Commit new App releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot 2022-07-07 16:43:38 +00:00
parent 1bd1b91461
commit 00d9afdb26
18 changed files with 3600 additions and 0 deletions

View File

@ -0,0 +1,99 @@
# Changelog<br>
<a name="nextcloud-15.1.2"></a>
### [nextcloud-15.1.2](https://github.com/truecharts/apps/compare/nextcloud-15.1.1...nextcloud-15.1.2) (2022-07-07)
#### Fix
* bypass hpb domain check ([#3093](https://github.com/truecharts/apps/issues/3093))
<a name="nextcloud-15.1.1"></a>
### [nextcloud-15.1.1](https://github.com/truecharts/apps/compare/nextcloud-15.1.0...nextcloud-15.1.1) (2022-07-07)
#### Fix
* correct some mistakes in the migration script ([#3091](https://github.com/truecharts/apps/issues/3091))
<a name="nextcloud-15.1.0"></a>
### [nextcloud-15.1.0](https://github.com/truecharts/apps/compare/nextcloud-15.0.1...nextcloud-15.1.0) (2022-07-06)
#### Feat
* add Imaginary high-performance preview backend ([#3086](https://github.com/truecharts/apps/issues/3086))
<a name="nextcloud-15.0.1"></a>
### [nextcloud-15.0.1](https://github.com/truecharts/apps/compare/nextcloud-15.0.0...nextcloud-15.0.1) (2022-07-06)
#### Fix
* change nginx redirect options to not add port to query ([#3085](https://github.com/truecharts/apps/issues/3085))
<a name="nextcloud-15.0.0"></a>
### [nextcloud-15.0.0](https://github.com/truecharts/apps/compare/nextcloud-14.0.16...nextcloud-15.0.0) (2022-07-06)
<a name="nextcloud-14.0.16"></a>
### [nextcloud-14.0.16](https://github.com/truecharts/apps/compare/nextcloud-14.0.15...nextcloud-14.0.16) (2022-07-05)
#### Chore
* update helm general non-major helm releases ([#3075](https://github.com/truecharts/apps/issues/3075))
<a name="nextcloud-14.0.15"></a>
### [nextcloud-14.0.15](https://github.com/truecharts/apps/compare/nextcloud-14.0.14...nextcloud-14.0.15) (2022-07-04)
#### Chore
* update helm general non-major helm releases ([#3066](https://github.com/truecharts/apps/issues/3066))
<a name="nextcloud-14.0.14"></a>
### [nextcloud-14.0.14](https://github.com/truecharts/apps/compare/nextcloud-14.0.13...nextcloud-14.0.14) (2022-07-01)
#### Chore
* update docker general non-major ([#3015](https://github.com/truecharts/apps/issues/3015))
<a name="nextcloud-14.0.13"></a>
### [nextcloud-14.0.13](https://github.com/truecharts/apps/compare/nextcloud-14.0.12...nextcloud-14.0.13) (2022-06-29)
#### Chore
* update docker general non-major ([#3002](https://github.com/truecharts/apps/issues/3002))
<a name="nextcloud-14.0.12"></a>
### [nextcloud-14.0.12](https://github.com/truecharts/apps/compare/nextcloud-14.0.11...nextcloud-14.0.12) (2022-06-27)
#### Chore
* update docker general non-major ([#2999](https://github.com/truecharts/apps/issues/2999))
<a name="nextcloud-14.0.11"></a>
### [nextcloud-14.0.11](https://github.com/truecharts/apps/compare/nextcloud-14.0.10...nextcloud-14.0.11) (2022-06-26)
#### Chore
* update docker general non-major ([#2988](https://github.com/truecharts/apps/issues/2988))
<a name="nextcloud-14.0.10"></a>

View File

@ -0,0 +1,12 @@
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.2.0
- name: postgresql
repository: https://charts.truecharts.org/
version: 8.0.22
- name: redis
repository: https://charts.truecharts.org
version: 3.0.22
digest: sha256:82453b7bc640176ac92a18d336e348ce5c0979c0a8ebb87ab52fefe9ec037c2c
generated: "2022-07-07T16:40:23.027329578Z"

View File

@ -0,0 +1,41 @@
apiVersion: v2
appVersion: "24.0.2"
dependencies:
- name: common
repository: https://library-charts.truecharts.org
version: 10.2.0
- condition: postgresql.enabled
name: postgresql
repository: https://charts.truecharts.org/
version: 8.0.22
- condition: redis.enabled
name: redis
repository: https://charts.truecharts.org
version: 3.0.22
deprecated: false
description: A private cloud server that puts the control and security of your own
data back into your hands.
home: https://github.com/truecharts/apps/tree/master/charts/stable/nextcloud
icon: https://truecharts.org/_static/img/appicons/nextcloud.png
keywords:
- nextcloud
- storage
- http
- web
- php
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: nextcloud
sources:
- https://github.com/nextcloud/docker
- https://github.com/nextcloud/helm
type: application
version: 15.1.2
annotations:
truecharts.org/catagories: |
- cloud
truecharts.org/SCALE-support: "true"
truecharts.org/grade: U

View File

@ -0,0 +1,40 @@
# Introduction
A private cloud server that puts the control and security of your own data back into your hands.
TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
## Source Code
* <https://github.com/nextcloud/docker>
* <https://github.com/nextcloud/helm>
## Requirements
Kubernetes: `>=1.16.0-0`
## Dependencies
| Repository | Name | Version |
|------------|------|---------|
| https://charts.truecharts.org/ | postgresql | 8.0.22 |
| https://charts.truecharts.org | redis | 3.0.22 |
| https://library-charts.truecharts.org | common | 10.2.0 |
## Installing the Chart
To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/02-Installing-an-App/).
## Upgrading, Rolling Back and Uninstalling the Chart
To upgrade, rollback or delete this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/04-Upgrade-rollback-delete-an-App/).
## Support
- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first.
- See the [Wiki](https://truecharts.org)
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
---
All Rights Reserved - The TrueCharts Project

View File

@ -0,0 +1,3 @@
A private cloud server that puts the control and security of your own data back into your hands.
This App is supplied by TrueCharts, for more information please visit https://truecharts.org

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -0,0 +1,11 @@
env:
# IP used for exposing nextcloud
# Often the service or nodePort IP
AccessIP: "127.0.0.1"
service:
main:
ports:
main:
port: 8080
targetPort: 8080

