CSTF/wild-cloud
1
1
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity

Refactor Nextcloud configuration: update environment variable keys, enhance Ingress annotations, and add database initialization job with kustomization support.

Browse Source
This commit is contained in:
Paul Payne
2025-05-27 17:20:28 -07:00
parent ace1909477
commit 32d51b71ba
7 changed files with 63 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/nextcloud/cron.yaml
View File

@@ -11,14 +11,14 @@ spec:
spec: spec:
containers: containers:
- name: nextcloud - name: nextcloud
image: nextcloud:25.0.3-apache image: nextcloud:REPLACEME
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: NEXTCLOUD_URL - name: NEXTCLOUD_URL
valueFrom: valueFrom:
configMapKeyRef: configMapKeyRef:
name: config name: config
key: DOMAIN_URL key: NEXTCLOUD_DOMAIN_URL
command: command:
- /bin/sh - /bin/sh
- -c - -c

10
apps/nextcloud/deployment.yaml
View File

@@ -26,7 +26,7 @@ spec:
protocol: TCP protocol: TCP
envFrom: envFrom:
- secretRef: - secretRef:
name: nextcloud-secrets name: secrets
- configMapRef: - configMapRef:
name: config name: config
- secretRef: - secretRef:
@@ -41,28 +41,28 @@ spec:
- name: NEXTCLOUD_TRUSTED_DOMAINS - name: NEXTCLOUD_TRUSTED_DOMAINS
valueFrom: valueFrom:
configMapKeyRef: configMapKeyRef:
key: DOMAIN key: NEXTCLOUD_TRUSTED_DOMAINS
name: config name: config
- name: NEXTCLOUD_DATA_DIR - name: NEXTCLOUD_DATA_DIR
value: /mnt/data value: /mnt/data
- name: TRUSTED_PROXIES - name: TRUSTED_PROXIES
valueFrom: valueFrom:
configMapKeyRef: configMapKeyRef:
key: DOMAIN key: NEXTCLOUD_DOMAIN
name: config name: config
- name: APACHE_DISABLE_REWRITE_IP - name: APACHE_DISABLE_REWRITE_IP
value: "1" value: "1"
- name: OVERWRITEHOST - name: OVERWRITEHOST
valueFrom: valueFrom:
configMapKeyRef: configMapKeyRef:
key: DOMAIN key: NEXTCLOUD_DOMAIN
name: config name: config
- name: OVERWRITEPROTOCOL - name: OVERWRITEPROTOCOL
value: https value: https
- name: OVERWRITECLIURL - name: OVERWRITECLIURL
valueFrom: valueFrom:
configMapKeyRef: configMapKeyRef:
key: DOMAIN_URL key: NEXTCLOUD_DOMAIN_URL
name: config name: config
- name: OVERWRITEWEBROOT - name: OVERWRITEWEBROOT
value: "/" value: "/"

9
apps/nextcloud/headers.yaml
View File

@@ -14,12 +14,19 @@ spec:
apiVersion: traefik.containo.us/v1alpha1 apiVersion: traefik.containo.us/v1alpha1
kind: Middleware kind: Middleware
metadata: metadata:
name: nextcloud-redirects name: nextcloud-redirects-scheme
namespace: nextcloud namespace: nextcloud
spec: spec:
redirectScheme: redirectScheme:
permanent: true permanent: true
scheme: https scheme: https
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: nextcloud-redirects-regex
namespace: nextcloud
spec:
redirectRegex: redirectRegex:
regex: https://(.*)/.well-known/(card|cal)dav regex: https://(.*)/.well-known/(card|cal)dav
replacement: https://$1/remote.php/dav/ replacement: https://$1/remote.php/dav/

4
apps/nextcloud/ingress.yaml
View File

@@ -4,7 +4,9 @@ kind: Ingress
metadata: metadata:
name: nextcloud-public name: nextcloud-public
annotations: annotations:
traefik.ingress.kubernetes.io/router.middlewares: nextcloud-headers@kubernetescrd,nextcloud-redirects@kubernetescrd external-dns.alpha.kubernetes.io/target: your.nextcloud.domain
external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
traefik.ingress.kubernetes.io/router.middlewares: nextcloud-nextcloud-headers@kubernetescrd,nextcloud-nextcloud-redirects-scheme@kubernetescrd,nextcloud-nextcloud-redirects-regex@kubernetescrd
spec: spec:
rules: rules:
- host: your.nextcloud.domain - host: your.nextcloud.domain

