From 01e0618e4fb664d0112aaf86c581020b39e37c77 Mon Sep 17 00:00:00 2001 From: Philip Haupt <“der.mad.mob@gmail.com”> Date: Tue, 2 Sep 2025 23:45:04 +0200 Subject: [PATCH] nextcloud helm update --- nextcloud/main.yaml | 67 +++++++++++++++----------------- nextcloud/src/kustomization.yaml | 2 +- nextcloud/src/values.yaml | 38 +++++++++++++++--- 3 files changed, 66 insertions(+), 41 deletions(-) diff --git a/nextcloud/main.yaml b/nextcloud/main.yaml index 768fadc..d3cef52 100644 --- a/nextcloud/main.yaml +++ b/nextcloud/main.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 16.3.0 - helm.sh/chart: postgresql-15.5.0 + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 name: nextcloud-postgresql namespace: nextcloud --- @@ -35,8 +35,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 16.3.0 - helm.sh/chart: postgresql-15.5.0 + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 name: nextcloud-postgresql namespace: nextcloud spec: @@ -55,15 +55,13 @@ spec: apiVersion: v1 kind: Service metadata: - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 16.3.0 - helm.sh/chart: postgresql-15.5.0 + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 name: nextcloud-postgresql-hl namespace: nextcloud spec: @@ -87,8 +85,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud - app.kubernetes.io/version: 30.0.6 - helm.sh/chart: nextcloud-6.6.9 + app.kubernetes.io/version: 31.0.8 + helm.sh/chart: nextcloud-7.0.2 name: nextcloud spec: ports: @@ -135,8 +133,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud - app.kubernetes.io/version: 30.0.6 - helm.sh/chart: nextcloud-6.6.9 + app.kubernetes.io/version: 31.0.8 + helm.sh/chart: nextcloud-7.0.2 name: nextcloud-nextcloud spec: accessModes: @@ -154,8 +152,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud - app.kubernetes.io/version: 30.0.6 - helm.sh/chart: nextcloud-6.6.9 + app.kubernetes.io/version: 31.0.8 + helm.sh/chart: nextcloud-7.0.2 name: nextcloud spec: replicas: 1 @@ -332,7 +330,7 @@ spec: name: nextcloud - name: POSTGRES_HOST value: nextcloud-postgresql - image: docker.io/bitnami/postgresql:16.6.0-debian-12-r2 + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 name: postgresql-isready resources: {} securityContext: {} @@ -445,8 +443,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 16.3.0 - helm.sh/chart: postgresql-15.5.0 + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 name: nextcloud-postgresql namespace: nextcloud spec: @@ -464,8 +462,8 @@ spec: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 16.3.0 - helm.sh/chart: postgresql-15.5.0 + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 name: nextcloud-postgresql spec: affinity: @@ -494,16 +492,10 @@ spec: value: /bitnami/postgresql/data - name: POSTGRES_USER value: oc_philiph - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: db-pass - name: nextcloud - - name: POSTGRES_POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: postgres-password - name: nextcloud + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/db-pass + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password - name: POSTGRES_DATABASE value: nextcloud - name: POSTGRESQL_ENABLE_LDAP @@ -522,7 +514,7 @@ spec: value: error - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES value: pgaudit - image: docker.io/bitnami/postgresql:16.6.0-debian-12-r2 + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 imagePullPolicy: IfNotPresent livenessProbe: exec: @@ -557,7 +549,7 @@ spec: resources: limits: cpu: 150m - ephemeral-storage: 1024Mi + ephemeral-storage: 2Gi memory: 192Mi requests: cpu: 100m @@ -586,6 +578,8 @@ spec: - mountPath: /opt/bitnami/postgresql/tmp name: empty-dir subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password - mountPath: /dev/shm name: dshm - mountPath: /bitnami/postgresql @@ -601,6 +595,9 @@ spec: volumes: - emptyDir: {} name: empty-dir + - name: postgresql-password + secret: + secretName: nextcloud - emptyDir: medium: Memory name: dshm @@ -628,8 +625,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 16.3.0 - helm.sh/chart: postgresql-15.5.0 + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 name: nextcloud-postgresql namespace: nextcloud spec: @@ -648,8 +645,8 @@ metadata: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 16.3.0 - helm.sh/chart: postgresql-15.5.0 + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 name: nextcloud-postgresql namespace: nextcloud spec: diff --git a/nextcloud/src/kustomization.yaml b/nextcloud/src/kustomization.yaml index 42f5328..83a143d 100644 --- a/nextcloud/src/kustomization.yaml +++ b/nextcloud/src/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization helmCharts: - name: nextcloud repo: https://nextcloud.github.io/helm/ - version: 6.6.9 + version: 7.0.2 releaseName: nextcloud includeCRDs: true namespace: nextcloud diff --git a/nextcloud/src/values.yaml b/nextcloud/src/values.yaml index ec05823..29e4fbe 100644 --- a/nextcloud/src/values.yaml +++ b/nextcloud/src/values.yaml @@ -1,11 +1,10 @@ -## Official nextcloud image version ## ref: https://hub.docker.com/r/library/nextcloud/tags/ ## image: repository: nextcloud flavor: apache # default is generated by flavor and appVersion - tag: 31.0.8-apache + tag: pullPolicy: IfNotPresent # pullSecrets: # - myRegistrKeySecretName @@ -79,7 +78,7 @@ nextcloud: password: changeme ## Use an existing secret existingSecret: - enabled: false + enabled: true # secretName: nameofsecret usernameKey: nextcloud-username passwordKey: nextcloud-password @@ -347,12 +346,19 @@ nginx: "Strict-Transport-Security": "" "Referrer-Policy": "no-referrer" "X-Content-Type-Options": "nosniff" - "X-Download-Options": "noopen" "X-Frame-Options": "SAMEORIGIN" "X-Permitted-Cross-Domain-Policies": "none" "X-Robots-Tag": "noindex, nofollow" "X-XSS-Protection": "1; mode=block" + # Added in server block of default config. + serverBlockCustom: | + # set max upload size + client_max_body_size 10G; + client_body_timeout 300s; + fastcgi_buffers 64 4K; + fastcgi_read_timeout 3600s; + custom: # custom: |- # worker_processes 1;.. @@ -778,10 +784,11 @@ metrics: # Optional: becomes NEXTCLOUD_INFO_APPS env var in the nextcloud-exporter container. # Enables gathering of apps-related metrics. Defaults to false apps: false + update: false image: repository: xperimental/nextcloud-exporter - tag: 0.6.2 + tag: 0.8.0 pullPolicy: IfNotPresent # pullSecrets: # - myRegistrKeySecretName @@ -863,6 +870,27 @@ metrics: ## labels: {} + rules: + # -- Deploy Prometheus Rules (Alerts) for the exporter + # @section -- Metrics + enabled: false + # -- Label on Prometheus Rules CRD Manifest + # @section -- Metrics + labels: {} + defaults: + # -- Add Default Rules + # @section -- Metrics + enabled: true + # -- Label on the rules (the severity is already set) + # @section -- Metrics + labels: {} + # -- Filter on metrics on alerts (default just for this helm-chart) + # @section -- Metrics + filter: "" + # -- Add own Rules to Prometheus Rules + # @section -- Metrics + additionalRules: [] + rbac: enabled: false