Commit new Chart releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
parent
6fbddb1eb3
commit
7463e93bd1
|
@ -1,9 +0,0 @@
|
|||
|
||||
|
||||
## [prometheus-7.0.54](https://github.com/truecharts/charts/compare/prometheus-7.0.53...prometheus-7.0.54) (2023-02-14)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/thanos to 0.30.2
|
||||
|
||||
|
|
@ -4,6 +4,15 @@
|
|||
|
||||
|
||||
|
||||
## [prometheus-7.0.55](https://github.com/truecharts/charts/compare/prometheus-7.0.54...prometheus-7.0.55) (2023-02-15)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/alertmanager to 0.25.0
|
||||
|
||||
|
||||
|
||||
|
||||
## [prometheus-7.0.54](https://github.com/truecharts/charts/compare/prometheus-7.0.53...prometheus-7.0.54) (2023-02-14)
|
||||
|
||||
### Chore
|
||||
|
@ -88,12 +97,3 @@
|
|||
|
||||
|
||||
|
||||
|
||||
## [prometheus-7.0.45](https://github.com/truecharts/charts/compare/prometheus-7.0.44...prometheus-7.0.45) (2023-01-24)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/alertmanager to 0.25.0
|
||||
- update container image tccr.io/truecharts/thanos to 0.30.1
|
||||
- update container image tccr.io/truecharts/prometheus to 2.41.0
|
||||
|
|
@ -30,7 +30,7 @@ sources:
|
|||
- https://github.com/prometheus-community/helm-charts
|
||||
- https://github.com/prometheus-operator/kube-prometheus
|
||||
type: application
|
||||
version: 7.0.54
|
||||
version: 7.0.55
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- metrics
|
|
@ -0,0 +1,9 @@
|
|||
|
||||
|
||||
## [prometheus-7.0.55](https://github.com/truecharts/charts/compare/prometheus-7.0.54...prometheus-7.0.55) (2023-02-15)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/alertmanager to 0.25.0
|
||||
|
||||
|
|
@ -8,7 +8,7 @@ thanosImage:
|
|||
|
||||
alertmanagerImage:
|
||||
repository: tccr.io/truecharts/alertmanager
|
||||
tag: 0.25.0@sha256:8683a2dc95a193518575ae95a5048b99682de6d8d4abb1caf732d3ce4c8e622d
|
||||
tag: 0.25.0@sha256:099e1971a4f8aaa95a8096bb849b69cf5e08022efaad603ccdfc40c939e02d69
|
||||
|
||||
global:
|
||||
labels: {}
|
|
@ -0,0 +1,99 @@
|
|||
**Important:**
|
||||
*for the complete changelog, please refer to the website*
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.47](https://github.com/truecharts/charts/compare/nextcloud-19.0.46...nextcloud-19.0.47) (2023-02-15)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/nginx-unprivileged to 1.23.3
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.46](https://github.com/truecharts/charts/compare/nextcloud-19.0.45...nextcloud-19.0.46) (2023-02-10)
|
||||
|
||||
### Fix
|
||||
|
||||
- ensure new helm deps repo is used in latest releases as well.
