From ea3bf93c7210e54ed79d6c98e7133833ffa4ee68 Mon Sep 17 00:00:00 2001 From: sonicaj Date: Tue, 19 Oct 2021 15:57:13 +0500 Subject: [PATCH] Update stable train from test train --- charts/nextcloud/1.3.5/default_values.yaml | 30 ------- charts/nextcloud/1.3.5/ix_values.yaml | 4 - charts/nextcloud/1.3.5/values.yaml | 0 charts/nextcloud/{1.3.5 => 1.3.6}/.helmignore | 0 charts/nextcloud/{1.3.5 => 1.3.6}/Chart.lock | 0 charts/nextcloud/{1.3.5 => 1.3.6}/Chart.yaml | 2 +- charts/nextcloud/{1.3.5 => 1.3.6}/README.md | 0 .../nextcloud/{1.3.5 => 1.3.6}/app-readme.md | 0 .../charts/common-2105.0.0.tgz | Bin charts/nextcloud/1.3.6/ix_values.yaml | 9 ++ .../migrations/migrate_from_1.1.0 | 0 .../nextcloud/{1.3.5 => 1.3.6}/questions.yaml | 11 ++- .../{1.3.5 => 1.3.6}/templates/NOTES.txt | 0 charts/nextcloud/1.3.6/templates/_nginx.tpl | 79 ++++++++++++++++++ .../{1.3.5 => 1.3.6}/templates/_postgres.tpl | 0 .../templates/backup-postgres-config.yaml | 0 .../templates/backup-postgres-hook.yaml | 0 .../templates/deployment.yaml | 31 ++++++- .../1.3.6/templates/nginx-configmap.yaml | 65 ++++++++++++++ .../1.3.6/templates/nginx-secret.yaml | 10 +++ .../templates/nuke-deployments-hook.yaml | 0 .../templates/postgres-deployment.yaml | 0 .../templates/postgres-secret.yaml | 0 .../templates/postgres-service.yaml | 0 .../{1.3.5 => 1.3.6}/templates/secrets.yaml | 0 .../{1.3.5 => 1.3.6}/templates/service.yaml | 4 + .../templates/serviceaccount.yaml | 0 .../{1.3.5 => 1.3.6}/test_values.yaml | 5 ++ 28 files changed, 213 insertions(+), 37 deletions(-) delete mode 100644 charts/nextcloud/1.3.5/default_values.yaml delete mode 100644 charts/nextcloud/1.3.5/ix_values.yaml delete mode 100644 charts/nextcloud/1.3.5/values.yaml rename charts/nextcloud/{1.3.5 => 1.3.6}/.helmignore (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/Chart.lock (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/Chart.yaml (97%) rename charts/nextcloud/{1.3.5 => 1.3.6}/README.md (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/app-readme.md (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/charts/common-2105.0.0.tgz (100%) create mode 100644 charts/nextcloud/1.3.6/ix_values.yaml rename charts/nextcloud/{1.3.5 => 1.3.6}/migrations/migrate_from_1.1.0 (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/questions.yaml (96%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/NOTES.txt (100%) create mode 100644 charts/nextcloud/1.3.6/templates/_nginx.tpl rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/_postgres.tpl (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/backup-postgres-config.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/backup-postgres-hook.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/deployment.yaml (71%) create mode 100644 charts/nextcloud/1.3.6/templates/nginx-configmap.yaml create mode 100644 charts/nextcloud/1.3.6/templates/nginx-secret.yaml rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/nuke-deployments-hook.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/postgres-deployment.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/postgres-secret.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/postgres-service.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/secrets.