# image:
#   repository: 'docker.sunet.se/drive/nextcloud-custom'
#   tag: '29.0.10.3-1'
#   pullPolicy: 'Always'
image:
  repository: nextcloud
  flavor: apache
  # default is generated by flavor and appVersion
  tag:
  pullPolicy: IfNotPresent

nameOverride: ""
fullnameOverride: ""
podAnnotations: {}
deploymentAnnotations: {}
deploymentLabels: {}

replicaCount: 1

ingress:
  enabled: true
  className: 'nginx'
  annotations:
    acme.cert-manager.io/http01-edit-in-place: 'true'
    cert-manager.io/issuer: 'letsencrypt'
  tls:
    - secretName: 'tls-secret'
      hosts:
        - 'richir.drive.test.sunet.se'
  labels:
    app.kubernetes.io/instance: 'richir'
  path: '/'
  pathType: 'Prefix'

lifecycle: {}
  # postStartCommand: []
  # preStopCommand: []

phpClientHttpsFix:
  enabled: false
  protocol: 'https'

nextcloud:
  host: 'richir.drive.test.sunet.se'
  existingSecret:
    enabled: true
    secretName: 'nc-secret'
    passwordKey: 'nc_admin_password'
    usernameKey: 'nc_admin_user'
    smtpHostKey: 'smtp_host'
    smtpPasswordKey: 'smtp_password'
    smtpUsernameKey: 'smtp_user'
  update: 0
  containerPort: 80
  datadir: '/var/www/html/data'
  persistence:
    subPath:
  trustedDomains:
    - 'customer.drive.test.sunet.se'
  mail:
    enabled: true
    fromAddress: 'noreply@drive.test.sunet.se'
    domain: 'drive.test.sunet.se'
    smtp:
      secure: 'tls'
      port: 587
      authtype: 'LOGIN'
  objectStore:
    s3:
      enabled: true
      legacyAuth: false
      ssl: true
      port: 443
      region: 'us-east-1'
      prefix: 'urn:oid:'
      usePathStyle: true
      autoCreate: true
      storageClass: 'STANDARD'
      existingSecret: 's3-secret'
      secretKeys:
        bucket: 's3_bucket'
        accessKey: 's3_key'
        host: 's3_host'
        secretKey: 's3_secret'

  ## PHP Configuration files
  # Will be injected in /usr/local/etc/php/conf.d for apache image and in /usr/local/etc/php-fpm.d when nginx.enabled: true
  phpConfigs: {} #FIXME?
  ## Default config files that utilize environment variables:
  # see: https://github.com/nextcloud/docker/tree/master#auto-configuration-via-environment-variables
  # IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself
  # Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/.config
  defaultConfigs:
    # To protect /var/www/html/config
    .htaccess: true
    # Apache configuration for rewrite urls
    apache-pretty-urls.config.php: false
    # Define APCu as local cache
    apcu.config.php: false
    # Apps directory configs
    apps.config.php: false
    # Used for auto configure database
    autoconfig.php: false
    # Redis default configuration
    redis.config.php: true
    # Reverse proxy default configuration
    reverse-proxy.config.php: false
    # S3 Object Storage as primary storage
    s3.config.php: true
    # SMTP default configuration via environment variables
    smtp.config.php: true
    # Swift Object Storage as primary storage
    swift.config.php: false
    # disables the web based updater as the default nextcloud docker image does not support it
    upgrade-disable-web.config.php: true

  # Extra config files created in /var/www/html/config/
  # ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
  configs: {} #FIXME?
  # For example, to enable image and text file previews:
  #  previews.config.php: |-
  #    <?php
  #    $CONFIG = array (
  #      'enable_previews' => true,
  #      'enabledPreviewProviders' => array (
  #        'OC\Preview\Movie',
  #        'OC\Preview\PNG',
  #        'OC\Preview\JPEG',
  #        'OC\Preview\GIF',
  #        'OC\Preview\BMP',
  #        'OC\Preview\XBitmap',
  #        'OC\Preview\MP3',
  #        'OC\Preview\MP4',
  #        'OC\Preview\TXT',
  #        'OC\Preview\MarkDown',
  #        'OC\Preview\PDF'
  #      ),
  #    );

  # Hooks for auto configuration
  # Here you could write small scripts which are placed in `/docker-entrypoint-hooks.d/<hook-name>/helm.sh`
  # ref: https://github.com/nextcloud/docker?tab=readme-ov-file#auto-configuration-via-hook-folders
  hooks:
    pre-installation:
    post-installation:
    pre-upgrade:
    post-upgrade:
    before-starting:

  ## Strategy used to replace old pods
  ## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes
  ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
  strategy:
    type: Recreate
    # type: RollingUpdate
    # rollingUpdate:
    #   maxSurge: 1
    #   maxUnavailable: 0

  ##
  ## Extra environment variables
  extraEnv:
  #  - name: SOME_SECRET_ENV
  #    valueFrom:
  #      secretKeyRef:
  #        name: nextcloud
  #        key: secret_key

  # Extra init containers that runs before pods start.
  extraInitContainers: []
  #  - name: do-something
  #    image: busybox
  #    command: ['do', 'something']

  # Extra sidecar containers.
  extraSidecarContainers: []
  #  - name: nextcloud-logger
  #    image: busybox
  #    command: [/bin/sh, -c, 'while ! test -f "/run/nextcloud/data/nextcloud.log"; do sleep 1; done; tail -n+1 -f /run/nextcloud/data/nextcloud.log']
  #    volumeMounts:
  #    - name: nextcloud-data
  #      mountPath: /run/nextcloud/data

  # Extra mounts for the pods. Example shown is for connecting a legacy NFS volume
  # to NextCloud pods in Kubernetes. This can then be configured in External Storage
  extraVolumes:
  #  - name: nfs
  #    nfs:
  #      server: "10.0.0.1"
  #      path: "/nextcloud_data"
  #      readOnly: false
  extraVolumeMounts:
  #  - name: nfs
  #    mountPath: "/legacy_data"

  # Set securityContext parameters for the nextcloud CONTAINER only (will not affect nginx container).
  # For example, you may need to define runAsNonRoot directive
  securityContext: {}
  #   runAsUser: 33
  #   runAsGroup: 33
  #   runAsNonRoot: true
  #   readOnlyRootFilesystem: false

  # Set securityContext parameters for the entire pod. For example, you may need to define runAsNonRoot directive
  podSecurityContext: {}
  #   runAsUser: 33
  #   runAsGroup: 33
  #   runAsNonRoot: true
  #   readOnlyRootFilesystem: false

  # Settings for the MariaDB init container
  mariaDbInitContainer:
    resources: {}
    # Set mariadb initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive
    securityContext: {}

  # Settings for the PostgreSQL init container
  postgreSqlInitContainer:
    resources: {}
    # Set postgresql initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive
    securityContext: {}

internalDatabase:
  enabled: false

externalDatabase:
  enabled: true
  type: 'mysql'
  host: 'proxysqlcluster.proxysql:6033'
  database: 'nextcloud_richir'
  existingSecret:
    enabled: true
    secretName: 'db-secret'
    passwordKey: 'db_password'
    usernameKey: 'db_username'

redis:
  enabled: true
  auth:
    enabled: false
  global:
    storageClass: ""
  master:
    persistence:
      enabled: true
  replica:
    persistence:
      enabled: true

## Cronjob to execute Nextcloud background tasks
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron
##
cronjob:
  enabled: false

  ## Cronjob sidecar resource requests and limits
  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  ##
  resources: {}

  # Allow configuration of lifecycle hooks
  # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
  lifecycle:
    postStartCommand: ["/bin/bash", "-c", "/usr/local/bin/nc-upgrade"]
    # preStopCommand: []
  # Set securityContext parameters. For example, you may need to define runAsNonRoot directive
  securityContext: {}
  #   runAsUser: 33
  #   runAsGroup: 33
  #   runAsNonRoot: true
  #   readOnlyRootFilesystem: true

service:
  type: 'ClusterIP'
  port: 8080
  loadBalancerIP: ""
  nodePort:
  # -- use additional annotation on service for nextcloud
  annotations: {}

persistence:
  enabled: true
  storageClass: 'csi-sc-cinderplugin'
  accessMode: 'ReadWriteOnce'
  size: '1Gi'
  nextcloudData:
    enabled: false

resources:
  limits:
    cpu: '2'
    memory: '2Gi'
  requests:
    cpu: '1'
    memory: '512Mi'

readinessProbe:
  tcpSocket:
    port: 80
  initialDelaySeconds: 10
  periodSeconds: 60
livenessProbe:
  tcpSocket:
    port: 80
  initialDelaySeconds: 20
  periodSeconds: 180

## Prometheus Exporter / Metrics
##
metrics:
  enabled: false

  replicaCount: 1
  # Optional: becomes NEXTCLOUD_SERVER env var in the nextcloud-exporter container.
  # Without it, we will use the full name of the nextcloud service
  server: ""
  # The metrics exporter needs to know how you serve Nextcloud either http or https
  https: false
  # Use API token if set, otherwise fall back to password authentication
  # https://github.com/xperimental/nextcloud-exporter#token-authentication
  # Currently you still need to set the token manually in your nextcloud install
  token: ""
  timeout: 5s
  # if set to true, exporter skips certificate verification of Nextcloud server.
  tlsSkipVerify: false
  info:
    # Optional: becomes NEXTCLOUD_INFO_APPS env var in the nextcloud-exporter container.
    # Enables gathering of apps-related metrics. Defaults to false
    apps: false

  image:
    repository: xperimental/nextcloud-exporter
    tag: 0.6.2
    pullPolicy: IfNotPresent
    # pullSecrets:
    #   - myRegistrKeySecretName

  ## Metrics exporter resource requests and limits
  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  ##
  resources: {}

  # -- Metrics exporter pod Annotation
  podAnnotations: {}

  # -- Metrics exporter pod Labels
  podLabels: {}

  # -- Metrics exporter pod nodeSelector
  nodeSelector: {}

  # -- Metrics exporter pod tolerations
  tolerations: []

  # -- Metrics exporter pod affinity
  affinity: {}

  service:
    type: ClusterIP
    # Use serviceLoadBalancerIP to request a specific static IP,
    # otherwise leave blank
    loadBalancerIP:
    annotations:
      prometheus.io/scrape: "true"
      prometheus.io/port: "9205"
    labels: {}

  # -- security context for the metrics CONTAINER in the pod
  securityContext:
    runAsUser: 1000
    runAsNonRoot: true
    # allowPrivilegeEscalation: false
    # capabilities:
    #   drop:
    #     - ALL

  # -- security context for the metrics POD
  podSecurityContext: {}
  # runAsNonRoot: true
  # seccompProfile:
  #   type: RuntimeDefault

  ## Prometheus Operator ServiceMonitor configuration
  ##
  serviceMonitor:
    ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using PrometheusOperator
    ##
    enabled: false

    ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
    ##
    namespace: ""

    ## @param metrics.serviceMonitor.namespaceSelector The selector of the namespace where the target service is located (defaults to the release namespace)
    namespaceSelector:

    ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
    ##
    jobLabel: ""

    ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped
    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
    ##
    interval: 30s

    ## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended
    ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
    ##
    scrapeTimeout: ""

    ## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
    ##
    labels: {}