vynil/domain
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2023-07-17 21:42:30 +02:00
parent 568210e097
commit 096cb363f1
6 changed files with 182 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
apps/nextcloud/apps_v1_Deployment_nextcloud.yaml
View File

@@ -12,7 +12,7 @@ metadata:
spec: spec:
replicas: 1 replicas: 1
strategy: strategy:
type: Recreate type: RollingUpdate
selector: selector:
matchLabels: matchLabels:
app.kubernetes.io/name: nextcloud app.kubernetes.io/name: nextcloud
@@ -26,7 +26,7 @@ spec:
app.kubernetes.io/component: app app.kubernetes.io/component: app
nextcloud-redis-client: "true" nextcloud-redis-client: "true"
annotations: annotations:
nextcloud-config-hash: a5aae02b1b8278a9c8a2dc143e82d3737fc295f62c34afd617207f37d1b2b438 nextcloud-config-hash: c9d560d7e6bc215ec96525af2d0fcee94cef91005ec939e0100dc0fa6999d4c4
php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
nginx-config-hash: 18dd8f905a93ed27f032e9ae68084222ed7e5926f7144cda17b979780f4da54b nginx-config-hash: 18dd8f905a93ed27f032e9ae68084222ed7e5926f7144cda17b979780f4da54b
spec: spec:
@@ -42,76 +42,12 @@ spec:
- name: POSTGRES_USER - name: POSTGRES_USER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: nextcloud-admin name: nextcloud-db
key: username key: username
- name: POSTGRES_PASSWORD - name: POSTGRES_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: nextcloud-admin name: nextcloud-db
key: password
- name: NEXTCLOUD_ADMIN_USER
valueFrom:
secretKeyRef:
name: nextcloud
key: nextcloud-username
- name: NEXTCLOUD_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: nextcloud
key: nextcloud-password
- name: NEXTCLOUD_TRUSTED_DOMAINS
value: nextcloud.kube.home
- name: NEXTCLOUD_DATA_DIR
value: "/var/www/html/data"
- name: REDIS_HOST
value: nextcloud-redis-master
- name: REDIS_HOST_PORT
value: "6379"
- name: REDIS_HOST_PASSWORD
value: changeme
resources:
{}
volumeMounts:
- name: nextcloud-main
mountPath: /var/www/
subPath: root
- name: nextcloud-main
mountPath: /var/www/html
subPath: html
- name: nextcloud-main
mountPath: /var/www/html/data
subPath: data
- name: nextcloud-main
mountPath: /var/www/html/config
subPath: config
- name: nextcloud-main
mountPath: /var/www/html/custom_apps
subPath: custom_apps
- name: nextcloud-main
mountPath: /var/www/tmp
subPath: tmp
- name: nextcloud-main
mountPath: /var/www/html/themes
subPath: themes
- name: nextcloud-cron
image: nextcloud:27.0.0-apache
imagePullPolicy: IfNotPresent
command:
- /cron.sh
env:
- name: POSTGRES_HOST
value:
- name: POSTGRES_DB
value: "nextcloud"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: nextcloud-admin
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: nextcloud-admin
key: password key: password
- name: NEXTCLOUD_ADMIN_USER - name: NEXTCLOUD_ADMIN_USER
valueFrom: valueFrom:
@@ -125,6 +61,8 @@ spec:
key: nextcloud-password key: nextcloud-password
- name: NEXTCLOUD_TRUSTED_DOMAINS - name: NEXTCLOUD_TRUSTED_DOMAINS
value: nextcloud.kube.home value: nextcloud.kube.home
- name: NEXTCLOUD_UPDATE
value: "1"
- name: NEXTCLOUD_DATA_DIR - name: NEXTCLOUD_DATA_DIR
value: "/var/www/html/data" value: "/var/www/html/data"
- name: REDIS_HOST - name: REDIS_HOST
@@ -157,6 +95,30 @@ spec:
- name: nextcloud-main - name: nextcloud-main
mountPath: /var/www/html/themes mountPath: /var/www/html/themes
subPath: themes subPath: themes
- name: nextcloud-config
mountPath: /var/www/html/config/locale.config.php
subPath: locale.config.php
- name: nextcloud-config
mountPath: /var/www/html/config/.htaccess
subPath: .htaccess
- name: nextcloud-config
mountPath: /var/www/html/config/apache-pretty-urls.config.php
subPath: apache-pretty-urls.config.php
- name: nextcloud-config
mountPath: /var/www/html/config/apcu.config.php
subPath: apcu.config.php
- name: nextcloud-config
mountPath: /var/www/html/config/apps.config.php
subPath: apps.config.php
- name: nextcloud-config
mountPath: /var/www/html/config/autoconfig.php
subPath: autoconfig.php
- name: nextcloud-config
mountPath: /var/www/html/config/redis.config.php
subPath: redis.config.php
- name: nextcloud-config
mountPath: /var/www/html/config/smtp.config.php
subPath: smtp.config.php
- name: nextcloud-nginx - name: nextcloud-nginx
image: "nginx:alpine" image: "nginx:alpine"
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
@@ -220,6 +182,9 @@ spec:
- name: nextcloud-main - name: nextcloud-main
persistentVolumeClaim: persistentVolumeClaim:
claimName: nextcloud-nextcloud claimName: nextcloud-nextcloud
- name: nextcloud-config
configMap:
name: nextcloud-config
- name: nextcloud-nginx-config - name: nextcloud-nginx-config
configMap: configMap:
name: nextcloud-nginxconfig name: nextcloud-nginxconfig

