remoll/k3s-infra
0
0
Fork 0
Code Issues 1 Pull Requests 4 Packages Projects Releases Wiki Activity

nearly functional nextcloud

Browse Source
This commit is contained in:
Remy Moll 2023-12-13 14:11:07 +01:00
parent a5f1a13b22
commit 12ece4852d
12 changed files with 83 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/homarr/values.yaml
View File

@ -30,6 +30,8 @@ persistence:
storageClassName: "nfs-client"
# -- homarr-config access mode
accessMode: "ReadWriteOnce"
persistentVolumeReclaimPolicy: Retain
# -- homarr-config storage size
size: "50Mi"
# -- homarr-config mount path inside the pod

5
apps/nextcloud/README.md Normal file
View File

@ -0,0 +1,5 @@
### Runninf `occ` commands:
```
su -s /bin/bash www-data -c "php occ user:list"
```

3
apps/nextcloud/ingress.yaml
View File

@ -1,7 +1,6 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
namespace: nextcloud
name: nextcloud-ingressroute
spec:
@ -14,4 +13,4 @@ spec:
- name: nextcloud
port: 8080
tls:
certResolver: default-tls
certResolver: default-tls

16
apps/nextcloud/kustomization.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- ingress.yaml
- pvc.yaml
- postgres.sealedsecret.yaml
namespace: nextcloud
helmCharts:
- name: nextcloud
releaseName: nextcloud
version: 4.5.5
valuesFile: values.yaml
repo: https://nextcloud.github.io/helm/

4
apps/nextcloud/namespace.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: placeholder

22
apps/nextcloud/postgres.sealedsecret.yaml Normal file
View File

@ -0,0 +1,22 @@
{
"kind": "SealedSecret",
"apiVersion": "bitnami.com/v1alpha1",
"metadata": {
"name": "postgres-password",
"namespace": "nextcloud-2",
"creationTimestamp": null
},
"spec": {
"template": {
"metadata": {
"name": "postgres-password",
"namespace": "nextcloud-2",
"creationTimestamp": null
}
},
"encryptedData": {
"password": "AgCTf42UpSAuA7lePywunYCtI/v1rh63mQSLRX50Lp2VdnFLU1XxmdHjDj38lJN1TCWZPzDlp+YX4vMeGNJJuxFIvytgJnaZCAQthD04U8/4oXVJMaMi6NkWtL0qmNVplbSFxtkWEBEyMkpWg9zy5lXJyOSGnYpoq1wT+GO9gHDIww+T68M6ellxIUcv6NBDI9ErjoFJuKI+z+wrtsInLlT8Fu1J5srSpuZm0ZYqu0m1Z5NilKyrnva1pcsfR7hDgKDbOL3vef3V0mLMRb1dUjsNqDNxgqCrmFB5MbOCOrs4ZrYQeayOzJXb1RFI5DifbE6ubCY5DkZSZmhugsshnkf/uBZ7ELF3q/HceuU+4BguietbvCY5ZK+/BfChAbiNlPcxnLeianGNCBZLi9RnnbGEr0hHG/uQ1tf5+opP1IfwDvnovj2KhcnhM29IB3BzRcIlTJTLL2cn2HG7CJ6JBSDO0x4si/xAzT7se5bxxl0aUIkE1SWKoITkXjwKviMxNlBgSUW07r1WWEAmV0CC8Fr9uNDc/rGP64ozyJOYkbTNQAtlcTC5vyoJokswpzSpFtrsn/Z8DUuY77l70ziZU0pYMHSZM/kGW7HtujTRtKQpcZOHlGb9OiBpMHPYdtE+1thqA5+xtFkhlJ74+K7yzgPnrYYzEiIJ9tzY8A8P5QzmlpjUEhg+TMXo+8t4gYcesLsdHTKyZJXPQHMb0c6TSVyC8woklg==",
"username": "AgALRb5YUhCTkoEn+rAf8/hBgYJws2Q6ri8qwsw2vR9NeI6upJqCW9v77a8MmPYDZxs+OaEVaAxAHwchGs0KDRcQJnP5jdsFUe2tYEVljDR/OZCebBxEDr5ixqUVmKR81NvJujx6E9KGVU/ALHFASknGdqGTBgkSnyGvehswCbp6UN56I2BoSUU6zwevVnUMH0DPIPqgZuGoqWQA4ubF5bKMkF83JA5DRT4V4K/q/iTLzJ18441vxi90/R+Olm6gd5963VPiI9VwCKbDPJFAIZ7zA7iH3oc/OaTUCmAQ4B4MfaAorOX1SwHXejFNy/Qm8STNsMDu+mIgyZyxYdjbQknEWvJqUPPQ/UhspYkytqSQsJKo65cyCBRos8ipJG16xju8eeO6h/Jt/1Xk+S2I+36fISs1w9mmXJNBYoAYBk8+BT1njqXnTFMy2+N2Gi8kmkGic/9psE/EWIJYcC9/JFDkG4j3/TTlQTGA384WPAdaowEJKIwDGLQqsTw82I8chd1GmGuARR23fGdMHaYukikcU8NEQulRM/UIOjqI0z4+x4X7HX5zDOt35thNV3YHudwm2MCOAHHae/nKSVk+12bBwCqPf0ymjPXaXibnFoevV+3sm2oy1URPZTMvClAngy5wWzzS6GTRlaU0b6vg+AD82h5Q6id70HLaGJ+SWrqlB4rTZ8hHDHfsuaF739KWM7vr7g=="
}
}
}

4
apps/nextcloud/pvc.yaml
View File

@ -1,13 +1,10 @@
apiVersion: v1
kind: PersistentVolume
metadata:
namespace: nextcloud
name: nextcloud-nfs
spec:
# storageClassName: fast
capacity:
storage: "150Gi"
# volumeMode: Filesystem
accessModes:
- ReadWriteOnce
nfs:
@ -17,7 +14,6 @@ spec:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: nextcloud
name: nextcloud-nfs
spec:
storageClassName: ""

145
apps/nextcloud/values.yaml
View File

@ -1,32 +1,13 @@
## Official nextcloud image version
## ref: https://hub.docker.com/r/library/nextcloud/tags/
##
image:
repository: nextcloud
tag: "27" # needs to be a string because of the template
pullPolicy: IfNotPresent
tag: "27"
nameOverride: ""
fullnameOverride: ""
podAnnotations: {}
deploymentAnnotations: {}
# Number of replicas to be deployed
replicaCount: 1
## Allowing use of ingress controllers
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
enabled: false
# Allow configuration of lifecycle hooks
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
lifecycle: {}
# postStartCommand: []
# preStopCommand: []
nextcloud:
host: nextcloud.kluster.moll.re
username: admin
@ -87,48 +68,9 @@ nextcloud:
# )
# );
## Strategy used to replace old pods
## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
strategy:
type: Recreate
# type: RollingUpdate
# rollingUpdate:
# maxSurge: 1
# maxUnavailable: 0
##
## Extra environment variables
extraEnv:
# - name: SOME_SECRET_ENV
# valueFrom:
# secretKeyRef:
# name: nextcloud
# key: secret_key
# Extra mounts for the pods. Example shown is for connecting a legacy NFS volume
# to NextCloud pods in Kubernetes. This can then be configured in External Storage
extraVolumes:
# - name: nfs
# nfs:
# server: "10.0.0.1"
# path: "/nextcloud_data"
# readOnly: false
extraVolumeMounts:
# - name: nfs
# mountPath: "/legacy_data"
# Extra secuurityContext parameters. For example you may need to define runAsNonRoot directive
# extraSecurityContext:
# runAsUser: "33"
# runAsGroup: "33"
# runAsNonRoot: true
# readOnlyRootFilesystem: true
nginx:
## You need to set an fpm version of the image for nextcloud if you want to use nginx!
enabled: false
resources: {}
internalDatabase:
enabled: true
@ -147,52 +89,38 @@ externalDatabase:
host: postgres-postgresql.postgres
## Database user
user: nextcloud
# user: nextcloud
## Database password
password: test
# ## Database password
# password: test
## Database name
database: nextcloud
## Use a existing secret
existingSecret:
enabled: false
# secretName: nameofsecret
# usernameKey: username
# passwordKey: password
enabled: true
secretName: postgres-password
usernameKey: username
passwordKey: password
##
## MariaDB chart configuration
##
mariadb:
## Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database set this to false and configure the externalDatabase parameters
enabled: false
postgresql:
enabled: false
##
## Redis chart configuration
## for more options see https://github.com/bitnami/charts/tree/master/bitnami/redis
##
redis:
enabled: false
auth:
enabled: true
password: 'changeme'
## Cronjob to execute Nextcloud background tasks
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#webcron
##
cronjob:
enabled: false
# Nexcl
service:
type: ClusterIP
port: 8080
loadBalancerIP: nil
nodePort: nil
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
@ -201,33 +129,14 @@ persistence:
# Nextcloud Data (/var/www/html)
enabled: true
annotations: {}
## nextcloud data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
existingClaim: nextcloud-nfs
accessMode: ReadWriteOnce
size: 150Gi
## Use an additional pvc for the data directory rather than a subpath of the default PVC
## Useful to store data on a different storageClass (e.g. on slower disks)
nextcloudData:
enabled: false
subPath:
annotations: {}
# storageClass: "-"
# existingClaim:
accessMode: ReadWriteOnce
size: 8Gi
resources:
# We usually recommend not to specify default resources and to leave this as a conscious
@ -241,31 +150,6 @@ resources:
cpu: 100m
memory: 128Mi
## Liveness and readiness probe values
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
enabled: true
initialDelaySeconds: 250
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 250
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
startupProbe:
enabled: false
initialDelaySeconds: 250
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 30
successThreshold: 1
## Enable pod autoscaling using HorizontalPodAutoscaler
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
@ -273,13 +157,6 @@ startupProbe:
hpa:
enabled: false
nodeSelector: {}
tolerations: []
affinity: {}
## Prometheus Exporter / Metrics
##
metrics:
@ -288,7 +165,3 @@ metrics:
rbac:
enabled: false
serviceaccount:
create: true
name: nextcloud-serviceaccount

2
apps/rss/pvc.yaml
View File

@ -3,10 +3,10 @@ apiVersion: v1
metadata:
name: rss-claim
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi

1
kluster-deployments/kustomization.yaml
View File

@ -27,3 +27,4 @@ resources:
- rss/
- adguard/
- media/
- nextcloud/

18
kluster-deployments/nextcloud/application.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: nextcloud-application
namespace: argocd
spec:
project: apps
source:
repoURL: ssh://git@git.kluster.moll.re:2222/remoll/k3s-infra.git
targetRevision: main
path: apps/nextcloud/
destination:
server: https://kubernetes.default.svc
namespace: nextcloud
syncPolicy:
automated:
prune: true
selfHeal: true

4
kluster-deployments/nextcloud/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- application.yaml