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.45](https://github.com/truecharts/charts/compare/nextcloud-19.0.44...nextcloud-19.0.45) (2023-02-03)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/nginx-unprivileged to 1.23.3
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.44](https://github.com/truecharts/charts/compare/nextcloud-19.0.43...nextcloud-19.0.44) (2023-01-31)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.43](https://github.com/truecharts/charts/compare/nextcloud-19.0.42...nextcloud-19.0.43) (2023-01-24)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major ([#6689](https://github.com/truecharts/charts/issues/6689))
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.42](https://github.com/truecharts/charts/compare/nextcloud-19.0.41...nextcloud-19.0.42) (2023-01-24)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/nginx-unprivileged to 1.23.3
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.41](https://github.com/truecharts/charts/compare/nextcloud-19.0.40...nextcloud-19.0.41) (2023-01-23)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.40](https://github.com/truecharts/charts/compare/nextcloud-19.0.39...nextcloud-19.0.40) (2023-01-18)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/nginx-unprivileged to 1.23.3
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.39](https://github.com/truecharts/charts/compare/nextcloud-19.0.38...nextcloud-19.0.39) (2023-01-17)
|
||||
|
||||
### Chore
|
||||
|
||||
- update helm general non-major ([#6430](https://github.com/truecharts/charts/issues/6430))
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.38](https://github.com/truecharts/charts/compare/nextcloud-19.0.37...nextcloud-19.0.38) (2023-01-14)
|
||||
|
||||
### Fix
|
||||
|
||||
- set correct path to permissions toolkit ([#6374](https://github.com/truecharts/charts/issues/6374))
|
||||
|
||||
|
||||
|
||||
|
||||
## [nextcloud-19.0.37](https://github.com/truecharts/charts/compare/nextcloud-19.0.36...nextcloud-19.0.37) (2023-01-07)
|
||||
|
||||
### Chore
|
|
@ -0,0 +1,45 @@
|
|||
apiVersion: v2
|
||||
appVersion: "25.0.2"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 11.1.2
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: https://deps.truecharts.org/
|
||||
version: 11.0.22
|
||||
- condition: collabora.enabled
|
||||
name: collabora-online
|
||||
repository: https://deps.truecharts.org/
|
||||
version: 14.0.15
|
||||
- condition: redis.enabled
|
||||
name: redis
|
||||
repository: https://deps.truecharts.org
|
||||
version: 5.0.29
|
||||
deprecated: false
|
||||
description: A private cloud server that puts the control and security of your own data back into your hands.
|
||||
home: https://truecharts.org/charts/stable/nextcloud
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/nextcloud.png
|
||||
keywords:
|
||||
- nextcloud
|
||||
- storage
|
||||
- http
|
||||
- web
|
||||
- php
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: nextcloud
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/stable/nextcloud
|
||||
- https://github.com/nextcloud/docker
|
||||
- https://github.com/nextcloud/helm
|
||||
type: application
|
||||
version: 19.0.47
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- cloud
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
|
@ -0,0 +1,27 @@
|
|||
# README
|
||||
|
||||
## General Info
|
||||
|
||||
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
||||
However only installations using the TrueNAS SCALE Apps system are supported.
|
||||
|
||||
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
|
||||
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
|
||||
- See the [Website](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
|
||||
|
||||
---
|
||||
|
||||
## Sponsor TrueCharts
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||
|
||||
*All Rights Reserved - The TrueCharts Project*
|
|
@ -0,0 +1,9 @@
|
|||
|
||||
|
||||
## [nextcloud-19.0.47](https://github.com/truecharts/charts/compare/nextcloud-19.0.46...nextcloud-19.0.47) (2023-02-15)
|
||||
|
||||
### Chore
|
||||
|
||||
- update container image tccr.io/truecharts/nginx-unprivileged to 1.23.3
|
||||
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
A private cloud server that puts the control and security of your own data back into your hands.
|
||||
|
||||
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/stable/nextcloud](https://truecharts.org/charts/stable/nextcloud)
