168 lines
5.5 KiB
YAML
168 lines
5.5 KiB
YAML
nextcloud_enabled: true
|
|
nextcloud_publish: false
|
|
nextcloud_use_external_db: true
|
|
nextcloud_default_values:
|
|
image:
|
|
repository: nextcloud
|
|
tag: 19.0-apache
|
|
pullPolicy: Always
|
|
replicaCount: 1
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
cert-manager.io/acme-dns01-provider: "rfc2136"
|
|
cert-manager.io/acme-challenge-type: "dns01"
|
|
kubernetes.io/ingress.class: "{{ external_ingress_class if nextcloud_publish else internal_ingress_class }}"
|
|
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
|
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
|
|
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
|
|
kubernetes.io/tls-acme: "true"
|
|
nginx.ingress.kubernetes.io/server-snippet: |-
|
|
server_tokens off;
|
|
proxy_hide_header X-Powered-By;
|
|
|
|
rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
|
|
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
|
|
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
|
|
location = /.well-known/carddav {
|
|
return 301 $scheme://$host/remote.php/dav;
|
|
}
|
|
location = /.well-known/caldav {
|
|
return 301 $scheme://$host/remote.php/dav;
|
|
}
|
|
location = /robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
|
deny all;
|
|
}
|
|
location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
|
|
deny all;
|
|
}
|
|
tls:
|
|
- secretName: "nextcloud.{{ domain }}-tls"
|
|
hosts:
|
|
- "nextcloud.{{ domain }}"
|
|
nextcloud:
|
|
host: "nextcloud.{{ domain }}"
|
|
username: admin
|
|
password: "{{ nextcloud_pass | default(nextcloud_password) }}"
|
|
update: 0
|
|
datadir: /var/www/html/data
|
|
tableprefix:
|
|
mail:
|
|
enabled: true
|
|
fromAddress: nextcloud
|
|
domain: "{{ mail_domain | default(domain) }}"
|
|
smtp:
|
|
host: "mail.{{ mail_domain | default(domain) }}"
|
|
secure: ssl
|
|
port: 465
|
|
authtype: LOGIN
|
|
name: "{{ nexcloud_mail_user | default('nextcloud') }}"
|
|
password: "{{ nextcloud_mail_pass | default(nextcloud_mail_password) }}"
|
|
# PHP Configuration files
|
|
# Will be injected in /usr/local/etc/php/conf.d
|
|
phpConfigs: {}
|
|
# Default config files
|
|
# IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself
|
|
# Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/16.0/apache/config
|
|
defaultConfigs:
|
|
# To protect /var/www/html/config
|
|
.htaccess: true
|
|
# Redis default configuration
|
|
redis.config.php: true
|
|
# Apache configuration for rewrite urls
|
|
apache-pretty-urls.config.php: true
|
|
# Define APCu as local cache
|
|
apcu.config.php: true
|
|
# Apps directory configs
|
|
apps.config.php: true
|
|
# Used for auto configure database
|
|
autoconfig.php: true
|
|
# SMTP default configuration
|
|
smtp.config.php: true
|
|
# Extra config files created in /var/www/html/config/
|
|
# ref: https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
|
|
configs:
|
|
mail.fix.config.php: |-
|
|
<?php
|
|
$CONFIG = array (
|
|
"mail_smtptimeout" => 60,
|
|
);
|
|
fix.config.php: |-
|
|
<?php
|
|
$CONFIG = array (
|
|
'trusted_proxies' => ['{{ web_proxy_internal_ip }}'],
|
|
'overwriteprotocol' => 'https',
|
|
'overwrite.cli.url' => 'https://nextcloud.{{ domain }}',
|
|
'mail_smtpstreamoptions' =>
|
|
array (
|
|
'ssl' =>
|
|
array (
|
|
'allow_self_signed' => true,
|
|
'verify_peer' => false,
|
|
'verify_peer_name' => false,
|
|
),
|
|
),
|
|
);
|
|
strategy:
|
|
type: RollingUpdate
|
|
internalDatabase:
|
|
enabled: false
|
|
name: nextcloud
|
|
# Disable Mariadb setup
|
|
mariadb:
|
|
enabled: false
|
|
# Enable Redis
|
|
redis:
|
|
enabled: true
|
|
usePassword: false
|
|
cluster:
|
|
enabled: false
|
|
## External database configuration
|
|
externalDatabase:
|
|
enabled: true
|
|
## Supported database engines: mysql or postgresql
|
|
type: postgresql
|
|
## Database host
|
|
host: "{{ namespace }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local"
|
|
## Database name
|
|
database: nextcloud
|
|
user: "{{ nextcloud_db_username }}"
|
|
password: "{{ nextcloud_db_password }}"
|
|
|
|
## Cronjob to execute Nextcloud background tasks
|
|
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron-jobs
|
|
##
|
|
cronjob:
|
|
enabled: true
|
|
# Nexcloud image is used as default but only curl is needed
|
|
image:
|
|
repository: nextcloud
|
|
tag: 19.0-apache
|
|
schedule: "*/5 * * * *"
|
|
annotations: {}
|
|
# Set curl's insecure option if you use e.g. self-signed certificates
|
|
curlInsecure: false
|
|
failedJobsHistoryLimit: 1
|
|
successfulJobsHistoryLimit: 1
|
|
service:
|
|
type: ClusterIP
|
|
port: 8080
|
|
loadBalancerIP: nil
|
|
persistence:
|
|
# Nextcloud Data (/var/www/html)
|
|
enabled: true
|
|
storageClass: "{{ gitea_storage | default('nfs-ssd') }}"
|
|
accessMode: "{{ gitea_storage_mode | default('ReadWriteMany') }}"
|
|
size: "{{ gitea_size | default('20Gi') }}"
|
|
livenessProbe:
|
|
enabled: false
|
|
readinessProbe:
|
|
enabled: false
|
|
|