diff --git a/stable/nextcloud/15.2.1/CHANGELOG.md b/stable/nextcloud/15.2.1/CHANGELOG.md
new file mode 100644
index 00000000000..ec462390a19
--- /dev/null
+++ b/stable/nextcloud/15.2.1/CHANGELOG.md
@@ -0,0 +1,99 @@
+# Changelog
+
+
+
+### [nextcloud-15.2.1](https://github.com/truecharts/apps/compare/nextcloud-15.2.0...nextcloud-15.2.1) (2022-07-08)
+
+#### Fix
+
+* fix HPB service polling url ([#3102](https://github.com/truecharts/apps/issues/3102))
+
+
+
+
+### [nextcloud-15.2.0](https://github.com/truecharts/apps/compare/nextcloud-15.1.4...nextcloud-15.2.0) (2022-07-08)
+
+
+
+
+### [nextcloud-15.1.4](https://github.com/truecharts/apps/compare/nextcloud-15.1.3...nextcloud-15.1.4) (2022-07-08)
+
+#### Fix
+
+* fix wrong accessip reference ([#3101](https://github.com/truecharts/apps/issues/3101))
+
+
+
+
+### [nextcloud-15.1.3](https://github.com/truecharts/apps/compare/nextcloud-15.1.2...nextcloud-15.1.3) (2022-07-07)
+
+#### Chore
+
+* update docker general non-major ([#3089](https://github.com/truecharts/apps/issues/3089))
+
+
+
+
+### [nextcloud-15.1.2](https://github.com/truecharts/apps/compare/nextcloud-15.1.1...nextcloud-15.1.2) (2022-07-07)
+
+#### Fix
+
+* bypass hpb domain check ([#3093](https://github.com/truecharts/apps/issues/3093))
+
+
+
+
+### [nextcloud-15.1.1](https://github.com/truecharts/apps/compare/nextcloud-15.1.0...nextcloud-15.1.1) (2022-07-07)
+
+#### Fix
+
+* correct some mistakes in the migration script ([#3091](https://github.com/truecharts/apps/issues/3091))
+
+
+
+
+### [nextcloud-15.1.0](https://github.com/truecharts/apps/compare/nextcloud-15.0.1...nextcloud-15.1.0) (2022-07-06)
+
+#### Feat
+
+* add Imaginary high-performance preview backend ([#3086](https://github.com/truecharts/apps/issues/3086))
+
+
+
+
+### [nextcloud-15.0.1](https://github.com/truecharts/apps/compare/nextcloud-15.0.0...nextcloud-15.0.1) (2022-07-06)
+
+#### Fix
+
+* change nginx redirect options to not add port to query ([#3085](https://github.com/truecharts/apps/issues/3085))
+
+
+
+
+### [nextcloud-15.0.0](https://github.com/truecharts/apps/compare/nextcloud-14.0.16...nextcloud-15.0.0) (2022-07-06)
+
+
+
+
+### [nextcloud-14.0.16](https://github.com/truecharts/apps/compare/nextcloud-14.0.15...nextcloud-14.0.16) (2022-07-05)
+
+#### Chore
+
+* update helm general non-major helm releases ([#3075](https://github.com/truecharts/apps/issues/3075))
+
+
+
+
+### [nextcloud-14.0.15](https://github.com/truecharts/apps/compare/nextcloud-14.0.14...nextcloud-14.0.15) (2022-07-04)
+
+#### Chore
+
+* update helm general non-major helm releases ([#3066](https://github.com/truecharts/apps/issues/3066))
+
+
+
+
+### [nextcloud-14.0.14](https://github.com/truecharts/apps/compare/nextcloud-14.0.13...nextcloud-14.0.14) (2022-07-01)
+
+#### Chore
+
diff --git a/stable/nextcloud/15.2.1/Chart.lock b/stable/nextcloud/15.2.1/Chart.lock
new file mode 100644
index 00000000000..ededc09a0da
--- /dev/null
+++ b/stable/nextcloud/15.2.1/Chart.lock
@@ -0,0 +1,15 @@
+dependencies:
+- name: common
+ repository: https://library-charts.truecharts.org
+ version: 10.2.0
+- name: postgresql
+ repository: https://charts.truecharts.org/
+ version: 8.0.22
+- name: collabora-online
+ repository: https://charts.truecharts.org/
+ version: 12.0.11
+- name: redis
+ repository: https://charts.truecharts.org
+ version: 3.0.22
+digest: sha256:ce50d5b90e0a57a934090c19d8a9b64a8918fbc8880bb9cc1f41c665e7503ad8
+generated: "2022-07-08T15:00:21.750398665Z"
diff --git a/stable/nextcloud/15.2.1/Chart.yaml b/stable/nextcloud/15.2.1/Chart.yaml
new file mode 100644
index 00000000000..0d6f25d9e6f
--- /dev/null
+++ b/stable/nextcloud/15.2.1/Chart.yaml
@@ -0,0 +1,45 @@
+apiVersion: v2
+appVersion: "24.0.2"
+dependencies:
+- name: common
+ repository: https://library-charts.truecharts.org
+ version: 10.2.0
+- condition: postgresql.enabled
+ name: postgresql
+ repository: https://charts.truecharts.org/
+ version: 8.0.22
+- condition: collabora.enabled
+ name: collabora-online
+ repository: https://charts.truecharts.org/
+ version: 12.0.11
+- condition: redis.enabled
+ name: redis
+ repository: https://charts.truecharts.org
+ version: 3.0.22
+deprecated: false
+description: A private cloud server that puts the control and security of your own
+ data back into your hands.
+home: https://github.com/truecharts/apps/tree/master/charts/stable/nextcloud
+icon: https://truecharts.org/_static/img/appicons/nextcloud.png
+keywords:
+- nextcloud
+- storage
+- http
+- web
+- php
+kubeVersion: '>=1.16.0-0'
+maintainers:
+- email: info@truecharts.org
+ name: TrueCharts
+ url: https://truecharts.org
+name: nextcloud
+sources:
+- https://github.com/nextcloud/docker
+- https://github.com/nextcloud/helm
+type: application
+version: 15.2.1
+annotations:
+ truecharts.org/catagories: |
+ - cloud
+ truecharts.org/SCALE-support: "true"
+ truecharts.org/grade: U
diff --git a/stable/nextcloud/15.2.1/README.md b/stable/nextcloud/15.2.1/README.md
new file mode 100644
index 00000000000..67b085b0c60
--- /dev/null
+++ b/stable/nextcloud/15.2.1/README.md
@@ -0,0 +1,41 @@
+# Introduction
+
+A private cloud server that puts the control and security of your own data back into your hands.
+
+TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
+
+## Source Code
+
+*
+*
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.truecharts.org/ | collabora-online | 12.0.11 |
+| https://charts.truecharts.org/ | postgresql | 8.0.22 |
+| https://charts.truecharts.org | redis | 3.0.22 |
+| https://library-charts.truecharts.org | common | 10.2.0 |
+
+## Installing the Chart
+
+To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/02-Installing-an-App/).
+
+## Upgrading, Rolling Back and Uninstalling the Chart
+
+To upgrade, rollback or delete this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/04-Upgrade-rollback-delete-an-App/).
+
+## Support
+
+- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Adding-TrueCharts/) first.
+- See the [Wiki](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
+---
+All Rights Reserved - The TrueCharts Project
diff --git a/stable/nextcloud/15.2.1/app-readme.md b/stable/nextcloud/15.2.1/app-readme.md
new file mode 100644
index 00000000000..28094fc642d
--- /dev/null
+++ b/stable/nextcloud/15.2.1/app-readme.md
@@ -0,0 +1,3 @@
+A private cloud server that puts the control and security of your own data back into your hands.