|
||||
|
||||
---
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,445 @@
|
|||
image:
|
||||
repository: tccr.io/truecharts/nextcloud-fpm
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 25.0.2@sha256:59e6d2be5139cdeb030a095fb92b97e01d7d53071dc34b487956065a385d3a32
|
||||
|
||||
nginxImage:
|
||||
repository: tccr.io/truecharts/nginx-unprivileged
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.23.3@sha256:45fe44da116dbb54245d4a461d498371ddac4960c2f0a45aff80a745d332c44a
|
||||
|
||||
imaginaryImage:
|
||||
repository: h2non/imaginary
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 1.2.4@sha256:7facb4221047a5e79b9e902f380247f4e5bf4376400d0badbeb738d3e1c2f654
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: false
|
||||
runAsNonRoot: false
|
||||
|
||||
podSecurityContext:
|
||||
runAsUser: 0
|
||||
runAsGroup: 0
|
||||
fsGroup: 33
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
port: 10020
|
||||
targetPort: 8080
|
||||
backend:
|
||||
enabled: true
|
||||
ports:
|
||||
hpb:
|
||||
enabled: true
|
||||
port: 7867
|
||||
targetPort: 7867
|
||||
hpb-metrics:
|
||||
enabled: true
|
||||
port: 7868
|
||||
targetPort: 7868
|
||||
fpm:
|
||||
enabled: true
|
||||
port: 9000
|
||||
targetPort: 9000
|
||||
imaginary:
|
||||
enabled: true
|
||||
port: 9090
|
||||
targetPort: 9090
|
||||
|
||||
hostAliases:
|
||||
- ip: '{{ .Values.env.AccessIP | default "127.0.0.1" }}'
|
||||
hostnames:
|
||||
- "{{ if .Values.ingress.main.enabled }}{{ with (first .Values.ingress.main.hosts) }}{{ .host }}{{ end }}{{ else }}placeholder.fakedomain.dns{{ end }}"
|
||||
|
||||
secretEnv:
|
||||
NEXTCLOUD_ADMIN_USER: "admin"
|
||||
NEXTCLOUD_ADMIN_PASSWORD: "adminpass"
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
custom: true
|
||||
spec:
|
||||
initialDelaySeconds: 25
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 8080
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
|
||||
readiness:
|
||||
custom: true
|
||||
spec:
|
||||
initialDelaySeconds: 25
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 8080
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
|
||||
startup:
|
||||
custom: true
|
||||
spec:
|
||||
initialDelaySeconds: 25
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 8080
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
|
||||
initContainers:
|
||||
prestart:
|
||||
image: "{{ .Values.alpineImage.repository }}:{{ .Values.alpineImage.tag }}"
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
runAsGroup: 0
|
||||
command:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
- |
|
||||
/bin/sh <<'EOF'
|
||||
echo "Forcing permissions on userdata folder..."
|
||||
echo "Trying to override ownship using nfs4xdr_winacl..."
|
||||
/usr/sbin/nfs4xdr_winacl -a chown -G 33 -c '/var/www/html/data' -p '/var/www/html/data' || echo "Failed setting ownership..."
|
||||
chmod 770 /var/www/html/data || echo "Failed to chmod..."
|
||||
EOF
|
||||
|
||||
volumeMounts:
|
||||
- name: data
|
||||
mountPath: "/var/www/html/data"
|
||||
- name: html
|
||||
mountPath: "/var/www/html"
|
||||
|
||||
env:
|
||||
# IP used for exposing nextcloud
|
||||
# Often the service or nodePort IP
|
||||
# Defaults to the main serviceName for CI purposes.
|
||||
AccessIP:
|
||||
NEXTCLOUD_INIT_HTACCESS: true
|
||||
PHP_MEMORY_LIMIT: 1G
|
||||
PHP_UPLOAD_LIMIT: 10G
|
||||
NEXTCLOUD_CHUNKSIZE: "31457280"
|
||||
TRUSTED_PROXIES: "172.16.0.0/16 127.0.0.1"
|
||||
POSTGRES_DB: "{{ .Values.postgresql.postgresqlDatabase }}"
|
||||
POSTGRES_USER: "{{ .Values.postgresql.postgresqlUsername }}"
|
||||
NC_check_data_directory_permissions: "true"
|
||||
POSTGRES_PASSWORD:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: postgresql-password
|
||||
POSTGRES_HOST:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: plainporthost
|
||||
REDIS_HOST:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: plainhost
|
||||
REDIS_HOST_PASSWORD:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: redis-password
|
||||
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: nextcloudconfig
|
||||
|
||||
persistence:
|
||||
html:
|
||||
enabled: true
|
||||
mountPath: "/var/www/html"
|
||||
data:
|
||||
enabled: true
|
||||
mountPath: "/var/www/html/data"
|
||||
varrun:
|
||||
enabled: true
|
||||
cache:
|
||||
enabled: true
|
||||
type: emptyDir
|
||||
mountPath: /var/cache/nginx
|
||||
medium: Memory
|
||||
nginx:
