diff --git a/applicationsets/applicationset.yaml b/applicationsets/applicationset.yaml
new file mode 100644
index 0000000..4b388bd
--- /dev/null
+++ b/applicationsets/applicationset.yaml
@@ -0,0 +1,45 @@
+apiVersion: argoproj.io/v1alpha1
+kind: ApplicationSet
+metadata:
+ name: customer-applications
+ namespace: argocd
+spec:
+ goTemplate: true
+ goTemplateOptions: ["missingkey=error"]
+ generators:
+ - git:
+ repoURL: 'https://platform.sunet.se/Drive/k8s-manifests'
+ revision: HEAD
+ directories:
+ - path: 'customers/overlays/*'
+ template:
+ metadata:
+ name: '{{index .path.segments 2}}-{{index .path.segments 3}}'
+ spec:
+ project: default
+ source:
+ repoURL: 'https://platform.sunet.se/Drive/k8s-manifests'
+ targetRevision: HEAD
+ path: 'customers/overlays/{{index .path.segments 2}}'
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: '{{index .path.segments 2}}'
+ syncPolicy:
+ automated:
+ prune: false
+ selfHeal: true
+ allowEmpty: false
+ syncOptions: # maybe needs FIXME
+ - Validate=true # disables resource validation (equivalent to 'kubectl apply --validate=false') ( true by default ).
+ - CreateNamespace=true # Namespace Auto-Creation ensures that namespace specified as the application destination exists in the destination cluster.
+ - PrunePropagationPolicy=foreground # Supported policies are background, foreground and orphan.
+ - PruneLast=true # Allow the ability for resource pruning to happen as a final, implicit wave of a sync operation
+ - RespectIgnoreDifferences=true # When syncing changes, respect fields ignored by the ignoreDifferences configuration
+ - ApplyOutOfSyncOnly=true # Only sync out-of-sync resources, rather than applying every object in the application
+ retry:
+ limit: 5
+ backoff:
+ duration: 5s
+ factor: 2
+ maxDuration: 3m
+ revisionHistoryLimit: 2
diff --git a/customers/base/apache-configmap.yml b/customers/base/apache-configmap.yml
deleted file mode 100644
index e2fe17f..0000000
--- a/customers/base/apache-configmap.yml
+++ /dev/null
@@ -1,73 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: apache-configmap
-data:
- 000-default.conf: |
- LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so
- LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
-
- ServerAdmin webmaster@localhost
- DocumentRoot /var/www/html
- # Log format config
- LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common
- SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
-
- # Header config
- RemoteIPHeader X-Forwarded-For
- RemoteIPInternalProxy 37.156.195.14
- RemoteIPInternalProxy 37.156.195.19
- RemoteIPInternalProxy 37.156.195.84
- RemoteIPInternalProxy 37.156.195.92
- #ErrorDocument 404 /404.html
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined env=forwarded
-
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined
-
- LimitRequestBody 0
- Require all granted
- AllowOverride All
- Options FollowSymLinks MultiViews
-
-
- Dav off
-
-
-
-
- ServerAdmin webmaster@localhost
- DocumentRoot /var/www/html
- # Log format config
- LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common
- SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
-
- # Header config
- RemoteIPHeader X-Forwarded-For
- RemoteIPInternalProxy 37.156.195.14
- RemoteIPInternalProxy 37.156.195.19
- RemoteIPInternalProxy 37.156.195.84
- RemoteIPInternalProxy 37.156.195.92
- #ErrorDocument 404 /404.html
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined env=forwarded
- SSLEngine On
- SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
- SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
-
- LimitRequestBody 0
- Require all granted
- AllowOverride All
- Options FollowSymLinks MultiViews
-
-
- Dav off
-
-
-
- Order allow,deny
- deny from all
-
-
- # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/customers/base/apache-php-configmap.yml b/customers/base/apache-php-configmap.yml
deleted file mode 100644
index 8d06115..0000000
--- a/customers/base/apache-php-configmap.yml
+++ /dev/null
@@ -1,162 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: apache-php-configmap
-data:
- php.ini: |
- [PHP]
- allow_url_fopen = On
- allow_url_include = Off
- auto_append_file =
- auto_globals_jit = On
- auto_prepend_file =
- default_charset = "UTF-8"
- default_mimetype = "text/html"
- default_socket_timeout = 60
- disable_classes =
- disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
- display_errors = Off
- display_startup_errors = Off
- doc_root =
- enable_dl = Off
- engine = On
- error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
- expose_php = Off
- file_uploads = On
- ignore_repeated_errors = Off
- ignore_repeated_source = Off
- implicit_flush = Off
- log_errors = On
- log_errors_max_len = 1024
- max_execution_time = 86400
- max_file_uploads = 20
- max_input_time = 86400
- memory_limit = 512M
- output_buffering = Off
- post_max_size = 30G
- precision = 14
- register_argc_argv = Off
- report_memleaks = On
- request_order = "GP"
- serialize_precision = -1
- short_open_tag = Off
- unserialize_callback_func =
- upload_max_filesize = 30G
- user_dir =
- variables_order = "GPCS"
- zend.enable_gc = On
- zend.exception_ignore_args = On
- zlib.output_compression = Off
- [CLI Server]
- cli_server.color = On
- [Date]
- ; Nothing here
- [filter]
- ; Nothing here
- [iconv]
- ; Nothing here
- [imap]
- ; Nothing here
- [intl]
- ; Nothing here
- [sqlite3]
- ; Nothing here
- [Pcre]
- ; Nothing here
- [Pdo]
- ; Nothing here
- [Pdo_mysql]
- pdo_mysql.default_socket=
- [Phar]
- ; Nothing here
- [mail function]
- SMTP = localhost
- smtp_port = 25
