diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index 6520e833..1ec07cd6 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -61,6 +61,12 @@ The following table lists the configurable parameters of the nextcloud chart and | `nextcloud.host` | nextcloud host to create application URLs | `nextcloud.kube.home` | | `nextcloud.username` | User of the application | `admin` | | `nextcloud.password` | Application password | `changeme` | +| `nextcloud.existingSecret.enabled` | Whether to use an existing secret or not | `false` | +| `nextcloud.existingSecret.secretName` | Name of the existing secret | `nil` | +| `nextcloud.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | +| `nextcloud.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | +| `nextcloud.existingSecret.smtpUsernameKey` | Name of the key that contains the SMTP username | `nil` | +| `nextcloud.existingSecret.smtpPasswordKey` | Name of the key that contains the SMTP password | `nil` | | `nextcloud.update` | Trigger update if custom command is used | `0` | | `nextcloud.datadir` | nextcloud data dir location | `/var/www/html/data` | | `nextcloud.tableprefix` | nextcloud db table prefix | `''` | @@ -114,6 +120,8 @@ The following table lists the configurable parameters of the nextcloud chart and | `mariadb.db.user` | Database user to create | `nextcloud` | | `mariadb.rootUser.password` | MariaDB admin password | `nil` | | `redis.enabled` | Whether to install/use redis for locking | `false` | +| `redis.usePassword` | Whether to use a password with redis | `false` | +| `redis.password` | The password redis uses | `''` | | `cronjob.enabled` | Whether to enable/disable cronjob | `false` | | `cronjob.schedule` | Schedule for the CronJob | `*/15 * * * *` | | `cronjob.annotations` | Annotations to add to the cronjob | {} | @@ -135,17 +143,23 @@ The following table lists the configurable parameters of the nextcloud chart and | `persistence.size` | PVC Storage Request for nextcloud volume | `8Gi` | | `resources` | CPU/Memory resource requests/limits | `{}` | | `livenessProbe.enabled` | Turn on and off liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `15` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | | `livenessProbe.timeoutSeconds` | When the probe times out | `5` | | `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | | `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | | `readinessProbe.enabled` | Turn on and off readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `15` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `10` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | | `readinessProbe.timeoutSeconds` | When the probe times out | `5` | | `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` | | `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | +| `startupProbe.enabled` | Turn on and off startup probe | `false` | +| `startupProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `startupProbe.periodSeconds` | How often to perform the probe | `10` | +| `startupProbe.timeoutSeconds` | When the probe times out | `5` | +| `startupProbe.failureThreshold` | Minimum consecutive failures for the probe | `30` | +| `startupProbe.successThreshold` | Minimum consecutive successes for the probe | `1` | | `hpa.enabled` | Boolean to create a HorizontalPodAutoscaler | `false` | | `hpa.cputhreshold` | CPU threshold percent for the HorizontalPodAutoscale | `60` | | `hpa.minPods` | Min. pods for the Nextcloud HorizontalPodAutoscaler | `1` | diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index fad0d7a3..53b99bc5 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -115,13 +115,13 @@ spec: - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: nextcloud-username + name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} + key: {{ .Values.nextcloud.existingSecret.usernameKey | default "nextcloud-username" }} - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: nextcloud-password + name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} + key: {{ .Values.nextcloud.existingSecret.passwordKey | default "nextcloud-password" }} - name: NEXTCLOUD_TRUSTED_DOMAINS value: {{ .Values.nextcloud.host }} {{- if ne (int .Values.nextcloud.update) 0 }} @@ -150,19 +150,21 @@ spec: - name: SMTP_NAME valueFrom: secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: smtp-username + name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} + key: {{ .Values.nextcloud.existingSecret.smtpUsernameKey | default "smtp-username" }} - name: SMTP_PASSWORD valueFrom: secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: smtp-password + name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} + key: {{ .Values.nextcloud.existingSecret.smtpPasswordKey | default "smtp-password" }} {{- end }} {{- if .Values.redis.enabled }} - name: REDIS_HOST value: {{ template "nextcloud.redis.fullname" . }}-master - name: REDIS_HOST_PORT value: {{ .Values.redis.redisPort | quote }} + - name: REDIS_HOST_PASSWORD + value: {{ .Values.redis.password }} {{- end }} {{- if .Values.nextcloud.extraEnv }} {{ toYaml .Values.nextcloud.extraEnv | indent 8 }} @@ -201,6 +203,20 @@ spec: successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} {{- end }} + {{- if .Values.startupProbe.enabled }} + startupProbe: + httpGet: + path: /status.php + port: http + httpHeaders: + - name: Host + value: {{ .Values.nextcloud.host | quote }} + initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.startupProbe.periodSeconds }} + timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} + successThreshold: {{ .Values.startupProbe.successThreshold }} + failureThreshold: {{ .Values.startupProbe.failureThreshold }} + {{- end }} resources: {{ toYaml .Values.resources | indent 10 }} volumeMounts: @@ -239,9 +255,10 @@ spec: {{- end }} {{- end }} {{- end }} + {{- $nginxEnabled := .Values.nginx.enabled -}} {{- range $key, $value := .Values.nextcloud.phpConfigs }} - name: nextcloud-phpconfig - mountPath: /usr/local/etc/php/conf.d/{{ $key }} + mountPath: {{ $nginxEnabled | ternary (printf "/usr/local/etc/php-fpm.d/%s" $key | quote) (printf "/usr/local/etc/php/conf.d/%s" $key | quote) }} subPath: {{ $key }} {{- end }} {{- if .Values.nextcloud.extraVolumeMounts }} @@ -283,6 +300,7 @@ spec: successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} {{- end }} + resources: {{ toYaml .Values.nginx.resources | indent 10 }} volumeMounts: diff --git a/charts/nextcloud/templates/secrets.yaml b/charts/nextcloud/templates/secrets.yaml index 8473eba0..a831b0c3 100644 --- a/charts/nextcloud/templates/secrets.yaml +++ b/charts/nextcloud/templates/secrets.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.nextcloud.existingSecret.enabled }} apiVersion: v1 kind: Secret metadata: @@ -19,3 +20,4 @@ data: smtp-username: {{ default "" .Values.nextcloud.mail.smtp.name | b64enc | quote }} smtp-password: {{ default "" .Values.nextcloud.mail.smtp.password | b64enc | quote }} {{- end }} +{{- end }} diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index e4e899dc..6084db5a 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -64,6 +64,14 @@ nextcloud: host: nextcloud.kube.home username: admin password: changeme + ## Use an existing secret + existingSecret: + enabled: false + # secretName: nameofsecret + # usernameKey: username + # passwordKey: password + # smtpUsernameKey: smtp_username + # smtpPasswordKey: smtp_password update: 0 datadir: /var/www/html/data tableprefix: @@ -81,7 +89,7 @@ nextcloud: name: user password: pass # PHP Configuration files - # Will be injected in /usr/local/etc/php/conf.d + # Will be injected in /usr/local/etc/php/conf.d for apache image and in /usr/local/etc/php-fpm.d when nginx.enabled: true phpConfigs: {} # Default config files # IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself @@ -243,6 +251,7 @@ postgresql: redis: enabled: false usePassword: false + password: '' ## Cronjob to execute Nextcloud background tasks ## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#webcron @@ -334,18 +343,26 @@ resources: {} ## livenessProbe: enabled: true - initialDelaySeconds: 30 - periodSeconds: 15 + initialDelaySeconds: 10 + periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 successThreshold: 1 readinessProbe: enabled: true - initialDelaySeconds: 30 - periodSeconds: 15 + initialDelaySeconds: 10 + periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 successThreshold: 1 +startupProbe: + enabled: false + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 30 + successThreshold: 1 + ## Enable pod autoscaling using HorizontalPodAutoscaler ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/