apiVersion: v1
kind: ConfigMap
metadata:
  name: "{{ .Release.Name }}-nextcloud-config"
  labels:
    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
    app.kubernetes.io/instance: {{ .Release.Name | quote }}
    helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
data:
  onlyoffice-config.json: |
    {
      "apps": {
        "onlyoffice": {
          "DocumentServerInternalUrl": "",
          "DocumentServerUrl": "https:\/\/{{ .Values.onlyoffice.server_name }}\/",
          "StorageUrl": "https:\/\/{{ .Values.nextcloud.nextcloud.host }}\/",
          "defFormats": "{\"csv\":\"false\",\"doc\":\"false\",\"docm\":\"false\",\"docx\":\"true\",\"dotx\":\"false\",\"epub\":\"false\",\"html\":\"false\",\"odp\":\"true\",\"ods\":\"true\",\"odt\":\"true\",\"pdf\":\"false\",\"potm\":\"false\",\"potx\":\"false\",\"ppsm\":\"false\",\"ppsx\":\"false\",\"ppt\":\"false\",\"pptm\":\"false\",\"pptx\":\"true\",\"rtf\":\"false\",\"txt\":\"false\",\"xls\":\"false\",\"xlsm\":\"false\",\"xlsx\":\"true\",\"xltm\":\"false\",\"xltx\":\"false\"}",
          "editFormats": "{\"csv\":\"true\",\"odp\":\"true\",\"ods\":\"true\",\"odt\":\"true\",\"rtf\":\"false\",\"txt\":\"true\"}",
          "enabled": "yes",
          "groups": "[]",
          "jwt_secret": "{{ .Values.onlyoffice.jwtSecret }}",
          "sameTab": "false",
          "settings_error": "",
          "types": "filesystem",
          "customizationForcesave": "true"
        }
      }
    }
  setup-apps.sh: |
    #!/bin/bash
    #
    # This script gets executed by a post-install,post-upgrade helm hook, which
    #
    #   * Persists and loads the onlyoffice-config.json config file
    #   * Runs upgrade routines after installation of a new release.
    #   * Updates all applications
    #   * Installs all apps declared in the `apps` helm values array
    #   * Configures single-sign-on
    #   * Updates database indices, columns, keys, etc needed after NC upgrade

    set -ev

    # Debug: place the json file in a persistent location for reuse
    cp /var/local/onlyoffice-config.json /var/www/html/

    occ="/var/www/html/occ"

    # Run upgrade routines after installation of a new release.

    # Enable app store so we can run `install` and `enable` commands
    php $occ config:system:set appstoreenabled --type boolean --value true

    # Update all apps to their latest version, so they are compatible
    # with the new NC version.
    # Unfortunatly the occ app:install cmd doesn't allow to pin apps to
    # a certain version.
    php $occ app:update --all --no-interaction

    # Install all apps declared in the `apps` helm values array
    {{- range .Values.apps }}
    # -- Begin {{ .name }}
    # Only install {{ .name }} if it's not installed already
    if ! php $occ app:list | grep -q {{ .name }}; then
        php $occ app:install {{ .name }} --keep-disabled --no-interaction
    fi
    {{- if .enabled }}
    # Enable {{ .name }} app
    php $occ app:enable {{ .name }}
    {{ end }} # -- end {{ .name }}
    {{ end }} # end range {{ .Values.apps }}

    # Config settings from the configmap above
    php $occ config:import /var/local/onlyoffice-config.json
    php $occ config:app:set sociallogin custom_providers --value='{"custom_oidc": [{{ .Values.sociallogin.custom_oidc | toJson }}]}'
    php $occ config:app:set sociallogin auto_create_groups --value='{{ .Values.sociallogin.auto_create_groups }}'
    php $occ config:app:set sociallogin update_profile_on_login --value='{{ .Values.sociallogin.update_profile_on_login }}'

    # Disable app store again
    php $occ config:system:set appstoreenabled --type boolean --value false

    # Update database indices, columns, keys, etc needed after NC upgrade
    php $occ db:add-missing-indices --no-interaction
    php $occ db:add-missing-columns --no-interaction
    php $occ db:add-missing-primary-keys --no-interaction
    php $occ db:convert-filecache-bigint --no-interaction

  #
  # All values in config.json are applied by the nextcloud occ command
  #   config:import.
  # system.trusted_proxies contains a list of proxies that are considered
  #   to be trusted. 10.43.0.0/16 contains all ip addresses that are
  #   assigned to kubernetes services which includes the ip address of
  #   the ingress service that functions as a proxy.
  # system.overwriteprotocol overwrites the protocol of links that are
  #   generated by nextcloud to HTTPS.
  # apps.core.backgroundjobs_mode set to cron disables the unreliable ajax
  #   scheduling that is enabled by default. Ajax scheduling is not needed
  #   because cronjobs are regularly executed by a kubernetes resource.
  #
  config.json: |
    {
        "system":{
            "trusted_proxies": "10.43.0.0/16",
            "overwriteprotocol": "https",
            "appstoreenabled": false,
            "debug": {{ .Values.nextcloud.debug | quote }}
        },
        "apps":{
            "core":{
                "backgroundjobs_mode": "cron"
            }
        }
    }