|
||||
enabled: "true"
|
||||
mountPath: "/etc/nginx"
|
||||
noMount: true
|
||||
readOnly: true
|
||||
type: "custom"
|
||||
volumeSpec:
|
||||
configMap:
|
||||
name: '{{ include "tc.common.names.fullname" . }}-nginx'
|
||||
items:
|
||||
- key: nginx.conf
|
||||
path: nginx.conf
|
||||
|
||||
configmap:
|
||||
nginx:
|
||||
enabled: true
|
||||
data:
|
||||
nginx.conf: |-
|
||||
worker_processes auto;
|
||||
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
# Prevent nginx HTTP Server Detection
|
||||
server_tokens off;
|
||||
|
||||
keepalive_timeout 65;
|
||||
|
||||
#gzip on;
|
||||
|
||||
upstream php-handler {
|
||||
server 127.0.0.1:9000;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 8080;
|
||||
absolute_redirect off;
|
||||
|
||||
# Forward Notify_Push "High Performance Backend" to it's own container
|
||||
location ^~ /push/ {
|
||||
proxy_pass http://127.0.0.1:7867/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
# HSTS settings
|
||||
# WARNING: Only add the preload option once you read about
|
||||
# the consequences in https://hstspreload.org/. This option
|
||||
# will add the domain to a hardcoded list that is shipped
|
||||
# in all major browsers and getting removed from this list
|
||||
# could take several months.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
|
||||
# set max upload size
|
||||
client_max_body_size {{ .Values.env.PHP_UPLOAD_LIMIT | default "512M" }};
|
||||
fastcgi_buffers 64 4K;
|
||||
|
||||
# Enable gzip but do not remove ETag headers
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 4;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
|
||||
# Pagespeed is not supported by Nextcloud, so if your server is built
|
||||
# with the `ngx_pagespeed` module, uncomment this line to disable it.
|
||||
#pagespeed off;
|
||||
|
||||
# HTTP response headers borrowed from Nextcloud `.htaccess`
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Download-Options "noopen" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "none" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
# Remove X-Powered-By, which is an information leak
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
|
||||
# Path to the root of your installation
|
||||
root /var/www/html;
|
||||
|
||||
# Specify how to handle directories -- specifying `/index.php$request_uri`
|
||||
# here as the fallback means that Nginx always exhibits the desired behaviour
|
||||
# when a client requests a path that corresponds to a directory that exists
|
||||
# on the server. In particular, if that directory contains an index.php file,
|
||||
# that file is correctly served; if it doesn't, then the request is passed to
|
||||
# the front-end controller. This consistent behaviour means that we don't need
|
||||
# to specify custom rules for certain paths (e.g. images and other assets,
|
||||
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
|
||||
# `try_files $uri $uri/ /index.php$request_uri`
|
||||
# always provides the desired behaviour.
|
||||
index index.php index.html /index.php$request_uri;
|
||||
|
||||
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
|
||||
location = / {
|
||||
if ( $http_user_agent ~ ^DavClnt ) {
|
||||
return 302 /remote.php/webdav/$is_args$args;
|
||||
}
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# Make a regex exception for `/.well-known` so that clients can still
|
||||
# access it despite the existence of the regex rule
|
||||
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
|
||||
# for `/.well-known`.
|
||||
location ^~ /.well-known {
|
||||
# The rules in this block are an adaptation of the rules
|
||||
# in `.htaccess` that concern `/.well-known`.
|
||||
|
||||
location = /.well-known/carddav { return 301 /remote.php/dav/; }
|
||||
location = /.well-known/caldav { return 301 /remote.php/dav/; }
|
||||
|
||||
# according to the documentation these two lines are not necessary, but some users are still recieving errors
|
||||
location = /.well-known/webfinger { return 301 /index.php$uri; }
|
||||
location = /.well-known/nodeinfo { return 301 /index.php$uri; }
|
||||
|
||||
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
|
||||
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
|
||||
|
||||
# Let Nextcloud's API for `/.well-known` URIs handle all other
|
||||
# requests by passing them to the front-end controller.
|
||||
return 301 /index.php$request_uri;
|
||||
}
|
||||
|
||||
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
|
||||
|
||||
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
|
||||
# which handle static assets (as seen below). If this block is not declared first,
|
||||
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
|
||||
# to the URI, resulting in a HTTP 500 error response.
|
||||
location ~ \.php(?:$|/) {
|
||||
# Required for legacy support
|
||||
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
|
||||
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
set $path_info $fastcgi_path_info;
|
||||
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
#fastcgi_param HTTPS on;
|
||||
|
||||
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
|
||||
fastcgi_param front_controller_active true; # Enable pretty urls
|
||||
fastcgi_pass php-handler;
|
||||
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
|
||||
proxy_send_timeout 300s;
|
||||
proxy_read_timeout 300s;
|
||||
fastcgi_send_timeout 300s;
|
||||
fastcgi_read_timeout 300s;
|
||||
}
|
||||
|
||||
location ~ \.(?:css|js|svg|gif)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 6M; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
location ~ \.woff2?$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
expires 7d; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
# Rule borrowed from `.htaccess`
|
||||
location /remote {
|
||||
return 301 /remote.php$request_uri;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$request_uri;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
cronjob:
|
||||
enabled: true
|
||||
generatePreviews: true
|
||||
schedule: "*/5 * * * *"
|
||||
annotations: {}
|
||||
failedJobsHistoryLimit: 5
|
||||
successfulJobsHistoryLimit: 2
|
||||
|
||||
hpb:
|
||||
enabled: true
|
||||
|
||||
nextcloud:
|
||||
# https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2#Officially_assigned_code_elements
|
||||
default_phone_region: ""
|
||||
|
||||
imaginary:
|
||||
enabled: true
|
||||
preview_max_x: 2048
|
||||
preview_max_y: 2048
|
||||
preview_max_memory: 512
|
||||
preview_max_filesize_image: 150
|
||||
preview_png: true
|
||||
preview_jpeg: true
|
||||
preview_gif: true
|
||||
preview_bmp: true
|
||||
preview_xbitmap: true
|
||||
preview_mp3: true
|
||||
preview_markdown: true
|
||||
preview_opendoc: true
|
||||
preview_txt: true
|
||||
preview_krita: true
|
||||
preview_illustrator: false
|
||||
preview_heic: false
|
||||
preview_movie: false
|
||||
preview_msoffice2003: false
|
||||
preview_msoffice2007: false
|
||||
preview_msofficedoc: false
|
||||
preview_pdf: false
|
||||
preview_photoshop: false
|
||||
preview_postscript: false
|
||||
preview_staroffice: false
|
||||
preview_svg: false
|
||||
preview_tiff: false
|
||||
preview_font: false
|
||||
|
||||
collabora:
|
||||
enabled: false
|
||||
env:
|
||||
aliasgroup1:
|
||||
configMapRef:
|
||||
name: nextcloudconfig
|
||||
key: aliasgroup1
|
||||
dictionaries: "de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru"
|
||||
extra_params: "--o:welcome.enable=false --o:logging.level=information --o:user_interface.mode=notebookbar --o:ssl.termination=true --o:ssl.enable=false "
|
||||
server_name: ""
|
||||
DONT_GEN_SSL_CERT: true
|
||||
|
||||
postgresql:
|
||||
enabled: true
|
||||
existingSecret: "dbcreds"
|
||||
postgresqlUsername: nextcloud
|
||||
postgresqlDatabase: nextcloud
|
||||
|
||||
redis:
|
||||
enabled: true
|
||||
existingSecret: "rediscreds"
|
||||
|
||||
portal:
|
||||
enabled: true
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,36 @@
|
|||
{{/* Define the configmap */}}
|
||||
{{- define "nextcloud.configmap" -}}
|
||||
|
||||
{{- $hosts := "" }}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{- range .Values.ingress }}
|
||||
{{- range $index, $host := .hosts }}
|
||||
{{- if $index }}
|
||||
{{ $hosts = ( printf "%v %v" $hosts $host.host ) }}
|
||||
{{- else }}
|
||||
{{ $hosts = ( printf "%s" $host.host ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: nextcloudconfig
|
||||
data:
|
||||