+
+This App is supplied by TrueCharts, for more information please visit https://truecharts.org
diff --git a/stable/nextcloud/15.2.1/charts/collabora-online-12.0.11.tgz b/stable/nextcloud/15.2.1/charts/collabora-online-12.0.11.tgz
new file mode 100644
index 00000000000..588004065d5
Binary files /dev/null and b/stable/nextcloud/15.2.1/charts/collabora-online-12.0.11.tgz differ
diff --git a/stable/nextcloud/15.2.1/charts/common-10.2.0.tgz b/stable/nextcloud/15.2.1/charts/common-10.2.0.tgz
new file mode 100644
index 00000000000..8abc9a79864
Binary files /dev/null and b/stable/nextcloud/15.2.1/charts/common-10.2.0.tgz differ
diff --git a/stable/nextcloud/15.2.1/charts/postgresql-8.0.22.tgz b/stable/nextcloud/15.2.1/charts/postgresql-8.0.22.tgz
new file mode 100644
index 00000000000..d84f0e9688b
Binary files /dev/null and b/stable/nextcloud/15.2.1/charts/postgresql-8.0.22.tgz differ
diff --git a/stable/nextcloud/15.2.1/charts/redis-3.0.22.tgz b/stable/nextcloud/15.2.1/charts/redis-3.0.22.tgz
new file mode 100644
index 00000000000..b7405312f97
Binary files /dev/null and b/stable/nextcloud/15.2.1/charts/redis-3.0.22.tgz differ
diff --git a/stable/nextcloud/15.2.1/ci/basic-values.yaml b/stable/nextcloud/15.2.1/ci/basic-values.yaml
new file mode 100644
index 00000000000..0e1ca145546
--- /dev/null
+++ b/stable/nextcloud/15.2.1/ci/basic-values.yaml
@@ -0,0 +1,11 @@
+env:
+ # IP used for exposing nextcloud
+ # Often the service or nodePort IP
+ AccessIP: "127.0.0.1"
+
+service:
+ main:
+ ports:
+ main:
+ port: 8080
+ targetPort: 8080
diff --git a/stable/nextcloud/15.2.1/ix_values.yaml b/stable/nextcloud/15.2.1/ix_values.yaml
new file mode 100644
index 00000000000..9565445e782
--- /dev/null
+++ b/stable/nextcloud/15.2.1/ix_values.yaml
@@ -0,0 +1,414 @@
+image:
+ repository: tccr.io/truecharts/nextcloud-fpm
+ pullPolicy: IfNotPresent
+ tag: v24.0.2@sha256:9cd0fb3875d673932d50fa677326b42955a3e8637dc2602b7a827f2afb42eee9
+
+nginxImage:
+ repository: tccr.io/truecharts/nginx-unprivileged
+ pullPolicy: IfNotPresent
+ tag: v1.23.0@sha256:bccf9fad34d3cc99471a5b6c433cf8b0ce28581c7b69fd50d5d87d0e3ff965eb
+
+imaginaryImage:
+ repository: h2non/imaginary
+ pullPolicy: IfNotPresent
+ tag: 1.2.4@sha256:7facb4221047a5e79b9e902f380247f4e5bf4376400d0badbeb738d3e1c2f654
+
+securityContext:
+ readOnlyRootFilesystem: false
+ runAsNonRoot: false
+
+podSecurityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ fsGroup: 33
+
+service:
+ main:
+ ports:
+ main:
+ port: 10020
+ targetPort: 8080
+ backend:
+ enabled: true
+ ports:
+ hpb:
+ enabled: true
+ port: 7867
+ targetPort: 7867
+ hpb-metrics:
+ enabled: true
+ port: 7868
+ targetPort: 7868
+ fpm:
+ enabled: true
+ port: 9000
+ targetPort: 9000
+ imaginary:
+ enabled: true
+ port: 9090
+ targetPort: 9090
+
+hostAliases:
+ - ip: '{{ .Values.env.AccessIP | default "127.0.0.1" }}'
+ hostnames:
+ - "{{ if .Values.ingress.main.enabled }}{{ with (first .Values.ingress.main.hosts) }}{{ .host }}{{ end }}{{ else }}placeholder.fakedomain.dns{{ end }}"
+
+secretEnv:
+ NEXTCLOUD_ADMIN_USER: "admin"
+ NEXTCLOUD_ADMIN_PASSWORD: "adminpass"
+
+probes:
+ liveness:
+ custom: true
+ spec:
+ initialDelaySeconds: 25
+ httpGet:
+ path: /status.php
+ port: 8080
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+
+ readiness:
+ custom: true
+ spec:
+ initialDelaySeconds: 25
+ httpGet:
+ path: /status.php
+ port: 8080
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+
+ startup:
+ custom: true
+ spec:
+ initialDelaySeconds: 25
+ httpGet:
+ path: /status.php
+ port: 8080
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+
+initContainers:
+ prestart:
+ image: '{{ include "tc.common.images.selector" . }}'
+ securityContext:
+ runAsUser: 0
+ runAsGroup: 0
+ privileged: true
+ command:
+ - "/bin/sh"
+ - "-c"
+ - |
+ /bin/bash <<'EOF'
+ if [[ -f /data/config/config.php ]] && [[ ! -f /html/config/config.php ]]; then
+ echo "migrating from single to dual PVC's..."
+ echo "moving to placeholder location..."
+ mv -f /var/www/html/data/* /var/www/html/data/tomigrate/
+ echo "moving userdata to data-pvc root..."
+ mv -f /var/www/html/data/tomigrate/data/* /var/www/html/data/
+ echo "removing old data folder..."
+ rm -rf /var/www/html/data/tomigrate/data
+ echo "moving config, apps, templates and other content to html-pvc root..."
+ mv -f /var/www/html/data/tomigrate/* /var/www/html/
+ echo "Removing migration temporary folder..."
+ rm -rf /var/www/html/data/tomigrate
+ fi
+ echo "Enforcing chmod 770 on data-dir..."
+ chmod 770 /var/www/html/data
+ echo "Migrating old data when found..."
+ EOF
+
+ volumeMounts:
+ - name: data
+ mountPath: "/var/www/html/data"
+ - name: html
+ mountPath: "/var/www/html"
+
+env:
+ # IP used for exposing nextcloud
+ # Often the service or nodePort IP
+ # Defaults to the main serviceName for CI purposes.
+ AccessIP:
+ TRUSTED_PROXIES: "172.16.0.0/16 127.0.0.1"
+ POSTGRES_DB: "{{ .Values.postgresql.postgresqlDatabase }}"
+ POSTGRES_USER: "{{ .Values.postgresql.postgresqlUsername }}"
+ POSTGRES_PASSWORD:
+ secretKeyRef:
+ name: dbcreds
+ key: postgresql-password
+ POSTGRES_HOST:
+ secretKeyRef:
+ name: dbcreds
+ key: plainporthost
+ REDIS_HOST:
+ secretKeyRef:
+ name: rediscreds
+ key: plainhost
+ REDIS_HOST_PASSWORD:
+ secretKeyRef:
+ name: rediscreds
+ key: redis-password
+
+envFrom:
+ - configMapRef:
+ name: nextcloudconfig
+
+persistence:
+ html:
+ enabled: true
+ mountPath: "/var/www/html"
+ data:
+ enabled: true
+ mountPath: "/var/www/html/data"
+ varrun:
+ enabled: true
+ cache:
+ enabled: true
+ type: emptyDir
+ mountPath: /var/cache/nginx
+ medium: Memory
+ nginx:
+ enabled: "true"
+ mountPath: "/etc/nginx"
+ noMount: true
+ readOnly: true
+ type: "custom"
+ volumeSpec:
+ configMap:
+ name: '{{ include "tc.common.names.fullname" . }}-nginx'
+ items:
+ - key: nginx.conf
+ path: nginx.conf
+
+configmap:
+ nginx:
+ enabled: true
+ data:
+ nginx.conf: |-
+ worker_processes auto;
+
+ error_log /var/log/nginx/error.log warn;
+ pid /var/run/nginx.pid;
+
+
+ events {
+ worker_connections 1024;
+ }
+
+
+ http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ access_log /var/log/nginx/access.log main;
+
+ sendfile on;
+ #tcp_nopush on;
+
+ # Prevent nginx HTTP Server Detection
+ server_tokens off;
+
+ keepalive_timeout 65;
+
+ #gzip on;
+
+ upstream php-handler {
+ server 127.0.0.1:9000;
+ }
+
+ server {
+ listen 8080;
+ absolute_redirect off;
+
+ # Forward Notify_Push "High Performance Backend" to it's own container
+ location ^~ /push/ {
+ proxy_pass http://127.0.0.1:7867/;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "Upgrade";
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ }
+
+ # HSTS settings
+ # WARNING: Only add the preload option once you read about
+ # the consequences in https://hstspreload.org/. This option
+ # will add the domain to a hardcoded list that is shipped
+ # in all major browsers and getting removed from this list
+ # could take several months.
+ #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
+
+ # set max upload size
+ client_max_body_size 512M;
+ fastcgi_buffers 64 4K;
+
+ # Enable gzip but do not remove ETag headers
+ gzip on;
+ gzip_vary on;
+ gzip_comp_level 4;
+ gzip_min_length 256;
+ gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
+ gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
+
+ # Pagespeed is not supported by Nextcloud, so if your server is built
+ # with the `ngx_pagespeed` module, uncomment this line to disable it.
+ #pagespeed off;
+
+ # HTTP response headers borrowed from Nextcloud `.htaccess`
+ add_header Referrer-Policy "no-referrer" always;
+ add_header X-Content-Type-Options "nosniff" always;
+ add_header X-Download-Options "noopen" always;
+ add_header X-Frame-Options "SAMEORIGIN" always;
+ add_header X-Permitted-Cross-Domain-Policies "none" always;
+ add_header X-Robots-Tag "none" always;
+ add_header X-XSS-Protection "1; mode=block" always;
+
+ # Remove X-Powered-By, which is an information leak
+ fastcgi_hide_header X-Powered-By;
+
+ # Path to the root of your installation
+ root /var/www/html;
+
+ # Specify how to handle directories -- specifying `/index.php$request_uri`
+ # here as the fallback means that Nginx always exhibits the desired behaviour
+ # when a client requests a path that corresponds to a directory that exists
+ # on the server. In particular, if that directory contains an index.php file,
+ # that file is correctly served; if it doesn't, then the request is passed to
+ # the front-end controller. This consistent behaviour means that we don't need
+ # to specify custom rules for certain paths (e.g. images and other assets,
+ # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
+ # `try_files $uri $uri/ /index.php$request_uri`
+ # always provides the desired behaviour.
