From 94f7409cf3f9e803f8a50fbfa4a25d1267d49c84 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Huss?= <sebastien.huss@gmail.com>
Date: Fri, 28 Jul 2023 20:10:23 +0200
Subject: [PATCH] fix

---
 apps/nextcloud/collabora.tf  |   6 +-
 apps/nextcloud/configs.tf    |   6 +-
 apps/nextcloud/index.yaml    | 154 +++++++++++++++++------------------
 apps/nextcloud/onlyoffice.tf |   4 +-
 4 files changed, 86 insertions(+), 84 deletions(-)

diff --git a/apps/nextcloud/collabora.tf b/apps/nextcloud/collabora.tf
index 7e1ab4b..03353d3 100644
--- a/apps/nextcloud/collabora.tf
+++ b/apps/nextcloud/collabora.tf
@@ -67,7 +67,7 @@ resource "kubectl_manifest" "collabora_deploy" {
             - name: http
               containerPort: 9980
               protocol: TCP
-            securitycontext:
+            securityContext:
               allowPrivilegeEscalation: true
               privileged: true
               capabilities:
@@ -98,7 +98,7 @@ resource "kubectl_manifest" "collabora_svc" {
 }
 
 resource "kubectl_manifest" "collabora_certificate" {
-  count = var.apps.collabora ? 1 : 0
+  count = var.apps.collabora ? 0 : 0
   yaml_body  = <<-EOF
     apiVersion: "cert-manager.io/v1"
     kind: "Certificate"
@@ -117,7 +117,7 @@ resource "kubectl_manifest" "collabora_certificate" {
 }
 