{{- $aliasgroup1 := ( printf "http://%s" ( .Values.env.AccessIP | default ( printf "%v-%v" .Release.Name "nextcloud" ) ) ) }}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{- with (first .Values.ingress.main.hosts) }}
|
||||
{{- $aliasgroup1 = ( printf "https://%s" .host ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
aliasgroup1: {{ $aliasgroup1 }}
|
||||
NEXTCLOUD_TRUSTED_DOMAINS: {{ ( printf "%v %v %v %v %v %v %v %v" "test.fakedomain.dns" "localhost" "127.0.0.1" ( printf "%v:%v" "127.0.0.1" .Values.service.main.ports.main.port ) ( .Values.env.AccessIP | default "localhost" ) ( printf "%v-%v" .Release.Name "nextcloud" ) ( printf "%v-%v" .Release.Name "nextcloud-backend" ) $hosts ) | quote }}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
APACHE_DISABLE_REWRITE_IP: "1"
|
||||
{{- end }}
|
||||
|
||||
{{- end -}}
|
|
@ -0,0 +1,64 @@
|
|||
{{/* Define the cronjob */}}
|
||||
{{- define "nextcloud.cronjob" -}}
|
||||
{{- if .Values.cronjob.enabled -}}
|
||||
{{- $jobName := include "tc.common.names.fullname" . }}
|
||||
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: {{ printf "%s-cronjob" $jobName }}
|
||||
labels:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
spec:
|
||||
schedule: "{{ .Values.cronjob.schedule }}"
|
||||
concurrencyPolicy: Forbid
|
||||
{{- with .Values.cronjob.failedJobsHistoryLimit }}
|
||||
failedJobsHistoryLimit: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.cronjob.successfulJobsHistoryLimit }}
|
||||
successfulJobsHistoryLimit: {{ . }}
|
||||
{{- end }}
|
||||
jobTemplate:
|
||||
metadata:
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
spec:
|
||||
restartPolicy: Never
|
||||
{{- with (include "tc.common.controller.volumes" . | trim) }}
|
||||
volumes:
|
||||
{{- nindent 12 . }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}
|
||||
image: '{{ include "tc.common.images.selector" . }}'
|
||||
imagePullPolicy: {{ default .Values.image.pullPolicy }}
|
||||
command:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
- |
|
||||
/bin/bash <<'EOF'
|
||||
echo "running nextcloud cronjob..."
|
||||
php -f /var/www/html/cron.php
|
||||
echo "cronjob finished"
|
||||
{{- if .Values.cronjob.generatePreviews }}
|
||||
echo "Pre-generating Previews..."
|
||||
php /var/www/html/occ preview:pre-generate
|
||||
echo "Previews generated."
|
||||
{{- end }}
|
||||
EOF
|
||||
# Will mount configuration files as www-data (id: 33) by default for nextcloud
|
||||
{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
|
||||
volumeMounts:
|
||||
{{ nindent 16 . }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
runAsUser: 33
|
||||
runAsGroup: 33
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
resources:
|
||||
{{ toYaml .Values.resources | indent 16 }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,167 @@
|
|||
{{/* Define the hbp container */}}
|
||||
{{- define "nextcloud.hpb" -}}
|
||||
{{- $jobName := include "tc.common.names.fullname" . }}
|
||||
image: '{{ include "tc.common.images.selector" . }}'
|
||||
imagePullPolicy: '{{ .Values.image.pullPolicy }}'
|
||||
securityContext:
|
||||
runAsUser: 33
|
||||
runAsGroup: 33
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
|
||||
volumeMounts:
|
||||
{{ nindent 2 . }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- containerPort: 7867
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /push/test/cookie
|
||||
port: 7867
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /push/test/cookie
|
||||
port: 7867
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /push/test/cookie
|
||||
port: 7867
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
|
||||
command:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
- |
|
||||
/bin/bash <<'EOF'
|
||||
set -m
|
||||
echo "Waiting for notify_push file to be available..."
|
||||
until [ -f /var/www/html/custom_apps/notify_push/bin/x86_64/notify_push ]
|
||||
do
|
||||
sleep 10
|
||||
echo "Notify_push app not found... waiting..."
|
||||
done
|
||||
echo "Waiting for Nextcloud to start..."
|
||||
until $(curl --output /dev/null --silent --head --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:8080/status.php); do
|
||||
echo "Nextcloud not responding... waiting..."
