apiVersion: v1
kind: ConfigMap
metadata:
name: nextcloud-configmap
data:
000-default.conf: |
LoadModule remoteip_module /usr/lib/apache2/modules/mod_remoteip.so
LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Log format config
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
# Header config
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 37.156.195.14
RemoteIPInternalProxy 37.156.195.19
RemoteIPInternalProxy 37.156.195.84
RemoteIPInternalProxy 37.156.195.92
#ErrorDocument 404 /404.html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined env=forwarded
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
LimitRequestBody 0
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
Dav off
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Log format config
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
# Header config
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 37.156.195.14
RemoteIPInternalProxy 37.156.195.19
RemoteIPInternalProxy 37.156.195.84
RemoteIPInternalProxy 37.156.195.92
#ErrorDocument 404 /404.html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined env=forwarded
SSLEngine On
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
LimitRequestBody 0
Require all granted
AllowOverride All
Options FollowSymLinks MultiViews
Dav off
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
apache.php.ini: |
[PHP]
allow_url_fopen = On
allow_url_include = Off
auto_append_file =
auto_globals_jit = On
auto_prepend_file =
default_charset = "UTF-8"
default_mimetype = "text/html"
default_socket_timeout = 60
disable_classes =
disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
display_errors = Off
display_startup_errors = Off
doc_root =
enable_dl = Off
engine = On
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = Off
file_uploads = On
ignore_repeated_errors = Off
ignore_repeated_source = Off
implicit_flush = Off
log_errors = On
log_errors_max_len = 1024
max_execution_time = 86400
max_file_uploads = 20
max_input_time = 86400
memory_limit = <%= @php_memory_limit_mb %>M
output_buffering = Off
post_max_size = 30G
precision = 14
register_argc_argv = Off
report_memleaks = On
request_order = "GP"
serialize_precision = -1
short_open_tag = Off
unserialize_callback_func =
upload_max_filesize = 30G
user_dir =
variables_order = "GPCS"
zend.enable_gc = On
zend.exception_ignore_args = On
zlib.output_compression = Off
[CLI Server]
cli_server.color = On
[Date]
; Nothing here
[filter]
; Nothing here
[iconv]
; Nothing here
[imap]
; Nothing here
[intl]
; Nothing here
[sqlite3]
; Nothing here
[Pcre]
; Nothing here
[Pdo]
; Nothing here
[Pdo_mysql]
pdo_mysql.default_socket=
[Phar]
; Nothing here
[mail function]
SMTP = localhost
smtp_port = 25
mail.add_x_header = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
[OCI8]
; Nothing here
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[bcmath]
bcmath.scale = 0
[browscap]
; Nothing here
[Session]
session.save_handler = files
session.use_strict_mode = 0
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.cookie_samesite =
session.serialize_handler = php
session.gc_probability = 0
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.sid_length = 26
session.trans_sid_tags = "a=href,area=href,frame=src,form="
session.sid_bits_per_character = 5
[Assertion]
zend.assertions = -1
[COM]
; Nothing here
[mbstring]
; Nothing here
[gd]
; Nothing here
[exif]
; Nothing here
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
; Nothing here
[ldap]
ldap.max_links = -1
[dba]
; Nothing here
[opcache]
; Nothing here
[curl]
; Nothing here
[openssl]
; Nothing here
[ffi]
; Nothing here
apcu.ini: |
extension=apcu.so
apc.enable_cli=1
cli.php.ini: |
[PHP]
allow_url_fopen = On
allow_url_include = Off
auto_append_file =
auto_globals_jit = On
auto_prepend_file =
default_charset = "UTF-8"
default_mimetype = "text/html"
default_socket_timeout = 60
disable_classes =
disable_functions =
display_errors = Off
display_startup_errors = Off
doc_root =
enable_dl = Off
engine = On
error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
expose_php = On
file_uploads = On
ignore_repeated_errors = Off
ignore_repeated_source = Off
implicit_flush = Off
log_errors = On
log_errors_max_len = 1024
max_execution_time = 86400
max_file_uploads = 20
max_input_time = 86400
memory_limit = -1
output_buffering = Off
post_max_size = 16G
precision = 14
register_argc_argv = Off
report_memleaks = On
request_order = "GP"
serialize_precision = -1
short_open_tag = Off
unserialize_callback_func =
upload_max_filesize = 16G
user_dir =
variables_order = "GPCS"
zend.enable_gc = On
zend.exception_ignore_args = On
zlib.output_compression = Off
[CLI Server]
cli_server.color = On
[Date]
; Nothing here
[filter]
; Nothing here
[iconv]
; Nothing here
[imap]
; Nothing here
[intl]
; Nothing here
[sqlite3]
; Nothing here
[Pcre]
; Nothing here
[Pdo]
; Nothing here
[Pdo_mysql]
pdo_mysql.default_socket=
[Phar]
; Nothing here
[mail function]
SMTP = localhost
smtp_port = 25
mail.add_x_header = Off
[ODBC]
odbc.allow_persistent = On
odbc.check_persistent = On
odbc.max_persistent = -1
odbc.max_links = -1
odbc.defaultlrl = 4096
odbc.defaultbinmode = 1
[MySQLi]
mysqli.max_persistent = -1
mysqli.allow_persistent = On
mysqli.max_links = -1
mysqli.default_port = 3306
mysqli.default_socket =
mysqli.default_host =
mysqli.default_user =
mysqli.default_pw =
mysqli.reconnect = Off
[mysqlnd]
mysqlnd.collect_statistics = On
mysqlnd.collect_memory_statistics = Off
[OCI8]
; Nothing here
[PostgreSQL]
pgsql.allow_persistent = On
pgsql.auto_reset_persistent = Off
pgsql.max_persistent = -1
pgsql.max_links = -1
pgsql.ignore_notice = 0
pgsql.log_notice = 0
[bcmath]
bcmath.scale = 0
[browscap]
; Nothing here
[Session]
session.save_handler = files
session.use_strict_mode = 0
session.use_cookies = 1
session.use_only_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.cookie_httponly =
session.cookie_samesite =
session.serialize_handler = php
session.gc_probability = 0
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.referer_check =
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0
session.sid_length = 26
session.trans_sid_tags = "a=href,area=href,frame=src,form="
session.sid_bits_per_character = 5
[Assertion]
zend.assertions = -1
[COM]
; Nothing here
[mbstring]
; Nothing here
[gd]
; Nothing here
[exif]
; Nothing here
[Tidy]
tidy.clean_output = Off
[soap]
soap.wsdl_cache_enabled=1
soap.wsdl_cache_dir="/tmp"
soap.wsdl_cache_ttl=86400
soap.wsdl_cache_limit = 5
[sysvshm]
; Nothing here
[ldap]
ldap.max_links = -1
[dba]
; Nothing here
[opcache]
; Nothing here
[curl]
; Nothing here
[openssl]
; Nothing here
[ffi]
; Nothing here
config.php: |
'\\OC\\Memcache\\APCu',
'appstoreenabled' => false,
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '{{REDIS_HOST}}',
'port' => 6379,
),
'forcessl' => true,
'overwriteprotocol' => 'https',
'objectstore' =>
array (
'class' => '\\OC\\Files\\ObjectStore\\S3',
'arguments' =>
array (
'bucket' => '{{OBJECTSTORE_S3_BUCKET}}',
'key' => '{{OBJECTSTORE_S3_KEY}}',
'secret' => '{{OBJECTSTORE_S3_SECRET}}',
'region' => '{{OBJECTSTORE_S3_REGION}}',
'hostname' => '{{OBJECTSTORE_S3_HOST}}',
'port' => '',
'objectPrefix' => 'urn:oid:',
'autocreate' => false,
'use_ssl' => true,
'use_path_style' => true,
'legacy_auth' => false,
),
),
'csrf.disabled' => true,
'passwordsalt' => '{{NEXTCLOUD_PASSWORDSALT}}',
'secret' => '{{NEXTCLOUD_SECRET}}',
'trusted_domains' =>
array (
0 => '{{NEXTCLOUD_TRUSTED_DOMAINS}}'
),
'config_is_read_only' => true,
'datadirectory' => '/var/www/html/data',
'dbhost' => '{{MYSQL_HOST}}:{{MYSQL_PORT}}',
'dbname' => '{{MYSQL_DATABASE}}',
'dbpassword' => '{{MYSQL_PASSWORD}}',
'dbport' => '{{MYSQL_PORT}}',
'dbtableprefix' => 'oc_',
'dbtype' => 'mysql',
'dbuser' => '{{MYSQL_USER}}',
'gs.enabled' => 'true',
'gs.federation' => 'global',
'gs.trustedHosts' => ['*.sunet.se'],
'gss.jwt.key' => '{{GSS_JWT_KEY}}',
'gss.master.url' => '{{GSS_MASTER_URL}}',
'gss.mode' => 'slave',
'gss.user.discovery.module' => '\\OCA\\GlobalSiteSelector\\UserDiscoveryModules\\ManualUserMapping',
'installed' => true,
'instanceid' => '{{NEXTCLOUD_INSTANCEID}}',
'log_type' => 'file',
'loglevel' => 0,
'lookup_server' => '{{LOOKUP_SERVER}}',
'mail_domain' => '{{MAIL_DOMAIN}}',
'mail_from_address' => '{{MAIL_FROM_ADDRESS}}',
'mail_sendmailmode' => 'smtp',
'mail_smtpauth' => 1,
'mail_smtpauthtype' => 'LOGIN',
'mail_smtphost' => '{{MAIL_SMTPHOST}}',
'mail_smtpmode' => 'smtp',
'mail_smtpname' => '{{MAIL_SMTPNAME}}',
'mail_smtppassword' => '{{MAIL_SMTPPASSWORD}}',
'mail_smtpport' => '587',
'mail_smtpsecure' => 'tls',
'mail_template_class' => 'OCA\DriveEmailTemplate\EMailTemplate',
'mysql.utf8mb4' => true,
'overwritehost' => '{{SITE_NAME}}',
'overwrite.cli.url' => 'https://{{SITE_NAME}}',
'templatedirectory' => '',
'skeletondirectory' => '',
'twofactor_enforced' => 'true',
'twofactor_enforced_groups' =>
array (
0 => 'admin',
),
'version' => '{{NEXTCLOUD_VERSION_STRING}}',
'app_install_overwrite' =>
array (
0 => 'globalsiteselector',
),
);
nc-upgrade.sh: |
#!/bin/bash
sed "s/config_is_read_only\(.\) => true,/config_is_read_only\1 => false,/" /var/www/html/config/config.php > /var/www/html/config/config.php.tmp
mv /var/www/html/config/config.php.tmp /var/www/html/config/config.php
php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ upgrade
php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ maintenance:repair
php -d apc.enable_cli=1 -d memory_limit=-1 /var/www/html/occ maintenance:mode --off
sed "s/config_is_read_only\(.\) => false,/config_is_read_only\1 => true,/" /var/www/html/config/config.php > /var/www/html/config/config.php.tmp
mv /var/www/html/config/config.php.tmp /var/www/html/config/config.php