fix

apps/nextcloud/datas.tf

@@ -1,4 +1,5 @@
 locals {
+  dns-name = "${var.sub-domain}.${var.domain-name}"
   common-labels = {
     "vynil.solidite.fr/owner-name" = var.instance
     "vynil.solidite.fr/owner-namespace" = var.namespace
@@ -49,18 +50,8 @@ data "kustomization_overlay" "data" {
                 valueFrom:
                   secretKeyRef:
                     name: "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
-              - name: NEXTCLOUD_ADMIN_USER
-                valueFrom:
-                  secretKeyRef:
-                    name: nextcloud
-                    key: nextcloud-username
-              - name: NEXTCLOUD_ADMIN_PASSWORD
-                valueFrom:
-                  secretKeyRef:
-                    name: nextcloud
-                    key: nextcloud-password
               - name: NEXTCLOUD_TRUSTED_DOMAINS
-                value: nextcloud.kube.home
+                value: "${local.dns-name}"
               - name: REDIS_HOST
                 value: "${var.instance}-${var.component}-redis.${var.namespace}.svc"
               - name: REDIS_HOST_PASSWORD
@@ -72,6 +63,16 @@ data "kustomization_overlay" "data" {
               imagePullPolicy: "${var.images.nginx.pullPolicy}"
               resources:
                 {}
+              readinessProbe:
+                httpGet:
+                  httpHeaders:
+                  - name: Host
+                    value: "${local.dns-name}"
+              livenessProbe:
+                httpGet:
+                  httpHeaders:
+                  - name: Host
+                    value: "${local.dns-name}"
     EOF
   }
   patches {
@@ -92,28 +93,10 @@ data "kustomization_overlay" "data" {
               image: "${var.images.exporter.registry}/${var.images.exporter.repository}:${var.images.exporter.tag}"
               imagePullPolicy: "${var.images.exporter.pullPolicy}"
               env:
-              - name: NEXTCLOUD_USERNAME
-                valueFrom:
-                  secretKeyRef:
-                    name: nextcloud
-                    key: nextcloud-username
-              - name: NEXTCLOUD_PASSWORD
-                valueFrom:
-                  secretKeyRef:
-                    name: nextcloud
-                    key: nextcloud-password
               - name: NEXTCLOUD_SERVER
                 value: "https://${local.dns-name}"
-              - name: NEXTCLOUD_TIMEOUT
-                value: 5s
               - name: NEXTCLOUD_TLS_SKIP_VERIFY
-                value: "false"
+                value: "${var.issuer=="letsencrypt-prod"?"false":"true"}"
-              ports:
-              - name: metrics
-                containerPort: 9205
-              securityContext:
-                runAsUser: 1000
-                runAsNonRoot: true
     EOF
   }
   patches {
@@ -126,6 +109,8 @@ data "kustomization_overlay" "data" {
       apiVersion: v1
       metadata:
         name: nextcloud-nextcloud
+        annotations:
+          k8up.io/backup: "true"
       spec:
         accessModes:
           - "${var.storage.accessMode}"

apps/nextcloud/index.yaml

@@ -11,26 +11,55 @@ options:
     examples:
     - cloud
     type: string
-  hpa:
+  admin:
     default:
-      avg-cpu: 50
+      name: nextcloud_admin
-      max-replicas: 5
-      min-replicas: 1
     examples:
-    - avg-cpu: 50
+    - name: nextcloud_admin
-      max-replicas: 5
-      min-replicas: 1
     properties:
-      avg-cpu:
+      name:
-        default: 50
+        default: nextcloud_admin
-        type: integer
+        type: string
-      max-replicas:
-        default: 5
-        type: integer
-      min-replicas:
-        default: 1
-        type: integer
     type: object
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  storage:
+    default:
+      accessMode: ReadWriteOnce
+      size: 10Gi
+    examples:
+    - accessMode: ReadWriteOnce
+      size: 10Gi
+    properties:
+      accessMode:
+        default: ReadWriteOnce
+        enum:
+        - ReadWriteOnce
+        - ReadOnlyMany
+        - ReadWriteMany
+        type: string
+      size:
+        default: 10Gi
+        type: string
+    type: object
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
   images:
     default:
       exporter:
@@ -134,60 +163,31 @@ options:
             type: string
         type: object
     type: object
-  ingress-class:
+  hpa:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  admin:
     default:
-      name: nextcloud_admin
+      avg-cpu: 50
+      max-replicas: 5
+      min-replicas: 1
     examples:
-    - name: nextcloud_admin
+    - avg-cpu: 50
+      max-replicas: 5
+      min-replicas: 1
     properties:
-      name:
+      avg-cpu:
-        default: nextcloud_admin
+        default: 50
-        type: string
+        type: integer
-    type: object
+      max-replicas:
-  domain-name:
+        default: 5
-    default: your_company.com
+        type: integer
-    examples:
+      min-replicas:
-    - your_company.com
+        default: 1
-    type: string
+        type: integer
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
-  storage:
-    default:
-      accessMode: ReadWriteOnce
-      size: 10Gi
-    examples:
-    - accessMode: ReadWriteOnce
-      size: 10Gi
-    properties:
-      accessMode:
-        default: ReadWriteOnce
-        enum:
-        - ReadWriteOnce
-        - ReadOnlyMany
-        - ReadWriteMany
-        type: string
-      size:
-        default: 10Gi
-        type: string
     type: object
 dependencies: []
 providers:
   kubernetes: true
   authentik: true
-  kubectl: null
+  kubectl: true
   postgresql: null
   restapi: null
   http: null

apps/nextcloud/ingress.tf

@@ -1,5 +1,4 @@
 locals {
-    dns-name = "${var.sub-domain}.${var.domain-name}"
     dns-names = [local.dns-name]
     middlewares = ["${var.instance}-https","${var.instance}-redirectregex"]
     service = {

apps/nextcloud/middlewares.tf

@@ -10,6 +10,6 @@ spec:
   redirectRegex:
     permanent: true
     regex: "https://(.*)/.well-known/(card|cal)dav"
-    replacement: "https://${1}/remote.php/dav/"
+    replacement: "https://$${1}/remote.php/dav/"
   EOF
 }