fix

2024-02-15 14:39:05 +01:00
parent 2919dd4bdf
commit 07e02dcc49
24 changed files with 759 additions and 760 deletions
--- a/apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml
+++ b/apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml
@@ -1,11 +1,11 @@
-# Source: nextcloud/templates/metrics-deployment.yaml
+# Source: nextcloud/templates/metrics/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: nextcloud-metrics
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: metrics
@@ -26,30 +26,30 @@ spec:
        app.kubernetes.io/component: metrics
    spec:
      containers:
-      - name: metrics-exporter
-        image: "xperimental/nextcloud-exporter:0.6.2"
-        imagePullPolicy: IfNotPresent
-        env:
-        - name: NEXTCLOUD_USERNAME
-          valueFrom:
-            secretKeyRef:
-              name: nextcloud
-              key: nextcloud-username
-        - name: NEXTCLOUD_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: nextcloud
-              key: nextcloud-password
-        # NEXTCLOUD_SERVER is used by metrics-exporter to reach the Nextcloud (K8s-)Service to grab the serverinfo api endpoint
-        - name: NEXTCLOUD_SERVER # deployment.namespace.svc.cluster.local
-          value: "http://nextcloud.vynil-cloud.svc.cluster.local:80"
-        - name: NEXTCLOUD_TIMEOUT
-          value: 5s
-        - name: NEXTCLOUD_TLS_SKIP_VERIFY
-          value: "false"
-        ports:
-        - name: metrics
-          containerPort: 9205
-        securityContext:
-          runAsUser: 1000
-          runAsNonRoot: true
+        - name: metrics-exporter
+          image: "xperimental/nextcloud-exporter:0.6.2"
+          imagePullPolicy: IfNotPresent
+          env:
+            - name: NEXTCLOUD_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: nextcloud
+                  key: nextcloud-username
+            - name: NEXTCLOUD_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: nextcloud
+                  key: nextcloud-password
+            # NEXTCLOUD_SERVER is used by metrics-exporter to reach the Nextcloud (K8s-)Service to grab the serverinfo api endpoint
+            - name: NEXTCLOUD_SERVER # deployment.namespace.svc.cluster.local
+              value: "http://nextcloud.vynil-cloud.svc.cluster.local:80"
+            - name: NEXTCLOUD_TIMEOUT
+              value: 5s
+            - name: NEXTCLOUD_TLS_SKIP_VERIFY
+              value: "false"
+          ports:
+            - name: metrics
+              containerPort: 9205
+          securityContext:
+            runAsUser: 1000
+            runAsNonRoot: true
--- a/apps/nextcloud/apps_v1_Deployment_nextcloud.yaml
+++ b/apps/nextcloud/apps_v1_Deployment_nextcloud.yaml
@@ -5,7 +5,7 @@ metadata:
  name: nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: app
@@ -28,10 +28,11 @@ spec:
        nextcloud-config-hash: 389c7a366de1675e1455b824e52d593448eb9f3d376f49a478d2135e037b30a0
        php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
        nginx-config-hash: 18dd8f905a93ed27f032e9ae68084222ed7e5926f7144cda17b979780f4da54b
+        hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204
    spec:
      containers:
        - name: nextcloud
-          image: nextcloud:28.0.1-apache
+          image: nextcloud:28.0.2-apache
          imagePullPolicy: IfNotPresent
          env:
            
@@ -122,8 +123,8 @@ spec:
              path: /status.php
              port:  80
              httpHeaders:
-              - name: Host
-                value: "nextcloud.kube.home"
+                - name: Host
+                  value: "nextcloud.kube.home"
            initialDelaySeconds: 10
            periodSeconds: 10
            timeoutSeconds: 5
@@ -134,8 +135,8 @@ spec:
              path: /status.php
              port:  80
              httpHeaders:
-              - name: Host
-                value: "nextcloud.kube.home"
+                - name: Host
+                  value: "nextcloud.kube.home"
            initialDelaySeconds: 10