View File

@ -0,0 +1,403 @@
image:
repository: tccr.io/truecharts/nextcloud-fpm
pullPolicy: IfNotPresent
tag: v24.0.2@sha256:9cd0fb3875d673932d50fa677326b42955a3e8637dc2602b7a827f2afb42eee9
nginxImage:
repository: tccr.io/truecharts/nginx-unprivileged
pullPolicy: IfNotPresent
tag: v1.23.0@sha256:e0e989581b7935192d6023ac4a2c19045df39b69b43b894fedbd09726b34c133
imaginaryImage:
repository: h2non/imaginary
pullPolicy: IfNotPresent
tag: 1.2.4@sha256:7facb4221047a5e79b9e902f380247f4e5bf4376400d0badbeb738d3e1c2f654
securityContext:
readOnlyRootFilesystem: false
runAsNonRoot: false
podSecurityContext:
runAsUser: 0
runAsGroup: 0
fsGroup: 33
service:
main:
ports:
main:
port: 10020
targetPort: 8080
backend:
enabled: true
ports:
hpb:
enabled: true
port: 7867
targetPort: 7867
hpb-metrics:
enabled: true
port: 7868
targetPort: 7868
fpm:
enabled: true
port: 9000
targetPort: 9000
imaginary:
enabled: true
port: 9090
targetPort: 9090
hostAliases:
- ip: '{{ .Values.AccessIP | default "127.0.0.1" }}'
hostnames:
- "{{ if .Values.ingress.main.enabled }}{{ with (first .Values.ingress.main.hosts) }}{{ .host }}{{ end }}{{ else }}placeholder.fakedomain.dns{{ end }}"
secretEnv:
NEXTCLOUD_ADMIN_USER: "admin"
NEXTCLOUD_ADMIN_PASSWORD: "adminpass"
probes:
liveness:
custom: true
spec:
initialDelaySeconds: 25
httpGet:
path: /status.php
port: 8080
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
readiness:
custom: true
spec:
initialDelaySeconds: 25
httpGet:
path: /status.php
port: 8080
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
startup:
custom: true
spec:
initialDelaySeconds: 25
httpGet:
path: /status.php
port: 8080
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
initContainers:
prestart:
image: '{{ include "tc.common.images.selector" . }}'
securityContext:
runAsUser: 0
runAsGroup: 0
privileged: true
command:
- "/bin/sh"
- "-c"
- |
/bin/bash <<'EOF'
if [[ -f /data/config/config.php ]] && [[ ! -f /html/config/config.php ]]; then
echo "migrating from single to dual PVC's..."
echo "moving to placeholder location..."
mv -f /var/www/html/data/* /var/www/html/data/tomigrate/
echo "moving userdata to data-pvc root..."
mv -f /var/www/html/data/tomigrate/data/* /var/www/html/data/
echo "removing old data folder..."
rm -rf /var/www/html/data/tomigrate/data
echo "moving config, apps, templates and other content to html-pvc root..."
mv -f /var/www/html/data/tomigrate/* /var/www/html/
echo "Removing migration temporary folder..."
rm -rf /var/www/html/data/tomigrate
fi
echo "Enforcing chmod 770 on data-dir..."
chmod 770 /var/www/html/data
echo "Migrating old data when found..."
EOF
volumeMounts:
- name: data
mountPath: "/var/www/html/data"
- name: html
mountPath: "/var/www/html"
env:
# IP used for exposing nextcloud
# Often the service or nodePort IP
# Defaults to the main serviceName for CI purposes.
AccessIP:
TRUSTED_PROXIES: "172.16.0.0/16 127.0.0.1"
POSTGRES_DB: "{{ .Values.postgresql.postgresqlDatabase }}"
POSTGRES_USER: "{{ .Values.postgresql.postgresqlUsername }}"
POSTGRES_PASSWORD:
secretKeyRef:
name: dbcreds
key: postgresql-password
POSTGRES_HOST:
secretKeyRef:
name: dbcreds
key: plainporthost
REDIS_HOST:
secretKeyRef:
name: rediscreds
key: plainhost
REDIS_HOST_PASSWORD:
secretKeyRef:
name: rediscreds
key: redis-password
envFrom:
- configMapRef:
name: nextcloudconfig
persistence:
html:
enabled: true
mountPath: "/var/www/html"
data:
enabled: true
mountPath: "/var/www/html/data"
varrun:
enabled: true
cache:
enabled: true
type: emptyDir
mountPath: /var/cache/nginx
medium: Memory
nginx:
enabled: "true"
mountPath: "/etc/nginx"
noMount: true
readOnly: true
type: "custom"
volumeSpec:
configMap:
name: '{{ include "tc.common.names.fullname" . }}-nginx'
items:
- key: nginx.conf
path: nginx.conf
configmap:
nginx:
enabled: true
data:
nginx.conf: |-
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
# Prevent nginx HTTP Server Detection
server_tokens off;
keepalive_timeout 65;
#gzip on;
upstream php-handler {
server 127.0.0.1:9000;
}
server {
listen 8080;
absolute_redirect off;
# Forward Notify_Push "High Performance Backend" to it's own container
location ^~ /push/ {
proxy_pass http://127.0.0.1:7867/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /var/www/html;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = / {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /remote.php/webdav/$is_args$args;
}
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`.
location ^~ /.well-known {
# The rules in this block are an adaptation of the rules
# in `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
# according to the documentation these two lines are not necessary, but some users are still recieving errors
location = /.well-known/webfinger { return 301 /index.php$uri; }
location = /.well-known/nodeinfo { return 301 /index.php$uri; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /index.php$request_uri;
}
# Rules borrowed from `.htaccess` to hide certain paths from clients
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
# to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
# Required for legacy support
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
#fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ \.(?:css|js|svg|gif)$ {
try_files $uri /index.php$request_uri;
expires 6M; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
location /remote {
return 301 /remote.php$request_uri;
}
location / {
try_files $uri $uri/ /index.php$request_uri;
}
}
}
cronjob:
enabled: true
generatePreviews: true
schedule: "*/5 * * * *"
annotations: {}
failedJobsHistoryLimit: 5
successfulJobsHistoryLimit: 2
hpb:
enabled: true
imaginary:
enabled: true
postgresql:
enabled: true
existingSecret: "dbcreds"
postgresqlUsername: nextcloud
postgresqlDatabase: nextcloud
redis:
enabled: true
existingSecret: "rediscreds"