36
apps/nextcloud/datas.tf
View File

@@ -67,42 +67,6 @@ data "kustomization_overlay" "data" {
value: "" value: ""
resources: resources:
{} {}
- name: nextcloud-cron
image: "${var.images.nextcloud.registry}/${var.images.nextcloud.repository}:${var.images.nextcloud.tag}"
imagePullPolicy: "${var.images.nextcloud.pullPolicy}"
command:
- /cron.sh
env:
- name: POSTGRES_HOST
value: "${var.instance}-${var.component}"
- name: POSTGRES_DB
value: "${var.component}"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
- name: NEXTCLOUD_ADMIN_USER
valueFrom:
secretKeyRef:
name: nextcloud
key: nextcloud-username
- name: NEXTCLOUD_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: nextcloud
key: nextcloud-password
- name: NEXTCLOUD_TRUSTED_DOMAINS
value: nextcloud.kube.home
- name: REDIS_HOST
value: "${var.instance}-${var.component}-redis.${var.namespace}.svc"
- name: REDIS_HOST_PASSWORD
value: ""
resources:
{}
- name: nextcloud-nginx - name: nextcloud-nginx
image: "${var.images.nginx.registry}/${var.images.nginx.repository}:${var.images.nginx.tag}" image: "${var.images.nginx.registry}/${var.images.nginx.repository}:${var.images.nginx.tag}"
imagePullPolicy: "${var.images.nginx.pullPolicy}" imagePullPolicy: "${var.images.nginx.pullPolicy}"

42
apps/nextcloud/index.yaml
View File

@@ -6,15 +6,10 @@ metadata:
name: nextcloud name: nextcloud
description: null description: null
options: options:
domain: sub-domain:
default: your-company default: cloud
examples: examples:
- your-company - cloud
type: string
ingress-class:
default: traefik
examples:
- traefik
type: string type: string
hpa: hpa:
default: default:
@@ -139,15 +134,30 @@ options:
type: string type: string
type: object type: object
type: object type: object
ingress-class:
default: traefik
examples:
- traefik
type: string
admin:
default:
name: nextcloud_admin
examples:
- name: nextcloud_admin
properties:
name:
default: nextcloud_admin
type: string
type: object
domain-name: domain-name:
default: your_company.com default: your_company.com
examples: examples:
- your_company.com - your_company.com
type: string type: string
sub-domain: domain:
default: cloud default: your-company
examples: examples:
- cloud - your-company
type: string type: string
issuer: issuer:
default: letsencrypt-prod default: letsencrypt-prod
@@ -173,16 +183,6 @@ options:
default: 10Gi default: 10Gi
type: string type: string
type: object type: object
admin:
default:
name: nextcloud_admin
examples:
- name: nextcloud_admin
properties:
name:
default: nextcloud_admin
type: string
type: object
dependencies: [] dependencies: []
providers: providers:
kubernetes: true kubernetes: true

