From c4caa176f623d5abb458d21730f5092b21911a7b Mon Sep 17 00:00:00 2001
From: Michel Zimmer <github@michel-zimmer.de>
Date: Mon, 28 Dec 2020 16:12:46 +0100
Subject: [PATCH] Add option for a custom secret (#47)

Introducing options nested under `nextcloud.existingSecret` to allow for a deployment that does not contain the secret and instead uses an existing secret.

Signed-off-by: Michel Zimmer <opensource@michel-zimmer.de>

Co-authored-by: Jeff Billimek <jeff@billimek.com>
---
 charts/nextcloud/Chart.yaml                | 2 +-
 charts/nextcloud/README.md                 | 4 ++++
 charts/nextcloud/templates/deployment.yaml | 8 ++++----
 charts/nextcloud/templates/secrets.yaml    | 2 ++
 charts/nextcloud/values.yaml               | 6 ++++++
 5 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml
index f09387b5..87d90104 100644
--- a/charts/nextcloud/Chart.yaml
+++ b/charts/nextcloud/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: nextcloud
-version: 2.3.3
+version: 2.4.0
 appVersion: 19.0.3
 description: A file sharing server that puts the control and security of your own data back into your hands.
 keywords:
diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md
index d479a038..7ae8f994 100644
--- a/charts/nextcloud/README.md
+++ b/charts/nextcloud/README.md
@@ -61,6 +61,10 @@ The following table lists the configurable parameters of the nextcloud chart and
 | `nextcloud.host`                                             | nextcloud host to create application URLs               | `nextcloud.kube.home`                       |
 | `nextcloud.username`                                         | User of the application                                 | `admin`                                     |
 | `nextcloud.password`                                         | Application password                                    | `changeme`                                  |
+| `nextcloud.existingSecret.enabled`                           | Whether to use an existing secret or not                | `false`                                     |
+| `nextcloud.existingSecret.secretName`                        | Name of the existing secret                             | `nil`                                       |
+| `nextcloud.existingSecret.usernameKey`                       | Name of the key that contains the username              | `nil`                                       |
+| `nextcloud.existingSecret.passwordKey`                       | Name of the key that contains the password              | `nil`                                       |
 | `nextcloud.update`                                           | Trigger update if custom command is used                | `0`                                         |
 | `nextcloud.datadir`                                          | nextcloud data dir location                             | `/var/www/html/data`                        |
 | `nextcloud.tableprefix`                                      | nextcloud db table prefix                               | `''`                                        |
diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml
index 65b646bf..87ece66d 100644
--- a/charts/nextcloud/templates/deployment.yaml
+++ b/charts/nextcloud/templates/deployment.yaml
@@ -115,13 +115,13 @@ spec:
         - name: NEXTCLOUD_ADMIN_USER
           valueFrom:
             secretKeyRef:
-              name: {{ template "nextcloud.fullname" . }}
-              key: nextcloud-username
+              name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }}
+              key: {{ .Values.nextcloud.existingSecret.usernameKey | default "nextcloud-username" }}
         - name: NEXTCLOUD_ADMIN_PASSWORD
           valueFrom:
             secretKeyRef:
-              name: {{ template "nextcloud.fullname" . }}
-              key: nextcloud-password
+              name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }}
+              key: {{ .Values.nextcloud.existingSecret.passwordKey | default "nextcloud-password" }}
         - name: NEXTCLOUD_TRUSTED_DOMAINS
           value: {{ .Values.nextcloud.host }}
         {{- if ne (int .Values.nextcloud.update) 0 }}
diff --git a/charts/nextcloud/templates/secrets.yaml b/charts/nextcloud/templates/secrets.yaml
index 8473eba0..a831b0c3 100644
--- a/charts/nextcloud/templates/secrets.yaml
+++ b/charts/nextcloud/templates/secrets.yaml
@@ -1,3 +1,4 @@
+{{- if not .Values.nextcloud.existingSecret.enabled }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -19,3 +20,4 @@ data:
   smtp-username: {{ default "" .Values.nextcloud.mail.smtp.name | b64enc | quote }}
   smtp-password: {{ default "" .Values.nextcloud.mail.smtp.password | b64enc | quote }}
   {{- end }}
+{{- end }}
diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml
index 73a2d3c8..336b1a0f 100644
--- a/charts/nextcloud/values.yaml
+++ b/charts/nextcloud/values.yaml
@@ -64,6 +64,12 @@ nextcloud:
   host: nextcloud.kube.home
   username: admin
   password: changeme
+  ## Use an existing secret
+  existingSecret:
+    enabled: false
+    # secretName: nameofsecret
+    # usernameKey: username
+    # passwordKey: password
   update: 0
   datadir: /var/www/html/data
   tableprefix: