diff --git a/apps/nextcloud/datas.tf b/apps/nextcloud/datas.tf index 096b3fd..efb12ed 100644 --- a/apps/nextcloud/datas.tf +++ b/apps/nextcloud/datas.tf @@ -1,4 +1,5 @@ locals { + dns-name = "${var.sub-domain}.${var.domain-name}" common-labels = { "vynil.solidite.fr/owner-name" = var.instance "vynil.solidite.fr/owner-namespace" = var.namespace @@ -49,18 +50,8 @@ data "kustomization_overlay" "data" { valueFrom: secretKeyRef: name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do" - - name: NEXTCLOUD_ADMIN_USER - valueFrom: - secretKeyRef: - name: nextcloud - key: nextcloud-username - - name: NEXTCLOUD_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: nextcloud - key: nextcloud-password - name: NEXTCLOUD_TRUSTED_DOMAINS - value: nextcloud.kube.home + value: "${local.dns-name}" - name: REDIS_HOST value: "${var.instance}-${var.component}-redis.${var.namespace}.svc" - name: REDIS_HOST_PASSWORD @@ -72,6 +63,16 @@ data "kustomization_overlay" "data" { imagePullPolicy: "${var.images.nginx.pullPolicy}" resources: {} + readinessProbe: + httpGet: + httpHeaders: + - name: Host + value: "${local.dns-name}" + livenessProbe: + httpGet: + httpHeaders: + - name: Host + value: "${local.dns-name}" EOF } patches { @@ -92,28 +93,10 @@ data "kustomization_overlay" "data" { image: "${var.images.exporter.registry}/${var.images.exporter.repository}:${var.images.exporter.tag}" imagePullPolicy: "${var.images.exporter.pullPolicy}" env: - - name: NEXTCLOUD_USERNAME - valueFrom: - secretKeyRef: - name: nextcloud - key: nextcloud-username - - name: NEXTCLOUD_PASSWORD - valueFrom: - secretKeyRef: - name: nextcloud - key: nextcloud-password - name: NEXTCLOUD_SERVER value: "https://${local.dns-name}" - - name: NEXTCLOUD_TIMEOUT - value: 5s - name: NEXTCLOUD_TLS_SKIP_VERIFY - value: "false" - ports: - - name: metrics - containerPort: 9205 - securityContext: - runAsUser: 1000 - runAsNonRoot: true + value: "${var.issuer=="letsencrypt-prod"?"false":"true"}" EOF } patches { @@ -126,6 +109,8 @@ data "kustomization_overlay" "data" { apiVersion: v1 metadata: name: nextcloud-nextcloud + annotations: + k8up.io/backup: "true" spec: accessModes: - "${var.storage.accessMode}" diff --git a/apps/nextcloud/index.yaml b/apps/nextcloud/index.yaml index 7a44ec1..a1465c6 100644 --- a/apps/nextcloud/index.yaml +++ b/apps/nextcloud/index.yaml @@ -11,26 +11,55 @@ options: examples: - cloud type: string - hpa: + admin: default: - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 + name: nextcloud_admin examples: - - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 + - name: nextcloud_admin properties: - avg-cpu: - default: 50 - type: integer - max-replicas: - default: 5 - type: integer - min-replicas: - default: 1 - type: integer + name: + default: nextcloud_admin + type: string type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + domain-name: + default: your_company.com + examples: + - your_company.com + type: string + storage: + default: + accessMode: ReadWriteOnce + size: 10Gi + examples: + - accessMode: ReadWriteOnce + size: 10Gi + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: object + ingress-class: + default: traefik + examples: + - traefik + type: string + domain: + default: your-company + examples: + - your-company + type: string images: default: exporter: @@ -134,60 +163,31 @@ options: type: string type: object type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - admin: + hpa: default: - name: nextcloud_admin + avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 examples: - - name: nextcloud_admin + - avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 properties: - name: - default: nextcloud_admin - type: string - type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - domain: - default: your-company - examples: - - your-company - type: string - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - storage: - default: - accessMode: ReadWriteOnce - size: 10Gi - examples: - - accessMode: ReadWriteOnce - size: 10Gi - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string + avg-cpu: + default: 50 + type: integer + max-replicas: + default: 5 + type: integer + min-replicas: + default: 1 + type: integer type: object dependencies: [] providers: kubernetes: true authentik: true - kubectl: null + kubectl: true postgresql: null restapi: null http: null diff --git a/apps/nextcloud/ingress.tf b/apps/nextcloud/ingress.tf index 0fe1a91..730ef47 100644 --- a/apps/nextcloud/ingress.tf +++ b/apps/nextcloud/ingress.tf @@ -1,5 +1,4 @@ locals { - dns-name = "${var.sub-domain}.${var.domain-name}" dns-names = [local.dns-name] middlewares = ["${var.instance}-https","${var.instance}-redirectregex"] service = { diff --git a/apps/nextcloud/middlewares.tf b/apps/nextcloud/middlewares.tf index 383adec..d9b8a1e 100644 --- a/apps/nextcloud/middlewares.tf +++ b/apps/nextcloud/middlewares.tf @@ -10,6 +10,6 @@ spec: redirectRegex: permanent: true regex: "https://(.*)/.well-known/(card|cal)dav" - replacement: "https://${1}/remote.php/dav/" + replacement: "https://$${1}/remote.php/dav/" EOF }