1b57f76543
Deploys Nextcloud with an FPM-alpine image and Caddy sidecar for web serving. Integrates an external CloudNativePG cluster for PostgreSQL database. Utilizes an external Valkey instance for caching. Configures S3-compatible object storage for file data. Includes an initialization job to create admin and Valkey secrets. Sets up Ingress for external access with TLS via cert-manager.
49 lines
1.8 KiB
YAML
49 lines
1.8 KiB
YAML
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
annotations:
|
|
a8r.io/repository: ssh://git@git.tr1ceracop.de:222/gitea_admin/k8s-and-chill.git
|
|
argocd.argoproj.io/sync-options: Replace=true
|
|
name: nextcloud-secret-init
|
|
namespace: nextcloud
|
|
spec:
|
|
template:
|
|
spec:
|
|
containers:
|
|
- command:
|
|
- sh
|
|
- -c
|
|
- |
|
|
set -e
|
|
|
|
if ! kubectl get secret nextcloud-admin-secret -n ${NAMESPACE} >/dev/null 2>&1; then
|
|
PASSWORD=$(head -c 32 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9' | head -c 24)
|
|
kubectl create secret generic nextcloud-admin-secret \
|
|
-n ${NAMESPACE} \
|
|
--from-literal=nextcloud-username=admin \
|
|
--from-literal=nextcloud-password="${PASSWORD}"
|
|
echo "Created nextcloud-admin-secret"
|
|
else
|
|
echo "nextcloud-admin-secret already exists, skipping"
|
|
fi
|
|
|
|
if ! kubectl get secret nextcloud-valkey-password -n ${NAMESPACE} >/dev/null 2>&1; then
|
|
VALKEY_PASSWORD=$(head -c 32 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9' | head -c 24)
|
|
kubectl create secret generic nextcloud-valkey-password \
|
|
-n ${NAMESPACE} \
|
|
--from-literal=password="${VALKEY_PASSWORD}"
|
|
echo "Created nextcloud-valkey-password"
|
|
else
|
|
echo "nextcloud-valkey-password already exists, skipping"
|
|
fi
|
|
env:
|
|
- name: NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
image: alpine/k8s:1.32.3
|
|
name: init
|
|
restartPolicy: OnFailure
|
|
serviceAccountName: nextcloud-secret-init
|
|
ttlSecondsAfterFinished: 300
|