Nextcloud is a file sharing server that puts the control and security of your own data back into your hands.
helm repo add nextcloud https://nextcloud.github.io/helm/
helm install my-release nextcloud/nextcloud
- Introduction
- Prerequisites
- Installing the Chart
- Uninstalling the Chart
- Configuration
- Cron jobs
- Multiple config.php file
- Using nginx
- Preserving Source IP
- Hugepages
- HPA (Clustering)
- Running
occ
commands - Backups
- Upgrades
- Troubleshooting
This chart bootstraps an nextcloud deployment on a Kubernetes cluster using the Helm package manager.
You will also need a database compatible with Nextcloud. For more info, please see the Database Configuration section below.
If you want to persist data accross installs and upgrades, you'll need to configure persistence. For more info, please see the Persistence Configuration section below.
We also package the following helm charts from Bitnami for you to optionally use:
Chart | Descrption |
---|---|
Redis | For enabling caching |
PostgreSQL | For use as an external database |
MariaDB | For use as an external database |
- Kubernetes 1.24+
- Persistent Volume provisioner support in the underlying infrastructure
- Helm >=3.7.0 (for subchart scope exposing)
To install the chart with the release name my-release
:
helm repo add nextcloud https://nextcloud.github.io/helm/
helm install my-release nextcloud/nextcloud
The command deploys nextcloud on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation.
Tip: List all releases using
helm list
To uninstall/delete the my-release
deployment:
helm delete my-release
The command removes all the Kubernetes components associated with the chart and deletes the release.
The following table lists the configurable parameters of the nextcloud chart and their default values.
Parameter | Description | Default |
---|---|---|
image.repository |
nextcloud Image name | nextcloud |
image.flavor |
nextcloud Image type (Options: apache, fpm) | apache |
image.tag |
nextcloud Image tag | appVersion |
image.pullPolicy |
Image pull policy | IfNotPresent |
image.pullSecrets |
Specify image pull secrets | nil |
replicaCount |
Number of nextcloud pods to deploy | 1 |
ingress.className |
Name of the ingress class to use | nil |
ingress.enabled |
Enable use of ingress controllers | false |
ingress.servicePort |
Ingress' backend servicePort | http |
ingress.annotations |
An array of service annotations | nil |
ingress.labels |
An array of service labels | nil |
ingress.path |
The Path to use in Ingress' paths |
/ |
ingress.pathType |
The PathType to use in Ingress' paths |
Prefix |
ingress.tls |
Ingress TLS configuration | [] |
nextcloud.host |
nextcloud host to create application URLs, updates trusted_domains at installation time only | nextcloud.kube.home |
nextcloud.username |
User of the application | admin |
nextcloud.password |
Application password | changeme |
nextcloud.existingSecret.enabled |
Whether to use an existing secret or not | false |
nextcloud.existingSecret.secretName |
Name of the existing secret | nil |
nextcloud.existingSecret.usernameKey |
Name of the key that contains the username | nil |
nextcloud.existingSecret.passwordKey |
Name of the key that contains the password | nil |
nextcloud.existingSecret.smtpUsernameKey |
Name of the key that contains the SMTP username | nil |
nextcloud.existingSecret.smtpPasswordKey |
Name of the key that contains the SMTP password | nil |
nextcloud.existingSecret.smtpHostKey |
Name of the key that contains the SMTP hostname | nil |
nextcloud.update |
Trigger update if custom command is used | 0 |
nextcloud.containerPort |
Customize container port when not running as root | 80 |
nextcloud.datadir |
nextcloud data dir location | /var/www/html/data |
nextcloud.mail.enabled |
Whether to enable/disable email settings | false |
nextcloud.mail.fromAddress |
nextcloud mail send from field | nil |
nextcloud.mail.domain |
nextcloud mail domain | nil |
nextcloud.mail.smtp.host |
SMTP hostname | nil |
nextcloud.mail.smtp.secure |
SMTP connection ssl or empty |
'' |
