From 4ec43d8781ec5e11e2355c017ecf92823641012a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 21:21:08 +0000 Subject: [PATCH 01/17] Bump azure/setup-helm from 3.5 to 4 Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 3.5 to 4. - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](https://github.com/azure/setup-helm/compare/v3.5...v4) --- updated-dependencies: - dependency-name: azure/setup-helm dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-test.yaml | 2 +- .github/workflows/release.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 45739610..d839bc71 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -20,7 +20,7 @@ jobs: fetch-depth: 0 - name: Install Helm - uses: azure/setup-helm@v3.5 + uses: azure/setup-helm@v4 with: version: v3.11.1 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8115309d..ca842db1 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -28,7 +28,7 @@ jobs: # See https://github.com/helm/chart-releaser-action/issues/6 - name: Set up Helm - uses: azure/setup-helm@v3.5 + uses: azure/setup-helm@v4 with: version: v3.11.1 From 032d432357185cc23c0c434305c9827f4a4b1dad Mon Sep 17 00:00:00 2001 From: JesseBot Date: Fri, 12 Apr 2024 22:28:49 +0200 Subject: [PATCH 02/17] Update lint-test.yaml - update helm version to v3.14.4 Signed-off-by: JesseBot --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index d839bc71..02a30651 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -22,7 +22,7 @@ jobs: - name: Install Helm uses: azure/setup-helm@v4 with: - version: v3.11.1 + version: v3.14.4 - name: Add dependency chart repos run: | From 02e398b4e7378232dd5e7d489909785ca8ef8160 Mon Sep 17 00:00:00 2001 From: JesseBot Date: Fri, 12 Apr 2024 22:29:41 +0200 Subject: [PATCH 03/17] Update .github/workflows/release.yaml - update helm version to v3.14.4 Signed-off-by: JesseBot --- .github/workflows/release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ca842db1..d81aaca1 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -30,7 +30,7 @@ jobs: - name: Set up Helm uses: azure/setup-helm@v4 with: - version: v3.11.1 + version: v3.14.4 - name: Add dependency chart repos run: | From 504c1f3f70e8bd03c1c664d61bc2396b04206602 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 21:51:19 +0000 Subject: [PATCH 04/17] Bump helm/kind-action from 1.8.0 to 1.10.0 Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.8.0 to 1.10.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](https://github.com/helm/kind-action/compare/v1.8.0...v1.10.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 45739610..b28fd25e 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -45,7 +45,7 @@ jobs: run: ct lint --target-branch ${{ github.event.repository.default_branch }} - name: Create kind cluster - uses: helm/kind-action@v1.8.0 + uses: helm/kind-action@v1.10.0 if: steps.list-changed.outputs.changed == 'true' - name: Run chart-testing (install) From ba6ce9d9d1d1d1e1cb8ff94931420e4a392a0bc8 Mon Sep 17 00:00:00 2001 From: JesseBot Date: Wed, 29 May 2024 15:58:53 +0200 Subject: [PATCH 05/17] only run chart linting for specific files instead of trying to catch every exception (#575) * only run chart linting for specific files instead of trying to catch every exception Signed-off-by: jessebot * attempt to adapt changes from https://github.com/nextcloud/.github/blob/master/workflow-templates/node.yml Signed-off-by: jessebot * add needs: changes to lint job Signed-off-by: jessebot * remove summary job afterall Signed-off-by: jessebot --------- Signed-off-by: jessebot --- .github/workflows/lint-test.yaml | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 45739610..14c37ceb 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -2,17 +2,29 @@ name: Lint and Test Charts on: pull_request: - paths-ignore: - - '.github/**' - - 'charts/**/README.md' - - 'CODE_OF_CONDUCT.md' - - 'CONTRIBUTING.md' - - 'LICENSE' - - 'README.md' - + paths: jobs: + changes: + runs-on: ubuntu-latest-low + + outputs: + src: ${{ steps.changes.outputs.src}} + + steps: + - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 + id: changes + continue-on-error: true + with: + filters: | + src: + - 'charts/nextcloud/Chart.yaml' + - 'charts/nextcloud/values.yaml' + - 'charts/nextcloud/templates/**' + lint-test: runs-on: ubuntu-22.04 + needs: changes + if: needs.changes.outputs.src != 'false' steps: - name: Checkout uses: actions/checkout@v4 From 7394c10b3dc518cb7ad33f96e62ee20acb539f57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20M=C3=A9nab=C3=A9?= Date: Fri, 31 May 2024 08:54:09 +0200 Subject: [PATCH 06/17] Allow to set environment variables to Nginx container (#566) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: François Ménabé Co-authored-by: JesseBot --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/README.md | 1 + charts/nextcloud/templates/deployment.yaml | 4 ++++ charts/nextcloud/values.yaml | 5 +++++ 4 files changed, 11 insertions(+), 1 deletion(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 243346f3..d4d18917 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.6.8 +version: 4.6.9 appVersion: 29.0.0 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index 6581b09c..4df1a770 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -147,6 +147,7 @@ The following table lists the configurable parameters of the nextcloud chart and | `nginx.config.custom` | Specify a custom config for nginx | `{}` | | `nginx.resources` | nginx resources | `{}` | | `nginx.securityContext` | Optional security context for the nginx container | `nil` | +| `nginx.extraEnv` | Optional environment variables for the nginx container | `nil` | | `lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand | `nil` | | `lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand | `nil` | | `redis.enabled` | Whether to install/use redis for locking | `false` | diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index be3aeea9..83546f42 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -149,6 +149,10 @@ spec: - name: {{ .Chart.Name }}-nginx image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} + {{- with .Values.nginx.extraEnv }} + env: + {{- toYaml . | nindent 12 }} + {{- end }} ports: - name: http protocol: TCP diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index 8a0868dd..b2e7d28a 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -245,6 +245,11 @@ nginx: # runAsNonRoot: true # readOnlyRootFilesystem: true + ## Extra environment variables + extraEnv: [] + # - name: SOME_ENV + # value: ENV_VALUE + internalDatabase: enabled: true name: nextcloud From 961037fc016bc77e5191de32464d607c7d4a682a Mon Sep 17 00:00:00 2001 From: Tero Paloheimo Date: Sun, 2 Jun 2024 11:36:56 +0300 Subject: [PATCH 07/17] feat: update appVersion to 29.0.1 Signed-off-by: Tero Paloheimo --- charts/nextcloud/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index d4d18917..62fdfdc6 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: nextcloud -version: 4.6.9 -appVersion: 29.0.0 +version: 4.6.10 +appVersion: 29.0.1 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: - nextcloud From f8cf00730b4fd05a22a290d0773f8fd463f0bbcf Mon Sep 17 00:00:00 2001 From: Sunny Date: Sun, 9 Jun 2024 12:40:28 +0530 Subject: [PATCH 08/17] Include nextcloud service in trusted domains for metrics exporter (#483) * Include service in trusted domains for metrics When nextcloud-exporter is used by enabling metrics, it fails to fetch the serverinfo with 400 response code. This is related to the switch from ingress to local service endpoint for nextcloud-exporter. To fix this, in addition to .Values.nextcloud.host, the nextcloud service also need to be included in the trusted domains. Signed-off-by: Sunny * Update charts/nextcloud/templates/_helpers.tpl - use full service name and fix spacing for trusted domains Co-authored-by: WrenIX <133280015+wrenix@users.noreply.github.com> Signed-off-by: JesseBot --------- Signed-off-by: Sunny Signed-off-by: JesseBot Co-authored-by: JesseBot Co-authored-by: WrenIX <133280015+wrenix@users.noreply.github.com> --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/templates/_helpers.tpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 62fdfdc6..cee10d28 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.6.10 +version: 4.6.11 appVersion: 29.0.1 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/templates/_helpers.tpl b/charts/nextcloud/templates/_helpers.tpl index 8214e1ab..d9570f76 100644 --- a/charts/nextcloud/templates/_helpers.tpl +++ b/charts/nextcloud/templates/_helpers.tpl @@ -178,7 +178,7 @@ Create environment variables used to configure the nextcloud container as well a name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }} key: {{ .Values.nextcloud.existingSecret.passwordKey }} - name: NEXTCLOUD_TRUSTED_DOMAINS - value: {{ .Values.nextcloud.host }} + value: {{ .Values.nextcloud.host }}{{ if .Values.metrics.enabled }} {{ template "nextcloud.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local{{ end }} {{- if ne (int .Values.nextcloud.update) 0 }} - name: NEXTCLOUD_UPDATE value: {{ .Values.nextcloud.update | quote }} From 3dfd22ed39d628c10868ec240b9e94dd5ee928f0 Mon Sep 17 00:00:00 2001 From: JesseBot Date: Sun, 9 Jun 2024 09:38:05 +0200 Subject: [PATCH 09/17] =?UTF-8?q?Update=20Postgresql,=20MariaDB,=20and=20R?= =?UTF-8?q?edis=20subcharts=20to=20the=20latest=20(=E2=9A=A0=EF=B8=8F=20Ma?= =?UTF-8?q?jor=20updates)=20(#580)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * update sub charts and add test for postgresql chart Signed-off-by: jessebot * temporarily change the changes workflow to run on ubuntu-22.04 Signed-off-by: jessebot * add helm and ct install steps for the installation jobs Signed-off-by: jessebot * always run change detection step in integration testing steps Signed-off-by: jessebot * always do a checkout before rest of integration test Signed-off-by: jessebot * update the runs-on parameter for changes job to use ubuntu-latest-low again Signed-off-by: jessebot --------- Signed-off-by: jessebot Signed-off-by: JesseBot --- .github/workflows/lint-test.yaml | 73 +++++++++++++++++++++++++++++++- charts/nextcloud/Chart.lock | 10 ++--- charts/nextcloud/Chart.yaml | 8 ++-- 3 files changed, 81 insertions(+), 10 deletions(-) diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 905affa6..ded95bf8 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -21,7 +21,7 @@ jobs: - 'charts/nextcloud/values.yaml' - 'charts/nextcloud/templates/**' - lint-test: + lint: runs-on: ubuntu-22.04 needs: changes if: needs.changes.outputs.src != 'false' @@ -56,6 +56,36 @@ jobs: if: steps.list-changed.outputs.changed == 'true' run: ct lint --target-branch ${{ github.event.repository.default_branch }} + test-internal-database: + runs-on: ubuntu-22.04 + needs: [changes, lint] + if: needs.changes.outputs.src != 'false' + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install Helm + uses: azure/setup-helm@v4 + with: + version: v3.14.4 + + - name: Add dependency chart repos + run: | + helm repo add bitnami https://charts.bitnami.com/bitnami + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.1 + + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + fi + - name: Create kind cluster uses: helm/kind-action@v1.10.0 if: steps.list-changed.outputs.changed == 'true' @@ -64,3 +94,44 @@ jobs: id: install if: steps.list-changed.outputs.changed == 'true' run: ct install --target-branch ${{ github.event.repository.default_branch }} + + test-postgresql-database: + runs-on: ubuntu-22.04 + needs: [changes, lint] + if: needs.changes.outputs.src != 'false' + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install Helm + uses: azure/setup-helm@v4 + with: + version: v3.14.4 + + - name: Add dependency chart repos + run: | + helm repo add bitnami https://charts.bitnami.com/bitnami + + - name: Set up chart-testing + uses: helm/chart-testing-action@v2.6.1 + + - name: Run chart-testing (list-changed) + id: list-changed + run: | + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) + if [[ -n "$changed" ]]; then + echo "changed=true" >> "$GITHUB_OUTPUT" + fi + + - name: Create kind cluster + uses: helm/kind-action@v1.10.0 + if: steps.list-changed.outputs.changed == 'true' + + - name: Run chart-testing (install) + id: install + if: steps.list-changed.outputs.changed == 'true' + run: | + ct install --target-branch ${{ github.event.repository.default_branch }} \ + --helm-extra-set-args "--set=postgresql.enabled=true --set=postgresql.global.postgresql.auth.password=testing123456 --set=internalDatabase.enabled=false --set=externalDatabase.enabled=True --set=externalDatabase.type=postgresql --set=externalDatabase.password=testing123456" diff --git a/charts/nextcloud/Chart.lock b/charts/nextcloud/Chart.lock index 8a002f80..f6ac2d62 100644 --- a/charts/nextcloud/Chart.lock +++ b/charts/nextcloud/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 12.12.10 + version: 15.5.0 - name: mariadb repository: oci://registry-1.docker.io/bitnamicharts - version: 12.2.9 + version: 18.2.0 - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 17.13.2 -digest: sha256:92fe0891c35c2586cfe3b76154412c188bb75cc0a687e1d771fc4c1cf0f8973d -generated: "2023-11-11T19:19:38.983179104+01:00" + version: 19.5.0 +digest: sha256:4efc098feeb7f4486b7166f1c71b9c54bfee0797663a3339f379d397297303c7 +generated: "2024-06-03T09:51:56.321676+02:00" diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index cee10d28..ae07f63b 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 4.6.11 +version: 5.0.0 appVersion: 29.0.1 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: @@ -23,14 +23,14 @@ maintainers: email: jeff@billimek.com dependencies: - name: postgresql - version: 12.12.* + version: 15.5.0 repository: oci://registry-1.docker.io/bitnamicharts condition: postgresql.enabled - name: mariadb - version: 12.2.* + version: 18.2.0 repository: oci://registry-1.docker.io/bitnamicharts condition: mariadb.enabled - name: redis - version: 17.13.* + version: 19.5.0 repository: oci://registry-1.docker.io/bitnamicharts condition: redis.enabled From 160ab955e7bf47d856112425c8bababdbe14750e Mon Sep 17 00:00:00 2001 From: provokateurin Date: Mon, 24 Jun 2024 10:03:48 +0200 Subject: [PATCH 10/17] update: 29.0.2 Signed-off-by: provokateurin --- charts/nextcloud/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index ae07f63b..b4cb0401 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: nextcloud -version: 5.0.0 -appVersion: 29.0.1 +version: 5.0.1 +appVersion: 29.0.2 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: - nextcloud From 8598494eada20a84e406eb211b9fae93b9124c1e Mon Sep 17 00:00:00 2001 From: provokateurin Date: Thu, 27 Jun 2024 06:34:06 +0200 Subject: [PATCH 11/17] update: 29.0.3 Signed-off-by: provokateurin --- charts/nextcloud/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index b4cb0401..0efa16c5 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: nextcloud -version: 5.0.1 -appVersion: 29.0.2 +version: 5.0.2 +appVersion: 29.0.3 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: - nextcloud From 11f6601992a880ad1231bc19956b8fef6eb0c18b Mon Sep 17 00:00:00 2001 From: rene Date: Sat, 29 Jun 2024 15:26:18 +0200 Subject: [PATCH 12/17] make security context configurable for mariadb and postgresql init containers commit 5cde3a4eb9ecb67a713592fc56ab730ed5abe5b6 Merge: b5171ad 6f1f075 Author: rene Date: Fri Jun 28 23:05:44 2024 +0200 Merge branch 'set-security-context-for-init-containers' of https://github.com/raynay-r/nextcloud-helm into set-security-context-for-init-containers commit 6f1f0756d77fad97386489d558a86686a07c4973 Merge: 8ebadd7 f8cf007 Author: JesseBot Date: Sun Jun 9 09:31:22 2024 +0200 Merge branch 'main' into set-security-context-for-init-containers Signed-off-by: JesseBot commit 8ebadd7f38a55644de2ec511be28c5a095f6226e Author: JesseBot Date: Sun Jun 9 09:30:33 2024 +0200 Apply suggestions from code review - switch to one with instead of if + with Signed-off-by: JesseBot commit 6ae83c6c32b4d50977fcfed3520d070f0d76cb30 Merge: 1d2244a 1ae7421 Author: raynay-r <16634069+raynay-r@users.noreply.github.com> Date: Tue May 28 12:38:27 2024 +0200 Merge branch 'main' into set-security-context-for-init-containers Signed-off-by: raynay-r <16634069+raynay-r@users.noreply.github.com> commit 1d2244aa38379e5c4448d07fff01338aa8fc8400 Author: rene Date: Sat May 25 11:58:47 2024 +0200 increment minor version - new version 4.7.0 commit b5171ade43106b7ba58dcc8dbd79c10984ec63e0 Author: rene Date: Sat May 25 11:52:23 2024 +0200 increment to next minor version commit bf511ecb68f51c5011eae3f4041a160c7a0a6374 Merge: 0982a00 30c69c1 Author: JesseBot Date: Tue Apr 30 17:04:38 2024 +0200 Merge branch 'main' into set-security-context-for-init-containers commit 0982a0072697dd1292b2219d0bc500ea73301813 Author: rene Date: Tue Apr 16 11:30:14 2024 +0200 fix indentation of security context blocks in init container definitions Signed-off-by: rene commit 6918ded885c413847d0723d462fbdcb2dbf1855e Author: rene Date: Tue Apr 16 11:17:25 2024 +0200 fix issues from rebase Signed-off-by: rene commit 4df8b173ccc867d8c19283493ff41820619e9794 Author: rene Date: Tue Apr 16 10:23:37 2024 +0200 add new parameters for init