mirror of
https://github.com/michaelthomson0797/fleet-infra.git
synced 2026-02-04 13:09:53 +00:00
149 lines
3.3 KiB
YAML
149 lines
3.3 KiB
YAML
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: nextcloud
|
|
namespace: nextcloud
|
|
spec:
|
|
chart:
|
|
spec:
|
|
chart: nextcloud
|
|
version: 6.x
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: nextcloud
|
|
namespace: flux-system
|
|
interval: 15m
|
|
timeout: 5m
|
|
releaseName: nextcloud
|
|
values:
|
|
image:
|
|
pullPolicy: Always
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: traefik
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
tls:
|
|
- hosts:
|
|
- nextcloud.michaelthomson.dev
|
|
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
|
|
labels: {}
|
|
path: /
|
|
pathType: Prefix
|
|
|
|
phpClientHttpsFix:
|
|
enabled: true
|
|
|
|
nextcloud:
|
|
host: nextcloud.michaelthomson.dev
|
|
username: admin
|
|
password: admin
|
|
datadir: /data
|
|
|
|
configs:
|
|
proxy.config.php: |-
|
|
<?php
|
|
$CONFIG = array (
|
|
'trusted_proxies' => array(
|
|
0 => '127.0.0.1',
|
|
1 => '10.0.0.0/8',
|
|
),
|
|
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
|
|
);
|
|
|
|
internalDatabase:
|
|
enabled: false
|
|
|
|
externalDatabase:
|
|
enabled: true
|
|
type: postgresql
|
|
existingSecret:
|
|
enable: true
|
|
secretName: postgres-secret
|
|
usernameKey: username
|
|
passwordKey: password
|
|
|
|
|
|
postgresql:
|
|
enabled: true
|
|
global:
|
|
postgresql:
|
|
auth:
|
|
existingSecret: postgres-secret
|
|
secretKeys:
|
|
adminPasswordKey: password
|
|
userPasswordKey: password
|
|
replicationPasswordKey: password
|
|
primary:
|
|
persistence:
|
|
enable: true
|
|
storageClass: longhorn
|
|
size: 8Gi
|
|
|
|
persistence:
|
|
enabled: true
|
|
storageClass: longhorn
|
|
accessMode: ReadWriteOnce
|
|
size: 8Gi
|
|
|
|
nextcloudData:
|
|
enabled: true
|
|
storageClass: nfs-client
|
|
accessMode: ReadWriteOnce
|
|
size: 14Ti
|
|
redis:
|
|
enabled: true
|
|
auth:
|
|
existingSecret: nextcloud-redis-secret
|
|
existingSecretPasswordKey: password
|
|
global:
|
|
storageClass: longhorn
|
|
|
|
collabora:
|
|
enabled: true
|
|
|
|
image:
|
|
tag: 24.04.11.1.1
|
|
|
|
collabora:
|
|
extra_params: --o:ssl.enable=false --o:ssl.termination=true
|
|
|
|
existingSecret:
|
|
enabled: true
|
|
secretName: "collabora-secret"
|
|
usernameKey: "username"
|
|
passwordKey: "password"
|
|
|
|
# securityContext:
|
|
# runAsNonRoot: true
|
|
# privileged: true
|
|
# capabilities:
|
|
# add:
|
|
# - SYS_ADMIN
|
|
# - MKNOD
|
|
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
hosts:
|
|
- host: collabora.michaelthomson.dev
|
|
paths:
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
tls:
|
|
- hosts:
|
|
- collabora.michaelthomson.dev
|
|
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
|
|
|
|
cronjob:
|
|
enabled: true
|
|
|
|
livenessProbe:
|
|
enabled: false
|
|
readinessProbe:
|
|
enabled: false
|