From e093fdb8da92bf132038695b7e2e67debf03531f Mon Sep 17 00:00:00 2001 From: Jeff Billimek Date: Sun, 30 Aug 2020 22:53:11 -0400 Subject: [PATCH] remove git merge cruft Signed-off-by: Jeff Billimek --- .helmignore | 21 -- Chart.yaml | 20 -- OWNERS | 6 - requirements.lock | 9 - requirements.yaml | 9 - templates/NOTES.txt | 94 -------- templates/_helpers.tpl | 49 ---- templates/config.yaml | 127 ---------- templates/cronjob.yaml | 71 ------ templates/db-secret.yaml | 22 -- templates/deployment.yaml | 357 ---------------------------- templates/hpa.yaml | 19 -- templates/ingress.yaml | 30 --- templates/metrics-deployment.yaml | 54 ----- templates/metrics-service.yaml | 31 --- templates/nextcloud-pvc.yaml | 30 --- templates/nginx-config.yaml | 185 --------------- templates/php-config.yaml | 16 -- templates/secrets.yaml | 21 -- templates/service.yaml | 24 -- values-mariadb.yaml | 5 - values.yaml | 383 ------------------------------ 22 files changed, 1583 deletions(-) delete mode 100644 .helmignore delete mode 100644 Chart.yaml delete mode 100644 OWNERS delete mode 100644 requirements.lock delete mode 100644 requirements.yaml delete mode 100644 templates/NOTES.txt delete mode 100644 templates/_helpers.tpl delete mode 100644 templates/config.yaml delete mode 100644 templates/cronjob.yaml delete mode 100644 templates/db-secret.yaml delete mode 100644 templates/deployment.yaml delete mode 100644 templates/hpa.yaml delete mode 100644 templates/ingress.yaml delete mode 100644 templates/metrics-deployment.yaml delete mode 100644 templates/metrics-service.yaml delete mode 100644 templates/nextcloud-pvc.yaml delete mode 100644 templates/nginx-config.yaml delete mode 100644 templates/php-config.yaml delete mode 100644 templates/secrets.yaml delete mode 100644 templates/service.yaml delete mode 100644 values-mariadb.yaml delete mode 100644 values.yaml diff --git a/.helmignore b/.helmignore deleted file mode 100644 index f0c13194..00000000 --- a/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/Chart.yaml b/Chart.yaml deleted file mode 100644 index 381f9a24..00000000 --- a/Chart.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v1 -name: nextcloud -version: 1.12.0 -appVersion: 17.0.0 -description: A file sharing server that puts the control and security of your own data back into your hands. -keywords: -- nextcloud -- storage -- http -- web -- php -home: https://nextcloud.com/ -icon: https://cdn.rawgit.com/docker-library/docs/defa5ffc7123177acd60ddef6e16bddf694cc35f/nextcloud/logo.svg -sources: -- https://github.com/nextcloud/docker -maintainers: -- name: chrisingenhaag - email: christian.ingenhaag@googlemail.com -- name: billimek - email: jeff@billimek.com diff --git a/OWNERS b/OWNERS deleted file mode 100644 index 7936f915..00000000 --- a/OWNERS +++ /dev/null @@ -1,6 +0,0 @@ -approvers: -- chrisingenhaag -- billimek -reviewers: -- chrisingenhaag -- billimek diff --git a/requirements.lock b/requirements.lock deleted file mode 100644 index 1b07933e..00000000 --- a/requirements.lock +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: -- name: mariadb - repository: https://kubernetes-charts.storage.googleapis.com/ - version: 7.1.0 -- name: redis - repository: https://kubernetes-charts.storage.googleapis.com/ - version: 10.0.1 -digest: sha256:88489b3a1a5bf1cd3f9e264e540f8c3515d40020bb1073f3bb281f0da56efc3f -generated: "2019-11-28T12:08:10.111637339+01:00" diff --git a/requirements.yaml b/requirements.yaml deleted file mode 100644 index 396290f5..00000000 --- a/requirements.yaml +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: -- name: mariadb - version: ~7.1.0 - repository: https://kubernetes-charts.storage.googleapis.com/ - condition: mariadb.enabled -- name: redis - version: ~10.0.1 - repository: https://kubernetes-charts.storage.googleapis.com/ - condition: redis.enabled diff --git a/templates/NOTES.txt b/templates/NOTES.txt deleted file mode 100644 index c5eb47e5..00000000 --- a/templates/NOTES.txt +++ /dev/null @@ -1,94 +0,0 @@ -{{- if or .Values.mariadb.enabled .Values.externalDatabase.host -}} - -{{- if empty .Values.nextcloud.host -}} -################################################################################# -### WARNING: You did not provide an external host in your 'helm install' call ### -################################################################################# - -This deployment will be incomplete until you configure nextcloud with a resolvable -host. To configure nextcloud with the URL of your service: - -1. Get the nextcloud URL by running: - - {{- if contains "NodePort" .Values.service.type }} - - export APP_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}") - export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - - {{- else if contains "LoadBalancer" .Values.