apiVersion: v1 data: aliasgroup1: https://cloud.borninpain.de:443 extra_params: --o:ssl.enable=false --o:ssl.termination=true kind: ConfigMap metadata: annotations: confighash: config-a0251c3c8340b1da71056e3746336992 labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 name: nextcloud-collabora --- apiVersion: v1 data: .htaccess: |- # line below if for Apache 2.4 Require all denied # line below if for Apache 2.2 deny from all # section for Apache 2.2 and 2.4 IndexIgnore * apache-pretty-urls.config.php: |- '/', ); apcu.config.php: |- '\OC\Memcache\APCu', ); apps.config.php: |- array ( 0 => array ( 'path' => OC::$SERVERROOT.'/apps', 'url' => '/apps', 'writable' => false, ), 1 => array ( 'path' => OC::$SERVERROOT.'/custom_apps', 'url' => '/custom_apps', 'writable' => true, ), ), ); autoconfig.php: |- '\OC\Memcache\Redis', 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), 'dbindex' => 1, ), ); if (getenv('REDIS_HOST_PORT') !== false) { $CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT'); } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } } reverse-proxy.config.php: |- 'smtp', 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); if (getenv('SMTP_PASSWORD_FILE')) { $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); } elseif (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; } } upgrade-disable-web.config.php: |- true, ); kind: ConfigMap metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 32.0.0 helm.sh/chart: nextcloud-8.4.0 name: nextcloud-config --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 32.0.0 helm.sh/chart: nextcloud-8.4.0 name: nextcloud spec: ports: - name: http port: 8080 protocol: TCP targetPort: 80 selector: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 type: main name: nextcloud-collabora spec: ports: - name: http port: 9980 protocol: TCP targetPort: http selector: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main type: ClusterIP --- apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: helm.sh/resource-policy: keep labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 32.0.0 helm.sh/chart: nextcloud-8.4.0 name: nextcloud-nextcloud spec: accessModes: - ReadWriteOnce resources: requests: storage: 25Gi storageClassName: openebs-3-replicas --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 32.0.0 helm.sh/chart: nextcloud-8.4.0 name: nextcloud spec: replicas: 1 selector: matchLabels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud strategy: type: Recreate template: metadata: annotations: hooks-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a nextcloud-config-hash: c8b2eabce44008395c874488663a3bc4ce2ab89893ba8f511d14d4c3bc439cb7 php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud spec: containers: - env: - name: POSTGRES_HOST valueFrom: secretKeyRef: key: host name: cnpg-nextcloud-cluster-app - name: POSTGRES_DB valueFrom: secretKeyRef: key: dbname name: cnpg-nextcloud-cluster-app - name: POSTGRES_USER valueFrom: secretKeyRef: key: user name: cnpg-nextcloud-cluster-app - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: password name: cnpg-nextcloud-cluster-app - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: key: nextcloud-username name: nextcloud - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: key: nextcloud-password name: nextcloud - name: NEXTCLOUD_TRUSTED_DOMAINS value: localhost cloud.borninpain.de iam.borninpain.de - name: NEXTCLOUD_DATA_DIR value: /var/www/html/data - name: MAIL_FROM_ADDRESS value: noreply - name: MAIL_DOMAIN value: borninpain.de - name: SMTP_SECURE value: "" - name: SMTP_PORT value: "587" - name: SMTP_AUTHTYPE value: LOGIN - name: SMTP_HOST valueFrom: secretKeyRef: key: smtp-host name: nextcloud - name: SMTP_NAME valueFrom: secretKeyRef: key: smtp-username name: nextcloud - name: SMTP_PASSWORD valueFrom: secretKeyRef: key: smtp-password name: nextcloud - name: REDIS_HOST value: valkey.valkey.svc.cluster.local - name: REDIS_HOST_PORT value: "6379" - name: REDIS_HOST_PASSWORD valueFrom: secretKeyRef: key: redis-pass name: nextcloud - name: TRUSTED_PROXIES value: 172.19.0.0/16 10.0.0.0/16 - name: FORWARDED_FOR_HEADERS value: HTTP_X_FORWARDED HTTP_FORWARDED_FOR image: nextcloud:32.0.0-apache imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: httpHeaders: - name: Host value: cloud.borninpain.de path: /status.php port: 80 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: nextcloud ports: - containerPort: 80 name: http protocol: TCP readinessProbe: failureThreshold: 3 httpGet: httpHeaders: - name: Host value: cloud.borninpain.de path: /status.php port: 80 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: {} volumeMounts: - mountPath: /var/www/ name: nextcloud-main subPath: root - mountPath: /var/www/html name: nextcloud-main subPath: html - mountPath: /var/www/html/data name: nextcloud-main subPath: data - mountPath: /var/www/html/config name: nextcloud-main subPath: config - mountPath: /var/www/html/custom_apps name: nextcloud-main subPath: custom_apps - mountPath: /var/www/tmp name: nextcloud-main subPath: tmp - mountPath: /var/www/html/themes name: nextcloud-main subPath: themes - mountPath: /var/www/html/config/custom.config.php name: nextcloud-config subPath: custom.config.php - mountPath: /var/www/html/config/.htaccess name: nextcloud-config subPath: .htaccess - mountPath: /var/www/html/config/apache-pretty-urls.config.php name: nextcloud-config subPath: apache-pretty-urls.config.php - mountPath: /var/www/html/config/apcu.config.php name: nextcloud-config subPath: apcu.config.php - mountPath: /var/www/html/config/apps.config.php name: nextcloud-config subPath: apps.config.php - mountPath: /var/www/html/config/autoconfig.php name: nextcloud-config subPath: autoconfig.php - mountPath: /var/www/html/config/redis.config.php name: nextcloud-config subPath: redis.config.php - mountPath: /var/www/html/config/reverse-proxy.config.php name: nextcloud-config subPath: reverse-proxy.config.php - mountPath: /var/www/html/config/smtp.config.php name: nextcloud-config subPath: smtp.config.php - mountPath: /var/www/html/config/upgrade-disable-web.config.php name: nextcloud-config subPath: upgrade-disable-web.config.php - command: - /cron.sh env: - name: POSTGRES_HOST valueFrom: secretKeyRef: key: host name: cnpg-nextcloud-cluster-app - name: POSTGRES_DB valueFrom: secretKeyRef: key: dbname name: cnpg-nextcloud-cluster-app - name: POSTGRES_USER valueFrom: secretKeyRef: key: user name: cnpg-nextcloud-cluster-app - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: password name: cnpg-nextcloud-cluster-app - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: key: nextcloud-username name: nextcloud - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: key: nextcloud-password name: nextcloud - name: NEXTCLOUD_TRUSTED_DOMAINS value: localhost cloud.borninpain.de iam.borninpain.de - name: NEXTCLOUD_DATA_DIR value: /var/www/html/data - name: MAIL_FROM_ADDRESS value: noreply - name: MAIL_DOMAIN value: borninpain.de - name: SMTP_SECURE value: "" - name: SMTP_PORT value: "587" - name: SMTP_AUTHTYPE value: LOGIN - name: SMTP_HOST valueFrom: secretKeyRef: key: smtp-host name: nextcloud - name: SMTP_NAME valueFrom: secretKeyRef: key: smtp-username name: nextcloud - name: SMTP_PASSWORD valueFrom: secretKeyRef: key: smtp-password name: nextcloud - name: REDIS_HOST value: valkey.valkey.svc.cluster.local - name: REDIS_HOST_PORT value: "6379" - name: REDIS_HOST_PASSWORD valueFrom: secretKeyRef: key: redis-pass name: nextcloud - name: TRUSTED_PROXIES value: 172.19.0.0/16 10.0.0.0/16 - name: FORWARDED_FOR_HEADERS value: HTTP_X_FORWARDED HTTP_FORWARDED_FOR image: nextcloud:32.0.0-apache imagePullPolicy: IfNotPresent name: nextcloud-cron resources: {} volumeMounts: - mountPath: /var/www/ name: nextcloud-main subPath: root - mountPath: /var/www/html name: nextcloud-main subPath: html - mountPath: /var/www/html/data name: nextcloud-main subPath: data - mountPath: /var/www/html/config name: nextcloud-main subPath: config - mountPath: /var/www/html/custom_apps name: nextcloud-main subPath: custom_apps - mountPath: /var/www/tmp name: nextcloud-main subPath: tmp - mountPath: /var/www/html/themes name: nextcloud-main subPath: themes - mountPath: /var/www/html/config/custom.config.php name: nextcloud-config