            periodSeconds: 10
            timeoutSeconds: 5
--- a/apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml
+++ b/apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml
@@ -5,7 +5,7 @@ metadata:
  name: nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: app
--- a/apps/nextcloud/index.yaml
+++ b/apps/nextcloud/index.yaml
@@ -11,170 +11,6 @@ options:
    examples:
    - letsencrypt-prod
    type: string
-  postgres:
-    default:
-      replicas: 1
-    examples:
-    - replicas: 1
-    properties:
-      replicas:
-        default: 1
-        type: integer
-    type: object
-  apps:
-    default:
-      audioplayer: false
-      bookmarks: false
-      bpm: false
-      calendar: false
-      collabora: false
-      contacts: false
-      deck: false
-      groupfolders: true
-      mindmap: false
-      music: false
-      notes: false
-      onlyoffice: false
-      passman: false
-      spreed: false
-      tables: false
-      tasks: false
-      texteditor: true
-    examples:
-    - audioplayer: false
-      bookmarks: false
-      bpm: false
-      calendar: false
-      collabora: false
-      contacts: false
-      deck: false
-      groupfolders: true
-      mindmap: false
-      music: false
-      notes: false
-      onlyoffice: false
-      passman: false
-      spreed: false
-      tables: false
-      tasks: false
-      texteditor: true
-    properties:
-      audioplayer:
-        default: false
-        type: boolean
-      bookmarks:
-        default: false
-        type: boolean
-      bpm:
-        default: false
-        type: boolean
-      calendar:
-        default: false
-        type: boolean
-      collabora:
-        default: false
-        type: boolean
-      contacts:
-        default: false
-        type: boolean
-      deck:
-        default: false
-        type: boolean
-      groupfolders:
-        default: true
-        type: boolean
-      mindmap:
-        default: false
-        type: boolean
-      music:
-        default: false
-        type: boolean
-      notes:
-        default: false
-        type: boolean
-      onlyoffice:
-        default: false
-        type: boolean
-      passman:
-        default: false
-        type: boolean
-      spreed:
-        default: false
-        type: boolean
-      tables:
-        default: false
-        type: boolean
-      tasks:
-        default: false
-        type: boolean
-      texteditor:
-        default: true
-        type: boolean
-    type: object
-  storage:
-    default:
-      postgres:
-        size: 5Gi
-      redis:
-        size: 2Gi
-      volume:
-        accessMode: ReadWriteOnce
-        class: ''
-        size: 10Gi
-        type: Filesystem
-    description: Configure this app storage
-    examples:
-    - postgres:
-        size: 5Gi
-      redis:
-        size: 2Gi
-      volume:
-        accessMode: ReadWriteOnce
-        class: ''
-        size: 10Gi
-        type: Filesystem
-    properties:
-      postgres:
-        default:
-          size: 5Gi
-        properties:
-          size:
-            default: 5Gi
-            type: string
-        type: object
-      redis:
-        default:
-          size: 2Gi
-        properties:
-          size:
-            default: 2Gi
-            type: string
-        type: object
-      volume:
-        default:
-          accessMode: ReadWriteOnce
-          class: ''
-          size: 10Gi
-          type: Filesystem
-        properties:
-          accessMode:
-            default: ReadWriteOnce
-            enum:
-            - ReadWriteOnce
-            - ReadOnlyMany
-            - ReadWriteMany
-            type: string
-          class:
-            default: ''
-            type: string
-          size:
-            default: 10Gi
-            type: string
-          type:
-            default: Filesystem
-            type: string
-        type: object
-    type: object
  backups:
    default:
      enable: false
@@ -281,6 +117,56 @@ options:
        default: false
