diff --git a/library/ix-dev/charts/nextcloud/Chart.yaml b/library/ix-dev/charts/nextcloud/Chart.yaml index 02906af31c..c3292b7ddc 100644 --- a/library/ix-dev/charts/nextcloud/Chart.yaml +++ b/library/ix-dev/charts/nextcloud/Chart.yaml @@ -4,7 +4,7 @@ description: A file sharing server that puts the control and security of your ow annotations: title: Nextcloud type: application -version: 1.6.36 +version: 1.6.37 apiVersion: v2 appVersion: 27.0.1 kubeVersion: '>=1.16.0-0' diff --git a/library/ix-dev/charts/nextcloud/charts/common-2304.0.1.tgz b/library/ix-dev/charts/nextcloud/charts/common-2304.0.1.tgz index 217c5d97c6..70fb1576ba 100644 Binary files a/library/ix-dev/charts/nextcloud/charts/common-2304.0.1.tgz and b/library/ix-dev/charts/nextcloud/charts/common-2304.0.1.tgz differ diff --git a/library/ix-dev/charts/nextcloud/ci/test-values.yaml b/library/ix-dev/charts/nextcloud/ci/test-values.yaml index 597503b117..5f72e6884d 100644 --- a/library/ix-dev/charts/nextcloud/ci/test-values.yaml +++ b/library/ix-dev/charts/nextcloud/ci/test-values.yaml @@ -10,11 +10,14 @@ dnsConfig: emptyDirVolumes: true environmentVariables: [] ixChartContext: {} +nginxConfig: + proxy_timeouts: 120 nextcloud: datadir: /var/www/html/data host: nextcloud.kube.home install_ffmpeg: true install_smbclient: true + max_upload_size: 5 password: changeme username: admin postgresAppVolumeMounts: diff --git a/library/ix-dev/charts/nextcloud/questions.yaml b/library/ix-dev/charts/nextcloud/questions.yaml index 0615558397..7e34009277 100644 --- a/library/ix-dev/charts/nextcloud/questions.yaml +++ b/library/ix-dev/charts/nextcloud/questions.yaml @@ -66,6 +66,27 @@ questions: $ref: - "definitions/certificate" + - variable: nginxConfig + description: "Configure Nginx for Nextcloud" + label: "Nginx Configuration" + group: "Nextcloud Configuration" + schema: + type: dict + show_if: [["certificate", "!=", null]] + attrs: + - variable: proxy_timeouts + label: "Proxy timeouts (Seconds)" + description: | + Applies the timeout to the following settings:
+ - proxy_connect_timeout
+ - proxy_send_timeout
+ - proxy_read_timeout
+ schema: + type: int + min: 30 + default: 60 + required: true + - variable: nextcloud description: "Nextcloud configuration details" label: "Nextcloud Configuration" @@ -116,6 +137,17 @@ questions: schema: type: boolean default: false + - variable: max_upload_size + label: "Max Upload Size (Giga Bytes)" + description: | + Applies the timeout to the following settings:
+ - client_max_body_size in nginx
+ - post_max_size and upload_max_filesize in php
+ schema: + type: int + default: 3 + min: 1 + required: true - variable: cronjob description: "Setup cronjob for nextcloud" diff --git a/library/ix-dev/charts/nextcloud/templates/deployment.yaml b/library/ix-dev/charts/nextcloud/templates/deployment.yaml index 3ed0bedeb5..1f73b03050 100644 --- a/library/ix-dev/charts/nextcloud/templates/deployment.yaml +++ b/library/ix-dev/charts/nextcloud/templates/deployment.yaml @@ -26,13 +26,13 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }} containerPort: 8000 protocol: TCP - name: nginx-https - containerPort: 443 + containerPort: {{ .Values.service.nodePort }} protocol: TCP livenessProbe: httpGet: scheme: HTTPS path: /status.php - port: 443 + port: {{ .Values.service.nodePort }} httpHeaders: - name: Host value: localhost @@ -45,7 +45,7 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }} httpGet: scheme: HTTPS path: /status.php - port: 443 + port: {{ .Values.service.nodePort }} httpHeaders: - name: Host value: localhost @@ -58,7 +58,7 