containers security context Signed-off-by: rene Signed-off-by: rene --- charts/nextcloud/templates/deployment.yaml | 8 ++++++++ charts/nextcloud/values.yaml | 6 ++++++ 2 files changed, 14 insertions(+) diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index 83546f42..680fafe4 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -293,6 +293,10 @@ spec: {{- if .Values.mariadb.enabled }} - name: mariadb-isalive image: {{ .Values.mariadb.image.registry | default "docker.io" }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }} + {{- with .Values.nextcloud.mariadbInitContainerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} env: - name: MYSQL_USER valueFrom: @@ -311,6 +315,10 @@ spec: {{- else if .Values.postgresql.enabled }} - name: postgresql-isready image: {{ .Values.postgresql.image.registry | default "docker.io" }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} + {{- with .Values.nextcloud.postgresqlInitContainerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} env: - name: POSTGRES_USER valueFrom: diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index b2e7d28a..de0ff0ba 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -213,6 +213,12 @@ nextcloud: # runAsNonRoot: true # readOnlyRootFilesystem: false + # Set mariadb initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive + mariadbInitContainerSecurityContext: {} + + # Set postgresql initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive + postgresqlInitContainerSecurityContext: {} + # Set securityContext parameters for the entire pod. For example, you may need to define runAsNonRoot directive podSecurityContext: {} # runAsUser: 33 From 44711d50a93a755fc51d0917c9ceeb6f9c26203e Mon Sep 17 00:00:00 2001 From: rene Date: Sat, 29 Jun 2024 15:35:56 +0200 Subject: [PATCH 13/17] increment chart version to 5.1.0 Signed-off-by: rene --- charts/nextcloud/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 0efa16c5..6f22e480 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 5.0.2 +version: 5.1.0 appVersion: 29.0.3 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: From fe44323649aee1185a3640c71d01a4496b608e5d Mon Sep 17 00:00:00 2001 From: raynay-r <16634069+raynay-r@users.noreply.github.com> Date: Sat, 29 Jun 2024 16:06:47 +0200 Subject: [PATCH 14/17] Apply suggestions from code review Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com> Signed-off-by: raynay-r <16634069+raynay-r@users.noreply.github.com> --- charts/nextcloud/templates/deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index 680fafe4..aa8ec8bc 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -295,7 +295,7 @@ spec: image: {{ .Values.mariadb.image.registry | default "docker.io" }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }} {{- with .Values.nextcloud.mariadbInitContainerSecurityContext }} securityContext: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} env: - name: MYSQL_USER @@ -317,7 +317,7 @@ spec: image: {{ .Values.postgresql.image.registry | default "docker.io" }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} {{- with .Values.nextcloud.postgresqlInitContainerSecurityContext }} securityContext: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} env: - name: POSTGRES_USER From bf6f73f4e7166af6f1ac13f453388bfe3f35cba7 Mon Sep 17 00:00:00 2001 From: rene Date: Sun, 30 Jun 2024 11:48:29 +0200 Subject: [PATCH 15/17] apply code review suggestion Signed-off-by: rene --- charts/nextcloud/templates/deployment.yaml | 4 ++-- charts/nextcloud/values.yaml | 17 +++++++++++------ 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index aa8ec8bc..51a79d67 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -293,7 +293,7 @@ spec: {{- if .Values.mariadb.enabled }} - name: mariadb-isalive image: {{ .Values.mariadb.image.registry | default "docker.io" }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }} - {{- with .Values.nextcloud.mariadbInitContainerSecurityContext }} + {{- with .Values.nextcloud.mariaDbInitContainer.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} @@ -315,7 +315,7 @@ spec: {{- else if .Values.postgresql.enabled }} - name: postgresql-isready image: {{ .Values.postgresql.image.registry | default "docker.io" }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} - {{- with .Values.nextcloud.postgresqlInitContainerSecurityContext }} + {{- with .Values.nextcloud.postgreSqlInitContainer.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index de0ff0ba..0bfa4187 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -213,12 +213,6 @@ nextcloud: # runAsNonRoot: true # readOnlyRootFilesystem: false - # Set mariadb initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive - mariadbInitContainerSecurityContext: {} - - # Set postgresql initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive - postgresqlInitContainerSecurityContext: {} - # Set securityContext parameters for the entire pod. For example, you may need to define runAsNonRoot directive podSecurityContext: {} # runAsUser: 33 @@ -226,6 +220,17 @@ nextcloud: # runAsNonRoot: true # readOnlyRootFilesystem: false + # Settings for the MariaDB init container + mariaDbInitContainer: + # Set mariadb initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive + securityContext: {} + + # Settings for the PostgreSQL init container + postgreSqlInitContainer: + # Set postgresql initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive + securityContext: {} + + nginx: ## You need to set an fpm version of the image for nextcloud if you want to use nginx! enabled: false From cf19396bf25c4366bd6bcaca0e2b2531526c41cc Mon Sep 17 00:00:00 2001 From: JesseBot Date: Mon, 1 Jul 2024 09:57:35 +0200 Subject: [PATCH 16/17] Add setting of NEXTCLOUD_SERVER and NEXTCLOUD_INFO_APPS for metrics exporter and clean up docs (#587) Signed-off-by: jessebot --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/README.md | 165 +++++++++--------- .../templates/metrics/deployment.yaml | 7 + charts/nextcloud/values.yaml | 7 + 4 files changed, 99 insertions(+), 82 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 6f22e480..a4e1c078 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 5.1.0 +version: 5.2.0 appVersion: 29.0.3 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index 4df1a770..40550fc6 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -210,46 +210,46 @@ For convenience, we packages the following Bitnami charts for databases (feel fr If you choose to use one of the prepackaged Bitnami helm charts, you must configure both the `externalDatabase` parameters, and the parameters for the chart you choose. For instance, if you choose to use the Bitnami PostgreSQL chart that we've prepackaged, you need to also configure all the parameters for `postgresql`. You do not need to use the Bitnami helm charts. If you want to use an already configured database that you have externally, just set `internalDatabase.enabled` to `false`, and configure the `externalDatabase` parameters below. -| Parameter | Description | Default | -|----------------------------------------------------------------------|----------------------------------------------------------------------------------------|-----------------------| -| `internalDatabase.enabled` | Whether to use internal sqlite database | `true` | -| `internalDatabase.database` | Name of the existing database | `nextcloud` | -| `externalDatabase.enabled` | Whether to use external database | `false` | -| `externalDatabase.type` | External database type: `mysql`, `postgresql` | `mysql` | -| `externalDatabase.host` | Host of the external database in form of `host:port` | `nil` | -| `externalDatabase.database` | Name of the existing database | `nextcloud` | -| `externalDatabase.user` | Existing username in the external db | `nextcloud` | -| `externalDatabase.password` | Password for the above username | `nil` | -| `externalDatabase.existingSecret.enabled` | Whether to use a existing secret or not | `false` | -| `externalDatabase.existingSecret.secretName` | Name of the existing secret | `nil` | -| `externalDatabase.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | -| `externalDatabase.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | -| `externalDatabase.existingSecret.hostKey` | Name of the key that contains the database hostname or IP address | `nil` | -| `externalDatabase.existingSecret.databaseKey` | Name of the key that contains the database name | `nil` | -| `mariadb.enabled` | Whether to use the MariaDB chart | `false` | -| `mariadb.auth.database` | Database name to create | `nextcloud` | -| `mariadb.auth.username` | Database user to create | `nextcloud` | -| `mariadb.auth.password` | Password for the database | `changeme` | -| `mariadb.auth.rootPassword` | MariaDB admin password | `nil` | -| `mariadb.auth.existingSecret` | Use existing secret for MariaDB password details; see values.yaml for more detail | `''` | -| `mariadb.image.registry` | MariaDB image registry | `docker.io` | -| `mariadb.image.repository` | MariaDB image repository | `bitnami/mariadb` | -| `mariadb.image.tag` | MariaDB image tag | `` | -| `mariadb.primary.persistence.enabled` | Whether or not to Use a PVC on MariaDB primary | `false` | -| `mariadb.primary.persistence.existingClaim` | Use an existing PVC for MariaDB primary | `nil` | -| `postgresql.enabled` | Whether to use the PostgreSQL chart | `false` | -| `postgresql.image.registry` | PostgreSQL image registry | `docker.io` | -| `postgresql.image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `postgresql.image.tag` | PostgreSQL image tag | `15.4.0-debian-11-r10`| -| `postgresql.global.postgresql.auth.database` | Database name to create | `nextcloud` | -| `postgresql.global.postgresql.auth.username` | Database user to create | `nextcloud` | -| `postgresql.global.postgresql.auth.password` | Password for the database | `changeme` | -| `postgresql.global.postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `''` | -| `postgresql.global.postgresql.auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL admin password | `''` | -| `postgresql.global.postgresql.auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL user password | `''` | -| `postgresql.global.postgresql.auth.secretKeys.replicationPasswordKey`| Name of key in existing secret to use for PostgreSQL replication password | `''` | -| `postgresql.primary.persistence.enabled` | Whether or not to use PVC on PostgreSQL primary | `false` | -| `postgresql.primary.persistence.existingClaim` | Use an existing PVC for PostgreSQL primary | `nil` | +| Parameter | Description | Default | +|-----------------------------------------------------------------------|-----------------------------------------------------------------------------------|------------------------| +| `internalDatabase.enabled` | Whether to use internal sqlite database | `true` | +| `internalDatabase.database` | Name of the existing database | `nextcloud` | +| `externalDatabase.enabled` | Whether to use external database | `false` | +| `externalDatabase.type` | External database type: `mysql`, `postgresql` | `mysql` | +| `externalDatabase.host` | Host of the external database in form of `host:port` | `nil` | +| `externalDatabase.database` | Name of the existing database | `nextcloud` | +| `externalDatabase.user` | Existing username in the external db | `nextcloud` | +| `externalDatabase.password` | Password for the above username | `nil` | +| `externalDatabase.existingSecret.enabled` | Whether to use a existing secret or not | `false` | +| `externalDatabase.existingSecret.secretName` | Name of the existing secret | `nil` | +| `externalDatabase.