vynil/domain-incoming
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2023-07-28 20:10:23 +02:00
parent 3422b34ec6
commit 94f7409cf3
4 changed files with 86 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/nextcloud/collabora.tf
View File

@@ -67,7 +67,7 @@ resource "kubectl_manifest" "collabora_deploy" {
- name: http - name: http
containerPort: 9980 containerPort: 9980
protocol: TCP protocol: TCP
securitycontext: securityContext:
allowPrivilegeEscalation: true allowPrivilegeEscalation: true
privileged: true privileged: true
capabilities: capabilities:
@@ -98,7 +98,7 @@ resource "kubectl_manifest" "collabora_svc" {
} }
resource "kubectl_manifest" "collabora_certificate" { resource "kubectl_manifest" "collabora_certificate" {
count = var.apps.collabora ? 1 : 0 count = var.apps.collabora ? 0 : 0
yaml_body = <<-EOF yaml_body = <<-EOF
apiVersion: "cert-manager.io/v1" apiVersion: "cert-manager.io/v1"
kind: "Certificate" kind: "Certificate"
@@ -117,7 +117,7 @@ resource "kubectl_manifest" "collabora_certificate" {
} }
resource "kubectl_manifest" "collabora_ing" { resource "kubectl_manifest" "collabora_ing" {
count = var.apps.collabora ? 1 : 0 count = var.apps.collabora ? 0 : 0
yaml_body = <<-EOF yaml_body = <<-EOF
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress

6
apps/nextcloud/configs.tf
View File

@@ -16,6 +16,8 @@ locals {
sh -c "$*" sh -c "$*"
fi fi
} }
run_as ./occ --no-warnings config:system:set trusted_domains 0 --value=nextcloud
run_as ./occ --no-warnings config:system:set trusted_domains 1 --value="${local.dns-name}"
run_as ./occ app:install user_oidc ||: run_as ./occ app:install user_oidc ||:
run_as ./occ user_oidc:provider "$${OAUTH2_CONNECTOR_NAME}" --clientid="$${OAUTH2_CLIENT_ID}" \ run_as ./occ user_oidc:provider "$${OAUTH2_CONNECTOR_NAME}" --clientid="$${OAUTH2_CLIENT_ID}" \
--clientsecret="$${OAUTH2_CLIENT_SECRET}" \ --clientsecret="$${OAUTH2_CLIENT_SECRET}" \
@@ -31,7 +33,7 @@ locals {
var.apps.collabora?[ var.apps.collabora?[
"run_as ./occ app:install richdocuments ||:", "run_as ./occ app:install richdocuments ||:",
"run_as ./occ app:enable richdocuments ||:", "run_as ./occ app:enable richdocuments ||:",
"run_as ./occ config:app:set richdocuments wopi_url --value=\"https://collabora.${local.dns-name}/\"", "run_as ./occ config:app:set richdocuments wopi_url --value=\"http://${var.instance}-collabora/\"",
"run_as ./occ config:app:set richdocuments federation_use_trusted_domains --value=yes", "run_as ./occ config:app:set richdocuments federation_use_trusted_domains --value=yes",
"run_as ./occ richdocuments:activate-config ||:", "run_as ./occ richdocuments:activate-config ||:",
]:["run_as ./occ app:disable richdocuments ||:"], ]:["run_as ./occ app:disable richdocuments ||:"],
@@ -39,7 +41,7 @@ locals {
"run_as ./occ app:install onlyoffice ||:", "run_as ./occ app:install onlyoffice ||:",
"run_as ./occ app:enable onlyoffice ||:", "run_as ./occ app:enable onlyoffice ||:",
"run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value=\"/ds-vpath/\"", "run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value=\"/ds-vpath/\"",
"run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value=\"http://$${INSTANCE}-onlyoffice/\"", "run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value=\"http://${var.instance}-onlyoffice/\"",
"run_as ./occ --no-warnings config:system:set onlyoffice StorageUrl --value=\"http://nextcloud/\"", "run_as ./occ --no-warnings config:system:set onlyoffice StorageUrl --value=\"http://nextcloud/\"",
"run_as ./occ --no-warnings config:system:set onlyoffice jwt_secret --value=\"$${ONLYOFFICE_JWT_SECRET}\"", "run_as ./occ --no-warnings config:system:set onlyoffice jwt_secret --value=\"$${ONLYOFFICE_JWT_SECRET}\"",
]:["run_as ./occ app:disable onlyoffice ||:"], ]:["run_as ./occ app:disable onlyoffice ||:"],

154
apps/nextcloud/index.yaml
View File

@@ -6,6 +6,35 @@ metadata:
name: nextcloud name: nextcloud
description: null description: null
options: options:
storage:
default:
accessMode: ReadWriteOnce
size: 10Gi
examples:
- accessMode: ReadWriteOnce
size: 10Gi
properties:
accessMode:
default: ReadWriteOnce
enum:
- ReadWriteOnce
- ReadOnlyMany
- ReadWriteMany
type: string
size:
default: 10Gi
type: string
type: object
admin:
default:
name: nextcloud_admin
examples:
- name: nextcloud_admin
properties:
name:
default: nextcloud_admin
type: string
type: object
apps: apps:
default: default:
calendar: false calendar: false
@@ -56,10 +85,35 @@ options:
default: false default: false
type: boolean type: boolean
type: object type: object
openid-name: postgres:
default: vynil default:
replicas: 1
storage: 5Gi
version: '14'
examples: examples:
- vynil - replicas: 1
storage: 5Gi
version: '14'
properties:
replicas:
default: 1
type: integer
storage:
default: 5Gi
type: string
version:
default: '14'
type: string
type: object
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
domain:
default: your-company
examples:
- your-company
type: string type: string
images: images:
default: default:
@@ -224,75 +278,6 @@ options:
type: string type: string
type: object type: object
type: object type: object
postgres:
default:
replicas: 1
storage: 5Gi
version: '14'
examples:
- replicas: 1
storage: 5Gi
version: '14'
properties:
replicas:
default: 1
type: integer
storage:
default: 5Gi
type: string
version:
default: '14'
type: string
type: object
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
admin:
default:
name: nextcloud_admin
examples:
- name: nextcloud_admin
properties:
name:
default: nextcloud_admin
type: string
type: object
sub-domain:
default: files
examples:
- files
type: string
storage:
default:
accessMode: ReadWriteOnce
size: 10Gi
examples:
- accessMode: ReadWriteOnce
size: 10Gi
properties:
accessMode:
default: ReadWriteOnce
enum:
- ReadWriteOnce
- ReadOnlyMany
- ReadWriteMany
type: string
size:
default: 10Gi
type: string
type: object
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
domain:
default: your-company
examples:
- your-company
type: string
hpa: hpa:
default: default:
avg-cpu: 50 avg-cpu: 50
@@ -313,6 +298,26 @@ options:
default: 1 default: 1
type: integer type: integer
type: object type: object
sub-domain:
default: files
examples:
- files
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
ingress-class:
default: traefik
examples:
- traefik
type: string
openid-name:
default: vynil
examples:
- vynil
type: string
redis: redis:
default: default:
exporter: exporter:
@@ -346,11 +351,6 @@ options:
default: 2Gi default: 2Gi
type: string type: string
type: object type: object
ingress-class:
default: traefik
examples:
- traefik
type: string
dependencies: [] dependencies: []
providers: providers:
kubernetes: true kubernetes: true

4
apps/nextcloud/onlyoffice.tf
View File

@@ -103,7 +103,7 @@ resource "kubectl_manifest" "onlyoffice_svc" {
} }
resource "kubectl_manifest" "onlyoffice_certificate" { resource "kubectl_manifest" "onlyoffice_certificate" {
count = var.apps.onlyoffice ? 1 : 0 count = var.apps.onlyoffice ? 0 : 0
yaml_body = <<-EOF yaml_body = <<-EOF
apiVersion: "cert-manager.io/v1" apiVersion: "cert-manager.io/v1"
kind: "Certificate" kind: "Certificate"
@@ -122,7 +122,7 @@ resource "kubectl_manifest" "onlyoffice_certificate" {
} }
resource "kubectl_manifest" "onlyoffice_ing" { resource "kubectl_manifest" "onlyoffice_ing" {
count = var.apps.onlyoffice ? 1 : 0 count = var.apps.onlyoffice ? 0 : 0
yaml_body = <<-EOF yaml_body = <<-EOF
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress