chart/library/ix-dev/charts/nextcloud/templates/deployment.yaml

{{ include "common.storage.hostPathValidate" .Values }}
{{ $postgres_values := (. | mustDeepCopy) }}
{{ $_ := set $postgres_values "common" (dict "nameSuffix" "postgres") }}
{{ include "common.deployment.common_config" . | nindent 0 }}
spec: {{ include "common.deployment.common_spec" . | nindent 2 }}
  template: {{ include "common.deployment.pod.metadata" . | nindent 4 }}
    spec:
      initContainers:
        - name: init-postgresdb
          image: {{ template "postgres.imageName" . }}
          command: ['sh', '-c', "until pg_isready -U $POSTGRES_USER -d {{ include "postgres.DatabaseName" .Values }} -h {{ template "common.names.fullname" $postgres_values }}; do echo waiting for postgres; sleep 2; done"]
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          env: {{ include "postgres.envVariableConfiguration" $postgres_values | nindent 10 }}

      containers:
      {{ if eq (include "nginx.certAvailable" .) "true" }}
      - name: nginx
        {{ include "common.containers.imageConfig" .Values.nginx.image | nindent 8 }}
        volumeMounts:
          - name: nginx-configuration
            mountPath: /etc/nginx/nginx.conf
            subPath: nginx.conf
          {{ include "nginx.tlsKeysVolumeMount" . | nindent 10 }}
        ports:
          - name: nginx-http
            containerPort: 8000
            protocol: TCP
          - name: nginx-https
            containerPort: 443
            protocol: TCP
        livenessProbe:
          httpGet:
            scheme: HTTPS
            path: /status.php
            port: 443
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 1
        readinessProbe:
          httpGet:
            scheme: HTTPS
            path: /status.php
            port: 443
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 2
        startupProbe:
          httpGet:
            scheme: HTTPS
            path: /status.php
            port: 443
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 5
          timeoutSeconds: 2
          failureThreshold: 60
          successThreshold: 1
      {{ end }}
      - name: {{ .Chart.Name }}
          {{ include "common.resources.limitation" . | nindent 8 }}
        {{ include "common.containers.imageConfig" .Values.image | nindent 8 }}
        env: {{ include "postgres.envVariableConfiguration" $postgres_values | nindent 10 }}
        {{ $secretName := (include "common.names.fullname" .) }}
        {{ $envList := (default list .Values.environmentVariables) }}
        {{ $envList = mustAppend $envList (dict "name" "POSTGRES_HOST" "value" (printf "%s:5432" (include "common.names.fullname" $postgres_values))) }}
        {{ $envList = mustAppend $envList (dict "name" "POSTGRES_DB" "value" (include "postgres.DatabaseName" .)) }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_DATA_DIR" "value" .Values.nextcloud.datadir) }}
        {{ if eq (include "nginx.certAvailable" .) "true" }}
        {{ $envList = mustAppend $envList (dict "name" "APACHE_DISABLE_REWRITE_IP" "value" "1") }}
          {{ if and .Values.nextcloud.host .Values.service.nodePort }}
        {{ $envList = mustAppend $envList (dict "name" "OVERWRITEHOST" "value" (printf "%v:%v" .Values.nextcloud.host .Values.service.nodePort)) }}
          {{ end }}
        {{ $envList = mustAppend $envList (dict "name" "OVERWRITEPROTOCOL" "value" "https") }}
        {{ $envList = mustAppend $envList (dict "name" "TRUSTED_PROXIES" "value" "127.0.0.1") }}
        {{ end }}
        {{ $hostName := .Values.nextcloud.host }}
        {{ if .Values.useServiceNameForHost }}
        {{ $hostName = (include "common.names.fullname" .) }}
        {{ end }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_TRUSTED_DOMAINS" "value" $hostName) }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_ADMIN_USER" "valueFromSecret" true "secretName" $secretName "secretKey" "nextcloud-username") }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_ADMIN_PASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "nextcloud-password") }}
        {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 10 }}
        ports:
        - name: http
          containerPort: 80
          protocol: TCP
        livenessProbe:
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 1
        readinessProbe:
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 1
        startupProbe:
        {{- if .Values.nextcloud.install_ffmpeg }}
          exec:
            command:
              - /bin/sh
              - -c
              - |
                command -v ffmpeg /dev/null 2>&1 || exit 1
        {{- else }}
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: localhost
        {{- end }}
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 1
        volumeMounts:
        - name: nextcloud-data
          mountPath: /var/www/
          subPath: "root"
        - name: nextcloud-data
          mountPath: /var/www/html
          subPath: "html"
        - name: nextcloud-data
          mountPath: {{ .Values.nextcloud.datadir }}
          subPath: "data"
        - name: nextcloud-data
          mountPath: /var/www/html/config
          subPath: "config"
        - name: nextcloud-data
          mountPath: /var/www/html/custom_apps
          subPath: "custom_apps"
        - name: nextcloud-data
          mountPath: /var/www/tmp
          subPath: "tmp"
        - name: nextcloud-data
          mountPath: /var/www/html/themes
          subPath: "themes"
        {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
        - name: extrappvolume-{{ $index }}
          mountPath: {{ $hostPathConfiguration.mountPath }}
        {{ end }}
        {{- if .Values.nextcloud.install_ffmpeg }}
        lifecycle:
          postStart:
            exec:
              command:
                - /bin/sh
                - -c
                - |
                  echo "Installing ffmpeg..."
                  apt update && \
                  apt install -y --no-install-recommends \
                  ffmpeg || echo "Failed to install ffmpeg"
                  echo "Finished."
        {{- end }}
{{ include "common.networking.dnsConfiguration" .Values | nindent 6 }}
      volumes:
        - name: nginx-configuration
          configMap:
            defaultMode: 0700
            name: "nginx-configuration"
{{ include "nginx.tlsKeysVolume" . | nindent 8 }}
{{ if .Values.appVolumeMounts }}
{{ include "common.storage.configureAppVolumes" .Values | nindent 8 }}
{{ end }}
      {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
        - name: extrappvolume-{{ $index }}
          hostPath:
            path: {{ $hostPathConfiguration.hostPath }}
      {{ end }}
      # Will mount configuration files as www-data (id: 33) for nextcloud
      securityContext:
        fsGroup: 33