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/service.yaml (60%) rename charts/nextcloud/{1.3.5 => 1.3.6}/templates/serviceaccount.yaml (100%) rename charts/nextcloud/{1.3.5 => 1.3.6}/test_values.yaml (90%) diff --git a/charts/nextcloud/1.3.5/default_values.yaml b/charts/nextcloud/1.3.5/default_values.yaml deleted file mode 100644 index 6de7de5f74..0000000000 --- a/charts/nextcloud/1.3.5/default_values.yaml +++ /dev/null @@ -1,30 +0,0 @@ -## Official nextcloud image version -## ref: https://hub.docker.com/r/library/nextcloud/tags/ -## -image: - repository: nextcloud - tag: 19.0.3-apache - pullPolicy: IfNotPresent - -nextcloud: - host: nextcloud.kube.home - username: admin - password: changeme - datadir: /var/www/html/data - strategy: "Recreate" - -service: - nodePort: 9001 - -appVolumeMounts: - nextcloud-data: - emptyDir: true - mountPath: "/var/www" - -postgresAppVolumeMounts: - postgres-data: - emptyDir: true - mountPath: "/var/lib/postgresql/data" - postgres-backup: - emptyDir: true - mountPath: "/postgres_backups" diff --git a/charts/nextcloud/1.3.5/ix_values.yaml b/charts/nextcloud/1.3.5/ix_values.yaml deleted file mode 100644 index 1c55afae66..0000000000 --- a/charts/nextcloud/1.3.5/ix_values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -image: - pullPolicy: IfNotPresent - repository: nextcloud - tag: '22.2' diff --git a/charts/nextcloud/1.3.5/values.yaml b/charts/nextcloud/1.3.5/values.yaml deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/charts/nextcloud/1.3.5/.helmignore b/charts/nextcloud/1.3.6/.helmignore similarity index 100% rename from charts/nextcloud/1.3.5/.helmignore rename to charts/nextcloud/1.3.6/.helmignore diff --git a/charts/nextcloud/1.3.5/Chart.lock b/charts/nextcloud/1.3.6/Chart.lock similarity index 100% rename from charts/nextcloud/1.3.5/Chart.lock rename to charts/nextcloud/1.3.6/Chart.lock diff --git a/charts/nextcloud/1.3.5/Chart.yaml b/charts/nextcloud/1.3.6/Chart.yaml similarity index 97% rename from charts/nextcloud/1.3.5/Chart.yaml rename to charts/nextcloud/1.3.6/Chart.yaml index 39d566acc9..c0d4a5abce 100644 --- a/charts/nextcloud/1.3.5/Chart.yaml +++ b/charts/nextcloud/1.3.6/Chart.yaml @@ -19,4 +19,4 @@ sources: - https://github.com/nextcloud/docker - https://github.com/nextcloud/helm upstream_version: 2.3.2 -version: 1.3.5 +version: 1.3.6 diff --git a/charts/nextcloud/1.3.5/README.md b/charts/nextcloud/1.3.6/README.md similarity index 100% rename from charts/nextcloud/1.3.5/README.md rename to charts/nextcloud/1.3.6/README.md diff --git a/charts/nextcloud/1.3.5/app-readme.md b/charts/nextcloud/1.3.6/app-readme.md similarity index 100% rename from charts/nextcloud/1.3.5/app-readme.md rename to charts/nextcloud/1.3.6/app-readme.md diff --git a/charts/nextcloud/1.3.5/charts/common-2105.0.0.tgz b/charts/nextcloud/1.3.6/charts/common-2105.0.0.tgz similarity index 100% rename from charts/nextcloud/1.3.5/charts/common-2105.0.0.tgz rename to charts/nextcloud/1.3.6/charts/common-2105.0.0.tgz diff --git a/charts/nextcloud/1.3.6/ix_values.yaml b/charts/nextcloud/1.3.6/ix_values.yaml new file mode 100644 index 0000000000..3540094a90 --- /dev/null +++ b/charts/nextcloud/1.3.6/ix_values.yaml @@ -0,0 +1,9 @@ +image: + pullPolicy: IfNotPresent + repository: nextcloud + tag: '22.2' +nginx: + image: + repository: nginx + tag: 1.21.3 + pullPolicy: IfNotPresent diff --git a/charts/nextcloud/1.3.5/migrations/migrate_from_1.1.0 b/charts/nextcloud/1.3.6/migrations/migrate_from_1.1.0 similarity index 100% rename from charts/nextcloud/1.3.5/migrations/migrate_from_1.1.0 rename to charts/nextcloud/1.3.6/migrations/migrate_from_1.1.0 diff --git a/charts/nextcloud/1.3.5/questions.yaml b/charts/nextcloud/1.3.6/questions.yaml similarity index 96% rename from charts/nextcloud/1.3.5/questions.yaml rename to charts/nextcloud/1.3.6/questions.yaml index a92be45e6a..b6670f2472 100644 --- a/charts/nextcloud/1.3.5/questions.yaml +++ b/charts/nextcloud/1.3.6/questions.yaml @@ -17,7 +17,7 @@ groups: portals: web_portal: protocols: - - "http" + - "$kubernetes-resource_configmap_nginx-configuration_protocol" host: - "$variable-nextcloud.host" ports: @@ -52,6 +52,15 @@ questions: type: string required: true + - variable: certificate + description: "Configure Certificate for Nextcloud" + label: "Certificate Configuration" + group: "Nextcloud Configuration" + schema: + type: int + $ref: + - "definitions/certificate" + - variable: nextcloud description: "Nextcloud configuration details" label: "Nextcloud Configuration" diff --git a/charts/nextcloud/1.3.5/templates/NOTES.txt b/charts/nextcloud/1.3.6/templates/NOTES.txt similarity index 100% rename from charts/nextcloud/1.3.5/templates/NOTES.txt rename to charts/nextcloud/1.3.6/templates/NOTES.txt diff --git a/charts/nextcloud/1.3.6/templates/_nginx.tpl b/charts/nextcloud/1.3.6/templates/_nginx.tpl new file mode 100644 index 0000000000..8adb9d9429 --- /dev/null +++ b/charts/nextcloud/1.3.6/templates/_nginx.tpl @@ -0,0 +1,79 @@ +{{/* +Retrieve true/false if certificate is configured +*/}} +{{- define "nginx.certAvailable" -}} +{{- if .Values.certificate -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}} +{{- template "common.resources.cert_present" $values -}} +{{- else -}} +{{- false -}} +{{- end -}} +{{- end -}} + + +{{/* +Retrieve public key of certificate +*/}} +{{- define "nginx.cert.publicKey" -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate "publicKey" true) -}} +{{ include "common.resources.cert" $values }} +{{- end -}} + + +{{/* +Retrieve private key of certificate +*/}} +{{- define "nginx.cert.privateKey" -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}} +{{ include "common.resources.cert" $values }} +{{- end -}} + + +{{/* +Retrieve configured protocol scheme for nextcloud +*/}} +{{- define "nginx.scheme" -}} +{{- if eq (include "nginx.certAvailable" .) "true" -}} +{{- print "https" -}} +{{- else -}} +{{- print "http" -}} +{{- end -}} +{{- end -}} + + +{{/* +Retrieve nginx certificate secret name +*/}} +{{- define "nginx.secretName" -}} +{{- print "nginx-secret" -}} +{{- end -}} + + +{{/* +Formats volumeMount for tls keys and trusted certs +*/}} +{{- define "nginx.tlsKeysVolumeMount" -}} +{{- if eq (include "nginx.certAvailable" .) "true" -}} +- name: cert-secret-volume + mountPath: "/etc/nginx-certs" +{{- end -}} +{{- end -}} + +{{/* +Formats volume for tls keys and trusted certs +*/}} +{{- define "nginx.tlsKeysVolume" -}} +{{- if eq (include "nginx.certAvailable" .) "true" -}} +- name: cert-secret-volume + secret: + secretName: {{ include "nginx.secretName" . }} + items: + - key: certPublicKey + path: public.crt + - key: certPrivateKey + path: private.key +{{- end -}} +{{- end -}} diff --git a/charts/nextcloud/1.3.5/templates/_postgres.tpl b/charts/nextcloud/1.3.6/templates/_postgres.tpl similarity index 100% rename from charts/nextcloud/1.3.5/templates/_postgres.tpl rename to charts/nextcloud/1.3.6/templates/_postgres.tpl diff --git a/charts/nextcloud/1.3.5/templates/backup-postgres-config.yaml b/charts/nextcloud/1.3.6/templates/backup-postgres-config.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/backup-postgres-config.yaml rename to charts/nextcloud/1.3.6/templates/backup-postgres-config.yaml diff --git a/charts/nextcloud/1.3.5/templates/backup-postgres-hook.yaml b/charts/nextcloud/1.3.6/templates/backup-postgres-hook.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/backup-postgres-hook.yaml rename to charts/nextcloud/1.3.6/templates/backup-postgres-hook.yaml diff --git a/charts/nextcloud/1.3.5/templates/deployment.yaml b/charts/nextcloud/1.3.6/templates/deployment.yaml similarity index 71% rename from charts/nextcloud/1.3.5/templates/deployment.yaml rename to charts/nextcloud/1.3.6/templates/deployment.yaml index 49b4f1683b..993b19fa12 100644 --- a/charts/nextcloud/1.3.5/templates/deployment.yaml +++ b/charts/nextcloud/1.3.6/templates/deployment.yaml @@ -10,6 +10,22 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }} command: ['sh', '-c', "until pg_isready -h {{ template "common.names.fullname" $postgres_values }}; do echo waiting for