fix

apps/nextcloud/apps_v1_Deployment_nextcloud-metrics.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud-metrics
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/component: metrics

apps/nextcloud/apps_v1_Deployment_nextcloud.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/component: app
@@ -31,7 +31,7 @@ spec:
     spec:
       containers:
       - name: nextcloud
-        image: nextcloud:27.0.0-apache
+        image: nextcloud:27.0.1-apache
         imagePullPolicy: IfNotPresent
         env:        
         - name: POSTGRES_HOST

apps/nextcloud/autoscaling_v1_HorizontalPodAutoscaler_nextcloud.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/component: app

apps/nextcloud/configs.tf

@@ -28,6 +28,21 @@ locals {
         var.apps.groupfolders?["run_as ./occ app:install groupfolders ||:"]:[],
         var.apps.notes?["run_as ./occ app:install notes ||:"]:[],
         var.apps.tasks?["run_as ./occ app:install tasks ||:"]:[],
+        var.apps.collabora?[
+          "run_as ./occ app:install richdocuments ||:",
+          "run_as ./occ app:enable richdocuments ||:",
+          "run_as ./occ config:app:set richdocuments wopi_url --value=\"http://$${INSTANCE}-collabora/\"",
+          "run_as ./occ config:app:set richdocuments federation_use_trusted_domains --value=yes",
+          "run_as ./occ richdocuments:activate-config ||:",
+        ]:["run_as ./occ app:disable richdocuments ||:"],
+        var.apps.onlyoffice?[
+          "run_as ./occ app:install onlyoffice ||:",
+          "run_as ./occ app:enable onlyoffice ||:",
+          "run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value=\"/ds-vpath/\"",
+          "run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value=\"http://$${INSTANCE}-onlyoffice/\"",
+          "run_as ./occ --no-warnings config:system:set onlyoffice StorageUrl --value=\"http://nextcloud/\"",
+          "run_as ./occ --no-warnings config:system:set onlyoffice jwt_secret --value=\"$${ONLYOFFICE_JWT_SECRET}\"",
+        ]:["run_as ./occ app:disable onlyoffice ||:"],
         var.apps.spreed?["run_as ./occ app:install spreed ||:"]:[])
     data-config-init = {
       "autostart.sh" = join("\n", concat([local.script-head],local.script-apps))

apps/nextcloud/datas.tf

@@ -9,6 +9,9 @@ locals {
     "app.kubernetes.io/name" = var.component
     "app.kubernetes.io/instance" = var.instance
   }
+  nextcloud-labels = merge(local.common-labels, {
+    "app.kubernetes.io/component" = "nextcloud"
+  })
 }
 
 data "kubernetes_secret_v1" "authentik" {
@@ -27,7 +30,7 @@ data "kubernetes_ingress_v1" "authentik" {
 
 data "kustomization_overlay" "data" {
   namespace = var.namespace
-  common_labels = local.common-labels
+  common_labels = local.nextcloud-labels
   resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml"]
   images {
     name = "nextcloud"
@@ -95,6 +98,18 @@ data "kustomization_overlay" "data" {
                   secretKeyRef:
                     name: "${var.component}-${var.instance}-secret"
                     key: client-secret
+              - name: INSTANCE
+                value: "${var.instance}"
+              - name: ONLYOFFICE_JWT_SECRET
+                valueFrom:
+                  secretKeyRef:
+                    name: "${var.component}"
+                    key: onlyoffice-jwt-secret
+              - name: COLLABORA_PASSWORD
+                valueFrom:
+                  secretKeyRef:
+                    name: "${var.component}"
+                    key: collabora-password
 