+ index index.php index.html /index.php$request_uri;
+
+ # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
+ location = / {
+ if ( $http_user_agent ~ ^DavClnt ) {
+ return 302 /remote.php/webdav/$is_args$args;
+ }
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Make a regex exception for `/.well-known` so that clients can still
+ # access it despite the existence of the regex rule
+ # `location ~ /(\.|autotest|...)` which would otherwise handle requests
+ # for `/.well-known`.
+ location ^~ /.well-known {
+ # The rules in this block are an adaptation of the rules
+ # in `.htaccess` that concern `/.well-known`.
+
+ location = /.well-known/carddav { return 301 /remote.php/dav/; }
+ location = /.well-known/caldav { return 301 /remote.php/dav/; }
+
+ # according to the documentation these two lines are not necessary, but some users are still recieving errors
+ location = /.well-known/webfinger { return 301 /index.php$uri; }
+ location = /.well-known/nodeinfo { return 301 /index.php$uri; }
+
+ location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
+ location /.well-known/pki-validation { try_files $uri $uri/ =404; }
+
+ # Let Nextcloud's API for `/.well-known` URIs handle all other
+ # requests by passing them to the front-end controller.
+ return 301 /index.php$request_uri;
+ }
+
+ # Rules borrowed from `.htaccess` to hide certain paths from clients
+ location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
+ location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
+
+ # Ensure this block, which passes PHP files to the PHP process, is above the blocks
+ # which handle static assets (as seen below). If this block is not declared first,
+ # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
+ # to the URI, resulting in a HTTP 500 error response.
+ location ~ \.php(?:$|/) {
+ # Required for legacy support
+ rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
+
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ set $path_info $fastcgi_path_info;
+
+ try_files $fastcgi_script_name =404;
+
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $path_info;
+ #fastcgi_param HTTPS on;
+
+ fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
+ fastcgi_param front_controller_active true; # Enable pretty urls
+ fastcgi_pass php-handler;
+
+ fastcgi_intercept_errors on;
+ fastcgi_request_buffering off;
+ }
+
+ location ~ \.(?:css|js|svg|gif)$ {
+ try_files $uri /index.php$request_uri;
+ expires 6M; # Cache-Control policy borrowed from `.htaccess`
+ access_log off; # Optional: Don't log access to assets
+ }
+
+ location ~ \.woff2?$ {
+ try_files $uri /index.php$request_uri;
+ expires 7d; # Cache-Control policy borrowed from `.htaccess`
+ access_log off; # Optional: Don't log access to assets
+ }
+
+ # Rule borrowed from `.htaccess`
+ location /remote {
+ return 301 /remote.php$request_uri;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php$request_uri;
+ }
+ }
+ }
+
+cronjob:
+ enabled: true
+ generatePreviews: true
+ schedule: "*/5 * * * *"
+ annotations: {}
+ failedJobsHistoryLimit: 5
+ successfulJobsHistoryLimit: 2
+
+hpb:
+ enabled: true
+
+imaginary:
+ enabled: true
+
+collabora:
+ enabled: false
+ env:
+ aliasgroup1:
+ configMapRef:
+ name: nextcloudconfig
+ key: aliasgroup1
+ dictionaries: "de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru"
+ extra_params: "--o:welcome.enable=false --o:logging.level=information --o:user_interface.mode=notebookbar --o:ssl.termination=true --o:ssl.enable=false "
+ server_name: ""
+ DONT_GEN_SSL_CERT: true
+
+postgresql:
+ enabled: true
+ existingSecret: "dbcreds"
+ postgresqlUsername: nextcloud
+ postgresqlDatabase: nextcloud
+
+redis:
+ enabled: true
+ existingSecret: "rediscreds"
diff --git a/stable/nextcloud/15.2.1/questions.yaml b/stable/nextcloud/15.2.1/questions.yaml
new file mode 100644
index 00000000000..f4b1c63ff2b
--- /dev/null
+++ b/stable/nextcloud/15.2.1/questions.yaml
@@ -0,0 +1,2653 @@
+groups:
+ - name: "Container Image"
+ description: "Image to be used for container"
+ - name: "Controller"
+ description: "Configure workload deployment"
+ - name: "Container Configuration"
+ description: "additional container configuration"
+ - name: "App Configuration"
+ description: "App specific config options"
+ - name: "Networking and Services"
+ description: "Configure Network and Services for container"
+ - name: "Storage and Persistence"
+ description: "Persist and share data that is separate from the container"
+ - name: "Ingress"
+ description: "Ingress Configuration"
+ - name: "Security and Permissions"
+ description: "Configure security context and permissions"
+ - name: "Resources and Devices"
+ description: "Specify resources/devices to be allocated to workload"
+ - name: "Middlewares"
+ description: "Traefik Middlewares"
+ - name: "Metrics"
+ description: "Metrics"
+ - name: "Addons"
+ description: "Addon Configuration"
+ - name: "Advanced"
+ description: "Advanced Configuration"
+portals:
+ open:
+ protocols:
+ - "$kubernetes-resource_configmap_portal_protocol"
+ host:
+ - "$kubernetes-resource_configmap_portal_host"
+ ports:
+ - "$kubernetes-resource_configmap_portal_port"
+questions:
+ - variable: portal
+ group: "Container Image"
+ label: "Configure Portal Button"
+ schema:
+ type: dict
+ hidden: true
+ attrs:
+ - variable: enabled
+ label: "Enable"
+ description: "enable the portal button"
+ schema:
+ hidden: true
+ editable: false
+ type: boolean
+ default: true
+ - variable: global
+ label: "global settings"
+ group: "Controller"
+ schema:
+ type: dict
+ hidden: true
+ attrs:
+ - variable: isSCALE
+ label: "flag this is SCALE"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: controller
+ group: "Controller"
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: advanced
+ label: "Show Advanced Controller Settings"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: type
+ description: "Please specify type of workload to deploy"
+ label: "(Advanced) Controller Type"
+ schema:
+ type: string
+ default: "deployment"
+ required: true
+ enum:
+ - value: "deployment"
+ description: "Deployment"
+ - value: "statefulset"
+ description: "Statefulset"
+ - value: "daemonset"
+ description: "Daemonset"
+ - variable: replicas
+ description: "Number of desired pod replicas"
+ label: "Desired Replicas"
+ schema:
+ type: int
+ default: 1
+ required: true
+ - variable: strategy
+ description: "Please specify type of workload to deploy"
+ label: "(Advanced) Update Strategy"
+ schema:
+ type: string
+ default: "Recreate"
+ required: true
+ enum:
+ - value: "Recreate"
+ description: "Recreate: Kill existing pods before creating new ones"
+ - value: "RollingUpdate"
+ description: "RollingUpdate: Create new pods and then kill old ones"
+ - value: "OnDelete"
+ description: "(Legacy) OnDelete: ignore .spec.template changes"
+ - variable: expert
+ label: "Show Expert Configuration Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: extraArgs
+ label: "Extra Args"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: arg
+ label: "arg"
+ schema:
+ type: string
+ - variable: labelsList
+ label: "Controller Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: " Controller Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: secretEnv
+ group: "Container Configuration"
+ label: "Image Secrets"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: NEXTCLOUD_ADMIN_USER
+ label: "NEXTCLOUD_ADMIN_USER (First Install Only)"
+ description: "Sets the initial nextcloud's admin username, changing this variable after first launch will NOT change admin's username"
+ schema:
+ type: string
+ required: true
+ default: "REPLACETHIS"
+ - variable: NEXTCLOUD_ADMIN_PASSWORD
+ label: "NEXTCLOUD_ADMIN_PASSWORD (First Install Only)"
+ description: "Sets the initial nextcloud's admin password, changing this variable after first launch will NOT change admin's password"
+ schema:
+ type: string
+ private: true
+ required: true
+ default: "REPLACETHIS"
+ - variable: env
+ group: "Container Configuration"
+ label: "Image Environment"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: TRUSTED_PROXIES
+ label: "Trusted Proxies (First Install Only - Advanced)"
+ description: "Sets nextcloud Trusted Proxies"
+ schema:
+ type: string
+ default: "172.16.0.0/16 127.0.0.1"
+ - variable: AccessIP
+ label: "Access IP"
+ description: "Set to the IP-Address used to reach Nextcloud. Most often the Service or NodePort IP (Ensure this is correct!)"
+ schema:
+ type: string
+ required: true
+ $ref:
+ - "definitions/nodeIP"
+
+ - variable: TZ
+ label: "Timezone"
+ group: "Container Configuration"
+ schema:
+ type: string
+ default: "Etc/UTC"
+ $ref:
+ - "definitions/timezone"
+
+ - variable: envList
+ label: "Image environment"
+ group: "Container Configuration"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: expertpodconf
+ group: "Container Configuration"
+ label: "Show Expert Config"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: tty
+ label: "Enable TTY"
+ description: "Determines whether containers in a pod runs with TTY enabled. By default pod has it disabled."
+ group: "Workload Details"
+ schema:
+ type: boolean
+ default: false
+ - variable: stdin
+ label: "Enable STDIN"
+ description: "Determines whether containers in a pod runs with stdin enabled. By default pod has it disabled."