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }} httpGet: scheme: HTTPS path: /status.php - port: 443 + port: {{ .Values.service.nodePort }} httpHeaders: - name: Host value: localhost @@ -77,6 +77,7 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }} {{ $envList = mustAppend $envList (dict "name" "POSTGRES_HOST" "value" (printf "%s:5432" (include "common.names.fullname" $postgres_values))) }} {{ $envList = mustAppend $envList (dict "name" "POSTGRES_DB" "value" (include "postgres.DatabaseName" .)) }} {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_DATA_DIR" "value" .Values.nextcloud.datadir) }} + {{ $envList = mustAppend $envList (dict "name" "PHP_UPLOAD_LIMIT" "value" (printf "%vG" (.Values.nextcloud.max_upload_size | default 3))) }} {{ if eq (include "nginx.certAvailable" .) "true" }} {{ $envList = mustAppend $envList (dict "name" "APACHE_DISABLE_REWRITE_IP" "value" "1") }} {{ if and .Values.nextcloud.host .Values.service.nodePort }} diff --git a/library/ix-dev/charts/nextcloud/templates/nginx-configmap.yaml b/library/ix-dev/charts/nextcloud/templates/nginx-configmap.yaml index a10f4bde6d..f33e4e24d0 100644 --- a/library/ix-dev/charts/nextcloud/templates/nginx-configmap.yaml +++ b/library/ix-dev/charts/nextcloud/templates/nginx-configmap.yaml @@ -4,6 +4,12 @@ metadata: name: "nginx-configuration" data: protocol: {{ include "nginx.scheme" . }} + {{ $timeout := 60 }} + {{ $size := .Values.nextcloud.max_upload_size | default 3 }} + {{/* Safely access key as it is conditionaly shown */}} + {{ if hasKey .Values "nginxConfig" }} + {{ $timeout = .Values.nginxConfig.proxy_timeouts | default 60 }} + {{ end }} nginx.conf: |- events {} http { @@ -17,14 +23,14 @@ data: server { server_name localhost; - listen 443 ssl http2; - listen [::]:433 ssl http2; + listen {{ .Values.service.nodePort }} ssl http2; + listen [::]:{{ .Values.service.nodePort }} ssl http2; ssl_certificate '/etc/nginx-certs/public.crt'; ssl_certificate_key '/etc/nginx-certs/private.key'; # maximum 3GB Upload File; change to fit your needs - client_max_body_size 3G; + client_max_body_size {{ $size }}G; add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" always; @@ -35,11 +41,11 @@ data: } location = /.well-known/carddav { - return 301 $scheme://$host/remote.php/dav; + return 301 $scheme://$host:$server_port/remote.php/dav; } location = /.well-known/caldav { - return 301 $scheme://$host/remote.php/dav; + return 301 $scheme://$host:$server_port/remote.php/dav; } location / { @@ -59,9 +65,9 @@ data: proxy_set_header X-Forwarded-Port $server_port; # Proxy timeouts - proxy_connect_timeout 60s; - proxy_send_timeout 60s; - proxy_read_timeout 60s; + proxy_connect_timeout {{ $timeout }}s; + proxy_send_timeout {{ $timeout }}s; + proxy_read_timeout {{ $timeout }}s; } } } diff --git a/library/ix-dev/charts/nextcloud/templates/service.yaml b/library/ix-dev/charts/nextcloud/templates/service.yaml index 14c751eada..5be80aba7f 100644 --- a/library/ix-dev/charts/nextcloud/templates/service.yaml +++ b/library/ix-dev/charts/nextcloud/templates/service.yaml @@ -1,7 +1,7 @@ {{ $svc := .Values.service }} {{ $ports := list }} {{ if eq (include "nginx.certAvailable" .) "true" }} -{{ $ports = mustAppend $ports (dict "name" "nginx-https" "targetPort" 443 "port" 443 "nodePort" $svc.nodePort) }} +{{ $ports = mustAppend $ports (dict "name" "nginx-https" "targetPort" .Values.service.nodePort "port" .Values.service.nodePort "nodePort" $svc.nodePort) }} {{ else }} {{ $ports = mustAppend $ports (dict "name" "http" "port" 80 "nodePort" $svc.nodePort) }} {{ end }}