CSTF/wild-cloud
1
1
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects 1 Releases 1 Wiki Activity

Removes Nextcloud app.

Browse Source
This commit is contained in:
Paul Payne
2025-05-28 15:27:52 -07:00
parent 2b6af9f749
commit 88ea90dd73
13 changed files with 0 additions and 386 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/nextcloud/README.md
View File

@@ -1,6 +0,0 @@
# Nextcloud app
### Requires
- Postgres app
- Redis app

20
apps/nextcloud/config/example.env
View File

@@ -1,20 +0,0 @@
# Config
NEXTCLOUD_ADMIN_USER=admin
NEXTCLOUD_TRUSTED_DOMAINS=$DOMAIN
NEXTCLOUD_DOMAIN=nextcloud.$DOMAIN
NEXTCLOUD_STORAGE=5Gi
NEXTCLOUD_NFS_STORAGE=100Gi
PHP_MEMORY_LIMIT=4G
PHP_UPLOAD_LIMIT=1G
NEXTCLOUD_IMAGE=nextcloud:26
NEXTCLOUD_DB_TYPE=postgres
NEXTCLOUD_DB_HOST=postgres.postgres.svc.cluster.local
NEXTCLOUD_DB_USER=nextcloud
NEXTCLOUD_DB_NAME=nextcloud
POSTGRES_ADMIN_USER=$POSTGRES_USER
# Secrets
NEXTCLOUD_ADMIN_PASSWORD=
NEXTCLOUD_DB_PASSWORD=
POSTGRES_ADMIN_PASSWORD=$POSTGRES_PASSWORD

26
apps/nextcloud/cron.yaml
View File

@@ -1,26 +0,0 @@
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: nextcloud-cron
spec:
schedule: "*/5 * * * *"
jobTemplate:
spec:
template:
spec:
containers:
- name: nextcloud
image: nextcloud:REPLACEME
imagePullPolicy: IfNotPresent
env:
- name: NEXTCLOUD_URL
valueFrom:
configMapKeyRef:
name: config
key: NEXTCLOUD_DOMAIN_URL
command:
- /bin/sh
- -c
- "curl -s ${NEXTCLOUD_URL}/cron.php"
restartPolicy: OnFailure

87
apps/nextcloud/deployment.yaml
View File

@@ -1,87 +0,0 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nextcloud
spec:
replicas: 1
selector:
matchLabels:
app: nextcloud
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
app: nextcloud
spec:
containers:
- image: nextcloud:29.0.16-apache
name: nextcloud
ports:
- containerPort: 80
protocol: TCP
envFrom:
- secretRef:
name: secrets
- configMapRef:
name: config
- secretRef:
name: secrets
- configMapRef:
name: config
env:
- name: REDIS_HOST
value: redis.redis
- name: POSTGRES_HOST
value: postgres.postgres
- name: NEXTCLOUD_TRUSTED_DOMAINS
valueFrom:
configMapKeyRef:
key: NEXTCLOUD_TRUSTED_DOMAINS
name: config
- name: NEXTCLOUD_DATA_DIR
value: /mnt/data
- name: TRUSTED_PROXIES
valueFrom:
configMapKeyRef:
key: NEXTCLOUD_DOMAIN
name: config
- name: APACHE_DISABLE_REWRITE_IP
value: "1"
- name: OVERWRITEHOST
valueFrom:
configMapKeyRef:
key: NEXTCLOUD_DOMAIN
name: config
- name: OVERWRITEPROTOCOL
value: https
- name: OVERWRITECLIURL
valueFrom:
configMapKeyRef:
key: NEXTCLOUD_DOMAIN_URL
name: config
- name: OVERWRITEWEBROOT
value: "/"
- name: TZ
valueFrom:
configMapKeyRef:
key: TZ
name: config
volumeMounts:
- mountPath: /var/www/html
name: nextcloud-storage
readOnly: false
- mountPath: /mnt/data
name: nextcloud-storage-nfs
readOnly: false
volumes:
- name: nextcloud-storage
persistentVolumeClaim:
claimName: nextcloud-pvc
- name: nextcloud-storage-nfs
persistentVolumeClaim:
claimName: nextcloud-pvc-nfs

32
apps/nextcloud/headers.yaml
View File

@@ -1,32 +0,0 @@
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: nextcloud-headers
spec:
headers:
frameDeny: true
browserXssFilter: true
customResponseHeaders:
Strict-Transport-Security: "15552000"
X-Frame-Options: SAMEORIGIN
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: nextcloud-redirects-scheme
namespace: nextcloud
spec:
redirectScheme:
permanent: true
scheme: https
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: nextcloud-redirects-regex
namespace: nextcloud
spec:
redirectRegex:
regex: https://(.*)/.well-known/(card|cal)dav
replacement: https://$1/remote.php/dav/

25
apps/nextcloud/ingress.yaml
View File

@@ -1,25 +0,0 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nextcloud-public
annotations:
external-dns.alpha.kubernetes.io/target: your.nextcloud.domain
external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
traefik.ingress.kubernetes.io/router.middlewares: nextcloud-nextcloud-headers@kubernetescrd,nextcloud-nextcloud-redirects-scheme@kubernetescrd,nextcloud-nextcloud-redirects-regex@kubernetescrd
spec:
rules:
- host: your.nextcloud.domain
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nextcloud
port:
number: 80
tls:
- secretName: wildcard-internal-wild-cloud-tls
hosts:
- your.nextcloud.domain

45
apps/nextcloud/init/db-init-job.yaml
View File

@@ -1,45 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
name: nextcloud-db-init
spec:
template:
spec:
containers:
- name: db-init
image: postgres:15
command: ["/bin/bash", "-c"]
args:
- |
PGPASSWORD=${POSTGRES_ADMIN_PASSWORD} psql -h ${NEXTCLOUD_DB_HOST} -U postgres <<EOF
CREATE USER ${NEXTCLOUD_DB_USER} WITH ENCRYPTED PASSWORD '${NEXTCLOUD_DB_PASSWORD}';
CREATE DATABASE ${NEXTCLOUD_DB_NAME} WITH OWNER ${NEXTCLOUD_DB_USER};
GRANT ALL PRIVILEGES ON DATABASE ${NEXTCLOUD_DB_NAME} TO ${NEXTCLOUD_DB_USER};
EOF
env:
- name: POSTGRES_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: secrets
key: POSTGRES_ADMIN_PASSWORD
- name: NEXTCLOUD_DB_HOST
valueFrom:
configMapKeyRef:
name: config
key: NEXTCLOUD_DB_HOST
- name: NEXTCLOUD_DB_NAME
valueFrom:
configMapKeyRef:
name: config
key: NEXTCLOUD_DB_NAME
- name: NEXTCLOUD_DB_USER
valueFrom:
configMapKeyRef:
name: config
key: NEXTCLOUD_DB_USER
- name: NEXTCLOUD_DB_PASSWORD
valueFrom:
secretKeyRef:
name: secrets
key: NEXTCLOUD_DB_PASSWORD
restartPolicy: OnFailure

13
apps/nextcloud/init/kustomization.yaml
View File

@@ -1,13 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: nextcloud
resources:
- db-init-job.yaml
configMapGenerator:
- name: config
envs:
- ../config/config.env
secretGenerator:
- name: secrets
envs:
- ../config/secrets.env

83
apps/nextcloud/kustomization.yaml
View File

@@ -1,83 +0,0 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: nextcloud
labels:
- includeSelectors: true
pairs:
app: nextcloud
managedBy: kustomize
partOf: wild-cloud
resources:
- cron.yaml
- deployment.yaml
- headers.yaml
- ingress.yaml
- namespace.yaml
- pvc.yaml
- service.yaml
configMapGenerator:
- name: config
envs:
- config/config.env
secretGenerator:
- name: secrets
envs:
- config/secrets.env
replacements:
- source:
kind: ConfigMap
name: config
fieldPath: data.DOMAIN
targets:
- select:
kind: Ingress
name: nextcloud-public
fieldPaths:
- metadata.annotations.[external-dns.alpha.kubernetes.io/target]
- source:
kind: ConfigMap
name: config
fieldPath: data.NEXTCLOUD_DOMAIN
targets:
- select:
kind: Ingress
name: nextcloud-public
fieldPaths:
- spec.rules.0.host
- spec.tls.0.hosts.0
- source:
kind: ConfigMap
name: config
fieldPath: data.NEXTCLOUD_NFS_STORAGE
targets:
- select:
kind: PersistentVolumeClaim
name: nextcloud-pvc-nfs
fieldPaths:
- spec.resources.requests.storage
- source:
kind: ConfigMap
name: config
fieldPath: data.NEXTCLOUD_STORAGE
targets:
- select:
kind: PersistentVolumeClaim
name: nextcloud-pvc
fieldPaths:
- spec.resources.requests.storage
- source:
kind: ConfigMap
name: config
fieldPath: data.NEXTCLOUD_IMAGE
targets:
- select:
kind: Deployment
name: nextcloud
fieldPaths:
- spec.template.spec.containers.0.image
- select:
kind: CronJob
name: nextcloud-cron
fieldPaths:
- spec.jobTemplate.spec.template.spec.containers.0.image

8
apps/nextcloud/manifest.yaml
View File

@@ -1,8 +0,0 @@
name: nextcloud
install: true
description: Nextcloud is a suite of client-server software for creating and using file hosting services.
version: 1.0.0
icon: https://nextcloud.com/wp-content/uploads/2022/10/nextcloud-logo-blue-transparent.svg
requires:
- name: redis
- name: postgres

4
apps/nextcloud/namespace.yaml
View File

@@ -1,4 +0,0 @@
apiVersion: v1
kind: Namespace
metadata:
name: nextcloud

24
apps/nextcloud/pvc.yaml
View File

@@ -1,24 +0,0 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nextcloud-pvc
spec:
storageClassName: longhorn
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nextcloud-pvc-nfs
spec:
storageClassName: longhorn # Change this to nfs-client if using NFS
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Gi

13
apps/nextcloud/service.yaml
View File

@@ -1,13 +0,0 @@
---
apiVersion: v1
kind: Service
metadata:
name: nextcloud
namespace: nextcloud
labels:
app: nextcloud
spec:
ports:
- port: 80
selector:
app: nextcloud