+ group: "Workload Details"
+ schema:
+ type: boolean
+ default: false
+ - variable: termination
+ group: "Container Configuration"
+ label: "Termination settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: gracePeriodSeconds
+ label: "Grace Period Seconds"
+ schema:
+ type: int
+ default: 10
+ - variable: podLabelsList
+ group: "Container Configuration"
+ label: "Pod Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: podLabelItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: podAnnotationsList
+ group: "Container Configuration"
+ label: "Pod Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: podAnnotationItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: service
+ group: "Networking and Services"
+ label: "Configure Service(s)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service"
+ description: "The Primary service on which the healthcheck runs, often the webUI"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the service"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: "Service Type"
+ description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: "Simple"
+ enum:
+ - value: "Simple"
+ description: "Simple"
+ - value: "ClusterIP"
+ description: "ClusterIP"
+ - value: "NodePort"
+ description: "NodePort (Advanced)"
+ - value: "LoadBalancer"
+ description: "LoadBalancer (Advanced)"
+ - variable: loadBalancerIP
+ label: "LoadBalancer IP"
+ description: "LoadBalancerIP"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: "External IP"
+ schema:
+ type: string
+ - variable: ipFamilyPolicy
+ label: "IP Family Policy"
+ description: "(Advanced) Specify the ip policy"
+ schema:
+ show_if: [["type", "!=", "Simple"]]
+ type: string
+ default: "SingleStack"
+ enum:
+ - value: "SingleStack"
+ description: "SingleStack"
+ - value: "PreferDualStack"
+ description: "PreferDualStack"
+ - value: "RequireDualStack"
+ description: "RequireDualStack"
+ - variable: ipFamilies
+ label: "(advanced) IP families"
+ description: "(advanced) The ip families that should be used"
+ schema:
+ show_if: [["type", "!=", "Simple"]]
+ type: list
+ default: []
+ items:
+ - variable: ipFamily
+ label: "IP family"
+ schema:
+ type: string
+ - variable: ports
+ label: "Service's Port(s) Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Service Port Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: port
+ label: "Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ default: 10020
+ required: true
+ - variable: advanced
+ label: "Show Advanced settings"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: protocol
+ label: "Port Type"
+ schema:
+ type: string
+ default: "HTTP"
+ enum:
+ - value: HTTP
+ description: "HTTP"
+ - value: "HTTPS"
+ description: "HTTPS"
+ - value: TCP
+ description: "TCP"
+ - value: "UDP"
+ description: "UDP"
+ - variable: nodePort
+ label: "Node Port (Optional)"
+ description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
+ schema:
+ type: int
+ min: 9000
+ max: 65535
+ - variable: targetPort
+ label: "Target Port"
+ description: "The internal(!) port on the container the Application runs on"
+ schema:
+ type: int
+ default: 8080
+
+ - variable: serviceexpert
+ group: "Networking and Services"
+ label: "Show Expert Config"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hostNetwork
+ group: "Networking and Services"
+ label: "Host-Networking (Complicated)"
+ schema:
+ type: boolean
+ default: false
+
+ - variable: externalInterfaces
+ description: "Add External Interfaces"
+ label: "Add external Interfaces"
+ group: "Networking"
+ schema:
+ type: list
+ items:
+ - variable: interfaceConfiguration
+ description: "Interface Configuration"
+ label: "Interface Configuration"
+ schema:
+ type: dict
+ $ref:
+ - "normalize/interfaceConfiguration"
+ attrs:
+ - variable: hostInterface
+ description: "Please specify host interface"
+ label: "Host Interface"
+ schema:
+ type: string
+ required: true
+ $ref:
+ - "definitions/interface"
+ - variable: ipam
+ description: "Define how IP Address will be managed"
+ label: "IP Address Management"
+ schema:
+ type: dict
+ required: true
+ attrs:
+ - variable: type
+ description: "Specify type for IPAM"
+ label: "IPAM Type"
+ schema:
+ type: string
+ required: true
+ enum:
+ - value: "dhcp"
+ description: "Use DHCP"
+ - value: "static"
+ description: "Use static IP"
+ show_subquestions_if: "static"
+ subquestions:
+ - variable: staticIPConfigurations
+ label: "Static IP Addresses"
+ schema:
+ type: list
+ items:
+ - variable: staticIP
+ label: "Static IP"
+ schema:
+ type: ipaddr
+ cidr: true
+ - variable: staticRoutes
+ label: "Static Routes"
+ schema:
+ type: list
+ items:
+ - variable: staticRouteConfiguration
+ label: "Static Route Configuration"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: destination
+ label: "Destination"
+ schema:
+ type: ipaddr
+ cidr: true
+ required: true
+ - variable: gateway
+ label: "Gateway"
+ schema:
+ type: ipaddr
+ cidr: false
+ required: true
+
+ - variable: dnsPolicy
+ group: "Networking and Services"
+ label: "dnsPolicy"
+ schema:
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "ClusterFirst"
+ description: "ClusterFirst"
+ - value: "ClusterFirstWithHostNet"
+ description: "ClusterFirstWithHostNet"
+ - value: "None"
+ description: "None"
+
+ - variable: dnsConfig
+ label: "DNS Configuration"
+ group: "Networking and Services"
+ description: "Specify custom DNS configuration which will be applied to the pod"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: nameservers
+ label: "Nameservers"
+ schema:
+ default: []
+ type: list
+ items:
+ - variable: nameserver
+ label: "Nameserver"
+ schema:
+ type: string
+ - variable: options
+ label: "options"
+ schema:
+ default: []
+ type: list
+ items:
+ - variable: option
+ label: "Option Entry"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: searches
+ label: "Searches"
+ schema:
+ default: []
+ type: list
+ items:
+ - variable: search
+ label: "Search Entry"
+ schema:
+ type: string
+
+ - variable: serviceList
+ label: "Add Manual Custom Services"
+ group: "Networking and Services"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: serviceListEntry
+ label: "Custom Service"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the service"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ - variable: type
+ label: "Service Type"
+ description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: "Simple"
+ enum:
+ - value: "Simple"
+ description: "Simple"
+ - value: "NodePort"
+ description: "NodePort"
+ - value: "ClusterIP"
+ description: "ClusterIP"
+ - value: "LoadBalancer"
+ description: "LoadBalancer"
+ - variable: loadBalancerIP
+ label: "LoadBalancer IP"
+ description: "LoadBalancerIP"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: "External IP"
+ schema:
+ type: string
+ - variable: portsList
+ label: "Additional Service Ports"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: portsListEntry
+ label: "Custom ports"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the port"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Port Name"
+ schema:
+ type: string
+ default: ""
+ - variable: protocol
+ label: "Port Type"
+ schema:
+ type: string
+ default: "TCP"
+ enum:
+ - value: HTTP
+ description: "HTTP"
+ - value: "HTTPS"
+ description: "HTTPS"
+ - value: TCP
+ description: "TCP"
+ - value: "UDP"
+ description: "UDP"
+ - variable: targetPort
+ label: "Target Port"
+ description: "This port exposes the container port on the service"
+ schema:
+ type: int
+ required: true
+ - variable: port
+ label: "Container Port"
+ schema:
+ type: int
+ required: true
+ - variable: nodePort
+ label: "Node Port (Optional)"
+ description: "This port gets exposed to the node. Only considered when service type is NodePort"
+ schema:
+ type: int
+ min: 9000
+ max: 65535
+
+ - variable: persistence
+ label: "Integrated Persistent Storage"
+ description: "Integrated Persistent Storage"
+ group: "Storage and Persistence"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: html
+ label: "App html Storage"
+ description: "Stores the Application html."
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: "Type of Storage"
+ description: "Sets the persistence type, Anything other than PVC could break rollback!"
+ schema:
+ type: string
+ default: "simplePVC"
+ enum:
+ - value: "simplePVC"
+ description: "PVC (simple)"
+ - value: "simpleHP"
+ description: "HostPath (simple)"
+ - value: "emptyDir"
+ description: "emptyDir"
+ - value: "pvc"
+ description: "pvc"
+ - value: "hostPath"
+ description: "hostPath"
+ - value: "nfs"
+ description: "NFS Share"
+ - variable: server
+ label: "NFS server"
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: "Path on NFS server"
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: setPermissionsSimple
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "simpleHP"]]
+ type: boolean
+ default: true
+ - variable: setPermissions
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: boolean
+ default: true
+ - variable: readOnly
+ label: "readOnly"
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPathSimple
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "simpleHP"]]
+ type: hostpath
+ - variable: hostPath
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: medium
+ label: "EmptyDir Medium"
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "Memory"
+ description: "Memory"
+ - variable: size
+ label: "Size quotum of storage"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "999Gi"
+ - variable: hostPathType
+ label: "(Advanced) hostPath Type"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "DirectoryOrCreate"
+ description: "DirectoryOrCreate"
+ - value: "Directory"
+ description: "Directory"
+ - value: "FileOrCreate"
+ description: "FileOrCreate"
+ - value: "File"
+ description: "File"
+ - value: "Socket"
+ description: "Socket"
+ - value: "CharDevice"
+ description: "CharDevice"
+ - value: "BlockDevice"
+ description: "BlockDevice"
+ - variable: storageClass
+ label: "(Advanced) storageClass"
+ description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "SCALE-ZFS"
+ - variable: accessMode
+ label: "(Advanced) Access Mode"
+ description: "Allow or disallow multiple PVC's writhing to the same PV"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "ReadWriteOnce"
+ enum:
+ - value: "ReadWriteOnce"
+ description: "ReadWriteOnce"
+ - value: "ReadOnlyMany"
+ description: "ReadOnlyMany"
+ - value: "ReadWriteMany"
+ description: "ReadWriteMany"
+ - variable: advanced
+ label: "Show Advanced Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: data
+ label: "UserData Storage"
+ description: "Stores the User Data."
