0d60c04e2d
Introduces a YAML anchor to define the Nextcloud host once, improving consistency. Applies the hostname anchor to ingress, probes, and Nextcloud's host setting. Adds `overwritehost` and `overwrite.cli.url` to Nextcloud's `config.php` for correct URL generation when behind a reverse proxy.
430 lines
15 KiB
YAML
430 lines
15 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
annotations:
|
|
a8r.io/repository: ssh://git@git.tr1ceracop.de:222/gitea_admin/k8s-and-chill.git
|
|
labels:
|
|
app.kubernetes.io/component: app
|
|
app.kubernetes.io/instance: nextcloud
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/name: nextcloud
|
|
app.kubernetes.io/version: 33.0.0
|
|
helm.sh/chart: nextcloud-9.0.4
|
|
name: nextcloud
|
|
namespace: nextcloud
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/component: app
|
|
app.kubernetes.io/instance: nextcloud
|
|
app.kubernetes.io/name: nextcloud
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 1
|
|
maxUnavailable: 0
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
hooks-hash: 47a89ca9deff73131884ece615e1cabb1f600fec60aa8f20244ae3c5bb58f948
|
|
nextcloud-config-hash: ec89ea6d9676ed525984771aab8f4536c9f4f62736b2c9898e883f5d0a7f90f8
|
|
php-config-hash: b638f66fd8d65de8364dbad6efc59a6524c7b2e2377b5623cf5e921e4d3d2400
|
|
labels:
|
|
app.kubernetes.io/component: app
|
|
app.kubernetes.io/instance: nextcloud
|
|
app.kubernetes.io/name: nextcloud
|
|
spec:
|
|
containers:
|
|
- env:
|
|
- name: POSTGRES_HOST
|
|
value: nextcloud-cnpg-rw.nextcloud.svc:5432
|
|
- name: POSTGRES_DB
|
|
value: nextcloud
|
|
- name: POSTGRES_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: username
|
|
name: nextcloud-cnpg-app
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: password
|
|
name: nextcloud-cnpg-app
|
|
- name: NEXTCLOUD_ADMIN_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: nextcloud-username
|
|
name: nextcloud-admin-secret
|
|
- name: NEXTCLOUD_ADMIN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: nextcloud-password
|
|
name: nextcloud-admin-secret
|
|
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
|
value: nextcloud.tr1ceracop.de
|
|
- name: OPENMETRICS_ALLOWED_CLIENTS
|
|
value: 127.0.0.1,10.42.0.0/16,10.43.0.0/16
|
|
- name: NEXTCLOUD_DATA_DIR
|
|
value: /var/www/html/data
|
|
- name: REDIS_HOST
|
|
value: nextcloud-valkey.nextcloud.svc
|
|
- name: REDIS_HOST_PORT
|
|
value: "6379"
|
|
- name: REDIS_HOST_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: password
|
|
name: nextcloud-valkey-password
|
|
- name: OBJECTSTORE_S3_SSL
|
|
value: "true"
|
|
- name: OBJECTSTORE_S3_USEPATH_STYLE
|
|
value: "true"
|
|
- name: OBJECTSTORE_S3_AUTOCREATE
|
|
value: "false"
|
|
- name: OBJECTSTORE_S3_REGION
|
|
value: nbg1
|
|
- name: OBJECTSTORE_S3_PORT
|
|
value: "443"
|
|
- name: OBJECTSTORE_S3_STORAGE_CLASS
|
|
value: STANDARD
|
|
- name: OBJECTSTORE_S3_HOST
|
|
value: nbg1.your-objectstorage.com
|
|
- name: OBJECTSTORE_S3_BUCKET
|
|
value: nextcloud-tr1ceracop
|
|
- name: OBJECTSTORE_S3_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: ACCESS_KEY_ID
|
|
name: nextcloud-s3-credentials
|
|
- name: OBJECTSTORE_S3_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SECRET_ACCESS_KEY
|
|
name: nextcloud-s3-credentials
|
|
- name: OBJECTSTORE_S3_SSE_C_KEY
|
|
value: ""
|
|
image: docker.io/library/nextcloud:33.0.0-fpm-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
httpHeaders:
|
|
- name: Host
|
|
value: nextcloud.tr1ceracop.de
|
|
path: /status.php
|
|
port: 80
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 5
|
|
name: nextcloud
|
|
ports:
|
|
- containerPort: 80
|
|
name: http
|
|
protocol: TCP
|
|
readinessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
httpHeaders:
|
|
- name: Host
|
|
value: nextcloud.tr1ceracop.de
|
|
path: /status.php
|
|
port: 80
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 5
|
|
resources:
|
|
limits:
|
|
memory: 512Mi
|
|
requests:
|
|
cpu: 200m
|
|
memory: 256Mi
|
|
volumeMounts:
|
|
- mountPath: /var/www/
|
|
name: nextcloud-main
|
|
subPath: root
|
|
- mountPath: /var/www/html
|
|
name: nextcloud-main
|
|
subPath: html
|
|
- mountPath: /var/www/html/data
|
|
name: nextcloud-main
|
|
subPath: data
|
|
- mountPath: /var/www/html/config
|
|
name: nextcloud-main
|
|
subPath: config
|
|
- mountPath: /var/www/html/custom_apps
|
|
name: nextcloud-main
|
|
subPath: custom_apps
|
|
- mountPath: /var/www/tmp
|
|
name: nextcloud-main
|
|
subPath: tmp
|
|
- mountPath: /var/www/html/themes
|
|
name: nextcloud-main
|
|
subPath: themes
|
|
- mountPath: /var/www/html/config/proxy.config.php
|
|
name: nextcloud-config
|
|
subPath: proxy.config.php
|
|
- mountPath: /var/www/html/config/.htaccess
|
|
name: nextcloud-config
|
|
subPath: .htaccess
|
|
- mountPath: /var/www/html/config/apache-pretty-urls.config.php
|
|
name: nextcloud-config
|
|
subPath: apache-pretty-urls.config.php
|
|
- mountPath: /var/www/html/config/apcu.config.php
|
|
name: nextcloud-config
|
|
subPath: apcu.config.php
|
|
- mountPath: /var/www/html/config/apps.config.php
|
|
name: nextcloud-config
|
|
subPath: apps.config.php
|
|
- mountPath: /var/www/html/config/autoconfig.php
|
|
name: nextcloud-config
|
|
subPath: autoconfig.php
|
|
- mountPath: /var/www/html/config/helm-metrics.config.php
|
|
name: nextcloud-config
|
|
subPath: helm-metrics.config.php
|
|
- mountPath: /var/www/html/config/redis.config.php
|
|
name: nextcloud-config
|
|
subPath: redis.config.php
|
|
- mountPath: /var/www/html/config/reverse-proxy.config.php
|
|
name: nextcloud-config
|
|
subPath: reverse-proxy.config.php
|
|
- mountPath: /var/www/html/config/s3.config.php
|
|
name: nextcloud-config
|
|
subPath: s3.config.php
|
|
- mountPath: /var/www/html/config/smtp.config.php
|
|
name: nextcloud-config
|
|
subPath: smtp.config.php
|
|
- mountPath: /var/www/html/config/swift.config.php
|
|
name: nextcloud-config
|
|
subPath: swift.config.php
|
|
- mountPath: /var/www/html/config/upgrade-disable-web.config.php
|
|
name: nextcloud-config
|
|
subPath: upgrade-disable-web.config.php
|
|
- mountPath: /usr/local/etc/php/conf.d/opcache.ini
|
|
name: nextcloud-phpconfig
|
|
subPath: opcache.ini
|
|
- mountPath: /usr/local/etc/php/conf.d/uploadLimit.ini
|
|
name: nextcloud-phpconfig
|
|
subPath: uploadLimit.ini
|
|
- mountPath: /docker-entrypoint-hooks.d/before-starting/helm.sh
|
|
name: nextcloud-hooks
|
|
readOnly: true
|
|
subPath: before-starting.sh
|
|
- command:
|
|
- /cron.sh
|
|
env:
|
|
- name: POSTGRES_HOST
|
|
value: nextcloud-cnpg-rw.nextcloud.svc:5432
|
|
- name: POSTGRES_DB
|
|
value: nextcloud
|
|
- name: POSTGRES_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: username
|
|
name: nextcloud-cnpg-app
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: password
|
|
name: nextcloud-cnpg-app
|
|
- name: NEXTCLOUD_ADMIN_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: nextcloud-username
|
|
name: nextcloud-admin-secret
|
|
- name: NEXTCLOUD_ADMIN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: nextcloud-password
|
|
name: nextcloud-admin-secret
|
|
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
|
value: nextcloud.tr1ceracop.de
|
|
- name: OPENMETRICS_ALLOWED_CLIENTS
|
|
value: 127.0.0.1,10.42.0.0/16,10.43.0.0/16
|
|
- name: NEXTCLOUD_DATA_DIR
|
|
value: /var/www/html/data
|
|
- name: REDIS_HOST
|
|
value: nextcloud-valkey.nextcloud.svc
|
|
- name: REDIS_HOST_PORT
|
|
value: "6379"
|
|
- name: REDIS_HOST_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: password
|
|
name: nextcloud-valkey-password
|
|
- name: OBJECTSTORE_S3_SSL
|
|
value: "true"
|
|
- name: OBJECTSTORE_S3_USEPATH_STYLE
|
|
value: "true"
|
|
- name: OBJECTSTORE_S3_AUTOCREATE
|
|
value: "false"
|
|
- name: OBJECTSTORE_S3_REGION
|
|
value: nbg1
|
|
- name: OBJECTSTORE_S3_PORT
|
|
value: "443"
|
|
- name: OBJECTSTORE_S3_STORAGE_CLASS
|
|
value: STANDARD
|
|
- name: OBJECTSTORE_S3_HOST
|
|
value: nbg1.your-objectstorage.com
|
|
- name: OBJECTSTORE_S3_BUCKET
|
|
value: nextcloud-tr1ceracop
|
|
- name: OBJECTSTORE_S3_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: ACCESS_KEY_ID
|
|
name: nextcloud-s3-credentials
|
|
- name: OBJECTSTORE_S3_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SECRET_ACCESS_KEY
|
|
name: nextcloud-s3-credentials
|
|
- name: OBJECTSTORE_S3_SSE_C_KEY
|
|
value: ""
|
|
image: docker.io/library/nextcloud:33.0.0-fpm-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
name: nextcloud-cron
|
|
resources: {}
|
|
volumeMounts:
|
|
- mountPath: /var/www/
|
|
name: nextcloud-main
|
|
subPath: root
|
|
- mountPath: /var/www/html
|
|
name: nextcloud-main
|
|
subPath: html
|
|
- mountPath: /var/www/html/data
|
|
name: nextcloud-main
|
|
subPath: data
|
|
- mountPath: /var/www/html/config
|
|
name: nextcloud-main
|
|
subPath: config
|
|
- mountPath: /var/www/html/custom_apps
|
|
name: nextcloud-main
|
|
subPath: custom_apps
|
|
- mountPath: /var/www/tmp
|
|
name: nextcloud-main
|
|
subPath: tmp
|
|
- mountPath: /var/www/html/themes
|
|
name: nextcloud-main
|
|
subPath: themes
|
|
- mountPath: /var/www/html/config/proxy.config.php
|
|
name: nextcloud-config
|
|
subPath: proxy.config.php
|
|
- mountPath: /var/www/html/config/.htaccess
|
|
name: nextcloud-config
|
|
subPath: .htaccess
|
|
- mountPath: /var/www/html/config/apache-pretty-urls.config.php
|
|
name: nextcloud-config
|
|
subPath: apache-pretty-urls.config.php
|
|
- mountPath: /var/www/html/config/apcu.config.php
|
|
name: nextcloud-config
|
|
subPath: apcu.config.php
|
|
- mountPath: /var/www/html/config/apps.config.php
|
|
name: nextcloud-config
|
|
subPath: apps.config.php
|
|
- mountPath: /var/www/html/config/autoconfig.php
|
|
name: nextcloud-config
|
|
subPath: autoconfig.php
|
|
- mountPath: /var/www/html/config/helm-metrics.config.php
|
|
name: nextcloud-config
|
|
subPath: helm-metrics.config.php
|
|
- mountPath: /var/www/html/config/redis.config.php
|
|
name: nextcloud-config
|
|
subPath: redis.config.php
|
|
- mountPath: /var/www/html/config/reverse-proxy.config.php
|
|
name: nextcloud-config
|
|
subPath: reverse-proxy.config.php
|
|
- mountPath: /var/www/html/config/s3.config.php
|
|
name: nextcloud-config
|
|
subPath: s3.config.php
|
|
- mountPath: /var/www/html/config/smtp.config.php
|
|
name: nextcloud-config
|
|
subPath: smtp.config.php
|
|
- mountPath: /var/www/html/config/swift.config.php
|
|
name: nextcloud-config
|
|
subPath: swift.config.php
|
|
- mountPath: /var/www/html/config/upgrade-disable-web.config.php
|
|
name: nextcloud-config
|
|
subPath: upgrade-disable-web.config.php
|
|
- mountPath: /usr/local/etc/php/conf.d/opcache.ini
|
|
name: nextcloud-phpconfig
|
|
subPath: opcache.ini
|
|
- mountPath: /usr/local/etc/php/conf.d/uploadLimit.ini
|
|
name: nextcloud-phpconfig
|
|
subPath: uploadLimit.ini
|
|
- image: caddy:2-alpine
|
|
livenessProbe:
|
|
httpGet:
|
|
httpHeaders:
|
|
- name: Host
|
|
value: nextcloud.tr1ceracop.de
|
|
path: /status.php
|
|
port: 80
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 15
|
|
timeoutSeconds: 5
|
|
name: caddy
|
|
ports:
|
|
- containerPort: 80
|
|
name: http
|
|
protocol: TCP
|
|
readinessProbe:
|
|
httpGet:
|
|
httpHeaders:
|
|
- name: Host
|
|
value: nextcloud.tr1ceracop.de
|
|
path: /status.php
|
|
port: 80
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 15
|
|
timeoutSeconds: 5
|
|
resources:
|
|
limits:
|
|
memory: 64Mi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 32Mi
|
|
volumeMounts:
|
|
- mountPath: /var/www/
|
|
name: nextcloud-main
|
|
subPath: root
|
|
- mountPath: /var/www/html
|
|
name: nextcloud-main
|
|
subPath: html
|
|
- mountPath: /var/www/html/data
|
|
name: nextcloud-main
|
|
subPath: data
|
|
- mountPath: /var/www/html/config
|
|
name: nextcloud-main
|
|
subPath: config
|
|
- mountPath: /var/www/html/custom_apps
|
|
name: nextcloud-main
|
|
subPath: custom_apps
|
|
- mountPath: /var/www/tmp
|
|
name: nextcloud-main
|
|
subPath: tmp
|
|
- mountPath: /var/www/html/themes
|
|
name: nextcloud-main
|
|
subPath: themes
|
|
- mountPath: /etc/caddy
|
|
name: caddy-config
|
|
securityContext:
|
|
fsGroup: 33
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: nextcloud-main
|
|
- configMap:
|
|
name: nextcloud-config
|
|
name: nextcloud-config
|
|
- configMap:
|
|
name: nextcloud-phpconfig
|
|
name: nextcloud-phpconfig
|
|
- configMap:
|
|
defaultMode: 493
|
|
name: nextcloud-hooks
|
|
name: nextcloud-hooks
|
|
- configMap:
|
|
name: nextcloud-caddy-config
|
|
name: caddy-config
|