diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md
index a71096c5169d6406db19bd182c5903534a65c731..a5502cb0186de3a6034b861ffdbc514895fe6de5 100644
--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@@ -259,7 +259,8 @@ Lets take it as an example how to debug the root cause.
If ever things fail beyond possible recovery, here's how to completely purge an OAS installation in order to start from scratch:
- cluster$ apt purge docker-ce-cli containerd.io
- cluster$ mount | egrep '^(.*kubelet|nsfs.*docker)' | cut -d' ' -f 3 | xargs umount
- cluster$ rm -rf /var/lib/docker /var/lib/OpenAppStack /etc/kubernetes /var/lib/etcd /var/lib/rancher /var/lib/kubelet /var/log/OpenAppStack /var/log/containers /var/log/pods
+ cluster$ systemctl stop k3s
+ cluster$ systemctl disable k3s
+ cluster$ mount | egrep '(kubelet|nsfs|k3s)' | cut -d' ' -f 3 | xargs -n 1 umount
+ cluster$ rm -rf /var/lib/{rancher,OpenAppStack,kubelet,cni,docker,etcd} /etc/{kubernetes,rancher} /var/log/{OpenAppStack,containers,pods} /tmp/k3s /etc/systemd/system/k3s.service
cluster$ systemctl reboot
diff --git a/flux2/apps/monitoring/eventrouter-release.yaml b/flux2/apps/monitoring/eventrouter-release.yaml
index 6ace3f9b9d9b03dddbd95e1ce3c1282f859b929f..1f0ac13c9b3229fbb40db999d61d60d55f46db06 100644
--- a/flux2/apps/monitoring/eventrouter-release.yaml
+++ b/flux2/apps/monitoring/eventrouter-release.yaml
@@ -24,4 +24,11 @@ spec:
requests:
memory: 100Mi
cpu: 100m
-
\ No newline at end of file
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-eventrouter-override
+ optional: true
+ - kind: Secret
+ name: oas-eventrouter-override
+ optional: true
diff --git a/flux2/apps/monitoring/kube-prometheus-stack-release.yaml b/flux2/apps/monitoring/kube-prometheus-stack-release.yaml
index a9b592c894d3cc03f8617d04a488506e410514cb..6ecdbf8f63f35bc47a6d1cb6a1887706587cf73b 100644
--- a/flux2/apps/monitoring/kube-prometheus-stack-release.yaml
+++ b/flux2/apps/monitoring/kube-prometheus-stack-release.yaml
@@ -31,6 +31,7 @@ spec:
kubeScheduler:
enabled: false
+ # https://github.com/prometheus-community/helm-charts/blob/main/charts/kube-prometheus-stack/values.yaml#L115
alertmanager:
ingress:
enabled: true
@@ -276,3 +277,11 @@ spec:
cpu: 100m
memory: 64Mi
# priorityClassName: high-priority
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-kube-prometheus-stack-override
+ optional: true
+ - kind: Secret
+ name: oas-kube-prometheus-stack-override
+ optional: true
diff --git a/flux2/apps/monitoring/loki-release.yaml b/flux2/apps/monitoring/loki-release.yaml
index 07769a71ece2b4d99a8fe04a87bbf4ab732c2460..b40528397bd967db65645f66bd2cbbad08bb858e 100644
--- a/flux2/apps/monitoring/loki-release.yaml
+++ b/flux2/apps/monitoring/loki-release.yaml
@@ -70,3 +70,11 @@ spec:
table_manager:
retention_deletes_enabled: true
retention_period: 672h # 28 days
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-loki-override
+ optional: true
+ - kind: Secret
+ name: oas-loki-override
+ optional: true
diff --git a/flux2/apps/monitoring/promtail-release.yaml b/flux2/apps/monitoring/promtail-release.yaml
index f5eacf743a2ab7e225d146ec5c14366c7f5ef642..2d64faf3fee04a5768daabb67e8f87bc05927ba9 100644
--- a/flux2/apps/monitoring/promtail-release.yaml
+++ b/flux2/apps/monitoring/promtail-release.yaml
@@ -53,3 +53,11 @@ spec:
event_name:
event_source_host:
event_source_component:
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-promtail-override
+ optional: true
+ - kind: Secret
+ name: oas-promtail-override
+ optional: true
diff --git a/flux2/apps/nextcloud/release.yaml b/flux2/apps/nextcloud/release.yaml