- mail.add_x_header = Off
- [ODBC]
- odbc.allow_persistent = On
- odbc.check_persistent = On
- odbc.max_persistent = -1
- odbc.max_links = -1
- odbc.defaultlrl = 4096
- odbc.defaultbinmode = 1
- [MySQLi]
- mysqli.max_persistent = -1
- mysqli.allow_persistent = On
- mysqli.max_links = -1
- mysqli.default_port = 3306
- mysqli.default_socket =
- mysqli.default_host =
- mysqli.default_user =
- mysqli.default_pw =
- mysqli.reconnect = Off
- [mysqlnd]
- mysqlnd.collect_statistics = On
- mysqlnd.collect_memory_statistics = Off
- [OCI8]
- ; Nothing here
- [PostgreSQL]
- pgsql.allow_persistent = On
- pgsql.auto_reset_persistent = Off
- pgsql.max_persistent = -1
- pgsql.max_links = -1
- pgsql.ignore_notice = 0
- pgsql.log_notice = 0
- [bcmath]
- bcmath.scale = 0
- [browscap]
- ; Nothing here
- [Session]
- session.save_handler = files
- session.use_strict_mode = 0
- session.use_cookies = 1
- session.use_only_cookies = 1
- session.name = PHPSESSID
- session.auto_start = 0
- session.cookie_lifetime = 0
- session.cookie_path = /
- session.cookie_domain =
- session.cookie_httponly =
- session.cookie_samesite =
- session.serialize_handler = php
- session.gc_probability = 0
- session.gc_divisor = 1000
- session.gc_maxlifetime = 1440
- session.referer_check =
- session.cache_limiter = nocache
- session.cache_expire = 180
- session.use_trans_sid = 0
- session.sid_length = 26
- session.trans_sid_tags = "a=href,area=href,frame=src,form="
- session.sid_bits_per_character = 5
- [Assertion]
- zend.assertions = -1
- [COM]
- ; Nothing here
- [mbstring]
- ; Nothing here
- [gd]
- ; Nothing here
- [exif]
- ; Nothing here
- [Tidy]
- tidy.clean_output = Off
- [soap]
- soap.wsdl_cache_enabled=1
- soap.wsdl_cache_dir="/tmp"
- soap.wsdl_cache_ttl=86400
- soap.wsdl_cache_limit = 5
- [sysvshm]
- ; Nothing here
- [ldap]
- ldap.max_links = -1
- [dba]
- ; Nothing here
- [opcache]
- opcache.interned_strings_buffer=64
- [curl]
- ; Nothing here
- [openssl]
- ; Nothing here
- [ffi]
- ; Nothing here
diff --git a/customers/base/apcu-configmap.yml b/customers/base/apcu-configmap.yml
deleted file mode 100644
index c25ee99..0000000
--- a/customers/base/apcu-configmap.yml
+++ /dev/null
@@ -1,8 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: apcu-configmap
-data:
- apcu.ini: |
- extension=apcu.so
- apc.enable_cli=1
diff --git a/customers/base/cli-php-configmap.yml b/customers/base/cli-php-configmap.yml
deleted file mode 100644
index 3e1354f..0000000
--- a/customers/base/cli-php-configmap.yml
+++ /dev/null
@@ -1,162 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: cli-php-configmap
-data:
- php.ini: |
- [PHP]
- allow_url_fopen = On
- allow_url_include = Off
- auto_append_file =
- auto_globals_jit = On
- auto_prepend_file =
- default_charset = "UTF-8"
- default_mimetype = "text/html"
- default_socket_timeout = 60
- disable_classes =
- disable_functions =
- display_errors = Off
- display_startup_errors = Off
- doc_root =
- enable_dl = Off
- engine = On
- error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
- expose_php = On
- file_uploads = On
- ignore_repeated_errors = Off
- ignore_repeated_source = Off
- implicit_flush = Off
- log_errors = On
- log_errors_max_len = 1024
- max_execution_time = 86400
- max_file_uploads = 20
- max_input_time = 86400
- memory_limit = -1
- output_buffering = Off
- post_max_size = 16G
- precision = 14
- register_argc_argv = Off
- report_memleaks = On
- request_order = "GP"
- serialize_precision = -1
- short_open_tag = Off
- unserialize_callback_func =
- upload_max_filesize = 16G
- user_dir =
- variables_order = "GPCS"
- zend.enable_gc = On
- zend.exception_ignore_args = On
- zlib.output_compression = Off
- [CLI Server]
- cli_server.color = On
- [Date]
- ; Nothing here
- [filter]
- ; Nothing here
- [iconv]
- ; Nothing here
- [imap]
- ; Nothing here
- [intl]
- ; Nothing here
- [sqlite3]
- ; Nothing here
- [Pcre]
- ; Nothing here
- [Pdo]
- ; Nothing here
- [Pdo_mysql]
- pdo_mysql.default_socket=
- [Phar]
- ; Nothing here
- [mail function]
- SMTP = localhost
- smtp_port = 25
- mail.add_x_header = Off
- [ODBC]
- odbc.allow_persistent = On
- odbc.check_persistent = On
- odbc.max_persistent = -1
- odbc.max_links = -1
- odbc.defaultlrl = 4096
- odbc.defaultbinmode = 1
- [MySQLi]
- mysqli.max_persistent = -1
- mysqli.allow_persistent = On
- mysqli.max_links = -1
- mysqli.default_port = 3306
- mysqli.default_socket =
- mysqli.default_host =
- mysqli.default_user =
- mysqli.default_pw =
- mysqli.reconnect = Off
- [mysqlnd]
- mysqlnd.collect_statistics = On
- mysqlnd.collect_memory_statistics = Off
- [OCI8]
- ; Nothing here
- [PostgreSQL]
- pgsql.allow_persistent = On
- pgsql.auto_reset_persistent = Off
- pgsql.max_persistent = -1
- pgsql.max_links = -1
- pgsql.ignore_notice = 0
- pgsql.log_notice = 0
- [bcmath]
- bcmath.scale = 0
- [browscap]
- ; Nothing here
- [Session]
- session.save_handler = files
- session.use_strict_mode = 0
- session.use_cookies = 1
- session.use_only_cookies = 1
- session.name = PHPSESSID
- session.auto_start = 0
- session.cookie_lifetime = 0
- session.cookie_path = /
- session.cookie_domain =
- session.cookie_httponly =
- session.cookie_samesite =
- session.serialize_handler = php
- session.gc_probability = 0
- session.gc_divisor = 1000
- session.gc_maxlifetime = 1440
- session.referer_check =
- session.cache_limiter = nocache
- session.cache_expire = 180
- session.use_trans_sid = 0
- session.sid_length = 26
- session.trans_sid_tags = "a=href,area=href,frame=src,form="
- session.sid_bits_per_character = 5
- [Assertion]
- zend.assertions = -1
- [COM]