7
apps/nextcloud/db-init-job.yaml → apps/nextcloud/init/db-init-job.yaml
View File

@@ -12,8 +12,8 @@ spec:
args: args:
- | - |
PGPASSWORD=${POSTGRES_ADMIN_PASSWORD} psql -h ${NEXTCLOUD_DB_HOST} -U postgres <<EOF PGPASSWORD=${POSTGRES_ADMIN_PASSWORD} psql -h ${NEXTCLOUD_DB_HOST} -U postgres <<EOF
CREATE DATABASE ${NEXTCLOUD_DB_NAME} WITH OWNER ${NEXTCLOUD_DB_USER};
CREATE USER ${NEXTCLOUD_DB_USER} WITH ENCRYPTED PASSWORD '${NEXTCLOUD_DB_PASSWORD}'; CREATE USER ${NEXTCLOUD_DB_USER} WITH ENCRYPTED PASSWORD '${NEXTCLOUD_DB_PASSWORD}';
CREATE DATABASE ${NEXTCLOUD_DB_NAME} WITH OWNER ${NEXTCLOUD_DB_USER};
GRANT ALL PRIVILEGES ON DATABASE ${NEXTCLOUD_DB_NAME} TO ${NEXTCLOUD_DB_USER}; GRANT ALL PRIVILEGES ON DATABASE ${NEXTCLOUD_DB_NAME} TO ${NEXTCLOUD_DB_USER};
EOF EOF
env: env:
@@ -22,6 +22,11 @@ spec:
secretKeyRef: secretKeyRef:
name: secrets name: secrets
key: POSTGRES_ADMIN_PASSWORD key: POSTGRES_ADMIN_PASSWORD
- name: NEXTCLOUD_DB_HOST
valueFrom:
configMapKeyRef:
name: config
key: NEXTCLOUD_DB_HOST
- name: NEXTCLOUD_DB_NAME - name: NEXTCLOUD_DB_NAME
valueFrom: valueFrom:
configMapKeyRef: configMapKeyRef:

13
apps/nextcloud/init/kustomization.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: nextcloud
resources:
- db-init-job.yaml
configMapGenerator:
- name: config
envs:
- ../config/config.env
secretGenerator:
- name: secrets
envs:
- ../config/secrets.env

27
apps/nextcloud/kustomization.yaml
View File

@@ -25,6 +25,16 @@ secretGenerator:
- config/secrets.env - config/secrets.env
replacements: replacements:
- source:
kind: ConfigMap
name: config
fieldPath: data.DOMAIN
targets:
- select:
kind: Ingress
name: nextcloud-public
fieldPaths:
- metadata.annotations.[external-dns.alpha.kubernetes.io/target]
- source: - source:
kind: ConfigMap kind: ConfigMap
name: config name: config
@@ -32,7 +42,7 @@ replacements:
targets: targets:
- select: - select:
kind: Ingress kind: Ingress
name: nextcloud-ingress name: nextcloud-public
fieldPaths: fieldPaths:
- spec.rules.0.host - spec.rules.0.host
- spec.tls.0.hosts.0 - spec.tls.0.hosts.0
@@ -56,3 +66,18 @@ replacements:
name: nextcloud-pvc name: nextcloud-pvc
fieldPaths: fieldPaths:
- spec.resources.requests.storage - spec.resources.requests.storage
- source:
kind: ConfigMap
name: config
fieldPath: data.NEXTCLOUD_IMAGE
targets:
- select:
kind: Deployment
name: nextcloud
fieldPaths:
- spec.template.spec.containers.0.image
- select:
kind: CronJob
name: nextcloud-cron
fieldPaths:
- spec.jobTemplate.spec.template.spec.containers.0.image