Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(nextcloud): add notify_push support #581

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat(nextcloud): add notify_push support #581

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1935e42
feat(nextcloud): add notify_push support
wrenix Jun 9, 2024
9f3e65a
fix(env): move DATABASE_URL and REDIS_URL to env helper
wrenix Dec 18, 2024
57b3806
fix(notify_push): improve after review
wrenix Jan 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/workflows/lint-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,10 @@ jobs:
- name: Horizontal Pod Autoscaling Enabled
helm_args: '--helm-extra-set-args "--values charts/nextcloud/test-values/hpa.yaml"'

# test the helm chart with notify push enabled
- name: Notify Push Enabled
helm_args: '--helm-extra-set-args "--values charts/nextcloud/test-values/notify_push.yaml"'
Comment on lines +86 to +88
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So we only test that the deployment succeeds, could we use the notify_push self-test check (or whatever it is called) to ensure it works correctly?
Or would that already be covered automatically because the deployments won't succeed otherwise?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I make some thoughts therefore.
(No there is no self-test at this moment)


# test the helm chart with s3 as the primary storage
- name: S3 Enabled as Primary Storage
# we need to skip the clean up so we can test adding a file
Expand Down
10 changes: 10 additions & 0 deletions charts/nextcloud/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# Changelog

This Helm-Chart increase there major version on every breaking change (or major version of Nextcloud itself) inspired by semantic releases.

Here we list all major versions and their breaking changes for migration.


## v7

- move `metrics.serviceMonitor` to `prometheus.serviceMonitor`: It is used for nextcloud-exporter and notify-push
2 changes: 1 addition & 1 deletion charts/nextcloud/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v2
name: nextcloud
version: 6.5.2
version: 7.0.0
appVersion: 30.0.4
description: A file sharing server that puts the control and security of your own data back into your hands.
keywords:
Expand Down
33 changes: 33 additions & 0 deletions charts/nextcloud/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ helm install my-release nextcloud/nextcloud
* [Headers set on NGINX](#headers-set-on-nginx)
* [Probes Configurations](#probes-configurations)
* [Collabora Configuration](#collabora-configuration)
* [Notify Push](#notify-push)
* [Imaginary](#imaginary)
* [Cron jobs](#cron-jobs)
* [Using the nextcloud docker image auto-configuration via env vars](#using-the-nextcloud-docker-image-auto-configuration-via-env-vars)
Expand Down Expand Up @@ -500,6 +501,38 @@ The nextcloud deployment includes a series of different probes you can use to de
> [!Note]
> If you are getting errors on initialization (such as `Fatal error: require_once(): Failed opening required '/var/www/html/lib/versioncheck.php'`, but you can get other errors as well), a good first step is to try and enable the startupProbe and/or increase the `initialDelaySeconds` for the `livenessProbe` and `readinessProbe` to something much greater (consider using `120` seconds instead of `10`. This is an especially good idea if your cluster is running on older hardware, has a slow internet connection, or you're using a slower storage class, such as NFS that's running with older disks or a slow connection.

### Notify Push

We include an optional Client Push [nextcloud/notify_push](https://github.com/nextcloud/notify_push).


| Parameter | Description | Default |
|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------|------------------------|
| `notifyPush.enabled` | Enable another deployment to handle notify_push (sometimes called ClientPush) | `false` |
| `notifyPush.autoSetup` | Setup notify_push on nextcloud per docker-entrypoint-hooks before start | `false` |
| `notifyPush.replicaCount` | Number of notify-push pod replicas to deploy | `1` |
| `notifyPush.image.registry` | notify-push image registry | `docker.io` |
| `notifyPush.image.repository` | notify-push image name | `miles170/notify_push` |
| `notifyPush.image.tag` | notify-push image tag | `v0.7.0` |
| `notifyPush.image.pullPolicy` | notify-push image pull policy | `IfNotPresent` |
| `notifyPush.image.pullSecrets` | notify-push image pull secrets | `[]` |
| `notifyPush.redisURLEnv` | option to set the redis_url per env (if a external redis is used) e.g.: `value: ""` or `valueFrom: {secretKeyRef:{name:"",key:""}}` | `""` |
| `notifyPush.podAnnotations` | Additional annotations for notify-push pods | `{}` |
| `notifyPush.podLabels` | Additional labels for notify-push pods | `{}` |
| `notifyPush.podSecurityContext` | Optional security context for the notify-push pod | `nil` |
| `notifyPush.securityContext` | Optional security context for the notify-push container | `nil` |
| `notifyPush.resources` | notify-push resources | `{}` |
| `notifyPush.service.type` | notify-push: Kubernetes Service type | `ClusterIP` |
| `notifyPush.service.loadBalancerIP` | Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank | `nil` |
| `notifyPush.service.nodePort` | notify-push: NodePort for service type NodePort | `nil` |
| `notifyPush.service.annotations` | Additional annotations for service notify-push | `{}` |
| `notifyPush.service.labels` | Additional labels for service notify-push | `{}` |
| `notifyPush.ingress.path` | Add path in default ingress to notify_push service | `/push` |
| `notifyPush.ingress.pathType` | PathType for additional path in default ingress for notify-push path | `Prefix` |

> [!Note]
> notify-push needs an redis (redis.enabled=true or notifyPush.redisURLEnv={...})

### Collabora Configuration

This section provides options to enable and configure the Collabora Online server within your deployment. Please ensure to review the [Collabora Online Helm chart documentation](https://github.com/CollaboraOnline/online/tree/master/kubernetes/helm/collabora-online) for additional details and recommended values.
Expand Down
4 changes: 4 additions & 0 deletions charts/nextcloud/files/notify_push.sh.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#!/bin/sh
/var/www/html/occ app:install notify_push
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
/var/www/html/occ app:install notify_push
/var/www/html/occ app:enable notify_push

This will both install and enable the app. I'd expect that the app is automatically enabled, if it was disabled but installed previously.

/var/www/html/occ config:app:set notify_push base_endpoint --value="http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.nextcloud.host }}{{ .Values.notifyPush.ingress.path }}"
# /var/www/html/occ notify_push:setup "http{{ if .Values.ingress.tls }}s{{ end }}://{{ .Values.nextcloud.host }}{{ .Values.notifyPush.ingress.path }}"
Comment on lines +3 to +4
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this commented out?
Does the command not work due to startup order creating a circular dependency?
Either way I don't think a commented out command is helpful, so please remove one of them.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it is a startup circular dependency.
Should I write a comment instatt of removing it?
(So that other person would not change that could to use notify_push:setup)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes please

76 changes: 48 additions & 28 deletions charts/nextcloud/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,11 +64,7 @@ Create image name that is used in the deployment
{{/*
Create environment variables used to configure the nextcloud container as well as the cron sidecar container.
*/}}
{{- define "nextcloud.env" -}}
{{- if .Values.phpClientHttpsFix.enabled }}
- name: OVERWRITEPROTOCOL
value: {{ .Values.phpClientHttpsFix.protocol | quote }}
{{- end }}
{{- define "nextcloud.env.database" -}}
{{- if .Values.internalDatabase.enabled }}
- name: SQLITE_DATABASE
value: {{ .Values.internalDatabase.name | quote }}
Expand All @@ -87,6 +83,8 @@ Create environment variables used to configure the nextcloud container as well a
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
- name: DATABASE_URL
value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST)/$(MYSQL_DATABASE)"
{{- else if .Values.postgresql.enabled }}
- name: POSTGRES_HOST
value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }}
Expand All @@ -106,7 +104,9 @@ Create environment variables used to configure the nextcloud container as well a
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
{{- else }}
- name: DATABASE_URL
value: "postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST)/$(POSTGRES_DB)"
{{- else }}{{/* mariadb.enable or postgresql.enabled -> now external */}}
{{- if eq .Values.externalDatabase.type "postgresql" }}
- name: POSTGRES_HOST
{{- if .Values.externalDatabase.existingSecret.hostKey }}
Expand Down Expand Up @@ -136,7 +136,9 @@ Create environment variables used to configure the nextcloud container as well a
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
{{- else }}
- name: DATABASE_URL
value: "postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST)/$(POSTGRES_DB)"
{{- else }}{{/* external.type = postgresql */}}
- name: MYSQL_HOST
{{- if .Values.externalDatabase.existingSecret.hostKey }}
valueFrom:
Expand Down Expand Up @@ -165,8 +167,45 @@ Create environment variables used to configure the nextcloud container as well a
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
{{- end }}
- name: DATABASE_URL
value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST)/$(MYSQL_DATABASE)"
{{- end }}{{/* external.type = postgresql */}}
{{- end }}{{/* not mariadb.enable or postgresql.enabled -> just external*/}}
{{- end }}

{{/*
Redis env vars
*/}}
{{- define "nextcloud.env.redis" -}}
- name: REDIS_HOST
value: {{ template "nextcloud.redis.fullname" . }}-master
- name: REDIS_HOST_PORT
value: {{ .Values.redis.master.service.ports.redis | quote }}
{{- if .Values.redis.auth.enabled }}
{{- if and .Values.redis.auth.existingSecret .Values.redis.auth.existingSecretPasswordKey }}
- name: REDIS_HOST_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.redis.auth.existingSecret }}
key: {{ .Values.redis.auth.existingSecretPasswordKey }}
{{- else }}
- name: REDIS_HOST_PASSWORD
value: {{ .Values.redis.auth.password }}
{{- end }}
- name: REDIS_URL
value: "redis://:$(REDIS_HOST_PASSWORD)@$(REDIS_HOST):$(REDIS_HOST_PORT)"
{{- else }}
- name: REDIS_URL
value: "redis://$(REDIS_HOST):$(REDIS_HOST_PORT)"
{{- end }}
{{- end }}

{{- define "nextcloud.env" -}}
{{- if .Values.phpClientHttpsFix.enabled }}
- name: OVERWRITEPROTOCOL
value: {{ .Values.phpClientHttpsFix.protocol | quote }}
{{- end }}
{{- template "nextcloud.env.database" . }}
- name: NEXTCLOUD_ADMIN_USER
valueFrom:
secretKeyRef:
Expand Down Expand Up @@ -216,26 +255,8 @@ Create environment variables used to configure the nextcloud container as well a
name: {{ .Values.nextcloud.existingSecret.secretName | default (include "nextcloud.fullname" .) }}
key: {{ .Values.nextcloud.existingSecret.smtpPasswordKey }}
{{- end }}
{{/*
Redis env vars
*/}}
{{- if .Values.redis.enabled }}
- name: REDIS_HOST
value: {{ template "nextcloud.redis.fullname" . }}-master
- name: REDIS_HOST_PORT
value: {{ .Values.redis.master.service.ports.redis | quote }}
{{- if .Values.redis.auth.enabled }}
{{- if and .Values.redis.auth.existingSecret .Values.redis.auth.existingSecretPasswordKey }}
- name: REDIS_HOST_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.redis.auth.existingSecret }}
key: {{ .Values.redis.auth.existingSecretPasswordKey }}
{{- else }}
- name: REDIS_HOST_PASSWORD
value: {{ .Values.redis.auth.password }}
{{- end }}
{{- end }}
{{ template "nextcloud.env.redis" . }}
{{- end }}{{/* end if redis.enabled */}}
{{/*
S3 as primary object store env vars
Expand Down Expand Up @@ -342,7 +363,6 @@ Swift as primary object store env vars
{{- end }}
{{- end -}}