nextcloud.mail.smtp.port |
Optional SMTP port | nil |
nextcloud.mail.smtp.authtype |
SMTP authentication method | LOGIN |
nextcloud.mail.smtp.name |
SMTP username, ONLY the part before the domain name. i.e. 'postmaster' NOT '[email protected]' | '' |
nextcloud.mail.smtp.password |
SMTP password | '' |
nextcloud.configs |
Config files created in /var/www/html/config |
{} |
nextcloud.persistence.subPath |
Set the subPath for nextcloud to use in volume | nil |
nextcloud.phpConfigs |
PHP Config files created in /usr/local/etc/php/conf.d |
{} |
nextcloud.defaultConfigs.\.htaccess |
Default .htaccess to protect /var/www/html/config |
true |
nextcloud.defaultConfigs.redis\.config\.php |
Default Redis configuration | true |
nextcloud.defaultConfigs.apache-pretty-urls\.config\.php |
Default Apache configuration for rewrite urls | true |
nextcloud.defaultConfigs.apcu\.config\.php |
Default configuration to define APCu as local cache | true |
nextcloud.defaultConfigs.apps\.config\.php |
Default configuration for apps | true |
nextcloud.defaultConfigs.autoconfig\.php |
Default auto-configuration for databases | true |
nextcloud.defaultConfigs.smtp\.config\.php |
Default configuration for smtp | true |
nextcloud.strategy |
specifies the strategy used to replace old Pods by new ones | type: Recreate |
nextcloud.extraEnv |
specify additional environment variables | {} |
nextcloud.extraSidecarContainers |
specify additional sidecar containers | [] |
nextcloud.extraInitContainers |
specify additional init containers | [] |
nextcloud.extraVolumes |
specify additional volumes for the NextCloud pod | {} |
nextcloud.extraVolumeMounts |
specify additional volume mounts for the NextCloud pod | {} |
nextcloud.securityContext |
Optional security context for the NextCloud container | nil |
nextcloud.podSecurityContext |
Optional security context for the NextCloud pod (applies to all containers in the pod) | nil |
nginx.enabled |
Enable nginx (requires you use php-fpm image) | false |
nginx.image.repository |
nginx Image name, e.g. use nginxinc/nginx-unprivileged for rootless container |
nginx |
nginx.image.tag |
nginx Image tag | alpine |
nginx.image.pullPolicy |
nginx Image pull policy | IfNotPresent |
nginx.image.pullPolicy |
nginx Image pull policy | IfNotPresent |
nginx.containerPort |
Customize container port e.g. when not running as root | IfNotPresent |
nginx.config.default |
Whether to use nextcloud's recommended nginx config | true |
nginx.config.custom |
Specify a custom config for nginx | {} |
nginx.resources |
nginx resources | {} |
nginx.securityContext |
Optional security context for the nginx container | nil |
lifecycle.postStartCommand |
Specify deployment lifecycle hook postStartCommand | nil |
lifecycle.preStopCommand |
Specify deployment lifecycle hook preStopCommand | nil |
redis.enabled |
Whether to install/use redis for locking | false |
redis.auth.enabled |
Whether to enable password authentication with redis | true |
redis.auth.password |
The password redis uses | '' |
redis.auth.existingSecret |
The name of an existing secret with Redis® credentials | '' |
redis.auth.existingSecretPasswordKey |
Password key to be retrieved from existing secret | '' |
cronjob.enabled |
Whether to enable/disable cron jobs sidecar | false |
cronjob.lifecycle.postStartCommand |
Specify deployment lifecycle hook postStartCommand for the cron jobs sidecar | nil |
cronjob.lifecycle.preStopCommand |
Specify deployment lifecycle hook preStopCommand for the cron jobs sidecar | nil |
cronjob.resources |
CPU/Memory resource requests/limits for the cron jobs sidecar | {} |
cronjob.securityContext |
Optional security context for cron jobs sidecar | nil |
service.type |
Kubernetes Service type | ClusterIP |
service.loadBalancerIP |
LoadBalancerIp for service type LoadBalancer | "" |
service.nodePort |
NodePort for service type NodePort | nil |
service.ipFamilies |
Set ipFamilies as in k8s service objects | nil |
service.ipFamyPolicy |
define IP protocol bindings as in k8s service objects | nil |
phpClientHttpsFix.enabled |