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: "Type of Storage"
+ description: "Sets the persistence type, Anything other than PVC could break rollback!"
+ schema:
+ type: string
+ default: "simplePVC"
+ enum:
+ - value: "simplePVC"
+ description: "PVC (simple)"
+ - value: "simpleHP"
+ description: "HostPath (simple)"
+ - value: "emptyDir"
+ description: "emptyDir"
+ - value: "pvc"
+ description: "pvc"
+ - value: "hostPath"
+ description: "hostPath"
+ - value: "nfs"
+ description: "NFS Share"
+ - variable: server
+ label: "NFS server"
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: "Path on NFS server"
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: setPermissionsSimple
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "simpleHP"]]
+ type: boolean
+ default: true
+ - variable: setPermissions
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: boolean
+ default: true
+ - variable: readOnly
+ label: "readOnly"
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPathSimple
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "simpleHP"]]
+ type: hostpath
+ - variable: hostPath
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: medium
+ label: "EmptyDir Medium"
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "Memory"
+ description: "Memory"
+ - variable: size
+ label: "Size quotum of storage"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "999Gi"
+ - variable: hostPathType
+ label: "(Advanced) hostPath Type"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "DirectoryOrCreate"
+ description: "DirectoryOrCreate"
+ - value: "Directory"
+ description: "Directory"
+ - value: "FileOrCreate"
+ description: "FileOrCreate"
+ - value: "File"
+ description: "File"
+ - value: "Socket"
+ description: "Socket"
+ - value: "CharDevice"
+ description: "CharDevice"
+ - value: "BlockDevice"
+ description: "BlockDevice"
+ - variable: storageClass
+ label: "(Advanced) storageClass"
+ description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "SCALE-ZFS"
+ - variable: accessMode
+ label: "(Advanced) Access Mode"
+ description: "Allow or disallow multiple PVC's writhing to the same PV"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "ReadWriteOnce"
+ enum:
+ - value: "ReadWriteOnce"
+ description: "ReadWriteOnce"
+ - value: "ReadOnlyMany"
+ description: "ReadOnlyMany"
+ - value: "ReadWriteMany"
+ description: "ReadWriteMany"
+ - variable: advanced
+ label: "Show Advanced Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: persistenceList
+ label: "Additional app storage"
+ group: "Storage and Persistence"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: persistenceListEntry
+ label: "Custom Storage"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the storage"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Name (optional)"
+ description: "Not required, please set to config when mounting /config or temp when mounting /tmp"
+ schema:
+ type: string
+ - variable: type
+ label: "Type of Storage"
+ description: "Sets the persistence type, Anything other than PVC could break rollback!"
+ schema:
+ type: string
+ default: "simpleHP"
+ enum:
+ - value: "simplePVC"
+ description: "PVC (simple)"
+ - value: "simpleHP"
+ description: "HostPath (simple)"
+ - value: "emptyDir"
+ description: "emptyDir"
+ - value: "pvc"
+ description: "pvc"
+ - value: "hostPath"
+ description: "hostPath"
+ - value: "nfs"
+ description: "NFS Share"
+ - variable: server
+ label: "NFS server"
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: path
+ label: "Path on NFS server"
+ schema:
+ show_if: [["type", "=", "nfs"]]
+ type: string
+ default: ""
+ - variable: setPermissionsSimple
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "simpleHP"]]
+ type: boolean
+ default: true
+ - variable: setPermissions
+ label: "Automatic Permissions"
+ description: "Automatically set permissions on install"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: boolean
+ default: true
+ - variable: readOnly
+ label: "readOnly"
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPathSimple
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "simpleHP"]]
+ type: hostpath
+ - variable: hostPath
+ label: "hostPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: hostpath
+ - variable: mountPath
+ label: "mountPath"
+ description: "Path inside the container the storage is mounted"
+ schema:
+ type: string
+ default: ""
+ required: true
+ valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
+ - variable: medium
+ label: "EmptyDir Medium"
+ schema:
+ show_if: [["type", "=", "emptyDir"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "Memory"
+ description: "Memory"
+ - variable: size
+ label: "Size quotum of storage"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "999Gi"
+ - variable: hostPathType
+ label: "(Advanced) hostPath Type"
+ schema:
+ show_if: [["type", "=", "hostPath"]]
+ type: string
+ default: ""
+ enum:
+ - value: ""
+ description: "Default"
+ - value: "DirectoryOrCreate"
+ description: "DirectoryOrCreate"
+ - value: "Directory"
+ description: "Directory"
+ - value: "FileOrCreate"
+ description: "FileOrCreate"
+ - value: "File"
+ description: "File"
+ - value: "Socket"
+ description: "Socket"
+ - value: "CharDevice"
+ description: "CharDevice"
+ - value: "BlockDevice"
+ description: "BlockDevice"
+ - variable: storageClass
+ label: "(Advanced) storageClass"
+ description: "Warning: Anything other than SCALE-ZFS or empty will break rollback!"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "SCALE-ZFS"
+ - variable: accessMode
+ label: "(Advanced) Access Mode"
+ description: "Allow or disallow multiple PVC's writhing to the same PV"
+ schema:
+ show_if: [["type", "=", "pvc"]]
+ type: string
+ default: "ReadWriteOnce"
+ enum:
+ - value: "ReadWriteOnce"
+ description: "ReadWriteOnce"
+ - value: "ReadOnlyMany"
+ description: "ReadOnlyMany"
+ - value: "ReadWriteMany"
+ description: "ReadWriteMany"
+ - variable: advanced
+ label: "Show Advanced Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: ingress
+ label: ""
+ group: "Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: main
+ label: "Main Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Ingress"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: hosts
+ label: "Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: "Host"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: "HostName"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: "Paths"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: "Host"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: "pathType"
+ schema:
+ type: string
+ required: true
+ default: "Prefix"
+
+ - variable: tls
+ label: "TLS-Settings"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: tlsEntry
+ label: "Host"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: "Certificate Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: "Host"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: scaleCert
+ label: "Select TrueNAS SCALE Certificate"
+ schema:
+ type: int
+ $ref:
+ - "definitions/certificate"
+
+ - variable: entrypoint
+ label: "(Advanced) Traefik Entrypoint"
+ description: "Entrypoint used by Traefik when using Traefik as Ingress Provider"
+ schema:
+ type: string
+ default: "websecure"
+ required: true
+ - variable: middlewares
+ label: "Traefik Middlewares"
+ description: "Add previously created Traefik Middlewares to this Ingress"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: expert
+ label: "Show Expert Configuration Options"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: enableFixedMiddlewares
+ description: "These middlewares enforce a number of best practices."
+ label: "Enable Default Middlewares"
+ schema:
+ type: boolean
+ default: true
+ - variable: ingressClassName
+ label: "IngressClass Name"
+ schema:
+ type: string
+ default: ""
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+
+ - variable: ingressList
+ label: "Add Manual Custom Ingresses"
+ group: "Ingress"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: ingressListEntry
+ label: "Custom Ingress"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable Ingress"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ - variable: ingressClassName
+ label: "IngressClass Name"
+ schema:
+ type: string
+ default: ""
+ - variable: labelsList
+ label: "Labels"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: labelItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: annotationsList
+ label: "Annotations"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: annotationItem
+ label: "Label"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ - variable: hosts
+ label: "Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: hostEntry
+ label: "Host"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: host
+ label: "HostName"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: paths
+ label: "Paths"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: pathEntry
+ label: "Host"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: path
+ label: "path"
+ schema:
+ type: string
+ required: true
+ default: "/"
+ - variable: pathType
+ label: "pathType"
+ schema:
+ type: string
+ required: true
+ default: "Prefix"
+ - variable: service
+ label: "Linked Service"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Service Name"
+ schema:
+ type: string
+ default: ""
+ - variable: port
+ label: "Service Port"
+ schema:
+ type: int
+ - variable: tls
+ label: "TLS-Settings"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: tlsEntry
+ label: "Host"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: hosts
+ label: "Certificate Hosts"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: host
+ label: "Host"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: scaleCert
+ label: "Select TrueNAS SCALE Certificate"
+ schema:
+ type: int
+ $ref:
+ - "definitions/certificate"
+ - variable: entrypoint
+ label: "Traefik Entrypoint"
+ description: "Entrypoint used by Traefik when using Traefik as Ingress Provider"
+ schema:
+ type: string
+ default: "websecure"
+ required: true
+ - variable: middlewares
+ label: "Traefik Middlewares"
+ description: "Add previously created Traefik Middlewares to this Ingress"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ default: ""
+ required: true
+
+ - variable: security
+ label: "Container Security Settings"
+ group: "Security and Permissions"
+ schema:
+ type: dict
+ additional_attrs: true
+ attrs:
+ - variable: editsecurity
+ label: "Change PUID / UMASK values"
+ description: "By enabling this you override default set values."