{{/*
Create volume mounts for the nextcloud container as well as the cron sidecar container.
*/}}
Expand Down
18 changes: 12 additions & 6 deletions charts/nextcloud/templates/db-secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,20 @@ metadata:
type: Opaque
data:
{{- if .Values.mariadb.enabled }}
db-username: {{ .Values.mariadb.auth.username | b64enc | quote }}
db-password: {{ .Values.mariadb.auth.password | b64enc | quote }}
{{- with .Values.mariadb.auth }}
db-username: {{ .username | b64enc | quote }}
db-password: {{ .password | b64enc | quote }}
{{- end }}
{{- else if .Values.postgresql.enabled }}
db-username: {{ .Values.postgresql.global.postgresql.auth.username | b64enc | quote }}
db-password: {{ .Values.postgresql.global.postgresql.auth.password | b64enc | quote }}
{{- with .Values.postgresql.global.postgresql.auth }}
db-username: {{ .username | b64enc | quote }}
db-password: {{ .password | b64enc | quote }}
{{- end }}
{{- else }}
db-username: {{ .Values.externalDatabase.user | b64enc | quote }}
db-password: {{ .Values.externalDatabase.password | b64enc | quote }}
{{- with .Values.externalDatabase }}
db-username: {{ .user | b64enc | quote }}
db-password: {{ .password | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
40 changes: 20 additions & 20 deletions charts/nextcloud/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,12 @@ spec:
{{- end }}
volumeMounts:
{{- include "nextcloud.volumeMounts" . | trim | nindent 12 }}
{{- if and .Values.notifyPush.enabled .Values.notifyPush.autoSetup }}
- name: nextcloud-notify-hooks
mountPath: /docker-entrypoint-hooks.d/before-starting/notify_push.sh
subPath: notify_push.sh
readOnly: true
{{- end }}
{{- range $hook, $shell := .Values.nextcloud.hooks }}
{{- if $shell }}
- name: nextcloud-hooks
Expand Down Expand Up @@ -294,45 +300,30 @@ spec:
{{- end }}
{{- if .Values.mariadb.enabled }}
- name: mariadb-isalive
image: {{ .Values.mariadb.image.registry | default "docker.io" }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }}
image: {{ .Values.mariadb.image.registry }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }}
{{- with .Values.nextcloud.mariaDbInitContainer }}
resources:
{{- toYaml .resources | nindent 12 }}
securityContext:
{{- toYaml .securityContext | nindent 12 }}
{{- end }}
env:
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
key: {{ .Values.externalDatabase.existingSecret.usernameKey }}
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
{{- include "nextcloud.env.database" . | nindent 12 }}
command:
- "sh"
- "-c"
- {{ printf "until mysql --host=%s-mariadb --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" .Release.Name }}
- {{ printf "until mysql --host=${MYSQL_HOST} --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" }}
{{- else if .Values.postgresql.enabled }}
- name: postgresql-isready
image: {{ .Values.postgresql.image.registry | default "docker.io" }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}
image: {{ .Values.postgresql.image.registry }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}
{{- with .Values.nextcloud.postgreSqlInitContainer }}
resources:
{{- toYaml .resources | nindent 12 }}
securityContext:
{{- toYaml .securityContext | nindent 12 }}
{{- end }}
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
key: {{ .Values.externalDatabase.existingSecret.usernameKey }}
- name: POSTGRES_HOST
value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }}
{{- include "nextcloud.env.database" . | nindent 12 }}
command:
- "sh"
- "-c"
Expand Down Expand Up @@ -375,6 +366,15 @@ spec:
configMap:
name: {{ template "nextcloud.fullname" . }}-nginxconfig
{{- end }}
{{- if and .Values.notifyPush.enabled .Values.notifyPush.autoSetup }}
- name: nextcloud-notify-hooks
configMap:
name: {{ template "nextcloud.fullname" . }}-notify-push
defaultMode: 0o755
items:
- key: hook.sh
path: notify_push.sh
{{- end }}
{{- if not (values .Values.nextcloud.hooks | compact | empty) }}
- name: nextcloud-hooks
configMap:
Expand Down
9 changes: 9 additions & 0 deletions charts/nextcloud/templates/ingress.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,15 @@ spec:
serviceName: {{ template "nextcloud.fullname" . }}
servicePort: {{ .Values.service.port }}
{{- end }}
{{- if .Values.notifyPush.enabled }}
- path: {{ .Values.notifyPush.ingress.path }}
pathType: {{ .Values.notifyPush.ingress.pathType }}
backend:
service:
name: {{ template "nextcloud.fullname" . }}-notify-push
port:
name: http
{{- end }}
{{- with .Values.ingress.tls }}
tls:
{{- toYaml . | nindent 4 }}
Expand Down
Loading
Loading