|
||||
sleep 10
|
||||
done
|
||||
until $(curl --silent --fail -H "Host: test.fakedomain.dns" http://127.0.0.1:8080/status.php | jq --raw-output '.installed' | grep "true"); do
|
||||
echo "Nextcloud not installed... waiting..."
|
||||
sleep 10
|
||||
done
|
||||
echo "Nextcloud instance with Notify_push found... Launching High Performance Backend..."
|
||||
/var/www/html/custom_apps/notify_push/bin/x86_64/notify_push /var/www/html/config/config.php &
|
||||
|
||||
{{- $accessurl := ( printf "http://%v:%v" ( .Values.env.AccessIP | default ( printf "%v-%v" .Release.Name "nextcloud" ) ) .Values.service.main.ports.main.port ) }}
|
||||
{{- if .Values.ingress.main.enabled }}
|
||||
{{- with (first .Values.ingress.main.hosts) }}
|
||||
{{- $accessurl = ( printf "https://%s" .host ) }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
echo "Configuring CLI url..."
|
||||
php /var/www/html/occ config:system:set overwrite.cli.url --value='{{ $accessurl }}/'
|
||||
|
||||
echo "Executing standard nextcloud version migration scripts to ensure they are actually ran..."
|
||||
php /var/www/html/occ db:add-missing-indices
|
||||
|
||||
{{- if .Values.imaginary.enabled }}
|
||||
echo "Imaginary High Performance Previews enabled, enabling it on Nextcloud..."
|
||||
php /var/www/html/occ config:system:set preview_imaginary_url --value='http://127.0.0.1:9090'
|
||||
php /var/www/html/occ config:system:set preview_max_x --value='{{ .Values.imaginary.preview_max_x }}'
|
||||
php /var/www/html/occ config:system:set preview_max_y --value='{{ .Values.imaginary.preview_max_y }}'
|
||||
php /var/www/html/occ config:system:set preview_max_memory --value='{{ .Values.imaginary.preview_max_memory }}'
|
||||
php /var/www/html/occ config:system:set preview_max_filesize_image --value='{{ .Values.imaginary.preview_max_filesize_image }}'
|
||||
# Remove all preview providers and re-add only selected
|
||||
php /var/www/html/occ config:system:delete enabledPreviewProviders
|
||||
# Add imaginary always
|
||||
{{ $c := 0 }} # Initialize counter
|
||||
php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\Imaginary'{{ $c = add1 $c }}
|
||||
{{ if .Values.imaginary.preview_png }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\PNG'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_jpeg }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\JPEG'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_gif }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\GIF'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_bmp }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\BMP'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_xbitmap }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\XBitmap'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_mp3 }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\MP3'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_markdown }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\MarkDown'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_opendoc }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\OpenDocument'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_txt }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\TXT'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_krita }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\Krita'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_illustrator }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\Illustrator'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_heic }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\HEIC'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_movie }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\Movie'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_msoffice2003 }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\MSOffice2003'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_msoffice2007 }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\MSOffice2007'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_msofficedoc }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\MSOfficeDoc'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_pdf }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\PDF'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_photoshop }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\Photoshop'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_postscript }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\Postscript'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_staroffice }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\StarOffice'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_svg }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\SVG'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_tiff }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\TIFF'{{ $c = add1 $c }}{{ end }}
|
||||
{{ if .Values.imaginary.preview_font }}php /var/www/html/occ config:system:set enabledPreviewProviders {{ $c }} --value='OC\Preview\Font'{{ $c = add1 $c }}{{ end }}
