apiVersion: v1 automountServiceAccountToken: false kind: ServiceAccount metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud --- apiVersion: v1 automountServiceAccountToken: false kind: ServiceAccount metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-master namespace: nextcloud --- apiVersion: v1 automountServiceAccountToken: false kind: ServiceAccount metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-replica namespace: nextcloud --- apiVersion: v1 data: master.conf: |- dir /data # User-supplied master configuration: rename-command FLUSHDB "" rename-command FLUSHALL "" # End of master configuration redis.conf: |- # User-supplied common configuration: # Enable AOF https://redis.io/topics/persistence#append-only-file appendonly yes # Disable RDB persistence, AOF persistence already enabled. save "" # End of common configuration replica.conf: |- dir /data # User-supplied replica configuration: rename-command FLUSHDB "" rename-command FLUSHALL "" # End of replica configuration kind: ConfigMap metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-configuration namespace: nextcloud --- apiVersion: v1 data: ping_liveness_local.sh: |- #!/bin/bash [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" response=$( timeout -s 15 $1 \ redis-cli \ -h localhost \ -p $REDIS_PORT \ ping ) if [ "$?" -eq "124" ]; then echo "Timed out" exit 1 fi responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ] && [ "$responseFirstWord" != "MASTERDOWN" ]; then echo "$response" exit 1 fi ping_liveness_local_and_master.sh: |- script_dir="$(dirname "$0")" exit_status=0 "$script_dir/ping_liveness_local.sh" $1 || exit_status=$? "$script_dir/ping_liveness_master.sh" $1 || exit_status=$? exit $exit_status ping_liveness_master.sh: |- #!/bin/bash [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" response=$( timeout -s 15 $1 \ redis-cli \ -h $REDIS_MASTER_HOST \ -p $REDIS_MASTER_PORT_NUMBER \ ping ) if [ "$?" -eq "124" ]; then echo "Timed out" exit 1 fi responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}') if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ]; then echo "$response" exit 1 fi ping_readiness_local.sh: |- #!/bin/bash [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" response=$( timeout -s 15 $1 \ redis-cli \ -h localhost \ -p $REDIS_PORT \ ping ) if [ "$?" -eq "124" ]; then echo "Timed out" exit 1 fi if [ "$response" != "PONG" ]; then echo "$response" exit 1 fi ping_readiness_local_and_master.sh: |- script_dir="$(dirname "$0")" exit_status=0 "$script_dir/ping_readiness_local.sh" $1 || exit_status=$? "$script_dir/ping_readiness_master.sh" $1 || exit_status=$? exit $exit_status ping_readiness_master.sh: |- #!/bin/bash [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" [[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" response=$( timeout -s 15 $1 \ redis-cli \ -h $REDIS_MASTER_HOST \ -p $REDIS_MASTER_PORT_NUMBER \ ping ) if [ "$?" -eq "124" ]; then echo "Timed out" exit 1 fi if [ "$response" != "PONG" ]; then echo "$response" exit 1 fi kind: ConfigMap metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-health namespace: nextcloud --- apiVersion: v1 data: start-master.sh: | #!/bin/bash [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" if [[ -f /opt/bitnami/redis/mounted-etc/master.conf ]];then cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf fi if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf fi ARGS=("--port" "${REDIS_PORT}") ARGS+=("--requirepass" "${REDIS_PASSWORD}") ARGS+=("--masterauth" "${REDIS_PASSWORD}") ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf") exec redis-server "${ARGS[@]}" start-replica.sh: | #!/bin/bash get_port() { hostname="$1" type="$2" port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g") port=${!port_var} if [ -z "$port" ]; then case $type in "SENTINEL") echo 26379 ;; "REDIS") echo 6379 ;; esac else echo $port fi } get_full_hostname() { hostname="$1" full_hostname="${hostname}.${HEADLESS_SERVICE}" echo "${full_hostname}" } REDISPORT=$(get_port "$HOSTNAME" "REDIS") HEADLESS_SERVICE="nextcloud-redis-headless.nextcloud.svc.cluster.local" [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" if [[ -f /opt/bitnami/redis/mounted-etc/replica.conf ]];then cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf fi if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf fi echo "" >> /opt/bitnami/redis/etc/replica.conf echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf ARGS=("--port" "${REDIS_PORT}") ARGS+=("--replicaof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}") ARGS+=("--requirepass" "${REDIS_PASSWORD}") ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}") ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf") exec redis-server "${ARGS[@]}" kind: ConfigMap metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-scripts namespace: nextcloud --- apiVersion: v1 data: extra_params: --o:ssl.enable=false kind: ConfigMap metadata: annotations: confighash: config-6e69d2cadb783866e0a85a1462729e7d labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 name: nextcloud-collabora --- apiVersion: v1 data: password: Y2hhbmdlbWU= postgres-password: YTJvRlV1ZmZIeQ== kind: Secret metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud type: Opaque --- apiVersion: v1 data: redis-password: Y2hhbmdlbWU= kind: Secret metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis namespace: nextcloud type: Opaque --- apiVersion: v1 data: nextcloud-password: Y2hhbmdlbWU= nextcloud-username: YWRtaW4= kind: Secret metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud type: Opaque --- apiVersion: v1 data: password: ZXhhbXBsZXBhc3M= username: YWRtaW4= kind: Secret metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 name: nextcloud-collabora --- apiVersion: v1 data: db-password: Y2hhbmdlbWU= db-username: bmV4dGNsb3Vk kind: Secret metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud-db type: Opaque --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: ports: - name: tcp-postgresql nodePort: null port: 5432 targetPort: tcp-postgresql selector: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql sessionAffinity: None type: ClusterIP --- apiVersion: v1 kind: Service metadata: annotations: service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql-hl namespace: nextcloud spec: clusterIP: None ports: - name: tcp-postgresql port: 5432 targetPort: tcp-postgresql publishNotReadyAddresses: true selector: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-headless namespace: nextcloud spec: clusterIP: None ports: - name: tcp-redis port: 6379 targetPort: redis selector: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-master namespace: nextcloud spec: internalTrafficPolicy: Cluster ports: - name: tcp-redis nodePort: null port: 6379 targetPort: redis selector: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis sessionAffinity: None type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-replicas namespace: nextcloud spec: internalTrafficPolicy: Cluster ports: - name: tcp-redis nodePort: null port: 6379 targetPort: redis selector: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis sessionAffinity: None type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud spec: ports: - name: http port: 8080 protocol: TCP targetPort: 80 selector: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 type: main name: nextcloud-collabora spec: ports: - name: http port: 9980 protocol: TCP targetPort: http selector: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main type: ClusterIP --- apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: helm.sh/resource-policy: keep labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud-nextcloud spec: accessModes: - ReadWriteOnce resources: requests: storage: 8Gi storageClassName: openebs-3-replicas --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: nextcloud app.kubernetes.io/version: 30.0.6 helm.sh/chart: nextcloud-6.6.9 name: nextcloud spec: replicas: 1 selector: matchLabels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud strategy: type: Recreate template: metadata: annotations: hooks-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a labels: app.kubernetes.io/component: app app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: nextcloud nextcloud-redis-client: "true" spec: containers: - env: - name: SQLITE_DATABASE value: nextcloud - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: key: nextcloud-username name: nextcloud - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: key: nextcloud-password name: nextcloud - name: NEXTCLOUD_TRUSTED_DOMAINS value: cloud.borninpain.de - name: NEXTCLOUD_DATA_DIR value: /var/www/html/data - name: REDIS_HOST value: nextcloud-redis-master - name: REDIS_HOST_PORT value: "6379" - name: REDIS_HOST_PASSWORD value: changeme image: nextcloud:30.0.6-apache imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 httpGet: httpHeaders: - name: Host value: cloud.borninpain.de path: /status.php port: 80 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: nextcloud ports: - containerPort: 80 name: http protocol: TCP readinessProbe: failureThreshold: 3 httpGet: httpHeaders: - name: Host value: cloud.borninpain.de path: /status.php port: 80 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: {} volumeMounts: - mountPath: /var/www/ name: nextcloud-main subPath: root - mountPath: /var/www/html name: nextcloud-main subPath: html - mountPath: /var/www/html/data name: nextcloud-main subPath: data - mountPath: /var/www/html/config name: nextcloud-main subPath: config - mountPath: /var/www/html/custom_apps name: nextcloud-main subPath: custom_apps - mountPath: /var/www/tmp name: nextcloud-main subPath: tmp - mountPath: /var/www/html/themes name: nextcloud-main subPath: themes - command: - /cron.sh env: - name: SQLITE_DATABASE value: nextcloud - name: NEXTCLOUD_ADMIN_USER valueFrom: secretKeyRef: key: nextcloud-username name: nextcloud - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: key: nextcloud-password name: nextcloud - name: NEXTCLOUD_TRUSTED_DOMAINS value: cloud.borninpain.de - name: NEXTCLOUD_DATA_DIR value: /var/www/html/data - name: REDIS_HOST value: nextcloud-redis-master - name: REDIS_HOST_PORT value: "6379" - name: REDIS_HOST_PASSWORD value: changeme image: nextcloud:30.0.6-apache imagePullPolicy: IfNotPresent name: nextcloud-cron resources: {} volumeMounts: - mountPath: /var/www/ name: nextcloud-main subPath: root - mountPath: /var/www/html name: nextcloud-main subPath: html - mountPath: /var/www/html/data name: nextcloud-main subPath: data - mountPath: /var/www/html/config name: nextcloud-main subPath: config - mountPath: /var/www/html/custom_apps name: nextcloud-main subPath: custom_apps - mountPath: /var/www/tmp name: nextcloud-main subPath: tmp - mountPath: /var/www/html/themes name: nextcloud-main subPath: themes initContainers: - command: - sh - -c - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done env: - name: POSTGRES_USER valueFrom: secretKeyRef: key: db-username name: nextcloud-db - name: POSTGRES_HOST value: nextcloud-postgresql image: docker.io/bitnami/postgresql:16.3.0-debian-12-r10 name: postgresql-isready resources: {} securityContext: {} securityContext: fsGroup: 33 volumes: - name: nextcloud-main persistentVolumeClaim: claimName: nextcloud-nextcloud --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: collabora app.kubernetes.io/version: 24.04.5.2.1 helm.sh/chart: collabora-1.1.20 name: nextcloud-collabora spec: minReadySeconds: 0 replicas: 1 selector: matchLabels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 0 type: RollingUpdate template: metadata: annotations: cluster-autoscaler.kubernetes.io/safe-to-evict: "true" confighash: config-6e69d2cadb783866e0a85a1462729e7d labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: collabora type: main spec: containers: - env: - name: username valueFrom: secretKeyRef: key: username name: nextcloud-collabora - name: password valueFrom: secretKeyRef: key: password name: nextcloud-collabora envFrom: - configMapRef: name: nextcloud-collabora image: collabora/code:24.04.5.2.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 4 httpGet: path: / port: 9980 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 30 name: collabora ports: - containerPort: 9980 name: http protocol: TCP readinessProbe: failureThreshold: 2 httpGet: path: / port: 9980 scheme: HTTP initialDelaySeconds: 0 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 30 resources: {} securityContext: {} startupProbe: failureThreshold: 30 httpGet: path: / port: 9980 scheme: HTTP periodSeconds: 3 volumeMounts: - mountPath: /tmp name: tmp securityContext: {} serviceAccountName: default terminationGracePeriodSeconds: 60 volumes: - emptyDir: {} name: tmp --- apiVersion: apps/v1 kind: StatefulSet metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: replicas: 1 selector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql serviceName: nextcloud-postgresql-hl template: metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql spec: affinity: nodeAffinity: null podAffinity: null podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql topologyKey: kubernetes.io/hostname weight: 1 automountServiceAccountToken: false containers: - env: - name: BITNAMI_DEBUG value: "false" - name: POSTGRESQL_PORT_NUMBER value: "5432" - name: POSTGRESQL_VOLUME_DIR value: /bitnami/postgresql - name: PGDATA value: /bitnami/postgresql/data - name: POSTGRES_USER value: nextcloud - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: password name: nextcloud-postgresql - name: POSTGRES_POSTGRES_PASSWORD valueFrom: secretKeyRef: key: postgres-password name: nextcloud-postgresql - name: POSTGRES_DATABASE value: nextcloud - name: POSTGRESQL_ENABLE_LDAP value: "no" - name: POSTGRESQL_ENABLE_TLS value: "no" - name: POSTGRESQL_LOG_HOSTNAME value: "false" - name: POSTGRESQL_LOG_CONNECTIONS value: "false" - name: POSTGRESQL_LOG_DISCONNECTIONS value: "false" - name: POSTGRESQL_PGAUDIT_LOG_CATALOG value: "off" - name: POSTGRESQL_CLIENT_MIN_MESSAGES value: error - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES value: pgaudit image: docker.io/bitnami/postgresql:16.3.0-debian-12-r10 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - /bin/sh - -c - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 failureThreshold: 6 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: postgresql ports: - containerPort: 5432 name: tcp-postgresql readinessProbe: exec: command: - /bin/sh - -c - -e - | exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] failureThreshold: 6 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: limits: cpu: 150m ephemeral-storage: 1024Mi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL privileged: false readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/postgresql/conf name: empty-dir subPath: app-conf-dir - mountPath: /opt/bitnami/postgresql/tmp name: empty-dir subPath: app-tmp-dir - mountPath: /dev/shm name: dshm - mountPath: /bitnami/postgresql name: data hostIPC: false hostNetwork: false securityContext: fsGroup: 1001 fsGroupChangePolicy: Always supplementalGroups: [] sysctls: [] serviceAccountName: nextcloud-postgresql volumes: - emptyDir: {} name: empty-dir - emptyDir: medium: Memory name: dshm updateStrategy: rollingUpdate: {} type: RollingUpdate volumeClaimTemplates: - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: data spec: accessModes: - ReadWriteOnce resources: requests: storage: 8Gi storageClassName: openebs-3-replicas --- apiVersion: apps/v1 kind: StatefulSet metadata: labels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-master namespace: nextcloud spec: replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis serviceName: nextcloud-redis-headless template: metadata: annotations: checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 checksum/scripts: 562e2a83c8a1d7db11dc86aac80d50852c6534d5a46bc93757b51efdb9103df3 checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff labels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 spec: affinity: nodeAffinity: null podAffinity: null podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis topologyKey: kubernetes.io/hostname weight: 1 automountServiceAccountToken: false containers: - args: - -c - /opt/bitnami/scripts/start-scripts/start-master.sh command: - /bin/bash env: - name: BITNAMI_DEBUG value: "false" - name: REDIS_REPLICATION_MODE value: master - name: ALLOW_EMPTY_PASSWORD value: "no" - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: redis-password name: nextcloud-redis - name: REDIS_TLS_ENABLED value: "no" - name: REDIS_PORT value: "6379" image: docker.io/bitnami/redis:7.2.5-debian-12-r4 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - sh - -c - /health/ping_liveness_local.sh 5 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 6 name: redis ports: - containerPort: 6379 name: redis readinessProbe: exec: command: - sh - -c - /health/ping_readiness_local.sh 1 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 2 resources: limits: cpu: 150m ephemeral-storage: 1024Mi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /opt/bitnami/scripts/start-scripts name: start-scripts - mountPath: /health name: health - mountPath: /data name: redis-data - mountPath: /opt/bitnami/redis/mounted-etc name: config - mountPath: /opt/bitnami/redis/etc/ name: empty-dir subPath: app-conf-dir - mountPath: /tmp name: empty-dir subPath: tmp-dir enableServiceLinks: true securityContext: fsGroup: 1001 fsGroupChangePolicy: Always supplementalGroups: [] sysctls: [] serviceAccountName: nextcloud-redis-master terminationGracePeriodSeconds: 30 volumes: - configMap: defaultMode: 493 name: nextcloud-redis-scripts name: start-scripts - configMap: defaultMode: 493 name: nextcloud-redis-health name: health - configMap: name: nextcloud-redis-configuration name: config - emptyDir: {} name: empty-dir updateStrategy: type: RollingUpdate volumeClaimTemplates: - apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis name: redis-data spec: accessModes: - ReadWriteOnce resources: requests: storage: 8Gi storageClassName: openebs-3-replicas --- apiVersion: apps/v1 kind: StatefulSet metadata: labels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-replicas namespace: nextcloud spec: replicas: 3 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis serviceName: nextcloud-redis-headless template: metadata: annotations: checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 checksum/scripts: 562e2a83c8a1d7db11dc86aac80d50852c6534d5a46bc93757b51efdb9103df3 checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff labels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 spec: affinity: nodeAffinity: null podAffinity: null podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis topologyKey: kubernetes.io/hostname weight: 1 automountServiceAccountToken: false containers: - args: - -c - /opt/bitnami/scripts/start-scripts/start-replica.sh command: - /bin/bash env: - name: BITNAMI_DEBUG value: "false" - name: REDIS_REPLICATION_MODE value: replica - name: REDIS_MASTER_HOST value: nextcloud-redis-master-0.nextcloud-redis-headless.nextcloud.svc.cluster.local - name: REDIS_MASTER_PORT_NUMBER value: "6379" - name: ALLOW_EMPTY_PASSWORD value: "no" - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: redis-password name: nextcloud-redis - name: REDIS_MASTER_PASSWORD valueFrom: secretKeyRef: key: redis-password name: nextcloud-redis - name: REDIS_TLS_ENABLED value: "no" - name: REDIS_PORT value: "6379" image: docker.io/bitnami/redis:7.2.5-debian-12-r4 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - sh - -c - /health/ping_liveness_local_and_master.sh 5 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 6 name: redis ports: - containerPort: 6379 name: redis readinessProbe: exec: command: - sh - -c - /health/ping_readiness_local_and_master.sh 1 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 2 resources: limits: cpu: 150m ephemeral-storage: 1024Mi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault startupProbe: failureThreshold: 22 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 tcpSocket: port: redis timeoutSeconds: 5 volumeMounts: - mountPath: /opt/bitnami/scripts/start-scripts name: start-scripts - mountPath: /health name: health - mountPath: /data name: redis-data - mountPath: /opt/bitnami/redis/mounted-etc name: config - mountPath: /opt/bitnami/redis/etc name: empty-dir subPath: app-conf-dir - mountPath: /tmp name: empty-dir subPath: tmp-dir enableServiceLinks: true securityContext: fsGroup: 1001 fsGroupChangePolicy: Always supplementalGroups: [] sysctls: [] serviceAccountName: nextcloud-redis-replica terminationGracePeriodSeconds: 30 volumes: - configMap: defaultMode: 493 name: nextcloud-redis-scripts name: start-scripts - configMap: defaultMode: 493 name: nextcloud-redis-health name: health - configMap: name: nextcloud-redis-configuration name: config - emptyDir: {} name: empty-dir updateStrategy: type: RollingUpdate volumeClaimTemplates: - apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis name: redis-data spec: accessModes: - ReadWriteOnce resources: requests: storage: 8Gi storageClassName: openebs-3-replicas --- apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: maxUnavailable: 1 selector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql --- apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-master namespace: nextcloud spec: maxUnavailable: 1 selector: matchLabels: app.kubernetes.io/component: master app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis --- apiVersion: policy/v1 kind: PodDisruptionBudget metadata: labels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis-replicas namespace: nextcloud spec: maxUnavailable: 1 selector: matchLabels: app.kubernetes.io/component: replica app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql app.kubernetes.io/version: 16.3.0 helm.sh/chart: postgresql-15.5.0 name: nextcloud-postgresql namespace: nextcloud spec: egress: - {} ingress: - ports: - port: 5432 podSelector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: postgresql policyTypes: - Ingress - Egress --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: labels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: redis app.kubernetes.io/version: 7.2.5 helm.sh/chart: redis-19.6.4 name: nextcloud-redis namespace: nextcloud spec: egress: - {} ingress: - ports: - port: 6379 podSelector: matchLabels: app.kubernetes.io/instance: nextcloud app.kubernetes.io/name: redis policyTypes: - Ingress - Egress