- ; Nothing here
- [mbstring]
- ; Nothing here
- [gd]
- ; Nothing here
- [exif]
- ; Nothing here
- [Tidy]
- tidy.clean_output = Off
- [soap]
- soap.wsdl_cache_enabled=1
- soap.wsdl_cache_dir="/tmp"
- soap.wsdl_cache_ttl=86400
- soap.wsdl_cache_limit = 5
- [sysvshm]
- ; Nothing here
- [ldap]
- ldap.max_links = -1
- [dba]
- ; Nothing here
- [opcache]
- opcache.interned_strings_buffer=64
- [curl]
- ; Nothing here
- [openssl]
- ; Nothing here
- [ffi]
- ; Nothing here
diff --git a/customers/base/env-configmap.yml b/customers/base/env-configmap.yml
new file mode 100644
index 0000000..485dd9a
--- /dev/null
+++ b/customers/base/env-configmap.yml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: nextcloud-env
+data:
+ GSS_MASTER_URL: 'https://drive.test.sunet.se'
+ LOOKUP_SERVER: 'https://lookup.drive.test.sunet.se'
+ MAIL_DOMAIN: 'drive.test.sunet.se'
+ MAIL_FROM_ADDRESS: 'noreply'
+ MAIL_SMTPHOST: 'smtp.sunet.se'
+ MAIL_SMTPNAME: 'noreply@drive.test.sunet.se'
+ MYSQL_DATABASE: 'nextcloud_customer'
+ MYSQL_HOST: 'proxysqlcluster.proxysql'
+ MYSQL_PORT: '6033'
+ MYSQL_USER: 'nextcloud_customer'
+ NEXTCLOUD_ADMIN_USER: 'admin'
+ NEXTCLOUD_TRUSTED_DOMAINS: 'customer.drive.test.sunet.se'
+ NEXTCLOUD_VERSION_STRING: '30.0.5.2'
+ OBJECTSTORE_S3_AUTOCREATE: 'true'
+ OBJECTSTORE_S3_BUCKET: 'primary-customer-drive-test.sunet.se'
+ OBJECTSTORE_S3_HOST: 's3.sto4.safedc.net'
+ OBJECTSTORE_S3_REGION: 'us-east-1'
+ OBJECTSTORE_S3_SSL: 'true'
+ OBJECTSTORE_S3_USEPATH_STYLE: 'true'
+ REDIS_HOST: 'redis'
+ SITE_NAME: 'customer.drive.test.sunet.se'
diff --git a/customers/base/files/000-default.conf b/customers/base/files/000-default.conf
new file mode 100644
index 0000000..5cd81a8
--- /dev/null
+++ b/customers/base/files/000-default.conf
@@ -0,0 +1,73 @@
+LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so
+LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+ # Log format config
+ LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" xforwardedfor
+ SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+
+ PassEnv HOSTNAME
+ Header append Set-Cookie "SERVERID=%{HOSTNAME}e;Path=/;SameSite=Lax;HttpOnly;Secure"
+
+ # Header config
+ RemoteIPHeader X-Forwarded-For
+ RemoteIPInternalProxy 37.156.195.14
+ RemoteIPInternalProxy 37.156.195.19
+ RemoteIPInternalProxy 37.156.195.84
+ RemoteIPInternalProxy 37.156.195.92
+ #ErrorDocument 404 /404.html
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log xforwardedfor env=forwarded
+ CustomLog ${APACHE_LOG_DIR}/access.log combined env=!forwarded
+
+ LimitRequestBody 0
+ Require all granted
+ AllowOverride All
+ Options FollowSymLinks MultiViews
+
+
+ Dav off
+
+
+
+
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+ # Log format config
+ LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" xforwardedfor
+ SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+
+ PassEnv HOSTNAME
+ Header append Set-Cookie "SERVERID=%{HOSTNAME}e;Path=/;SameSite=Lax;HttpOnly;Secure"
+
+ # Header config
+ RemoteIPHeader X-Forwarded-For
+ RemoteIPInternalProxy 37.156.195.14
+ RemoteIPInternalProxy 37.156.195.19
+ RemoteIPInternalProxy 37.156.195.84
+ RemoteIPInternalProxy 37.156.195.92
+ #ErrorDocument 404 /404.html
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log xforwardedfor env=forwarded
+ CustomLog ${APACHE_LOG_DIR}/access.log combined env=!forwarded
+ SSLEngine On
+ SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
+ SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+
+ LimitRequestBody 0
+ Require all granted
+ AllowOverride All
+ Options FollowSymLinks MultiViews
+
+
+ Dav off
+
+
+
+ Order allow,deny
+ deny from all
+
+
+# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
+
diff --git a/customers/base/files/apache-php.ini b/customers/base/files/apache-php.ini
new file mode 100644
index 0000000..2c93e4f
--- /dev/null
+++ b/customers/base/files/apache-php.ini
@@ -0,0 +1,157 @@
+[PHP]
+allow_url_fopen = On
+allow_url_include = Off
+auto_append_file =
+auto_globals_jit = On
+auto_prepend_file =
+default_charset = "UTF-8"
+default_mimetype = "text/html"
+default_socket_timeout = 60
+disable_classes =
+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
+display_errors = Off
+display_startup_errors = Off
+doc_root =
+enable_dl = Off
+engine = On
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+expose_php = Off
+file_uploads = On
+ignore_repeated_errors = Off
+ignore_repeated_source = Off
+implicit_flush = Off
+log_errors = On
+log_errors_max_len = 1024
+max_execution_time = 86400
+max_file_uploads = 20
+max_input_time = 86400
+memory_limit = 512M
+output_buffering = Off
+post_max_size = 30G
+precision = 14
+register_argc_argv = Off
+report_memleaks = On
+request_order = "GP"
+serialize_precision = -1
+short_open_tag = Off
+unserialize_callback_func =
+upload_max_filesize = 30G
+user_dir =
+variables_order = "GPCS"
+zend.enable_gc = On
+zend.exception_ignore_args = On
+zlib.output_compression = Off
+[CLI Server]
+cli_server.color = On
+[Date]
+; Nothing here
+[filter]
+; Nothing here
+[iconv]
+; Nothing here
+[imap]
+; Nothing here
+[intl]
+; Nothing here
+[sqlite3]
+; Nothing here
+[Pcre]
+; Nothing here
+[Pdo]
+; Nothing here
+[Pdo_mysql]
+pdo_mysql.default_socket=
+[Phar]
+; Nothing here
+[mail function]
+SMTP = localhost
+smtp_port = 25
+mail.add_x_header = Off
+[ODBC]
+odbc.allow_persistent = On
+odbc.check_persistent = On
+odbc.max_persistent = -1
+odbc.max_links = -1
+odbc.defaultlrl = 4096
+odbc.defaultbinmode = 1
+[MySQLi]
+mysqli.max_persistent = -1
+mysqli.allow_persistent = On
+mysqli.max_links = -1