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "nextcloud.fullname" . }}' - - export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") - export APP_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.data.nextcloud-password}" | base64 --decode) - {{- if .Values.mariadb.db.password }} - export APP_DATABASE_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.mariadb.fullname" . }} -o jsonpath="{.data.mariadb-password}" | base64 --decode) - {{- end }} - {{- end }} - -2. Complete your nextcloud deployment by running: - -{{- if .Values.mariadb.enabled }} - - helm upgrade {{ .Release.Name }} stable/nextcloud \ - --set nextcloud.host=$APP_HOST,nextcloud.password=$APP_PASSWORD{{ if .Values.mariadb.db.password }},mariadb.db.password=$APP_DATABASE_PASSWORD{{ end }} -{{- else }} - - ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## - - helm upgrade {{ .Release.Name }} stable/nextcloud \ - --set nextcloud.password=$APP_PASSWORD,nextcloud.host=$APP_HOST,service.type={{ .Values.service.type }},mariadb.enabled=false{{- if not (empty .Values.externalDatabase.host) }},externalDatabase.host={{ .Values.externalDatabase.host }}{{- end }}{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }} -{{- end }} - -{{- else -}} -1. Get the nextcloud URL by running: - -{{- if eq .Values.service.type "ClusterIP" }} - - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "nextcloud.fullname" . }}" -o jsonpath="{.items[0].metadata.name}") - echo http://127.0.0.1:8080/ - kubectl port-forward $POD_NAME 8080:8080 -{{- else }} - - echo http://{{ .Values.nextcloud.host }}/ -{{- end }} - -2. Get your nextcloud login credentials by running: - - echo User: {{ .Values.nextcloud.username }} - echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.data.nextcloud-password}" | base64 --decode) -{{- end }} - -{{- else -}} - -####################################################################################################### -## WARNING: You did not provide an external database host in your 'helm install' call ## -## Running Nextcloud with the integrated sqlite database is not recommended for production instances ## -####################################################################################################### - -For better performance etc. you have to configure nextcloud with a resolvable database -host. To configure nextcloud to use and external database host: - - -1. Complete your nextcloud deployment by running: - -{{- if contains "NodePort" .Values.service.type }} - export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") -{{- else if contains "LoadBalancer" .Values.service.type }} - - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "nextcloud.fullname" . }}' - - export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") -{{- else }} - - export APP_HOST=127.0.0.1 -{{- end }} - export APP_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.data.nextcloud-password}" | base64 --decode) - - ## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ## - - helm upgrade {{ .Release.Name }} stable/nextcloud \ - --set nextcloud.password=$APP_PASSWORD,nextcloud.host=$APP_HOST,service.type={{ .Values.service.type }},mariadb.enabled=false{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }},externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST -{{- end }} diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl deleted file mode 100644 index 87c6e91d..00000000 --- a/templates/_helpers.tpl +++ /dev/null @@ -1,49 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "nextcloud.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "nextcloud.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "nextcloud.mariadb.fullname" -}} -{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - - -{{/* -Create a default fully qualified redis app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "nextcloud.redis.fullname" -}} -{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "nextcloud.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/templates/config.yaml b/templates/config.yaml deleted file mode 100644 index 7fb2ade6..00000000 --- a/templates/config.yaml +++ /dev/null @@ -1,127 +0,0 @@ -{{- if .Values.nextcloud.configs -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "nextcloud.fullname" . }}-config - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -data: -{{- range $key, $value := .Values.nextcloud.configs }} - {{ $key }}: |- -{{ $value | indent 4 }} -{{- end }} -{{- if .Values.nextcloud.defaultConfigs }} -{{- if index .Values.nextcloud.defaultConfigs ".htaccess" }} - .htaccess: |- - # line below if for Apache 2.4 - - Require all denied - - # line below if for Apache 2.2 - - deny from all - - # section for Apache 2.2 and 2.4 - - IndexIgnore * - -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "redis.config.php" }} - redis.config.php: |- - '\OC\Memcache\Redis', - 'memcache.locking' => '\OC\Memcache\Redis', - 'redis' => array( - 'host' => getenv('REDIS_HOST'), - 'port' => getenv('REDIS_HOST_PORT') ?: 6379, - ), - ); - } -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "apache-pretty-urls.config.php" }} - apache-pretty-urls.config.php: |- - '/', - ); -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "apcu.config.php" }} - apcu.config.php: |- - '\OC\Memcache\APCu', - ); -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "apps.config.php" }} - apps.config.php: |- - array ( - 0 => array ( - "path" => OC::$SERVERROOT."/apps", - "url" => "/apps", - "writable" => false, - ), - 1 => array ( - "path" => OC::$SERVERROOT."/custom_apps", - "url" => "/custom_apps", - "writable" => true, - ), - ), - ); -{{- end }} -{{- if index .Values.nextcloud.defaultConfigs "autoconfig.php" }} - autoconfig.php: |- - 'smtp', - 'mail_smtphost' => getenv('SMTP_HOST'), - 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), - 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), - 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', - 'mail_smtpname' => getenv('SMTP_NAME') ?: '', - 'mail_smtppassword' => getenv('SMTP_PASSWORD') ?: '', - 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), - 'mail_domain' => getenv('MAIL_DOMAIN'), - ); - } -{{- end }} -{{- end }} -{{- end }} diff --git a/templates/cronjob.yaml b/templates/cronjob.yaml deleted file mode 100644 index 25301d77..00000000 --- a/templates/cronjob.yaml +++ /dev/null @@ -1,71 +0,0 @@ -{{- if .Values.cronjob.enabled }} -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: {{ template "nextcloud.