k8s-manifests/customers/base/nextcloud-deployment.yml

kind: StatefulSet
apiVersion: apps/v1
metadata:
  name: customer-node
  labels:
    app: customer-node
spec:
  replicas: 1
  selector:
    matchLabels:
      app: customer-node
  updateStrategy:
    type: RollingUpdate
  volumeClaimTemplates:
    - metadata:
        name: nextcloud-data
      spec:
        storageClassName: mayastor-3
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 1Gi
  template:
    metadata:
      labels:
        app: customer-node
    spec:
      restartPolicy: Always
      securityContext:
        privileged: false
        runAsNonRoot: true
        allowPrivilegeEscalation: false
        runAsUser: 33
        runAsGroup: 33
        fsGroup: 4
      containers:
        - name: customer
          image: docker.sunet.se/drive/nextcloud-custom:25.0.3.3-4
          volumeMounts:
            - name: nextcloud-data
              mountPath: /var/www/html/config
              subPath: config
            - name: default-config
              mountPath: /etc/apache2/sites-enabled/000-default.conf
              subPath: 000-default.conf
            - name: apache2-config
              mountPath: /etc/apache2/apache2.conf
              subPath: apache2.conf
            - name: envars
              mountPath: /etc/apache2/envars
              subPath: envars
            - name: ports-config
              mountPath: /etc/apache2/ports.conf
              subPath: ports.conf
          resources:
            limits:
              cpu: 1500m
              memory: 2048Mi
            requests:
              cpu: 500m
              memory: 256Mi
          readinessProbe:
            tcpSocket:
              port: 8080
            initialDelaySeconds: 180
            periodSeconds: 60
          livenessProbe:
            tcpSocket:
              port: 8080
            initialDelaySeconds: 300
            periodSeconds: 180
          ports:
            - containerPort: 8080
              name: nextcloud-http
          command: ["apachectl"]
          args: ["-D", "FOREGROUND"]
            #command: ["/bin/sh","-c", "apachectl -D FOREGROUND; tail -f /dev/null"]
      initContainers:
        - image: docker.sunet.se/sunet/docker-jinja:latest
          name: init-config
          volumeMounts:
            - name: nextcloud-config-template
              mountPath: /tmp/config.php.template
              subPath: config.php
            - name: nextcloud-data
              mountPath: /var/www/html/config
              subPath: config
          env:
            - name: GSS_MASTER_URL
              value: "https://drive.test.sunet.se"
            - name: GSS_JWT_KEY
              valueFrom:
                secretKeyRef:
                  name: gss-secret
                  key: "jwt_key"
            - name: LOOKUP_SERVER
              value: "https://lookup.drive.test.sunet.se"
            - name: MAIL_DOMAIN
              value: "drive.test.sunet.se"
            - name: MAIL_FROM_ADDRESS
              value: "noreply"
            - name: MAIL_SMTPHOST
              value: "smtp.sunet.se"
            - name: MAIL_SMTPNAME
              value: "noreply@drive.test.sunet.se"
            - name: MAIL_SMTPPASSWORD
              valueFrom:
                secretKeyRef:
                  name: mail-secret
                  key: "smtp_password"
            - name: MYSQL_DATABASE
              value: "customer_nextcloud"
            - name: MYSQL_USER
              value: "customer_nextcloud"
            - name: MYSQL_HOST
              value: "proxysql.proxysql"
            - name: MYSQL_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: db-secret
                  key: "db_password"
            - name: MYSQL_PORT
              value: "6033"
            - name: NEXTCLOUD_TRUSTED_DOMAINS
              value: "customer.drive.test.sunet.se"
            - name: NEXTCLOUD_ADMIN_USER
              value: admin
            - name: NEXTCLOUD_VERSION_STRING
              value: "25.0.3.3"
            - name: NEXTCLOUD_ADMIN_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: nc-secret
                  key: "nc_admin_password"
            - name: NEXTCLOUD_PASSWORDSALT
              valueFrom:
                secretKeyRef:
                  name: nc-secret
                  key: "nc_passwordsalt"
            - name: NEXTCLOUD_INSTANCEID
              valueFrom:
                secretKeyRef:
                  name: nc-secret
                  key: "nc_instanceid"
            - name: NEXTCLOUD_SECRET
              valueFrom:
                secretKeyRef:
                  name: nc-secret
                  key: "nc_secret"
            - name: OBJECTSTORE_S3_REGION
              value: "us-east-1"
            - name: OBJECTSTORE_S3_HOST
              value: "s3.sto4.safedc.net"
            - name: OBJECTSTORE_S3_BUCKET
              value: "primary-customer-drive-test.sunet.se"
            - name: OBJECTSTORE_S3_KEY
              valueFrom:
                secretKeyRef:
                  name: s3-secret
                  key: "s3_key"
            - name: OBJECTSTORE_S3_SECRET
              valueFrom:
                secretKeyRef:
                  name: s3-secret
                  key: "s3_secret"
            - name: OBJECTSTORE_S3_USEPATH_STYLE
              value: "true"
            - name: OBJECTSTORE_S3_AUTOCREATE
              value: "true"
            - name: OBJECTSTORE_S3_SSL
              value: "true"
            - name: REDIS_HOST
              value: "redis.redis"
            - name: REDIS_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: redis-secret
                  key: "redis_password"
            - name: SITE_NAME
              value: "customer.drive.test.sunet.se"
          command: ["/bin/sh", "-c", "/usr/bin/j2 -f env -o /var/www/html/config/config.php /tmp/config.php.template"]
      volumes:
        - name: nextcloud-config-template
          configMap:
            name: nextcloud-configmap
            items:
              - key: "config.php"
                path: "config.php"
        - name: apache2-config
          configMap:
            name: nextcloud-configmap
            items:
              - key: "apache2.conf"
                path: "apache2.conf"
        - name: default-config
          configMap:
            name: nextcloud-configmap
            items:
              - key: "000-default.conf"
                path: "000-default.conf"
        - name: envars
          configMap:
            name: nextcloud-configmap
            items:
              - key: "envars"
                path: "envars"
        - name: ports-config
          configMap:
            name: nextcloud-configmap
            items:
              - key: "ports.conf"
                path: "ports.conf"
staefullset 2023-03-28 21:37:32 +00:00			`kind: StatefulSet`
Add base layer and vr as an example 2023-03-27 11:45:09 +00:00			`apiVersion: apps/v1`
			`metadata:`
			`name: customer-node`
			`labels:`
			`app: customer-node`
			`spec:`
			`replicas: 1`
			`selector:`
			`matchLabels:`
			`app: customer-node`
staefullset 2023-03-28 21:37:32 +00:00			`updateStrategy:`
			`type: RollingUpdate`
Fix volume claim 2023-03-28 21:14:35 +00:00			`volumeClaimTemplates:`
staefullset 2023-03-28 21:37:32 +00:00			`- metadata:`
			`name: nextcloud-data`
			`spec:`
			`storageClassName: mayastor-3`
			`accessModes:`
			`- ReadWriteOnce`
			`resources:`
			`requests:`
			`storage: 1Gi`
Add base layer and vr as an example 2023-03-27 11:45:09 +00:00			`template:`
			`metadata:`
			`labels:`
			`app: customer-node`
			`spec:`
staefullset 2023-03-28 21:37:32 +00:00			`restartPolicy: Always`
Try more stuff 2023-03-29 08:18:20 +00:00			`securityContext:`
			`privileged: false`
			`runAsNonRoot: true`
			`allowPrivilegeEscalation: false`
			`runAsUser: 33`
			`runAsGroup: 33`
This 2023-03-29 09:04:38 +00:00			`fsGroup: 4`
Add base layer and vr as an example 2023-03-27 11:45:09 +00:00			`containers:`
staefullset 2023-03-28 21:37:32 +00:00			`- name: customer`
Run own image 2023-03-29 07:53:15 +00:00			`image: docker.sunet.se/drive/nextcloud-custom:25.0.3.3-4`
staefullset 2023-03-28 21:37:32 +00:00			`volumeMounts:`
			`- name: nextcloud-data`
			`mountPath: /var/www/html/config`
			`subPath: config`
Try to get debug output 2023-03-29 08:36:15 +00:00			`- name: default-config`
Run own image 2023-03-29 07:53:15 +00:00			`mountPath: /etc/apache2/sites-enabled/000-default.conf`
			`subPath: 000-default.conf`
Try to get debug output 2023-03-29 08:36:15 +00:00			`- name: apache2-config`
			`mountPath: /etc/apache2/apache2.conf`
Try again 2023-03-29 08:38:08 +00:00			`subPath: apache2.conf`
envars 2023-03-29 08:56:03 +00:00			`- name: envars`
			`mountPath: /etc/apache2/envars`
			`subPath: envars`
Try more stuff 2023-03-29 08:18:20 +00:00			`- name: ports-config`
			`mountPath: /etc/apache2/ports.conf`
			`subPath: ports.conf`
Try resources 2023-03-29 07:37:33 +00:00			`resources:`
			`limits:`
			`cpu: 1500m`
			`memory: 2048Mi`
			`requests:`
			`cpu: 500m`
			`memory: 256Mi`
Add probes 2023-03-29 07:24:08 +00:00			`readinessProbe:`
Try more stuff 2023-03-29 08:18:20 +00:00			`tcpSocket:`
			`port: 8080`
			`initialDelaySeconds: 180`
			`periodSeconds: 60`
Add probes 2023-03-29 07:24:08 +00:00			`livenessProbe:`
Try more stuff 2023-03-29 08:18:20 +00:00			`tcpSocket:`
			`port: 8080`
			`initialDelaySeconds: 300`
			`periodSeconds: 180`
staefullset 2023-03-28 21:37:32 +00:00			`ports:`
Run own image 2023-03-29 07:53:15 +00:00			`- containerPort: 8080`
Try to fix apache not starting 2023-03-29 07:12:38 +00:00			`name: nextcloud-http`
This 2023-03-29 09:06:02 +00:00			`command: ["apachectl"]`
			`args: ["-D", "FOREGROUND"]`
			`#command: ["/bin/sh","-c", "apachectl -D FOREGROUND; tail -f /dev/null"]`
Try and try again 2023-03-28 21:04:39 +00:00			`initContainers:`
staefullset 2023-03-28 21:37:32 +00:00			`- image: docker.sunet.se/sunet/docker-jinja:latest`
			`name: init-config`
			`volumeMounts:`
			`- name: nextcloud-config-template`
			`mountPath: /tmp/config.php.template`
			`subPath: config.php`
			`- name: nextcloud-data`
			`mountPath: /var/www/html/config`
			`subPath: config`
			`env:`
			`- name: GSS_MASTER_URL`
			`value: "https://drive.test.sunet.se"`
			`- name: GSS_JWT_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: gss-secret`
			`key: "jwt_key"`
			`- name: LOOKUP_SERVER`
			`value: "https://lookup.drive.test.sunet.se"`
			`- name: MAIL_DOMAIN`
			`value: "drive.test.sunet.se"`
			`- name: MAIL_FROM_ADDRESS`
			`value: "noreply"`
			`- name: MAIL_SMTPHOST`
			`value: "smtp.sunet.se"`
			`- name: MAIL_SMTPNAME`
			`value: "noreply@drive.test.sunet.se"`
			`- name: MAIL_SMTPPASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: mail-secret`
			`key: "smtp_password"`
			`- name: MYSQL_DATABASE`
			`value: "customer_nextcloud"`
			`- name: MYSQL_USER`
			`value: "customer_nextcloud"`
			`- name: MYSQL_HOST`
			`value: "proxysql.proxysql"`
			`- name: MYSQL_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: db-secret`
			`key: "db_password"`
			`- name: MYSQL_PORT`
			`value: "6033"`
			`- name: NEXTCLOUD_TRUSTED_DOMAINS`
			`value: "customer.drive.test.sunet.se"`
			`- name: NEXTCLOUD_ADMIN_USER`
			`value: admin`
			`- name: NEXTCLOUD_VERSION_STRING`
			`value: "25.0.3.3"`
			`- name: NEXTCLOUD_ADMIN_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: nc-secret`
			`key: "nc_admin_password"`
			`- name: NEXTCLOUD_PASSWORDSALT`
			`valueFrom:`
			`secretKeyRef:`
			`name: nc-secret`
			`key: "nc_passwordsalt"`
			`- name: NEXTCLOUD_INSTANCEID`
			`valueFrom:`
			`secretKeyRef:`
			`name: nc-secret`
			`key: "nc_instanceid"`
			`- name: NEXTCLOUD_SECRET`
			`valueFrom:`
			`secretKeyRef:`
			`name: nc-secret`
			`key: "nc_secret"`
			`- name: OBJECTSTORE_S3_REGION`
			`value: "us-east-1"`
			`- name: OBJECTSTORE_S3_HOST`
			`value: "s3.sto4.safedc.net"`
			`- name: OBJECTSTORE_S3_BUCKET`
			`value: "primary-customer-drive-test.sunet.se"`
			`- name: OBJECTSTORE_S3_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: s3-secret`
			`key: "s3_key"`
			`- name: OBJECTSTORE_S3_SECRET`
			`valueFrom:`
			`secretKeyRef:`
			`name: s3-secret`
			`key: "s3_secret"`
			`- name: OBJECTSTORE_S3_USEPATH_STYLE`
			`value: "true"`
			`- name: OBJECTSTORE_S3_AUTOCREATE`
			`value: "true"`
			`- name: OBJECTSTORE_S3_SSL`
			`value: "true"`
			`- name: REDIS_HOST`
			`value: "redis.redis"`
			`- name: REDIS_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: redis-secret`
			`key: "redis_password"`
			`- name: SITE_NAME`
			`value: "customer.drive.test.sunet.se"`
			`command: ["/bin/sh", "-c", "/usr/bin/j2 -f env -o /var/www/html/config/config.php /tmp/config.php.template"]`
Fix indent 2023-03-28 21:44:26 +00:00			`volumes:`
			`- name: nextcloud-config-template`
			`configMap:`
			`name: nextcloud-configmap`
			`items:`
			`- key: "config.php"`
			`path: "config.php"`
Try to get debug output 2023-03-29 08:36:15 +00:00			`- name: apache2-config`
			`configMap:`
			`name: nextcloud-configmap`
			`items:`
			`- key: "apache2.conf"`
			`path: "apache2.conf"`
			`- name: default-config`
Run own image 2023-03-29 07:53:15 +00:00			`configMap:`
			`name: nextcloud-configmap`
			`items:`
			`- key: "000-default.conf"`
			`path: "000-default.conf"`
envars 2023-03-29 08:56:03 +00:00			`- name: envars`
			`configMap:`
			`name: nextcloud-configmap`
			`items:`
			`- key: "envars"`
			`path: "envars"`
Try more stuff 2023-03-29 08:18:20 +00:00			`- name: ports-config`
			`configMap:`
			`name: nextcloud-configmap`
			`items:`
			`- key: "ports.conf"`
			`path: "ports.conf"`