index 555d5d19bc60edf07be0fe2702624f492d2882b3..6061b8e9e96ed6b4882c5f0bd3d4ac482d6547f3 100644
--- a/flux2/apps/nextcloud/release.yaml
+++ b/flux2/apps/nextcloud/release.yaml
@@ -192,7 +192,11 @@ spec:
client_id: nextcloud
client_secret: "${nextcloud_oauth_client_secret}"
groups_claim: "openappstack_roles"
+ # Allow custom values either by configMap or by secret
valuesFrom:
- kind: ConfigMap
- name: nextcloud-values-override
+ name: oas-nextcloud-override
+ optional: true
+ - kind: Secret
+ name: oas-nextcloud-override
optional: true
diff --git a/flux2/apps/rocketchat/release.yaml b/flux2/apps/rocketchat/release.yaml
index 881d815d535a437a501a09dafb24a9ca46fe591b..627cf6a5e39bdef4d765a30317731f9238004008 100644
--- a/flux2/apps/rocketchat/release.yaml
+++ b/flux2/apps/rocketchat/release.yaml
@@ -139,3 +139,11 @@ spec:
image:
tag: 3.15.0
pullPolicy: IfNotPresent
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-rocketchat-override
+ optional: true
+ - kind: Secret
+ name: oas-rocketchat-override
+ optional: true
diff --git a/flux2/apps/velero/release.yaml b/flux2/apps/velero/release.yaml
index 3cbdba99964b8040cc731368aa4044b728ee668e..07a2fdd0f841cadf081f71a0a459395ae16a9669 100644
--- a/flux2/apps/velero/release.yaml
+++ b/flux2/apps/velero/release.yaml
@@ -123,5 +123,12 @@ spec:
includedNamespaces:
# We include all namespaces.
- '*'
-
configMaps: {}
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-velero-override
+ optional: true
+ - kind: Secret
+ name: oas-velero-override
+ optional: true
diff --git a/flux2/apps/wordpress/release.yaml b/flux2/apps/wordpress/release.yaml
index 61fc9aafc238d7d26e56161d7a8fb8770454fb46..39552985dc4b27abbeb616ca01e7b1e4000e845f 100644
--- a/flux2/apps/wordpress/release.yaml
+++ b/flux2/apps/wordpress/release.yaml
@@ -30,12 +30,12 @@ spec:
locale: en_US
url: "https://www.${domain}"
title: "OpenAppStack website"
-
+
persistence:
existingClaim: wordpress-files
podAnnotations:
backup.velero.io/backup-volumes: "wordpress-wp-uploads"
-
+
openid_connect_settings:
enabled: true
client_secret: ${wordpress_oauth_client_secret}
@@ -52,7 +52,7 @@ spec:
scope: email profile openid openappstack_roles offline_access
role_mapping_enabled: true
role_key: openappstack_roles
-
+
database:
db:
user: wordpress
@@ -76,7 +76,7 @@ spec:
memory: 256Mi
replication:
enabled: false
-
+
# It's advisable to set resource limits to prevent your K8s cluster from
# crashing
resources:
@@ -86,7 +86,7 @@ spec:
requests:
cpu: 100m
memory: 128Mi
-
+
ingress:
enabled: true
annotations:
@@ -100,4 +100,11 @@ spec:
- "www.${domain}"
- "${domain}"
secretName: oas-wordpress
-
\ No newline at end of file
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-wordpress-override
+ optional: true
+ - kind: Secret
+ name: oas-wordpress-override
+ optional: true
diff --git a/flux2/core/base/metallb/release.yaml b/flux2/core/base/metallb/release.yaml
index 8127c48739e6e7a9938002d1d21adf09efc9b436..00e84c213f1dfb616e031fdcbb46350a91be814e 100644
--- a/flux2/core/base/metallb/release.yaml
+++ b/flux2/core/base/metallb/release.yaml
@@ -25,3 +25,11 @@ spec:
protocol: layer2
addresses:
- "${ip_address}/32"
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-metallb-override
+ optional: true
+ - kind: Secret
+ name: oas-metallb-override
+ optional: true
diff --git a/flux2/core/base/single-sign-on/release.yaml b/flux2/core/base/single-sign-on/release.yaml
index 750f63c204e740f284cc4a8c5e5166d4056c6feb..1fe758902d1ab01c18f9e4e37de4c87b615809e8 100644
--- a/flux2/core/base/single-sign-on/release.yaml
+++ b/flux2/core/base/single-sign-on/release.yaml
@@ -148,3 +148,11 @@ spec:
- "authorization_code"
- "refresh_token"
- "client_credentials"