+mysqli.default_port = 3306
+mysqli.default_socket =
+mysqli.default_host =
+mysqli.default_user =
+mysqli.default_pw =
+mysqli.reconnect = Off
+[mysqlnd]
+mysqlnd.collect_statistics = On
+mysqlnd.collect_memory_statistics = Off
+[OCI8]
+; Nothing here
+[PostgreSQL]
+pgsql.allow_persistent = On
+pgsql.auto_reset_persistent = Off
+pgsql.max_persistent = -1
+pgsql.max_links = -1
+pgsql.ignore_notice = 0
+pgsql.log_notice = 0
+[bcmath]
+bcmath.scale = 0
+[browscap]
+; Nothing here
+[Session]
+session.save_handler = files
+session.use_strict_mode = 0
+session.use_cookies = 1
+session.use_only_cookies = 1
+session.name = PHPSESSID
+session.auto_start = 0
+session.cookie_lifetime = 0
+session.cookie_path = /
+session.cookie_domain =
+session.cookie_httponly =
+session.cookie_samesite =
+session.serialize_handler = php
+session.gc_probability = 0
+session.gc_divisor = 1000
+session.gc_maxlifetime = 1440
+session.referer_check =
+session.cache_limiter = nocache
+session.cache_expire = 180
+session.use_trans_sid = 0
+session.sid_length = 26
+session.trans_sid_tags = "a=href,area=href,frame=src,form="
+session.sid_bits_per_character = 5
+[Assertion]
+zend.assertions = -1
+[COM]
+; Nothing here
+[mbstring]
+; Nothing here
+[gd]
+; Nothing here
+[exif]
+; Nothing here
+[Tidy]
+tidy.clean_output = Off
+[soap]
+soap.wsdl_cache_enabled=1
+soap.wsdl_cache_dir="/tmp"
+soap.wsdl_cache_ttl=86400
+soap.wsdl_cache_limit = 5
+[sysvshm]
+; Nothing here
+[ldap]
+ldap.max_links = -1
+[dba]
+; Nothing here
+[opcache]
+opcache.interned_strings_buffer=64
+[curl]
+; Nothing here
+[openssl]
+; Nothing here
+[ffi]
+; Nothing here
+
diff --git a/customers/base/files/apcu.ini b/customers/base/files/apcu.ini
new file mode 100644
index 0000000..bb82aba
--- /dev/null
+++ b/customers/base/files/apcu.ini
@@ -0,0 +1,3 @@
+extension=apcu.so
+apc.enable_cli=1
+
diff --git a/customers/base/files/cli-php.ini b/customers/base/files/cli-php.ini
new file mode 100644
index 0000000..30e49f4
--- /dev/null
+++ b/customers/base/files/cli-php.ini
@@ -0,0 +1,157 @@
+[PHP]
+allow_url_fopen = On
+allow_url_include = Off
+auto_append_file =
+auto_globals_jit = On
+auto_prepend_file =
+default_charset = "UTF-8"
+default_mimetype = "text/html"
+default_socket_timeout = 60
+disable_classes =
+disable_functions =
+display_errors = Off
+display_startup_errors = Off
+doc_root =
+enable_dl = Off
+engine = On
+error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
+expose_php = On
+file_uploads = On
+ignore_repeated_errors = Off
+ignore_repeated_source = Off
+implicit_flush = Off
+log_errors = On
+log_errors_max_len = 1024
+max_execution_time = 86400
+max_file_uploads = 20
+max_input_time = 86400
+memory_limit = -1
+output_buffering = Off
+post_max_size = 16G
+precision = 14
+register_argc_argv = Off
+report_memleaks = On
+request_order = "GP"
+serialize_precision = -1
+short_open_tag = Off
+unserialize_callback_func =
+upload_max_filesize = 16G
+user_dir =
+variables_order = "GPCS"
+zend.enable_gc = On
+zend.exception_ignore_args = On
+zlib.output_compression = Off
+[CLI Server]
+cli_server.color = On
+[Date]
+; Nothing here
+[filter]
+; Nothing here
+[iconv]
+; Nothing here
+[imap]
+; Nothing here
+[intl]
+; Nothing here
+[sqlite3]
+; Nothing here
+[Pcre]
+; Nothing here
+[Pdo]
+; Nothing here
+[Pdo_mysql]
+pdo_mysql.default_socket=
+[Phar]
+; Nothing here
+[mail function]
+SMTP = localhost
+smtp_port = 25
+mail.add_x_header = Off
+[ODBC]
+odbc.allow_persistent = On
+odbc.check_persistent = On
+odbc.max_persistent = -1
+odbc.max_links = -1
+odbc.defaultlrl = 4096
+odbc.defaultbinmode = 1
+[MySQLi]
+mysqli.max_persistent = -1
+mysqli.allow_persistent = On
+mysqli.max_links = -1
+mysqli.default_port = 3306
+mysqli.default_socket =
+mysqli.default_host =
+mysqli.default_user =
+mysqli.default_pw =
+mysqli.reconnect = Off
+[mysqlnd]
+mysqlnd.collect_statistics = On
+mysqlnd.collect_memory_statistics = Off
+[OCI8]
+; Nothing here
+[PostgreSQL]
+pgsql.allow_persistent = On
+pgsql.auto_reset_persistent = Off
+pgsql.max_persistent = -1
+pgsql.max_links = -1
+pgsql.ignore_notice = 0
+pgsql.log_notice = 0
+[bcmath]
+bcmath.scale = 0
+[browscap]
+; Nothing here
+[Session]
+session.save_handler = files
+session.use_strict_mode = 0
+session.use_cookies = 1
+session.use_only_cookies = 1
+session.name = PHPSESSID
+session.auto_start = 0
+session.cookie_lifetime = 0
+session.cookie_path = /
+session.cookie_domain =
+session.cookie_httponly =
+session.cookie_samesite =
+session.serialize_handler = php
+session.gc_probability = 0
+session.gc_divisor = 1000
+session.gc_maxlifetime = 1440
+session.referer_check =
+session.cache_limiter = nocache
+session.cache_expire = 180
+session.use_trans_sid = 0
+session.sid_length = 26
+session.trans_sid_tags = "a=href,area=href,frame=src,form="
+session.sid_bits_per_character = 5
+[Assertion]
+zend.assertions = -1
+[COM]
+; Nothing here
+[mbstring]
+; Nothing here
+[gd]
+; Nothing here
+[exif]
+; Nothing here
+[Tidy]
+tidy.clean_output = Off
+[soap]
+soap.wsdl_cache_enabled=1
+soap.wsdl_cache_dir="/tmp"
+soap.wsdl_cache_ttl=86400
+soap.wsdl_cache_limit = 5
+[sysvshm]
+; Nothing here
+[ldap]
+ldap.max_links = -1
+[dba]
+; Nothing here
+[opcache]
+opcache.interned_strings_buffer=64
+[curl]
+; Nothing here
+[openssl]
+; Nothing here
+[ffi]
+; Nothing here
+
diff --git a/customers/base/files/config.php b/customers/base/files/config.php
new file mode 100644
index 0000000..e42fd73
--- /dev/null
+++ b/customers/base/files/config.php
@@ -0,0 +1,107 @@
+
+ array (
+ 0 => 'globalsiteselector',
+ ),
+ 'apps_paths' =>