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,29 @@
{{/* Define the configmap */}}
{{- define "nextcloud.configmap" -}}
{{- $hosts := "" }}
{{- if .Values.ingress.main.enabled }}
{{- range .Values.ingress }}
{{- range $index, $host := .hosts }}
{{- if $index }}
{{ $hosts = ( printf "%v %v" $hosts $host.host ) }}
{{- else }}
{{ $hosts = ( printf "%s" $host.host ) }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nextcloudconfig
data:
NEXTCLOUD_TRUSTED_DOMAINS: {{ ( printf "%v %v %v %v %v %v %v %v" "test.fakedomain.dns" "localhost" "127.0.0.1" ( printf "%v:%v" "127.0.0.1" .Values.service.main.ports.main.port ) ( .Values.env.AccessIP | default "localhost" ) ( printf "%v-%v" .Release.Name "nextcloud" ) ( printf "%v-%v" .Release.Name "nextcloud-backend" ) $hosts ) | quote }}
{{- if .Values.ingress.main.enabled }}
APACHE_DISABLE_REWRITE_IP: "1"
{{- end }}
{{- end -}}

View File

@ -0,0 +1,64 @@
{{/* Define the cronjob */}}
{{- define "nextcloud.cronjob" -}}
{{- if .Values.cronjob.enabled -}}
{{- $jobName := include "tc.common.names.fullname" . }}
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: {{ printf "%s-cronjob" $jobName }}
labels:
{{- include "tc.common.labels" . | nindent 4 }}
spec:
schedule: "{{ .Values.cronjob.schedule }}"
concurrencyPolicy: Forbid
{{- with .Values.cronjob.failedJobsHistoryLimit }}
failedJobsHistoryLimit: {{ . }}
{{- end }}
{{- with .Values.cronjob.successfulJobsHistoryLimit }}
successfulJobsHistoryLimit: {{ . }}
{{- end }}
jobTemplate:
metadata:
spec:
template:
metadata:
spec:
restartPolicy: Never
{{- with (include "tc.common.controller.volumes" . | trim) }}
volumes:
{{- nindent 12 . }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: '{{ include "tc.common.images.selector" . }}'
imagePullPolicy: {{ default .Values.image.pullPolicy }}
command:
- "/bin/sh"
- "-c"
- |
/bin/bash <<'EOF'
echo "running nextcloud cronjob..."
php -f /var/www/html/cron.php
echo "cronjob finished"
{{- if .Values.cronjob.generatePreviews }}
echo "Pre-generating Previews..."
php /var/www/html/occ preview:pre-generate
echo "Previews generated."
{{- end }}
EOF
# Will mount configuration files as www-data (id: 33) by default for nextcloud
{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
volumeMounts:
{{ nindent 16 . }}
{{- end }}
securityContext:
runAsUser: 33
runAsGroup: 33
readOnlyRootFilesystem: true
runAsNonRoot: true
resources:
{{ toYaml .Values.resources | indent 16 }}
{{- end -}}
{{- end -}}

View File

@ -0,0 +1,129 @@
{{/* Define the hbp container */}}
{{- define "nextcloud.hpb" -}}
{{- $jobName := include "tc.common.names.fullname" . }}
image: '{{ include "tc.common.images.selector" . }}'
imagePullPolicy: '{{ .Values.image.pullPolicy }}'
securityContext:
runAsUser: 33
runAsGroup: 33
readOnlyRootFilesystem: true
runAsNonRoot: true
{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
volumeMounts:
{{ nindent 2 . }}
{{- end }}
ports:
- containerPort: 7867
readinessProbe:
httpGet:
path: /push/test/cookie
port: 7867
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
livenessProbe:
httpGet:
path: /push/test/cookie
port: 7867
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
startupProbe:
httpGet:
path: /push/test/cookie
port: 7867
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
command:
- "/bin/sh"
- "-c"
- |
/bin/bash <<'EOF'
set -m
echo "Waiting for notify_push file to be available..."
until [ -f /var/www/html/custom_apps/notify_push/bin/x86_64/notify_push ]
do
sleep 10
echo "Notify_push not found... waiting..."
done
echo "Waiting for Nextcloud to start..."
until $(curl --output /dev/null --silent --head --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:8080/status.php); do
echo "Nextcloud not found... waiting..."
sleep 10
done
until $(curl --silent --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:8080/status.php | jq --raw-output '.installed' | grep "true"); do
echo "Nextcloud not installed... waiting..."
sleep 10
done
echo "Nextcloud instance with Notify_push found... Launching High Performance Backend..."
/var/www/html/custom_apps/notify_push/bin/x86_64/notify_push /var/www/html/config/config.php &
{{- if .Values.imaginary.enabled }}
echo "Imaginary High Performance Previews enabled, enabling it on Nextcloud..."
php /var/www/html/occ config:system:set enabledPreviewProviders 6 --value='OC\Preview\Imaginary'
php /var/www/html/occ config:system:set preview_imaginary_url --value='http://127.0.0.1:9090'
{{- end }}
until $(curl --output /dev/null --silent --head --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:7867/push/test/cookie); do
echo "High Performance Backend not running ... waiting..."
sleep 10
done
echo "High Performance Backend found..."
{{- $accessurl := ( printf "http://%v:%v" ( .Values.env.AccessIP | default ( printf "%v-%v" .Release.Name "nextcloud" ) ) .Values.service.main.ports.main.port ) }}
{{- if .Values.ingress.main.enabled }}
{{- with (first .Values.ingress.main.hosts) }}
{{- $accessurl = ( printf "https://%s" .host ) }}
{{- end }}
{{- end }}
echo "Configuring High Performance Backend for url: {{ $accessurl }}"
php /var/www/html/occ notify_push:setup {{ $accessurl }}/push
fg
EOF
env:
- name: NEXTCLOUD_URL
value: 'http://127.0.0.1:8080'
- name: METRICS_PORT
value: '7868'
- name: TRUSTED_PROXIES
value: "{{ .Values.env.TRUSTED_PROXIES }}"
- name: POSTGRES_DB
value: "{{ .Values.postgresql.postgresqlDatabase }}"
- name: POSTGRES_USER
value: "{{ .Values.postgresql.postgresqlUsername }}"
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: dbcreds
key: postgresql-password
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: dbcreds
key: plainporthost
- name: REDIS_HOST
valueFrom:
secretKeyRef:
name: rediscreds
key: plainhost
- name: REDIS_HOST_PASSWORD
valueFrom:
secretKeyRef:
name: rediscreds
key: redis-password
envFrom:
- configMapRef:
name: nextcloudconfig
{{- end -}}