        type: boolean
    type: object
+  sub_domain:
+    default: files
+    examples:
+    - files
+    type: string
+  hpa:
+    default:
+      avg-cpu: 50
+      max-replicas: 5
+      min-replicas: 1
+    examples:
+    - avg-cpu: 50
+      max-replicas: 5
+      min-replicas: 1
+    properties:
+      avg-cpu:
+        default: 50
+        type: integer
+      max-replicas:
+        default: 5
+        type: integer
+      min-replicas:
+        default: 1
+        type: integer
+    type: object
+  domain_name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  admin:
+    default:
+      name: nextcloud_admin
+    examples:
+    - name: nextcloud_admin
+    properties:
+      name:
+        default: nextcloud_admin
+        type: string
+    type: object
+  postgres:
+    default:
+      replicas: 1
+    examples:
+    - replicas: 1
+    properties:
+      replicas:
+        default: 1
+        type: integer
+    type: object
  images:
    default:
      collabora:
@@ -536,6 +422,101 @@ options:
            type: string
        type: object
    type: object
+  apps:
+    default:
+      audioplayer: false
+      bookmarks: false
+      bpm: false
+      calendar: false
+      collabora: false
+      contacts: false
+      deck: false
+      groupfolders: true
+      mindmap: false
+      music: false
+      notes: false
+      onlyoffice: false
+      passman: false
+      spreed: false
+      tables: false
+      tasks: false
+      texteditor: true
+    examples:
+    - audioplayer: false
+      bookmarks: false
+      bpm: false
+      calendar: false
+      collabora: false
+      contacts: false
+      deck: false
+      groupfolders: true
+      mindmap: false
+      music: false
+      notes: false
+      onlyoffice: false
+      passman: false
+      spreed: false
+      tables: false
+      tasks: false
+      texteditor: true
+    properties:
+      audioplayer:
+        default: false
+        type: boolean
+      bookmarks:
+        default: false
+        type: boolean
+      bpm:
+        default: false
+        type: boolean
+      calendar:
+        default: false
+        type: boolean
+      collabora:
+        default: false
+        type: boolean
+      contacts:
+        default: false
+        type: boolean
+      deck:
+        default: false
+        type: boolean
+      groupfolders:
+        default: true
+        type: boolean
+      mindmap:
+        default: false
+        type: boolean
+      music:
+        default: false
+        type: boolean
+      notes:
+        default: false
+        type: boolean
+      onlyoffice:
+        default: false
+        type: boolean
+      passman:
+        default: false
+        type: boolean
+      spreed:
+        default: false
+        type: boolean
+      tables:
+        default: false
+        type: boolean
+      tasks:
+        default: false
+        type: boolean
+      texteditor:
+        default: true
+        type: boolean
+    type: object
+  ingress_class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
  redis:
    default:
      exporter:
@@ -553,66 +534,85 @@ options:
            type: boolean
        type: object
    type: object
-  admin:
-    default:
-      name: nextcloud_admin
-    examples:
-    - name: nextcloud_admin
-    properties:
-      name:
-        default: nextcloud_admin
-        type: string
-    type: object
-  app_group:
-    default: ''
-    examples:
-    - ''
-    type: string
-  domain_name:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
-  hpa:
-    default:
-      avg-cpu: 50
-      max-replicas: 5
-      min-replicas: 1
-    examples:
-    - avg-cpu: 50
-      max-replicas: 5
-      min-replicas: 1
-    properties:
-      avg-cpu:
-        default: 50
-        type: integer
-      max-replicas:
-        default: 5
-        type: integer
-      min-replicas:
-        default: 1
-        type: integer
-    type: object
-  ingress_class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
  domain:
    default: your-company
    examples:
    - your-company
    type: string
+  app_group:
+    default: ''
+    examples:
+    - ''
+    type: string
  openid-name:
    default: vynil
    examples:
    - vynil
    type: string
-  sub_domain:
-    default: files
+  storage:
+    default:
+      postgres:
+        size: 5Gi
+      redis:
+        size: 2Gi
+      volume:
+        accessMode: ReadWriteOnce
+        class: ''
+        size: 10Gi
+        type: Filesystem
+    description: Configure this app storage
    examples:
-    - files
-    type: string
+    - postgres:
+        size: 5Gi
+      redis:
+        size: 2Gi
+      volume:
+        accessMode: ReadWriteOnce
+        class: ''
+        size: 10Gi
+        type: Filesystem
+    properties:
+      postgres:
+        default:
+          size: 5Gi
+        properties:
+          size:
+            default: 5Gi
+            type: string
+        type: object
+      redis:
+        default:
+          size: 2Gi
+        properties:
+          size:
+            default: 2Gi
+            type: string
+        type: object
+      volume:
+        default:
+          accessMode: ReadWriteOnce
+          class: ''
+          size: 10Gi
+          type: Filesystem
+        properties:
+          accessMode:
+            default: ReadWriteOnce
+            enum:
+            - ReadWriteOnce
+            - ReadOnlyMany
+            - ReadWriteMany
+            type: string
+          class:
+            default: ''
+            type: string
+          size:
+            default: 10Gi
+            type: string
+          type:
+            default: Filesystem
+            type: string
+        type: object
+    type: object
 dependencies:
 - dist: null
  category: share
--- a/apps/nextcloud/middlewares.tf
+++ b/apps/nextcloud/middlewares.tf
@@ -1,6 +1,6 @@
 resource "kubectl_manifest" "redirectdav" {
  yaml_body  = <<-EOF
-apiVersion: traefik.containo.us/v1alpha1
+apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
  name: "${var.instance}-redirectdav"
@@ -16,7 +16,7 @@ spec:

 resource "kubectl_manifest" "redirectindex" {
  yaml_body  = <<-EOF
-apiVersion: traefik.containo.us/v1alpha1
+apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
  name: "${var.instance}-redirectindex"
@@ -32,7 +32,7 @@ spec:

 resource "kubectl_manifest" "sslenforce" {
  yaml_body  = <<-EOF
-apiVersion: traefik.containo.us/v1alpha1
+apiVersion: traefik.io/v1alpha1
 kind: Middleware
 metadata:
  name: "${var.instance}-sslenforce"
--- a/apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml
+++ b/apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml
@@ -1,4 +1,4 @@
-# Source: nextcloud/templates/metrics-servicemonitor.yaml
+# Source: nextcloud/templates/metrics/servicemonitor.yaml
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
@@ -6,7 +6,7 @@ metadata:
  namespace: "vynil-cloud"
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: metrics
--- a/apps/nextcloud/presentation.tf
+++ b/apps/nextcloud/presentation.tf
@@ -11,18 +11,6 @@ locals {
      "number" = 80
    }
  }
-  collabora-service = {
-    "name"  = "collabora-${var.instance}"
-    "port" = {
-      "number" = 80
-    }
-  }
-  onlyoffice-service = {
-    "name"  = "onlyoffice-${var.instance}"
-    "port" = {
-      "number" = 80
-    }
-  }
 }

 module "ingress" {
@@ -78,7 +66,6 @@ module "collabora-service" {
  namespace         = var.namespace
  labels            = local.collabora-labels
  targets           = ["http"]
-  ports             = [local.collabora-service.port.number]
  providers = {
    kubectl = kubectl
  }
@@ -95,7 +82,7 @@ module "collabora-ingress" {
  labels            = local.collabora-labels
  dns_names         = [local.dns-collabora]
  middlewares       = []
-  services          = [local.collabora-service]
+  services          = [module.collabora-service.default_definition]
  providers = {
    kubectl = kubectl
  }
@@ -109,7 +96,6 @@ module "onlyoffice-service" {
  namespace         = var.namespace
