---
nextcloud:
debug: false
# Disable use of internal database
internalDatabase:
enabled: false
# Enable and configure MariaDB chart
mariadb:
enabled: true
# Needed to fix https://open.greenhost.net/openappstack/nextcloud/issues/28#note_7070
volumePermissions:
image:
pullSecrets: []
# Use 2 GB of storage for NC storage (maybe make configurable later?)
persistence:
enabled: true
size: 2Gi
# Creates a kubernetes cronJob object that runs nextcloud's cron.php
# every 15 minutes (*/15 * * * *)
cronjob:
enabled: true
apps:
# OIDC consumer
- name: sociallogin
enabled: true
# List of applications that are installed *and enabled*
- name: onlyoffice
enabled: true
setupApps:
# How many times the setup-apps job can try and fail before it is marked as
# definitely failed.
backoffLimit: 6
# Necessary so the chart gets installed (because the requirements.yaml has a
# condition: `condition: mariadb.enabled`). Follow
# https://github.com/helm/helm/issues/5135 for more info.
mariadb:
enabled: true
onlyoffice:
# Default values for onlyoffice.
replicaCount: 1
jwtSecret: secret
# Disable font generation during startup.
# This takes a long time and is not needed if you don't provide custom
# fonts.
# See https://0xacab.org/infrared/platform_wg/docker-onlyoffice-documentserver/issues/10
# for context.
skipFontsGeneration: true
# Allow chainging unauthorizedStorage and httpsHstsEnabled
# Useful if you want to make Nextcloud and Onlyoffice work without proper
# certificates, i.e. when testing or in CI
# see https://open.greenhost.net/openappstack/nextcloud/-/issues/964
# Default is to *not* allow unauthorizedStorage and to enforce HSTS
unauthorizedStorage: false
httpsHstsEnabled: true
# Port of onlyoffice server inside docker container.
containerPort: 8000
# URL to the server running onlyoffice, replace this with your own domain!
server_name: onlyoffice.domain
image:
repository: onlyoffice/documentserver
tag: 6.4.2.6
pullPolicy: Always
strategy: Recreate
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
# ONLYOFFICE Data (/var/lib/onlyoffice)
enabled: false
annotations: {}
## nextcloud data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
accessMode: ReadWriteOnce
size: 2Gi
nameOverride: ''
fullnameOverride: ''
service:
type: ClusterIP
port: 9980
ingress:
enabled: false
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: 20M
paths: []
hosts: []
tls: []
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
securityContext: {}
affinity: {}
livenessProbe:
enabled: true
initialDelaySeconds: 0
timeoutSeconds: 2
periodSeconds: 30
successThreshold: 1
failureThreshold: 2
startupProbe:
enabled: true
timeoutSeconds: 2
periodSeconds: 5
successThreshold: 1
failureThreshold: 120
redis:
auth:
# Disable redis password authentication altogether.
enabled: false
architecture: standalone
postgresql:
persistence:
# persistent storage is handled by NextCloud in our case
enabled: false
postgresqlDatabase: onlyoffice
postgresqlUsername: onlyoffice
postgresqlPassword: onlyoffice
rabbitmq:
auth:
password: password
erlangCookie: stub
sociallogin:
server_name: sso.oas.example.net
client_id: nextcloud
groups_claim: openappstack_roles
oauth: oauth2
auth_endpoint: "auth"
token_endpoint: "token"
userinfo_endpoint: "userinfo"
scope: "openid profile email openappstack_roles"
# client_secret: "YouReallyNeedToChangeThis"