values-local.yaml.example

nextcloud:
  nextcloud:
    host: "files.your.domain"
    password: Set a password here

  ingress:
    enabled: true
    annotations:
      # Tell traefik to automatically get a TLS certificate
      kubernetes.io/tls-acme: "true"
    hosts:
      - "files.your.domain"

  # Enable and configure MariaDB chart
  mariadb:
    auth:
      password: Set a mysql password
      rootPassword: Set a mysql root user password
    architecture: standalone
    primary:
      persistence:
        ## Enable PostgreSQL persistence using Persistent Volume Claims.
        enabled: true
        size: 512Mi

onlyoffice:
  server_name: "office.your.domain"
  jwtSecret: Set any random secret for JWT here
  ingress:
    enabled: true
    hosts:
      - "office.your.domain"

postgresql:
  postgresqlPassword: Set a password for postgresql

rabbitmq:
  auth:
    password: Set a password for rabbitmq here

# apps controls which apps will be installed and enabled in nextcloud
apps:
  - name: sociallogin
    # apps[0].enabled needs to be set to true if you want to enable login via an external
    # oauth server. In that case you need to configure all the values in `sociallogin`
    enabled: false
  - name: onlyoffice
    enabled: true

# sociallogin enables login via oAuth/Open-ID Connect
sociallogin:
  # Because of how we import these settings, single quotes (') are not allowed
  # in any of the values below
  custom_oidc:
    name: stackspin
    title: Stackspin
    # The oAuth server needs to provide the endpoints `/userinfo`,
    # `/oauth2/token` and `/oauth2/auth` and according to the oauth2 standard it
    # needs to be accessible via https with valid certificates
    authorizeUrl: https://sso.stackspin.example.net/oauth2/auth
    tokenUrl: https://sso.stackspin.example.net/oauth2/token
    userInfoUrl: https://sso.stackspin.example.net/userinfo
    logoutUrl: ""
    # The client name nextcloud will use to communicate with the oAuth server
    clientId: nextcloud
    # The password that nextcloud uses when communicating with the oauth server
    # clientSecret: YouReallyNeedToChangeThis
    scope: "openid profile email stackspin_roles"
    # The name of a claim that the nextcloud server can retrieve by querying the
    # userInfoUrl of the openID Connect server. For every value in the
    # groups_claim a corresponding group with an `stackspin_` prefix will be created
    # if they don't exist yet. The user will then be added to those groups.  If
    # the claim contains the value `admin` the user will be granted admin
    # privileges.
    groupsClaim: "stackspin_roles"
    style: ""
    defaultGroup: ""
    groupMapping:
      admin: admin