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | +| `externalDatabase.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | +| `externalDatabase.existingSecret.hostKey` | Name of the key that contains the database hostname or IP address | `nil` | +| `externalDatabase.existingSecret.databaseKey` | Name of the key that contains the database name | `nil` | +| `mariadb.enabled` | Whether to use the MariaDB chart | `false` | +| `mariadb.auth.database` | Database name to create | `nextcloud` | +| `mariadb.auth.username` | Database user to create | `nextcloud` | +| `mariadb.auth.password` | Password for the database | `changeme` | +| `mariadb.auth.rootPassword` | MariaDB admin password | `nil` | +| `mariadb.auth.existingSecret` | Use existing secret for MariaDB password details; see values.yaml for more detail | `''` | +| `mariadb.image.registry` | MariaDB image registry | `docker.io` | +| `mariadb.image.repository` | MariaDB image repository | `bitnami/mariadb` | +| `mariadb.image.tag` | MariaDB image tag | `` | +| `mariadb.primary.persistence.enabled` | Whether or not to Use a PVC on MariaDB primary | `false` | +| `mariadb.primary.persistence.existingClaim` | Use an existing PVC for MariaDB primary | `nil` | +| `postgresql.enabled` | Whether to use the PostgreSQL chart | `false` | +| `postgresql.image.registry` | PostgreSQL image registry | `docker.io` | +| `postgresql.image.repository` | PostgreSQL image repository | `bitnami/postgresql` | +| `postgresql.image.tag` | PostgreSQL image tag | `15.4.0-debian-11-r10` | +| `postgresql.global.postgresql.auth.database` | Database name to create | `nextcloud` | +| `postgresql.global.postgresql.auth.username` | Database user to create | `nextcloud` | +| `postgresql.global.postgresql.auth.password` | Password for the database | `changeme` | +| `postgresql.global.postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `''` | +| `postgresql.global.postgresql.auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL admin password | `''` | +| `postgresql.global.postgresql.auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL user password | `''` | +| `postgresql.global.postgresql.auth.secretKeys.replicationPasswordKey` | Name of key in existing secret to use for PostgreSQL replication password | `''` | +| `postgresql.primary.persistence.enabled` | Whether or not to use PVC on PostgreSQL primary | `false` | +| `postgresql.primary.persistence.existingClaim` | Use an existing PVC for PostgreSQL primary | `nil` | Is there a missing parameter for one of the Bitnami helm charts listed above? Please feel free to submit a PR to add that parameter in our values.yaml, but be sure to also update this README file :) @@ -261,50 +261,53 @@ Persistent Volume Claims are used to keep the data across deployments. This is k Nextcloud will *not* delete the PVCs when uninstalling the helm chart. -| Parameter | Description | Default | -|----------------------------------------------------------------------|----------------------------------------------------------------------------------------|----------------------------------------------| -| `persistence.enabled` | Enable persistence using PVC | `false` | -| `persistence.annotations` | PVC annotations | `{}` | -| `persistence.storageClass` | PVC Storage Class for nextcloud volume | `nil` (uses alpha storage class annotation) | -| `persistence.existingClaim` | An Existing PVC name for nextcloud volume | `nil` (uses alpha storage class annotation) | -| `persistence.accessMode` | PVC Access Mode for nextcloud volume | `ReadWriteOnce` | -| `persistence.size` | PVC Storage Request for nextcloud volume | `8Gi` | -| `persistence.nextcloudData.enabled` | Create a second PVC for the data folder in nextcloud | `false` | -| `persistence.nextcloudData.annotations` | see `persistence.annotations` | `{}` | -| `persistence.nextcloudData.storageClass` | see `persistence.storageClass` | `nil` (uses alpha storage class annotation) | -| `persistence.nextcloudData.existingClaim` | see `persistence.existingClaim` | `nil` (uses alpha storage class annotation) | -| `persistence.nextcloudData.accessMode` | see `persistence.accessMode` | `ReadWriteOnce` | -| `persistence.nextcloudData.size` | see `persistence.size` | `8Gi` | +| Parameter | Description | Default | +|-------------------------------------------|------------------------------------------------------|---------------------------------------------| +| `persistence.enabled` | Enable persistence using PVC | `false` | +| `persistence.annotations` | PVC annotations | `{}` | +| `persistence.storageClass` | PVC Storage Class for nextcloud volume | `nil` (uses alpha storage class annotation) | +| `persistence.existingClaim` | An Existing PVC name for nextcloud volume | `nil` (uses alpha storage class annotation) | +| `persistence.accessMode` | PVC Access Mode for nextcloud volume | `ReadWriteOnce` | +| `persistence.size` | PVC Storage Request for nextcloud volume | `8Gi` | +| `persistence.nextcloudData.enabled` | Create a second PVC for the data folder in nextcloud | `false` | +| `persistence.nextcloudData.annotations` | see `persistence.annotations` | `{}` | +| `persistence.nextcloudData.storageClass` | see `persistence.storageClass` | `nil` (uses alpha storage class annotation) | +| `persistence.nextcloudData.existingClaim` | see `persistence.existingClaim` | `nil` (uses alpha storage class annotation) | +| `persistence.nextcloudData.accessMode` | see `persistence.accessMode` | `ReadWriteOnce` | +| `persistence.nextcloudData.size` | see `persistence.size` | `8Gi` | ### Metrics Configurations We include an optional experimental Nextcloud Metrics exporter from [xperimental/nextcloud-exporter](https://github.com/xperimental/nextcloud-exporter). -| Parameter | Description | Default | -|----------------------------------------|------------------------------------------------------------------------------|--------------------------------------------------------------| -| `metrics.enabled` | Start Prometheus metrics exporter | `false` | -| `metrics.https` | Defines if https is used to connect to nextcloud | `false` (uses http) | -| `metrics.token` | Uses token for auth instead of username/password | `""` | -| `metrics.timeout` | When the scrape times out | `5s` | -| `metrics.tlsSkipVerify` | Skips certificate verification of Nextcloud server | `false` | -| `metrics.image.repository` | Nextcloud metrics exporter image name | `xperimental/nextcloud-exporter` | -| `metrics.image.tag` | Nextcloud metrics exporter image tag | `0.6.2` | -| `metrics.image.pullPolicy` | Nextcloud metrics exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Nextcloud metrics exporter image pull secrets | `nil` | -| `metrics.podAnnotations` | Additional annotations for metrics exporter | not set | -| `metrics.podLabels` | Additional labels for metrics exporter | not set | -| `metrics.service.type` | Metrics: Kubernetes Service type | `ClusterIP` | -| `metrics.service.loadBalancerIP` | Metrics: LoadBalancerIp for service type LoadBalancer | `nil` | -| `metrics.service.nodePort` | Metrics: NodePort for service type NodePort | `nil` | -| `metrics.service.annotations` | Additional annotations for service metrics exporter | `{prometheus.io/scrape: "true", prometheus.io/port: "9205"}` | -| `metrics.service.labels` | Additional labels for service metrics exporter | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `` | -| `metrics.serviceMonitor.jobLabel` | Name of the label on the target service to use as the job name in prometheus | `` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `` | -| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{} | +| Parameter | Description | Default | +|----------------------------------------|-------------------------------------------------------------------------------------|--------------------------------------------------------------| +| `metrics.enabled` | Start Prometheus metrics exporter | `false` | +| `metrics.replicaCount` | Number of nextcloud-metrics pod replicas to deploy | `1` | +| `metrics.server` | Nextcloud Server URL to get metrics from. If not provided, defaults to service name | `""` | +| `metrics.https` | Defines if https is used to connect to nextcloud | `false` (uses http) | +| `metrics.token` | Uses token for auth instead of username/password | `""` | +| `metrics.timeout` | When the scrape times out | `5s` | +| `metrics.tlsSkipVerify` | Skips certificate verification of Nextcloud server | `false` | +| `metrics.info.apps` | Enable gathering of apps-related metrics. | `false` | +| `metrics.image.repository` | Nextcloud metrics exporter image name | `xperimental/nextcloud-exporter` | +| `metrics.image.tag` | Nextcloud metrics exporter image tag | `0.6.2` | +| `metrics.image.pullPolicy` | Nextcloud metrics exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Nextcloud metrics exporter image pull secrets | `nil` | +| `metrics.podAnnotations` | Additional annotations for metrics exporter | not set | +| `metrics.podLabels` | Additional labels for metrics exporter | not set | +| `metrics.service.type` | Metrics: Kubernetes Service type | `ClusterIP` | +| `metrics.service.loadBalancerIP` | Metrics: LoadBalancerIp for service type LoadBalancer | `nil` | +| `metrics.service.nodePort` | Metrics: NodePort for service type NodePort | `nil` | +| `metrics.service.annotations` | Additional annotations for service metrics exporter | `{prometheus.io/scrape: "true", prometheus.io/port: "9205"}` | +| `metrics.service.labels` | Additional labels for service metrics exporter | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `` | +| `metrics.serviceMonitor.jobLabel` | Name of the label on the target service to use as the job name in prometheus | `` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `` | +| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{} | @@ -394,7 +397,7 @@ nginx ### Service discovery with nginx and ingress -For service discovery (CalDAV, CardDAV, webfinger, nodeinfo) to work you need to add redirects to your ingress. +For service discovery (CalDAV, CardDAV, webfinger, nodeinfo) to work you need to add redirects to your ingress. If you use the [ingress-nginx](https://github.com/kubernetes/ingress-nginx) you can use the following server snippet annotation: @@ -515,10 +518,10 @@ kubectl exec $NEXTCLOUD_POD -- su -s /bin/sh www-data -c "php occ recognize:down ``` # Backups -Check out the [official Nextcloud backup docs](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html). For your files, if you're using persistent volumes, and you'd like to back up to s3 backed storage (such as minio), consider using [k8up](https://github.com/k8up-io/k8up) or [velero](https://github.com/vmware-tanzu/velero). +Check out the [official Nextcloud backup docs](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html). For your files, if you're using persistent volumes, and you'd like to back up to s3 backed storage (such as minio), consider using [k8up](https://github.com/k8up-io/k8up) or [velero](https://github.com/vmware-tanzu/velero). # Upgrades -Since this chart utilizes the [nextcloud/docker](https://github.com/nextcloud/docker) image, provided you are using persistent volumes, [upgrades of your Nextcloud server are handled automatically](https://github.com/nextcloud/docker#update-to-a-newer-version) from one version to the next, however, you can only upgrade one major version at a time. For example, if you want to upgrade from version `25` to `27`, you will have to upgrade from version `25` to `26`, then from `26` to `27`. Since our docker tag is set via the [`appVersion` in `Chart.yaml`](https://github.com/nextcloud/helm/blob/main/charts/nextcloud/Chart.yaml#L4), you'll need to make sure you gradually upgrade the helm chart if you have missed serveral app versions. +Since this chart utilizes the [nextcloud/docker](https://github.com/nextcloud/docker) image, provided you are using persistent volumes, [upgrades of your Nextcloud server are handled automatically](https://github.com/nextcloud/docker#update-to-a-newer-version) from one version to the next, however, you can only upgrade one major version at a time. For example, if you want to upgrade from version `25` to `27`, you will have to upgrade from version `25` to `26`, then from `26` to `27`. Since our docker tag is set via the [`appVersion` in `Chart.yaml`](https://github.com/nextcloud/helm/blob/main/charts/nextcloud/Chart.yaml#L4), you'll need to make sure you gradually upgrade the helm chart if you have missed serveral app versions. ⚠️ *Before Upgrading Nextcloud or the attached database, always make sure you take [backups](#backups)!* diff --git a/charts/nextcloud/templates/metrics/deployment.yaml b/charts/nextcloud/templates/metrics/deployment.yaml index b52f405d..27dae552 100644 --- a/charts/nextcloud/templates/metrics/deployment.yaml +++ b/charts/nextcloud/templates/metrics/deployment.yaml @@ -59,12 +59,19 @@ spec: key: {{ .Values.nextcloud.existingSecret.passwordKey }} {{- end }} # NEXTCLOUD_SERVER is used by metrics-exporter to reach the Nextcloud (K8s-)Service to grab the serverinfo api endpoint + {{- if not .Values.metrics.server }} - name: NEXTCLOUD_SERVER # deployment.namespace.svc.cluster.local value: "http{{ if .Values.metrics.https }}s{{ end }}://{{ template "nextcloud.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.port }}" + {{- else }} + - name: NEXTCLOUD_SERVER + value: {{ .Values.metrics.server }} + {{- end }} - name: NEXTCLOUD_TIMEOUT value: {{ .Values.metrics.timeout }} - name: NEXTCLOUD_TLS_SKIP_VERIFY value: {{ .Values.metrics.tlsSkipVerify | quote }} + - name: NEXTCLOUD_INFO_APPS + value: {{ .Values.metrics.info.apps | quote }} ports: - name: metrics containerPort: 9205 diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index 0bfa4187..fc3f18e5 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -497,6 +497,9 @@ metrics: enabled: false replicaCount: 1 + # Optional: becomes NEXTCLOUD_SERVER env var in the nextcloud-exporter container. + # Without it, we will use the full name of the nextcloud service + server: "" # The metrics exporter needs to know how you serve Nextcloud either http or https https: false # Use API token if set, otherwise fall back to password authentication @@ -506,6 +509,10 @@ metrics: timeout: 5s # if set to true, exporter skips certificate verification of Nextcloud server. tlsSkipVerify: false + info: + # Optional: becomes NEXTCLOUD_INFO_APPS env var in the nextcloud-exporter container. + # Enables gathering of apps-related metrics. Defaults to false + apps: false image: repository: xperimental/nextcloud-exporter From 2192ce8c092e081eaab97621d622778e067ff16a Mon Sep 17 00:00:00 2001 From: FreekO Date: Mon, 22 Jul 2024 12:13:00 +0200 Subject: [PATCH 17/17] Add: Redis persistent volumes settings to values (#549) * Add: Redis persistent volumes settings to values Signed-off-by: FreekO * Bump chart version Signed-off-by: FreekO --------- Signed-off-by: FreekO Signed-off-by: JesseBot Co-authored-by: JesseBot --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/README.md | 3 +++ charts/nextcloud/values.yaml | 9 +++++++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index a4e1c078..dae94e71 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 5.2.0 +version: 5.2.1 appVersion: 29.0.3 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index 40550fc6..5309f4a9 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -155,6 +155,9 @@ The following table lists the configurable parameters of the nextcloud chart and | `redis.auth.password` | The password redis uses | `''` | | `redis.auth.existingSecret` | The name of an existing secret with Redis® credentials | `''` | | `redis.auth.existingSecretPasswordKey` | Password key to be retrieved from existing secret | `''` | +| `redis.global.storageClass` | PVC Storage Class for both Redis® master and replica Persistent Volumes | `''` | +| `redis.master.persistence.enabled` | Enable persistence on Redis® master nodes using Persistent Volume Claims | `true` | +| `redis.replica.persistence.enabled` | Enable persistence on Redis® replica nodes using Persistent Volume Claims | `true` | | `cronjob.enabled` | Whether to enable/disable cron jobs sidecar | `false` | | `cronjob.lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand for the cron jobs sidecar | `nil` | | `cronjob.lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand for the cron jobs sidecar | `nil` | diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index fc3f18e5..2e5d8df4 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -371,6 +371,15 @@ redis: existingSecret: "" # Password key to be retrieved from existing secret existingSecretPasswordKey: "" + # Since Redis is used for caching only, you might want to use a storageClass with different reclaim policy and backup settings + global: + storageClass: "" + master: + persistence: + enabled: true + replica: + persistence: + enabled: true ## Cronjob to execute Nextcloud background tasks