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - annotations: -{{ toYaml .Values.cronjob.annotations | indent 4 }} -spec: - schedule: "{{ .Values.cronjob.schedule }}" - concurrencyPolicy: Forbid - {{- with .Values.cronjob.failedJobsHistoryLimit }} - failedJobsHistoryLimit: {{ . }} - {{- end }} - {{- with .Values.cronjob.successfulJobsHistoryLimit }} - successfulJobsHistoryLimit: {{ . }} - {{- end }} - jobTemplate: - metadata: - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - spec: - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - spec: - restartPolicy: Never - {{- if (default .Values.image.pullSecrets .Values.cronjob.image.pullSecrets) }} - imagePullSecrets: - {{- range (default .Values.image.pullSecrets .Values.cronjob.image.pullSecrets) }} - - name: {{ . }} - {{- end }} - {{- end }} - containers: - - name: {{ .Chart.Name }} - image: "{{ default .Values.image.repository .Values.cronjob.image.repository }}:{{ default .Values.image.tag .Values.cronjob.image.tag }}" - imagePullPolicy: {{ default .Values.image.pullPolicy .Values.cronjob.image.pullPolicy }} - command: [ "curl" ] - args: - {{- if .Values.cronjob.curlInsecure }} - - "-k" - {{- end }} - - "--fail" - - "-L" - {{- if .Values.ingress.tls }} - - "https://{{ .Values.nextcloud.host }}/cron.php" - {{- else }} - - "http://{{ .Values.nextcloud.host }}/cron.php" - {{- end }} - resources: -{{ toYaml (default .Values.resources .Values.cronjob.resources) | indent 16 }} - {{- with (default .Values.nodeSelector .Values.cronjob.nodeSelector) }} - nodeSelector: -{{ toYaml . | indent 12 }} - {{- end }} - {{- with (default .Values.affinity .Values.cronjob.affinity) }} - affinity: -{{ toYaml . | indent 12 }} - {{- end }} - {{- with (default .Values.tolerations .Values.cronjob.tolerations) }} - tolerations: -{{ toYaml . | indent 12 }}: - {{- end }} -{{- end }} diff --git a/templates/db-secret.yaml b/templates/db-secret.yaml deleted file mode 100644 index 790b65b7..00000000 --- a/templates/db-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if or .Values.mariadb.enabled .Values.externalDatabase.enabled }} -{{- if not .Values.externalDatabase.existingSecret.enabled }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ printf "%s-%s" .Release.Name "db" }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -type: Opaque -data: - {{- if .Values.mariadb.enabled }} - db-password: {{ default "" .Values.mariadb.db.password | b64enc | quote }} - db-username: {{ default "" .Values.mariadb.db.user | b64enc | quote }} - {{- else }} - db-password: {{ default "" .Values.externalDatabase.password | b64enc | quote }} - db-username: {{ default "" .Values.externalDatabase.user | b64enc | quote }} - {{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/templates/deployment.yaml b/templates/deployment.yaml deleted file mode 100644 index 3a395a43..00000000 --- a/templates/deployment.yaml +++ /dev/null @@ -1,357 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "nextcloud.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - {{- if .Values.deploymentAnnotations }} - annotations: -{{ toYaml .Values.deploymentAnnotations | indent 4 }} - {{- end }} -spec: - replicas: {{ .Values.replicaCount }} - strategy: -{{ toYaml .Values.nextcloud.strategy | indent 4 }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - {{- if .Values.redis.enabled }} - {{ template "nextcloud.redis.fullname" . }}-client: "true" - {{- end }} - {{- if .Values.podAnnotations }} - annotations: -{{ toYaml .Values.podAnnotations | indent 8 }} - {{- end }} - spec: - {{- if .Values.image.pullSecrets }} - imagePullSecrets: - {{- range .Values.image.pullSecrets }} - - name: {{ . }} - {{- end}} - {{- end }} - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.lifecycle }} - lifecycle: - {{- if .Values.lifecycle.postStartCommand }} - postStart: - exec: - command: - {{- toYaml .Values.lifecycle.postStartCommand | nindent 16 -}} - {{- end }} - {{- if .Values.lifecycle.preStopCommand }} - preStop: - exec: - command: - {{- toYaml .Values.lifecycle.preStopCommand | nindent 16 -}} - {{- end }} - {{- end }} - env: - {{- if .Values.internalDatabase.enabled }} - - name: SQLITE_DATABASE - value: {{ .Values.internalDatabase.name | quote }} - {{- else if .Values.mariadb.enabled }} - - name: MYSQL_HOST - value: {{ template "nextcloud.mariadb.fullname" . }} - - name: MYSQL_DATABASE - value: {{ .Values.mariadb.db.name | quote }} - - name: MYSQL_USER - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} - {{- else }} - {{- if eq .Values.externalDatabase.type "postgresql" }} - - name: POSTGRES_HOST - value: {{ .Values.externalDatabase.host | quote }} - - name: POSTGRES_DB - value: {{ .Values.externalDatabase.database | quote }} - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} - {{- else }} - - name: MYSQL_HOST - value: {{ .Values.externalDatabase.host | quote }} - - name: MYSQL_DATABASE - value: {{ .Values.externalDatabase.database | quote }} - - name: MYSQL_USER - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }} - - name: MYSQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }} - key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }} - {{- end }} - {{- end }} - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: nextcloud-username - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: nextcloud-password - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: {{ .Values.nextcloud.host }} - {{- if ne (int .Values.nextcloud.update) 0 }} - - name: NEXTCLOUD_UPDATE - value: {{ .Values.nextcloud.update | quote }} - {{- end }} - - name: NEXTCLOUD_DATA_DIR - value: {{ .Values.nextcloud.datadir | quote }} - {{- if .Values.nextcloud.tableprefix }} - - name: NEXTCLOUD_TABLE_PREFIX - value: {{ .Values.nextcloud.tableprefix | quote }} - {{- end }} - {{- if .Values.nextcloud.mail.enabled }} - - name: MAIL_FROM_ADDRESS - value: {{ .Values.nextcloud.mail.fromAddress | quote }} - - name: MAIL_DOMAIN - value: {{ .Values.nextcloud.mail.domain | quote }} - - name: SMTP_HOST - value: {{ .Values.nextcloud.mail.smtp.host | quote }} - - name: SMTP_SECURE - value: {{ .Values.nextcloud.mail.smtp.secure | quote }} - - name: SMTP_PORT - value: {{ .Values.nextcloud.mail.smtp.port | quote }} - - name: SMTP_AUTHTYPE - value: {{ .Values.nextcloud.mail.smtp.authtype | quote }} - - name: SMTP_NAME - valueFrom: - secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: smtp-username - - name: SMTP_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: smtp-password - {{- end }} - {{- if .Values.redis.enabled }} - - name: REDIS_HOST - value: {{ template "nextcloud.redis.fullname" . }}-master - - name: REDIS_HOST_PORT - value: {{ .Values.redis.redisPort | quote }} - {{- end }} - {{- if .Values.nextcloud.extraEnv }} -{{ toYaml .Values.nextcloud.extraEnv | indent 8 }} - {{- end }} - {{- if not .Values.nginx.enabled }} - ports: - - name: http - containerPort: 80 - protocol: TCP - {{- end }} - {{- if and .Values.livenessProbe.enabled (not .Values.nginx.enabled) }} - livenessProbe: - httpGet: - path: /status.php - port: http - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if and .Values.readinessProbe.enabled (not .Values.nginx.enabled) }} - readinessProbe: - httpGet: - path: /status.php - port: http - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - resources: -{{ toYaml .Values.resources | indent 10 }} - volumeMounts: - - name: nextcloud-data - mountPath: /var/www/ - subPath: {{ ternary "root" (printf "%s/%s" .Values.nextcloud.persistence.subPath "root") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html - subPath: {{ ternary "html" (printf "%s/%s" .Values.nextcloud.persistence.subPath "html") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: {{ .Values.nextcloud.datadir }} - subPath: {{ ternary "data" (printf "%s/%s" .Values.nextcloud.persistence.subPath "data") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html/config - subPath: {{ ternary "config" (printf "%s/%s" .Values.nextcloud.persistence.subPath "config") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html/custom_apps - subPath: {{ ternary "custom_apps" (printf "%s/%s" .Values.nextcloud.persistence.subPath "custom_apps") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/tmp - subPath: {{ ternary "tmp" (printf "%s/%s" .Values.nextcloud.persistence.subPath "tmp") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html/themes - subPath: {{ ternary "themes" (printf "%s/%s" .Values.nextcloud.persistence.subPath "themes") (empty .Values.nextcloud.persistence.subPath) }} - {{- range $key, $value := .Values.nextcloud.configs }} - - name: nextcloud-config - mountPath: /var/www/html/config/{{ $key }} - subPath: {{ $key }} - {{- end }} - {{- if .Values.nextcloud.configs }} - {{- range $key, $value := .Values.nextcloud.defaultConfigs }} - {{- if $value }} - - name: nextcloud-config - mountPath: /var/www/html/config/{{ $key }} - subPath: {{ $key }} - {{- end }} - {{- end }} - {{- end }} - {{- range $key, $value := .Values.nextcloud.phpConfigs }} - - name: nextcloud-phpconfig - mountPath: /usr/local/etc/php/conf.d/{{ $key }} - subPath: {{ $key }} - {{- end }} - {{- if .Values.nextcloud.extraVolumeMounts }} -{{ toYaml .Values.nextcloud.extraVolumeMounts | indent 8 }} - {{- end }} - {{- if .Values.nginx.enabled }} - - name: {{ .Chart.Name }}-nginx - image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" - imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} - ports: - - name: http - containerPort: 80 - protocol: TCP - {{- if .Values.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /status.php - port: http - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /status.php - port: http - httpHeaders: - - name: Host - value: {{ .Values.nextcloud.host | quote }} - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - resources: -{{ toYaml .Values.nginx.resources | indent 10 }} - volumeMounts: - - name: nextcloud-data - mountPath: /var/www/ - subPath: {{ ternary "root" (printf "%s/%s" .Values.nextcloud.persistence.subPath "root") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html - subPath: {{ ternary "html" (printf "%s/%s" .Values.nextcloud.persistence.subPath "html") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: {{ .Values.nextcloud.datadir }} - subPath: {{ ternary "data" (printf "%s/%s" .Values.nextcloud.persistence.subPath "data") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html/config - subPath: {{ ternary "config" (printf "%s/%s" .Values.nextcloud.persistence.subPath "config") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html/custom_apps - subPath: {{ ternary "custom_apps" (printf "%s/%s" .Values.nextcloud.persistence.subPath "custom_apps") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/tmp - subPath: {{ ternary "tmp" (printf "%s/%s" .Values.nextcloud.persistence.subPath "tmp") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-data - mountPath: /var/www/html/themes - subPath: {{ ternary "themes" (printf "%s/%s" .Values.nextcloud.persistence.subPath "themes") (empty .Values.nextcloud.persistence.subPath) }} - - name: nextcloud-nginx-config - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - volumes: - - name: nextcloud-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud{{- end }} - {{- else }} - emptyDir: {} - {{- end }} - {{- if .Values.nextcloud.configs }} - - name: nextcloud-config - configMap: - name: {{ template "nextcloud.fullname" . }}-config - {{- end }} - {{- if .Values.nextcloud.phpConfigs }} - - name: nextcloud-phpconfig - configMap: - name: {{ template "nextcloud.fullname" . }}-phpconfig - {{- end }} - {{- if .Values.nginx.enabled }} - - name: nextcloud-nginx-config - configMap: - name: {{ template "nextcloud.fullname" . }}-nginxconfig - {{- end }} - {{- if .Values.nextcloud.extraVolumes }} -{{ toYaml .Values.nextcloud.extraVolumes | indent 6 }} - {{- end }} - {{- if .Values.nginx.enabled }} - # Will mount configuration files as www-data (id: 82) for nextcloud - securityContext: - fsGroup: 82 - {{- else }} - # Will mount configuration files as www-data (id: 33) for nextcloud - securityContext: - fsGroup: 33 - {{- end }} diff --git a/templates/hpa.yaml b/templates/hpa.yaml deleted file mode 100644 index 81df1b8e..00000000 --- a/templates/hpa.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if .Values.hpa.enabled -}} -apiVersion: autoscaling/v1 -kind: HorizontalPodAutoscaler -metadata: - name: {{ template "nextcloud.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - scaleTargetRef: - kind: Deployment - apiVersion: apps/v1 - name: {{ template "nextcloud.fullname" . }} - minReplicas: {{ .Values.hpa.minPods }} - maxReplicas: {{ .Values.hpa.maxPods }} - targetCPUUtilizationPercentage: {{ .Values.hpa.cputhreshold }} -{{- end }} \ No newline at end of file diff --git a/templates/ingress.yaml b/templates/ingress.yaml deleted file mode 100644 index 0255e40a..00000000 --- a/templates/ingress.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if .Values.ingress.enabled }} -apiVersion: networking.k8s.io/v1beta1 -kind: Ingress -metadata: - name: {{ template "nextcloud.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.ingress.labels }} -{{ toYaml .Values.ingress.labels | indent 4 }} -{{- end }} -{{- if .Values.ingress.annotations }} - annotations: -{{ toYaml .Values.ingress.annotations | indent 4 }} -{{- end }} -spec: - rules: - - host: {{ .Values.nextcloud.host }} - http: - paths: - - backend: - serviceName: {{ template "nextcloud.fullname" . }} - servicePort: {{ .Values.service.port }} -{{- if .Values.ingress.tls }} - tls: -{{ toYaml .Values.ingress.tls | indent 4 }} -{{- end -}} -{{- end }} diff --git a/templates/metrics-deployment.yaml b/templates/metrics-deployment.yaml deleted file mode 100644 index 5e6a0c92..00000000 --- a/templates/metrics-deployment.yaml +++ /dev/null @@ -1,54 +0,0 @@ -{{- if .Values.metrics.enabled }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "nextcloud.fullname" . }}-metrics - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/component: metrics -spec: - replicas: {{ .Values.metrics.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - annotations: {{- toYaml .Values.metrics.podAnnotations | nindent 8 }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: metrics - {{- if .Values.metrics.podLabels }} -{{ toYaml .Values.metrics.podLabels | indent 8 }} - {{- end }} - spec: - containers: - - name: metrics-exporter - image: "{{ .Values.metrics.image.repository }}:{{ .Values.metrics.image.tag }}" - imagePullPolicy: {{ .Values.metrics.image.pullPolicy }} - env: - - name: NEXTCLOUD_USERNAME - valueFrom: - secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: nextcloud-username - - name: NEXTCLOUD_PASSWORD - valueFrom: - secretKeyRef: - name: {{ template "nextcloud.fullname" . }} - key: nextcloud-password - - name: NEXTCLOUD_SERVER - value: http{{ if .Values.metrics.https }}s{{ end }}://{{ .Values.nextcloud.host }} - - name: NEXTCLOUD_TIMEOUT - value: {{ .Values.metrics.timeout }} - ports: - - name: metrics - containerPort: 9205 - {{- if .Values.metrics.resources }} - resources: {{- toYaml .Values.metrics.resources | nindent 10 }} - {{- end }} -{{- end }} diff --git a/templates/metrics-service.yaml b/templates/metrics-service.yaml deleted file mode 100644 index b349751c..00000000 --- a/templates/metrics-service.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "nextcloud.fullname" . }}-metrics - labels: - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - {{- if .Values.metrics.service.labels -}} - {{ toYaml .Values.metrics.service.labels | nindent 4 }} - {{- end -}} - {{- if .Values.metrics.service.annotations }} - annotations: {{ toYaml .Values.metrics.service.annotations | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.metrics.service.type }} - {{ if eq .Values.metrics.service.type "LoadBalancer" -}} {{ if .Values.metrics.