Add initial nextcloud upstream chart

This commit is contained in:
Waqar Ahmed 2020-12-03 19:49:11 +05:00
parent 52704d82d8
commit 268b17f68c
19 changed files with 1867 additions and 0 deletions

View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

View File

@ -0,0 +1,36 @@
apiVersion: v2
name: nextcloud
version: 2.3.2
appVersion: 19.0.3
description: A file sharing server that puts the control and security of your own data back into your hands.
keywords:
- nextcloud
- storage
- http
- web
- php
home: https://nextcloud.com/
icon: https://cdn.rawgit.com/docker-library/docs/defa5ffc7123177acd60ddef6e16bddf694cc35f/nextcloud/logo.svg
sources:
- https://github.com/nextcloud/helm
- https://github.com/nextcloud/docker
maintainers:
- name: skjnldsv
email: skjnldsv@protonmail.com
- name: chrisingenhaag
email: christian.ingenhaag@googlemail.com
- name: billimek
email: jeff@billimek.com
dependencies:
- name: postgresql
version: 9.8.9
repository: https://charts.bitnami.com/bitnami
condition: postgresql.enabled
- name: mariadb
version: 7.10.2
repository: https://charts.bitnami.com/bitnami
condition: mariadb.enabled
- name: redis
version: 11.0.5
repository: https://charts.bitnami.com/bitnami
condition: redis.enabled

View File

@ -0,0 +1,269 @@
# nextcloud
[nextcloud](https://nextcloud.com/) is a file sharing server that puts the control and security of your own data back into your hands.
## TL;DR;
```console
helm repo add nextcloud https://nextcloud.github.io/helm/
helm install my-release nextcloud/nextcloud
```
## Introduction
This chart bootstraps an [nextcloud](https://hub.docker.com/_/nextcloud/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
It also packages the [Bitnami MariaDB chart](https://github.com/kubernetes/charts/tree/master/stable/mariadb) which is required for bootstrapping a MariaDB deployment for the database requirements of the nextcloud application.
## Prerequisites
- Kubernetes 1.9+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure
## Installing the Chart
To install the chart with the release name `my-release`:
```console
helm repo add nextcloud https://nextcloud.github.io/helm/
helm install my-release nextcloud/nextcloud
```
The command deploys nextcloud on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```console
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the nextcloud chart and their default values.
| Parameter | Description | Default |
| ------------------------------------------------------------ | ------------------------------------------------------- | ------------------------------------------- |
| `image.repository` | nextcloud Image name | `nextcloud` |
| `image.tag` | nextcloud Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `nil` |
| `ingress.enabled` | Enable use of ingress controllers | `false` |
| `ingress.servicePort` | Ingress' backend servicePort | `http` |
| `ingress.annotations` | An array of service annotations | `nil` |
| `ingress.labels` | An array of service labels | `nil` |
| `ingress.tls` | Ingress TLS configuration | `[]` |
| `nextcloud.host` | nextcloud host to create application URLs | `nextcloud.kube.home` |
| `nextcloud.username` | User of the application | `admin` |
| `nextcloud.password` | Application password | `changeme` |
| `nextcloud.update` | Trigger update if custom command is used | `0` |
| `nextcloud.datadir` | nextcloud data dir location | `/var/www/html/data` |
| `nextcloud.tableprefix` | nextcloud db table prefix | `''` |
| `nextcloud.mail.enabled` | Whether to enable/disable email settings | `false` |
| `nextcloud.mail.fromAddress` | nextcloud mail send from field | `nil` |
| `nextcloud.mail.domain` | nextcloud mail domain | `nil` |
| `nextcloud.mail.smtp.host` | SMTP hostname | `nil` |
| `nextcloud.mail.smtp.secure` | SMTP connection `ssl` or empty | `''` |
| `nextcloud.mail.smtp.port` | Optional SMTP port | `nil` |
| `nextcloud.mail.smtp.authtype` | SMTP authentication method | `LOGIN` |
| `nextcloud.mail.smtp.name` | SMTP username | `''` |
| `nextcloud.mail.smtp.password` | SMTP password | `''` |
| `nextcloud.configs` | Config files created in `/var/www/html/config` | `{}` |
| `nextcloud.persistence.subPath` | Set the subPath for nextcloud to use in volume | `nil` |
| `nextcloud.phpConfigs` | PHP Config files created in `/usr/local/etc/php/conf.d` | `{}` |
| `nextcloud.defaultConfigs.\.htaccess` | Default .htaccess to protect `/var/www/html/config` | `true` |
| `nextcloud.defaultConfigs.\.redis\.config\.php` | Default Redis configuration | `true` |
| `nextcloud.defaultConfigs.\.apache-pretty-urls\.config\.php` | Default Apache configuration for rewrite urls | `true` |
| `nextcloud.defaultConfigs.\.apcu\.config\.php` | Default configuration to define APCu as local cache | `true` |
| `nextcloud.defaultConfigs.\.apps\.config\.php` | Default configuration for apps | `true` |
| `nextcloud.defaultConfigs.\.autoconfig\.php` | Default auto-configuration for databases | `true` |
| `nextcloud.defaultConfigs.\.smtp\.config\.php` | Default configuration for smtp | `true` |
| `nextcloud.strategy` | specifies the strategy used to replace old Pods by new ones | `type: Recreate` |
| `nextcloud.extraEnv` | specify additional environment variables | `{}` |
| `nextcloud.extraVolumes` | specify additional volumes for the NextCloud pod | `{}` |
| `nextcloud.extraVolumeMounts` | specify additional volume mounts for the NextCloud pod | `{}` |
| `nginx.enabled` | Enable nginx (requires you use php-fpm image) | `false` |
| `nginx.image.repository` | nginx Image name | `nginx` |
| `nginx.image.tag` | nginx Image tag | `alpine` |
| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` |
| `nginx.config.default` | Whether to use nextclouds recommended nginx config | `true` |
| `nginx.config.custom` | Specify a custom config for nginx | `{}` |
| `nginx.resources` | nginx resources | `{}` |
| `lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand | `nil` |
| `lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand | `nil` |
| `internalDatabase.enabled` | Whether to use internal sqlite database | `true` |
| `internalDatabase.database` | Name of the existing database | `nextcloud` |
| `externalDatabase.enabled` | Whether to use external database | `false` |
| `externalDatabase.type` | External database type: `mysql`, `postgresql` | `mysql` |
| `externalDatabase.host` | Host of the external database | `nil` |
| `externalDatabase.database` | Name of the existing database | `nextcloud` |
| `externalDatabase.user` | Existing username in the external db | `nextcloud` |
| `externalDatabase.password` | Password for the above username | `nil` |
| `externalDatabase.existingSecret.enabled` | Whether to use a existing secret or not | `false` |
| `externalDatabase.existingSecret.secretName` | Name of the existing secret | `nil` |
| `externalDatabase.existingSecret.usernameKey` | Name of the key that contains the username | `nil` |
| `externalDatabase.existingSecret.passwordKey` | Name of the key that contains the password | `nil` |
| `mariadb.enabled` | Whether to use the MariaDB chart | `false` |
| `mariadb.db.name` | Database name to create | `nextcloud` |
| `mariadb.db.password` | Password for the database | `changeme` |
| `mariadb.db.user` | Database user to create | `nextcloud` |
| `mariadb.rootUser.password` | MariaDB admin password | `nil` |
| `redis.enabled` | Whether to install/use redis for locking | `false` |
| `cronjob.enabled` | Whether to enable/disable cronjob | `false` |
| `cronjob.schedule` | Schedule for the CronJob | `*/15 * * * *` |
| `cronjob.annotations` | Annotations to add to the cronjob | {} |
| `cronjob.curlInsecure` | Set insecure (-k) option to curl | false |
| `cronjob.failedJobsHistoryLimit` | Specify the number of failed Jobs to keep | `5` |
| `cronjob.successfulJobsHistoryLimit` | Specify the number of completed Jobs to keep | `2` |
| `cronjob.resources` | Cronjob Resources | `nil` |
| `cronjob.nodeSelector` | Cronjob Node selector | `nil` |
| `cronjob.tolerations` | Cronjob tolerations | `nil` |
| `cronjob.affinity` | Cronjob affinity | `nil` |
| `service.type` | Kubernetes Service type | `ClusterIp` |
| `service.loadBalancerIP` | LoadBalancerIp for service type LoadBalancer | `nil` |
| `service.nodePort` | NodePort for service type NodePort | `nil` |
| `persistence.enabled` | Enable persistence using PVC | `false` |
| `persistence.annotations` | PVC annotations | `{}` |
| `persistence.storageClass` | PVC Storage Class for nextcloud volume | `nil` (uses alpha storage class annotation) |
| `persistence.existingClaim` | An Existing PVC name for nextcloud volume | `nil` (uses alpha storage class annotation) |
| `persistence.accessMode` | PVC Access Mode for nextcloud volume | `ReadWriteOnce` |
| `persistence.size` | PVC Storage Request for nextcloud volume | `8Gi` |
| `resources` | CPU/Memory resource requests/limits | `{}` |
| `livenessProbe.enabled` | Turn on and off liveness probe | `true` |
| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `30` |
| `livenessProbe.periodSeconds` | How often to perform the probe | `15` |
| `livenessProbe.timeoutSeconds` | When the probe times out | `5` |
| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` |
| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` |
| `readinessProbe.enabled` | Turn on and off readiness probe | `true` |
| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` |
| `readinessProbe.periodSeconds` | How often to perform the probe | `15` |
| `readinessProbe.timeoutSeconds` | When the probe times out | `5` |
| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe | `3` |
| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe | `1` |
| `hpa.enabled` | Boolean to create a HorizontalPodAutoscaler | `false` |
| `hpa.cputhreshold` | CPU threshold percent for the HorizontalPodAutoscale | `60` |
| `hpa.minPods` | Min. pods for the Nextcloud HorizontalPodAutoscaler | `1` |
| `hpa.maxPods` | Max. pods for the Nextcloud HorizontalPodAutoscaler | `10` |
| `deploymentAnnotations` | Annotations to be added at 'deployment' level | not set |
| `podAnnotations` | Annotations to be added at 'pod' level | not set |
| `metrics.enabled` | Start Prometheus metrics exporter | `false` |
| `metrics.https` | Defines if https is used to connect to nextcloud | `false` (uses http) |
| `metrics.timeout` | When the scrape times out | `5s` |
| `metrics.image.repository` | Nextcloud metrics exporter image name | `xperimental/nextcloud-exporter` |
| `metrics.image.tag` | Nextcloud metrics exporter image tag | `v0.3.0` |
| `metrics.image.pullPolicy` | Nextcloud metrics exporter image pull policy | `IfNotPresent` |
| `metrics.podAnnotations` | Additional annotations for metrics exporter | not set |
| `metrics.podLabels` | Additional labels for metrics exporter | not set |
| `metrics.service.type` | Metrics: Kubernetes Service type | `ClusterIP` |
| `metrics.service.loadBalancerIP` | Metrics: LoadBalancerIp for service type LoadBalancer | `nil` |
| `metrics.service.nodePort` | Metrics: NodePort for service type NodePort | `nil` |
| `metrics.service.annotations` | Additional annotations for service metrics exporter | `{prometheus.io/scrape: "true", prometheus.io/port: "9205"}` |
| `metrics.service.labels` | Additional labels for service metrics exporter | `{}` |
> **Note**:
>
> For nextcloud to function correctly, you should specify the `nextcloud.host` parameter to specify the FQDN (recommended) or the public IP address of the nextcloud service.
>
> Optionally, you can specify the `service.loadBalancerIP` parameter to assign a reserved IP address to the nextcloud service of the chart. However please note that this feature is only available on a few cloud providers (f.e. GKE).
>
> To reserve a public IP address on GKE:
>
> ```bash
> gcloud compute addresses create nextcloud-public-ip
> ```
>
> The reserved IP address can be associated to the nextcloud service by specifying it as the value of the `service.loadBalancerIP` parameter while installing the chart.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
helm install --name my-release \
--set nextcloud.username=admin,nextcloud.password=password,mariadb.rootUser.password=secretpassword \
nextcloud/nextcloud
```
The above command sets the nextcloud administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
```console
helm install --name my-release -f values.yaml nextcloud/nextcloud
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Persistence
The [Nextcloud](https://hub.docker.com/_/nextcloud/) image stores the nextcloud data and configurations at the `/var/www/html` paths of the container.
Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube.
See the [Configuration](#configuration) section to enable persistence and configuration of the PVC.
## Cronjob
This chart can utilize Kubernetes `CronJob` resource to execute [background tasks](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html).
To use this functionality, set `cronjob.enabled` parameter to `true` and switch background mode to Webcron in your nextcloud settings page.
See the [Configuration](#configuration) section for further configuration of the cronjob resource.
> **Note**: For the cronjobs to work correctly, ingress must be also enabled (set `ingress.enabled` to `true`) and `nextcloud.host` has to be publicly resolvable.
## Multiple config.php file
Nextcloud supports loading configuration parameters from multiple files.
You can add arbitrary files ending with `.config.php` in the `config/` directory.
See [documentation](https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file).
For example, following config will configure Nextcloud with [S3 as primary storage](https://docs.nextcloud.com/server/13/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3) by creating file `/var/www/html/config/s3.config.php`:
```yaml
nextcloud:
configs:
s3.config.php: |-
<?php
$CONFIG = array (
'objectstore' => array(
'class' => '\\OC\\Files\\ObjectStore\\S3',
'arguments' => array(
'bucket' => 'my-bucket',
'autocreate' => true,
'key' => 'xxx',
'secret' => 'xxx',
'region' => 'us-east-1',
'use_ssl' => true
)
)
);
```
## Hugepages
If your node has hugepages enabled, but you do not map any into the container, it could fail to start with a bus error in Apache. This is due
to Apache attempting to memory map a file and use hugepages. The fix is to either disable huge pages on the node or map hugepages into the container:
```yaml
nextcloud:
extraVolumes:
- name: hugepages
emptyDir:
medium: HugePages-2Mi
extraVolumeMounts:
- name: hugepages
mountPath: /dev/hugepages
resources:
requests:
hugepages-2Mi: 500Mi
# note that Kubernetes currently requires cpu or memory requests and limits before hugepages are allowed.
memory: 500Mi
limits:
# limit and request must be the same for hugepages. They are a fixed resource.
hugepages-2Mi: 500Mi
# note that Kubernetes currently requires cpu or memory requests and limits before hugepages are allowed.
memory: 1Gi
```

