kind: StatefulSet apiVersion: apps/v1 metadata: name: customer-node labels: app: customer-node spec: replicas: 1 selector: matchLabels: app: customer-node updateStrategy: type: RollingUpdate volumeClaimTemplates: - metadata: name: nextcloud-data spec: storageClassName: mayastor-3 accessModes: - ReadWriteOnce resources: requests: storage: 1Gi template: metadata: labels: app: customer-node spec: restartPolicy: Always securityContext: privileged: false runAsNonRoot: true allowPrivilegeEscalation: false runAsUser: 33 runAsGroup: 33 fsGroup: 33 containers: - name: customer image: docker.sunet.se/drive/nextcloud-custom:25.0.3.3-4 volumeMounts: - name: nextcloud-data mountPath: /var/www/html/config subPath: config - name: default-config mountPath: /etc/apache2/sites-enabled/000-default.conf subPath: 000-default.conf - name: apache2-config mountPath: /etc/apache2/apache2.conf subPath: apache2.conf - name: envars mountPath: /etc/apache2/envars subPath: envars - name: ports-config mountPath: /etc/apache2/ports.conf subPath: ports.conf - name: log-volume mountPath: /var/log/apache2 subPath: apache2 - name: conf-volume mountPath: /etc/apache2/mods-enabled subPath: mods-enabled - name: run-volume mountPath: /var/run/apache2 subPath: apache2 - name: hugepage mountPath: /dev/hugepages resources: limits: cpu: 1500m hugepages-2Mi: 0Mi memory: 2048Mi requests: cpu: 500m hugepages-2Mi: 0Mi memory: 256Mi readinessProbe: tcpSocket: port: 8080 initialDelaySeconds: 180 periodSeconds: 60 livenessProbe: tcpSocket: port: 8080 initialDelaySeconds: 300 periodSeconds: 180 ports: - containerPort: 8080 name: nextcloud-http command: ["/bin/bash"] args: ["-c", "cp /etc/apache2/mods-available/{php8.0.conf,php8.0.load}; apachectl -D FOREGROUND"] #command: ["/bin/sh","-c", "apachectl -D FOREGROUND; tail -f /dev/null"] initContainers: - image: docker.sunet.se/sunet/docker-jinja:latest name: init-config securityContext: privileged: true volumeMounts: - name: nextcloud-config-template mountPath: /tmp/config.php.template subPath: config.php - name: nextcloud-data mountPath: /var/www/html/config subPath: config - name: conf-volume mountPath: /etc/apache2/mods-enabled subPath: mods-enabled env: - name: GSS_MASTER_URL value: "https://drive.test.sunet.se" - name: GSS_JWT_KEY valueFrom: secretKeyRef: name: gss-secret key: "jwt_key" - name: LOOKUP_SERVER value: "https://lookup.drive.test.sunet.se" - name: MAIL_DOMAIN value: "drive.test.sunet.se" - name: MAIL_FROM_ADDRESS value: "noreply" - name: MAIL_SMTPHOST value: "smtp.sunet.se" - name: MAIL_SMTPNAME value: "noreply@drive.test.sunet.se" - name: MAIL_SMTPPASSWORD valueFrom: secretKeyRef: name: mail-secret key: "smtp_password" - name: MYSQL_DATABASE value: "customer_nextcloud" - name: MYSQL_USER value: "customer_nextcloud" - name: MYSQL_HOST value: "proxysql.proxysql" - name: MYSQL_PASSWORD valueFrom: secretKeyRef: name: db-secret key: "db_password" - name: MYSQL_PORT value: "6033" - name: NEXTCLOUD_TRUSTED_DOMAINS value: "customer.drive.test.sunet.se" - name: NEXTCLOUD_ADMIN_USER value: admin - name: NEXTCLOUD_VERSION_STRING value: "25.0.3.3" - name: NEXTCLOUD_ADMIN_PASSWORD valueFrom: secretKeyRef: name: nc-secret key: "nc_admin_password" - name: NEXTCLOUD_PASSWORDSALT valueFrom: secretKeyRef: name: nc-secret key: "nc_passwordsalt" - name: NEXTCLOUD_INSTANCEID valueFrom: secretKeyRef: name: nc-secret key: "nc_instanceid" - name: NEXTCLOUD_SECRET valueFrom: secretKeyRef: name: nc-secret key: "nc_secret" - name: OBJECTSTORE_S3_REGION value: "us-east-1" - name: OBJECTSTORE_S3_HOST value: "s3.sto4.safedc.net" - name: OBJECTSTORE_S3_BUCKET value: "primary-customer-drive-test.sunet.se" - name: OBJECTSTORE_S3_KEY valueFrom: secretKeyRef: name: s3-secret key: "s3_key" - name: OBJECTSTORE_S3_SECRET valueFrom: secretKeyRef: name: s3-secret key: "s3_secret" - name: OBJECTSTORE_S3_USEPATH_STYLE value: "true" - name: OBJECTSTORE_S3_AUTOCREATE value: "true" - name: OBJECTSTORE_S3_SSL value: "true" - name: REDIS_HOST value: "redis.redis" - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: redis-secret key: "redis_password" - name: SITE_NAME value: "customer.drive.test.sunet.se" command: ["/bin/bash", "-c", "cp /etc/apache2/mods-available/{ccess_compat.load,alias.conf,alias.load,auth_basic.load,authn_core.load,authn_file.load,authz_core.load,authz_host.load,authz_user.load,autoindex.conf,autoindex.load,deflate.conf,deflate.load,dir.conf,dir.load,env.load,filter.load,mime.conf,mime.load,mpm_prefork.conf,mpm_prefork.load,negotiation.conf,negotiation.load,reqtimeout.conf,reqtimeout.load,rewrite.load,setenvif.conf,setenvif.load,socache_shmcb.load,status.conf,status.load} /etc/apache2/mods-enabled/; /usr/bin/j2 -f env -o /var/www/html/config/config.php /tmp/config.php.template"] volumes: - name: nextcloud-config-template configMap: name: nextcloud-configmap items: - key: "config.php" path: "config.php" - name: apache2-config configMap: name: nextcloud-configmap items: - key: "apache2.conf" path: "apache2.conf" - name: default-config configMap: name: nextcloud-configmap items: - key: "000-default.conf" path: "000-default.conf" - name: envars configMap: name: nextcloud-configmap items: - key: "envars" path: "envars" - name: ports-config configMap: name: nextcloud-configmap items: - key: "ports.conf" path: "ports.conf" - name: run-volume emptyDir: sizeLimit: 500Mi - name: log-volume emptyDir: sizeLimit: 500Mi - name: conf-volume emptyDir: sizeLimit: 500Mi - name: hugepage emptyDir: medium: HugePages