Sets OVERWRITEPROTOCOL for https ingress redirect | false |
phpClientHttpsFix.protocol |
Sets OVERWRITEPROTOCOL for https ingress redirect | https |
resources |
CPU/Memory resource requests/limits | {} |
rbac.enabled |
Enable Role and rolebinding for priveledged PSP | false |
rbac.serviceaccount.create |
Wether to create a serviceaccount or use an existing one (requires rbac) | true |
rbac.serviceaccount.name |
The name of the sevice account that the deployment will use (requires rbac) | nextcloud-serviceaccount |
rbac.serviceaccount.annotations |
Serviceaccount annotations | {} |
livenessProbe.enabled |
Turn on and off liveness probe | true |
livenessProbe.initialDelaySeconds |
Delay before liveness probe is initiated | 10 |
livenessProbe.periodSeconds |
How often to perform the probe | 10 |
livenessProbe.timeoutSeconds |
When the probe times out | 5 |
livenessProbe.failureThreshold |
Minimum consecutive failures for the probe | 3 |
livenessProbe.successThreshold |
Minimum consecutive successes for the probe | 1 |
readinessProbe.enabled |
Turn on and off readiness probe | true |
readinessProbe.initialDelaySeconds |
Delay before readiness probe is initiated | 10 |
readinessProbe.periodSeconds |
How often to perform the probe | 10 |
readinessProbe.timeoutSeconds |
When the probe times out | 5 |
readinessProbe.failureThreshold |
Minimum consecutive failures for the probe | 3 |
readinessProbe.successThreshold |
Minimum consecutive successes for the probe | 1 |
startupProbe.enabled |
Turn on and off startup probe | false |
startupProbe.initialDelaySeconds |
Delay before readiness probe is initiated | 30 |
startupProbe.periodSeconds |
How often to perform the probe | 10 |
startupProbe.timeoutSeconds |
When the probe times out | 5 |
startupProbe.failureThreshold |
Minimum consecutive failures for the probe | 30 |
startupProbe.successThreshold |
Minimum consecutive successes for the probe | 1 |
hpa.enabled |
Boolean to create a HorizontalPodAutoscaler | false |
hpa.cputhreshold |
CPU threshold percent for the HorizontalPodAutoscale | 60 |
hpa.minPods |
Min. pods for the Nextcloud HorizontalPodAutoscaler | 1 |
hpa.maxPods |
Max. pods for the Nextcloud HorizontalPodAutoscaler | 10 |
deploymentLabels |
Labels to be added at 'deployment' level | not set |
deploymentAnnotations |
Annotations to be added at 'deployment' level | not set |
podLabels |
Labels to be added at 'pod' level | not set |
podAnnotations |
Annotations to be added at 'pod' level | not set |
By default, nextcloud will use a SQLite database. This is not recommended for production, but is enabled by default for testing purposes. When you are done testing, please set internalDatabase.enabled
to false
, and configure the externalDatabase
parameters below.
For convenience, we packages the following Bitnami charts for databases (feel free to choose one below):
If you choose to use one of the prepackaged Bitnami helm charts, you must configure both the externalDatabase
parameters, and the parameters for the chart you choose. For instance, if you choose to use the Bitnami PostgreSQL chart that we've prepackaged, you need to also configure all the parameters for postgresql
. You do not need to use the Bitnami helm charts. If you want to use an already configured database that you have externally, just set internalDatabase.enabled
to false
, and configure the externalDatabase
parameters below.
Parameter | Description | Default |
---|---|---|
internalDatabase.enabled |
Whether to use internal sqlite database | true |
internalDatabase.database |
Name of the existing database | nextcloud |
externalDatabase.enabled |
Whether to use external database | false |
externalDatabase.type |
External database type: mysql , postgresql |
mysql |
externalDatabase.host |
Host of the external database in form of host:port |
nil |
externalDatabase.database |
Name of the existing database | nextcloud |
externalDatabase.user |
Existing username in the external db | nextcloud |
externalDatabase.password |
Password for the above username | nil |
externalDatabase.existingSecret.enabled |