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: PUID
+ label: "Process User ID - PUID"
+ description: "When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps"
+ schema:
+ type: int
+ default: 568
+ - variable: UMASK
+ label: "UMASK"
+ description: "When supported by the container, this sets the UMASK for tha App. Not supported by all Apps"
+ schema:
+ type: string
+ default: "002"
+
+ - variable: advancedSecurity
+ label: "Show Advanced Security Settings"
+ group: "Security and Permissions"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: securityContext
+ label: "Security Context"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: privileged
+ label: "Privileged mode"
+ schema:
+ type: boolean
+ default: false
+ - variable: readOnlyRootFilesystem
+ label: "ReadOnly Root Filesystem"
+ schema:
+ type: boolean
+ default: false
+ - variable: allowPrivilegeEscalation
+ label: "Allow Privilege Escalation"
+ schema:
+ type: boolean
+ default: false
+ - variable: runAsNonRoot
+ label: "runAsNonRoot"
+ schema:
+ type: boolean
+ default: false
+ - variable: capabilities
+ label: "Capabilities"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: drop
+ label: "Drop Capability"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: dropEntry
+ label: ""
+ schema:
+ type: string
+ - variable: add
+ label: "Add Capability"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: addEntry
+ label: ""
+ schema:
+ type: string
+
+ - variable: podSecurityContext
+ group: "Security and Permissions"
+ label: "Pod Security Context"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: runAsUser
+ label: "runAsUser"
+ description: "The UserID of the user running the application"
+ schema:
+ type: int
+ default: 0
+ - variable: runAsGroup
+ label: "runAsGroup"
+ description: "The groupID this App of the user running the application"
+ schema:
+ type: int
+ default: 0
+ - variable: fsGroup
+ label: "fsGroup"
+ description: "The group that should own ALL storage."
+ schema:
+ type: int
+ default: 33
+ - variable: fsGroupChangePolicy
+ label: "When should we take ownership?"
+ schema:
+ type: string
+ default: "OnRootMismatch"
+ enum:
+ - value: "OnRootMismatch"
+ description: "OnRootMismatch"
+ - value: "Always"
+ description: "Always"
+ - variable: supplementalGroups
+ label: "supplemental Groups"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: supplementalGroupsEntry
+ label: "supplemental Group"
+ schema:
+ type: int
+
+
+ - variable: advancedresources
+ label: "Set Custom Resource Limits/Requests (Advanced)"
+ group: "Resources and Devices"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: resources
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: limits
+ label: "Advanced Limit Resource Consumption"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cpu
+ label: "CPU"
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/"
+ schema:
+ type: string
+ default: "4000m"
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "RAM"
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/"
+ schema:
+ type: string
+ default: "8Gi"
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+ - variable: requests
+ label: "Minimum Resources Required (request)"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: cpu
+ label: "CPU"
+ description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/indepth/validation/"
+ schema:
+ type: string
+ default: "10m"
+ valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
+ - variable: memory
+ label: "RAM"
+ description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/indepth/validation/"
+ schema:
+ type: string
+ default: "50Mi"
+ valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
+
+ - variable: deviceList
+ label: "Mount USB devices"
+ group: "Resources and Devices"
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: deviceListEntry
+ label: "Device"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "Enable the storage"
+ schema:
+ type: boolean
+ default: true
+ - variable: type
+ label: "(Advanced) Type of Storage"
+ description: "Sets the persistence type"
+ schema:
+ type: string
+ default: "hostPath"
+ hidden: true
+ - variable: readOnly
+ label: "readOnly"
+ schema:
+ type: boolean
+ default: false
+ - variable: hostPath
+ label: "Host Device Path"
+ description: "Path to the device on the host system"
+ schema:
+ type: path
+ - variable: mountPath
+ label: "Container Device Path"
+ description: "Path inside the container the device is mounted"
+ schema:
+ type: string
+ default: "/dev/ttyACM0"
+
+ # Specify GPU configuration
+ - variable: scaleGPU
+ label: "GPU Configuration"
+ group: "Resources and Devices"
+ schema:
+ type: dict
+ $ref:
+ - "definitions/gpuConfiguration"
+ attrs: []
+
+# - variable: autoscaling
+# group: "Advanced"
+# label: "(Advanced) Horizontal Pod Autoscaler"
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: enabled
+# label: "enabled"
+# schema:
+# type: boolean
+# default: false
+# show_subquestions_if: true
+# subquestions:
+# - variable: target
+# label: "Target"
+# description: "deployment name, defaults to main deployment"
+# schema:
+# type: string
+# default: ""
+# - variable: minReplicas
+# label: "Minimum Replicas"
+# schema:
+# type: int
+# default: 1
+# - variable: maxReplicas
+# label: "Maximum Replicas"
+# schema:
+# type: int
+# default: 5
+# - variable: targetCPUUtilizationPercentage
+# label: "Target CPU Utilization Percentage"
+# schema:
+# type: int
+# default: 80
+# - variable: targetMemoryUtilizationPercentage
+# label: "Target Memory Utilization Percentage"
+# schema:
+# type: int
+# default: 80
+# - variable: networkPolicy
+# group: "Advanced"
+# label: "(Advanced) Network Policy"
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: enabled
+# label: "enabled"
+# schema:
+# type: boolean
+# default: false
+# show_subquestions_if: true
+# subquestions:
+# - variable: policyType
+# label: "Policy Type"
+# schema:
+# type: string
+# default: ""
+# enum:
+# - value: ""
+# description: "Default"
+# - value: "ingress"
+# description: "Ingress"
+# - value: "egress"
+# description: "Egress"
+# - value: "ingress-egress"
+# description: "Ingress and Egress"
+# - variable: egress
+# label: "Egress"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: egressEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: to
+# label: "To"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: toEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: ipBlock
+# label: "ipBlock"
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: cidr
+# label: "cidr"
+# schema:
+# type: string
+# default: ""
+# - variable: except
+# label: "except"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: exceptint
+# label: ""
+# schema:
+# type: string
+# - variable: namespaceSelector
+# label: "namespaceSelector"
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: matchExpressions
+# label: "matchExpressions"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: expressionEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: key
+# label: "Key"
+# schema:
+# type: string
+# - variable: operator
+# label: "operator"
+# schema:
+# type: string
+# default: "TCP"
+# enum:
+# - value: "In"
+# description: "In"
+# - value: "NotIn"
+# description: "NotIn"
+# - value: "Exists "
+# description: "Exists "
+# - value: "DoesNotExist "
+# description: "DoesNotExist "
+# - variable: values
+# label: "values"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: value
+# label: ""
+# schema:
+# type: string
+# - variable: podSelector
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: matchExpressions
+# label: "matchExpressions"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: expressionEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: key
+# label: "Key"
+# schema:
+# type: string
+# - variable: operator
+# label: "operator"
+# schema:
+# type: string
+# default: "TCP"
+# enum:
+# - value: "In"
+# description: "In"
+# - value: "NotIn"
+# description: "NotIn"
+# - value: "Exists "
+# description: "Exists "
+# - value: "DoesNotExist "
+# description: "DoesNotExist "
+# - variable: values
+# label: "values"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: value
+# label: ""
+# schema:
+# type: string
+# - variable: ports
+# label: "Ports"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: portsEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: port
+# label: "port"
+# schema:
+# type: int
+# - variable: endPort
+# label: "port"
+# schema:
+# type: int
+# - variable: protocol
+# label: "Protocol"
+# schema:
+# type: string
+# default: "TCP"
+# enum:
+# - value: "TCP"
+# description: "TCP"
+# - value: "UDP"
+# description: "UDP"
+# - value: "SCTP"
+# description: "SCTP"
+# - variable: ingress
+# label: "Ingress"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: ingressEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: from
+# label: "From"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: fromEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: ipBlock
+# label: "ipBlock"
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: cidr
+# label: "cidr"
+# schema:
+# type: string
+# default: ""
+# - variable: except
+# label: "except"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: exceptint
+# label: ""
+# schema:
+# type: string
+# - variable: namespaceSelector
+# label: "namespaceSelector"
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: matchExpressions
+# label: "matchExpressions"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: expressionEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: key
+# label: "Key"
+# schema:
+# type: string
+# - variable: operator
+# label: "operator"
+# schema:
+# type: string
+# default: "TCP"
+# enum:
+# - value: "In"
+# description: "In"
+# - value: "NotIn"
+# description: "NotIn"
+# - value: "Exists "
+# description: "Exists "
+# - value: "DoesNotExist "
+# description: "DoesNotExist "
+# - variable: values
+# label: "values"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: value
+# label: ""
+# schema:
+# type: string
+# - variable: podSelector
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: matchExpressions
+# label: "matchExpressions"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: expressionEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: key
+# label: "Key"
+# schema:
+# type: string
+# - variable: operator
+# label: "operator"
+# schema:
+# type: string
+# default: "TCP"
+# enum:
+# - value: "In"
+# description: "In"
+# - value: "NotIn"
+# description: "NotIn"
+# - value: "Exists "
+# description: "Exists "
+# - value: "DoesNotExist "
+# description: "DoesNotExist "
+# - variable: values
+# label: "values"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: value
+# label: ""
+# schema:
+# type: string
+# - variable: ports
+# label: "Ports"
+# schema:
+# type: list
+# default: []
+# items:
+# - variable: portsEntry
+# label: ""
+# schema:
+# additional_attrs: true
+# type: dict
+# attrs:
+# - variable: port
+# label: "port"
+# schema:
+# type: int
+# - variable: endPort
+# label: "port"
+# schema:
+# type: int
+# - variable: protocol
+# label: "Protocol"
+# schema:
+# type: string
+# default: "TCP"
+# enum:
+# - value: "TCP"
+# description: "TCP"
+# - value: "UDP"
+# description: "UDP"
+# - value: "SCTP"
+# description: "SCTP"
+
+
+ - variable: addons
+ group: "Addons"
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: vpn
+ label: "VPN"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: "Type"
+ schema:
+ type: string
+ default: "disabled"
+ enum:
+ - value: "disabled"
+ description: "disabled"
+ - value: "openvpn"
+ description: "OpenVPN"
+ - value: "wireguard"
+ description: "Wireguard"
+ - variable: openvpn
+ label: "OpenVPN Settings"
+ schema:
+ type: dict
+ show_if: [["type", "=", "openvpn"]]
+ attrs:
+ - variable: username
+ label: "authentication username"
+ description: "authentication username, optional"
+ schema:
+ type: string
+ default: ""
+ - variable: password
+ label: "authentication password"
+ description: "authentication credentials"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: killSwitch
+ label: "Enable killswitch"
+ schema:
+ type: boolean
+ show_if: [["type", "!=", "disabled"]]
+ default: true
+ - variable: excludedNetworks_IPv4
+ label: "Killswitch Excluded IPv4 networks"
+ description: "list of killswitch excluded ipv4 addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv4
+ label: "IPv4 Network"
+ schema:
+ type: string
+ required: true
+ - variable: excludedNetworks_IPv6
+ label: "Killswitch Excluded IPv6 networks"
+ description: "list of killswitch excluded ipv4 addresses"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: networkv6
+ label: "IPv6 Network"
+ schema:
+ type: string
+ required: true
+
+ - variable: configFile
+ label: "VPN Config File Location"
+ schema:
+ type: dict
+ show_if: [["type", "!=", "disabled"]]
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: type
+ label: "type"
+ schema:
+ type: string
+ default: "hostPath"
+ hidden: true
+ - variable: hostPathType
+ label: "hostPathType"
+ schema:
+ type: string
+ default: "File"
+ hidden: true
+ - variable: noMount
+ label: "noMount"
+ schema:
+ type: boolean
+ default: true
+ hidden: true
+ - variable: hostPath
+ label: "Full path to file"
+ description: "path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
+ schema:
+ type: string
+ default: ""
+ required: true
+ - variable: envList
+ label: "VPN environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
+
+ - variable: codeserver
+ label: "Codeserver"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: git
+ label: "Git Settings"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: deployKey
+ description: "Raw SSH private key"
+ label: "deployKey"
+ schema:
+ type: string
+ - variable: deployKeyBase64
+ description: "Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence"
+ label: "deployKeyBase64"
+ schema:
+ type: string
+ - variable: service
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: type
+ label: "Service Type"
+ description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
+ schema:
+ type: string
+ default: "NodePort"
+ enum:
+ - value: "NodePort"
+ description: "NodePort"
+ - value: "ClusterIP"
+ description: "ClusterIP"
+ - value: "LoadBalancer"
+ description: "LoadBalancer"
+ - variable: loadBalancerIP
+ label: "LoadBalancer IP"
+ description: "LoadBalancerIP"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: string
+ default: ""
+ - variable: externalIPs
+ label: "External IP's"
+ description: "External IP's"
+ schema:
+ show_if: [["type", "=", "LoadBalancer"]]
+ type: list
+ default: []
+ items:
+ - variable: externalIP
+ label: "External IP"
+ schema:
+ type: string
+ - variable: ports
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: codeserver
+ label: ""
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: nodePort
+ description: "leave empty to disable"
+ label: "nodePort"
+ schema:
+ type: int
+ default: 36107
+ - variable: envList
+ label: "Codeserver environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
+
+
+ - variable: promtail
+ label: "Promtail"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: loki
+ label: "Loki URL"
+ schema:
+ type: string
+ required: true
+ - variable: logs
+ label: "Log Paths"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: path
+ label: "Path"
+ schema:
+ type: string
+ required: true
+ - variable: args
+ label: "Promtail ecommand line arguments"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: arg
+ label: "Arg"
+ schema:
+ type: string
+ required: true
+ - variable: envList
+ label: "Promtail environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
+
+
+
+
+ - variable: netshoot
+ label: "Netshoot"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: enabled
+ label: "enabled"
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: envList
+ label: "Netshoot environment Variables"
+ schema:
+ type: list
+ show_if: [["type", "!=", "disabled"]]
+ default: []
+ items:
+ - variable: envItem
+ label: "Environment Variable"
+ schema:
+ additional_attrs: true
+ type: dict
+ attrs:
+ - variable: name
+ label: "Name"
+ schema:
+ type: string
+ required: true
+ - variable: value
+ label: "Value"
+ schema:
+ type: string
+ required: true
diff --git a/stable/nextcloud/15.2.1/templates/_configmap.tpl b/stable/nextcloud/15.2.1/templates/_configmap.tpl
new file mode 100644
index 00000000000..abe500d31e8
--- /dev/null
+++ b/stable/nextcloud/15.2.1/templates/_configmap.tpl
@@ -0,0 +1,36 @@
+{{/* Define the configmap */}}
+{{- define "nextcloud.configmap" -}}
+
+{{- $hosts := "" }}
+{{- if .Values.ingress.main.enabled }}
+{{- range .Values.ingress }}
+{{- range $index, $host := .hosts }}
+ {{- if $index }}
+ {{ $hosts = ( printf "%v %v" $hosts $host.host ) }}
+ {{- else }}
+ {{ $hosts = ( printf "%s" $host.host ) }}
+ {{- end }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: nextcloudconfig
+data:
+ {{- $aliasgroup1 := ( printf "http://%s" ( .Values.env.AccessIP | default ( printf "%v-%v" .Release.Name "nextcloud" ) ) ) }}
+ {{- if .Values.ingress.main.enabled }}
+ {{- with (first .Values.ingress.main.hosts) }}
+ {{- $aliasgroup1 = ( printf "https://%s" .host ) }}
+ {{- end }}
+ {{- end }}
+ aliasgroup1: {{ $aliasgroup1 }}
+ NEXTCLOUD_TRUSTED_DOMAINS: {{ ( printf "%v %v %v %v %v %v %v %v" "test.fakedomain.dns" "localhost" "127.0.0.1" ( printf "%v:%v" "127.0.0.1" .Values.service.main.ports.main.port ) ( .Values.env.AccessIP | default "localhost" ) ( printf "%v-%v" .Release.Name "nextcloud" ) ( printf "%v-%v" .Release.Name "nextcloud-backend" ) $hosts ) | quote }}
+ {{- if .Values.ingress.main.enabled }}
+ APACHE_DISABLE_REWRITE_IP: "1"
+ {{- end }}
+
+{{- end -}}
diff --git a/stable/nextcloud/15.2.1/templates/_cronjob.tpl b/stable/nextcloud/15.2.1/templates/_cronjob.tpl
new file mode 100644
index 00000000000..302f3b83aae
--- /dev/null
+++ b/stable/nextcloud/15.2.1/templates/_cronjob.tpl
@@ -0,0 +1,64 @@
+{{/* Define the cronjob */}}
+{{- define "nextcloud.cronjob" -}}
+{{- if .Values.cronjob.enabled -}}
+{{- $jobName := include "tc.common.names.fullname" . }}
+
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: {{ printf "%s-cronjob" $jobName }}
+ labels:
+ {{- include "tc.common.labels" . | nindent 4 }}
+spec:
+ schedule: "{{ .Values.cronjob.schedule }}"
+ concurrencyPolicy: Forbid
+ {{- with .Values.cronjob.failedJobsHistoryLimit }}
+ failedJobsHistoryLimit: {{ . }}
+ {{- end }}
+ {{- with .Values.cronjob.successfulJobsHistoryLimit }}
+ successfulJobsHistoryLimit: {{ . }}
+ {{- end }}
+ jobTemplate:
+ metadata:
+ spec:
+ template:
+ metadata:
+ spec:
+ restartPolicy: Never
+ {{- with (include "tc.common.controller.volumes" . | trim) }}
+ volumes:
+ {{- nindent 12 . }}
+ {{- end }}
+ containers:
+ - name: {{ .Chart.Name }}
+ image: '{{ include "tc.common.images.selector" . }}'
+ imagePullPolicy: {{ default .Values.image.pullPolicy }}
+ command:
+ - "/bin/sh"
+ - "-c"
+ - |
+ /bin/bash <<'EOF'
+ echo "running nextcloud cronjob..."
+ php -f /var/www/html/cron.php
+ echo "cronjob finished"
+ {{- if .Values.cronjob.generatePreviews }}
+ echo "Pre-generating Previews..."