2
apps/nextcloud/ingress.tf
View File

@@ -1,7 +1,7 @@
locals { locals {
dns-name = "${var.sub-domain}.${var.domain-name}" dns-name = "${var.sub-domain}.${var.domain-name}"
dns-names = [local.dns-name] dns-names = [local.dns-name]
middlewares = ["${var.instance}-https"] middlewares = ["${var.instance}-https","${var.instance}-redirectregex"]
service = { service = {
"name" = "${var.component}" "name" = "${var.component}"
"port" = { "port" = {

15
apps/nextcloud/middlewares.tf Normal file
View File

@@ -0,0 +1,15 @@
resource "kubectl_manifest" "redirectregex" {
yaml_body = <<-EOF
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: "${var.instance}-redirectregex"
namespace: "${var.namespace}"
labels: ${jsonencode(local.common-labels)}
spec:
redirectRegex:
permanent: true
regex: "https://(.*)/.well-known/(card|cal)dav"
replacement: "https://${1}/remote.php/dav/"
EOF
}

112
apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml Normal file
View File

@@ -0,0 +1,112 @@
# Source: nextcloud/templates/config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: nextcloud-config
labels:
app.kubernetes.io/name: nextcloud
helm.sh/chart: nextcloud-3.5.19
app.kubernetes.io/instance: nextcloud
app.kubernetes.io/managed-by: Helm
data:
locale.config.php: |-
<?php
$CONFIG = array (
'default_language' => 'fr',
'default_locale' => 'fr_FR',
'default_phone_region' => 'FR',
'logdateformat' => 'F d, Y H:i:s',
);
.htaccess: |-
# line below if for Apache 2.4
<ifModule mod_authz_core.c>
Require all denied
</ifModule>
# line below if for Apache 2.2
<ifModule !mod_authz_core.c>
deny from all
</ifModule>
# section for Apache 2.2 and 2.4
<ifModule mod_autoindex.c>
IndexIgnore *
</ifModule>
redis.config.php: |-
<?php
if (getenv('REDIS_HOST')) {
$CONFIG = array (
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => getenv('REDIS_HOST'),
'port' => getenv('REDIS_HOST_PORT') ?: 6379,
'password' => getenv('REDIS_HOST_PASSWORD'),
),
);
}
apache-pretty-urls.config.php: |-
<?php
$CONFIG = array (
'htaccess.RewriteBase' => '/',
);
apcu.config.php: |-
<?php
$CONFIG = array (
'memcache.local' => '\OC\Memcache\APCu',
);
apps.config.php: |-
<?php
$CONFIG = array (
"apps_paths" => array (
0 => array (
"path" => OC::$SERVERROOT."/apps",
"url" => "/apps",
"writable" => false,
),
1 => array (
"path" => OC::$SERVERROOT."/custom_apps",
"url" => "/custom_apps",
"writable" => true,
),
),
);
autoconfig.php: |-
<?php
$autoconfig_enabled = false;
if (getenv('SQLITE_DATABASE')) {
$AUTOCONFIG["dbtype"] = "sqlite";
$AUTOCONFIG["dbname"] = getenv('SQLITE_DATABASE');
$autoconfig_enabled = true;
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
$AUTOCONFIG["dbtype"] = "mysql";
$AUTOCONFIG["dbname"] = getenv('MYSQL_DATABASE');
$AUTOCONFIG["dbuser"] = getenv('MYSQL_USER');
$AUTOCONFIG["dbpass"] = getenv('MYSQL_PASSWORD');
$AUTOCONFIG["dbhost"] = getenv('MYSQL_HOST');
$autoconfig_enabled = true;
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
$AUTOCONFIG["dbtype"] = "pgsql";
$AUTOCONFIG["dbname"] = getenv('POSTGRES_DB');
$AUTOCONFIG["dbuser"] = getenv('POSTGRES_USER');
$AUTOCONFIG["dbpass"] = getenv('POSTGRES_PASSWORD');
$AUTOCONFIG["dbhost"] = getenv('POSTGRES_HOST');
$autoconfig_enabled = true;
}
if ($autoconfig_enabled) {
$AUTOCONFIG["directory"] = getenv('NEXTCLOUD_DATA_DIR') ?: "/var/www/html/data";
}
smtp.config.php: |-
<?php
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
$CONFIG = array (
'mail_smtpmode' => 'smtp',
'mail_smtphost' => getenv('SMTP_HOST'),
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'),
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
'mail_smtppassword' => getenv('SMTP_PASSWORD') ?: '',
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
'mail_domain' => getenv('MAIL_DOMAIN'),
);
}