postgres; sleep 2; done"] imagePullPolicy: {{ .Values.image.pullPolicy }} containers: + {{ if eq (include "nginx.certAvailable" .) "true" }} + - name: nginx + {{ include "common.containers.imageConfig" .Values.nginx.image | nindent 8 }} + volumeMounts: + - name: nginx-configuration + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + {{ include "nginx.tlsKeysVolumeMount" . | nindent 10 }} + ports: + - name: nginx-http + containerPort: 8000 + protocol: TCP + - name: nginx-https + containerPort: 443 + protocol: TCP + {{ end }} - name: {{ .Chart.Name }} {{ include "common.containers.imageConfig" .Values.image | nindent 8 }} env: {{ include "postgres.envVariableConfiguration" $postgres_values | nindent 10 }} @@ -18,6 +34,11 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }} {{ $envList = mustAppend $envList (dict "name" "POSTGRES_HOST" "value" (printf "%s:5432" (include "common.names.fullname" $postgres_values))) }} {{ $envList = mustAppend $envList (dict "name" "POSTGRES_DB" "value" (include "postgres.DatabaseName" .)) }} {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_DATA_DIR" "value" .Values.nextcloud.datadir) }} + {{ if eq (include "nginx.certAvailable" .) "true" }} + {{ $envList = mustAppend $envList (dict "name" "APACHE_DISABLE_REWRITE_IP" "value" "1") }} + {{ $envList = mustAppend $envList (dict "name" "OVERWRITEHOST" "value" (printf "%v:%v" .Values.nextcloud.host .Values.service.nodePort)) }} + {{ $envList = mustAppend $envList (dict "name" "OVERWRITEPROTOCOL" "value" "https") }} + {{ end }} {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_TRUSTED_DOMAINS" "value" .Values.nextcloud.host) }} {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_ADMIN_USER" "valueFromSecret" true "secretName" $secretName "secretKey" "nextcloud-username") }} {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_ADMIN_PASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "nextcloud-password") }} @@ -53,7 +74,15 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }} mountPath: {{ $hostPathConfiguration.mountPath }} {{ end }} {{ include "common.networking.dnsConfiguration" .Values | nindent 6 }} -{{ include "common.storage.allAppVolumes" .Values | nindent 6 }} + volumes: + - name: nginx-configuration + configMap: + defaultMode: 0700 + name: "nginx-configuration" +{{ include "nginx.tlsKeysVolume" . | nindent 8 }} +{{ if .Values.appVolumeMounts }} +{{ include "common.storage.configureAppVolumes" .Values | nindent 8 }} +{{ end }} {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }} - name: extrappvolume-{{ $index }} hostPath: diff --git a/charts/nextcloud/1.3.6/templates/nginx-configmap.yaml b/charts/nextcloud/1.3.6/templates/nginx-configmap.yaml new file mode 100644 index 0000000000..71ecbda320 --- /dev/null +++ b/charts/nextcloud/1.3.6/templates/nginx-configmap.yaml @@ -0,0 +1,65 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: "nginx-configuration" +data: + protocol: {{ include "nginx.scheme" . }} + nginx.conf: |- + events {} + http { + # redirects all http requests to https requests + server { + listen 8000 default_server; + listen [::]:8000 default_server; + return 301 https://$host$request_uri; + } + + server { + server_name localhost; + + listen 443 ssl http2; + listen [::]:433 ssl http2; + + ssl_certificate '/etc/nginx-certs/public.crt'; + ssl_certificate_key '/etc/nginx-certs/private.key'; + + # maximum 3GB Upload File; change to fit your needs + client_max_body_size 3G; + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location = /.well-known/carddav { + return 301 $scheme://$host/remote.php/dav; + } + + location = /.well-known/caldav { + return 301 $scheme://$host/remote.php/dav; + } + + location / { + proxy_pass http://localhost; + proxy_http_version 1.1; + proxy_cache_bypass $http_upgrade; + proxy_request_buffering off; + + # Proxy headers + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + + # Proxy timeouts + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + } + } + } diff --git a/charts/nextcloud/1.3.6/templates/nginx-secret.yaml b/charts/nextcloud/1.3.6/templates/nginx-secret.yaml new file mode 100644 index 0000000000..978441509f --- /dev/null +++ b/charts/nextcloud/1.3.6/templates/nginx-secret.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "nginx.secretName" . }} +type: Opaque +data: + {{ if eq (include "nginx.certAvailable" .) "true" }} + certPublicKey: {{ (include "nginx.cert.publicKey" .) | toString | b64enc | quote }} + certPrivateKey: {{ (include "nginx.cert.privateKey" .) | toString | b64enc | quote }} + {{ end }} diff --git a/charts/nextcloud/1.3.5/templates/nuke-deployments-hook.yaml b/charts/nextcloud/1.3.6/templates/nuke-deployments-hook.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/nuke-deployments-hook.yaml rename to charts/nextcloud/1.3.6/templates/nuke-deployments-hook.yaml diff --git a/charts/nextcloud/1.3.5/templates/postgres-deployment.yaml b/charts/nextcloud/1.3.6/templates/postgres-deployment.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/postgres-deployment.yaml rename to charts/nextcloud/1.3.6/templates/postgres-deployment.yaml diff --git a/charts/nextcloud/1.3.5/templates/postgres-secret.yaml b/charts/nextcloud/1.3.6/templates/postgres-secret.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/postgres-secret.yaml rename to charts/nextcloud/1.3.6/templates/postgres-secret.yaml diff --git a/charts/nextcloud/1.3.5/templates/postgres-service.yaml b/charts/nextcloud/1.3.6/templates/postgres-service.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/postgres-service.yaml rename to charts/nextcloud/1.3.6/templates/postgres-service.yaml diff --git a/charts/nextcloud/1.3.5/templates/secrets.yaml b/charts/nextcloud/1.3.6/templates/secrets.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/secrets.yaml rename to charts/nextcloud/1.3.6/templates/secrets.yaml diff --git a/charts/nextcloud/1.3.5/templates/service.yaml b/charts/nextcloud/1.3.6/templates/service.yaml similarity index 60% rename from charts/nextcloud/1.3.5/templates/service.yaml rename to charts/nextcloud/1.3.6/templates/service.yaml index ead1523381..14c751eada 100644 --- a/charts/nextcloud/1.3.5/templates/service.yaml +++ b/charts/nextcloud/1.3.6/templates/service.yaml @@ -1,6 +1,10 @@ {{ $svc := .Values.service }} {{ $ports := list }} +{{ if eq (include "nginx.certAvailable" .) "true" }} +{{ $ports = mustAppend $ports (dict "name" "nginx-https" "targetPort" 443 "port" 443 "nodePort" $svc.nodePort) }} +{{ else }} {{ $ports = mustAppend $ports (dict "name" "http" "port" 80 "nodePort" $svc.nodePort) }} +{{ end }} {{ $params := . }} {{ $_ := set $params "commonService" (dict "type" "NodePort" "ports" $ports ) }} {{ include "common.classes.service" $params }} diff --git a/charts/nextcloud/1.3.5/templates/serviceaccount.yaml b/charts/nextcloud/1.3.6/templates/serviceaccount.yaml similarity index 100% rename from charts/nextcloud/1.3.5/templates/serviceaccount.yaml rename to charts/nextcloud/1.3.6/templates/serviceaccount.yaml diff --git a/charts/nextcloud/1.3.5/test_values.yaml b/charts/nextcloud/1.3.6/test_values.yaml similarity index 90% rename from charts/nextcloud/1.3.5/test_values.yaml rename to charts/nextcloud/1.3.6/test_values.yaml index b828eca391..e109093a0d 100644 --- a/charts/nextcloud/1.3.5/test_values.yaml +++ b/charts/nextcloud/1.3.6/test_values.yaml @@ -10,6 +10,11 @@ image: pullPolicy: IfNotPresent repository: nextcloud tag: '22.2' +nginx: + image: + repository: nginx + tag: 1.21.3 + pullPolicy: IfNotPresent ixChartContext: {} nextcloud: datadir: /var/www/html/data