 resource "kubectl_manifest" "collabora_ing" {
-  count = var.apps.collabora ? 1 : 0
+  count = var.apps.collabora ? 0 : 0
   yaml_body  = <<-EOF
     apiVersion: networking.k8s.io/v1
     kind: Ingress
diff --git a/apps/nextcloud/configs.tf b/apps/nextcloud/configs.tf
index b3e0ff1..b966949 100644
--- a/apps/nextcloud/configs.tf
+++ b/apps/nextcloud/configs.tf
@@ -16,6 +16,8 @@ locals {
           sh -c "$*"
       fi
   }
+  run_as ./occ  --no-warnings config:system:set trusted_domains 0 --value=nextcloud
+  run_as ./occ  --no-warnings config:system:set trusted_domains 1 --value="${local.dns-name}"
   run_as ./occ app:install user_oidc ||:
   run_as ./occ user_oidc:provider "$${OAUTH2_CONNECTOR_NAME}" --clientid="$${OAUTH2_CLIENT_ID}" \
     --clientsecret="$${OAUTH2_CLIENT_SECRET}" \
@@ -31,7 +33,7 @@ locals {
         var.apps.collabora?[
           "run_as ./occ app:install richdocuments ||:",
           "run_as ./occ app:enable richdocuments ||:",
-          "run_as ./occ config:app:set richdocuments wopi_url --value=\"https://collabora.${local.dns-name}/\"",
+          "run_as ./occ config:app:set richdocuments wopi_url --value=\"http://${var.instance}-collabora/\"",
           "run_as ./occ config:app:set richdocuments federation_use_trusted_domains --value=yes",
           "run_as ./occ richdocuments:activate-config ||:",
         ]:["run_as ./occ app:disable richdocuments ||:"],
@@ -39,7 +41,7 @@ locals {
           "run_as ./occ app:install onlyoffice ||:",
           "run_as ./occ app:enable onlyoffice ||:",
           "run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value=\"/ds-vpath/\"",
-          "run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value=\"http://$${INSTANCE}-onlyoffice/\"",
+          "run_as ./occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value=\"http://${var.instance}-onlyoffice/\"",
           "run_as ./occ --no-warnings config:system:set onlyoffice StorageUrl --value=\"http://nextcloud/\"",
           "run_as ./occ --no-warnings config:system:set onlyoffice jwt_secret --value=\"$${ONLYOFFICE_JWT_SECRET}\"",
         ]:["run_as ./occ app:disable onlyoffice ||:"],
diff --git a/apps/nextcloud/index.yaml b/apps/nextcloud/index.yaml
index 9e19f44..bc7a1dd 100644
--- a/apps/nextcloud/index.yaml
+++ b/apps/nextcloud/index.yaml
@@ -6,6 +6,35 @@ metadata:
   name: nextcloud
   description: null
 options:
+  storage:
+    default:
+      accessMode: ReadWriteOnce
+      size: 10Gi
+    examples:
+    - accessMode: ReadWriteOnce
+      size: 10Gi
+    properties:
+      accessMode:
+        default: ReadWriteOnce
+        enum:
+        - ReadWriteOnce
+        - ReadOnlyMany
+        - ReadWriteMany
+        type: string
+      size:
+        default: 10Gi
+        type: string
+    type: object
+  admin:
+    default:
+      name: nextcloud_admin
+    examples:
+    - name: nextcloud_admin
+    properties:
+      name:
+        default: nextcloud_admin
+        type: string
+    type: object
   apps:
     default:
       calendar: false
@@ -56,10 +85,35 @@ options:
         default: false
         type: boolean
     type: object
-  openid-name:
-    default: vynil
+  postgres:
+    default:
+      replicas: 1
+      storage: 5Gi
+      version: '14'
     examples:
-    - vynil
+    - replicas: 1
+      storage: 5Gi
+      version: '14'
+    properties:
+      replicas:
+        default: 1
+        type: integer
+      storage:
+        default: 5Gi
+        type: string
+      version:
+        default: '14'
+        type: string
+    type: object
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  domain:
+    default: your-company
+    examples:
+    - your-company
     type: string
   images:
     default:
@@ -224,75 +278,6 @@ options:
             type: string
         type: object
     type: object
-  postgres:
-    default:
-      replicas: 1
-      storage: 5Gi
-      version: '14'
-    examples:
-    - replicas: 1
-      storage: 5Gi
-      version: '14'
-    properties:
-      replicas:
-        default: 1
-        type: integer
-      storage:
-        default: 5Gi
-        type: string
-      version:
-        default: '14'
-        type: string
-    type: object
-  domain-name:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
-  admin:
-    default:
-      name: nextcloud_admin
-    examples:
-    - name: nextcloud_admin
-    properties:
-      name:
-        default: nextcloud_admin
-        type: string
-    type: object
-  sub-domain:
-    default: files
-    examples:
-    - files
-    type: string
-  storage:
-    default:
-      accessMode: ReadWriteOnce
-      size: 10Gi
-    examples:
-    - accessMode: ReadWriteOnce
-      size: 10Gi
-    properties:
-      accessMode:
-        default: ReadWriteOnce
-        enum:
-        - ReadWriteOnce
-        - ReadOnlyMany
-        - ReadWriteMany
-        type: string
-      size:
-        default: 10Gi
-        type: string
-    type: object
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
   hpa:
     default:
       avg-cpu: 50
@@ -313,6 +298,26 @@ options:
         default: 1
         type: integer
     type: object
+  sub-domain:
+    default: files
+    examples:
+    - files
+    type: string
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  openid-name:
+    default: vynil
+    examples:
+    - vynil
+    type: string
   redis:
     default:
       exporter:
@@ -346,11 +351,6 @@ options:
         default: 2Gi
         type: string
     type: object
-  ingress-class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
 dependencies: []
 providers:
   kubernetes: true
diff --git a/apps/nextcloud/onlyoffice.tf b/apps/nextcloud/onlyoffice.tf
index 0609026..bd71379 100644
--- a/apps/nextcloud/onlyoffice.tf
+++ b/apps/nextcloud/onlyoffice.tf
@@ -103,7 +103,7 @@ resource "kubectl_manifest" "onlyoffice_svc" {
 }
 
 resource "kubectl_manifest" "onlyoffice_certificate" {
-  count = var.apps.onlyoffice ? 1 : 0
+  count = var.apps.onlyoffice ? 0 : 0
   yaml_body  = <<-EOF
     apiVersion: "cert-manager.io/v1"
     kind: "Certificate"
@@ -122,7 +122,7 @@ resource "kubectl_manifest" "onlyoffice_certificate" {
 }
 
 resource "kubectl_manifest" "onlyoffice_ing" {
-  count = var.apps.onlyoffice ? 1 : 0
+  count = var.apps.onlyoffice ? 0 : 0
   yaml_body  = <<-EOF
     apiVersion: networking.k8s.io/v1
     kind: Ingress