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }} - {{ end -}} - {{- end -}} - ports: - - name: metrics - port: 9205 - targetPort: metrics - selector: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} diff --git a/templates/nextcloud-pvc.yaml b/templates/nextcloud-pvc.yaml deleted file mode 100644 index c87bdbb4..00000000 --- a/templates/nextcloud-pvc.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if .Values.persistence.enabled -}} -{{- if not .Values.persistence.existingClaim -}} -kind: PersistentVolumeClaim -apiVersion: v1 -metadata: - name: {{ template "nextcloud.fullname" . }}-nextcloud - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.persistence.annotations }} - annotations: -{{ toYaml .Values.persistence.annotations | indent 4 }} -{{- end }} -spec: - accessModes: - - {{ .Values.persistence.accessMode | quote }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} -{{- if .Values.persistence.storageClass }} -{{- if (eq "-" .Values.persistence.storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: "{{ .Values.persistence.storageClass }}" -{{- end }} -{{- end }} -{{- end -}} -{{- end -}} diff --git a/templates/nginx-config.yaml b/templates/nginx-config.yaml deleted file mode 100644 index c4b20871..00000000 --- a/templates/nginx-config.yaml +++ /dev/null @@ -1,185 +0,0 @@ -{{- if .Values.nginx.enabled -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "nextcloud.fullname" . }}-nginxconfig - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -data: - nginx.conf: |- -{{- if .Values.nginx.config.default }} - worker_processes auto; - - error_log /var/log/nginx/error.log warn; - pid /var/run/nginx.pid; - - - events { - worker_connections 1024; - } - - - http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 65; - - #gzip on; - - upstream php-handler { - server 127.0.0.1:9000; - } - - server { - listen 80; - - # Add headers to serve security related headers - # Before enabling Strict-Transport-Security headers please read into this - # topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Remove X-Powered-By, which is an information leak - fastcgi_hide_header X-Powered-By; - - # Path to the root of your installation - root /var/www/html; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # The following 2 rules are only needed for the user_webfinger app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - - # The following rule is only needed for the Social app. - # Uncomment it if you're planning to use this app. - #rewrite ^/.well-known/webfinger /public.php?service=webfinger last; - - location = /.well-known/carddav { - return 301 $scheme://$host:$server_port/remote.php/dav; - } - - location = /.well-known/caldav { - return 301 $scheme://$host:$server_port/remote.php/dav; - } - - # set max upload size - client_max_body_size 10G; - fastcgi_buffers 64 4K; - - # Enable gzip but do not remove ETag headers - gzip on; - gzip_vary on; - gzip_comp_level 4; - gzip_min_length 256; - gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; - gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; - - # Uncomment if your server is build with the ngx_pagespeed module - # This module is currently not supported. - #pagespeed off; - - location / { - rewrite ^ /index.php; - } - - location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { - deny all; - } - location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } - - location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { - fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; - set $path_info $fastcgi_path_info; - try_files $fastcgi_script_name =404; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $path_info; - # fastcgi_param HTTPS on; - - # Avoid sending the security headers twice - fastcgi_param modHeadersAvailable true; - - # Enable pretty urls - fastcgi_param front_controller_active true; - fastcgi_pass php-handler; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - } - - location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { - try_files $uri/ =404; - index index.php; - } - - # Adding the cache control header for js, css and map files - # Make sure it is BELOW the PHP block - location ~ \.(?:css|js|woff2?|svg|gif|map)$ { - try_files $uri /index.php$request_uri; - add_header Cache-Control "public, max-age=15778463"; - # Add headers to serve security related headers (It is intended to - # have those duplicated to the ones above) - # Before enabling Strict-Transport-Security headers please read into - # this topic first. - #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always; - # - # WARNING: Only add the preload option once you read about - # the consequences in https://hstspreload.org/. This option - # will add the domain to a hardcoded list that is shipped - # in all major browsers and getting removed from this list - # could take several months. - add_header Referrer-Policy "no-referrer" always; - add_header X-Content-Type-Options "nosniff" always; - add_header X-Download-Options "noopen" always; - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Permitted-Cross-Domain-Policies "none" always; - add_header X-Robots-Tag "none" always; - add_header X-XSS-Protection "1; mode=block" always; - - # Optional: Don't log access to assets - access_log off; - } - - location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { - try_files $uri /index.php$request_uri; - # Optional: Don't log access to other assets - access_log off; - } - } - } -{{- else }} -{{ .Values.nginx.config.custom | indent 4 }} -{{- end }} -{{- end }} diff --git a/templates/php-config.yaml b/templates/php-config.yaml deleted file mode 100644 index 3ff9e95a..00000000 --- a/templates/php-config.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.nextcloud.phpConfigs -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "nextcloud.fullname" . }}-phpconfig - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -data: -{{- range $key, $value := .Values.nextcloud.phpConfigs }} - {{ $key }}: |- -{{ $value | indent 4 }} -{{- end }} -{{- end }} diff --git a/templates/secrets.yaml b/templates/secrets.yaml deleted file mode 100644 index 8473eba0..00000000 --- a/templates/secrets.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "nextcloud.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -type: Opaque -data: - nextcloud-username: {{ .Values.nextcloud.username | b64enc | quote }} - {{ if .Values.nextcloud.password }} - nextcloud-password: {{ .Values.nextcloud.password | b64enc | quote }} - {{ else }} - nextcloud-password: {{ randAlphaNum 10 | b64enc | quote }} - {{ end }} - {{- if .Values.nextcloud.mail.enabled }} - smtp-username: {{ default "" .Values.nextcloud.mail.smtp.name | b64enc | quote }} - smtp-password: {{ default "" .Values.nextcloud.mail.smtp.password | b64enc | quote }} - {{- end }} diff --git a/templates/service.yaml b/templates/service.yaml deleted file mode 100644 index 3f788185..00000000 --- a/templates/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "nextcloud.fullname" . }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - {{- if eq .Values.service.type "LoadBalancer" }} - loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }} - {{- end }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - {{- if eq .Values.service.type "NodePort" }} - nodePort: {{ default "" .Values.service.nodePort}} - {{- end }} - selector: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} diff --git a/values-mariadb.yaml b/values-mariadb.yaml deleted file mode 100644 index cc769937..00000000 --- a/values-mariadb.yaml +++ /dev/null @@ -1,5 +0,0 @@ -internalDatabase: - enabled: false - -mariadb: - enabled: true \ No newline at end of file diff --git a/values.yaml b/values.yaml deleted file mode 100644 index 1d65695a..00000000 --- a/values.yaml +++ /dev/null @@ -1,383 +0,0 @@ -## Official nextcloud image version -## ref: https://hub.docker.com/r/library/nextcloud/tags/ -## -image: - repository: nextcloud - tag: 17.0.0-apache - pullPolicy: IfNotPresent - # pullSecrets: - # - myRegistrKeySecretName - -nameOverride: "" -fullnameOverride: "" - -# Number of replicas to be deployed -replicaCount: 1 - -## Allowing use of ingress controllers -## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ -## -ingress: - enabled: false - annotations: {} - # nginx.ingress.kubernetes.io/proxy-body-size: 4G - # kubernetes.io/tls-acme: "true" - # certmanager.k8s.io/cluster-issuer: letsencrypt-prod - # nginx.ingress.kubernetes.io/server-snippet: |- - # server_tokens off; - # proxy_hide_header X-Powered-By; - - # rewrite ^/.well-known/webfinger /public.php?service=webfinger last; - # rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - # rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json; - # location = /.well-known/carddav { - # return 301 $scheme://$host/remote.php/dav; - # } - # location = /.well-known/caldav { - # return 301 $scheme://$host/remote.php/dav; - # } - # location = /robots.txt { - # allow all; - # log_not_found off; - # access_log off; - # } - # location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { - # deny all; - # } - # location ~ ^/(?:autotest|occ|issue|indie|db_|console) { - # deny all; - # } - # tls: - # - secretName: nextcloud-tls - # hosts: - # - nextcloud.kube.home - labels: {} - - -# Allow configuration of lifecycle hooks -# ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/ -lifecycle: {} - # postStartCommand: [] - # preStopCommand: [] - -nextcloud: - host: nextcloud.kube.home - username: admin - password: changeme - update: 0 - datadir: /var/www/html/data - tableprefix: - persistence: - subPath: - mail: - enabled: false - fromAddress: user - domain: domain.com - smtp: - host: domain.com - secure: ssl - port: 465 - authtype: LOGIN - name: user - password: pass - # PHP Configuration files - # Will be injected in /usr/local/etc/php/conf.d - phpConfigs: {} - # Default config files - # IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself - # Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/16.0/apache/config - defaultConfigs: - # To protect /var/www/html/config - .htaccess: true - # Redis default configuration - redis.config.php: true - # Apache configuration for rewrite urls - apache-pretty-urls.config.php: true - # Define APCu as local cache - apcu.config.php: true - # Apps directory configs - apps.config.php: true - # Used for auto configure database - autoconfig.php: true - # SMTP default configuration - smtp.config.php: true - # Extra config files created in /var/www/html/config/ - # ref: https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file - configs: {} - - # For example, to use S3 as primary storage - # ref: https://docs.nextcloud.com/server/13/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3 - # - # configs: - # s3.config.php: |- - # array( - # 'class' => '\\OC\\Files\\ObjectStore\\S3', - # 'arguments' => array( - # 'bucket' => 'my-bucket', - # 'autocreate' => true, - # 'key' => 'xxx', - # 'secret' => 'xxx', - # 'region' => 'us-east-1', - # 'use_ssl' => true - # ) - # ) - # ); - - ## Strategy used to replace old pods - ## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes - ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy - strategy: - type: Recreate - # type: RollingUpdate - # rollingUpdate: - # maxSurge: 1 - # maxUnavailable: 0 - - ## - ## Extra environment variables - extraEnv: - # - name: SOME_SECRET_ENV - # valueFrom: - # secretKeyRef: - # name: nextcloud - # key: secret_key - - # Extra mounts for the pods. Example shown is for connecting a legacy NFS volume - # to NextCloud pods in Kubernetes. This can then be configured in External Storage - extraVolumes: - # - name: nfs - # nfs: - # server: "10.0.0.1" - # path: "/nextcloud_data" - # readOnly: false - extraVolumeMounts: - # - name: nfs - # mountPath: "/legacy_data" - -nginx: - ## You need to set an fpm version of the image for nextcloud if you want to use nginx! - enabled: false - image: - repository: nginx - tag: alpine - pullPolicy: IfNotPresent - - config: - # This generates the default nginx config as per the nextcloud documentation - default: true - # custom: |- - # worker_processes 1;.. - - resources: {} - -internalDatabase: - enabled: true - name: nextcloud - -## -## External database configuration -## -externalDatabase: - enabled: false - - ## Supported database engines: mysql or postgresql - type: mysql - - ## Database host - host: - - ## Database user - user: nextcloud - - ## Database password - password: - - ## Database name - database: nextcloud - - ## Use a existing secret - existingSecret: - enabled: false - # secretName: nameofsecret - # usernameKey: username - # passwordKey: password - -## -## MariaDB chart configuration -## -mariadb: - ## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters - enabled: false - - db: - name: nextcloud - user: nextcloud - password: changeme - - ## Enable persistence using Persistent Volume Claims - ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ - ## - persistence: - enabled: false - accessMode: ReadWriteOnce - size: 8Gi - -redis: - enabled: false - usePassword: false - -## Cronjob to execute Nextcloud background tasks -## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron-jobs -## -cronjob: - enabled: false - # Nexcloud image is used as default but only curl is needed - image: {} - # repository: nextcloud - # tag: 16.0.3-apache - # pullPolicy: IfNotPresent - # pullSecrets: - # - myRegistrKeySecretName - # Every 15 minutes - # Note: Setting this to any any other value than 15 minutes might - # cause issues with how nextcloud background jobs are executed - schedule: "*/15 * * * *" - annotations: {} - # Set curl's insecure option if you use e.g. self-signed certificates - curlInsecure: false - failedJobsHistoryLimit: 5 - successfulJobsHistoryLimit: 2 - # If not set, nextcloud deployment one will be set - # resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - # If not set, nextcloud deployment one will be set - # nodeSelector: {} - - # If not set, nextcloud deployment one will be set - # tolerations: [] - - # If not set, nextcloud deployment one will be set - # affinity: {} - -service: - type: ClusterIP - port: 8080 - loadBalancerIP: nil - nodePort: nil - -## Enable persistence using Persistent Volume Claims -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## -persistence: - # Nextcloud Data (/var/www/html) - enabled: false - annotations: {} - ## nextcloud data Persistent Volume Storage Class - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack) - ## - # storageClass: "-" - - ## A manually managed Persistent Volume and Claim - ## Requires persistence.enabled: true - ## If defined, PVC must be created manually before volume will be bound - # existingClaim: - - accessMode: ReadWriteOnce - size: 8Gi - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -## Liveness and readiness probe values -## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes -## -livenessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 15 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 -readinessProbe: - enabled: true - initialDelaySeconds: 30 - periodSeconds: 15 - timeoutSeconds: 5 - failureThreshold: 3 - successThreshold: 1 - -## Enable pod autoscaling using HorizontalPodAutoscaler -## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/ -## -hpa: - enabled: false - cputhreshold: 60 - minPods: 1 - maxPods: 10 - -nodeSelector: {} - -tolerations: [] - -affinity: {} - - -## Prometheus Exporter / Metrics -## -metrics: - enabled: false - - replicaCount: 1 - # The metrics exporter needs to know how you serve Nextcloud either http or https - https: false - timeout: 5s - - image: - repository: xperimental/nextcloud-exporter - tag: v0.3.0 - pullPolicy: IfNotPresent - - ## Metrics exporter resource requests and limits - ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ - ## - # resources: {} - - ## Metrics exporter pod Annotation and Labels - # podAnnotations: {} - - # podLabels: {} - - service: - type: ClusterIP - ## Use serviceLoadBalancerIP to request a specific static IP, - ## otherwise leave blank - # loadBalancerIP: - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9205" - labels: {}