NAS-123843 / 24.04 / nextcloud: safely access nginxConfig (#1498)

2026-02-12 23:06:13 +08:00 · 2023-09-04 19:14:18 +03:00
parent 9c2a5fbfe3
commit fa0eb1f2ef
2 changed files with 16 additions and 10 deletions
--- a/library/ix-dev/charts/nextcloud/Chart.yaml
+++ b/library/ix-dev/charts/nextcloud/Chart.yaml
@@ -4,7 +4,7 @@ description: A file sharing server that puts the control and security of your ow
 annotations:
  title: Nextcloud
 type: application
-version: 1.6.43
+version: 1.6.44
 apiVersion: v2
 appVersion: 27.0.2
 kubeVersion: '>=1.16.0-0'
--- a/library/ix-dev/charts/nextcloud/templates/nginx-configmap.yaml
+++ b/library/ix-dev/charts/nextcloud/templates/nginx-configmap.yaml
@@ -6,15 +6,21 @@ data:
  protocol: {{ include "nginx.scheme" . }}
  {{ $timeout := 60 }}
  {{ $size := .Values.nextcloud.max_upload_size | default 3 }}
-  {{ $externalAccessPort := printf ":%v" .Values.nginxConfig.externalAccessPort }}
+
+  {{ $useDiffAccessPort := false }}
+  {{ $externalAccessPort := "" }}
+
+  {{/* Safely access key as it is conditionaly shown */}}
+  {{ if hasKey .Values "nginxConfig" }}
+    {{ $useDiffAccessPort = .Values.useDifferentAccessPort }}
+    {{ $externalAccessPort = printf ":%v" .Values.nginxConfig.externalAccessPort }}
+    {{ $timeout = .Values.nginxConfig.proxy_timeouts | default 60 }}
+  {{ end }}
+
  {{/* If its 443, do not append it on the rewrite at all */}}
  {{ if eq $externalAccessPort ":443" }}
    {{ $externalAccessPort = "" }}
  {{ end }}
-  {{/* Safely access key as it is conditionaly shown */}}
-  {{ if hasKey .Values "nginxConfig" }}
-    {{ $timeout = .Values.nginxConfig.proxy_timeouts | default 60 }}
-  {{ end }}
  nginx.conf: |-
    events {}
    http {
@@ -46,7 +52,7 @@ data:
        }

        location = /.well-known/carddav {
-          {{ if .Values.nginxConfig.useDifferentAccessPort }}
+          {{ if $useDiffAccessPort }}
          return 301 $scheme://$host{{ $externalAccessPort }}/remote.php/dav;
          {{ else }}
          return 301 $scheme://$host:$server_port/remote.php/dav;
@@ -54,7 +60,7 @@ data:
        }

        location = /.well-known/caldav {
-          {{ if .Values.nginxConfig.useDifferentAccessPort }}
+          {{ if $useDiffAccessPort }}
          return 301 $scheme://$host{{ $externalAccessPort }}/remote.php/dav;
          {{ else }}
          return 301 $scheme://$host:$server_port/remote.php/dav;
@@ -75,8 +81,8 @@ data:
          proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto https;
          proxy_set_header X-Forwarded-Host  $host;
-          {{ if .Values.nginxConfig.useDifferentAccessPort }}
-          proxy_set_header X-Forwarded-Port  {{ .Values.nginxConfig.externalAccessPort }};
+          {{ if $useDiffAccessPort }}
+          proxy_set_header X-Forwarded-Port  {{ $externalAccessPort | default "443" | trimPrefix ":" }};
          {{ else }}
          proxy_set_header X-Forwarded-Port  $server_port;
          {{ end }}