+ array (
+ 0 =>
+ array (
+ 'path' => '/var/www/html/apps',
+ 'url' => '/apps',
+ 'writable' => false,
+ ),
+ 1 =>
+ array (
+ 'path' => '/var/www/html/custom_apps',
+ 'url' => '/custom_apps',
+ 'writable' => true,
+ ),
+ ),
+ 'appstoreenabled' => false,
+ 'config_is_read_only' => true,
+ 'csrf.disabled' => true,
+ 'datadirectory' => '/var/www/html/data',
+ 'dbhost' => '{{MYSQL_HOST}}:{{MYSQL_PORT}}',
+ 'dbname' => '{{MYSQL_DATABASE}}',
+ 'dbpassword' => '{{MYSQL_PASSWORD}}',
+ 'dbport' => '{{MYSQL_PORT}}',
+ 'dbtableprefix' => 'oc_',
+ 'dbtype' => 'mysql',
+ 'dbuser' => '{{MYSQL_USER}}',
+ 'default_phone_region' => 'SE',
+ 'forcessl' => true,
+ 'gs.enabled' => 'true',
+ 'gs.federation' => 'global',
+ 'gs.trustedHosts' => ['*.sunet.se'],
+ 'htaccess.RewriteBase' => '/',
+ 'installed' => true,
+ 'instanceid' => '{{NEXTCLOUD_INSTANCEID}}',
+ 'integrity.check.disabled' => true,
+ 'log_type' => 'file',
+ 'loglevel' => 0,
+ 'lookup_server' => '{{LOOKUP_SERVER}}',
+ 'mail_domain' => '{{MAIL_DOMAIN}}',
+ 'mail_from_address' => '{{MAIL_FROM_ADDRESS}}',
+ 'mail_sendmailmode' => 'smtp',
+ 'mail_smtpauth' => 1,
+ 'mail_smtpauthtype' => 'LOGIN',
+ 'mail_smtphost' => '{{MAIL_SMTPHOST}}',
+ 'mail_smtpmode' => 'smtp',
+ 'mail_smtpname' => '{{MAIL_SMTPNAME}}',
+ 'mail_smtppassword' => '{{MAIL_SMTPPASSWORD}}',
+ 'mail_smtpport' => '587',
+ 'mail_smtpsecure' => 'tls',
+ 'mail_template_class' => 'OCA\DriveEmailTemplate\EMailTemplate',
+ 'memcache.distributed' => '\\OC\\Memcache\\Redis',
+ 'memcache.local' => '\\OC\\Memcache\\APCu',
+ 'memcache.locking' => '\\OC\\Memcache\\Redis',
+ 'mysql.utf8mb4' => true,
+ 'objectstore' =>
+ array (
+ 'class' => '\\OC\\Files\\ObjectStore\\S3',
+ 'arguments' =>
+ array (
+ 'autocreate' => false,
+ 'bucket' => '{{OBJECTSTORE_S3_BUCKET}}',
+ 'hostname' => '{{OBJECTSTORE_S3_HOST}}',
+ 'key' => '{{OBJECTSTORE_S3_KEY}}',
+ 'legacy_auth' => false,
+ 'objectPrefix' => 'urn:oid:',
+ 'port' => '',
+ 'region' => '{{OBJECTSTORE_S3_REGION}}',
+ 'secret' => '{{OBJECTSTORE_S3_SECRET}}',
+ 'use_path_style' => true,
+ 'use_ssl' => true,
+ ),
+ ),
+ 'overwrite.cli.url' => 'https://{{SITE_NAME}}/',
+ 'overwritehost' => '{{SITE_NAME}}',
+ 'overwriteprotocol' => 'https',
+ 'passwordsalt' => '{{NEXTCLOUD_PASSWORDSALT}}',
+ 'secret' => '{{NEXTCLOUD_SECRET}}',
+ 'redis' =>
+ array (
+ 'host' => '{{REDIS_HOST}}',
+ 'port' => 6379,
+ ),
+ 'skeletondirectory' => '',
+ 'templatedirectory' => '',
+ 'trusted_domains' =>
+ array (
+ 0 => '{{NEXTCLOUD_TRUSTED_DOMAINS}}'
+ ),
+ 'trusted_proxies' =>
+ array (
+ 0 => '10.0.0.0/8'
+ ),
+ 'twofactor_enforced' => 'true',
+ 'twofactor_enforced_groups' =>
+ array (
+ 0 => 'admin',
+ ),
+ 'updatechecker' => false,
+ 'version' => '{{NEXTCLOUD_VERSION_STRING}}',
+);
+
diff --git a/customers/base/files/nc-upgrade b/customers/base/files/nc-upgrade
new file mode 100644
index 0000000..aa6907b
--- /dev/null
+++ b/customers/base/files/nc-upgrade
@@ -0,0 +1,14 @@
+#!/bin/bash
+sed "s/config_is_read_only\(.\) => true,/config_is_read_only\1 => false,/" /var/www/html/config/config.php > /var/www/html/config/config.php.tmp
+mv /var/www/html/config/config.php.tmp /var/www/html/config/config.php
+php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ upgrade
+php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ maintenance:update:htaccess
+php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ maintenance:repair
+php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ maintenance:mode --off
+php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ db:add-missing-primary-keys
+php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ db:add-missing-columns
+php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ db:add-missing-indices
+sed "s/config_is_read_only\(.\) => false,/config_is_read_only\1 => true,/" /var/www/html/config/config.php > /var/www/html/config/config.php.tmp
+mv /var/www/html/config/config.php.tmp /var/www/html/config/config.php
+chown www-data:www-data /var/www/html/config/config.php
+
diff --git a/customers/base/kustomization.yaml b/customers/base/kustomization.yaml
index d488ad3..1784e71 100644
--- a/customers/base/kustomization.yaml
+++ b/customers/base/kustomization.yaml
@@ -1,14 +1,37 @@
resources:
- - apache-configmap.yml
- - apache-php-configmap.yml
- - apcu-configmap.yml
- - cli-php-configmap.yml
+ - env-configmap.yml
- nextcloud-cert-issuer.yml
- - nextcloud-configmap.yml
- nextcloud-deployment.yml
- nextcloud-ingress.yml
- nextcloud-service.yml
- redis-deployment.yml
- redis-service.yml
- s3-service.yml
- - script-configmap.yml
+
+configMapGenerator:
+ - name: apache-configmap
+ files:
+ - files/000-default.conf
+ - name: apache-php-configmap
+ files:
+ - php.ini=files/apache-php.ini
+ - name: apcu-configmap
+ files:
+ - files/apcu.ini
+ - name: nextcloud-configmap
+ files:
+ - files/config.php
+ - name: cli-php-configmap
+ files:
+ - php.ini=files/cli-php.ini
+ - name: script-configmap
+ files:
+ - files/nc-upgrade
+
+generatorOptions:
+ disableNameSuffixHash: true
+
+images:
+ - name: nextcloud-custom-image
+ newName: docker.sunet.se/drive/nextcloud-custom
+ newTag: 30.0.5.2-2
diff --git a/customers/base/nextcloud-configmap.yml b/customers/base/nextcloud-configmap.yml
deleted file mode 100644
index f789037..0000000
--- a/customers/base/nextcloud-configmap.yml
+++ /dev/null
@@ -1,115 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: nextcloud-configmap
-data:
- config.php: |
-
- array (
- 0 => 'globalsiteselector',
- ),
- 'apps_paths' =>
- array (
- 0 =>
- array (
- 'path' => '/var/www/html/apps',