  labels            = local.onlyoffice-labels
  targets           = ["http"]
-  ports             = [local.onlyoffice-service.port.number]
  providers = {
    kubectl = kubectl
  }
@@ -126,7 +112,7 @@ module "onlyoffice-ingress" {
  labels            = local.onlyoffice-labels
  dns_names         = [local.dns-onlyoffice]
  middlewares       = []
-  services          = [local.onlyoffice-service]
+  services          = [module.onlyoffice-service.default_definition]
  providers = {
    kubectl = kubectl
  }
--- a/apps/nextcloud/rbac.authorization.k8s.io_v1_RoleBinding_nextcloud-privileged.yaml
+++ b/apps/nextcloud/rbac.authorization.k8s.io_v1_RoleBinding_nextcloud-privileged.yaml
@@ -9,6 +9,6 @@ roleRef:
  kind: Role
  name: nextcloud-privileged
 subjects:
- kind: ServiceAccount
-  name: nextcloud-serviceaccount
-  namespace: vynil-cloud
+  - kind: ServiceAccount
+    name: nextcloud-serviceaccount
+    namespace: vynil-cloud
--- a/apps/nextcloud/rbac.authorization.k8s.io_v1_Role_nextcloud-privileged.yaml
+++ b/apps/nextcloud/rbac.authorization.k8s.io_v1_Role_nextcloud-privileged.yaml
@@ -5,11 +5,11 @@ metadata:
  name: nextcloud-privileged
  namespace: vynil-cloud
 rules:
- apiGroups:
-  - extensions
-  resourceNames:
-  - privileged
-  resources:
-  - podsecuritypolicies
-  verbs:
-  - use
+  - apiGroups:
+      - extensions
+    resourceNames:
+      - privileged
+    resources:
+      - podsecuritypolicies
+    verbs:
+      - use
--- a/apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml
+++ b/apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml
@@ -5,7 +5,7 @@ metadata:
  name: nextcloud-config
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
 data:
--- a/apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml
+++ b/apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml
@@ -5,7 +5,7 @@ metadata:
  name: nextcloud-nginxconfig
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
 data:
@@ -53,6 +53,15 @@ data:
        # Remove X-Powered-By, which is an information leak
        fastcgi_hide_header X-Powered-By;

+        # Add .mjs as a file extension for javascript
+        # Either include it in the default mime.types list
+        # or include you can include that list explicitly and add the file extension
+        # only for Nextcloud like below:
+        include mime.types;
+        types {
+            text/javascript js mjs;
+        }        
+
        # Path to the root of your installation
        root /var/www/html;

--- a/apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml
+++ b/apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml
@@ -5,7 +5,7 @@ metadata:
  name: nextcloud-nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: app
--- a/apps/nextcloud/v1_Service_nextcloud-metrics.yaml
+++ b/apps/nextcloud/v1_Service_nextcloud-metrics.yaml
@@ -1,23 +1,23 @@
-# Source: nextcloud/templates/metrics-service.yaml
+# Source: nextcloud/templates/metrics/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
  name: nextcloud-metrics
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: metrics
-  annotations: 
+  annotations:
    prometheus.io/port: "9205"
    prometheus.io/scrape: "true"
 spec:
  type: ClusterIP
  ports:
-  - name: metrics
-    port: 9205
-    targetPort: metrics
+    - name: metrics
+      port: 9205
+      targetPort: metrics
  selector:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud
--- a/apps/nextcloud/v1_Service_nextcloud.yaml
+++ b/apps/nextcloud/v1_Service_nextcloud.yaml
@@ -5,17 +5,17 @@ metadata:
  name: nextcloud
  labels:
    app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-4.5.12
+    helm.sh/chart: nextcloud-4.6.2
    app.kubernetes.io/instance: nextcloud
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: app
 spec:
  type: ClusterIP
  ports:
-  - port: 80
-    targetPort: 80
-    protocol: TCP
-    name: http
+    - port: 80
+      targetPort: 80
+      protocol: TCP
+      name: http
  selector:
    app.kubernetes.io/name: nextcloud
    app.kubernetes.io/instance: nextcloud