Whether to use a existing secret or not | false |
externalDatabase.existingSecret.secretName |
Name of the existing secret | nil |
externalDatabase.existingSecret.usernameKey |
Name of the key that contains the username | nil |
externalDatabase.existingSecret.passwordKey |
Name of the key that contains the password | nil |
externalDatabase.existingSecret.hostKey |
Name of the key that contains the database hostname or IP address | nil |
externalDatabase.existingSecret.databaseKey |
Name of the key that contains the database name | nil |
mariadb.enabled |
Whether to use the MariaDB chart | false |
mariadb.auth.database |
Database name to create | nextcloud |
mariadb.auth.username |
Database user to create | nextcloud |
mariadb.auth.password |
Password for the database | changeme |
mariadb.auth.rootPassword |
MariaDB admin password | nil |
mariadb.auth.existingSecret |
Use existing secret for MariaDB password details; see values.yaml for more detail | '' |
mariadb.primary.persistence.enabled |
Whether or not to Use a PVC on MariaDB primary | false |
mariadb.primary.persistence.existingClaim |
Use an existing PVC for MariaDB primary | nil |
postgresql.enabled |
Whether to use the PostgreSQL chart | false |
postgresql.image.registry |
PostgreSQL image registry | docker.io |
postgresql.image.repository |
PostgreSQL image repository | bitnami/postgresql |
postgresql.image.tag |
PostgreSQL image tag | 15.4.0-debian-11-r10 |
postgresql.global.postgresql.auth.database |
Database name to create | nextcloud |
postgresql.global.postgresql.auth.username |
Database user to create | nextcloud |
postgresql.global.postgresql.auth.password |
Password for the database | changeme |
postgresql.global.postgresql.auth.existingSecret |
Name of existing secret to use for PostgreSQL credentials | '' |
postgresql.global.postgresql.auth.secretKeys.adminPasswordKey |
Name of key in existing secret to use for PostgreSQL admin password | '' |
postgresql.global.postgresql.auth.secretKeys.userPasswordKey |
Name of key in existing secret to use for PostgreSQL user password | '' |
postgresql.global.postgresql.auth.secretKeys.replicationPasswordKey |
Name of key in existing secret to use for PostgreSQL replication password | '' |
postgresql.primary.persistence.enabled |
Whether or not to use PVC on PostgreSQL primary | false |
postgresql.primary.persistence.existingClaim |
Use an existing PVC for PostgreSQL primary | nil |
Is there a missing parameter for one of the Bitnami helm charts listed above? Please feel free to submit a PR to add that parameter in our values.yaml, but be sure to also update this README file :)
The Nextcloud image stores the nextcloud data and configurations at the /var/www/html
paths of the container.
Persistent Volume Claims are used to keep the data across deployments. This is known to work with GKE, EKS, K3s, and minikube.
Parameter | Description | Default |
---|---|---|
persistence.enabled |
Enable persistence using PVC | false |
persistence.annotations |
PVC annotations | {} |
persistence.storageClass |
PVC Storage Class for nextcloud volume | nil (uses alpha storage class annotation) |
persistence.existingClaim |
An Existing PVC name for nextcloud volume | nil (uses alpha storage class annotation) |
persistence.accessMode |
PVC Access Mode for nextcloud volume | ReadWriteOnce |
persistence.size |
PVC Storage Request for nextcloud volume | 8Gi |
persistence.nextcloudData.enabled |
Create a second PVC for the data folder in nextcloud | false |
persistence.nextcloudData.annotations |
see persistence.annotations |
{} |
persistence.nextcloudData.storageClass |
see persistence.storageClass |
nil (uses alpha storage class annotation) |
persistence.nextcloudData.existingClaim |
see persistence.existingClaim |
nil (uses alpha storage class annotation) |
persistence.nextcloudData.accessMode |
see persistence.accessMode |
ReadWriteOnce |
persistence.nextcloudData.size |
see persistence.size |
8Gi |
We include an optional experimental Nextcloud Metrics exporter from xperimental/nextcloud-exporter.
