apiVersion: v1 automountServiceAccountToken: false kind: ServiceAccount metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud --- apiVersion: v1 data: aliasgroup1: https://cloud.borninpain.de:443 extra_params: --o:ssl.enable=false --o:ssl.termination=true kind: ConfigMap metadata: annotations: confighash: config-a0251c3c8340b1da71056e3746336992 labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 name: nextcloud-collabora --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: ports: - name: tcp-postgresql nodePort: null port: 5432 targetPort: tcp-postgresql selector: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql sessionAffinity: None type: ClusterIP --- apiVersion: v1 kind: Service metadata: annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql-hl namespace: nextcloud spec: clusterIP: None ports: - name: tcp-postgresql port: 5432 targetPort: tcp-postgresql publishNotReadyAddresses: true selector: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud spec: ports: - name: http port: 8080 protocol: TCP targetPort: 80 selector: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 type: main name: nextcloud-collabora spec: ports: - name: http port: 9980 protocol: TCP targetPort: http selector: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main type: ClusterIP --- apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: helm.sh/resource-policy: keep labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud-nextcloud spec: accessModes: - ReadWriteOnce resources: requests: storage: 25Gi storageClassName: openebs-3-replicas --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud spec: replicas: 0 selector: matchLabels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud strategy: type: Recreate template: metadata: annotations: hooks-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud spec: containers: - env: - name: POSTGRES_HOST value: nextcloud-postgresql - name: POSTGRES_DB value: nextcloud - name: POSTGRES_USER valueFrom: secretKeyRef: key: db-user name: nextcloud - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: db-pass name: nextcloud - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: key: nextcloud-username name: nextcloud - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: key: nextcloud-password name: nextcloud - name: NEXTCLOUD_TRUSTED_DOMAINS value: cloud.borninpain.de - name: NEXTCLOUD_DATA_DIR value: /var/www/html/data image: nextcloud:31.0.5-apache imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: httpHeaders: - name: Host value: cloud.borninpain.de path: /status.php port: 80 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: nextcloud ports: - containerPort: 80 name: http protocol: TCP readinessProbe: failureThreshold: 3 httpGet: httpHeaders: - name: Host value: cloud.borninpain.de path: /status.php port: 80 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: {} volumeMounts: - mountPath: /var/www/ name: nextcloud-main subPath: root - mountPath: /var/www/html name: nextcloud-main subPath: html - mountPath: /var/www/html/data name: nextcloud-main subPath: data - mountPath: /var/www/html/config name: nextcloud-main subPath: config - mountPath: /var/www/html/custom_apps name: nextcloud-main subPath: custom_apps - mountPath: /var/www/tmp name: nextcloud-main subPath: tmp - mountPath: /var/www/html/themes name: nextcloud-main subPath: themes - command: - /cron.sh env: - name: POSTGRES_HOST value: nextcloud-postgresql - name: POSTGRES_DB value: nextcloud - name: POSTGRES_USER valueFrom: secretKeyRef: key: db-user name: nextcloud - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: db-pass name: nextcloud - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: key: nextcloud-username name: nextcloud - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: key: nextcloud-password name: nextcloud - name: NEXTCLOUD_TRUSTED_DOMAINS value: cloud.borninpain.de - name: NEXTCLOUD_DATA_DIR value: /var/www/html/data image: nextcloud:31.0.5-apache imagePullPolicy: IfNotPresent name: nextcloud-cron resources: {} volumeMounts: - mountPath: /var/www/ name: nextcloud-main subPath: root - mountPath: /var/www/html name: nextcloud-main subPath: html - mountPath: /var/www/html/data name: nextcloud-main subPath: data - mountPath: /var/www/html/config name: nextcloud-main subPath: config - mountPath: /var/www/html/custom_apps name: nextcloud-main subPath: custom_apps - mountPath: /var/www/tmp name: nextcloud-main subPath: tmp - mountPath: /var/www/html/themes name: nextcloud-main subPath: themes initContainers: - command: - sh - -c - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done env: - name: POSTGRES_USER valueFrom: secretKeyRef: key: db-user name: nextcloud - name: POSTGRES_HOST value: nextcloud-postgresql image: docker.io/bitnami/postgresql:16.6.0-debian-12-r2 name: postgresql-isready resources: {} securityContext: {} securityContext: fsGroup: 33 volumes: - name: nextcloud-main persistentVolumeClaim: claimName: nextcloud-nextcloud --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 name: nextcloud-collabora spec: minReadySeconds: 0 replicas: 0 selector: matchLabels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: annotations: cluster-autoscaler.kubernetes.io/safe-to-evict: "true" confighash: config-a0251c3c8340b1da71056e3746336992 labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main spec: containers: - env: - name: username valueFrom: secretKeyRef: key: colla-user name: nextcloud - name: password valueFrom: secretKeyRef: key: colla-pass name: nextcloud envFrom: - configMapRef: name: nextcloud-collabora image: collabora/code:24.04.5.2.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 4 httpGet: path: / port: 9980 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 30 name: collabora ports: - containerPort: 9980 name: http protocol: TCP readinessProbe: failureThreshold: 2 httpGet: path: / port: 9980 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 30 resources: {} securityContext: {} startupProbe: failureThreshold: 30 httpGet: path: / port: 9980 scheme: HTTP periodSeconds: 3 volumeMounts: - mountPath: /tmp name: tmp securityContext: {} serviceAccountName: default terminationGracePeriodSeconds: 60 volumes: - emptyDir: {} name: tmp --- apiVersion: apps/v1 kind: StatefulSet metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: replicas: 0 selector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql serviceName: nextcloud-postgresql-hl template: metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql spec: affinity: nodeAffinity: null podAffinity: null podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql topologyKey: kubernetes.io/hostname weight: 1 automountServiceAccountToken: false containers: - env: - name: BITNAMI_DEBUG value: "false" - name: POSTGRESQL_PORT_NUMBER value: "5432" - name: POSTGRESQL_VOLUME_DIR value: /bitnami/postgresql - name: PGDATA value: /bitnami/postgresql/data - name: POSTGRES_USER value: oc_philiph - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: db-pass name: nextcloud - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: key: postgres-password name: nextcloud - name: POSTGRES_DATABASE value: nextcloud - name: POSTGRESQL_ENABLE_LDAP value: "no" - name: POSTGRESQL_ENABLE_TLS value: "no" - name: POSTGRESQL_LOG_HOSTNAME value: "false" - name: POSTGRESQL_LOG_CONNECTIONS value: "false" - name: POSTGRESQL_LOG_DISCONNECTIONS value: "false" - name: POSTGRESQL_PGAUDIT_LOG_CATALOG value: "off" - name: POSTGRESQL_CLIENT_MIN_MESSAGES value: error - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES value: pgaudit image: docker.io/bitnami/postgresql:16.6.0-debian-12-r2 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - /bin/sh - -c - exec pg_isready -U "oc_philiph" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 failureThreshold: 6 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: postgresql ports: - containerPort: 5432 name: tcp-postgresql readinessProbe: exec: command: - /bin/sh - -c - -e - | exec pg_isready -U "oc_philiph" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] failureThreshold: 6 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: limits: cpu: 150m ephemeral-storage: 1024Mi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/postgresql/conf name: empty-dir subPath: app-conf-dir - mountPath: /opt/bitnami/postgresql/tmp name: empty-dir subPath: app-tmp-dir - mountPath: /dev/shm name: dshm - mountPath: /bitnami/postgresql name: data hostIPC: false hostNetwork: false securityContext: fsGroup: 1001 fsGroupChangePolicy: Always supplementalGroups: [] sysctls: [] serviceAccountName: nextcloud-postgresql volumes: - emptyDir: {} name: empty-dir - emptyDir: medium: Memory name: dshm updateStrategy: rollingUpdate: {} type: RollingUpdate volumeClaimTemplates: - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: data spec: accessModes: - ReadWriteOnce resources: requests: storage: 8Gi storageClassName: openebs-3-replicas --- apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: maxUnavailable: 1 selector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: egress: - {} ingress: - ports: - port: 5432 podSelector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql policyTypes: - Ingress - Egress