Newer
Older
---
apiVersion: v1
kind: ConfigMap
metadata:
name: stackspin-nextcloud-values
data:
values.yaml: |
nextcloud:
nextcloud:
host: "files.${domain}"
password: "${nextcloud_password}"
mail:
enabled: ${outgoing_mail_enabled}
fromAddress: "${outgoing_mail_from_local_part}"
domain: "${outgoing_mail_domain}"
smtp:
host: "${outgoing_mail_smtp_host}"
secure: "tls"
port: "${outgoing_mail_smtp_port}"
name: "${outgoing_mail_smtp_user}"
password: "${outgoing_mail_smtp_password}"
authtype: "${outgoing_mail_smtp_authtype}"
Maarten de Waard
committed
# Cronjob by default requests the same as nextcloud app, but that's not
# necessary
cronjob:
resources:
Maarten de Waard
committed
cpu: 100m
memory: 128Mi
ingress:
enabled: true
annotations:
# Tell cert-manager to automatically get a TLS certificate
kubernetes.io/tls-acme: "true"
# Set max body size high to allow big NextCloud uploads
nginx.ingress.kubernetes.io/proxy-body-size: 1G
nginx.ingress.kubernetes.io/server-snippet: |-
server_tokens off;
proxy_hide_header X-Powered-By;
rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
hosts:
- "files.${domain}"
tls:
- hosts:
- "files.${domain}"
secretName: stackspin-nextcloud-files
# Use 2 GB of storage for NC storage (maybe make configurable later?)
persistence:
enabled: true
existingClaim: "nextcloud-files"
stackspin.net/backupSet: "nextcloud"
stackspin.net/backupSet: "nextcloud"
podAnnotations:
# Let the backup system include nextcloud data.
backup.velero.io/backup-volumes: "nextcloud-main"
# Explicitly disable use of internal database
internalDatabase:
enabled: false
startupProbe:
enabled: true
failureThreshold: 60
resources:
limits:
cpu: 700m
# Enable and configure MariaDB chart
mariadb:
password: "${nextcloud_mariadb_password}"
rootPassword: "${nextcloud_mariadb_root_password}"
architecture: standalone
primary:
# Let the backup system include nextcloud database data.
backup.velero.io/backup-volumes: "data"
persistence:
## Enable PostgreSQL persistence using Persistent Volume Claims.
enabled: true
existingClaim: "nextcloud-mariadb"
resources:
limits:
cpu: 200m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
stackspin.net/backupSet: "nextcloud"
apps:
- name: sociallogin
enabled: true
- name: onlyoffice
enabled: true
- name: calendar
enabled: true
- name: passwords
enabled: true
- name: bruteforcesettings
enabled: true
- name: groupfolders
enabled: false
setupApps:
backoffLimit: 20
onlyoffice:
resources:
limits:
cpu: 800m
memory: 2Gi
requests:
cpu: 200m
memory: 1Gi
server_name: "office.${domain}"
ingress:
enabled: true
annotations:
# Tell cert-manager to automatically get a TLS certificate
kubernetes.io/tls-acme: "true"
paths:
- "/"
hosts:
- "office.${domain}"
tls:
- hosts:
- "office.${domain}"
secretName: stackspin-nextcloud-office
jwtSecret: "${onlyoffice_jwt_secret}"
persistence:
enabled: true
existingClaim: "nextcloud-onlyoffice-data"
deploymentLabels:
stackspin.net/backupSet: "nextcloud"
stackspin.net/backupSet: "nextcloud"
podAnnotations:
backup.velero.io/backup-volumes: "onlyoffice-data"
postgresql:
postgresqlPassword: "${onlyoffice_postgresql_password}"
resources:
limits:
cpu: 400m
memory: 256Mi
requests:
cpu: 200m
memory: 128Mi
persistence:
enabled: true
existingClaim: "nextcloud-postgresql"
primary:
podAnnotations:
backup.velero.io/backup-volumes: "data"
commonLabels:
stackspin.net/backupSet: "nextcloud"
password: "${onlyoffice_rabbitmq_password}"
persistence:
enabled: false
resources:
limits:
memory: 512Mi
requests:
memory: 256Mi
livenessProbe:
initialDelaySeconds: 180
failureThreshold: 10
redis:
architecture: standalone
master:
persistence:
enabled: false
resources:
limits:
cpu: 100m
memory: 64Mi
requests:
cpu: 50m
memory: 32Mi
commonConfiguration: |-
# Disable appendonly type persistence, because we don't need any
appendonly no
# Disable RDB persistence, for the same reason.
save ""
authorizeUrl: "https://sso.${domain}/oauth2/auth"
tokenUrl: "https://sso.${domain}/oauth2/token"
userInfoUrl: "https://sso.${domain}/userinfo"
groupsClaim: "stackspin_roles"
scope: "openid profile email stackspin_roles"