|
||||
{{- end }}
|
||||
|
||||
# Set default phone region
|
||||
{{- with .Values.nextcloud.default_phone_region | upper }}
|
||||
php /var/www/html/occ config:system:set default_phone_region --value='{{ . }}'
|
||||
{{- end }}
|
||||
|
||||
echo "Configuring High Performance Backend for url: {{ $accessurl }}"
|
||||
php /var/www/html/occ config:app:set notify_push base_endpoint --value='{{ $accessurl }}/push'
|
||||
fg
|
||||
EOF
|
||||
env:
|
||||
- name: NEXTCLOUD_URL
|
||||
value: 'http://127.0.0.1:8080'
|
||||
- name: METRICS_PORT
|
||||
value: '7868'
|
||||
- name: TRUSTED_PROXIES
|
||||
value: "{{ .Values.env.TRUSTED_PROXIES }}"
|
||||
- name: POSTGRES_DB
|
||||
value: "{{ .Values.postgresql.postgresqlDatabase }}"
|
||||
- name: POSTGRES_USER
|
||||
value: "{{ .Values.postgresql.postgresqlUsername }}"
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: postgresql-password
|
||||
- name: POSTGRES_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dbcreds
|
||||
key: plainporthost
|
||||
- name: REDIS_HOST
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: plainhost
|
||||
- name: REDIS_HOST_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: rediscreds
|
||||
key: redis-password
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: nextcloudconfig
|
||||
{{- end -}}
|
|
@ -0,0 +1,40 @@
|
|||
{{/* Define the imaginary container */}}
|
||||
{{- define "nextcloud.imaginary" -}}
|
||||
image: {{ .Values.imaginaryImage.repository }}:{{ .Values.imaginaryImage.tag }}
|
||||
imagePullPolicy: '{{ .Values.image.pullPolicy }}'
|
||||
securityContext:
|
||||
runAsUser: 33
|
||||
runAsGroup: 33
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
ports:
|
||||
- containerPort: 9090
|
||||
args: ["-enable-url-source"]
|
||||
env:
|
||||
- name: 'PORT'
|
||||
value: '9090'
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 9090
|
||||
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 9090
|
||||
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
port: 9090
|
||||
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,54 @@
|
|||
{{/* Define the nginx container */}}
|
||||
{{- define "nextcloud.nginx" -}}
|
||||
image: {{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}
|
||||
imagePullPolicy: '{{ .Values.image.pullPolicy }}'
|
||||
securityContext:
|
||||
runAsUser: 33
|
||||
runAsGroup: 33
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
{{- with (include "tc.common.controller.volumeMounts" . | trim) }}
|
||||
volumeMounts:
|
||||
{{ nindent 2 . }}
|
||||
{{- end }}
|
||||
- mountPath: /etc/nginx/nginx.conf
|
||||
name: nginx
|
||||
readOnly: true
|
||||
subPath: nginx.conf
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /robots.txt
|
||||
port: 8080
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: {{ .Values.probes.readiness.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.readiness.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.readiness.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.readiness.spec.failureThreshold }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /robots.txt
|
||||
port: 8080
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: {{ .Values.probes.liveness.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.liveness.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.liveness.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.liveness.spec.failureThreshold }}
|
||||
startupProbe:
|
||||
httpGet:
|
||||
path: /robots.txt
|
||||
port: 8080
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: "test.fakedomain.dns"
|
||||
initialDelaySeconds: {{ .Values.probes.startup.spec.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.probes.startup.spec.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.probes.startup.spec.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.probes.startup.spec.failureThreshold }}
|
||||
{{- end -}}
|
|
@ -0,0 +1,22 @@
|
|||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "tc.common.loader.init" . }}
|
||||
|
||||
{{/* Render configmap for nextcloud */}}
|
||||
{{- include "nextcloud.configmap" . }}
|
||||
|
||||
{{- $newMiddlewares := append .Values.ingress.main.fixedMiddlewares "tc-nextcloud-chain" }}
|
||||
{{- $_ := set .Values.ingress.main "fixedMiddlewares" $newMiddlewares -}}
|
||||
|
||||
{{- $_ := set .Values.additionalContainers "nginx" (include "nextcloud.nginx" . | fromYaml) -}}
|
||||
{{- if .Values.imaginary.enabled -}}
|
||||
{{- $_ := set .Values.additionalContainers "imaginary" (include "nextcloud.imaginary" . | fromYaml) -}}
|
||||
{{- end -}}
|
||||
{{- if .Values.hpb.enabled -}}
|
||||
{{- $_ := set .Values.additionalContainers "hpb" (include "nextcloud.hpb" . | fromYaml) -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "tc.common.loader.apply" . }}
|
||||
|
||||
{{/* Render cronjob for nextcloud */}}
|
||||
{{- include "nextcloud.cronjob" . }}
|
Loading…
Reference in New Issue