+ php /var/www/html/occ preview:pre-generate
+ echo "Previews generated."
+ {{- end }}
+ EOF
+ # Will mount configuration files as www-data (id: 33) by default for nextcloud
+ {{- with (include "tc.common.controller.volumeMounts" . | trim) }}
+ volumeMounts:
+ {{ nindent 16 . }}
+ {{- end }}
+ securityContext:
+ runAsUser: 33
+ runAsGroup: 33
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ resources:
+{{ toYaml .Values.resources | indent 16 }}
+{{- end -}}
+{{- end -}}
diff --git a/stable/nextcloud/15.2.1/templates/_hpb.tpl b/stable/nextcloud/15.2.1/templates/_hpb.tpl
new file mode 100644
index 00000000000..b2837cbcc77
--- /dev/null
+++ b/stable/nextcloud/15.2.1/templates/_hpb.tpl
@@ -0,0 +1,133 @@
+{{/* Define the hbp container */}}
+{{- define "nextcloud.hpb" -}}
+{{- $jobName := include "tc.common.names.fullname" . }}
+image: '{{ include "tc.common.images.selector" . }}'
+imagePullPolicy: '{{ .Values.image.pullPolicy }}'
+securityContext:
+ runAsUser: 33
+ runAsGroup: 33
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
+volumeMounts:
+ {{ nindent 2 . }}
+{{- end }}
+ports:
+ - containerPort: 7867
+readinessProbe:
+ httpGet:
+ path: /push/test/cookie
+ port: 7867
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+ initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
+livenessProbe:
+ httpGet:
+ path: /push/test/cookie
+ port: 7867
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+ initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
+startupProbe:
+ httpGet:
+ path: /push/test/cookie
+ port: 7867
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+ initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
+command:
+ - "/bin/sh"
+ - "-c"
+ - |
+ /bin/bash <<'EOF'
+ set -m
+ echo "Waiting for notify_push file to be available..."
+ until [ -f /var/www/html/custom_apps/notify_push/bin/x86_64/notify_push ]
+ do
+ sleep 10
+ echo "Notify_push not found... waiting..."
+ done
+ echo "Waiting for Nextcloud to start..."
+ until $(curl --output /dev/null --silent --head --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:8080/status.php); do
+ echo "Nextcloud not found... waiting..."
+ sleep 10
+ done
+ until $(curl --silent --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:8080/status.php | jq --raw-output '.installed' | grep "true"); do
+ echo "Nextcloud not installed... waiting..."
+ sleep 10
+ done
+ echo "Nextcloud instance with Notify_push found... Launching High Performance Backend..."
+ /var/www/html/custom_apps/notify_push/bin/x86_64/notify_push /var/www/html/config/config.php &
+
+ {{- if .Values.imaginary.enabled }}
+ echo "Imaginary High Performance Previews enabled, enabling it on Nextcloud..."
+ php /var/www/html/occ config:system:set enabledPreviewProviders 6 --value='OC\Preview\Imaginary'
+ php /var/www/html/occ config:system:set preview_imaginary_url --value='http://127.0.0.1:9090'
+ {{- end }}
+
+ until $(curl --output /dev/null --silent --head --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:7867/push/test/cookie); do
+ echo "High Performance Backend not running ... waiting..."
+ sleep 10
+ done
+ {{- $accessurl := ( printf "http://%v:%v" ( .Values.env.AccessIP | default ( printf "%v-%v" .Release.Name "nextcloud" ) ) .Values.service.main.ports.main.port ) }}
+ {{- if .Values.ingress.main.enabled }}
+ {{- with (first .Values.ingress.main.hosts) }}
+ {{- $accessurl = ( printf "https://%s" .host ) }}
+ {{- end }}
+ {{- end }}
+ until $(curl --output /dev/null --silent --head --fail $accessurl/push/test/cookie); do
+ echo "High Performance Backend service not accessable ... waiting..."
+ sleep 10
+ done
+ echo "High Performance Backend found..."
+ echo "Configuring High Performance Backend for url: {{ $accessurl }}"
+ php /var/www/html/occ notify_push:setup {{ $accessurl }}/push
+ fg
+ EOF
+env:
+ - name: NEXTCLOUD_URL
+ value: 'http://127.0.0.1:8080'
+ - name: METRICS_PORT
+ value: '7868'
+ - name: TRUSTED_PROXIES
+ value: "{{ .Values.env.TRUSTED_PROXIES }}"
+ - name: POSTGRES_DB
+ value: "{{ .Values.postgresql.postgresqlDatabase }}"
+ - name: POSTGRES_USER
+ value: "{{ .Values.postgresql.postgresqlUsername }}"
+ - name: POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: dbcreds
+ key: postgresql-password
+ - name: POSTGRES_HOST
+ valueFrom:
+ secretKeyRef:
+ name: dbcreds
+ key: plainporthost
+ - name: REDIS_HOST
+ valueFrom:
+ secretKeyRef:
+ name: rediscreds
+ key: plainhost
+ - name: REDIS_HOST_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: rediscreds
+ key: redis-password
+envFrom:
+ - configMapRef:
+ name: nextcloudconfig
+{{- end -}}
diff --git a/stable/nextcloud/15.2.1/templates/_imaginary.tpl b/stable/nextcloud/15.2.1/templates/_imaginary.tpl
new file mode 100644
index 00000000000..57a72c43024
--- /dev/null
+++ b/stable/nextcloud/15.2.1/templates/_imaginary.tpl
@@ -0,0 +1,40 @@
+{{/* Define the imaginary container */}}
+{{- define "nextcloud.imaginary" -}}
+image: {{ .Values.imaginaryImage.repository }}:{{ .Values.imaginaryImage.tag }}
+imagePullPolicy: '{{ .Values.image.pullPolicy }}'
+securityContext:
+ runAsUser: 33
+ runAsGroup: 33
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ports:
+ - containerPort: 9090
+args: ["-enable-url-source"]
+env:
+ - name: 'PORT'
+ value: '9090'
+readinessProbe:
+ httpGet:
+ path: /
+ port: 9090
+ initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
+livenessProbe:
+ httpGet:
+ path: /
+ port: 9090
+ initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
+startupProbe:
+ httpGet:
+ path: /
+ port: 9090
+ initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
+{{- end -}}
diff --git a/stable/nextcloud/15.2.1/templates/_nginx.tpl b/stable/nextcloud/15.2.1/templates/_nginx.tpl
new file mode 100644
index 00000000000..df427f44bd8
--- /dev/null
+++ b/stable/nextcloud/15.2.1/templates/_nginx.tpl
@@ -0,0 +1,54 @@
+{{/* Define the nginx container */}}
+{{- define "nextcloud.nginx" -}}
+image: {{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}
+imagePullPolicy: '{{ .Values.image.pullPolicy }}'
+securityContext:
+ runAsUser: 33
+ runAsGroup: 33
+ readOnlyRootFilesystem: true
+ runAsNonRoot: true
+{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
+volumeMounts:
+ {{ nindent 2 . }}
+{{- end }}
+ - mountPath: /etc/nginx/nginx.conf
+ name: nginx
+ readOnly: true
+ subPath: nginx.conf
+ports:
+ - containerPort: 8080
+
+readinessProbe:
+ httpGet:
+ path: /robots.txt
+ port: 8080
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+ initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
+livenessProbe:
+ httpGet:
+ path: /robots.txt
+ port: 8080
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+ initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
+startupProbe:
+ httpGet:
+ path: /robots.txt
+ port: 8080
+ httpHeaders:
+ - name: Host
+ value: "test.fakedomain.dns"
+ initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
+ periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
+ timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
+ failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
+{{- end -}}
diff --git a/stable/nextcloud/15.2.1/templates/common.yaml b/stable/nextcloud/15.2.1/templates/common.yaml
new file mode 100644
index 00000000000..9314524b1a2
--- /dev/null
+++ b/stable/nextcloud/15.2.1/templates/common.yaml
@@ -0,0 +1,22 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "tc.common.loader.init" . }}
+
+{{/* Render configmap for nextcloud */}}
+{{- include "nextcloud.configmap" . }}
+
+{{- $newMiddlewares := append .Values.ingress.main.fixedMiddlewares "tc-nextcloud-chain" }}
+{{- $_ := set .Values.ingress.main "fixedMiddlewares" $newMiddlewares -}}
+
+{{- $_ := set .Values.additionalContainers "nginx" (include "nextcloud.nginx" . | fromYaml) -}}
+{{- if .Values.imaginary.enabled -}}
+{{- $_ := set .Values.additionalContainers "imaginary" (include "nextcloud.imaginary" . | fromYaml) -}}
+{{- end -}}
+{{- if .Values.hpb.enabled -}}
+{{- $_ := set .Values.additionalContainers "hpb" (include "nextcloud.hpb" . | fromYaml) -}}
+{{- end -}}
+
+{{/* Render the templates */}}
+{{ include "tc.common.loader.apply" . }}
+
+{{/* Render cronjob for nextcloud */}}
+{{- include "nextcloud.cronjob" . }}
diff --git a/stable/nextcloud/15.2.1/values.yaml b/stable/nextcloud/15.2.1/values.yaml
new file mode 100644
index 00000000000..e69de29bb2d