View File

@ -0,0 +1,40 @@
{{/* Define the imaginary container */}}
{{- define "nextcloud.imaginary" -}}
image: {{ .Values.imaginaryImage.repository }}:{{ .Values.imaginaryImage.tag }}
imagePullPolicy: '{{ .Values.image.pullPolicy }}'
securityContext:
runAsUser: 33
runAsGroup: 33
readOnlyRootFilesystem: true
runAsNonRoot: true
ports:
- containerPort: 9090
args: ["-enable-url-source"]
env:
- name: 'PORT'
value: '9090'
readinessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
livenessProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
startupProbe:
httpGet:
path: /
port: 9090
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
{{- end -}}

View File

@ -0,0 +1,54 @@
{{/* Define the nginx container */}}
{{- define "nextcloud.nginx" -}}
image: {{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}
imagePullPolicy: '{{ .Values.image.pullPolicy }}'
securityContext:
runAsUser: 33
runAsGroup: 33
readOnlyRootFilesystem: true
runAsNonRoot: true
{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
volumeMounts:
{{ nindent 2 . }}
{{- end }}
- mountPath: /etc/nginx/nginx.conf
name: nginx
readOnly: true
subPath: nginx.conf
ports:
- containerPort: 8080
readinessProbe:
httpGet:
path: /robots.txt
port: 8080
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
livenessProbe:
httpGet:
path: /robots.txt
port: 8080
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
startupProbe:
httpGet:
path: /robots.txt
port: 8080
httpHeaders:
- name: Host
value: "test.fakedomain.dns"
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
{{- end -}}

View File

@ -0,0 +1,22 @@
{{/* Make sure all variables are set properly */}}
{{- include "tc.common.loader.init" . }}
{{/* Render configmap for nextcloud */}}
{{- include "nextcloud.configmap" . }}
{{- $newMiddlewares := append .Values.ingress.main.fixedMiddlewares "tc-nextcloud-chain" }}
{{- $_ := set .Values.ingress.main "fixedMiddlewares" $newMiddlewares -}}
{{- $_ := set .Values.additionalContainers "nginx" (include "nextcloud.nginx" . | fromYaml) -}}
{{- if .Values.imaginary.enabled -}}
{{- $_ := set .Values.additionalContainers "imaginary" (include "nextcloud.imaginary" . | fromYaml) -}}
{{- end -}}
{{- if .Values.hpb.enabled -}}
{{- $_ := set .Values.additionalContainers "hpb" (include "nextcloud.hpb" . | fromYaml) -}}
{{- end -}}
{{/* Render the templates */}}
{{ include "tc.common.loader.apply" . }}
{{/* Render cronjob for nextcloud */}}
{{- include "nextcloud.cronjob" . }}

View File