- 'url' => '/apps',
- 'writable' => false,
- ),
- 1 =>
- array (
- 'path' => '/var/www/html/custom_apps',
- 'url' => '/custom_apps',
- 'writable' => true,
- ),
- ),
- 'appstoreenabled' => false,
- 'config_is_read_only' => true,
- 'csrf.disabled' => true,
- 'datadirectory' => '/var/www/html/data',
- 'dbhost' => '{{MYSQL_HOST}}:{{MYSQL_PORT}}',
- 'dbname' => '{{MYSQL_DATABASE}}',
- 'dbpassword' => '{{MYSQL_PASSWORD}}',
- 'dbport' => '{{MYSQL_PORT}}',
- 'dbtableprefix' => 'oc_',
- 'dbtype' => 'mysql',
- 'dbuser' => '{{MYSQL_USER}}',
- 'default_phone_region' => 'SE',
- 'forcessl' => true,
- 'gs.enabled' => 'true',
- 'gs.federation' => 'global',
- 'gs.trustedHosts' => ['*.sunet.se'],
- 'gss.jwt.key' => '{{GSS_JWT_KEY}}',
- 'gss.master.url' => '{{GSS_MASTER_URL}}',
- 'gss.mode' => 'slave',
- 'gss.user.discovery.module' => '\\OCA\\GlobalSiteSelector\\UserDiscoveryModules\\ManualUserMapping',
- 'installed' => true,
- 'instanceid' => '{{NEXTCLOUD_INSTANCEID}}',
- 'integrity.check.disabled' => true,
- 'log_type' => 'file',
- 'loglevel' => 0,
- 'lookup_server' => '{{LOOKUP_SERVER}}',
- 'mail_domain' => '{{MAIL_DOMAIN}}',
- 'mail_from_address' => '{{MAIL_FROM_ADDRESS}}',
- 'mail_sendmailmode' => 'smtp',
- 'mail_smtpauth' => 1,
- 'mail_smtpauthtype' => 'LOGIN',
- 'mail_smtphost' => '{{MAIL_SMTPHOST}}',
- 'mail_smtpmode' => 'smtp',
- 'mail_smtpname' => '{{MAIL_SMTPNAME}}',
- 'mail_smtppassword' => '{{MAIL_SMTPPASSWORD}}',
- 'mail_smtpport' => '587',
- 'mail_smtpsecure' => 'tls',
- 'mail_template_class' => 'OCA\DriveEmailTemplate\EMailTemplate',
- 'memcache.distributed' => '\\OC\\Memcache\\Redis',
- 'memcache.local' => '\\OC\\Memcache\\APCu',
- 'memcache.locking' => '\\OC\\Memcache\\Redis',
- 'mysql.utf8mb4' => true,
- 'objectstore' =>
- array (
- 'class' => '\\OC\\Files\\ObjectStore\\S3',
- 'arguments' =>
- array (
- 'autocreate' => false,
- 'bucket' => '{{OBJECTSTORE_S3_BUCKET}}',
- 'hostname' => '{{OBJECTSTORE_S3_HOST}}',
- 'key' => '{{OBJECTSTORE_S3_KEY}}',
- 'legacy_auth' => false,
- 'objectPrefix' => 'urn:oid:',
- 'port' => '',
- 'region' => '{{OBJECTSTORE_S3_REGION}}',
- 'secret' => '{{OBJECTSTORE_S3_SECRET}}',
- 'use_path_style' => true,
- 'use_ssl' => true,
- ),
- ),
- 'overwrite.cli.url' => 'https://{{SITE_NAME}}',
- 'overwritehost' => '{{SITE_NAME}}',
- 'overwriteprotocol' => 'https',
- 'passwordsalt' => '{{NEXTCLOUD_PASSWORDSALT}}',
- 'secret' => '{{NEXTCLOUD_SECRET}}',
- 'redis' =>
- array (
- 'host' => '{{REDIS_HOST}}',
- 'port' => 6379,
- ),
- 'skeletondirectory' => '',
- 'templatedirectory' => '',
- 'trusted_domains' =>
- array (
- 0 => '{{NEXTCLOUD_TRUSTED_DOMAINS}}'
- ),
- 'trusted_proxies' =>
- array (
- 0 => '10.0.0.0/8'
- ),
- 'twofactor_enforced' => 'true',
- 'twofactor_enforced_groups' =>
- array (
- 0 => 'admin',
- ),
- 'updatechecker' => false,
- 'version' => '{{NEXTCLOUD_VERSION_STRING}}',
- );
diff --git a/customers/base/nextcloud-deployment.yml b/customers/base/nextcloud-deployment.yml
index 77e6c31..4be1a46 100644
--- a/customers/base/nextcloud-deployment.yml
+++ b/customers/base/nextcloud-deployment.yml
@@ -11,16 +11,6 @@ spec:
app: customer-node
updateStrategy:
type: RollingUpdate
- volumeClaimTemplates:
- - metadata:
- name: nextcloud-data
- spec:
- storageClassName: csi-sc-cinderplugin
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 1Gi
template:
metadata:
labels:
@@ -28,9 +18,25 @@ spec:
kano: micke
spec:
restartPolicy: Always
+ initContainers:
+ - image: docker.sunet.se/sunet/docker-jinja:latest
+ name: init-config
+ volumeMounts:
+ - name: nextcloud-config
+ mountPath: /tmp/config.php.template
+ subPath: config.php
+ - name: nextcloud-data
+ mountPath: /var/www/html/config
+ subPath: config
+ envFrom:
+ - configMapRef:
+ name: nextcloud-env
+ - secretRef:
+ name: nextcloud-secrets
+ command: ["/bin/bash", "-c", "/usr/bin/j2 -f env -o /var/www/html/config/config.php /tmp/config.php.template"]
containers:
- name: customer
- image: docker.sunet.se/drive/nextcloud-custom:30.0.5.2-2
+ image: nextcloud-custom-image
volumeMounts:
- name: nextcloud-data
mountPath: /var/www/html/config/
@@ -76,105 +82,6 @@ spec:
postStart:
exec:
command: ["/bin/bash", "-c", "/usr/local/bin/nc-upgrade"]
- initContainers:
- - image: docker.sunet.se/sunet/docker-jinja:latest
- name: init-config
- volumeMounts:
- - name: nextcloud-config
- mountPath: /tmp/config.php.template
- subPath: config.php
- - name: nextcloud-data
- mountPath: /var/www/html/config
- subPath: config
- env:
- - name: GSS_MASTER_URL
- value: "https://drive.test.sunet.se"
- - name: GSS_JWT_KEY
- valueFrom:
- secretKeyRef:
- name: gss-secret
- key: "jwt_key"
- - name: LOOKUP_SERVER
- value: "https://lookup.drive.test.sunet.se"
- - name: MAIL_DOMAIN
- value: "drive.test.sunet.se"
- - name: MAIL_FROM_ADDRESS
- value: "noreply"
- - name: MAIL_SMTPHOST
- value: "smtp.sunet.se"
- - name: MAIL_SMTPNAME
- value: "noreply@drive.test.sunet.se"
- - name: MAIL_SMTPPASSWORD
- valueFrom:
- secretKeyRef:
- name: mail-secret
- key: "smtp_password"
- - name: MYSQL_DATABASE
- value: "nextcloud_customer"
- - name: MYSQL_USER
- value: "nextcloud_customer"
- - name: MYSQL_HOST
- value: "proxysqlcluster.proxysql"
- - name: MYSQL_PASSWORD
- valueFrom:
- secretKeyRef:
- name: db-secret
- key: "db_password"
- - name: MYSQL_PORT
- value: "6033"
- - name: NEXTCLOUD_TRUSTED_DOMAINS
- value: "customer.drive.test.sunet.se"
- - name: NEXTCLOUD_ADMIN_USER
- value: admin
- - name: NEXTCLOUD_VERSION_STRING
- value: "30.0.5.2"
- - name: NEXTCLOUD_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: nc-secret
- key: "nc_admin_password"
- - name: NEXTCLOUD_PASSWORDSALT
- valueFrom:
- secretKeyRef:
- name: nc-secret
- key: "nc_passwordsalt"
- - name: NEXTCLOUD_INSTANCEID
- valueFrom:
- secretKeyRef:
- name: nc-secret
- key: "nc_instanceid"
- - name: NEXTCLOUD_SECRET
- valueFrom:
- secretKeyRef:
- name: nc-secret
- key: "nc_secret"
- - name: OBJECTSTORE_S3_REGION
- value: "us-east-1"
- - name: OBJECTSTORE_S3_HOST
- value: "s3.sto4.safedc.net"
- - name: OBJECTSTORE_S3_BUCKET
- value: "primary-customer-drive-test.sunet.se"
- - name: OBJECTSTORE_S3_KEY
- valueFrom:
- secretKeyRef:
- name: s3-secret
- key: "s3_key"
- - name: OBJECTSTORE_S3_SECRET
- valueFrom:
- secretKeyRef:
- name: s3-secret
- key: "s3_secret"
- - name: OBJECTSTORE_S3_USEPATH_STYLE
- value: "true"
- - name: OBJECTSTORE_S3_AUTOCREATE
- value: "true"
- - name: OBJECTSTORE_S3_SSL
- value: "true"
- - name: REDIS_HOST
- value: "redis"
- - name: SITE_NAME
- value: "customer.drive.test.sunet.se"
- command: ["/bin/bash", "-c", "/usr/bin/j2 -f env -o /var/www/html/config/config.php /tmp/config.php.template"]
volumes:
- name: script-config
configMap:
@@ -213,3 +120,5 @@ spec:
items:
- key: "config.php"
path: "config.php"
+ - name: nextcloud-data
+ emptyDir: {}
diff --git a/customers/base/nextcloud-ingress.yml b/customers/base/nextcloud-ingress.yml
index 5c473df..e0dce7f 100644
--- a/customers/base/nextcloud-ingress.yml
+++ b/customers/base/nextcloud-ingress.yml
@@ -6,6 +6,11 @@ metadata:
annotations:
cert-manager.io/issuer: "letsencrypt"
acme.cert-manager.io/http01-edit-in-place: "true"
+ nginx.ingress.kubernetes.io/affinity-mode: "persistent"
+ nginx.ingress.kubernetes.io/affinity: "cookie"
+ nginx.ingress.kubernetes.io/session-cookie-expires: "172800"
+ nginx.ingress.kubernetes.io/session-cookie-max-age: "172800"
+ nginx.ingress.kubernetes.io/session-cookie-name: "sticky"
spec:
ingressClassName: nginx
defaultBackend:
@@ -15,16 +20,15 @@ spec:
number: 8443
tls:
- hosts:
- - customer.drive.test.sunet.se
+ - customer.drive.test.sunet.se
secretName: tls-secret
-
rules:
- host: customer.drive.test.sunet.se
http:
paths:
- path: /
pathType: Prefix
- backend:
+ backend:
service:
name: customer-node
port:
diff --git a/customers/base/script-configmap.yml b/customers/base/script-configmap.yml
deleted file mode 100644
index a99349c..0000000
--- a/customers/base/script-configmap.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: script-configmap
-data:
- nc-upgrade: |
- #!/bin/bash
- sed "s/config_is_read_only\(.\) => true,/config_is_read_only\1 => false,/" /var/www/html/config/config.php > /var/www/html/config/config.php.tmp
- mv /var/www/html/config/config.php.tmp /var/www/html/config/config.php
- php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ upgrade
- php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ maintenance:repair
- php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ maintenance:mode --off
- php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ db:add-missing-primary-keys
- php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ db:add-missing-columns
- php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ db:add-missing-indices
- sed "s/config_is_read_only\(.\) => false,/config_is_read_only\1 => true,/" /var/www/html/config/config.php > /var/www/html/config/config.php.tmp
- mv /var/www/html/config/config.php.tmp /var/www/html/config/config.php
- chown www-data:www-data /var/www/html/config/config.php
diff --git a/customers/overlays/nordunet/test/env-configmap.yml b/customers/overlays/nordunet/test/env-configmap.yml
new file mode 100644
index 0000000..b8b030a
--- /dev/null
+++ b/customers/overlays/nordunet/test/env-configmap.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: nextcloud-env
+data:
+ MYSQL_DATABASE: 'nextcloud_nordunet'
+ MYSQL_USER: 'nextcloud_nordunet'
+ NEXTCLOUD_TRUSTED_DOMAINS: 'nordunet.drive.test.sunet.se'
+ OBJECTSTORE_S3_BUCKET: 'primary-nordunet-drive-test.sunet.se'
+ REDIS_HOST: 'nordunet-redis'
+ SITE_NAME: 'nordunet.drive.test.sunet.se'
diff --git a/customers/overlays/nordunet/test/kustomization.yaml b/customers/overlays/nordunet/test/kustomization.yaml
index e258878..353049b 100644
--- a/customers/overlays/nordunet/test/kustomization.yaml
+++ b/customers/overlays/nordunet/test/kustomization.yaml
@@ -1,7 +1,8 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
-- ../../../base
+ - ../../../base
patches:
-- path: nextcloud-deployment.yml
-- path: nextcloud-ingress.yml
+ - path: env-configmap.yml
+ - path: nextcloud-deployment.yml
+ - path: nextcloud-ingress.yml
diff --git a/customers/overlays/nordunet/test/nextcloud-deployment.yml b/customers/overlays/nordunet/test/nextcloud-deployment.yml
index ad89cbd..287164e 100644
--- a/customers/overlays/nordunet/test/nextcloud-deployment.yml
+++ b/customers/overlays/nordunet/test/nextcloud-deployment.yml
@@ -6,30 +6,3 @@ metadata:
app: customer-node
spec:
replicas: 1
- template:
- metadata:
- labels:
- app: customer-node
- spec:
- initContainers:
- - image: docker.sunet.se/sunet/docker-jinja:latest
- name: init-config
- env:
- - name: MYSQL_DATABASE
- value: "nextcloud_nordunet"
- - name: MYSQL_USER
- value: "nextcloud_nordunet"
- - name: GSS_MASTER_URL
- value: "https://drive.test.sunet.se"
- - name: LOOKUP_SERVER
- value: "https://lookup.drive.test.sunet.se"
- - name: MAIL_DOMAIN
- value: "drive.test.sunet.se"
- - name: MAIL_SMTPNAME
- value: "noreply@drive.test.sunet.se"
- - name: NEXTCLOUD_TRUSTED_DOMAINS
- value: "nordunet.drive.test.sunet.se"
- - name: OBJECTSTORE_S3_BUCKET
- value: "primary-nordunet-drive-test.sunet.se"
- - name: SITE_NAME
- value: "nordunet.drive.test.sunet.se"
diff --git a/customers/overlays/nordunet/test/nextcloud-ingress.yml b/customers/overlays/nordunet/test/nextcloud-ingress.yml
index 2746080..3e696ae 100644
--- a/customers/overlays/nordunet/test/nextcloud-ingress.yml
+++ b/customers/overlays/nordunet/test/nextcloud-ingress.yml
@@ -10,7 +10,7 @@ spec:
ingressClassName: nginx
tls:
- hosts:
- - nordunet.drive.test.sunet.se
+ - nordunet.drive.test.sunet.se
secretName: tls-secret
ingressClassName: nginx
rules:
@@ -19,7 +19,7 @@ spec:
paths:
- path: /
pathType: Prefix
- backend:
+ backend:
service:
name: customer-node
port:
diff --git a/customers/overlays/richir/test/env-configmap.yml b/customers/overlays/richir/test/env-configmap.yml
new file mode 100644
index 0000000..4ed379c
--- /dev/null
+++ b/customers/overlays/richir/test/env-configmap.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: nextcloud-env
+data:
+ MYSQL_DATABASE: 'nextcloud_richir'
+ MYSQL_USER: 'nextcloud_richir'
+ NEXTCLOUD_TRUSTED_DOMAINS: 'richir.drive.test.sunet.se'
+ OBJECTSTORE_S3_BUCKET: 'primary-richir-drive-test.sunet.se'
+ REDIS_HOST: 'richir-redis'
+ SITE_NAME: 'richir.drive.test.sunet.se'
diff --git a/customers/overlays/richir/test/kustomization.yaml b/customers/overlays/richir/test/kustomization.yaml
new file mode 100644
index 0000000..353049b
--- /dev/null
+++ b/customers/overlays/richir/test/kustomization.yaml
@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - ../../../base
+patches:
+ - path: env-configmap.yml
+ - path: nextcloud-deployment.yml
+ - path: nextcloud-ingress.yml
diff --git a/customers/overlays/richir/test/nextcloud-deployment.yml b/customers/overlays/richir/test/nextcloud-deployment.yml
new file mode 100644
index 0000000..29ee5d9
--- /dev/null
+++ b/customers/overlays/richir/test/nextcloud-deployment.yml
@@ -0,0 +1,8 @@
+kind: StatefulSet
+apiVersion: apps/v1
+metadata:
+ name: customer-node
+ labels:
+ app: customer-node
+spec:
+ replicas: 2
diff --git a/customers/overlays/richir/test/nextcloud-ingress.yml b/customers/overlays/richir/test/nextcloud-ingress.yml
new file mode 100644
index 0000000..1f95bfb
--- /dev/null
+++ b/customers/overlays/richir/test/nextcloud-ingress.yml
@@ -0,0 +1,26 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: customer-ingress
+ annotations:
+ cert-manager.io/issuer: "letsencrypt"
+ acme.cert-manager.io/http01-edit-in-place: "true"
+spec:
+ ingressClassName: nginx
+ tls:
+ - hosts:
+ - richir.drive.test.sunet.se
+ secretName: tls-secret
+ ingressClassName: nginx
+ rules:
+ - host: richir.drive.test.sunet.se
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: customer-node
+ port:
+ number: 80
diff --git a/customers/overlays/vinnova/test/env-configmap.yml b/customers/overlays/vinnova/test/env-configmap.yml
new file mode 100644
index 0000000..19e8505
--- /dev/null
+++ b/customers/overlays/vinnova/test/env-configmap.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: nextcloud-env
+data:
+ MYSQL_DATABASE: 'nextcloud_vinnova'
+ MYSQL_USER: 'nextcloud_vinnova'
+ NEXTCLOUD_TRUSTED_DOMAINS: 'vinnova.drive.test.sunet.se'
+ OBJECTSTORE_S3_BUCKET: 'primary-vinnova-test.sunet.se'
+ REDIS_HOST: 'vinnova-redis'
+ SITE_NAME: 'vinnova.drive.test.sunet.se'
diff --git a/customers/overlays/vinnova/test/kustomization.yaml b/customers/overlays/vinnova/test/kustomization.yaml
index 036c61d..353049b 100644
--- a/customers/overlays/vinnova/test/kustomization.yaml
+++ b/customers/overlays/vinnova/test/kustomization.yaml
@@ -1,7 +1,8 @@
-apiVersion: 'kustomize.config.k8s.io/v1beta1'
+apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
-bases:
-- ../../../base
-patchesStrategicMerge:
- - nextcloud-deployment.yml
- - nextcloud-ingress.yml
+resources:
+ - ../../../base
+patches:
+ - path: env-configmap.yml
+ - path: nextcloud-deployment.yml
+ - path: nextcloud-ingress.yml
diff --git a/customers/overlays/vinnova/test/nextcloud-deployment.yml b/customers/overlays/vinnova/test/nextcloud-deployment.yml
index bb8cb30..287164e 100644
--- a/customers/overlays/vinnova/test/nextcloud-deployment.yml
+++ b/customers/overlays/vinnova/test/nextcloud-deployment.yml
@@ -5,30 +5,4 @@ metadata:
labels:
app: customer-node
spec:
- template:
- metadata:
- labels:
- app: customer-node
- spec:
- initContainers:
- - image: docker.sunet.se/sunet/docker-jinja:latest
- name: init-config
- env:
- - name: MYSQL_DATABASE
- value: "nextcloud_vinnova"
- - name: MYSQL_USER
- value: "nextcloud_vinnova"
- - name: GSS_MASTER_URL
- value: "https://drive.test.sunet.se"
- - name: LOOKUP_SERVER
- value: "https://lookup.drive.test.sunet.se"
- - name: MAIL_DOMAIN
- value: "drive.test.sunet.se"
- - name: MAIL_SMTPNAME
- value: "noreply@drive.test.sunet.se"
- - name: NEXTCLOUD_TRUSTED_DOMAINS
- value: "vinnova.drive.test.sunet.se"
- - name: OBJECTSTORE_S3_BUCKET
- value: "primary-vinnova-test.sunet.se"
- - name: SITE_NAME
- value: "vinnova.drive.test.sunet.se"
+ replicas: 1
diff --git a/customers/overlays/vinnova/test/nextcloud-ingress.yml b/customers/overlays/vinnova/test/nextcloud-ingress.yml
index ac82344..506ea74 100644
--- a/customers/overlays/vinnova/test/nextcloud-ingress.yml
+++ b/customers/overlays/vinnova/test/nextcloud-ingress.yml
@@ -10,16 +10,16 @@ spec:
ingressClassName: nginx
tls:
- hosts:
- - vinnova.drive.test.sunet.se
+ - vinnova.drive.test.sunet.se
secretName: tls-secret
- ingressClassName: nginx
+ ingressClassName: nginx
rules:
- host: vinnova.drive.test.sunet.se
http:
paths:
- path: /
pathType: Prefix
- backend:
+ backend:
service:
name: customer-node
port: