-
Notifications
You must be signed in to change notification settings - Fork 271
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sync config files from nextcloud/docker repo; Add S3/Swift object storage config; Add S3 ci test; Add nextcloud.trustedDomains
#464
Conversation
Since it's taking a bit for my PR to be merged upstream, I'll try to spend some time on this later today to get it ready for merge without the encryption feature to start with. Perhaps it also makes sense to have a nextcloud:
objectStore:
s3:
enabled: true
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
accessKey: ""
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
secretKey: ""
# only required if you're not using AWS
endpoint: ""
# default port that can be changed based on your object store, e.g. for minio, you can use 9000
port: "443"
# this is the default in the nextcloud docs
region: "eu-west-1"
bucket: ""
ssl: true
# set to true if you are not using DNS for your buckets.
usePathStyle: false
existingSecret: "" |
I've removed the encryption key setting for now, so this could still be merged, but I haven't tested this, so it should still wait another week or two while I make sure it works without the encryption key. |
any plan for this to be merged? |
any blocker to this @jessebot |
No, I just was just really busy before. Let me take a look at the code now and see what's left to be done here :) |
gonna take a peak locally and push up some changes as nextcloud/docker#2151 was merged so we now have encryption as well :) |
This should be ready for review now :) Unless #480 gets merged first, then I need to update this PR again. |
I'd rather wait for the other PR, it has been open so long already. |
Sounds good to me :) |
As discussed in #480, I will refactor this to use the new config file format and then we can review and merge. |
a48b146
to
7fe9a3c
Compare
Actually, in the interest of resolving #477, should I just go ahead and add the following to the values? nextcloud:
objectStore:
s3:
enabled: true
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
accessKey: ""
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
secretKey: ""
# only required if you're not using AWS
endpoint: ""
# default port that can be changed based on your object store, e.g. for minio, you can use 9000
port: "443"
# this is the default in the nextcloud docs
region: "eu-west-1"
bucket: ""
ssl: true
# set to true if you are not using DNS for your buckets.
usePathStyle: false
existingSecret: "" Open to suggestions and feedback on better organizing this, but it feels like we could accommodate this, rather than making users manually set the env vars? |
How about adding the other missing configs (especially https://github.com/nextcloud/docker/blob/master/.config/upgrade-disable-web.config.php) and checking if the other ones are up-to-date? |
nextcloud.trustedDomains
nextcloud.trustedDomains
bb77a8b
to
84c9f37
Compare
OK! This is finally ready for review, @provokateurin :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you try to separate the changes into a few commits e.g.:
- update existing config files
- add new/missing config files
- add s3 and swift values.yaml
- add s3 test
It doesn't need to be exactly these commits, but if anything here breaks something down the road it will be a lot easier to bisect if it's not a single commit.
Very nice work btw ❤️ |
Sure, I can do that when I get home later. I assumed you'd ask for it to be in all one commit, so I did this to solve that, but also, since we typically do a squash and merge, does this mean you'd like me to do a normal merge commit after I finish teasing apart the commits? Happy to do it, just making sure :) |
Well I prefer a clean history where every commit has a purpose and does only one thing. So neither fixup commits nor mega commits are great, just smallish concrete ones. |
Synchronizes default config.php files from nextcloud/docker to add file env vars: - Redis: Adds REDIS_HOST_PASSWORD_FILE, cleans up formatting to match upstream - Autoconfig: Adds MYSQL_DATABASE_FILE, MYSQL_USER_FILE, MYSQL_PASSWORD_FILE, POSTGRES_DB_FILE, POSTGRES_USER_FILE, and POSTGRES_PASSWORD_FILE - smtp: adds SMTP_PASSWORD_FILE Signed-off-by: jessebot <[email protected]>
…config.php files Signed-off-by: jessebot <[email protected]>
…ameters - also updates README and values.yaml examples Signed-off-by: jessebot <[email protected]>
Adding this directly helps with setting multiple values via helm parameters, instead of needing to pass in a whole config file. Signed-off-by: jessebot <[email protected]>
- Tests enabling bare minimum parameters to use S3 Object store as your primary storage. - Spin up a small MinIO instance to test that uploading a file via DAV actually creates the nextcloud storage bucket and puts the file into it. - Also changes main test name from run-tests to test Signed-off-by: jessebot <[email protected]>
84c9f37
to
c209445
Compare
OK, I think all the commits are reasonable now. It took me kind of a while to get it together, because splitting a commit can't really be done in any easy way, but like, we should be good now! Oh, when merging, do you want to do a "merge commit" or "rebase and merge"? |
Merge commit ;) But honestly do what you find best, as long as it works for you 🤷♀️ |
Okie dokie. I still need an approval, but then we can get this out the door :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you so much for all the care you put into this! Also reviewing the changes was super easy now with the split commits.
Description of the change
nextcloud/docker
config files:charts/nextcloud/files/defaultConfigs/autoconfig.php.tpl
charts/nextcloud/files/defaultConfigs/redis.config.php.tpl
charts/nextcloud/files/defaultConfigs/reverse-proxy.config.php.tpl
🆕charts/nextcloud/files/defaultConfigs/s3.config.php.tpl
🆕charts/nextcloud/files/defaultConfigs/smtp.config.php.tpl
charts/nextcloud/files/defaultConfigs/swift.config.php.tpl
🆕charts/nextcloud/files/defaultConfigs/upgrade-disable-web.config.php.tpl
🆕Note
If you were already manually providing
s3.config.php
,reverse-proxy.config.php
,swift.config.php
, orupgrade-disable-web.config.php
, you can disable us deploying a default file for you by setting the respectivenextcloud.defaultConfigs.FILE
to false. For instance, to disable the defaults3.config.php
, you would setnextcloud.defaultConfigs.s3.config.php=false
.Adds
nextcloud.objectStore.s3
to use S3 for primary storage:click me for new
nextcloud.objectStore.s3
valuesAdds
nextcloud.objectStore.swift
to use OpenStack Swift for primary storage:click me for new
nextcloud.objectStore.swift
valuesadds a new ci
test_case
for enabling S3 as a primary object storeadds
nextcloud.trustedDomains
as a helm parameter. Takes a list that, if set, we then template out to a space separated list. Otherwise, we still use our default templating for that parameter (which usesnextcloud.host
)rename
run-tests
job totest
since the job before it is just calledlint
and it keeps the check names from truncating as much in the following view (can't be longer than 30 characters):Benefits
This lets users use both
nextcloud.configs
and still use the nextcloud/docker auto configuration via environment variables. Prior to this change, you had to use one or the other when it came to s3 as primary object storage.Possible drawbacks
not sure 🤷 but always open to feedback :)
Applicable issues
nextcloud.objectStore.s3
section in the values.yaml #477Checklist
Chart.yaml
according to semver.