Add nextcloud config

This commit is contained in:
Micke Nordin 2023-03-27 16:41:43 +02:00
parent 82bda1443d
commit 0d5dfd31b6
Signed by untrusted user: Micke
GPG key ID: 0DA0A7A5708FE257
7 changed files with 244 additions and 8 deletions

View file

@ -4,4 +4,6 @@ resources:
- nextcloud-namespace.yml
- nextcloud-pvc.yml
- nextcloud-service.yml
- redis-deployment.yml
- redis-service.yml
- s3-service.yml

View file

@ -0,0 +1,111 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: nextcloud-configmap
namespace: customer
data:
config.php: |
<?php
$CONFIG = array (
'memcache.local' => '\\OC\\Memcache\\APCu',
'appstoreenabled' => false,
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '{{REDIS_HOST}}',
'password' => '{{REDIS_PASSWORD}}',
'port' => 6379,
),
'forcessl' => true,
'overwriteprotocol' => 'https',
'objectstore' =>
array (
'class' => '\\OC\\Files\\ObjectStore\\S3',
'arguments' =>
array (
'bucket' => '{{OBJECTSTORE_S3_BUCKET}}',
'key' => '{{OBJECTSTORE_S3_KEY}}',
'secret' => '{{OBJECTSTORE_S3_SECRET}}',
'region' => '{{OBJECTSTORE_S3_REGION}}',
'hostname' => '{{OBJECTSTORE_S3_HOST}}',
'port' => '',
'objectPrefix' => 'urn:oid:',
'autocreate' => false,
'use_ssl' => true,
'use_path_style' => true,
'legacy_auth' => false,
),
),
'csrf.disabled' => true,
'passwordsalt' => '{{NEXTCLOUD_PASSWORDSALT}}',
'secret' => '{{NEXTCLOUD_SECRET}}',
'trusted_domains' =>
array (
0 => '{{NEXTCLOUD_TRUSTED_DOMAINS}}'
),
'config_is_read_only' => true,
'datadirectory' => '/var/www/html/data',
'dbhost' => '{{MYSQL_HOST}}',
'dbname' => '{{MYSQL_DATABASE}}',
'dbpassword' => '{{MYSQL_PASSWORD}}',
'dbport' => '{{MYSQL_PORT}}',
'dbtableprefix' => 'oc_',
'dbtype' => 'mysql',
'dbuser' => '{{MYSQL_USER}}',
'gs.enabled' => 'true',
'gs.federation' => 'global',
'gs.trustedHosts' => ['*.sunet.se'],
'gss.jwt.key' => '{{GSS_JWT_KEY}}',
'gss.master.url' => '{{GSS_MASTER_URL}}',
'gss.mode' => 'slave',
'gss.user.discovery.module' => '\\OCA\\GlobalSiteSelector\\UserDiscoveryModules\\ManualUserMapping',
'installed' => true,
'instanceid' => '{{NEXTCLOUD_INSTANCEID}}',
'log_type' => 'file',
'loglevel' => 0,
'lookup_server' => '{{LOOKUP_SERVER}}',
'mail_domain' => '{{MAIL_DOMAIN}}',
'mail_from_address' => '{{MAIL_FROM_ADDRESS}}',
'mail_sendmailmode' => 'smtp',
'mail_smtpauth' => 1,
'mail_smtpauthtype' => 'LOGIN',
'mail_smtphost' => '{{MAIL_SMTPHOST}}',
'mail_smtpmode' => 'smtp',
'mail_smtpname' => '{{MAIL_SMTPNAME}}',
'mail_smtppassword' => '{{MAIL_SMTPPASSWORD}}',
'mail_smtpport' => '587',
'mail_smtpsecure' => 'tls',
'mail_template_class' => 'OCA\DriveEmailTemplate\EMailTemplate',
'mysql.utf8mb4' => true,
'overwritehost' => '{{SITE_NAME}}',
'overwrite.cli.url' => 'https://{{SITE_NAME}}',
'templatedirectory' => '',
'skeletondirectory' => '',
'twofactor_enforced' => 'true',
'twofactor_enforced_groups' =>
array (
0 => 'admin',
),
'version' => '{{NEXTCLOUD_VERSION_STRING}}',
'app_install_overwrite' =>
array (
0 => 'globalsiteselector',
),
);

View file

@ -23,16 +23,38 @@ spec:
claimName: customer-shared-storage-claim
containers:
- name: customer
image: customer
image: docker.sunet.se/drive/nextcloud-custom:25.0.3.3-4
volumeMounts:
- name: server-storage
mountPath: /var/www/html
subPath: server-data
env:
- name: GSS_MASTER_URL
value: "https://drive.test.sunet.se"
- name: GSS_JWT_KEY
valueFrom:
secretKeyRef:
name: gss-secret
key: "jwt_key"
- name: LOOKUP_SERVER
value: "https://lookup.drive.test.sunet.se"
- name: MAIL_DOMAIN
value: "drive.test.sunet.se"
- name: MAIL_FROM_ADDRESS
value: "noreply"
- name: MAIL_SMTPHOST
value: "smtp.sunet.se"
- name: MAIL_SMTPNAME
value: "noreply@drive.test.sunet.se"
- name: MAIL_SMTPPASSWORD
valueFrom:
secretKeyRef:
name: mail-secret
key: "smtp_password"
- name: MYSQL_DATABASE
value: "customer_customer"
value: "customer_nextcloud"
- name: MYSQL_USER
value: "customer"
value: "customer_nextcloud"
- name: MYSQL_HOST
value: "proxysql.proxysql"
- name: MYSQL_PASSWORD
@ -45,12 +67,29 @@ spec:
- name: NEXTCLOUD_TRUSTED_DOMAINS
value: "customer.drive.test.sunet.se"
- name: NEXTCLOUD_ADMIN_USER
value: _customer
value: admin
- name: NEXTCLOUD_VERSION_STRING
value: "25.0.3.3"
- name: NEXTCLOUD_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_admin_password"
- name: NEXTCLOUD_PASSWORDSALT
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_passwordsalt"
- name: NEXTCLOUD_INSTANCEID
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_instanceid"
- name: NEXTCLOUD_SECRET
valueFrom:
secretKeyRef:
name: nc-secret
key: "nc_secret"
- name: OBJECTSTORE_S3_REGION
value: "us-east-1"
- name: OBJECTSTORE_S3_HOST
@ -75,6 +114,13 @@ spec:
value: "true"
- name: REDIS_HOST
value: "redis.redis"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: "redis_password"
- name: SITE_NAME
value: "customer.drive.test.sunet.se"
resources: {}
strategy: {}
status: {}

View file

@ -0,0 +1,29 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
namespace: customer
labels:
app.kubernetes.io/name: redis
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: redis
template:
metadata:
labels:
app.kubernetes.io/name: redis
spec:
containers:
- name: default
image: redis:latest
imagePullPolicy: Always
ports:
- containerPort: 6379
args:
- "--save"
- ""
- "--appendonly"
- "no"

View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
annotations:
labels:
app: redis
name: redis
namespace: customer
spec:
ports:
- name: redis
nodePort: 30379
port: 6379
targetPort: redis
selector:
app: redis
app.kubernetes.io/name: redis
type: NodePort

View file

@ -23,17 +23,32 @@ spec:
claimName: vr-shared-storage-claim
containers:
- name: vr
image: docker.sunet.se/drive/nextcloud-custom:25.0.3.3-4
volumeMounts:
- name: server-storage
mountPath: /var/www/html
subPath: server-data
env:
- name: GSS_MASTER_URL
value: "https://drive.sunet.se"
- name: LOOKUP_SERVER
value: "https://lookup.drive.sunet.se"
- name: MAIL_DOMAIN
value: "drive.sunet.se"
- name: MAIL_SMTPNAME
value: "noreply@drive.sunet.se"
- name: MYSQL_DATABASE
value: "vr_nextcloud"
- name: MYSQL_USER
value: "vr_nextcloud"
- name: NEXTCLOUD_TRUSTED_DOMAINS
value: "vr.drive.sunet.se"
- name: OBJECTSTORE_S3_HOST
value: "s3.sto4.safedc.net"
- name: NEXTCLOUD_VERSION_STRING
value: "25.0.3.3"
- name: OBJECTSTORE_S3_BUCKET
value: "primary-vr-drive.sunet.se"
- name: SITE_NAME
value: "vr.drive.sunet.se"
resources: {}
strategy: {}
status: {}

View file

@ -23,17 +23,32 @@ spec:
claimName: vr-shared-storage-claim
containers:
- name: vr
image: docker.sunet.se/drive/nextcloud-custom:25.0.3.3-4
volumeMounts:
- name: server-storage
mountPath: /var/www/html
subPath: server-data
env:
- name: GSS_MASTER_URL
value: "https://drive.test.sunet.se"
- name: LOOKUP_SERVER
value: "https://lookup.drive.test.sunet.se"
- name: MAIL_DOMAIN
value: "drive.test.sunet.se"
- name: MAIL_SMTPNAME
value: "noreply@drive.test.sunet.se"
- name: MYSQL_DATABASE
value: "vr_nextcloud"
- name: MYSQL_USER
value: "vr_nextcloud"
- name: NEXTCLOUD_TRUSTED_DOMAINS
value: "vr.drive.test.sunet.se"
- name: OBJECTSTORE_S3_HOST
value: "s3.sto4.safedc.net"
- name: NEXTCLOUD_VERSION_STRING
value: "25.0.3.3"
- name: OBJECTSTORE_S3_BUCKET
value: "primary-vr-drive-test.sunet.se"
- name: SITE_NAME
value: "vr.drive.test.sunet.se"
resources: {}
strategy: {}
status: {}