mthomson/fleet-infra
1
0
Fork 0
mirror of https://github.com/michaelthomson0797/fleet-infra.git synced 2026-02-04 13:09:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

initial refactor

Browse Source
This commit is contained in:
Michael Thomson
2025-06-07 16:33:55 -04:00
parent 5ac011f02b
commit b09446668d
249 changed files with 74 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
apps/nextcloud/release.yaml Normal file
View File

@@ -0,0 +1,169 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: nextcloud
namespace: nextcloud
spec:
chart:
spec:
chart: nextcloud
version: 6.x
sourceRef:
kind: HelmRepository
name: nextcloud
interval: 15m
timeout: 5m
releaseName: nextcloud
values:
image:
pullPolicy: Always
ingress:
enabled: true
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
tls:
- hosts:
- nextcloud.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
labels: {}
path: /
pathType: Prefix
phpClientHttpsFix:
enabled: true
nextcloud:
host: nextcloud.michaelthomson.dev
username: admin
password: admin
datadir: /data
configs:
proxy.config.php: |-
<?php
$CONFIG = array (
'trusted_proxies' => array(
0 => '127.0.0.1',
1 => '10.0.0.0/8',
),
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
);
sqlite.config.php: |-
<?php
$CONFIG = array (
'sqlite.journal_mode' => 'WAL',
);
previews.config.php: |-
<?php
$CONFIG = array (
'enable_previews' => true,
'enabledPreviewProviders' => array (
'OC\Preview\Movie',
'OC\Preview\PNG',
'OC\Preview\JPEG',
'OC\Preview\GIF',
'OC\Preview\BMP',
'OC\Preview\XBitmap',
'OC\Preview\MP3',
'OC\Preview\MP4',
'OC\Preview\TXT',
'OC\Preview\MarkDown',
'OC\Preview\PDF'
),
);
internalDatabase:
enabled: false
externalDatabase:
enabled: true
type: postgresql
existingSecret:
enable: true
secretName: postgres-secret
usernameKey: username
passwordKey: password
postgresql:
enabled: true
global:
postgresql:
auth:
existingSecret: postgres-secret
secretKeys:
adminPasswordKey: password
userPasswordKey: password
replicationPasswordKey: password
primary:
persistence:
enabled: true
existingClaim: pvc-postgres
persistence:
enabled: true
storageClass: longhorn
accessMode: ReadWriteOnce
size: 8Gi
nextcloudData:
enabled: true
storageClass: nfs-client
accessMode: ReadWriteOnce
size: 14Ti
redis:
enabled: true
auth:
existingSecret: nextcloud-redis-secret
existingSecretPasswordKey: password
global:
storageClass: longhorn
collabora:
enabled: true
image:
tag: 24.04.11.1.1
collabora:
extra_params: --o:ssl.enable=false --o:ssl.termination=true
existingSecret:
enabled: true
secretName: "collabora-secret"
usernameKey: "username"
passwordKey: "password"
# securityContext:
# runAsNonRoot: true
# privileged: true
# capabilities:
# add:
# - SYS_ADMIN
# - MKNOD
ingress:
enabled: true
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
hosts:
- host: collabora.michaelthomson.dev
paths:
- path: /
pathType: ImplementationSpecific
tls:
- hosts:
- collabora.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
cronjob:
enabled: true
livenessProbe:
enabled: false
readinessProbe:
enabled: false