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-single-sign-on-override
+ optional: true
+ - kind: Secret
+ name: oas-single-sign-on-override
+ optional: true
diff --git a/flux2/infrastructure/cert-manager/release.yaml b/flux2/infrastructure/cert-manager/release.yaml
index ca524e844733ec1f57e12e02f97dd67657c637ef..ef25cb2ff44bacccb6b51197b9f59213214926be 100644
--- a/flux2/infrastructure/cert-manager/release.yaml
+++ b/flux2/infrastructure/cert-manager/release.yaml
@@ -45,3 +45,11 @@ spec:
cpu: 100m
memory: 80Mi
installCRDs: true
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-cert-manager-override
+ optional: true
+ - kind: Secret
+ name: oas-cert-manager-override
+ optional: true
diff --git a/flux2/infrastructure/local-path-provisioner/release.yaml b/flux2/infrastructure/local-path-provisioner/release.yaml
index bd8afc1b7ccc3f77c8c2402a9772c4dc4d662eba..094b4a36635f6a37a1bb113ce996a07155d6f9ee 100644
--- a/flux2/infrastructure/local-path-provisioner/release.yaml
+++ b/flux2/infrastructure/local-path-provisioner/release.yaml
@@ -34,4 +34,12 @@ spec:
memory: 20Mi
limits:
cpu: 400m
- memory: 40Mi
\ No newline at end of file
+ memory: 40Mi
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-local-path-provisioner-override
+ optional: true
+ - kind: Secret
+ name: oas-local-path-provisioner-override
+ optional: true
diff --git a/flux2/infrastructure/nginx/release.yaml b/flux2/infrastructure/nginx/release.yaml
index 1c2514019e3559c9446c0a975129af32dd5706fb..06d270b3c5b964e3db4aa760c2e21a3f4dc9e5d2 100644
--- a/flux2/infrastructure/nginx/release.yaml
+++ b/flux2/infrastructure/nginx/release.yaml
@@ -40,3 +40,11 @@ spec:
requests:
cpu: 100m
memory: 64Mi
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-nginx-override
+ optional: true
+ - kind: Secret
+ name: oas-nginx-override
+ optional: true
diff --git a/flux2/infrastructure/secrets/release.yaml b/flux2/infrastructure/secrets/release.yaml
index a64f39be980d5fdf09c5be8bfd00c8d2cf35ecfc..4073c1768bdba6a4e64880fbe108d1e15e4dd62d 100644
--- a/flux2/infrastructure/secrets/release.yaml
+++ b/flux2/infrastructure/secrets/release.yaml
@@ -14,3 +14,11 @@ spec:
name: openappstack
namespace: flux-system
interval: 1h0m0s
+ # Allow custom values either by configMap or by secret
+ valuesFrom:
+ - kind: ConfigMap
+ name: oas-secrets-override
+ optional: true
+ - kind: Secret
+ name: oas-secrets-override
+ optional: true
diff --git a/install/install-nextcloud.sh b/install/install-nextcloud.sh
index e6aea0346665a8490e3afbb01bdafa28eda5b8ea..b1a2961641f07a38e43230cf03d475814e299f04 100755
--- a/install/install-nextcloud.sh
+++ b/install/install-nextcloud.sh
@@ -3,7 +3,7 @@
set -euo pipefail
# First, add some overrides for values that are only useful in CI
-kubectl apply -n oas-apps -f $( dirname "${BASH_SOURCE[0]}" )/nextcloud-values-override.yaml
+kubectl apply -n oas-apps -f $( dirname "${BASH_SOURCE[0]}" )/oas-nextcloud-override.yaml
# This kustomization's only purpose is to add the kustomization that is in the
# flxu2/cluster/optional/nextcloud folder. After this kustomization is applied
diff --git a/install/nextcloud-values-override.yaml b/install/oas-nextcloud-override.yaml
similarity index 81%
rename from install/nextcloud-values-override.yaml
rename to install/oas-nextcloud-override.yaml
index 238c6409e4380ad5c327b10e396efa16fcbf6ae1..5ad5657aea91c73c72d1db5ee08debbb856ca9c1 100644
--- a/install/nextcloud-values-override.yaml
+++ b/install/oas-nextcloud-override.yaml
@@ -2,7 +2,7 @@
apiVersion: v1
kind: ConfigMap
metadata:
- name: nextcloud-values-override
+ name: oas-nextcloud-override
data:
values.yaml: |
onlyoffice: