com/))  
-:hammer: Fully production-ready through docker-compose  
+:fire: NGINX webserver support [NGINX](https://nginx.org/)  
+:hammer: Fully production-ready through Helm Chart  
 :pencil: Adjustable to your needs via environment variable  

+## Get some Kubernetes + Helm with that!

-## Prerequisites
+Introducing our very own [Helm Chart](https://github.com/invoiceninja/dockerfiles/tree/master/charts/invoiceninja) that helps you launch a simple standalone app to a production-ready, highly available Invoice Ninja setup. All you need to do is initialise Kubernetes (available with Docker Desktop), install [Helm](https://helm.sh/docs/intro/install/), and spin up Invoice Ninja using the steps provided [here](https://github.com/invoiceninja/dockerfiles/tree/master/charts/invoiceninja#installing-the-chart).

-### Generate an application key
+Other resources:

-Before starting Invoice Ninja via Docker make sure you generate a valid application key. If you are not sure what an application key is, please visit [this blog post](https://tighten.co/blog/app-key-and-you/).  
+[Helm Chart](https://github.com/Saddamus/invoiceninja-helm) by @Saddamus  
+[K8s Manifest](https://github.com/invoiceninja/dockerfiles/issues/94) by @spacepluk  
+[You Tube installation video by DBTech](https://www.youtube.com/watch?v=xo6a3KtLC2g&ab_channel=DBTech)

-To generate an application just run
+## Alternatively get started with Docker Compose

-```shell
+The dockerfile has been revamped to make it easier to get started, by default the base image selected is 5 which will pull in the latest v5 stable image.
+
+```bash
+git clone https://github.com/invoiceninja/dockerfiles.git
+cd dockerfiles
+```
+
+Instead of defining our environment variables inside our docker-compose.yml file we now define this in the `env` file, open this file up and insert your `APP_URL`, `APP_KEY` and update the rest of the variables as required.
+
+```
+APP_URL=http://in.localhost:8003/
+APP_KEY=<insert your generated key in here>
+APP_DEBUG=true
+REQUIRE_HTTPS=false
+IN_USER_EMAIL=
+IN_PASSWORD=
+```
+
+If `IN_USER_EMAIL` and `IN_PASSWORD` is not set the default user email and password is "admin@example.com" and "changeme!" respectively. You will use this for the initial login, thereafter, you can delete this two environment variables.
+
+The `APP_KEY` can be generated by running
+
+```bash
 docker run --rm -it invoiceninja/invoiceninja php artisan key:generate --show
 ```

-This will generate an application key for you which you need later.
+Copy the entire string and insert in the env file at `APP_KEY=base64....`

-### Create folders for data persistence
+To ensure folder permissions are correct when the container comes up for the first time it is important that you set the correct folder permissions on the `docker` folder.

-To make your data persistent, you have to mount `public` and `storage` from your host to your containers.
+From the terminal run

-1. Create two folder on your host, e. g. `/var/invoiceninja/public` and `/var/invoiceninja/storage`
-2. Mount these folders into your container - see [usage](#usage)
-
-You can create these folders wherever you want on your host system.
-
-:warning: When using host mounted folder for persistence, make sure they are owned by the proper user and group. As we run Invoice Ninja without `root` , we use a separate user, the folders on the host system need to be owned by uid `1000` and a gid `101`.  
-
-Run this on your host system
-
-```shell
-chown -R 1000:101 /var/invoiceninja/public /var/invoiceninja/storage
+```bash
+chmod 755 docker/app/public
+sudo chown -R 1500:1500 docker/app
 ```

-to apply the proper permission to the folders. This also applies to the `docker-compose` setup when using [bind-mounted host directories](https://github.com/invoiceninja/dockerfiles/blob/master/docker-compose.yml#L17).
+### Note for people running the container locally on their PC ###
+
+If you are running the container locally, then the container will need to resolve the host, to support this you will want to insert your LAN IP address and the host name in the hosts file located in ```config/hosts```
+
+For example, lets say your APP_URL is ```http://in5.test:8000``` and your LAN IP is 192.168.0.124 the hosts file will have an entry looking like this:


-### PhantomJS key
+```192.168.0.124 in5.test```

-The PhantomJS key is set to `a-demo-key-with-low-quota-per-ip-address`. This demo key is limited to 100 requests per day.
+**Please note that for PDF generation using local host, your domain name MUST end in .test for your PDFs to generate correctly, this is a DNS resolver issue with chromium.

-To set a different key feel free to add `-e PHANTOMJS_CLOUD_KEY='<INSERT YOUR PHANTOMJS KEY HERE>'` to thee docker command below.
-
-For further configuration and toubleshotting regarding PhantomJS and Invoice Ninja [see documentation here](https://docs.invoiceninja.com/configure.html?#phantomjs).
+All that is left to do now is bring up the container


-## Usage
-
-:warning: The `latest` tag contains the new version 5 of Invoice Ninja which is still in alpha state. To stick to the version 4 please use `alpine-4` tag.
-
-To run it:
-
-```shell
-docker run -d \
-  -v /var/invoiceninja/public:/var/app/public \
-  -v /var/invoiceninja/storage:/var/app/storage \
-  -e APP_URL='http://ninja.dev' \
-  -e APP_KEY='<INSERT THE GENERATED APPLICATION KEY HERE>' \
-  -e DB_HOST='localhost' \
-  -e DB_DATABASE='ninja' \
-  -e DB_USERNAME='ninja' \
-  -e DB_PASSWORD='ninja' \
-  -p '9000:9000' \
-  invoiceninja/invoiceninja:alpine-4
-```
-A list of environment variables can be found [here](https://github.com/invoiceninja/invoiceninja/blob/master/.env.example).
+``` docker-compose up -d```


-### With docker-compose
+**Note: When performing the setup, the Database host is ```db```

-Running Invoice Ninja with docker-compose gives you everything to quickly start. Before starting please make sure you configured your setup correctly. You can do so by opening the `docker-compose.yml` and may change the follwing items.
+### Running on ARM64 (Raspberry Pi 4)

-:warning: The `docker-compose.yml` runs the new version 5 of Invoice Ninja which is still in alpha state. To stick to the version 4 please use `alpine-4` tag.
+When deploying on an ARM64 system, you need to comment out the `image: mysql:8` line and uncomment `image: mariadb:10.4` in the `docker-compose.yml` file.

-**Port**
+### Updating the Image when using `docker-compose`

-_default: 80_  
+As `docker-compose` does not support any form of version control, this git provide updates to `docker-compose.yml` directly.

-This is the port where your Invoice Ninja is reachable, when you type in `http://<your-domain.com>`. If it should be different than `80` make sure to call your installation `http://<your-domain.com>:<YOUR-PORT>`, e. g. `http://<your-domain.com>:8080`.
+To upgrade to a newer release image, please make sure to update the `docker-compose.yml` first by running

-```yml
-ports: 
-  - "8080:80" # To run it on port 8080
+```bash
+git pull
 ```

-:warning: Make sure the port set is available and not occupied by another service on your host system.
+It is recommended to perform a backup before.
+You may need to manually merge any changes that cannot be merged automatically by git.

-**URL and application key**
-
-_default: https://localhost_
-
-For generating a proper application key see [generate an application key](#generate-an-application-key). Change the value where your Invoice Ninja installation should be reachable.
-
-```yml
-environment: 
-  - APP_URL=http://localhost
-````
-
-**MYSQL root password**
-
-_default: ninjaAdm1nPassword_
-
-The mysql database server comes with two users: one for accessing the Invoice Ninja database and the `root` user. Please change the default password for `root` to something more special :wink:
-
-**Volumes and directories**
-
-_default: volumes_
-
-This is the place where your uploaded files are stored. Normally this is a so called _volume_ which can be reused by different docker containers. One might prefer to store the files directly on the host system - for this the config section is prepared with what is called _bind-mounted host directory_. Just adjust the paths and Invoice Ninja stores the user files on the host system.
-
-```yml
-volumes:
-  ...
-  # Configure your mounted directories, make sure the folder 'public' and 'storage'
-  # exist, before mounting them
-  #-  public:/var/www/app/public
-  #-  storage:/var/www/app/storage
-  # you may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
-  - ./docker/app/public:/var/www/app/public:rw,delegated
-  - ./docker/app/storage:/var/www/app/storage:rw,delegated
-```
-
-The sample above stores the files on the post at `./docker/app/public` and `./docker/app/storage`.
-
-:warning: If using bind-mounted host directories make sure they exists and have proper rights. See [here](#create-folders-for-data-persistence) for details.
-
-## Docker secrets
-
-:information_source: This feature is borrowed from [mariadb docker image](https://hub.docker.com/_/mariadb).
-
-As an alternative to passing sensitive information via environment variables, `_FILE` may be appended to the below listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in _/run/secrets/<secret_name>_ files.
-
-Supported are these variables:  
-`APP_KEY`, `API_SECRET`, `CLOUDFLARE_API_KEY`, `DB_USERNAME`, `DB_PASSWORD`, `MAIL_USERNAME`, `MAIL_PASSWORD`, `MAILGUN_SECRET`, `S3_KEY`, `S3_SECRET`
+### Thanks
+Massive thank you to [lwj5](https://github.com/lwj5) for the tireless work to continually improve the dockerfile and its associated tooling.


-## Debugging your Docker setup
+## Support

-Even when running your Invoice Ninja setup with Docker - errors can occur. Depending on where the error happens - the webserver, Invoice Ninja or the database - different log files can be responsible. 
-
-### Show logs without `docker-compose`
-
-If you are not running `docker-compose` you first need to find the container id for your php container with `docker ps`. Then you can run
-
-```shell
-docker logs -f <CONTAINER NAME>
-```
-
-This gives you a constant output of the log files for the php container.
-
-### Show logs with `docker-compose`
-
-If you are running the `docker-compose` setup you can output all logs, from all containers, with the following command
-
-```shell
-docker-compose logs -f
-```
-
-If you better want a physical log file in in your `storage/logs` folder, just add `-e LOG=single` to the [usage](#usage) command. 
-Or add an environment variable 
-
-```yml
-...
-environment:
-  LOG: single
-...
-```
-
-to your `docker-compose.yml`.
-
-This generated log file will only hold Invoice Ninja information.
+If you discover a bug, please create and issue, if you query is general in nature please visit us on our [Forum ](https://forum.invoiceninja.com/)
--- a/alpine/4/Dockerfile
+++ b/alpine/4/Dockerfile
@@ -0,0 +1,73 @@
+ARG PHP_VERSION=7.3
+ARG BAK_STORAGE_PATH=/var/www/app/docker-backup-storage/
+ARG BAK_PUBLIC_PATH=/var/www/app/docker-backup-public/
+
+FROM php:${PHP_VERSION}-fpm-alpine as prod
+
+LABEL maintainer="David Bomba <turbo124@gmail.com>"
+
+#####
+# SYSTEM REQUIREMENT
+#####
+ARG INVOICENINJA_VERSION
+ARG BAK_STORAGE_PATH
+ARG BAK_PUBLIC_PATH
+
+RUN mv /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini
+
+# Install PHP extensions
+# https://hub.docker.com/r/mlocati/php-extension-installer/tags
+COPY --from=mlocati/php-extension-installer:1.1.41 /usr/bin/install-php-extensions /usr/local/bin/
+
+RUN install-php-extensions \
+    gd \
+    gmp \
+    opcache \
+    pdo_mysql \
+    zip
+
+# Separate user
+ENV INVOICENINJA_USER=invoiceninja
+
+WORKDIR /var/www/app
+
+RUN addgroup --gid=1500 -S "$INVOICENINJA_USER" \
+    && adduser --uid=1500 \
+    --disabled-password \
+    --gecos "" \
+    --home "$(pwd)" \
+    --ingroup "$INVOICENINJA_USER" \ 
+    --no-create-home \
+    "$INVOICENINJA_USER" \
+    && chown -R "$INVOICENINJA_USER":"$INVOICENINJA_USER" .
+
+COPY rootfs /
+RUN chmod +x /usr/local/bin/docker-entrypoint
+
+USER 1500
+
+# Download and install IN
+ENV INVOICENINJA_VERSION="${INVOICENINJA_VERSION}"
+ENV BAK_STORAGE_PATH $BAK_STORAGE_PATH
+ENV BAK_PUBLIC_PATH $BAK_PUBLIC_PATH
+
+RUN curl -o /tmp/ninja.zip -L https://download.invoiceninja.com/ninja-v${INVOICENINJA_VERSION}.zip \
+    && unzip -q /tmp/ninja.zip -d /tmp/ \
+    && mv /tmp/ninja/* /var/www/app \
+    && rm -rf /tmp/ninja* \
+    && mv /var/www/app/storage $BAK_STORAGE_PATH  \
+    && mv /var/www/app/public $BAK_PUBLIC_PATH  \
+    && mkdir -p /var/www/app/public/logo /var/www/app/storage \
+    && chmod -R 755 /var/www/app/storage  \
+    && rm -rf /var/www/app/docs /var/www/app/tests
+
+# Override the environment settings from projects .env file
+ENV IS_DOCKER true
+ENV LOG errorlog
+ENV SELF_UPDATER_SOURCE ''
+
+# Use to be mounted into nginx
+VOLUME /var/www/app/public
+
+ENTRYPOINT ["docker-entrypoint"]
+CMD ["php-fpm"]
--- a/alpine/4/cache_buster
+++ b/alpine/4/cache_buster
@@ -0,0 +1 @@
+Fri Jul  2 7:33:22 +00 2021
--- a/alpine/4/rootfs/etc/php/conf.d/in-php.ini
+++ b/alpine/4/rootfs/etc/php/conf.d/in-php.ini
@@ -0,0 +1,17 @@
+; How often (in seconds) to check file timestamps for changes to the shared
+; memory storage allocation. ("1" means validate once per second, but only
+; once per request. "0" means always validate)
+;opcache.revalidate_freq=2
+opcache.revalidate_freq=60
+
+# http://symfony.com/doc/current/performance.html
+; Duration of time, in seconds for which to cache realpath information for a given
+; file or directory. For systems with rarely changing files, consider increasing this
+; value.
+; http://php.net/realpath-cache-ttl
+;realpath_cache_ttl = 120                                                                                                                        
+realpath_cache_ttl = 600
+
+; Maximum allowed size for uploaded files.                                                                                                                      
+; http://php.net/upload-max-filesize                                                                                                                            
+upload_max_filesize = 8M
--- a/alpine/4/rootfs/usr/local/bin/docker-entrypoint
+++ b/alpine/4/rootfs/usr/local/bin/docker-entrypoint
@@ -0,0 +1,110 @@
+#!/usr/bin/env sh
+set -e
+
+# logging functions
+in_log() {
+        local type="$1"; shift
+        printf '%s [%s] [Entrypoint]: %s\n' "$(date -u '+%Y-%m-%dT%H:%M:%SZ')" "$type" "$*"
+}
+
+in_error() {
+        in_log ERROR "$@" >&2
+        exit 1
+}
+
+# Indirect expansion (ie) is not supported in bourne shell. That's why we are using this "magic" here.
+ie_gv() {
+        eval "echo \$$1"
+}
+
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+        local var="$1"
+        local fileVar="${var}_FILE"
+        local def="${2:-}"
+
+        if [ "$(ie_gv ${var})" != ""  ] && [ "$(ie_gv ${fileVar})" != "" ]; then
+                in_error "Both $var and $fileVar are set (but are exclusive)"
+        fi
+
+        local val="$def"
+        if [ "$(ie_gv ${var})" != "" ]; then
+                val=$(ie_gv ${var})
+        elif [ "$(ie_gv ${fileVar})" != "" ]; then
+                val=`cat $(ie_gv ${fileVar})`
+        fi
+
+        export "$var"="$val"
+        unset "$fileVar"
+}
+
+
+# first arg is `-f` or `--some-option`
+if [ "${1#-}" != "$1" ]; then
+	set -- php-fpm "$@"
+fi
+
+# create storage volume
+if [ ! -d /var/www/app/storage ] && [ -d "$BAK_STORAGE_PATH" ]; then
+    mv "$BAK_STORAGE_PATH" /var/www/app/storage
+elif [ -d "$BAK_STORAGE_PATH" ]; then
+    # copy missing folders in storage
+    IN_STORAGE_BACKUP="$(ls "$BAK_STORAGE_PATH")"
+    for path in $IN_STORAGE_BACKUP; do
+        if [ ! -e "/var/www/app/storage/$path" ]; then
+            cp -Rp "$BAK_STORAGE_PATH/$path" "/var/www/app/storage/"
+        fi
+    done
+fi
+rm -rf "$BAK_STORAGE_PATH"
+
+# create public volume
+if [ ! -d /var/www/app/public ] && [ -d "$BAK_PUBLIC_PATH" ]; then
+    mv "$BAK_PUBLIC_PATH" /var/www/app/public
+elif [ ! -e /var/www/app/public/version ] || [ "$INVOICENINJA_VERSION" != "$(cat /var/www/app/public/version)" ]; then
+    # version mismatch, update all
+    cp -au "$BAK_PUBLIC_PATH/"* /var/www/app/public
+    echo "$INVOICENINJA_VERSION" > /var/www/app/public/version
+elif [ ! -d /var/www/app/public/logo ] && [ -d "$BAK_PUBLIC_PATH/logo" ]; then
+    # missing logo folder only, copy folder
+    cp -a "$BAK_PUBLIC_PATH/logo" /var/www/app/public/logo
+elif [ -d "$BAK_PUBLIC_PATH/logo" ]; then
+    # copy missing folders in logo
+    IN_LOGO_BACKUP="$(ls "$BAK_PUBLIC_PATH/logo")"
+    for path in $IN_LOGO_BACKUP; do
+        if [ ! -e "/var/www/app/public/logo/$path" ]; then
+            cp -a "$BAK_PUBLIC_PATH/logo/$path" "/var/www/app/public/logo/"
+        fi
+    done
+fi
+rm -rf "$BAK_PUBLIC_PATH"
+
+# Set permission for web server to create/update files (only <v4)
+chown -R "$INVOICENINJA_USER":"$INVOICENINJA_USER" /var/www/app/storage /var/www/app/public /var/www/app/bootstrap
+
+# Initialize values that might be stored in a file
+file_env 'APP_KEY'
+file_env 'API_SECRET'
+file_env 'CLOUDFLARE_API_KEY'
+file_env 'DB_USERNAME'
+file_env 'DB_USERNAME1'
+file_env 'DB_USERNAME2'
+file_env 'DB_PASSWORD'
+file_env 'DB_PASSWORD1'
+file_env 'DB_PASSWORD2'
+file_env 'MAIL_USERNAME'
+file_env 'MAIL_PASSWORD'
+file_env 'MAILGUN_SECRET'
+file_env 'S3_KEY'
+file_env 'S3_SECRET'
+
+# Run Laravel stuff
+if [[ "$1" == "supervisord" ]] || [[ "$1" == "php-fpm" ]]; then
+    echo "Initialising Laravel..."
+    . laravel-init.sh
+fi
+
+exec docker-php-entrypoint "$@"
--- a/alpine/4/rootfs/usr/local/bin/laravel-init.sh
+++ b/alpine/4/rootfs/usr/local/bin/laravel-init.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+php artisan config:cache
+php artisan optimize
+php artisan migrate --force
--- a/alpine/5/Dockerfile
+++ b/alpine/5/Dockerfile
@@ -0,0 +1,104 @@
+ARG PHP_VERSION=8.1
+ARG BAK_STORAGE_PATH=/var/www/app/docker-backup-storage/
+ARG BAK_PUBLIC_PATH=/var/www/app/docker-backup-public/
+
+# Get Invoice Ninja and install nodejs packages
+FROM --platform=$BUILDPLATFORM node:lts-alpine as build
+
+# Download Invoice Ninja
+ARG INVOICENINJA_VERSION
+ADD https://github.com/invoiceninja/invoiceninja/tarball/v$INVOICENINJA_VERSION /tmp/ninja.tar.gz
+
+# Extract Invoice Ninja
+RUN mkdir -p /var/www/app \
+    && tar --strip-components=1 -xf /tmp/ninja.tar.gz -C /var/www/app/ \
+    && mkdir -p /var/www/app/public/logo /var/www/app/storage \
+    && mv /var/www/app/.env.example /var/www/app/.env \
+    && rm -rf /var/www/app/docs /var/www/app/tests
+
+WORKDIR /var/www/app/
+
+# Install node packages
+ARG BAK_STORAGE_PATH
+ARG BAK_PUBLIC_PATH
+RUN --mount=target=/var/www/app/node_modules,type=cache \
+    npm install --production \
+    && npm run production \
+    && mv /var/www/app/storage $BAK_STORAGE_PATH \
+    && mv /var/www/app/public $BAK_PUBLIC_PATH  
+
+# Prepare php image
+FROM php:${PHP_VERSION}-fpm-alpine3.15 as prod
+
+LABEL maintainer="David Bomba <turbo124@gmail.com>"
+
+# Adding caching_sha2_password.so
+# With this we get native support for caching_sha2_password
+RUN apk add --no-cache mariadb-connector-c
+
+RUN mv /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini
+
+# Install PHP extensions
+# https://hub.docker.com/r/mlocati/php-extension-installer/tags
+COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/local/bin/
+
+RUN install-php-extensions \
+    bcmath \
+    exif \
+    gd \
+    gmp \
+    mysqli \
+    opcache \
+    pdo_mysql \
+    zip \
+    @composer \
+    && rm /usr/local/bin/install-php-extensions
+
+# Install chromium
+RUN set -eux; \
+    apk add --no-cache \
+    font-isas-misc \
+    supervisor \
+    mysql-client \
+    git \
+    chromium \
+    ttf-freefont
+
+# Copy files
+COPY rootfs /
+
+## Create user
+ARG UID=1500
+ENV INVOICENINJA_USER invoiceninja
+
+RUN addgroup --gid=$UID -S "$INVOICENINJA_USER" \
+    && adduser --uid=$UID \
+    --disabled-password \
+    --gecos "" \
+    --home "/var/www/app" \
+    --ingroup "$INVOICENINJA_USER" \
+    "$INVOICENINJA_USER"
+
+# Set up app
+ARG INVOICENINJA_VERSION
+ARG BAK_STORAGE_PATH
+ARG BAK_PUBLIC_PATH
+ENV INVOICENINJA_VERSION $INVOICENINJA_VERSION
+ENV BAK_STORAGE_PATH $BAK_STORAGE_PATH
+ENV BAK_PUBLIC_PATH $BAK_PUBLIC_PATH
+COPY --from=build --chown=$INVOICENINJA_USER:$INVOICENINJA_USER /var/www/app /var/www/app
+
+USER $UID
+WORKDIR /var/www/app
+
+# Do not remove this ENV
+ENV IS_DOCKER true
+RUN /usr/local/bin/composer install --no-dev --quiet
+
+# Override the environment settings from projects .env file
+ENV APP_ENV production
+ENV LOG errorlog
+ENV SNAPPDF_EXECUTABLE_PATH /usr/bin/chromium-browser
+
+ENTRYPOINT ["docker-entrypoint"]
+CMD ["supervisord"]
--- a/alpine/5/cache_buster
+++ b/alpine/5/cache_buster
@@ -0,0 +1 @@
+Fri Jul  2 7:33:22 +00 2021
--- a/alpine/5/rootfs/docker-entrypoint-init.d/10-init-in.sh
+++ b/alpine/5/rootfs/docker-entrypoint-init.d/10-init-in.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+php artisan db:seed --force
+
+# Build up array of arguments...
+if [[ ! -z "${IN_USER_EMAIL}" ]]; then
+    email="--email ${IN_USER_EMAIL}"
+fi
+
+if [[ ! -z "${IN_PASSWORD}" ]]; then
+    password="--password ${IN_PASSWORD}"
+fi
+
+php artisan ninja:create-account $email $password
--- a/alpine/5/rootfs/etc/supervisord.conf
+++ b/alpine/5/rootfs/etc/supervisord.conf
@@ -0,0 +1,42 @@
+[supervisord]
+nodaemon=true
+pidfile=/tmp/supervisord.pid
+logfile=/dev/null ; nodaemon will cause logs to go to stdout
+logfile_maxbytes=0
+loglevel=info
+
+[program:php-fpm]
+redirect_stderr=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=php-fpm
+
+[program:scheduler]
+autorestart=true
+redirect_stderr=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=php artisan schedule:work
+
+[program:queue-worker]
+process_name=%(program_name)s_%(process_num)02d
+autorestart=true
+redirect_stderr=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+numprocs=2
+command=php artisan queue:work --sleep=3 --tries=1 --memory=256 --timeout=3600
+
+[eventlistener:shutdown]
+command=shutdown.sh
+events=PROCESS_STATE_STOPPED, PROCESS_STATE_EXITED, PROCESS_STATE_FATAL
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
--- a/alpine/5/rootfs/usr/local/bin/docker-entrypoint
+++ b/alpine/5/rootfs/usr/local/bin/docker-entrypoint
@@ -0,0 +1,113 @@
+#!/usr/bin/env sh
+set -e
+
+# logging functions
+in_log() {
+    local type="$1"
+    shift
+    printf '%s [%s] [Entrypoint]: %s\n' "$(date -u '+%Y-%m-%dT%H:%M:%SZ')" "$type" "$*"
+}
+
+in_error() {
+    in_log ERROR "$@" >&2
+    exit 1
+}
+
+# Indirect expansion (ie) is not supported in bourne shell. That's why we are using this "magic" here.
+ie_gv() {
+    eval "echo \$$1"
+}
+
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+    local var="$1"
+    local fileVar="${var}_FILE"
+    local def="${2:-}"
+
+    if [ "$(ie_gv ${var})" != "" ]; then
+        if [ "$(ie_gv ${fileVar})" != "" ]; then
+            in_error "Both $var and $fileVar are set (but are exclusive)"
+        fi
+        unset "$fileVar"
+        return
+    fi
+
+    if [ "$(ie_gv ${fileVar})" != "" ] && [ -f "$(ie_gv ${fileVar})" ]; then
+        export "$var"="$(cat $(ie_gv ${fileVar}))"
+    elif [ ! -z "$def" ]; then
+        export "$var"="$def"
+    fi
+
+    unset "$fileVar"
+}
+
+# first arg is `-f` or `--some-option`
+if [ "${1#-}" != "$1" ]; then
+    set -- supervisord "$@"
+fi
+
+# create storage volume
+if [ -d "$BAK_STORAGE_PATH" ]; then
+    if [ ! -d /var/www/app/storage ]; then
+        mv "$BAK_STORAGE_PATH" /var/www/app/storage
+    else
+        # copy missing folders in storage
+        IN_STORAGE_BACKUP="$(ls "$BAK_STORAGE_PATH")"
+        for path in $IN_STORAGE_BACKUP; do
+            if [ ! -e "/var/www/app/storage/$path" ]; then
+                cp -Rp "$BAK_STORAGE_PATH/$path" "/var/www/app/storage/"
+            fi
+        done
+    fi
+    rm -rf "$BAK_STORAGE_PATH"
+fi
+
+# create public volume
+if [ -d "$BAK_PUBLIC_PATH" ]; then
+    if [ ! -d /var/www/app/public ]; then
+        mv "$BAK_PUBLIC_PATH" /var/www/app/public
+    elif [ ! -f /var/www/app/public/version ] || [ "$INVOICENINJA_VERSION" != "$(cat /var/www/app/public/version)" ]; then
+        # version mismatch, update all
+        cp -au "$BAK_PUBLIC_PATH/"* /var/www/app/public
+        echo "$INVOICENINJA_VERSION" >/var/www/app/public/version
+    elif [ ! -d /var/www/app/public/logo ] && [ -d "$BAK_PUBLIC_PATH/logo" ]; then
+        # missing logo folder only, copy folder
+        cp -a "$BAK_PUBLIC_PATH/logo" /var/www/app/public/logo
+    elif [ -d "$BAK_PUBLIC_PATH/logo" ]; then
+        # copy missing folders in logo
+        IN_LOGO_BACKUP="$(ls "$BAK_PUBLIC_PATH/logo")"
+        for path in $IN_LOGO_BACKUP; do
+            if [ ! -e "/var/www/app/public/logo/$path" ]; then
+                cp -a "$BAK_PUBLIC_PATH/logo/$path" "/var/www/app/public/logo/"
+            fi
+        done
+    fi
+    rm -rf "$BAK_PUBLIC_PATH"
+fi
+
+# Initialize values that might be stored in a file
+file_env 'APP_KEY'
+file_env 'API_SECRET'
+file_env 'CLOUDFLARE_API_KEY'
+file_env 'DB_USERNAME'
+file_env 'DB_USERNAME1'
+file_env 'DB_USERNAME2'
+file_env 'DB_PASSWORD'
+file_env 'DB_PASSWORD1'
+file_env 'DB_PASSWORD2'
+file_env 'MAIL_USERNAME'
+file_env 'MAIL_PASSWORD'
+file_env 'MAILGUN_SECRET'
+file_env 'S3_KEY'
+file_env 'S3_SECRET'
+
+# Run IN/Laravel stuff
+if [[ "$1" == "supervisord" ]] || [[ "$1" == "php-fpm" ]]; then
+    in_log INFO "Initialising Invoice Ninja..."
+    . invoiceninja-init.sh
+fi
+
+exec docker-php-entrypoint "$@"
--- a/alpine/5/rootfs/usr/local/bin/invoiceninja-init.sh
+++ b/alpine/5/rootfs/usr/local/bin/invoiceninja-init.sh
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+# usage: docker_process_init_files [file [file [...]]]
+#    ie: docker_process_init_files /always-initdb.d/*
+# process initializer files, based on file extensions
+docker_process_init_files() {
+    echo
+    local f
+    for f; do
+        case "$f" in
+        *.sh)
+            # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936
+            # https://github.com/docker-library/postgres/pull/452
+            if [ -x "$f" ]; then
+                in_log INFO "$0: running $f"
+                "$f"
+            else
+                in_log INFO "$0: sourcing $f"
+                . "$f"
+            fi
+            ;;
+        *) in_log INFO "$0: ignoring $f" ;;
+        esac
+        echo
+    done
+}
+
+php artisan config:cache
+php artisan optimize
+
+# Check if DB works, if not crash the app.
+DB_READY=$(php artisan tinker --execute='echo app()->call("App\Utils\SystemHealth@dbCheck")["success"];')
+if [ "$DB_READY" != "1" ]; then
+    php artisan migrate:status # Print verbose error
+    in_error "Error connecting to DB"
+fi
+
+php artisan migrate --force
+
+# If first IN run, it needs to be initialized
+IN_INIT=$(php artisan tinker --execute='echo Schema::hasTable("accounts") && !App\Models\Account::all()->first();')
+if [ "$IN_INIT" == "1" ]; then
+    docker_process_init_files /docker-entrypoint-init.d/*
+fi
--- a/alpine/5/rootfs/usr/local/bin/shutdown.sh
+++ b/alpine/5/rootfs/usr/local/bin/shutdown.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+printf "READY\n"
+
+while read line; do
+    echo "Processing Event: $line" >&2
+    kill -SIGQUIT $PPID
+done </dev/stdin
--- a/alpine/5/rootfs/usr/local/etc/php/conf.d/in-php.ini
+++ b/alpine/5/rootfs/usr/local/etc/php/conf.d/in-php.ini
@@ -0,0 +1,17 @@
+; How often (in seconds) to check file timestamps for changes to the shared
+; memory storage allocation. ("1" means validate once per second, but only
+; once per request. "0" means always validate)
+;opcache.revalidate_freq=2
+opcache.revalidate_freq=60
+
+# http://symfony.com/doc/current/performance.html
+; Duration of time, in seconds for which to cache realpath information for a given
+; file or directory. For systems with rarely changing files, consider increasing this
+; value.
+; http://php.net/realpath-cache-ttl
+;realpath_cache_ttl = 120                                                                                                                        
+realpath_cache_ttl = 600
+
+; Maximum allowed size for uploaded files.                                                                                                                      
+; http://php.net/upload-max-filesize                                                                                                                            
+upload_max_filesize = 8M
--- a/alpine/Dockerfile
+++ b/alpine/Dockerfile
@@ -1,78 +0,0 @@
-ARG PHP_VERSION=7.2
-
-FROM php:${PHP_VERSION}-fpm-alpine
-
-LABEL maintainer="Samuel Laulhau <sam@lalop.co>, Holger Lösken <holger.loesken@codedge.de>"
-
-#####
-# SYSTEM REQUIREMENT
-#####
-ARG INVOICENINJA_VERSION
-WORKDIR /var/www/app
-
-COPY entrypoint.sh /usr/local/bin/docker-entrypoint
-RUN chmod +x /usr/local/bin/docker-entrypoint
-
-RUN set -eux; \
-    apk add --no-cache \
-    gmp-dev \
-    freetype-dev \
-    libarchive-tools \
-    libjpeg-turbo-dev \
-    libpng-dev \
-    libwebp-dev\ 
-    libzip-dev
-
-RUN docker-php-ext-configure gd --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include --with-webp-dir=/usr/include --with-freetype-dir=/usr/include/; \
-	docker-php-ext-configure zip --with-libzip; \
-	docker-php-ext-install -j$(nproc) \
-       iconv \
-       gd \
-       gmp \
-       mbstring \
-       opcache \
-       pdo \
-       pdo_mysql \
-       zip
-
-COPY ./config/php/php.ini /usr/local/etc/php/php.ini
-COPY ./config/php/php-cli.ini /usr/local/etc/php/php-cli.ini
-
-# Separate user
-ENV IN_USER=invoiceninja
-
-RUN addgroup -S "$IN_USER" && \
-    adduser \
-    --disabled-password \
-    --gecos "" \
-    --home "$(pwd)" \
-    --ingroup "$IN_USER" \ 
-    --no-create-home \
-    "$IN_USER"; \
-    addgroup "$IN_USER" www-data; \
-    chown -R "$IN_USER":"$IN_USER" .
-
-USER $IN_USER
-
-# Download and install IN
-ENV INVOICENINJA_VERSION="${INVOICENINJA_VERSION}"
-
-RUN curl -s -o /tmp/ninja.zip -SL https://download.invoiceninja.com/ninja-v${INVOICENINJA_VERSION}.zip \
-    && bsdtar --strip-components=1 -C /var/www/app -xf /tmp/ninja.zip \
-    && rm /tmp/ninja.zip \
-    && mv /var/www/app/storage /var/www/app/docker-backup-storage  \
-    && mv /var/www/app/public /var/www/app/docker-backup-public  \
-    && mkdir -p /var/www/app/public/logo /var/www/app/storage \
-    && cp /var/www/app/.env.example /var/www/app/.env \
-    && chmod -R 755 /var/www/app/storage  \
-    && rm -rf /var/www/app/docs /var/www/app/tests
-
-# Override the environment settings from projects .env file
-ENV LOG errorlog
-ENV SELF_UPDATER_SOURCE ''
-
-# Use to be mounted into nginx
-VOLUME /var/www/app/public
-
-ENTRYPOINT ["docker-entrypoint"]
-CMD ["php-fpm"]
--- a/alpine/Dockerfile_v5
+++ b/alpine/Dockerfile_v5
@@ -1,95 +0,0 @@
-ARG PHP_VERSION=7.3
-
-# Get Invoice Ninja
-FROM alpine:latest as base
-ARG INVOICENINJA_VERSION
-
-RUN set -eux; \
-    apk add --no-cache \
-    curl \
-    libarchive-tools; \
-    mkdir -p /var/www/app
-
-RUN curl -o /tmp/ninja.tar.gz -LJ0 https://github.com/invoiceninja/invoiceninja/tarball/v$INVOICENINJA_VERSION \
-    && bsdtar --strip-components=1 -C /var/www/app -xf /tmp/ninja.tar.gz \
-    && rm /tmp/ninja.tar.gz \
-    && cp -R /var/www/app/storage /var/www/app/docker-backup-storage  \
-    && cp -R /var/www/app/public /var/www/app/docker-backup-public  \
-    && mkdir -p /var/www/app/public/logo /var/www/app/storage \
-    && cp /var/www/app/.env.example /var/www/app/.env \
-    && cp /var/www/app/.env.dusk.example /var/www/app/.env.dusk.local \
-    && rm -rf /var/www/app/docs /var/www/app/tests
-
-# Install nodejs packages
-FROM node:12-alpine as frontend
-
-COPY --from=base /var/www/app /var/www/app
-WORKDIR /var/www/app/
-
-RUN npm install
-
-# Prepare php image
-FROM php:${PHP_VERSION}-fpm-alpine
-ARG INVOICENINJA_VERSION
-ENV INVOICENINJA_VERSION=$INVOICENINJA_VERSION
-
-LABEL maintainer="Samuel Laulhau <sam@lalop.co>, Holger Lösken <holger.loesken@codedge.de>"
-
-WORKDIR /var/www/app
-
-COPY --from=frontend /var/www/app /var/www/app
-COPY entrypoint.sh /usr/local/bin/docker-entrypoint
-RUN chmod +x /usr/local/bin/docker-entrypoint
-
-RUN set -eux; \
-    apk add --no-cache \
-    freetype-dev \
-    gmp-dev \
-    libjpeg-turbo-dev \
-    libpng-dev \
-    libzip-dev; \
-    docker-php-ext-configure zip --with-libzip; \
-    docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ --with-png-dir=/usr/include/; \
-    docker-php-ext-install -j$(nproc) \
-        bcmath \
-        exif \
-        gd \
-        gmp \
-        mbstring \
-        mysqli \
-        opcache \
-        pdo \
-        pdo_mysql \
-        zip
-
-COPY ./config/php/php.ini /usr/local/etc/php/php.ini
-COPY ./config/php/php-cli.ini /usr/local/etc/php/php-cli.ini
-
-## Separate user
-ENV INVOICENINJA_USER=invoiceninja
-
-RUN addgroup -S "$INVOICENINJA_USER" && \
-    adduser \
-    --disabled-password \
-    --gecos "" \
-    --home "$(pwd)" \
-    --ingroup "$INVOICENINJA_USER" \ 
-    --no-create-home \
-    "$INVOICENINJA_USER"; \
-    addgroup "$INVOICENINJA_USER" www-data; \
-    chown -R "$INVOICENINJA_USER":"$INVOICENINJA_USER" /var/www/app
-
-# Install Composer
-RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer; \
-    composer global require hirak/prestissimo;
-
-USER $INVOICENINJA_USER
-
-RUN composer install --no-dev --no-suggest --no-progress
-
-# Override the environment settings from projects .env file
-ENV APP_ENV production
-ENV LOG errorlog
-
-ENTRYPOINT ["docker-entrypoint"]
-CMD ["php-fpm"]
--- a/charts/invoiceninja/.helmignore
+++ b/charts/invoiceninja/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/charts/invoiceninja/Chart.lock
+++ b/charts/invoiceninja/Chart.lock
@@ -0,0 +1,15 @@
+dependencies:
+- name: common
+  repository: https://charts.bitnami.com/bitnami
+  version: 2.2.2
+- name: nginx
+  repository: https://charts.bitnami.com/bitnami
+  version: 13.2.20
+- name: mariadb
+  repository: https://charts.bitnami.com/bitnami
+  version: 11.4.2
+- name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 16.13.2
+digest: sha256:da0dca54f32ca0465f89744d6247421ad13c907f09cd40fb21985c81888aaef1
+generated: "2022-12-23T12:54:52.476889+08:00"
--- a/charts/invoiceninja/Chart.yaml
+++ b/charts/invoiceninja/Chart.yaml
@@ -0,0 +1,47 @@
+apiVersion: v2
+name: invoiceninja
+description: A Helm chart to install Invoice Ninja
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.10.1
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 5.5.49
+keywords:
+  - invoiceninja
+home: https://invoiceninja.github.io/dockerfiles
+sources:
+  - https://github.com/invoiceninja/invoiceninja
+  - https://github.com/invoiceninja/dockerfiles
+dependencies:
+  - name: common
+    repository: https://charts.bitnami.com/bitnami
+    tags:
+      - bitnami-common
+    version: 2.x.x
+  - condition: nginx.enabled
+    name: nginx
+    repository: https://charts.bitnami.com/bitnami
+    version: 13.x.x
+  - condition: mariadb.enabled
+    name: mariadb
+    repository: https://charts.bitnami.com/bitnami
+    version: 11.4.x
+  - condition: redis.enabled
+    name: redis
+    repository: https://charts.bitnami.com/bitnami
+    version: 16.x.x
+maintainers:
+  - email: lwj5@hotmail.com
+    name: lwj5
--- a/charts/invoiceninja/README.md
+++ b/charts/invoiceninja/README.md
@@ -0,0 +1,388 @@
+# Invoice Ninja Helm Chart
+
+This helm chart installs Invoice Ninja (IN) and its dependencies into a running
+Kubernetes cluster.
+
+The chart installs the [Invoice Ninja](https://hub.docker.com/r/invoiceninja/invoiceninja) docker image.
+
+Please read [Upgrading](#upgrading) section before upgrading MAJOR versions.
+
+## Dependencies
+
+- The Bitnami [common](https://github.com/bitnami/charts/tree/master/bitnami/common) helm chart
+- The Bitnami [mariadb](https://github.com/bitnami/charts/tree/master/bitnami/mariadb) helm chart
+- The Bitnami [nginx](https://github.com/bitnami/charts/tree/master/bitnami/nginx) helm chart
+- The Bitnami [redis](https://github.com/bitnami/charts/tree/master/bitnami/redis) helm chart
+- Tested on Kubernetes 1.19+
+
+## Installing the Chart
+
+To install the chart with the release name `invoiceninja`:
+
+```bash
+helm repo add invoiceninja https://invoiceninja.github.io/dockerfiles
+helm install invoiceninja invoiceninja/invoiceninja --set appKey=changeit --set mariadb.auth.rootPassword=changeit --set mariadb.auth.password=changeit --set redis.auth.password=changeit
+```
+
+The command deploys Invoice Ninja on the Kubernetes cluster in the default namespace. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`
+
+## Uninstalling the Chart
+
+To uninstall/delete the `invoiceninja` deployment:
+
+```bash
+helm delete invoiceninja
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Parameters
+
+The following table lists the configurable parameters of the Invoice Ninja chart and their default values.
+
+> NOTE: You MUST set any values that default to random or risk losing access after an upgrade. See how [here](#installing-with-arguments)
+
+### Global Configuration
+
+The following table shows the configuration options for the Invoice Ninja helm chart:
+
+### Global parameters
+
+| Parameter                 | Description                                     | Default                                                 |
+| ------------------------- | ----------------------------------------------- | ------------------------------------------------------- |
+| `global.imageRegistry`    | Global Docker image registry                    | `nil`                                                   |
+| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
+| `global.storageClass`     | Global storage class for dynamic provisioning   | `nil`                                                   |
+
+### Common parameters
+
+| Parameter           | Description                                                          | Default                        |
+| ------------------- | -------------------------------------------------------------------- | ------------------------------ |
+| `nameOverride`      | String to partially override common.names.fullname                   | `nil`                          |
+| `fullnameOverride`  | String to fully override common.names.fullname                       | `nil`                          |
+| `clusterDomain`     | Default Kubernetes cluster domain                                    | `cluster.local`                |
+| `commonLabels`      | Labels to add to all deployed objects                                | `{}`                           |
+| `commonAnnotations` | Annotations to add to all deployed objects                           | `{}`                           |
+| `kubeVersion`       | Force target Kubernetes version (using Helm capabilities if not set) | `nil`                          |
+| `extraDeploy`       | Array of extra objects to deploy with the release                    | `[]` (evaluated as a template) |
+
+### Invoice Ninja container parameters
+
+| Parameter                | Description                                                                   | Default                                                 |
+| ------------------------ | ----------------------------------------------------------------------------- | ------------------------------------------------------- |
+| `image.registry`         | Invoice Ninja image registry                                                  | `docker.io`                                             |
+| `image.repository`       | Invoice Ninja image name                                                      | `invoiceninja/invoiceninja`                             |
+| `image.tag`              | Invoice Ninja image tag                                                       | Check `values.yaml` file                                |
+| `image.pullPolicy`       | Invoice Ninja image pull policy                                               | `IfNotPresent`                                          |
+| `image.pullSecrets`      | Specify docker-registry secret names as an array                              | `[]` (does not add image pull secrets to deployed pods) |
+| `image.debug`            | Specify if debug logs should be enabled                                       | `false`                                                 |
+| `debug`                  | Turn on debug mode on Invoice Ninja                                           | `false`                                                 |
+| `appKey`                 | Laravel Application Key (ignored if existing secret is provided)              | _random 32 character alphanumeric string_               |
+| `appURL`                 | Override Laravel Application URL (automatically set if blank)                 | `""`                                                    |
+| `userEmail`              | Initial user email address                                                    | `admin@example.com`                                     |
+| `userPassword`           | Initial user password (ignored if existing secret is provided)                | `changeme!`                                             |
+| `logChannel`             | Name of log channel to use                                                    | `nil`                                                   |
+| `broadcastDriver`        | Name of broadcast driver to use                                               | `nil`                                                   |
+| `cacheDriver`            | Name of cache driver to use                                                   | `nil`                                                   |
+| `sessionDriver`          | Name of session driver to use                                                 | `nil`                                                   |
+| `queueConnection`        | Name of queue connection to use                                               | `nil`                                                   |
+| `pdfGenerator`           | PDF generation method (Allowed values: `snappdf` or `phantom`)                | `snappdf`                                               |
+| `mailer`                 | Name of the mailer to use (log, smtp, etc.)                                   | `log`                                                   |
+| `requireHttps`           | Force HTTPS for internal connections to Invoice Ninja (see #349)              | `false`                                                 |
+| `existingSecret`         | Use existing secret that contain the keys `APP_KEY` and `IN_PASSWORD`         | `nil`                                                   |
+| `extraEnvVars`           | Extra environment variables to be set on Invoice Ninja container              | `{}`                                                    |
+| `extraEnvVarsCM`         | Name of existing ConfigMap containing extra env vars                          | `nil`                                                   |
+| `extraEnvVarsSecret`     | Name of existing Secret containing extra env vars                             | `nil`                                                   |
+| `trustedProxy`           | List of trusted proxies for Invoice Ninja to communicate with the nginx proxy | `'*'`                                                   |
+| `extraVolumeMounts`      | Additional volume mounts                                                      | `[]`                                                    |
+| `resources`              | The resources for the Invoice Ninja container                                 | `{}`                                                    |
+| `livenessProbe`          | Liveness probe configuration for Invoice Ninja                                | Check `values.yaml` file                                |
+| `readinessProbe`         | Readiness probe configuration for Invoice Ninja                               | Check `values.yaml` file                                |
+| `containerPorts.fastcgi` | FastCGI port to expose at container level                                     | `9000`                                                  |
+
+### Inline web server container parameters (only used when `nginx.enabled` is **not** set to true)
+
+| Parameter                | Description                                              | Default                                                 |
+| ------------------------ | -------------------------------------------------------- | ------------------------------------------------------- |
+| `http.image.registry`    | Nginx image registry                                     | `docker.io`                                             |
+| `http.image.repository`  | Nginx image name                                         | `invoiceninja/invoiceninja`                             |
+| `http.image.tag`         | Nginx image tag                                          | Check `values.yaml` file                                |
+| `http.image.pullPolicy`  | Nginx image pull policy                                  | `IfNotPresent`                                          |
+| `http.image.pullSecrets` | Specify docker-registry secret names as an array         | `[]` (does not add image pull secrets to deployed pods) |
+| `http.image.debug`       | Specify if debug logs should be enabled                  | `false`                                                 |
+| `extraEnvVars`           | Extra environment variables to be set on Nginx container | `{}`                                                    |
+| `extraEnvVarsCM`         | Name of existing ConfigMap containing extra env vars     | `nil`                                                   |
+| `extraEnvVarsSecret`     | Name of existing Secret containing extra env vars        | `nil`                                                   |
+| `extraVolumeMounts`      | Additional volume mounts                                 | `[]`                                                    |
+| `resources`              | The resources for the Nginx container                    | `{}`                                                    |
+| `livenessProbe`          | Liveness probe configuration for Nginx                   | Check `values.yaml` file                                |
+| `readinessProbe`         | Readiness probe configuration for Nginx                  | Check `values.yaml` file                                |
+| `containerPorts.http`    | HTTP port to expose at container level                   | `9000`                                                  |
+| `containerPorts.https`   | HTTPS port to expose at container level                  | `9000`                                                  |
+
+### Invoice Ninja deployment parameters
+
+| Parameter                   | Description                                                                               | Default                        |
+| --------------------------- | ----------------------------------------------------------------------------------------- | ------------------------------ |
+| `replicaCount`              | Number of Invoice Ninja Pods to run                                                       | `1`                            |
+| `serviceAccountName`        | Name of a service account for the Invoice Ninja pods                                      | `default`                      |
+| `containerSecurityContext`  | Invoice Ninja containers' Security Context                                                | Check `values.yaml` file       |
+| `podSecurityContext`        | Invoice Ninja pods' Security Context                                                      | Check `values.yaml` file       |
+| `updateStrategy`            | Set up update strategy                                                                    | `RollingUpdate`                |
+| `podAntiAffinityPreset`     | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`  | `soft`                         |
+| `nodeAffinityPreset.type`   | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""`                           |
+| `nodeAffinityPreset.key`    | Node label key to match. Ignored if `affinity` is set.                                    | `""`                           |
+| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set.                                 | `[]`                           |
+| `affinity`                  | Affinity for pod assignment                                                               | `{}` (evaluated as a template) |
+| `nodeSelector`              | Node labels for pod assignment                                                            | `{}` (evaluated as a template) |
+| `tolerations`               | Tolerations for pod assignment                                                            | `[]` (evaluated as a template) |
+| `podLabels`                 | Extra labels for Invoice Ninja pods                                                       | `{}`                           |
+| `podAnnotations`            | Annotations for Invoice Ninja pods                                                        | `{}`                           |
+| `extraVolumes`              | Additional volumes                                                                        | `[]`                           |
+
+### Volume Permissions parameters
+
+| Parameter                             | Description                                                                                                          | Default                                                 |
+| ------------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- |
+| `volumePermissions.enabled`           | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false`                                                 |
+| `volumePermissions.image.registry`    | Init container volume-permissions image registry                                                                     | `docker.io`                                             |
+| `volumePermissions.image.repository`  | Init container volume-permissions image name                                                                         | `bitnami/bitnami-shell`                                 |
+| `volumePermissions.image.tag`         | Init container volume-permissions image tag                                                                          | `"10"`                                                  |
+| `volumePermissions.image.pullPolicy`  | Init container volume-permissions image pull policy                                                                  | `Always`                                                |
+| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array                                                                     | `[]` (does not add image pull secrets to deployed pods) |
+| `volumePermissions.resources`         | Init container volume-permissions resource                                                                           | `{}`                                                    |
+
+### Exposure parameters
+
+#### FastCGI
+
+| Parameter                          | Description                                                                | Default                        |
+| ---------------------------------- | -------------------------------------------------------------------------- | ------------------------------ |
+| `service.type`                     | Kubernetes Service type                                                    | `ClusterIP`                    |
+| `service.port`                     | Service FastCGI port                                                       | `9000`                         |
+| `service.nodePort`                 | Kubernetes FastCGI node port                                               | `""`                           |
+| `service.clusterIP`                | Invoice Ninja service clusterIP IP                                         | `None`                         |
+| `service.loadBalancerSourceRanges` | Restricts access for LoadBalancer (only with `service.type: LoadBalancer`) | `[]`                           |
+| `service.loadBalancerIP`           | loadBalancerIP if service type is `LoadBalancer`                           | `nil`                          |
+| `service.externalTrafficPolicy`    | Enable client source IP preservation                                       | `Cluster`                      |
+| `service.annotations`              | Service annotations                                                        | `{}` (evaluated as a template) |
+
+#### Inline web server (only used when `nginx.enabled` is **not** set to true)
+
+| Parameter                               | Description                                                                | Default                        |
+| --------------------------------------- | -------------------------------------------------------------------------- | ------------------------------ |
+| `service.http.type`                     | Kubernetes Service type                                                    | `ClusterIP`                    |
+| `service.http.ports.http`               | Service HTTP port                                                          | `9000`                         |
+| `service.http.ports.https`              | Service HTTPS port                                                         | `9000`                         |
+| `service.http.nodePorts.http`           | Kubernetes HTTP node port                                                  | `""`                           |
+| `service.http.nodePorts.https`          | Kubernetes HTTPS node port                                                 | `""`                           |
+| `service.http.clusterIP`                | Invoice Ninja service clusterIP IP                                         | `None`                         |
+| `service.http.loadBalancerSourceRanges` | Restricts access for LoadBalancer (only with `service.type: LoadBalancer`) | `[]`                           |
+| `service.http.loadBalancerIP`           | loadBalancerIP if service type is `LoadBalancer`                           | `nil`                          |
+| `service.http.externalTrafficPolicy`    | Enable client source IP preservation                                       | `Cluster`                      |
+| `service.http.annotations`              | Service annotations                                                        | `{}` (evaluated as a template) |
+
+
+### Ingress parameters 
+
+#### Inline web server (only used when `nginx.enabled` is **not** set to true)
+
+| Parameter                  | Description                                                                                           | Default                  |
+| -------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------ |
+| `ingress.enabled`          | Enable ingress                                                                                        | `true`                   |
+| `ingress.certManager`      | Add the corresponding annotations for cert-manager integration                                        | `false`                  |
+| `ingress.pathType`         | Ingress path type                                                                                     | `ImplementationSpecific` |
+| `ingress.apiVersion`       | Force Ingress API version (automatically detected if not set)                                         | `nil`                    |
+| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)                         | `nil`                    |
+| `ingress.hostname`         | Default host for the ingress record                                                                   | `invoiceninja.local`     |
+| `ingress.path`             | Default path for the ingress record                                                                   | `/`                      |
+| `ingress.annotations`      | Additional custom annotations for the ingress record                                                  | `{}`                     |
+| `ingress.tls`              | Enable TLS configuration for the host defined at `ingress.hostname` parameter                         | `false`                  |
+| `ingress.extraHosts`       | An array with additional hostname(s) to be covered with the ingress record                            | `[]`                     |
+| `ingress.extraPaths`       | An array with additional arbitrary paths that may need to be added to the ingress under the main host | `[]`                     |
+| `ingress.extraTls`         | TLS configuration for additional hostname(s) to be covered with this ingress record                   | `[]`                     |
+| `ingress.secrets`          | Custom TLS certificates as secrets                                                                    | `[]`                     |
+
+#### Nginx sub-chart
+
+| Parameter                            | Description                           | Default                                                |
+| ------------------------------------ | ------------------------------------- | ------------------------------------------------------ |
+| `nginx.enabled`                      | Deploy Nginx sub-chart                | `false`                                                |
+| `nginx.service.type`                 | Kubernetes Service type               | `ClusterIP`                                            |
+| `nginx.ingress.enabled`              | Enable ingress controller resource    | `true`                                                 |
+| `nginx.ingress.hostname`             | Default host for the ingress resource | `invoiceninja.local`                                   |
+| `nginx.existingServerBlockConfigmap` | Custom NGINX server block config map  | `{{ include "invoiceninja.nginx.serverBlockName" . }}` |
+| `nginx.staticSitePVC`                | Name of Invoice Ninja public PVC      | `{{ include "invoiceninja.public.storageName" . }}`    |
+
+> See [Dependencies](#dependencies) for more.
+
+### Persistence parameters
+
+| Parameter                           | Description                                         | Default           |
+| ----------------------------------- | --------------------------------------------------- | ----------------- |
+| `persistence.public.enabled`        | Enable persistence using PVC                        | `true`            |
+| `persistence.public.existingClaim`  | Enable persistence using an existing PVC            | `nil`             |
+| `persistence.public.storageClass`   | PVC Storage Class                                   | `nil`             |
+| `persistence.public.accessModes`    | PVC Access Modes                                    | `[ReadWriteOnce]` |
+| `persistence.public.size`           | PVC Storage Request                                 | `1Gi`             |
+| `persistence.public.dataSource`     | PVC data source                                     | `{}`              |
+| `persistence.storage.enabled`       | Enable persistence using PVC (only for FILE driver) | `false`           |
+| `persistence.storage.existingClaim` | Enable persistence using an existing PVC            | `nil`             |
+| `persistence.storage.storageClass`  | PVC Storage Class                                   | `nil`             |
+| `persistence.storage.accessModes`   | PVC Access Modes                                    | `[ReadWriteMany]` |
+| `persistence.storage.size`          | PVC Storage Request                                 | `5Gi`             |
+| `persistence.storage.dataSource`    | PVC data source                                     | `{}`              |
+
+> See `values.yaml` for more details.
+
+### Redis parameters
+
+| Parameter                         | Description                                  | Default                                   |
+| --------------------------------- | -------------------------------------------- | ----------------------------------------- |
+| `redis.enabled`                   | If external redis is used, set it to `false` | `true`                                    |
+| `redis.auth.password`             | Redis password                               | _random 10 character alphanumeric string_ |
+| `redis.auth.sentinel`             | Use password for sentinel containers         | `false`                                   |
+| `redis.sentinel.enabled`          | Enable sentinel containers                   | `true`                                    |
+| `redis.sentinel.quorum`           | Sentinel Quorum                              | `1`                                       |
+| `redis.replica.replicaCount`      | Number of Redis replicas to deploy           | `1`                                       |
+| `externalRedis.host`              | Host of the external redis                   | `nil`                                     |
+| `externalRedis.port`              | Port of the external redis                   | `6379`                                    |
+| `externalRedis.password`          | Password for the external redis              | `nil`                                     |
+| `externalRedis.sentinel`          | Using sentinels                              | `false`                                   |
+| `externalRedis.databases.default` | Database to use by default                   | `0`                                       |
+| `externalRedis.databases.cache`   | Database to use by cache                     | `1`                                       |
+
+> See [Dependencies](#dependencies) for more.
+
+### Database parameters 
+
+| Parameter                         | Description                                 | Default                                   |
+| --------------------------------- | ------------------------------------------- | ----------------------------------------- |
+| `mariadb.enabled`                 | Deploy MariaDB container(s)                 | `true`                                    |
+| `mariadb.auth.rootPassword`       | Password for the MariaDB `root` user        | _random 10 character alphanumeric string_ |
+| `mariadb.auth.database`           | Database name to create                     | `invoiceninja`                            |
+| `mariadb.auth.username`           | Database user to create                     | `invoiceninja`                            |
+| `mariadb.auth.password`           | Password for the database                   | _random 10 character alphanumeric string_ |
+| `externalDatabase.host`           | Host of the external database               | `nil`                                     |
+| `externalDatabase.user`           | Existing username in the external db        | `invoiceninja`                            |
+| `externalDatabase.password`       | Password for the above username             | `nil`                                     |
+| `externalDatabase.database`       | Name of the existing database               | `invoiceninja`                            |
+| `externalDatabase.port`           | Database port number                        | `3306`                                    |
+| `externalDatabase.existingSecret` | Name of the database existing Secret Object | `nil`                                     |
+
+> See [Dependencies](#dependencies) for more.
+
+### Other parameters
+
+| Parameter                  | Description                              | Default |
+| -------------------------- | ---------------------------------------- | ------- |
+| `autoscaling.enabled`      | Enable autoscaling for Invoice Ninja     | `false` |
+| `autoscaling.minReplicas`  | Minimum number of Invoice Ninja replicas | `1`     |
+| `autoscaling.maxReplicas`  | Maximum number of Invoice Ninja replicas | `11`    |
+| `autoscaling.targetCPU`    | Target CPU utilization percentage        | `nil`   |
+| `autoscaling.targetMemory` | Target Memory utilization percentage     | `nil`   |
+
+## Installing with Arguments
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+
+```bash
+helm install invoiceninja \
+  --set appKey=changeit \
+  --set replicaCount=3 \
+  --set persistence.public.accessModes[0]=ReadWriteMany
+  --set redis.auth.password=changeit \
+  --set redis.sentinel.quorum=2 \
+  --set redis.replica.replicaCount=3 \
+  --set mariadb.auth.rootPassword=changeit \
+  --set mariadb.auth.password=changeit \
+  invoiceninja/invoiceninja
+```
+
+The above command sets the number of replicas to 3 for a highly available (HA) setup and uses a `ReadWriteMany` volume. Note that you would need to use an external DB such as MariaDB Galera for a full HA production setup. For a production environment, it is recommended that you spin up the required databases in a separate Helm Chart to decouple the upgrading process.
+
+Alternatively, a YAML file that specifies the values for the parameters can be provided while [installing](https://helm.sh/docs/helm/helm_install/) the chart. For example,
+
+```yaml
+# values.yaml
+appKey: changeit
+persistence:
+  public:
+    accessModes:
+      - ReadWriteMany
+redis:
+  auth:
+    password: changeit
+mariadb:
+  auth:
+    rootPassword: changeit
+    password: changeit
+```
+
+```bash
+helm install invoiceninja -f values.yaml invoiceninja/invoiceninja
+```
+
+## Setting Environment Variables
+
+Should you need to inject any environment variables such as those in [here](https://github.com/invoiceninja/dockerfiles/blob/master/env) into the `invoiceninja` container, you can use the `extraEnvVars` option:
+
+```yaml
+# ... values.yaml file
+# In this example, we are setting the SMTP MAIL_HOST to be 'smtp.mailtrap.io'
+extraEnvVars:
+  - name: MAIL_HOST
+    value: 'smtp.mailtrap.io' # all values must be strings, so other types must be surrounded in quotes
+```
+
+Alternatively you can provide the name of an existing `configmap` or `secret` object:
+
+```bash
+kubectl create configmap examplemap --from-literal=MAIL_HOST='smtp.mailtrap.io'
+```
+
+```yaml
+# ... values.yaml file
+extraEnvVarsCM: examplemap
+```
+
+## Inline webserver vs Nginx sub-chart
+
+Since there are many people without access to a `ReadWriteMany` volume, the inline Nginx web server will allow you to use a `ReadWriteOnce` public volume limited to 1 IN replica.
+
+If you have the ability to use `ReadWriteMany` persistent volume, you can choose between the two by setting the `nginx.enabled` parameter. Setting `nginx.enabled` to true will enable the Nginx sub-chart and will provide you with some additional features, such as:
+
+- independent scaling of Nginx and IN pods
+- separate resource limits/requests
+- other features available from the sub-chart
+
+## Upgrading
+
+### To 0.10.0
+
+The following chart dependencies have been upgraded.
+- MariaDB 
+- Redis
+- Nginx
+- Bitnami common
+
+Please take note that this upgrade MariaDB from 10.5 to 10.6. Please backup your database before proceeding.
+
+### To 0.8.0
+
+To improve the accessibility of this chart to regular users. Some of the defaults have been changed. This include:
+
+- `persistence.public.accessModes` now defaults to `ReadWriteOnce`.
+- `nginx.enabled` now defaults to false.
+- `redis.replica.replicaCount` and `redis.sentinel.quorum` now defaults to `1`.
+
+Other changes:
+
+- `snappdf` parameter has been replaced by `pdfGenerator`.
+
+### To 0.7.0
+
+- Redis chart dependency has been upgraded and may not be backwards compatible with previous versions. See [here](https://github.com/bitnami/charts/tree/master/bitnami/redis) for more info.
+- Storage persitence defaults to `false`. Set to `true` if not using Redis or using FILE driver
--- a/charts/invoiceninja/templates/NOTES.txt
+++ b/charts/invoiceninja/templates/NOTES.txt
@@ -0,0 +1,34 @@
+
+** Please be patient while the chart is being deployed **
+
+Your controller can be accessed through the following DNS name from within your cluster:
+
+    http://{{ include "invoiceninja.nginx.fullname" . }}.{{ .Release.Namespace }}.svc
+
+To access your controller from outside the cluster follow the steps below:
+
+{{- if or .Values.nginx.ingress.enabled }}
+
+Externally through the following DNS name:
+
+    http://{{ .Values.nginx.ingress.hostname }}
+
+-- OR --
+{{ end }}
+
+{{- if contains "NodePort" .Values.nginx.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "invoiceninja.nginx.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.nginx.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "invoiceninja.nginx.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "invoiceninja.nginx.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.nginx.service.type }}
+  export SVC_NAME=$(kubectl get svc --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name=nginx,app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export SVC_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} $SVC_NAME -o jsonpath="{.spec.ports[0].port}")
+  echo "Add the line '127.0.0.1 {{ .Values.nginx.ingress.hostname }}' to your hosts file"
+  echo "Visit http://{{ .Values.nginx.ingress.hostname }} to use your application"
+  kubectl -n {{ .Release.Namespace }} port-forward svc/$SVC_NAME 80:$SVC_PORT
+{{- end }}
--- a/charts/invoiceninja/templates/_helpers.tpl
+++ b/charts/invoiceninja/templates/_helpers.tpl
@@ -0,0 +1,309 @@
+{{/*
+Return the proper image name
+*/}}
+{{- define "invoiceninja.image" -}}
+{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper image name
+*/}}
+{{- define "invoiceninja.nginx.image" -}}
+{{- include "common.images.image" (dict "imageRoot" .Values.http.image "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper Docker Image Registry Secret Names
+*/}}
+{{- define "invoiceninja.imagePullSecrets" -}}
+{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.http.image .Values.volumePermissions.image) "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper image name (for the init container volume-permissions image)
+*/}}
+{{- define "invoiceninja.volumePermissions.image" -}}
+{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "invoiceninja.mariadb.fullname" -}}
+{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "invoiceninja.nginx.fullname" -}}
+{{- printf "%s-%s" .Release.Name "nginx" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "invoiceninja.redis.fullname" -}}
+{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "invoiceninja.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "common.names.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Invoice Ninja Secret Name
+*/}}
+{{- define "invoiceninja.secretName" -}}
+{{- default (include "common.names.fullname" .) .Values.existingSecret }}
+{{- end -}}
+
+{{/*
+Return the proper Storage Class
+*/}}
+{{- define "invoiceninja.public.storageClass" -}}
+{{- include "common.storage.class" (dict "persistence" .Values.persistence.public "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper Storage Class
+*/}}
+{{- define "invoiceninja.storage.storageClass" -}}
+{{- include "common.storage.class" (dict "persistence" .Values.persistence.storage "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper Storage Name
+*/}}
+{{- define "invoiceninja.public.storageName" -}}
+{{- printf "%s-%s" .Release.Name "public" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Return the proper Storage Name
+*/}}
+{{- define "invoiceninja.storage.storageName" -}}
+{{- printf "%s-%s" .Release.Name "storage" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Return the proper app URL
+*/}}
+{{- define "invoiceninja.url" -}}
+    {{- if .Values.appURL }}
+        {{- printf "%s" .Values.appURL -}}
+    {{- else if .Values.nginx.ingress.enabled }}
+        {{- if .Values.nginx.ingress.tls }}
+            {{- printf "https://%s" .Values.nginx.ingress.hostname -}}
+        {{- else }}
+            {{- printf "http://%s" .Values.nginx.ingress.hostname -}}
+        {{- end }}
+    {{- else if .Values.ingress.enabled }}
+        {{- if .Values.ingress.tls }}
+            {{- printf "https://%s" .Values.ingress.hostname -}}
+        {{- else }}
+            {{- printf "http://%s" .Values.ingress.hostname -}}
+        {{- end }}
+    {{- else }}
+        {{- printf "http://%s" (include "common.names.fullname" .) -}}
+    {{- end }}
+{{- end -}}
+
+{{/*
+Return the MariaDB Hostname
+*/}}
+{{- define "invoiceninja.databaseHost" -}}
+{{- if .Values.mariadb.enabled }}
+    {{- if eq .Values.mariadb.architecture "replication" }}
+        {{- printf "%s-%s" (include "invoiceninja.mariadb.fullname" .) "primary" | trunc 63 | trimSuffix "-" -}}
+    {{- else -}}
+        {{- printf "%s" (include "invoiceninja.mariadb.fullname" .) -}}
+    {{- end -}}
+{{- else -}}
+    {{- printf "%s" .Values.externalDatabase.host -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the MariaDB Port
+*/}}
+{{- define "invoiceninja.databasePort" -}}
+{{- if .Values.mariadb.enabled }}
+    {{- printf "3306" -}}
+{{- else -}}
+    {{- printf "%d" (.Values.externalDatabase.port | int ) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the MariaDB Database Name
+*/}}
+{{- define "invoiceninja.databaseName" -}}
+{{- if .Values.mariadb.enabled }}
+    {{- printf "%s" .Values.mariadb.auth.database -}}
+{{- else -}}
+    {{- printf "%s" .Values.externalDatabase.database -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the MariaDB User
+*/}}
+{{- define "invoiceninja.databaseUser" -}}
+{{- if .Values.mariadb.enabled }}
+    {{- printf "%s" .Values.mariadb.auth.username -}}
+{{- else -}}
+    {{- printf "%s" .Values.externalDatabase.user -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the MariaDB Secret Name
+*/}}
+{{- define "invoiceninja.databaseSecretName" -}}
+{{- if .Values.externalDatabase.existingSecret -}}
+    {{- printf "%s" .Values.externalDatabase.existingSecret -}}
+{{- else -}}
+    {{- if .Values.mariadb.auth.existingSecret -}}
+        {{- printf "%s" .Values.mariadb.auth.existingSecret -}}
+    {{- else -}}
+        {{- printf "%s" (include "invoiceninja.mariadb.fullname" .) -}}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Redis Hostname
+*/}}
+{{- define "invoiceninja.redisHost" -}}
+{{- if .Values.redis.enabled }}
+    {{- if .Values.redis.sentinel.enabled }}
+    {{- printf "%s-%s" (include "invoiceninja.redis.fullname" .) "headless" | trunc 63 | trimSuffix "-" -}}
+    {{- else }}
+    {{- printf "%s-%s" (include "invoiceninja.redis.fullname" .) "master" | trunc 63 | trimSuffix "-" -}}
+    {{- end -}}
+{{- else -}}
+    {{- printf "%s" .Values.externalRedis.host -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Redis Port
+*/}}
+{{- define "invoiceninja.redisPort" -}}
+{{- if .Values.redis.enabled }}
+    {{- if .Values.redis.sentinel.enabled }}
+    {{- printf "26379" -}}
+    {{- else }}
+    {{- printf "6379" -}}
+    {{- end -}}
+{{- else -}}
+    {{- printf "%d" (.Values.externalRedis.port | int ) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Redis Database
+*/}}
+{{- define "invoiceninja.redisDatabase" -}}
+{{- if .Values.redis.enabled }}
+    {{- printf "0" -}}
+{{- else -}}
+    {{- printf "%s" .Values.externalRedis.databases.default -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Redis Database
+*/}}
+{{- define "invoiceninja.redisCacheDatabase" -}}
+{{- if .Values.redis.enabled }}
+    {{- printf "1" -}}
+{{- else -}}
+    {{- printf "%s" .Values.externalRedis.databases.cache -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Redis Secret Name
+*/}}
+{{- define "invoiceninja.redisSecretName" -}}
+{{- if .Values.externalRedis.existingSecret -}}
+    {{- printf "%s" .Values.externalRedis.existingSecret -}}
+{{- else -}}
+    {{- if .Values.redis.auth.existingSecret -}}
+        {{- printf "%s" .Values.redis.auth.existingSecret -}}
+    {{- else -}}
+        {{- printf "%s" (include "invoiceninja.redis.fullname" .) -}}
+    {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Broadcast Connection Name
+*/}}
+{{- define "invoiceninja.redisBroadcastConnection" -}}
+{{- if or (and .Values.redis.enabled .Values.redis.sentinel.enabled) (and .Values.externalRedis.host .Values.externalRedis.sentinel) }}
+    {{- printf "sentinel-default" -}}
+{{- else -}}
+    {{- printf "default" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Cache Connection Name
+*/}}
+{{- define "invoiceninja.redisCacheConnection" -}}
+{{- if or (and .Values.redis.enabled .Values.redis.sentinel.enabled) (and .Values.externalRedis.host .Values.externalRedis.sentinel) }}
+    {{- printf "sentinel-cache" -}}
+{{- else -}}
+    {{- printf "cache" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Queue Connection Name
+*/}}
+{{- define "invoiceninja.redisQueueConnection" -}}
+{{- if or (and .Values.redis.enabled .Values.redis.sentinel.enabled) (and .Values.externalRedis.host .Values.externalRedis.sentinel) }}
+    {{- printf "sentinel-default" -}}
+{{- else -}}
+    {{- printf "default" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Session Connection Name
+*/}}
+{{- define "invoiceninja.redisSessionConnection" -}}
+{{- if or (and .Values.redis.enabled .Values.redis.sentinel.enabled) (and .Values.externalRedis.host .Values.externalRedis.sentinel) }}
+    {{- printf "sentinel-default" -}}
+{{- else -}}
+    {{- printf "default" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Server block configmap name for nignx.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "invoiceninja.nginx.serverBlockName" -}}
+{{- printf "%s-%s" .Release.Name "server-block" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Name of web service for inline web server.
+*/}}
+{{- define "invoiceninja.http.serviceName" -}}
+{{- printf "%s-%s" .Release.Name "web" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
--- a/charts/invoiceninja/templates/configmap.yaml
+++ b/charts/invoiceninja/templates/configmap.yaml
@@ -0,0 +1,59 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations:
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+data:
+  APP_URL: {{ include "invoiceninja.url" . | quote }}
+  APP_DEBUG: {{ .Values.debug | quote }}
+  DB_HOST: {{ include "invoiceninja.databaseHost" . | quote }}
+  DB_PORT: {{ include "invoiceninja.databasePort" . | quote }}
+  DB_USERNAME: {{ include "invoiceninja.databaseUser" . | quote }}
+  DB_DATABASE: {{ include "invoiceninja.databaseName" . | quote }}
+  {{- if .Values.logChannel }}
+  LOG_CHANNEL: {{ .Values.logChannel | quote }}
+  {{- else }}
+  LOG_CHANNEL: stderr
+  {{- end }}
+  MAIL_MAILER: {{ .Values.mailer | quote }}
+  {{- if .Values.broadcastDriver }}
+  BROADCAST_DRIVER: {{ .Values.broadcastDriver | quote }}
+  {{- else if or .Values.redis.enabled .Values.externalRedis.host }}
+  BROADCAST_DRIVER: redis
+  {{- end }}
+  {{- if .Values.cacheDriver }}
+  CACHE_DRIVER: {{ .Values.cacheDriver | quote }}
+  {{- else if or .Values.redis.enabled .Values.externalRedis.host }}
+  CACHE_DRIVER: redis
+  {{- end }}
+  {{- if .Values.sessionDriver }}
+  SESSION_DRIVER: {{ .Values.sessionDriver | quote }}
+  {{- else if or .Values.redis.enabled .Values.externalRedis.host }}
+  SESSION_DRIVER: redis
+  {{- end }}
+  {{- if .Values.queueConnection }}
+  QUEUE_CONNECTION: {{ .Values.queueConnection | quote }}
+  {{- else if or .Values.redis.enabled .Values.externalRedis.host }}
+  QUEUE_CONNECTION: redis
+  {{- end }}
+  # PHANTOMJS_PDF_GENERATION is deprecated
+  PHANTOMJS_PDF_GENERATION: "false"
+  PDF_GENERATOR: {{ .Values.pdfGenerator | quote}}
+  REDIS_HOST: {{ include "invoiceninja.redisHost" . | quote }}
+  REDIS_PORT: {{ include "invoiceninja.redisPort" . | quote }}
+  REDIS_DB: {{ include "invoiceninja.redisDatabase" . | quote }}
+  REDIS_CACHE_DB: {{ include "invoiceninja.redisCacheDatabase" . | quote }}
+  REDIS_BROADCAST_CONNECTION: {{ include "invoiceninja.redisBroadcastConnection" . | quote }}
+  REDIS_CACHE_CONNECTION: {{ include "invoiceninja.redisCacheConnection" . | quote }}
+  REDIS_QUEUE_CONNECTION: {{ include "invoiceninja.redisQueueConnection" . | quote }}
+  SESSION_CONNECTION: {{ include "invoiceninja.redisSessionConnection" . | quote }}
+  REQUIRE_HTTPS: {{ .Values.requireHttps | quote }}
+  TRUSTED_PROXIES: {{ .Values.trustedProxies | quote }}
--- a/charts/invoiceninja/templates/deployment.yaml
+++ b/charts/invoiceninja/templates/deployment.yaml
@@ -0,0 +1,274 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    app.kubernetes.io/component: server
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations:
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if not .Values.autoscaling.enabled }}
+  replicas: {{ .Values.replicaCount }}
+  {{- end }}
+  {{- if .Values.updateStrategy }}
+  strategy: {{- toYaml .Values.updateStrategy | nindent 4 }}
+  {{- end }}
+  selector:
+    matchLabels:
+      {{- include "common.labels.matchLabels" $ | nindent 6 }}
+      app.kubernetes.io/component: server
+  template:
+    metadata:
+      {{- if .Values.podAnnotations }}
+      annotations:
+        {{- include "common.tplvalues.render" (dict "value" .Values.podAnnotations "context" $) | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "common.labels.standard" $ | nindent 8 }}
+        app.kubernetes.io/component: server
+        {{- if .Values.podLabels }}
+        {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }}
+        {{- end }}
+    spec:
+      {{- include "invoiceninja.imagePullSecrets" . | nindent 6 }}
+      serviceAccountName: {{ include "invoiceninja.serviceAccountName" . }}
+      {{- if .Values.affinity }}
+      affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }}
+      {{- else }}
+      affinity:
+        podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }}
+        podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }}
+        nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }}
+      {{- end }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
+      {{- end }}
+      {{- if .Values.tolerations }}
+      tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }}
+      {{- end }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      initContainers:
+        - name: wait-db
+          image: {{ include "invoiceninja.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command:
+            - /bin/sh
+            - -cx
+            - |
+              COUNTER=0;
+              [[ -z "${DB_HOST1}" ]] || DB_HOST="${DB_HOST1}";
+              [[ -z "${DB_PORT1}" ]] || DB_PORT="${DB_PORT1}";
+              while [ $COUNTER -lt 120 ]; do
+                if mysqladmin ping -h "$DB_HOST" -P $DB_PORT --connect-timeout=15 --silent; then
+                  exit 0;
+                fi;
+                let COUNTER=COUNTER+1;
+                echo "Waiting for DB... Trying again in 2s";
+                sleep 2;
+              done;
+              echo "Did NOT see a database after 240 secs!";
+              exit 1;
+          securityContext:
+            {{- toYaml .Values.containerSecurityContext | nindent 12 }}
+          {{- if .Values.resources }}
+          resources: {{- toYaml .Values.resources | nindent 12 }}
+          {{- end }}
+          envFrom:
+            - configMapRef:
+                name: {{ include "common.names.fullname" . }}
+            {{- if .Values.extraEnvVarsCM }}
+            - configMapRef:
+                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
+            {{- end }}
+            {{- if .Values.extraEnvVarsSecret }}
+            - secretRef:
+                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
+            {{- end }}
+          env:
+            {{- if .Values.extraEnvVars }}
+              {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
+            {{- end }}
+        {{- if and .Values.podSecurityContext .Values.volumePermissions.enabled (or .Values.persistence.public.enabled .Values.persistence.storage.enabled) }}
+        - name: volume-permissions
+          image: {{ include "invoiceninja.volumePermissions.image" . }}
+          imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
+          command:
+            - /bin/bash
+            - -ec
+            - |
+              chown -R {{ .Values.containerSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} /var/www/app/{public,storage}
+          securityContext:
+            runAsUser: 0
+          {{- if .Values.volumePermissions.resources }}
+          resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - mountPath: /var/www/app/public
+              name: public
+            - mountPath: /var/www/app/storage
+              name: storage
+        {{- end }}
+        {{- if .Values.initContainers }}
+          {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
+        {{- end }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.containerSecurityContext | nindent 12 }}
+          image: {{ include "invoiceninja.image" . }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: fastcgi
+              containerPort: {{ .Values.containerPorts.fastcgi }}
+              protocol: TCP
+          {{- if .Values.livenessProbe.enabled }}
+          livenessProbe:
+            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+            timeoutSeconds: {{ $.Values.livenessProbe.timeoutSeconds }}
+            successThreshold: {{ $.Values.livenessProbe.successThreshold }}
+            failureThreshold: {{ $.Values.livenessProbe.failureThreshold }}
+            exec:
+              command:
+              - pgrep
+              - php-fpm
+          {{- end }}
+          {{- if .Values.readinessProbe.enabled }}
+          readinessProbe:
+            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+            timeoutSeconds: {{ $.Values.readinessProbe.timeoutSeconds }}
+            successThreshold: {{ $.Values.readinessProbe.successThreshold }}
+            failureThreshold: {{ $.Values.readinessProbe.failureThreshold }}
+            tcpSocket:
+              port: {{ .Values.readinessProbe.port }}
+          {{- end }}
+          envFrom:
+            - configMapRef:
+                name: {{ include "common.names.fullname" . }}
+            - secretRef:
+                name: {{ include "invoiceninja.secretName" . }}
+            {{- if .Values.extraEnvVarsCM }}
+            - configMapRef:
+                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
+            {{- end }}
+            {{- if .Values.extraEnvVarsSecret }}
+            - secretRef:
+                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
+            {{- end }}
+          env:
+            - name: DB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "invoiceninja.databaseSecretName" . }}
+                  key: mariadb-password
+            {{- if or (and .Values.redis.enabled .Values.redis.auth.enabled) (or .Values.externalRedis.password .Values.externalRedis.existingSecret) }}
+            - name: REDIS_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "invoiceninja.redisSecretName" . }}
+                  key: redis-password
+            {{- end }}
+            {{- if .Values.userEmail }}
+            - name: IN_USER_EMAIL
+              value: {{ .Values.userEmail | quote }}
+            {{- end }}
+            {{- if .Values.extraEnvVars }}
+              {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
+            {{- end }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          volumeMounts:
+            - mountPath: /var/www/app/public
+              name: public
+            - mountPath: /var/www/app/storage
+              name: storage
+            {{- if .Values.extraVolumeMounts }}
+              {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
+            {{- end }}
+        {{- if not .Values.nginx.enabled }}
+        - name: nginx
+          securityContext:
+            {{- toYaml .Values.containerSecurityContext | nindent 12 }}
+          image: {{ include "invoiceninja.nginx.image" . }}
+          imagePullPolicy: {{ .Values.http.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: {{ .Values.http.containerPorts.http }}
+            - name: https
+              containerPort: {{ .Values.http.containerPorts.https }}
+          {{- if .Values.http.livenessProbe.enabled }}
+          livenessProbe:
+            initialDelaySeconds: {{ .Values.http.livenessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.http.livenessProbe.periodSeconds }}
+            timeoutSeconds: {{ $.Values.http.livenessProbe.timeoutSeconds }}
+            successThreshold: {{ $.Values.http.livenessProbe.successThreshold }}
+            failureThreshold: {{ $.Values.http.livenessProbe.failureThreshold }}
+            tcpSocket:
+              port: http
+          {{- end }}
+          {{- if .Values.http.readinessProbe.enabled }}
+          readinessProbe:
+            initialDelaySeconds: {{ .Values.http.readinessProbe.initialDelaySeconds }}
+            periodSeconds: {{ .Values.http.readinessProbe.periodSeconds }}
+            timeoutSeconds: {{ $.Values.http.readinessProbe.timeoutSeconds }}
+            successThreshold: {{ $.Values.http.readinessProbe.successThreshold }}
+            failureThreshold: {{ $.Values.http.readinessProbe.failureThreshold }}
+            tcpSocket:
+              port: http
+          {{- end }}
+          envFrom:
+            {{- if .Values.http.extraEnvVarsCM }}
+            - configMapRef:
+                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }}
+            {{- end }}
+            {{- if .Values.http.extraEnvVarsSecret }}
+            - secretRef:
+                name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }}
+            {{- end }}
+          env:
+            {{- if .Values.http.extraEnvVars }}
+              {{- include "common.tplvalues.render" (dict "value" .Values.extraEnvVars "context" $) | nindent 12 }}
+            {{- end }}
+          resources:
+            {{- toYaml .Values.http.resources | nindent 12 }}
+          volumeMounts:
+            - mountPath: /opt/bitnami/nginx/conf/server_blocks
+              name: nginx-server-block
+            - mountPath: /app
+              name: public
+            {{- if .Values.http.extraVolumeMounts }}
+              {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }}
+            {{- end }}
+        {{- end }}
+      volumes:
+        - name: public
+          {{- if .Values.persistence.public.enabled }}
+          persistentVolumeClaim:
+            claimName: {{ .Values.persistence.public.existingClaim | default (include "invoiceninja.public.storageName" .) }}
+          {{- else }}
+          emptyDir: {}
+          {{ end }}
+        - name: storage
+          {{- if .Values.persistence.storage.enabled }}
+          persistentVolumeClaim:
+            claimName: {{ .Values.persistence.storage.existingClaim | default (include "invoiceninja.storage.storageName" .) }}
+          {{- else }}
+          emptyDir: {}
+          {{ end }}
+        {{- if not .Values.nginx.enabled }}
+        - name: nginx-server-block
+          configMap:
+            defaultMode: 420
+            name: {{ include "invoiceninja.nginx.serverBlockName" . }}
+        {{- end }}
+        {{- if .Values.extraVolumes }}
+          {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }}
+        {{- end }}
--- a/charts/invoiceninja/templates/hpa.yaml
+++ b/charts/invoiceninja/templates/hpa.yaml
@@ -0,0 +1,35 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations:
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ include "common.names.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  metrics:
+    {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: cpu
+        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+    {{- end }}
+    {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    - type: Resource
+      resource:
+        name: memory
+        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+    {{- end }}
+{{- end }}
--- a/charts/invoiceninja/templates/ingress.yaml
+++ b/charts/invoiceninja/templates/ingress.yaml
@@ -0,0 +1,63 @@
+{{- if and ( not .Values.nginx.enabled ) .Values.ingress.enabled }}
+apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
+kind: Ingress
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  namespace: {{ .Release.Namespace | quote }}
+  labels: {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  annotations:
+    {{- if .Values.ingress.certManager }}
+    kubernetes.io/tls-acme: "true"
+    {{- end }}
+    {{- if .Values.ingress.annotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $ ) | nindent 4 }}
+    {{- end }}
+    {{- if .Values.commonAnnotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+    {{- end }}
+spec:
+  {{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }}
+  ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
+  {{- end }}
+  rules:
+    {{- if .Values.ingress.hostname }}
+    - host: {{ .Values.ingress.hostname | quote }}
+      http:
+        paths:
+          {{- if .Values.ingress.extraPaths }}
+          {{- toYaml .Values.ingress.extraPaths | nindent 10 }}
+          {{- end }}
+          - path: {{ .Values.ingress.path }}
+            {{- if eq "true" (include "common.ingress.supportsPathType" .) }}
+            pathType: {{ .Values.ingress.pathType }}
+            {{- end }}
+            backend: {{- include "common.ingress.backend" ( dict "serviceName" (include "invoiceninja.http.serviceName" .) "servicePort" "http" "context" $ )  | nindent 14 }}
+    {{- end }}
+    {{- range .Values.ingress.extraHosts }}
+    - host: {{ .name | quote }}
+      http:
+        paths:
+          - path: {{ default "/" .path }}
+            {{- if eq "true" (include "common.ingress.supportsPathType" $) }}
+            pathType: {{ default "ImplementationSpecific" .pathType }}
+            {{- end }}
+            backend: {{- include "common.ingress.backend" ( dict "serviceName" (include "invoiceninja.http.serviceName" $) "servicePort" "http" "context" $ ) | nindent 14 }}
+    {{- end }}
+  {{- if or .Values.ingress.tls .Values.ingress.extraTls }}
+  tls:
+    {{- if .Values.ingress.tls }}
+    - hosts:
+        - {{ .Values.ingress.hostname | quote }}
+        {{- range .Values.ingress.extraHosts }}
+        - {{ .name | quote }}
+        {{- end }}
+      secretName: {{ printf "%s-tls" .Values.ingress.hostname }}
+    {{- end }}
+    {{- if .Values.ingress.extraTls }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.ingress.extraTls "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
--- a/charts/invoiceninja/templates/pvc.yaml
+++ b/charts/invoiceninja/templates/pvc.yaml
@@ -0,0 +1,64 @@
+{{- if and .Values.persistence.public.enabled (not .Values.persistence.public.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "invoiceninja.public.storageName" . }}
+  labels: 
+    {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: 
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+  {{- if not (empty .Values.persistence.public.accessModes) }}
+  {{- range .Values.persistence.public.accessModes }}
+    - {{ . | quote }}
+  {{- end }}
+  {{- else }}
+    - {{ .Values.persistence.public.accessMode | quote }}
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.public.size | quote }}
+  {{- include "invoiceninja.public.storageClass" . | nindent 2 }}
+  {{- if .Values.persistence.public.dataSource }}
+  dataSource: {{- include "common.tplvalues.render" ( dict "value" .Values.persistence.public.dataSource "context" $ ) | nindent 4 }}
+  {{- end }}
+{{- end }}
+
+---
+{{- if and .Values.persistence.storage.enabled (not .Values.persistence.storage.existingClaim) }}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "invoiceninja.storage.storageName" . }}
+  labels: 
+    {{- include "common.labels.standard" . | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: 
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+  {{- if not (empty .Values.persistence.storage.accessModes) }}
+  {{- range .Values.persistence.storage.accessModes }}
+    - {{ . | quote }}
+  {{- end }}
+  {{- else }}
+    - {{ .Values.persistence.storage.accessMode | quote }}
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.storage.size | quote }}
+  {{- include "invoiceninja.storage.storageClass" . | nindent 2 }}
+  {{- if .Values.persistence.storage.dataSource }}
+  dataSource: {{- include "common.tplvalues.render" ( dict "value" .Values.persistence.storage.dataSource "context" $ ) | nindent 4 }}
+  {{- end }}
+{{- end }}
--- a/charts/invoiceninja/templates/secret.yaml
+++ b/charts/invoiceninja/templates/secret.yaml
@@ -0,0 +1,65 @@
+{{- if not (or .Values.mariadb.enabled .Values.externalDatabase.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "invoiceninja.mariadb.fullname" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: 
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+type: Opaque
+data:
+  mariadb-password: {{ .Values.externalDatabase.password | b64enc | quote }}
+{{- end }}
+
+---
+{{- if not (or .Values.redis.enabled .Values.externalDatabase.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "invoiceninja.redis.fullname" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: 
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+type: Opaque
+data:
+  redis-password: {{ .Values.externalRedis.password | b64enc | quote }}
+{{- end }}
+
+---
+{{- if not .Values.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations: 
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+type: Opaque
+data:
+  {{- if not (empty .Values.appKey) }}
+  APP_KEY: {{ .Values.appKey | b64enc | quote }}
+  {{- else }}
+  APP_KEY: {{ randAlphaNum 32 | b64enc | quote }}
+  {{- end }}
+  {{- if .Values.userPassword }}
+  IN_PASSWORD: {{ .Values.userPassword | b64enc | quote }}
+  {{- end }}
+{{- end }}
--- a/charts/invoiceninja/templates/serverblock.yaml
+++ b/charts/invoiceninja/templates/serverblock.yaml
@@ -0,0 +1,40 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "invoiceninja.nginx.serverBlockName" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if .Values.commonAnnotations }}
+  annotations:
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+  {{- end }}
+data:
+  server-block.conf: |-
+    server {
+        listen 8080 default_server;
+        listen [::]:8080 default_server;
+        server_name _;
+
+        root /app;
+        index index.php;
+
+        location / {
+            try_files $uri $uri/ /index.php?$query_string;
+        }
+
+        location = /favicon.ico { access_log off; log_not_found off; }
+        location = /robots.txt  { access_log off; log_not_found off; }
+
+        location ~ \.php$ {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            fastcgi_pass {{ include "common.names.fullname" . }}:9000;
+            fastcgi_index index.php;
+            include fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME /var/www/app/public$fastcgi_script_name;
+            fastcgi_buffer_size 16k;
+            fastcgi_buffers 4 16k;
+        }
+    }
--- a/charts/invoiceninja/templates/service.yaml
+++ b/charts/invoiceninja/templates/service.yaml
@@ -0,0 +1,47 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.service.annotations .Values.commonAnnotations }}
+  annotations:
+    {{- if .Values.service.annotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.service.annotations "context" $ ) | nindent 4 }}
+    {{- end }}
+    {{- if .Values.commonAnnotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }}
+  clusterIP: {{ .Values.service.clusterIP }}
+  {{- end }}
+  {{- if (or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort")) }}
+  externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{- if (and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges) }}
+  loadBalancerSourceRanges: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- if (and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP))) }}
+  loadBalancerIP: {{ .Values.service.loadBalancerIP }}
+  {{- end }}
+  ports:
+    {{- if not (empty .Values.service.port) }}
+    - name: fastcgi
+      port:  {{ .Values.service.port }}
+      protocol: TCP
+      targetPort: fastcgi
+      {{- if (and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePort))) }}
+      nodePort: {{ .Values.service.nodePort }}
+      {{- else if eq .Values.service.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- end }}
+  selector:
+    {{- include "common.labels.matchLabels" . | nindent 4 }}
+    app.kubernetes.io/component: server
--- a/charts/invoiceninja/templates/serviceaccount.yaml
+++ b/charts/invoiceninja/templates/serviceaccount.yaml
@@ -0,0 +1,20 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "invoiceninja.serviceAccountName" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }}
+  annotations:
+    {{- if .Values.serviceAccount.annotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.serviceAccount.annotations "context" $ ) | nindent 4 }}
+    {{- end }}
+    {{- if .Values.commonAnnotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- end }}
+{{- end }}
--- a/charts/invoiceninja/templates/webservice.yaml
+++ b/charts/invoiceninja/templates/webservice.yaml
@@ -0,0 +1,60 @@
+{{- if not .Values.nginx.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "invoiceninja.http.serviceName" . }}
+  labels:
+    {{- include "common.labels.standard" $ | nindent 4 }}
+    {{- if .Values.commonLabels }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- if or .Values.service.http.annotations .Values.commonAnnotations }}
+  annotations:
+    {{- if .Values.service.http.annotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.service.http.annotations "context" $ ) | nindent 4 }}
+    {{- end }}
+    {{- if .Values.commonAnnotations }}
+    {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+    {{- end }}
+  {{- end }}
+spec:
+  type: {{ .Values.service.http.type }}
+  {{- if and .Values.service.http.clusterIP (eq .Values.service.http.type "ClusterIP") }}
+  clusterIP: {{ .Values.service.http.clusterIP }}
+  {{- end }}
+  {{- if (or (eq .Values.service.http.type "LoadBalancer") (eq .Values.service.http.type "NodePort")) }}
+  externalTrafficPolicy: {{ .Values.service.http.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{- if (and (eq .Values.service.http.type "LoadBalancer") .Values.service.http.loadBalancerSourceRanges) }}
+  loadBalancerSourceRanges: {{- toYaml . | nindent 4 }}
+  {{- end }}
+  {{- if (and (eq .Values.service.http.type "LoadBalancer") (not (empty .Values.service.http.loadBalancerIP))) }}
+  loadBalancerIP: {{ .Values.service.http.loadBalancerIP }}
+  {{- end }}
+  ports:
+    {{- if not (empty .Values.service.http.ports.http) }}
+    - name: http
+      port:  {{ .Values.service.http.ports.http }}
+      protocol: TCP
+      targetPort: http
+      {{- if (and (or (eq .Values.service.http.type "NodePort") (eq .Values.service.http.type "LoadBalancer")) (not (empty .Values.service.http.nodePorts.http))) }}
+      nodePort: {{ .Values.service.http.nodePorts.http }}
+      {{- else if eq .Values.service.http.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- end }}
+    {{- if not (empty .Values.service.http.ports.https) }}
+    - name: https
+      port:  {{ .Values.service.http.ports.https }}
+      protocol: TCP
+      targetPort: https
+      {{- if (and (or (eq .Values.service.http.type "NodePort") (eq .Values.service.http.type "LoadBalancer")) (not (empty .Values.service.http.nodePorts.https))) }}
+      nodePort: {{ .Values.service.http.nodePorts.https }}
+      {{- else if eq .Values.service.http.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- end }}
+  selector:
+    {{- include "common.labels.matchLabels" . | nindent 4 }}
+    app.kubernetes.io/component: server
+{{- end }}
--- a/charts/invoiceninja/values.yaml
+++ b/charts/invoiceninja/values.yaml
@@ -0,0 +1,692 @@
+# Default values for invoiceninja.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+## Global Docker image parameters
+## Please, note that this will override the image parameters, including dependencies, configured to use the global value
+## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
+##
+# global:
+#   imageRegistry: myRegistryName
+#   imagePullSecrets:
+#     - myRegistryKeySecretName
+#   storageClass: myStorageClass
+
+## Invoice Ninja image version
+## ref: https://github.com/invoiceninja/dockerfiles
+##
+image:
+  registry: docker.io
+  repository: invoiceninja/invoiceninja
+  tag: 5.5.49
+  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
+  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
+  ##
+  pullPolicy: IfNotPresent
+  ## Optionally specify an array of imagePullSecrets.
+  ## Secrets must be manually created in the namespace.
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  ##
+  # pullSecrets:
+  #   - myRegistryKeySecretName
+
+## String to turn on debug mode in Invoice Ninja
+##
+debug: false
+
+## A 32 character long Application Key
+##
+appKey: ""
+
+## Override app URL
+##
+appURL: ""
+
+## Email of user to create first run
+## If not specified, default user email will be "admin@example.com"
+##
+userEmail: ""
+
+## Password of user to create on first run
+## If not specified, default user password will be "changeme!"
+##
+userPassword: ""
+
+## Name of log channel to use
+##
+logChannel: ""
+
+## Name of broadcast driver to use
+##
+broadcastDriver: ""
+
+## Name of cache driver to use
+##
+cacheDriver: ""
+
+## Name of session driver to use
+##
+sessionDriver: ""
+
+## Name of queue connection to use
+##
+queueConnection: ""
+
+## List of trusted proxies for Invoice Ninja to communicate with the nginx proxy
+##
+trustedProxies: "*"
+
+## Use local or Phantom JS PDF generation
+## Options are `snappdf` or `phantom`
+##
+pdfGenerator: snappdf
+
+## Name of queue connection to use (use "log" for debug)
+## Please check the ref below for any other env you may need to define
+## ref: https://github.com/invoiceninja/invoiceninja/blob/v5-stable/config/mail.php
+##
+mailer: log
+
+## Force HTTPS for all connections to Invoice Ninja
+##
+requireHttps: false
+
+## Name of existing secret containing IN credentials
+## NOTE: Must contain key `APP_KEY` and `IN_PASSWORD`
+## NOTE: When it's set, the `appKey` and `userPassword` parameter is ignored
+##
+existingSecret:
+
+## String to partially override fullname template (will maintain the release name)
+##
+# nameOverride:
+
+## String to fully override fullname template
+##
+# fullnameOverride:
+
+## Add labels to all the deployed resources
+##
+commonLabels: {}
+
+## Add annotations to all the deployed resources
+##
+commonAnnotations: {}
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+## Pod Labels
+## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+##
+podLabels: {}
+
+## Pod annotations
+## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+##
+podAnnotations: {}
+
+## Pod affinity preset
+## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+## Allowed values: soft, hard
+##
+podAffinityPreset: ""
+
+## Pod anti-affinity preset
+## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+## Allowed values: soft, hard
+##
+podAntiAffinityPreset: soft
+
+## Node affinity preset
+## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
+## Allowed values: soft, hard
+##
+nodeAffinityPreset:
+  ## Node affinity type
+  ## Allowed values: soft, hard
+  ##
+  type: ""
+  ## Node label key to match
+  ## E.g.
+  ## key: "kubernetes.io/e2e-az-name"
+  ##
+  key: ""
+  ## Node label values to match
+  ## E.g.
+  ## values:
+  ##   - e2e-az1
+  ##   - e2e-az2
+  ##
+  values: []
+
+## Affinity for pod assignment. Evaluated as a template.
+## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set
+##
+affinity: {}
+
+## Node labels for pod assignment. Evaluated as a template.
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## Tolerations for pod assignment. Evaluated as a template.
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+
+## Configure Pods Security Context
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+##
+podSecurityContext:
+  fsGroup: 1500
+
+## Configure Container Security Context (only main container)
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+##
+containerSecurityContext:
+  runAsNonRoot: true
+  runAsUser: 1500
+  # runAsGroup: 1500
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+
+## Init containers parameters:
+## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
+##
+volumePermissions:
+  enabled: false
+  image:
+    registry: docker.io
+    repository: bitnami/bitnami-shell
+    tag: "10"
+    pullPolicy: Always
+    ## Optionally specify an array of imagePullSecrets.
+    ## Secrets must be manually created in the namespace.
+    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+    ##
+    # pullSecrets:
+    #   - myRegistryKeySecretName
+  resources: {}
+
+## Number of replicas (requires ReadWriteMany PVC support)
+##
+replicaCount: 1
+
+## Set up update strategy for Invoice Ninja installation. Set to Recreate if you use persistent volume that cannot be mounted by more than one pods to makesure the pods is destroyed first.
+## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+## Example:
+## updateStrategy:
+##  type: RollingUpdate
+##  rollingUpdate:
+##    maxSurge: 25%
+##    maxUnavailable: 25%
+##
+updateStrategy:
+  type: RollingUpdate
+
+## Container ports
+##
+containerPorts:
+  fastcgi: 9000
+
+## An array to add extra env vars
+## Example:
+## extraEnvVars:
+##   - name: FOO
+##     value: "bar"
+##
+extraEnvVars: []
+
+## ConfigMap with extra environment variables
+##
+extraEnvVarsCM:
+
+## Secret with extra environment variables
+##
+extraEnvVarsSecret:
+
+## Extra volume mounts to add to the container
+##
+extraVolumeMounts: []
+
+## Configure extra options for liveness and readiness probes
+## This applies to all the Invoice Ninja in the cluster
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
+##
+livenessProbe:
+  enabled: true
+  initialDelaySeconds: 120
+  periodSeconds: 10
+  timeoutSeconds: 5
+  failureThreshold: 6
+  successThreshold: 1
+readinessProbe:
+  enabled: true
+  initialDelaySeconds: 15
+  periodSeconds: 10
+  timeoutSeconds: 5
+  failureThreshold: 6
+  successThreshold: 1
+  port: fastcgi
+
+resources:
+  {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+## Inline http server (this is enabled only if nginx sub chart is disabled).
+##
+http:
+  image:
+    registry: docker.io
+    repository: bitnami/nginx
+    tag: 1.22.1-debian-11-r21
+    ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
+    ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
+    ##
+    pullPolicy: IfNotPresent
+    ## Optionally specify an array of imagePullSecrets.
+    ## Secrets must be manually created in the namespace.
+    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+    ##
+    # pullSecrets:
+    #   - myRegistryKeySecretName
+
+  ## Container ports
+  ##
+  containerPorts:
+    http: 8080
+    https: 8443
+
+  ## An array to add extra env vars
+  ## Example:
+  ## extraEnvVars:
+  ##   - name: FOO
+  ##     value: "bar"
+  ##
+  extraEnvVars: []
+
+  ## ConfigMap with extra environment variables
+  ##
+  extraEnvVarsCM:
+
+  ## Secret with extra environment variables
+  ##
+  extraEnvVarsSecret:
+
+  ## Extra volume mounts to add to the container
+  ##
+  extraVolumeMounts: []
+
+  ## Configure extra options for liveness and readiness probes
+  ## This applies to all the web server in the cluster
+  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
+  ##
+  livenessProbe:
+    enabled: true
+    initialDelaySeconds: 10
+    periodSeconds: 10
+    timeoutSeconds: 5
+    failureThreshold: 6
+    successThreshold: 1
+  readinessProbe:
+    enabled: true
+    initialDelaySeconds: 15
+    periodSeconds: 10
+    timeoutSeconds: 5
+    failureThreshold: 6
+    successThreshold: 1
+
+  resources:
+    {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi
+
+## Extra volumes to add to the deployment
+##
+extraVolumes: []
+
+## Kubernetes service type
+## ref: https://kubernetes.io/docs/concepts/services-networking/service/
+## Set this to NodePort, LoadBalancer or ClusterIP
+##
+service:
+  ## Service type
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+  ##
+  type: ClusterIP
+  ## Service ports
+  ##
+  port: 9000
+  ## Specify the nodePort value for the LoadBalancer and NodePort service types.
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+  ##
+  nodePort: ""
+  ## Service clusterIP.
+  ##
+  # clusterIP: None
+  ## Specify the loadBalancerIP value for LoadBalancer service types.
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
+  ##
+  # loadBalancerIP:
+  ## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
+  ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
+  ##
+  loadBalancerSourceRanges: []
+  ## Enable client source IP preservation
+  ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
+  ##
+  externalTrafficPolicy: Cluster
+  ## Additional service annotations (evaluate as a template)
+  ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+  ##
+  annotations: {}
+  ## Service for http server
+  ##
+  http:
+    ## Service type
+    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+    ##
+    type: ClusterIP
+    ## Service ports
+    ##
+    ports:
+      http: 8080
+      https: 8443
+    ## Specify the nodePort value for the LoadBalancer and NodePort service types.
+    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+    ##
+    nodePorts:
+      http: ""
+      https: ""
+    ## Service clusterIP.
+    ##
+    # clusterIP: None
+    ## Specify the loadBalancerIP value for LoadBalancer service types.
+    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer
+    ##
+    # loadBalancerIP:
+    ## Specify the loadBalancerSourceRanges value for LoadBalancer service types.
+    ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
+    ##
+    loadBalancerSourceRanges: []
+    ## Enable client source IP preservation
+    ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
+    ##
+    externalTrafficPolicy: Cluster
+    ## Additional service annotations (evaluate as a template)
+    ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+    ##
+    annotations: {}
+
+## Configure the ingress resource to access IN (this is enabled only if nginx sub chart is disabled).
+## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
+##
+ingress:
+  ## Enable ingress
+  ##
+  enabled: true
+  ## Add the corresponding annotations for cert-manager integration
+  ##
+  certManager: false
+  ## Ingress path type
+  ##
+  pathType: ImplementationSpecific
+  ## Force Ingress API version (automatically detected if not set)
+  ##
+  apiVersion:
+  ## IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
+  ## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster .
+  ## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
+  ##
+  ingressClassName:
+  ## Default host for the ingress record
+  ##
+  hostname: invoiceninja.local
+  ## Default path for the ingress record
+  ## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
+  ##
+  path: /
+  ## Additional custom annotations for the ingress record
+  ## NOTE: If `ingress.certManager=true`, annotation `kubernetes.io/tls-acme: "true"` will automatically be added
+  ##
+  annotations: {}
+  ## Enable TLS configuration for the host defined at `ingress.hostname` parameter
+  ## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
+  ## You can:
+  ##   - Use the `ingress.secrets` parameter to create this TLS secret
+  ##   - Relay on cert-manager to create it by setting `ingress.certManager=true`
+  ##   - Relay on Helm to create self-signed certificates by setting `ingress.tls=true` and `ingress.certManager=false`
+  ##
+  tls: false
+  ## An array with additional hostname(s) to be covered with the ingress record
+  ## e.g:
+  ## extraHosts:
+  ##   - name: invoiceninja.local
+  ##     path: /
+  ##
+  extraHosts: []
+  ## An array with additional arbitrary paths that may need to be added to the ingress under the main host
+  ## e.g:
+  ## extraPaths:
+  ## - path: /*
+  ##   backend:
+  ##     serviceName: ssl-redirect
+  ##     servicePort: use-annotation
+  ##
+  extraPaths: []
+  ## TLS configuration for additional hostname(s) to be covered with this ingress record
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
+  ## e.g:
+  ## extraTls:
+  ## - hosts:
+  ##     - invoiceninja.local
+  ##   secretName: invoiceninja.local-tls
+  ##
+  extraTls: []
+  ## Custom TLS certificates as secrets
+  ## NOTE: 'key' and 'certificate' are expected in PEM format
+  ## NOTE: 'name' should line up with a 'secretName' set further up
+  ## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates
+  ## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days
+  ## It is also possible to create and manage the certificates outside of this helm chart
+  ## Please see README.md for more information
+  ## e.g:
+  ## secrets:
+  ##   - name: invoiceninja.local-tls
+  ##     key: |-
+  ##       -----BEGIN RSA PRIVATE KEY-----
+  ##       ...
+  ##       -----END RSA PRIVATE KEY-----
+  ##     certificate: |-
+  ##       -----BEGIN CERTIFICATE-----
+  ##       ...
+  ##       -----END CERTIFICATE-----
+  ##
+  secrets: []
+
+## Enable persistence using Persistent Volume Claims
+## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
+##
+persistence:
+  public:
+    enabled: true
+    ## Invoice Ninja data Persistent Volume Storage Class
+    ## If defined, storageClassName: <storageClass>
+    ## If set to "-", storageClassName: "", which disables dynamic provisioning
+    ## If undefined (the default) or set to null, no storageClassName spec is
+    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
+    ##   GKE, AWS & OpenStack)
+    ##
+    # storageClass: "-"
+    ##
+    ## If you want to reuse an existing claim, you can pass the name of the PVC using
+    ## the existingClaim variable
+    # existingClaim: your-claim
+    accessMode: ReadWriteOnce
+    size: 1Gi
+    ## Custom dataSource
+    ##
+    dataSource: {}
+  storage:
+    ## Only required when using FILE cache or session driver
+    enabled: false
+    ## Invoice Ninja data Persistent Volume Storage Class
+    ## If defined, storageClassName: <storageClass>
+    ## If set to "-", storageClassName: "", which disables dynamic provisioning
+    ## If undefined (the default) or set to null, no storageClassName spec is
+    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
+    ##   GKE, AWS & OpenStack)
+    ##
+    # storageClass: "-"
+    ##
+    ## If you want to reuse an existing claim, you can pass the name of the PVC using
+    ## the existingClaim variable
+    # existingClaim: your-claim
+    accessMode: ReadWriteMany
+    size: 10Gi
+    ## Custom dataSource
+    ##
+    dataSource: {}
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 10
+  targetCPUUtilizationPercentage: 80
+  # targetMemoryUtilizationPercentage: 80
+
+## Redis chart configuration
+## ref: https://github.com/bitnami/charts/blob/master/bitnami/redis/values.yaml
+##
+redis:
+  enabled: true
+  auth:
+    sentinel: false
+  sentinel:
+    enabled: true
+    quorum: 1
+  replica:
+    replicaCount: 1
+
+## External Redis Configuration
+##
+## All of these values are only used when redis.enabled is set to false
+##
+externalRedis:
+  ## Redis/Sentinel host
+  ##
+  host: ""
+  ## Redis/Sentinel port number
+  ##
+  port: 6379
+  ## Redis password
+  ##
+  password: ""
+  ## Use existing secret (ignores previous password)
+  ## must contain key `redis-password`
+  ## NOTE: When it's set, the `externalRedis.password` parameter is ignored
+  ##
+  # existingSecret:
+  ## Whether Redis Sentinel are used
+  sentinel: false
+  ## Redis databases
+  ##
+  databases:
+    default: "0"
+    cache: "1"
+
+## MariaDB chart configuration
+## ref: https://github.com/bitnami/charts/blob/master/bitnami/mariadb/values.yaml
+##
+mariadb:
+  ## Whether to deploy a MariaDB server to satisfy the applications database requirements.
+  ## To use an external database set this to false and configure the externaldb parameters
+  ##
+  enabled: true
+  ## MariaDB Authentication parameters
+  ##
+  auth:
+    ## MariaDB root password
+    ##
+    # rootPassword: changeit
+    ## MariaDB custom user and database
+    ##
+    username: invoiceninja
+    database: invoiceninja
+    # password: changeit
+
+## External Database Configuration
+##
+## All of these values are only used when mariadb.enabled is set to false
+##
+externalDatabase:
+  ## Database host
+  ##
+  host: ""
+  ## non-root Username for Invoice Ninja Database
+  ##
+  user: invoiceninja
+  ## Database password
+  ##
+  password: ""
+  ## Database name
+  ##
+  database: invoiceninja
+  ## Database port number
+  ##
+  port: 3306
+  ## Use existing secret (ignores previous password)
+  ## must contain key `mariadb-password`
+  ## NOTE: When it's set, the `externalDatabase.password` parameter is ignored
+  ##
+  # existingSecret:
+
+## Nginx chart configuration
+## ref: https://github.com/bitnami/charts/blob/master/bitnami/nginx/values.yaml
+##
+nginx:
+  enabled: false
+  service:
+    ## Service type
+    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+    ##
+    type: ClusterIP
+  ## Configure the ingress resource that allows you to access the Invoice Ninja
+  ## ref: http://kubernetes.io/docs/user-guide/ingress/
+  ##
+  ingress:
+    enabled: true
+    hostname: invoiceninja.local
+  ## Use the serverblock config map from Invoice Ninja
+  ##
+  existingServerBlockConfigmap: '{{ include "invoiceninja.nginx.serverBlockName" . }}'
+  ## Use the public PVC created by Invoice Ninja
+  ##
+  staticSitePVC: '{{ include "invoiceninja.public.storageName" . }}'
--- a/config/caddy/Caddyfile
+++ b/config/caddy/Caddyfile
@@ -2,6 +2,5 @@
    root * /var/www/app/public
    php_fastcgi app:9000
    encode zstd gzip
-    templates
    file_server browse
 }
--- a/config/cron/cronjob_v5.sh
+++ b/config/cron/cronjob_v5.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env sh
+
+cd /var/www/app; php artisan schedule:run >> /dev/null 2>&1
--- a/config/hosts
+++ b/config/hosts
@@ -0,0 +1 @@
+192.168.0.124 in5.test
--- a/config/mysql/Dockerfile
+++ b/config/mysql/Dockerfile
@@ -0,0 +1,12 @@
+FROM mysql:8
+# When running on ARM64 use MariaDB instead of MySQL
+#FROM mariadb:10.4
+ENV force_color_prompt yes
+
+RUN apt-get update;
+RUN apt-get install -y cron;
+
+ENTRYPOINT \
+  service cron start; \
+  printenv | grep -v "no_proxy" >> /etc/environment; \
+  docker-entrypoint.sh mysqld
--- a/config/mysql/backup-script
+++ b/config/mysql/backup-script
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+FREQUENTY=`basename "$0"`
+TIMESTAMP=$(date +"%Y-%m-%d")
+
+case $FREQUENTY in
+
+  daily)
+    DAYS=6
+    ;;
+
+  weekly)
+    DAYS=30
+    find /backups -type f -name $TIMESTAMP-daily.sql.gz -delete
+    ;;
+
+  monthly)
+    DAYS=122
+    find /backups -type f -name $TIMESTAMP-weekly.sql.gz -delete
+    ;;
+esac
+
+mysqldump -u ${MYSQL_USER} -p${MYSQL_PASSWORD} ${MYSQL_DATABASE} | gzip > /backups/$TIMESTAMP-$FREQUENTY.sql.gz
+
+# Remove old backups
+find /backups -mtime +${DAYS} -type f -name *-$FREQUENTY.sql.gz -delete
+
+exit 0;
--- a/config/nginx/in-vhost.conf
+++ b/config/nginx/in-vhost.conf
@@ -0,0 +1,29 @@
+server {
+    listen 80 default_server;
+    server_name _;
+    
+    server_tokens off;
+    
+    client_max_body_size 100M;
+
+    root /var/www/app/public/;
+    index index.php;
+
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location = /robots.txt  { access_log off; log_not_found off; }
+
+    location ~ \.php$ {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass app:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_intercept_errors off;
+        fastcgi_buffer_size 16k;
+        fastcgi_buffers 4 16k;
+    }
+}
--- a/config/php/php-cli.ini
+++ b/config/php/php-cli.ini
@@ -1,18 +0,0 @@
-session.auto_start = Off
-short_open_tag = Off
-
-error_reporting = E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED
-
-opcache.enable_cli=1
-opcache.fast_shutdown=1
-opcache.memory_consumption=128
-opcache.interned_strings_buffer=8
-opcache.max_accelerated_files=4000
-opcache.revalidate_freq=60
-# http://symfony.com/doc/current/performance.html
-realpath_cache_size = 4096K
-realpath_cache_ttl = 600
-
-memory_limit = 2G
-post_max_size = 6M
-upload_max_filesize = 5M
--- a/config/php/php.ini
+++ b/config/php/php.ini
@@ -1,17 +0,0 @@
-session.auto_start = Off
-short_open_tag = Off
-
-error_reporting = E_ALL & ~E_NOTICE & ~E_WARNING & ~E_STRICT & ~E_DEPRECATED
-
-opcache.enable_cli=1
-opcache.fast_shutdown=1
-opcache.memory_consumption=128
-opcache.interned_strings_buffer=8
-opcache.max_accelerated_files=4000
-opcache.revalidate_freq=60
-# http://symfony.com/doc/current/performance.html
-realpath_cache_size = 4096K
-realpath_cache_ttl = 600
-
-post_max_size = 6M
-upload_max_filesize = 5M
--- a/debian/Dockerfile
+++ b/debian/Dockerfile
@@ -1,76 +0,0 @@
-ARG PHP_VERSION=7.2
-
-FROM php:${PHP_VERSION}-fpm-stretch
-
-LABEL maintainer="Samuel Laulhau <sam@lalop.co>, Holger Lösken <holger.loesken@codedge.de>"
-
-#####
-# SYSTEM REQUIREMENT
-#####
-ARG INVOICENINJA_VERSION
-COPY ./debian/entrypoint.sh /usr/local/bin/docker-entrypoint
-RUN chmod +x /usr/local/bin/docker-entrypoint
-
-ENV BUILD_DEPS \
-        zlib1g-dev \
-        git \
-        libgmp-dev \
-        unzip \
-        libfreetype6-dev \
-        libjpeg62-turbo-dev \
-        libpng-dev \
-        build-essential \
-        chrpath \
-        libssl-dev \
-        libxft-dev \
-        libfreetype6 \
-        libfontconfig1 \
-        libfontconfig1-dev
-
-RUN apt-get update \
-    && apt-get install -y --no-install-recommends $BUILD_DEPS \
-    && ln -s /usr/include/x86_64-linux-gnu/gmp.h /usr/local/include/ \
-    && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \
-    && docker-php-ext-configure gmp \
-    && docker-php-ext-install iconv mbstring pdo pdo_mysql zip gd gmp opcache
-
-ENV PHANTOMJS phantomjs-2.1.1-linux-x86_64
-# Install PHANTOMJS
-RUN curl -o ${PHANTOMJS}.tar.bz2 -SL https://bitbucket.org/ariya/phantomjs/downloads/${PHANTOMJS}.tar.bz2 \
-    && tar xvjf ${PHANTOMJS}.tar.bz2 \
-    && rm ${PHANTOMJS}.tar.bz2 \
-    && mv ${PHANTOMJS} /usr/local/share \
-    && ln -sf /usr/local/share/${PHANTOMJS}/bin/phantomjs /usr/local/bin \
-    && rm -rf /var/lib/apt/lists/*
-
-COPY ./config/php/php.ini /usr/local/etc/php/php.ini
-COPY ./config/php/php-cli.ini /usr/local/etc/php/php-cli.ini
-
-# Download and install IN
-ENV INVOICENINJA_VERSION="${INVOICENINJA_VERSION}"
-
-RUN curl -o ninja.zip -SL https://download.invoiceninja.com/ninja-v${INVOICENINJA_VERSION}.zip \
-    && unzip -q ninja.zip -d /var/www/ \
-    && rm ninja.zip \
-    && mv /var/www/ninja /var/www/app  \
-    && mv /var/www/app/storage /var/www/app/docker-backup-storage  \
-    && mv /var/www/app/public /var/www/app/docker-backup-public  \
-    && mkdir -p /var/www/app/public/logo /var/www/app/storage \
-    && cp /var/www/app/.env.example /var/www/app/.env \
-    && chmod -R 755 /var/www/app/storage  \
-    && chown -R www-data:www-data /var/www/app/storage /var/www/app/bootstrap /var/www/app/public/logo /var/www/app/.env /var/www/app/docker-backup-storage /var/www/app/docker-backup-public\
-    && rm -rf /var/www/app/docs /var/www/app/tests /var/www/ninja
-
-# Override the environment settings from projects .env file
-ENV LOG errorlog
-ENV SELF_UPDATER_SOURCE ''
-ENV PHANTOMJS_BIN_PATH /usr/local/bin/phantomjs
-
-
-# use to be mounted into nginx for example
-VOLUME /var/www/app/public
-
-WORKDIR /var/www/app
-
-ENTRYPOINT ["docker-entrypoint"]
-CMD ["php-fpm"]
--- a/debian/entrypoint.sh
+++ b/debian/entrypoint.sh
@@ -1,46 +0,0 @@
-#!/bin/bash
-set -e
-
-if [ ! -d /var/www/app/storage ]; then
-	cp -Rp /var/www/app/docker-backup-storage /var/www/app/storage
-else
-	IN_STORAGE_BACKUP="$(ls /var/www/app/docker-backup-storage/)"
-	for path in $IN_STORAGE_BACKUP; do
-		if [ ! -e "/var/www/app/storage/$path" ]; then
-			cp -Rp "/var/www/app/docker-backup-storage/$path" "/var/www/app/storage/"
-		fi
-	done
-fi
-
-if [ ! -d /var/www/app/public/logo ]; then
-	cp -Rp /var/www/app/docker-backup-public/logo /var/www/app/public/logo
-else
-	IN_LOGO_BACKUP="$(ls /var/www/app/docker-backup-public/logo/)"
-	for path in $IN_LOGO_BACKUP; do
-		if [ ! -e "/var/www/app/public/logo/$path" ]; then
-			cp -Rp "/var/www/app/docker-backup-public/logo/$path" "/var/www/app/public/logo/"
-		fi
-	done
-fi
-
-# compare public volume version with image version
-if [ ! -e /var/www/app/public/version ] || [ "$INVOICENINJA_VERSION" != "$(cat /var/www/app/public/version)" ]; then
-  echo 'clone public directory'
-  cp -Rp /var/www/app/docker-backup-public/* /var/www/app/public/
-  echo $INVOICENINJA_VERSION > /var/www/app/public/version
-fi
-
-# fix permission for mounted directories
-chown www-data:www-data /var/www/app/storage
-chown	 www-data:www-data /var/www/app/public/logo
-
-#php artisan optimize --force
-#php artisan migrate --force
-
-#if [ ! -e "/var/www/app/is-seeded" ]; then
-	#php artisan db:seed --force
-	#touch "/var/www/app/is-seeded"
-#fi
-
-echo 'start'
-exec "$@"
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -2,76 +2,74 @@ version: '3.7'

 services:
  server:
-    image: caddy:alpine
+    image: nginx
    restart: always
-    environment: 
-      - APP_URL=https://localhost
+    env_file: env
    volumes:
      # Vhost configuration
-      - ./config/caddy/Caddyfile:/etc/caddy/Caddyfile
-
-      # Configure your mounted directories, make sure the folder 'public' and 'storage'
-      # exist, before mounting them
-      -  public:/var/www/app/public
-      -  storage:/var/www/app/storage
-      # you may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
-      # - ./docker/app/public:/var/www/app/public:rw,delegated
-      # - ./docker/app/storage:/var/www/app/storage:rw,delegated
+      #- ./config/caddy/Caddyfile:/etc/caddy/Caddyfiledocker-com
+      - ./config/nginx/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf:ro
+      - ./docker/app/public:/var/www/app/public:ro
    depends_on:
      - app
    # Run webserver nginx on port 80
    # Feel free to modify depending what port is already occupied
-    ports: 
+    ports:
      - "80:80"
-      - "443:443"
+      #- "443:443"
    networks:
      - invoiceninja
+    extra_hosts:
+      - "in5.localhost:192.168.0.124 " #host and ip

  app:
    image: invoiceninja/invoiceninja:5
+    env_file: env
    restart: always
-    environment: 
-      - APP_URL=https://localhost
-      - APP_KEY=<INSERT THE GENERATED APPLICATION KEY HERE>
-      - MULTI_DB_ENABLED=false
-      - DB_HOST1=db
    volumes:
-      # Configure your mounted directories, make sure the folder 'public' and 'storage'
-      # exist, before mounting them
-      -  public:/var/www/app/public
-      -  storage:/var/www/app/storage
-      # you may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
-      # - ./docker/app/public:/var/www/app/public:rw,delegated
-      # - ./docker/app/storage:/var/www/app/storage:rw,delegated
+      - ./config/hosts:/etc/hosts:ro
+      - ./docker/app/public:/var/www/app/public:rw,delegated
+      - ./docker/app/storage:/var/www/app/storage:rw,delegated
    depends_on:
      - db
-    networks: 
-      - invoiceninja  
-
-  db:
-    image: mysql:5
-    restart: always
-    environment: 
-      - MYSQL_ROOT_PASSWORD=ninjaAdm1nPassword
-      - MYSQL_USER=ninja
-      - MYSQL_PASSWORD=ninja
-      - MYSQL_DATABASE=db-ninja-01
-    volumes:
-      - mysql-data:/var/lib/mysql:rw
-      # you may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
-      # - ./docker/mysql/data:/var/lib/mysql:rw,delegated
    networks:
      - invoiceninja
+    extra_hosts:
+      - "in5.localhost:192.168.0.124 " #host and ip

- 
+  db:
+    image: mysql:8
+#    When running on ARM64 use MariaDB instead of MySQL
+#    image: mariadb:10.4
+#    For auto DB backups comment out image and use the build block below
+#    build:
+#      context: ./config/mysql
+    ports:
+      - "3305:3306"
+    restart: always
+    env_file: env
+    volumes:
+      - ./docker/mysql/data:/var/lib/mysql:rw,delegated
+
+      # remove comments for next 4 lines if you want auto sql backups
+      #- ./docker/mysql/bak:/backups:rw
+      #- ./config/mysql/backup-script:/etc/cron.daily/daily:ro
+      #- ./config/mysql/backup-script:/etc/cron.weekly/weekly:ro
+      #- ./config/mysql/backup-script:/etc/cron.monthly/monthly:ro
+    networks:
+      - invoiceninja
+    extra_hosts:
+      - "in5.localhost:192.168.0.124 " #host and ip
+
+  # THIS IS ONLY A VALID CONFIGURATION FOR IN 4. DO NOT USE FOR IN 5.
  # cron:
-  #   image: invoiceninja/invoiceninja
+  #   image: invoiceninja/invoiceninja:alpine-4
  #   volumes:
-  #     -  storage:/var/www/app/storage
-  #     -  logo:/var/www/app/public/logo
-  #     -  public:/var/www/app/public
+      # - ./docker/app/public:/var/www/app/public:rw,delegated
+      # - ./docker/app/storage:/var/www/app/storage:rw,delegated
+      # - ./docker/app/public/logo:/var/www/app/public/logo:rw,delegated
  #   entrypoint: |
-  #     bash -c 'bash -s <<EOF
+  #     /bin/sh -c 'sh -s <<EOF
  #     trap "break;exit" SIGHUP SIGINT SIGTERM
  #     sleep 300s
  #     while /bin/true; do
@@ -82,11 +80,7 @@ services:
  #     EOF'
  #   networks:
  #     - invoiceninja
-
-volumes:
-  mysql-data:
-  public:
-  storage:
+  #

 networks:
-  invoiceninja:
+  invoiceninja:
--- a/docker/app/public/.keep
+++ b/docker/app/public/.keep
@@ -0,0 +1 @@
+
--- a/docker/app/storage/.keep
+++ b/docker/app/storage/.keep
@@ -0,0 +1 @@
+
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,110 +0,0 @@
-#!/usr/bin/env sh
-set -e
-
-# logging functions
-in_log() {
-        local type="$1"; shift
-        printf '%s [%s] [Entrypoint]: %s\n' "$(date -u '+%Y-%m-%dT%H:%M:%SZ')" "$type" "$*"
-}
-
-in_error() {
-        in_log ERROR "$@" >&2
-        exit 1
-}
-
-# Indirect expansion (ie) is not supported in bourne shell. That's why we are using this clunkiness here.
-ie_gv() {
-        local line name value
-        set | \
-        while read line; do
-                name=${line%=*} value=${line#*=\'}
-                if [ "$name" = "$1" ]; then
-                        echo ${value%\'}
-                fi
-        done
-}
-
-# usage: file_env VAR [DEFAULT]
-#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
-        local var="$1"
-        local fileVar="${var}_FILE"
-        local def="${2:-}"
-
-        if [ "$(ie_gv ${var})" != ""  ] && [ "$(ie_gv ${fileVar})" != "" ]; then
-                in_error "Both $var and $fileVar are set (but are exclusive)"
-        fi
-
-         local val="$def"
-        if [ "$(ie_gv ${var})" != "" ]; then
-                val=$(ie_gv ${var})
-        elif [ "$(ie_gv ${fileVar})" != "" ]; then
-                val=`cat $(ie_gv ${fileVar})`
-        fi
-
-        export "$var"="$val"
-        unset "$fileVar"
-}
-
-# first arg is `-f` or `--some-option`
-if [ "${1#-}" != "$1" ]; then
-	set -- php-fpm "$@"
-fi
-
-BAK_STORAGE_PATH=/var/www/app/docker-backup-storage/
-BAK_LOGO_PATH=/var/www/app/docker-backup-public/logo/
-
-if [ ! -d /var/www/app/storage ]; then
-    cp -Rp $BAK_STORAGE_PATH /var/www/app/storage
-else
-    if [ -d $BAK_STORAGE_PATH ]; then
-        IN_STORAGE_BACKUP="$(ls $BAK_STORAGE_PATH)"
-        for path in $IN_STORAGE_BACKUP; do
-            if [ ! -e "/var/www/app/storage/$path" ]; then
-                cp -Rp "$BAK_STORAGE_PATH/$path" "/var/www/app/storage/"
-            fi
-        done
-    fi
-fi
-
-if [ ! -d /var/www/app/public/logo ] && [ -d $BAK_LOGO_PATH ]; then
-    cp -Rp $BAK_LOGO_PATH /var/www/app/public/logo
-else
-    if [ -d $BAK_LOGO_PATH ]; then
-        IN_LOGO_BACKUP="$(ls $BAK_LOGO_PATH)"
-        for path in $IN_LOGO_BACKUP; do
-            if [ ! -e "/var/www/app/public/logo/$path" ]; then
-                cp -Rp "$BAK_LOGO_PATH/$path" "/var/www/app/public/logo/"
-            fi
-        done
-    fi
-fi
-
-# compare public volume version with image version
-if [ ! -e /var/www/app/public/version ] || [ "$INVOICENINJA_VERSION" != "$(cat /var/www/app/public/version)" ]; then
-    cp -au /var/www/app/docker-backup-public/* /var/www/app/public/
-    echo $INVOICENINJA_VERSION > /var/www/app/public/version
-fi
-
-# Set permission for web server to create/update files
-chown -R invoiceninja:www-data /var/www/app/storage /var/www/app/public /var/www/app/bootstrap
-
-# Initialize values that might be stored in a file
-file_env 'APP_KEY'
-file_env 'API_SECRET'
-file_env 'CLOUDFLARE_API_KEY'
-file_env 'DB_USERNAME'
-file_env 'DB_PASSWORD'
-file_env 'MAIL_USERNAME'
-file_env 'MAIL_PASSWORD'
-file_env 'MAILGUN_SECRET'
-file_env 'S3_KEY'
-file_env 'S3_SECRET'
-
-# Run Laravel stuff
-php artisan config:cache
-php artisan optimize
-
-exec docker-php-entrypoint "$@"
--- a/45
+++ b/45
@@ -0,0 +1,45 @@
+# IN application vars
+APP_URL=http://in.localhost:8003
+APP_KEY=<insert your generated key in here>
+APP_DEBUG=true
+REQUIRE_HTTPS=false
+PHANTOMJS_PDF_GENERATION=false
+PDF_GENERATOR=snappdf
+TRUSTED_PROXIES='*'
+
+
+QUEUE_CONNECTION=database
+
+# DB connection
+DB_HOST=db
+DB_PORT=3306
+DB_DATABASE=ninja
+DB_USERNAME=ninja
+DB_PASSWORD=ninja
+
+# Create initial user
+# Default to these values if empty
+# IN_USER_EMAIL=admin@example.com
+# IN_PASSWORD=changeme!
+IN_USER_EMAIL=
+IN_PASSWORD=
+
+# Mail options
+MAIL_MAILER=log
+MAIL_HOST=smtp.mailtrap.io
+MAIL_PORT=2525
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+MAIL_FROM_ADDRESS='user@example.com'
+MAIL_FROM_NAME='Self Hosted User'
+
+# MySQL
+MYSQL_ROOT_PASSWORD=ninjaAdm1nPassword
+MYSQL_USER=ninja
+MYSQL_PASSWORD=ninja
+MYSQL_DATABASE=ninja
+
+# V4 env vars
+# DB_STRICT=false
+# APP_CIPHER=AES-256-CBC
--- a/examples/v5/supervisor/Dockerfile
+++ b/examples/v5/supervisor/Dockerfile
@@ -0,0 +1,13 @@
+FROM invoiceninja/invoiceninja:5
+
+USER root
+
+RUN apk add --no-cache supervisor \
+  && mkdir /var/log/supervisord /var/run/supervisord \
+  && chown $INVOICENINJA_USER:www-data /var/log/supervisord /var/run/supervisord
+
+COPY supervisord.conf /
+
+USER $INVOICENINJA_USER
+
+CMD ["/usr/bin/supervisord", "-c", "/supervisord.conf"]
--- a/examples/v5/supervisor/supervisord.conf
+++ b/examples/v5/supervisor/supervisord.conf
@@ -0,0 +1,29 @@
+[supervisord]
+nodaemon=true
+user=invoiceninja
+pidfile=/var/run/supervisord/supervisord.pid
+logfile=/dev/null ; nodaemon will cause logs to go to stdout
+logfile_maxbytes=0
+loglevel=error
+
+[program:php-fpm]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=php-fpm
+
+[program:scheduler]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+command=php artisan schedule:work
+
+[program:queue-worker]
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0
+numprocs=2
+command=php artisan queue:work --sleep=3 --tries=1 --memory=1024 --timeout=3600 --daemon