From 9e8d5fc98d9869520899552a685fe0be009892aa Mon Sep 17 00:00:00 2001 From: Michael Thomson Date: Tue, 7 Jan 2025 12:55:42 -0500 Subject: [PATCH] nextcloud collabora --- nextcloud/collabora-secret.yaml | 16 ++++++++++++ nextcloud/dns-endpoint-collabora.yaml | 15 +++++++++++ ...point.yaml => dns-endpoint-nextcloud.yaml} | 0 nextcloud/helmrelease-nextcloud.yaml | 25 +++++++++++++++++++ 4 files changed, 56 insertions(+) create mode 100644 nextcloud/collabora-secret.yaml create mode 100644 nextcloud/dns-endpoint-collabora.yaml rename nextcloud/{dns-endpoint.yaml => dns-endpoint-nextcloud.yaml} (100%) diff --git a/nextcloud/collabora-secret.yaml b/nextcloud/collabora-secret.yaml new file mode 100644 index 0000000..99546e3 --- /dev/null +++ b/nextcloud/collabora-secret.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: collabora-secret + namespace: nextcloud +spec: + encryptedData: + password: AgBgaJPlIiKl7lAZDAF50rM+BQdpb+wH8W19Eu5nh6U7G8kxI5s1FsSlBVUQKuBwcPQQT1WUOI2G3JgMNuuqvQ8afPsikL2f+YUo7iuLAaopToY8bHQK4WCjEtDy3U1w3p8hVLsJzFiV8+2Inot4N5GtQCFkHoeqnUgOpYOrbqtx6ZFJNZDt9xxi1szfdk7rjAzaiOLUwfzggtkralYGKdFQMd3V5xlMm126UNjA9PH65NWKOshlA07gsyc+iyk2/ICcO85Q5N1Q+zlui3kYRc2Y8uPLkKM4XV+ms9X27w10dsiRkjShU93sNQtGEYJSKCwLS/BQecQyej9JH/Lj4sy2fSXjKWMgbHp3Nmck7cHTUnrs/CKG/Isl2B2dnKB0zgHlXScCxgVw9KR0xxjcoOXTLO8nap9H/uOOu8cwCoBAWHkl5YNxgnK/UCEd1oenbabE8QqSX3RKp3Cp+ewWIHf3VhC/XI9LZrv/6rRLveZRUMBHQPVCI7okCAujfUKwYIPA2bNFrMypqiwhSyve8WwvtiXS6BPXEef2q/gKOy8s0WgFvSwGBYF4xwI88ZjaFdEuKgb05pVFRMLHLBz43rfDcRnZI5y6721dxSfg//UV4ugbmljfqD4E6aShSY2Y01Mh0icddpMNn66wDYlEzwfI5kx7TG2XJAwtRZLcSiTtCZUiuEdCQEbG+1MAUH+lmZV5Mha18ARqMA1XYrfT + username: AgBx59yYqCazJM1iApbasAi8piOxEaiRMOEoqEf5gStXDLlZHayb48jp4MqTm0cGRok0+R9iHRO9JnW68mRexu+uQaPgOZWTVFTmtzkgMqiRAio79ivCDxZfK+s507J4LzAOzjLs1rtMSHoqA6YJw/vz30oQrsthtBrLnj0CGvcLqCjKbIOE75IypJBBXCyLts6Ndh4NXTch3eyr40qHo3ABZ5zSCOpives3AUo6gI+tr4zVLQXYEt3hsahcaQtm3um4PozgJlC4zIsfpGq111issXo3SCT7Ag2zn/8HO2D3olss36HzQMgVzs+hAC89wRX7CvV3q84/jrZSJ4Ymc163e7JWnbZz7d9npxcr0dXCPiJQXqJ2uIW6ByKupGxpVxGisUnG8UJv1Cj0xd8+nGXpxMsNm2VgdVPsqxct47XEyl/K1/6Tdc4IlNEcNIjASrI8+QOF3ceaP/3tx+lGVB+fGh3OJ8mTaJlEd5vXPum5LB71SiVHyxXP8VHUGka+Kth3H3wq8CT2Bu9sPrZ8FVng6ars8qd0pZt7pd6LoHLFiJ4FEt60LXX3fbzizG1vdHoth3hIiHF2wXQahh+FHT2HYXvVZpHPydajZzE3sDE4sJXAW/VDKg2y4ZobC+jp4uPIQxuZmSCkbt90W+9FiifsccB3mgWe/PK9NxS7RW1hjwv7U1jPFQW3i7EeiEzRwsAfJJ8chg== + template: + metadata: + creationTimestamp: null + name: collabora-secret + namespace: nextcloud diff --git a/nextcloud/dns-endpoint-collabora.yaml b/nextcloud/dns-endpoint-collabora.yaml new file mode 100644 index 0000000..418a6b7 --- /dev/null +++ b/nextcloud/dns-endpoint-collabora.yaml @@ -0,0 +1,15 @@ +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: collabora.michaelthomson.dev + namespace: nextcloud +spec: + endpoints: + - dnsName: collabora.michaelthomson.dev + recordTTL: 180 + recordType: CNAME + targets: + - michaelthomson.ddns.net + providerSpecific: + - name: external-dns.alpha.kubernetes.io/cloudflare-proxied + value: "true" diff --git a/nextcloud/dns-endpoint.yaml b/nextcloud/dns-endpoint-nextcloud.yaml similarity index 100% rename from nextcloud/dns-endpoint.yaml rename to nextcloud/dns-endpoint-nextcloud.yaml diff --git a/nextcloud/helmrelease-nextcloud.yaml b/nextcloud/helmrelease-nextcloud.yaml index fe1fa38..829082c 100644 --- a/nextcloud/helmrelease-nextcloud.yaml +++ b/nextcloud/helmrelease-nextcloud.yaml @@ -58,6 +58,31 @@ spec: global: storageClass: longhorn + collabora: + enabled: true + + collabora: + existingSecret: + enabled: true + secretName: "collabora-secret" + usernameKey: "username" + passwordKey: "password" + + ingress: + enabled: true + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: websecure + traefik.ingress.kubernetes.io/router.tls: "true" + hosts: + - host: collabora.michaelthomson.dev + paths: + - path: / + pathType: ImplementationSpecific + tls: + - hosts: + - collabora.michaelthomson.dev + secretName: letsencrypt-wildcard-cert-michaelthomson.dev + cronjob: enabled: true