               resources:
                 {}

apps/nextcloud/index.yaml

@@ -6,11 +6,101 @@ metadata:
   name: nextcloud
   description: null
 options:
+  hpa:
+    default:
+      avg-cpu: 50
+      max-replicas: 5
+      min-replicas: 1
+    examples:
+    - avg-cpu: 50
+      max-replicas: 5
+      min-replicas: 1
+    properties:
+      avg-cpu:
+        default: 50
+        type: integer
+      max-replicas:
+        default: 5
+        type: integer
+      min-replicas:
+        default: 1
+        type: integer
+    type: object
+  admin:
+    default:
+      name: nextcloud_admin
+    examples:
+    - name: nextcloud_admin
+    properties:
+      name:
+        default: nextcloud_admin
+        type: string
+    type: object
+  sub-domain:
+    default: files
+    examples:
+    - files
+    type: string
   domain:
     default: your-company
     examples:
     - your-company
     type: string
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  apps:
+    default:
+      calendar: false
+      collabora: false
+      contacts: false
+      deck: false
+      groupfolders: true
+      notes: false
+      onlyoffice: false
+      spreed: false
+      tasks: false
+    examples:
+    - calendar: false
+      collabora: false
+      contacts: false
+      deck: false
+      groupfolders: true
+      notes: false
+      onlyoffice: false
+      spreed: false
+      tasks: false
+    properties:
+      calendar:
+        default: false
+        type: boolean
+      collabora:
+        default: false
+        type: boolean
+      contacts:
+        default: false
+        type: boolean
+      deck:
+        default: false
+        type: boolean
+      groupfolders:
+        default: true
+        type: boolean
+      notes:
+        default: false
+        type: boolean
+      onlyoffice:
+        default: false
+        type: boolean
+      spreed:
+        default: false
+        type: boolean
+      tasks:
+        default: false
+        type: boolean
+    type: object
   redis:
     default:
       exporter:
@@ -44,8 +134,28 @@ options:
         default: 2Gi
         type: string
     type: object
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  openid-name:
+    default: vynil
+    examples:
+    - vynil
+    type: string
   images:
     default:
+      collabora:
+        pullPolicy: IfNotPresent
+        registry: docker.io
+        repository: collabora/code
+        tag: 23.05.2.2.1
       exporter:
         pullPolicy: IfNotPresent
         registry: docker.io
@@ -61,8 +171,18 @@ options:
         registry: docker.io
         repository: nginx
         tag: alpine
+      onlyoffice:
+        pullPolicy: IfNotPresent
+        registry: docker.io
+        repository: onlyoffice/documentserver
+        tag: 7.4.0.1
     examples:
-    - exporter:
+    - collabora:
+        pullPolicy: IfNotPresent
+        registry: docker.io
+        repository: collabora/code
+        tag: 23.05.2.2.1
+      exporter:
         pullPolicy: IfNotPresent
         registry: docker.io
         repository: xperimental/nextcloud-exporter
@@ -77,7 +197,32 @@ options:
         registry: docker.io
         repository: nginx
         tag: alpine
+      onlyoffice:
+        pullPolicy: IfNotPresent
+        registry: docker.io
+        repository: onlyoffice/documentserver
+        tag: 7.4.0.1
     properties:
+      collabora:
+        default:
+          pullPolicy: IfNotPresent
+          registry: docker.io
+          repository: collabora/code
+          tag: 23.05.2.2.1
+        properties:
+          pullPolicy:
+            default: IfNotPresent
+            type: string
+          registry:
+            default: docker.io
+            type: string
+          repository:
+            default: collabora/code
+            type: string
+          tag:
+            default: 23.05.2.2.1
+            type: string
+        type: object
       exporter:
         default:
           pullPolicy: IfNotPresent
@@ -146,6 +291,26 @@ options:
             default: alpine
             type: string
         type: object
+      onlyoffice:
+        default:
+          pullPolicy: IfNotPresent
+          registry: docker.io
+          repository: onlyoffice/documentserver
+          tag: 7.4.0.1
+        properties:
+          pullPolicy:
+            default: IfNotPresent
+            type: string
+          registry:
+            default: docker.io
+            type: string
+          repository:
+            default: onlyoffice/documentserver
+            type: string
+          tag:
+            default: 7.4.0.1
+            type: string
+        type: object
     type: object
   postgres:
     default:
@@ -167,41 +332,6 @@ options:
         default: '14'
         type: string
     type: object
-  sub-domain:
-    default: files
-    examples:
-    - files
-    type: string
-  admin:
-    default:
-      name: nextcloud_admin
-    examples:
-    - name: nextcloud_admin
-    properties:
-      name:
-        default: nextcloud_admin
-        type: string
-    type: object
-  ingress-class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  domain-name:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
-  openid-name:
-    default: vynil
-    examples:
-    - vynil
-    type: string
   storage:
     default:
       accessMode: ReadWriteOnce
@@ -221,66 +351,6 @@ options:
         default: 10Gi
         type: string
     type: object
-  hpa:
-    default:
-      avg-cpu: 50
-      max-replicas: 5
-      min-replicas: 1
-    examples:
-    - avg-cpu: 50
-      max-replicas: 5
-      min-replicas: 1
-    properties:
-      avg-cpu:
-        default: 50
-        type: integer
-      max-replicas:
-        default: 5
-        type: integer
-      min-replicas:
-        default: 1
-        type: integer
-    type: object
-  apps:
-    default:
-      calendar: false
-      contacts: false
-      deck: false
-      groupfolders: true
-      notes: false
-      spreed: false
-      tasks: false
-    examples:
-    - calendar: false
-      contacts: false
-      deck: false
-      groupfolders: true
-      notes: false
-      spreed: false
-      tasks: false
-    properties:
-      calendar:
-        default: false
-        type: boolean
-      contacts:
-        default: false
-        type: boolean
-      deck:
-        default: false
-        type: boolean
-      groupfolders:
-        default: true
-        type: boolean
-      notes:
-        default: false
-        type: boolean
-      spreed:
-        default: false
-        type: boolean
-      tasks:
-        default: false
-        type: boolean
-    type: object
 dependencies: []
 providers:
   kubernetes: true

apps/nextcloud/monitoring.coreos.com_v1_ServiceMonitor_nextcloud.yaml

@@ -6,7 +6,7 @@ metadata:
   namespace: "vynil-cloud"
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/component: metrics

apps/nextcloud/secret.tf

@@ -5,7 +5,7 @@ resource "kubectl_manifest" "prj_secret" {
     apiVersion: "secretgenerator.mittwald.de/v1alpha1"
     kind: "StringSecret"
     metadata:
-      name: "nextcloud"
+      name: "${var.component}"
       namespace: "${var.namespace}"
       labels: ${jsonencode(local.common-labels)}
     spec:
@@ -17,5 +17,9 @@ resource "kubectl_manifest" "prj_secret" {
         length: "32"
       - fieldName: "nextcloud-token"
         length: "32"
+      - fieldName: "collabora-password"
+        length: "32"
+      - fieldName: "onlyoffice-jwt-secret"
+        length: "64"
   EOF
 }

apps/nextcloud/v1_ConfigMap_nextcloud-config.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud-config
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
 data:

apps/nextcloud/v1_ConfigMap_nextcloud-nginxconfig.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud-nginxconfig
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
 data:

apps/nextcloud/v1_PersistentVolumeClaim_nextcloud-nextcloud.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud-nextcloud
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/component: app

apps/nextcloud/v1_Service_nextcloud-metrics.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud-metrics
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/component: metrics

apps/nextcloud/v1_Service_nextcloud.yaml

@@ -5,7 +5,7 @@ metadata:
   name: nextcloud
   labels:
     app.kubernetes.io/name: nextcloud
-    helm.sh/chart: nextcloud-3.5.19
+    helm.sh/chart: nextcloud-3.5.20
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
     app.kubernetes.io/component: app