nextcloud update

nextcloud/main.yaml

@@ -86,7 +86,7 @@ metadata:
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: nextcloud
     app.kubernetes.io/version: 31.0.8
-    helm.sh/chart: nextcloud-7.0.2
+    helm.sh/chart: nextcloud-8.0.1
   name: nextcloud
 spec:
   ports:
@@ -134,7 +134,7 @@ metadata:
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: nextcloud
     app.kubernetes.io/version: 31.0.8
-    helm.sh/chart: nextcloud-7.0.2
+    helm.sh/chart: nextcloud-8.0.1
   name: nextcloud-nextcloud
 spec:
   accessModes:
@@ -153,7 +153,7 @@ metadata:
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/name: nextcloud
     app.kubernetes.io/version: 31.0.8
-    helm.sh/chart: nextcloud-7.0.2
+    helm.sh/chart: nextcloud-8.0.1
   name: nextcloud
 spec:
   replicas: 1

nextcloud/src/kustomization.yaml

@@ -5,7 +5,7 @@ kind: Kustomization
 helmCharts:
   - name: nextcloud
     repo: https://nextcloud.github.io/helm/
-    version: 7.0.2
+    version: 8.0.1
     releaseName: nextcloud
     includeCRDs: true
     namespace: nextcloud

nextcloud/src/values.yaml

@@ -61,12 +61,12 @@ ingress:
   path: /
   pathType: Prefix
 
-
 # Allow configuration of lifecycle hooks
 # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
 lifecycle: {}
-  # postStartCommand: []
+# lifecycle:
-  # preStopCommand: []
+#   postStartCommand: []
+#   preStopCommand: []
 
 phpClientHttpsFix:
   enabled: false
@@ -316,7 +316,6 @@ nextcloud:
     # Set postgresql initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive
     securityContext: {}
 
-
 nginx:
   ## You need to set an fpm version of the image for nextcloud if you want to use nginx!
   enabled: false
@@ -479,6 +478,27 @@ postgresql:
       # existingClaim: ""
       storageClass: openebs-3-replicas
 
+##
+## External Redis configuration
+##
+externalRedis:
+  enabled: false
+
+  ## Redis host
+  host: redis-master.redis.svc.cluster.local
+
+  ## Redis port
+  port: "6379"
+
+  ## Redis password
+  password: ""
+
+  ## Use a existing secret
+  existingSecret:
+    enabled: true
+    secretName: nextcloud
+    passwordKey: redis-pass
+
 ##
 ## Redis chart configuration
 ## for more options see https://github.com/bitnami/charts/tree/main/bitnami/redis
@@ -488,7 +508,7 @@ redis:
   enabled: false
   auth:
     enabled: true
-    password: 'changeme'
+    password: "changeme"
     # name of an existing secret with Redis® credentials (instead of auth.password), must be created ahead of time
     existingSecret: ""
     # Password key to be retrieved from existing secret
@@ -561,13 +581,18 @@ collabora:
   # see collabora helm README.md for recommended values
   resources: {}
 
-
 ## Cronjob to execute Nextcloud background tasks
 ## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron
 ##
 cronjob:
   enabled: true
 
+  # Either 'sidecar' or 'cronjob'
+  type: sidecar
+
+  # Runs crond as a sidecar container in the Nextcloud pod
+  # Note: crond requires root
+  sidecar:
     ## Cronjob sidecar resource requests and limits
     ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
     ##
@@ -576,6 +601,7 @@ cronjob:
     # Allow configuration of lifecycle hooks
     # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
     lifecycle: {}
+    # lifecycle:
     #   postStartCommand: []
     #   preStopCommand: []
     # Set securityContext parameters. For example, you may need to define runAsNonRoot directive
@@ -589,6 +615,59 @@ cronjob:
     command:
       - /cron.sh
 
+  # Uses a Kubernetes CronJob to execute the Nextcloud cron tasks
+  # Note: can run as non-root user. Should run as same user as the Nextcloud pod.
+  cronjob:
+    # Use a CronJob instead of crond sidecar container
+    # crond does not work when not running as root user
+    # Note: requires `persistence.enabled=true`
+    schedule: "*/5 * * * *"
+    successfulJobsHistoryLimit: 3
+    failedJobsHistoryLimit: 5
+    labels: {}
+    annotations: {}
+    backoffLimit: 1
+    affinity: {}
+    # Often RWO volumes are used. But the cronjob pod needs access to the same volume as the nextcloud pod.
+    # Depending on your provider two pods on the same node can still access the same volume.
+    # Following config ensures that the cronjob pod is scheduled on the same node as the nextcloud pod.
+    # affinity:
+    #   podAffinity:
+    #     requiredDuringSchedulingIgnoredDuringExecution:
+    #       - labelSelector:
+    #           matchExpressions:
+    #             - key: app.kubernetes.io/name
+    #               operator: In
+    #               values:
+    #                 - nextcloud
+    #             - key: app.kubernetes.io/component
+    #               operator: In
+    #               values:
+    #                 - app
+    #         topologyKey: kubernetes.io/hostname
+
+    ## Resource requests and limits
+    ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+    ##
+    resources: {}
+    # Allow configuration of lifecycle hooks
+    # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
+    # Set securityContext parameters. For example, you may need to define runAsNonRoot directive
+    securityContext: {}
+    #   runAsUser: 33
+    #   runAsGroup: 33
+    #   runAsNonRoot: true
+    #   readOnlyRootFilesystem: true
+
+    # The command to run in the cronjob container
+    # Example to incerase memory limit: php -d memory_limit=2G ...
+    command:
+      - php
+      - -f
+      - /var/www/html/cron.php
+      - --
+      - --verbose
+
 service:
   type: ClusterIP
   port: 8080
@@ -596,6 +675,10 @@ service:
   nodePort:
   # -- use additional annotation on service for nextcloud
   annotations: {}
+  # -- Set this to "ClientIP" to make sure that connections from the same client
+  # are passed to the same Nextcloud pod each time.
+  sessionAffinity: ""
+  sessionAffinityConfig: {}
 
 ## Enable persistence using Persistent Volume Claims
 ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
@@ -633,16 +716,17 @@ persistence:
     size: 8Gi
 
 resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
+# We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
+# choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+# resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
+# resources:
-  #  cpu: 100m
+#   limits:
-  #  memory: 128Mi
+#    cpu: 100m
-  # requests:
+#    memory: 128Mi
-  #  cpu: 100m
+#   requests:
-  #  memory: 128Mi
+#    cpu: 100m
+#    memory: 128Mi
 
 ## Liveness and readiness probe values
 ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
@@ -669,7 +753,6 @@ startupProbe:
   failureThreshold: 30
   successThreshold: 1
 
-
 ## Enable pod autoscaling using HorizontalPodAutoscaler
 ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
 ##
@@ -891,7 +974,6 @@ metrics:
     # @section -- Metrics
     additionalRules: []
 
-
 rbac:
   enabled: false
   serviceaccount:
@@ -899,7 +981,6 @@ rbac:
     name: nextcloud-serviceaccount
     annotations: {}
 
-
 ## @param securityContext for nextcloud pod @deprecated Use `nextcloud.podSecurityContext` instead
 securityContext: {}