subPath: custom.config.php - mountPath: /var/www/html/config/.htaccess name: nextcloud-config subPath: .htaccess - mountPath: /var/www/html/config/apache-pretty-urls.config.php name: nextcloud-config subPath: apache-pretty-urls.config.php - mountPath: /var/www/html/config/apcu.config.php name: nextcloud-config subPath: apcu.config.php - mountPath: /var/www/html/config/apps.config.php name: nextcloud-config subPath: apps.config.php - mountPath: /var/www/html/config/autoconfig.php name: nextcloud-config subPath: autoconfig.php - mountPath: /var/www/html/config/redis.config.php name: nextcloud-config subPath: redis.config.php - mountPath: /var/www/html/config/reverse-proxy.config.php name: nextcloud-config subPath: reverse-proxy.config.php - mountPath: /var/www/html/config/smtp.config.php name: nextcloud-config subPath: smtp.config.php - mountPath: /var/www/html/config/upgrade-disable-web.config.php name: nextcloud-config subPath: upgrade-disable-web.config.php securityContext: fsGroup: 33 volumes: - name: nextcloud-main persistentVolumeClaim: claimName: nextcloud-nextcloud - configMap: name: nextcloud-config name: nextcloud-config --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 name: nextcloud-collabora spec: minReadySeconds: 0 replicas: 1 selector: matchLabels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: annotations: cluster-autoscaler.kubernetes.io/safe-to-evict: "true" confighash: config-a0251c3c8340b1da71056e3746336992 labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main spec: containers: - env: - name: username valueFrom: secretKeyRef: key: colla-user name: nextcloud - name: password valueFrom: secretKeyRef: key: colla-pass name: nextcloud envFrom: - configMapRef: name: nextcloud-collabora image: collabora/code:24.04.5.2.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 4 httpGet: path: / port: 9980 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 30 name: collabora ports: - containerPort: 9980 name: http protocol: TCP readinessProbe: failureThreshold: 2 httpGet: path: / port: 9980 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 30 resources: {} securityContext: {} startupProbe: failureThreshold: 30 httpGet: path: / port: 9980 scheme: HTTP periodSeconds: 3 volumeMounts: - mountPath: /tmp name: tmp securityContext: {} serviceAccountName: default terminationGracePeriodSeconds: 60 volumes: - emptyDir: {} name: tmp --- apiVersion: batch/v1 kind: Job metadata: annotations: helm.sh/hook: test helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded labels: app.kubernetes.io/component: database-ping-test name: cnpg-nextcloud-cluster-ping-test namespace: nextcloud spec: template: metadata: labels: app.kubernetes.io/component: database-ping-test name: cnpg-nextcloud-cluster-ping-test spec: containers: - args: - -c - apk add postgresql-client && psql "postgresql://$PGUSER:$PGPASS@cnpg-nextcloud-cluster-rw.nextcloud.svc.cluster.local:5432/${PGDBNAME:-$PGUSER}" -c 'SELECT 1' command: - sh env: - name: PGUSER valueFrom: secretKeyRef: key: username name: cnpg-nextcloud-cluster-app - name: PGPASS valueFrom: secretKeyRef: key: password name: cnpg-nextcloud-cluster-app - name: PGDBNAME valueFrom: secretKeyRef: key: dbname name: cnpg-nextcloud-cluster-app optional: true image: alpine:3.17 name: alpine restartPolicy: Never --- apiVersion: postgresql.cnpg.io/v1 kind: Cluster metadata: labels: app.kubernetes.io/instance: cnpg-nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: cluster app.kubernetes.io/part-of: cloudnative-pg helm.sh/chart: cluster-0.3.1 name: cnpg-nextcloud-cluster namespace: nextcloud spec: affinity: topologyKey: kubernetes.io/hostname bootstrap: initdb: database: nextcloud owner: nextcloud enablePDB: true enableSuperuserAccess: true imageName: ghcr.io/cloudnative-pg/postgresql:17 imagePullPolicy: IfNotPresent instances: 3 logLevel: info monitoring: disableDefaultQueries: false enablePodMonitor: false postgresGID: 26 postgresUID: 26 postgresql: null primaryUpdateMethod: switchover primaryUpdateStrategy: unsupervised storage: size: 10Gi storageClass: openebs-hostpath walStorage: size: 1Gi storageClass: openebs-hostpath