View File

@ -0,0 +1,94 @@
{{- if or .Values.mariadb.enabled .Values.externalDatabase.host -}}
{{- if empty .Values.nextcloud.host -}}
#################################################################################
### WARNING: You did not provide an external host in your 'helm install' call ###
#################################################################################
This deployment will be incomplete until you configure nextcloud with a resolvable
host. To configure nextcloud with the URL of your service:
1. Get the nextcloud URL by running:
{{- if contains "NodePort" .Values.service.type }}
export APP_PORT=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}")
export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "nextcloud.fullname" . }}'
export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
export APP_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.data.nextcloud-password}" | base64 --decode)
{{- if .Values.mariadb.db.password }}
export APP_DATABASE_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.mariadb.fullname" . }} -o jsonpath="{.data.mariadb-password}" | base64 --decode)
{{- end }}
{{- end }}
2. Complete your nextcloud deployment by running:
{{- if .Values.mariadb.enabled }}
helm upgrade {{ .Release.Name }} nextcloud/nextcloud \
--set nextcloud.host=$APP_HOST,nextcloud.password=$APP_PASSWORD{{ if .Values.mariadb.db.password }},mariadb.db.password=$APP_DATABASE_PASSWORD{{ end }}
{{- else }}
## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ##
helm upgrade {{ .Release.Name }} nextcloud/nextcloud \
--set nextcloud.password=$APP_PASSWORD,nextcloud.host=$APP_HOST,service.type={{ .Values.service.type }},mariadb.enabled=false{{- if not (empty .Values.externalDatabase.host) }},externalDatabase.host={{ .Values.externalDatabase.host }}{{- end }}{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }}
{{- end }}
{{- else -}}
1. Get the nextcloud URL by running:
{{- if eq .Values.service.type "ClusterIP" }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ template "nextcloud.fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
echo http://127.0.0.1:8080/
kubectl port-forward $POD_NAME 8080:80
{{- else }}
echo http://{{ .Values.nextcloud.host }}/
{{- end }}
2. Get your nextcloud login credentials by running:
echo User: {{ .Values.nextcloud.username }}
echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.data.nextcloud-password}" | base64 --decode)
{{- end }}
{{- else -}}
#######################################################################################################
## WARNING: You did not provide an external database host in your 'helm install' call ##
## Running Nextcloud with the integrated sqlite database is not recommended for production instances ##
#######################################################################################################
For better performance etc. you have to configure nextcloud with a resolvable database
host. To configure nextcloud to use and external database host:
1. Complete your nextcloud deployment by running:
{{- if contains "NodePort" .Values.service.type }}
export APP_HOST=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "nextcloud.fullname" . }}'
export APP_HOST=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
{{- else }}
export APP_HOST=127.0.0.1
{{- end }}
export APP_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "nextcloud.fullname" . }} -o jsonpath="{.data.nextcloud-password}" | base64 --decode)
## PLEASE UPDATE THE EXTERNAL DATABASE CONNECTION PARAMETERS IN THE FOLLOWING COMMAND AS NEEDED ##
helm upgrade {{ .Release.Name }} nextcloud/nextcloud \
--set nextcloud.password=$APP_PASSWORD,nextcloud.host=$APP_HOST,service.type={{ .Values.service.type }},mariadb.enabled=false{{- if not (empty .Values.externalDatabase.user) }},externalDatabase.user={{ .Values.externalDatabase.user }}{{- end }}{{- if not (empty .Values.externalDatabase.password) }},externalDatabase.password={{ .Values.externalDatabase.password }}{{- end }}{{- if not (empty .Values.externalDatabase.database) }},externalDatabase.database={{ .Values.externalDatabase.database }}{{- end }},externalDatabase.host=YOUR_EXTERNAL_DATABASE_HOST
{{- end }}

View File

@ -0,0 +1,49 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "nextcloud.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "nextcloud.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "nextcloud.mariadb.fullname" -}}
{{- printf "%s-%s" .Release.Name "mariadb" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified redis app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "nextcloud.redis.fullname" -}}
{{- printf "%s-%s" .Release.Name "redis" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "nextcloud.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

View File

@ -0,0 +1,127 @@
{{- if .Values.nextcloud.configs -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "nextcloud.fullname" . }}-config
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
{{- range $key, $value := .Values.nextcloud.configs }}
{{ $key }}: |-
{{ $value | indent 4 }}
{{- end }}
{{- if .Values.nextcloud.defaultConfigs }}
{{- if index .Values.nextcloud.defaultConfigs ".htaccess" }}
.htaccess: |-
# line below if for Apache 2.4
<ifModule mod_authz_core.c>
Require all denied
</ifModule>
# line below if for Apache 2.2
<ifModule !mod_authz_core.c>
deny from all
</ifModule>
# section for Apache 2.2 and 2.4
<ifModule mod_autoindex.c>
IndexIgnore *
</ifModule>
{{- end }}
{{- if index .Values.nextcloud.defaultConfigs "redis.config.php" }}
redis.config.php: |-
<?php
if (getenv('REDIS_HOST')) {
$CONFIG = array (
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => getenv('REDIS_HOST'),
'port' => getenv('REDIS_HOST_PORT') ?: 6379,
),
);
}
{{- end }}
{{- if index .Values.nextcloud.defaultConfigs "apache-pretty-urls.config.php" }}
apache-pretty-urls.config.php: |-
<?php
$CONFIG = array (
'htaccess.RewriteBase' => '/',
);
{{- end }}
{{- if index .Values.nextcloud.defaultConfigs "apcu.config.php" }}
apcu.config.php: |-
<?php
$CONFIG = array (
'memcache.local' => '\OC\Memcache\APCu',
);
{{- end }}
{{- if index .Values.nextcloud.defaultConfigs "apps.config.php" }}
apps.config.php: |-
<?php
$CONFIG = array (
"apps_paths" => array (
0 => array (
"path" => OC::$SERVERROOT."/apps",
"url" => "/apps",
"writable" => false,
),
1 => array (
"path" => OC::$SERVERROOT."/custom_apps",
"url" => "/custom_apps",
"writable" => true,
),
),
);
{{- end }}
{{- if index .Values.nextcloud.defaultConfigs "autoconfig.php" }}
autoconfig.php: |-
<?php
$autoconfig_enabled = false;
if (getenv('SQLITE_DATABASE')) {
$AUTOCONFIG["dbtype"] = "sqlite";
$AUTOCONFIG["dbname"] = getenv('SQLITE_DATABASE');
$autoconfig_enabled = true;
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
$AUTOCONFIG["dbtype"] = "mysql";
$AUTOCONFIG["dbname"] = getenv('MYSQL_DATABASE');
$AUTOCONFIG["dbuser"] = getenv('MYSQL_USER');
$AUTOCONFIG["dbpass"] = getenv('MYSQL_PASSWORD');
$AUTOCONFIG["dbhost"] = getenv('MYSQL_HOST');
$autoconfig_enabled = true;
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
$AUTOCONFIG["dbtype"] = "pgsql";
$AUTOCONFIG["dbname"] = getenv('POSTGRES_DB');
$AUTOCONFIG["dbuser"] = getenv('POSTGRES_USER');
$AUTOCONFIG["dbpass"] = getenv('POSTGRES_PASSWORD');
$AUTOCONFIG["dbhost"] = getenv('POSTGRES_HOST');
$autoconfig_enabled = true;
}
if ($autoconfig_enabled) {
if (getenv('NEXTCLOUD_TABLE_PREFIX')) {
$AUTOCONFIG["dbtableprefix"] = getenv('NEXTCLOUD_TABLE_PREFIX');
}
$AUTOCONFIG["directory"] = getenv('NEXTCLOUD_DATA_DIR') ?: "/var/www/html/data";
}
{{- end }}
{{- if index .Values.nextcloud.defaultConfigs "smtp.config.php" }}
smtp.config.php: |-
<?php
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
$CONFIG = array (
'mail_smtpmode' => 'smtp',
'mail_smtphost' => getenv('SMTP_HOST'),
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
'mail_smtppassword' => getenv('SMTP_PASSWORD') ?: '',
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
'mail_domain' => getenv('MAIL_DOMAIN'),
);
}
{{- end }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,75 @@
{{- if .Values.cronjob.enabled }}
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: {{ template "nextcloud.fullname" . }}-cron
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
annotations:
{{ toYaml .Values.cronjob.annotations | indent 4 }}
spec:
schedule: "{{ .Values.cronjob.schedule }}"
concurrencyPolicy: Forbid
{{- with .Values.cronjob.failedJobsHistoryLimit }}
failedJobsHistoryLimit: {{ . }}
{{- end }}
{{- with .Values.cronjob.successfulJobsHistoryLimit }}
successfulJobsHistoryLimit: {{ . }}
{{- end }}
jobTemplate:
metadata:
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
restartPolicy: Never
{{- if (default .Values.image.pullSecrets .Values.cronjob.image.pullSecrets) }}
imagePullSecrets:
{{- range (default .Values.image.pullSecrets .Values.cronjob.image.pullSecrets) }}
- name: {{ . }}
{{- end }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ default .Values.image.repository .Values.cronjob.image.repository }}:{{ default .Values.image.tag .Values.cronjob.image.tag }}"
imagePullPolicy: {{ default .Values.image.pullPolicy .Values.cronjob.image.pullPolicy }}
command: [ "curl" ]
args:
{{- if .Values.ingress.enabled }}
{{- if .Values.cronjob.curlInsecure }}
- "-k"
{{- end }}
- "--fail"
- "-L"
{{- if .Values.ingress.tls }}
- "https://{{ .Values.nextcloud.host }}/cron.php"
{{- else }}
- "http://{{ .Values.nextcloud.host }}/cron.php"
{{- end }}
{{- else }}
- "http://{{ template "nextcloud.fullname" . }}:{{ .Values.service.port }}/cron.php"
{{- end }}
resources:
{{ toYaml (default .Values.resources .Values.cronjob.resources) | indent 16 }}
{{- with (default .Values.nodeSelector .Values.cronjob.nodeSelector) }}
nodeSelector:
{{ toYaml . | indent 12 }}
{{- end }}
{{- with (default .Values.affinity .Values.cronjob.affinity) }}
affinity:
{{ toYaml . | indent 12 }}
{{- end }}
{{- with (default .Values.tolerations .Values.cronjob.tolerations) }}
tolerations:
{{ toYaml . | indent 12 }}:
{{- end }}
{{- end }}

View File

@ -0,0 +1,22 @@
{{- if or .Values.mariadb.enabled .Values.externalDatabase.enabled }}
{{- if not .Values.externalDatabase.existingSecret.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ printf "%s-%s" .Release.Name "db" }}
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
type: Opaque
data:
{{- if .Values.mariadb.enabled }}
db-password: {{ default "" .Values.mariadb.db.password | b64enc | quote }}
db-username: {{ default "" .Values.mariadb.db.user | b64enc | quote }}
{{- else }}
db-password: {{ default "" .Values.externalDatabase.password | b64enc | quote }}
db-username: {{ default "" .Values.externalDatabase.user | b64enc | quote }}
{{- end }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,360 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "nextcloud.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/component: app
{{- if .Values.deploymentAnnotations }}
annotations:
{{ toYaml .Values.deploymentAnnotations | indent 4 }}
{{- end }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
{{ toYaml .Values.nextcloud.strategy | indent 4 }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: app
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: app
{{- if .Values.redis.enabled }}
{{ template "nextcloud.redis.fullname" . }}-client: "true"
{{- end }}
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end}}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.lifecycle }}
lifecycle:
{{- if .Values.lifecycle.postStartCommand }}
postStart:
exec:
command:
{{- toYaml .Values.lifecycle.postStartCommand | nindent 16 -}}
{{- end }}
{{- if .Values.lifecycle.preStopCommand }}
preStop:
exec:
command:
{{- toYaml .Values.lifecycle.preStopCommand | nindent 16 -}}
{{- end }}
{{- end }}
env:
{{- if .Values.internalDatabase.enabled }}
- name: SQLITE_DATABASE
value: {{ .Values.internalDatabase.name | quote }}
{{- else if .Values.mariadb.enabled }}
- name: MYSQL_HOST
value: {{ template "nextcloud.mariadb.fullname" . }}
- name: MYSQL_DATABASE
value: {{ .Values.mariadb.db.name | quote }}
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }}
key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }}
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }}
{{- else }}
{{- if eq .Values.externalDatabase.type "postgresql" }}
- name: POSTGRES_HOST
value: {{ .Values.externalDatabase.host | quote }}
- name: POSTGRES_DB
value: {{ .Values.externalDatabase.database | quote }}
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }}
key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }}
{{- else }}
- name: MYSQL_HOST
value: {{ .Values.externalDatabase.host | quote }}
- name: MYSQL_DATABASE
value: {{ .Values.externalDatabase.database | quote }}
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }}
key: {{ .Values.externalDatabase.existingSecret.usernameKey | default "db-username" }}
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-%s" .Release.Name "db") }}
key: {{ .Values.externalDatabase.existingSecret.passwordKey | default "db-password" }}
{{- end }}
{{- end }}
- name: NEXTCLOUD_ADMIN_USER
valueFrom:
secretKeyRef:
name: {{ template "nextcloud.fullname" . }}
key: nextcloud-username
- name: NEXTCLOUD_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "nextcloud.fullname" . }}
key: nextcloud-password
- name: NEXTCLOUD_TRUSTED_DOMAINS
value: {{ .Values.nextcloud.host }}
{{- if ne (int .Values.nextcloud.update) 0 }}
- name: NEXTCLOUD_UPDATE
value: {{ .Values.nextcloud.update | quote }}
{{- end }}
- name: NEXTCLOUD_DATA_DIR
value: {{ .Values.nextcloud.datadir | quote }}
{{- if .Values.nextcloud.tableprefix }}
- name: NEXTCLOUD_TABLE_PREFIX
value: {{ .Values.nextcloud.tableprefix | quote }}
{{- end }}
{{- if .Values.nextcloud.mail.enabled }}
- name: MAIL_FROM_ADDRESS
value: {{ .Values.nextcloud.mail.fromAddress | quote }}
- name: MAIL_DOMAIN
value: {{ .Values.nextcloud.mail.domain | quote }}
- name: SMTP_HOST
value: {{ .Values.nextcloud.mail.smtp.host | quote }}
- name: SMTP_SECURE
value: {{ .Values.nextcloud.mail.smtp.secure | quote }}
- name: SMTP_PORT
value: {{ .Values.nextcloud.mail.smtp.port | quote }}
- name: SMTP_AUTHTYPE
value: {{ .Values.nextcloud.mail.smtp.authtype | quote }}
- name: SMTP_NAME
valueFrom:
secretKeyRef:
name: {{ template "nextcloud.fullname" . }}
key: smtp-username
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "nextcloud.fullname" . }}
key: smtp-password
{{- end }}
{{- if .Values.redis.enabled }}
- name: REDIS_HOST
value: {{ template "nextcloud.redis.fullname" . }}-master
- name: REDIS_HOST_PORT
value: {{ .Values.redis.redisPort | quote }}
{{- end }}
{{- if .Values.nextcloud.extraEnv }}
{{ toYaml .Values.nextcloud.extraEnv | indent 8 }}
{{- end }}
{{- if not .Values.nginx.enabled }}
ports:
- name: http
containerPort: 80
protocol: TCP
{{- end }}
{{- if and .Values.livenessProbe.enabled (not .Values.nginx.enabled) }}
livenessProbe:
httpGet:
path: /status.php
port: http
httpHeaders:
- name: Host
value: {{ .Values.nextcloud.host | quote }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if and .Values.readinessProbe.enabled (not .Values.nginx.enabled) }}
readinessProbe:
httpGet:
path: /status.php
port: http
httpHeaders:
- name: Host
value: {{ .Values.nextcloud.host | quote }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
resources:
{{ toYaml .Values.resources | indent 10 }}
volumeMounts:
- name: nextcloud-data
mountPath: /var/www/
subPath: {{ ternary "root" (printf "%s/%s" .Values.nextcloud.persistence.subPath "root") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html
subPath: {{ ternary "html" (printf "%s/%s" .Values.nextcloud.persistence.subPath "html") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: {{ .Values.nextcloud.datadir }}
subPath: {{ ternary "data" (printf "%s/%s" .Values.nextcloud.persistence.subPath "data") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html/config
subPath: {{ ternary "config" (printf "%s/%s" .Values.nextcloud.persistence.subPath "config") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html/custom_apps
subPath: {{ ternary "custom_apps" (printf "%s/%s" .Values.nextcloud.persistence.subPath "custom_apps") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/tmp
subPath: {{ ternary "tmp" (printf "%s/%s" .Values.nextcloud.persistence.subPath "tmp") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html/themes
subPath: {{ ternary "themes" (printf "%s/%s" .Values.nextcloud.persistence.subPath "themes") (empty .Values.nextcloud.persistence.subPath) }}
{{- range $key, $value := .Values.nextcloud.configs }}
- name: nextcloud-config
mountPath: /var/www/html/config/{{ $key }}
subPath: {{ $key }}
{{- end }}
{{- if .Values.nextcloud.configs }}
{{- range $key, $value := .Values.nextcloud.defaultConfigs }}
{{- if $value }}
- name: nextcloud-config
mountPath: /var/www/html/config/{{ $key }}
subPath: {{ $key }}
{{- end }}
{{- end }}
{{- end }}
{{- range $key, $value := .Values.nextcloud.phpConfigs }}
- name: nextcloud-phpconfig
mountPath: /usr/local/etc/php/conf.d/{{ $key }}
subPath: {{ $key }}
{{- end }}
{{- if .Values.nextcloud.extraVolumeMounts }}
{{ toYaml .Values.nextcloud.extraVolumeMounts | indent 8 }}
{{- end }}
{{- if .Values.nginx.enabled }}
- name: {{ .Chart.Name }}-nginx
image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}"
imagePullPolicy: {{ .Values.nginx.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
{{- if .Values.livenessProbe.enabled }}
livenessProbe:
httpGet:
path: /status.php
port: http
httpHeaders:
- name: Host
value: {{ .Values.nextcloud.host | quote }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
{{- end }}
{{- if .Values.readinessProbe.enabled }}
readinessProbe:
httpGet:
path: /status.php
port: http
httpHeaders:
- name: Host
value: {{ .Values.nextcloud.host | quote }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
{{- end }}
resources:
{{ toYaml .Values.nginx.resources | indent 10 }}
volumeMounts:
- name: nextcloud-data
mountPath: /var/www/
subPath: {{ ternary "root" (printf "%s/%s" .Values.nextcloud.persistence.subPath "root") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html
subPath: {{ ternary "html" (printf "%s/%s" .Values.nextcloud.persistence.subPath "html") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: {{ .Values.nextcloud.datadir }}
subPath: {{ ternary "data" (printf "%s/%s" .Values.nextcloud.persistence.subPath "data") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html/config
subPath: {{ ternary "config" (printf "%s/%s" .Values.nextcloud.persistence.subPath "config") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html/custom_apps
subPath: {{ ternary "custom_apps" (printf "%s/%s" .Values.nextcloud.persistence.subPath "custom_apps") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/tmp
subPath: {{ ternary "tmp" (printf "%s/%s" .Values.nextcloud.persistence.subPath "tmp") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-data
mountPath: /var/www/html/themes
subPath: {{ ternary "themes" (printf "%s/%s" .Values.nextcloud.persistence.subPath "themes") (empty .Values.nextcloud.persistence.subPath) }}
- name: nextcloud-nginx-config
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: nextcloud-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud{{- end }}
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.nextcloud.configs }}
- name: nextcloud-config
configMap:
name: {{ template "nextcloud.fullname" . }}-config
{{- end }}
{{- if .Values.nextcloud.phpConfigs }}
- name: nextcloud-phpconfig
configMap:
name: {{ template "nextcloud.fullname" . }}-phpconfig
{{- end }}
{{- if .Values.nginx.enabled }}
- name: nextcloud-nginx-config
configMap:
name: {{ template "nextcloud.fullname" . }}-nginxconfig
{{- end }}
{{- if .Values.nextcloud.extraVolumes }}
{{ toYaml .Values.nextcloud.extraVolumes | indent 6 }}
{{- end }}
{{- if .Values.nginx.enabled }}
# Will mount configuration files as www-data (id: 82) for nextcloud
securityContext:
fsGroup: 82
{{- else }}
# Will mount configuration files as www-data (id: 33) for nextcloud
securityContext:
fsGroup: 33
{{- end }}

View File

@ -0,0 +1,20 @@
{{- if .Values.hpa.enabled -}}
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: {{ template "nextcloud.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/component: app
spec:
scaleTargetRef:
kind: Deployment
apiVersion: apps/v1
name: {{ template "nextcloud.fullname" . }}
minReplicas: {{ .Values.hpa.minPods }}
maxReplicas: {{ .Values.hpa.maxPods }}
targetCPUUtilizationPercentage: {{ .Values.hpa.cputhreshold }}
{{- end }}

View File

@ -0,0 +1,31 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: {{ template "nextcloud.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/component: app
{{- if .Values.ingress.labels }}
{{ toYaml .Values.ingress.labels | indent 4 }}
{{- end }}
{{- if .Values.ingress.annotations }}
annotations:
{{ toYaml .Values.ingress.annotations | indent 4 }}
{{- end }}
spec:
rules:
- host: {{ .Values.nextcloud.host }}
http:
paths:
- backend:
serviceName: {{ template "nextcloud.fullname" . }}
servicePort: {{ .Values.service.port }}
{{- if .Values.ingress.tls }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
{{- end -}}
{{- end }}

View File

@ -0,0 +1,55 @@
{{- if .Values.metrics.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "nextcloud.fullname" . }}-metrics
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/component: metrics
spec:
replicas: {{ .Values.metrics.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: metrics
template:
metadata:
annotations: {{- toYaml .Values.metrics.podAnnotations | nindent 8 }}
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: metrics
{{- if .Values.metrics.podLabels }}
{{ toYaml .Values.metrics.podLabels | indent 8 }}
{{- end }}
spec:
containers:
- name: metrics-exporter
image: "{{ .Values.metrics.image.repository }}:{{ .Values.metrics.image.tag }}"
imagePullPolicy: {{ .Values.metrics.image.pullPolicy }}
env:
- name: NEXTCLOUD_USERNAME
valueFrom:
secretKeyRef:
name: {{ template "nextcloud.fullname" . }}
key: nextcloud-username
- name: NEXTCLOUD_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "nextcloud.fullname" . }}
key: nextcloud-password
- name: NEXTCLOUD_SERVER
value: http{{ if .Values.metrics.https }}s{{ end }}://{{ .Values.nextcloud.host }}
- name: NEXTCLOUD_TIMEOUT
value: {{ .Values.metrics.timeout }}
ports:
- name: metrics
containerPort: 9205
{{- if .Values.metrics.resources }}
resources: {{- toYaml .Values.metrics.resources | nindent 10 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,31 @@
{{- if .Values.metrics.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "nextcloud.fullname" . }}-metrics
labels:
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- if .Values.metrics.service.labels -}}
{{ toYaml .Values.metrics.service.labels | nindent 4 }}
{{- end -}}
{{- if .Values.metrics.service.annotations }}
annotations: {{ toYaml .Values.metrics.service.annotations | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.metrics.service.type }}
{{ if eq .Values.metrics.service.type "LoadBalancer" -}} {{ if .Values.metrics.service.loadBalancerIP }}
loadBalancerIP: {{ .Values.metrics.service.loadBalancerIP }}
{{ end -}}
{{- end -}}
ports:
- name: metrics
port: 9205
targetPort: metrics
selector:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,31 @@
{{- if .Values.persistence.enabled -}}
{{- if not .Values.persistence.existingClaim -}}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "nextcloud.fullname" . }}-nextcloud
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/component: app
{{- if .Values.persistence.annotations }}
annotations:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end -}}
{{- end -}}

View File

@ -0,0 +1,185 @@
{{- if .Values.nginx.enabled -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "nextcloud.fullname" . }}-nginxconfig
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
nginx.conf: |-
{{- if .Values.nginx.config.default }}
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
upstream php-handler {
server 127.0.0.1:9000;
}
server {
listen 80;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /var/www/html;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php;
}
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
# fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
try_files $uri /index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
}
}
{{- else }}
{{ .Values.nginx.config.custom | indent 4 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,16 @@
{{- if .Values.nextcloud.phpConfigs -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "nextcloud.fullname" . }}-phpconfig
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
data:
{{- range $key, $value := .Values.nextcloud.phpConfigs }}
{{ $key }}: |-
{{ $value | indent 4 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,21 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ template "nextcloud.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
type: Opaque
data:
nextcloud-username: {{ .Values.nextcloud.username | b64enc | quote }}
{{ if .Values.nextcloud.password }}
nextcloud-password: {{ .Values.nextcloud.password | b64enc | quote }}
{{ else }}
nextcloud-password: {{ randAlphaNum 10 | b64enc | quote }}
{{ end }}
{{- if .Values.nextcloud.mail.enabled }}
smtp-username: {{ default "" .Values.nextcloud.mail.smtp.name | b64enc | quote }}
smtp-password: {{ default "" .Values.nextcloud.mail.smtp.password | b64enc | quote }}
{{- end }}

View File

@ -0,0 +1,25 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "nextcloud.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}
helm.sh/chart: {{ include "nextcloud.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/component: app
spec:
type: {{ .Values.service.type }}
{{- if eq .Values.service.type "LoadBalancer" }}
loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }}
{{- end }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- if eq .Values.service.type "NodePort" }}
nodePort: {{ default "" .Values.service.nodePort}}
{{- end }}
selector:
app.kubernetes.io/name: {{ include "nextcloud.name" . }}

View File

@ -0,0 +1,399 @@
## Official nextcloud image version
## ref: https://hub.docker.com/r/library/nextcloud/tags/
##
image:
repository: nextcloud
tag: 19.0.3-apache
pullPolicy: IfNotPresent
# pullSecrets:
# - myRegistrKeySecretName
nameOverride: ""
fullnameOverride: ""
# Number of replicas to be deployed
replicaCount: 1
## Allowing use of ingress controllers
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
enabled: false
annotations: {}
# nginx.ingress.kubernetes.io/proxy-body-size: 4G
# kubernetes.io/tls-acme: "true"
# certmanager.k8s.io/cluster-issuer: letsencrypt-prod
# nginx.ingress.kubernetes.io/server-snippet: |-
# server_tokens off;
# proxy_hide_header X-Powered-By;
# rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
# rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
# rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
# location = /.well-known/carddav {
# return 301 $scheme://$host/remote.php/dav;
# }
# location = /.well-known/caldav {
# return 301 $scheme://$host/remote.php/dav;
# }
# location = /robots.txt {
# allow all;
# log_not_found off;
# access_log off;
# }
# location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
# deny all;
# }
# location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
# deny all;
# }
# tls:
# - secretName: nextcloud-tls
# hosts:
# - nextcloud.kube.home
labels: {}
# Allow configuration of lifecycle hooks
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
lifecycle: {}
# postStartCommand: []
# preStopCommand: []
nextcloud:
host: nextcloud.kube.home
username: admin
password: changeme
update: 0
datadir: /var/www/html/data
tableprefix:
persistence:
subPath:
mail:
enabled: false
fromAddress: user
domain: domain.com
smtp:
host: domain.com
secure: ssl
port: 465
authtype: LOGIN
name: user
password: pass
# PHP Configuration files
# Will be injected in /usr/local/etc/php/conf.d
phpConfigs: {}
# Default config files
# IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself
# Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/16.0/apache/config
defaultConfigs:
# To protect /var/www/html/config
.htaccess: true
# Redis default configuration
redis.config.php: true
# Apache configuration for rewrite urls
apache-pretty-urls.config.php: true
# Define APCu as local cache
apcu.config.php: true
# Apps directory configs
apps.config.php: true
# Used for auto configure database
autoconfig.php: true
# SMTP default configuration
smtp.config.php: true
# Extra config files created in /var/www/html/config/
# ref: https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
configs: {}
# For example, to use S3 as primary storage
# ref: https://docs.nextcloud.com/server/13/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3
#
# configs:
# s3.config.php: |-
# <?php
# $CONFIG = array (
# 'objectstore' => array(
# 'class' => '\\OC\\Files\\ObjectStore\\S3',
# 'arguments' => array(
# 'bucket' => 'my-bucket',
# 'autocreate' => true,
# 'key' => 'xxx',
# 'secret' => 'xxx',
# 'region' => 'us-east-1',
# 'use_ssl' => true
# )
# )
# );
## Strategy used to replace old pods
## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
strategy:
type: Recreate
# type: RollingUpdate
# rollingUpdate:
# maxSurge: 1
# maxUnavailable: 0
##
## Extra environment variables
extraEnv:
# - name: SOME_SECRET_ENV
# valueFrom:
# secretKeyRef:
# name: nextcloud
# key: secret_key
# Extra mounts for the pods. Example shown is for connecting a legacy NFS volume
# to NextCloud pods in Kubernetes. This can then be configured in External Storage
extraVolumes:
# - name: nfs
# nfs:
# server: "10.0.0.1"
# path: "/nextcloud_data"
# readOnly: false
extraVolumeMounts:
# - name: nfs
# mountPath: "/legacy_data"
nginx:
## You need to set an fpm version of the image for nextcloud if you want to use nginx!
enabled: false
image:
repository: nginx
tag: alpine
pullPolicy: IfNotPresent
config:
# This generates the default nginx config as per the nextcloud documentation
default: true
# custom: |-
# worker_processes 1;..
resources: {}
internalDatabase:
enabled: true
name: nextcloud
##
## External database configuration
##
externalDatabase:
enabled: false
## Supported database engines: mysql or postgresql
type: mysql
## Database host
host:
## Database user
user: nextcloud
## Database password
password:
## Database name
database: nextcloud
## Use a existing secret
existingSecret:
enabled: false
# secretName: nameofsecret
# usernameKey: username
# passwordKey: password
##
## MariaDB chart configuration
##
mariadb:
## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
enabled: false
db:
name: nextcloud
user: nextcloud
password: changeme
replication:
enabled: false
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
master:
persistence:
enabled: false
# storageClass: ""
accessMode: ReadWriteOnce
size: 8Gi
postgresql:
enabled: false
global:
postgresql:
postgresqlUsername: nextcloud
postgresqlPassword: changeme
postgresqlDatabase: nextcloud
persistence:
enabled: false
# storageClass: ""
redis:
enabled: false
usePassword: false
## Cronjob to execute Nextcloud background tasks
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#webcron
##
cronjob:
enabled: false
# Nexcloud image is used as default but only curl is needed
image: {}
# repository: nextcloud
# tag: 16.0.3-apache
# pullPolicy: IfNotPresent
# pullSecrets:
# - myRegistrKeySecretName
# Every 5 minutes
# Note: Setting this to any any other value than 5 minutes might
# cause issues with how nextcloud background jobs are executed
schedule: "*/5 * * * *"
annotations: {}
# Set curl's insecure option if you use e.g. self-signed certificates
curlInsecure: false
failedJobsHistoryLimit: 5
successfulJobsHistoryLimit: 2
# If not set, nextcloud deployment one will be set
# resources:
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# If not set, nextcloud deployment one will be set
# nodeSelector: {}
# If not set, nextcloud deployment one will be set
# tolerations: []
# If not set, nextcloud deployment one will be set
# affinity: {}
service:
type: ClusterIP
port: 8080
loadBalancerIP: nil
nodePort: nil
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
# Nextcloud Data (/var/www/html)
enabled: false
annotations: {}
## nextcloud data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
accessMode: ReadWriteOnce
size: 8Gi
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## Liveness and readiness probe values
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
## Enable pod autoscaling using HorizontalPodAutoscaler
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
##
hpa:
enabled: false
cputhreshold: 60
minPods: 1
maxPods: 10
nodeSelector: {}
tolerations: []
affinity: {}
## Prometheus Exporter / Metrics
##
metrics:
enabled: false
replicaCount: 1
# The metrics exporter needs to know how you serve Nextcloud either http or https
https: false
timeout: 5s
image:
repository: xperimental/nextcloud-exporter
tag: v0.3.0
pullPolicy: IfNotPresent
## Metrics exporter resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
# resources: {}
## Metrics exporter pod Annotation and Labels
# podAnnotations: {}
# podLabels: {}
service:
type: ClusterIP
## Use serviceLoadBalancerIP to request a specific static IP,
## otherwise leave blank
# loadBalancerIP:
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9205"
labels: {}