Parameter | Description | Default |
---|---|---|
metrics.enabled |
Start Prometheus metrics exporter | false |
metrics.https |
Defines if https is used to connect to nextcloud | false (uses http) |
metrics.token |
Uses token for auth instead of username/password | "" |
metrics.timeout |
When the scrape times out | 5s |
metrics.tlsSkipVerify |
Skips certificate verification of Nextcloud server | false |
metrics.image.repository |
Nextcloud metrics exporter image name | xperimental/nextcloud-exporter |
metrics.image.tag |
Nextcloud metrics exporter image tag | 0.6.0 |
metrics.image.pullPolicy |
Nextcloud metrics exporter image pull policy | IfNotPresent |
metrics.image.pullSecrets |
Nextcloud metrics exporter image pull secrets | nil |
metrics.podAnnotations |
Additional annotations for metrics exporter | not set |
metrics.podLabels |
Additional labels for metrics exporter | not set |
metrics.service.type |
Metrics: Kubernetes Service type | ClusterIP |
metrics.service.loadBalancerIP |
Metrics: LoadBalancerIp for service type LoadBalancer | nil |
metrics.service.nodePort |
Metrics: NodePort for service type NodePort | nil |
metrics.service.annotations |
Additional annotations for service metrics exporter | {prometheus.io/scrape: "true", prometheus.io/port: "9205"} |
metrics.service.labels |
Additional labels for service metrics exporter | {} |
metrics.serviceMonitor.enabled |
Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | false |
metrics.serviceMonitor.namespace |
Namespace in which Prometheus is running | `` |
metrics.serviceMonitor.jobLabel |
Name of the label on the target service to use as the job name in prometheus | `` |
metrics.serviceMonitor.interval |
Interval at which metrics should be scraped | 30s |
metrics.serviceMonitor.scrapeTimeout |
Specify the timeout after which the scrape is ended | `` |
metrics.serviceMonitor.labels |
Extra labels for the ServiceMonitor | `{} |
Note:
For nextcloud to function correctly, you should specify the
nextcloud.host
parameter to specify the FQDN (recommended) or the public IP address of the nextcloud service.Optionally, you can specify the
service.loadBalancerIP
parameter to assign a reserved IP address to the nextcloud service of the chart. However please note that this feature is only available on a few cloud providers (f.e. GKE).To reserve a public IP address on GKE:
gcloud compute addresses create nextcloud-public-ipThe reserved IP address can be associated to the nextcloud service by specifying it as the value of the
service.loadBalancerIP
parameter while installing the chart.
Specify each parameter using the --set key=value[,key=value]
argument to helm install
. For example,
helm install --name my-release \
--set nextcloud.username=admin,nextcloud.password=password,mariadb.auth.rootPassword=secretpassword \
nextcloud/nextcloud
The above command sets the nextcloud administrator account username and password to admin
and password
respectively. Additionally, it sets the MariaDB root
user password to secretpassword
.
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
helm install --name my-release -f values.yaml nextcloud/nextcloud
Tip: You can use the default values.yaml
To execute background tasks by using system cron instead of default Ajax cron, set cronjob.enabled
parameter to true
. Background jobs are important for tasks that do not necessarily need user intervention, but still need to be executed frequently (cleaning up, sending some notifications, pulling RSS feeds, etc.).
Enabling this option will create a sidecar container in the Nextcloud pod, which will start a crond
daemon responsible for running the Nextcloud cron.php script. At first launch, the background jobs mode in your Nextcloud basic settings will automatically be set to Cron.
Nextcloud supports loading configuration parameters from multiple files.
You can add arbitrary files ending with .config.php
in the config/
directory.
See documentation.
For example, following config will configure Nextcloud with S3 as primary storage by creating file /var/www/html/config/s3.config.php
:
nextcloud:
configs:
s3.config.php: |-
<?php
$CONFIG = array (
'objectstore' => array(
'class' => '\\OC\\Files\\ObjectStore\\S3',
'arguments' => array(
'bucket' => 'my-bucket',
'autocreate' => true,
'key' => 'xxx',
'secret' => 'xxx',
'region' => 'us-east-1',
'use_ssl' => true
)
)
);
To use nginx instead of apache to serve nextcloud, Set the following parameters in your values.yaml
:
# This Generates an image tag using the chart's app version
# e.g. if the app version is 25.0.3, the image tag will be 25.0.3-fpm
image:
flavor: fpm
# You can also specify a tag directly. this version is an example:
# tag: 25.0.3-fpm
# this deploys an nginx container within the nextcloud pod
nginx
enabled: true
For service discovery (CalDAV, CardDAV, webfinger, nodeinfo) to work you need to add redirects to your ingress.
If you use the ingress-nginx you can use the following server snippet annotation:
ingress:
annotations:
nginx.ingress.kubernetes.io/server-snippet: |-
server_tokens off;
proxy_hide_header X-Powered-By;
rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
deny all;
}
- Make sure your loadbalancer preserves source IP, for bare metal,
metalb
does andklipper-lb
doesn't. - Make sure your Ingress preserves source IP. If you use
ingress-nginx
, add the following annotations:
ingress:
annotations:
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
- The next layer is nextcloud pod's nginx container. In in your
values.yaml
, ifnextcloud.tag
hasfpm
in it, orimage.flavor
is set tofpm
, this can be left at default - Add some PHP config for nextcloud as mentioned above in multiple
config.php
s section:
configs:
proxy.config.php: |-
<?php
$CONFIG = array (
'trusted_proxies' => array(
0 => '127.0.0.1',
1 => '10.0.0.0/8',
),
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
);
If your node has hugepages enabled, but you do not map any into the container, it could fail to start with a bus error in Apache. This is due to Apache attempting to memory map a file and use hugepages. The fix is to either disable huge pages on the node or map hugepages into the container:
nextcloud:
extraVolumes:
- name: hugepages
emptyDir:
medium: HugePages-2Mi
extraVolumeMounts:
- name: hugepages
mountPath: /dev/hugepages
resources:
requests:
hugepages-2Mi: 500Mi
# note that Kubernetes currently requires cpu or memory requests and limits before hugepages are allowed.
memory: 500Mi
limits:
# limit and request must be the same for hugepages. They are a fixed resource.
hugepages-2Mi: 500Mi
# note that Kubernetes currently requires cpu or memory requests and limits before hugepages are allowed.
memory: 1Gi
If you want to have multiple Nextcloud containers, regardless of dynamic or static sizes, you need to use shared persistence between the containers.
Minimum cluster compatible persistence settings:
persistence:
enabled: true
accessMode: ReadWriteMany
Sometimes you need to run an occ command on the Nextcloud container directly. You can do that by running commands as the user www-data
via the kubectl exec
command.
# $NEXTCLOUD_POD should be the name of *your* nextcloud pod :)
kubectl exec $NEXTCLOUD_POD -- su -s /bin/sh www-data -c "php occ myocccomand"
Here are some examples below.
Some admin actions require you to put your Nextcloud instance into maintanence mode (e.g. backups):
# $NEXTCLOUD_POD should be the name of *your* nextcloud pod :)
kubectl exec $NEXTCLOUD_POD -- su -s /bin/sh www-data -c "php occ maintenance:mode --on"
Recognize requires you to download models before using it:
# $NEXTCLOUD_POD should be the name of *your* nextcloud pod :)
kubectl exec $NEXTCLOUD_POD -- su -s /bin/sh www-data -c "php occ recognize:download-models"
Check out the official Nextcloud backup docs. For your files, if you're using persistent volumes, and you'd like to back up to s3 backed storage (such as minio), consider using k8up or velero.
Since this chart utilizes the nextcloud/docker image, provided you are using persistent volumes, upgrades of your Nextcloud server are handled automatically from one version to the next, however, you can only upgrade one major version at a time. For example, if you want to upgrade from version 25
to 27
, you will have to upgrade from version 25
to 26
, then from 26
to 27
. Since our docker tag is set via the appVersion
in Chart.yaml
, you'll need to make sure you gradually upgrade the helm chart if you have missed serveral app versions.
After an upgrade, you may have missing indices. To fix this, you can run:
# where NEXTCLOUD_POD is *your* nextcloud pod
kubectl exec -it $NEXTCLOUD_POD -- su -s /bin/sh www-data -c "php occ db:add-missing-indices"
The nextcloud instance deployed by this chart doesn't currently create a log file locally inside the container. Examples scenarios to change this behavior include:
- Triaging mailserver issues
- Any time you're confused by server behavior and need more context
- Before submitting a GitHub Issue (you can include relevant log messages that way)
To change the logging behavior, modify your logging.config.php
in your values.yaml
under the nextcloud.configs
section like so:
nextcloud:
configs:
logging.config.php: |-
<?php
$CONFIG = array (
'log_type' => 'file',
'logfile' => 'nextcloud.log',
'loglevel' => 0,
'logdateformat' => 'F d, Y H:i:s'
);
loglevel
corresponds to the detail of the logs. Valid values are:
0: DEBUG: All activity; the most detailed logging.
1: INFO: Activity such as user logins and file activities, plus warnings, errors, and fatal errors.
2: WARN: Operations succeed, but with warnings of potential problems, plus errors and fatal errors.
3: ERROR: An operation fails, but other services and operations continue, plus fatal errors.
4: FATAL: The server stops.
More information about Nextcloud logging
To view logs after changing the logging behavior, you can exec into the Kubernetes pod, or copy them to your local machine.
kubectl exec --stdin --tty nextcloud-pod-name-random-chars -- /bin/sh
cat nextcloud.log
tail -f nextcloud.log
kubectl cp default/nextcloud-pod-name-random-chars:nextcloud.log ./my-local-machine-nextcloud.log
Remember to anonymize your logs and snippets from your pod before sharing them with the internet. Kubernetes secrets, even Sealed ones, live in plaintext env
variables on your running containers, and log messages can include other information that should stay safely with you.