Publish new changes in catalog

charts/nextcloud/2.0.0/.helmignore

@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

charts/nextcloud/2.0.0/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+  repository: file://../../../common
+  version: 1.2.9
+digest: sha256:af1a9a1f87e3e48453c9f25f909f5ebcd7fa6e25162b7b425448ba752bcdbc5c
+generated: "2024-04-12T15:56:46.904719299+03:00"

charts/nextcloud/2.0.0/Chart.yaml

@@ -0,0 +1,30 @@
+name: nextcloud
+description: A file sharing server that puts the control and security of your own
+  data back into your hands.
+annotations:
+  title: Nextcloud
+type: application
+version: 2.0.0
+apiVersion: v2
+appVersion: 29.0.0
+kubeVersion: '>=1.16.0-0'
+maintainers:
+  - name: truenas
+    url: https://www.truenas.com/
+    email: dev@ixsystems.com
+dependencies:
+  - name: common
+    repository: file://../../../common
+    version: 1.2.9
+home: https://nextcloud.com/
+icon: https://media.sys.truenas.net/apps/nextcloud/icons/icon.svg
+sources:
+  - https://github.com/nextcloud/docker
+  - https://github.com/nextcloud/helm
+  - https://github.com/truenas/charts/tree/master/charts/nextcloud
+keywords:
+  - nextcloud
+  - storage
+  - http
+  - web
+  - php

charts/nextcloud/2.0.0/README.md

@@ -0,0 +1,3 @@
+# Nextcloud
+
+[Nextcloud](https://nextcloud.com/) is a file sharing server that puts the control and security of your own data back into your hands.

charts/nextcloud/2.0.0/app-readme.md

@@ -0,0 +1,3 @@
+# Nextcloud
+
+[Nextcloud](https://nextcloud.com/) is a file sharing server that puts the control and security of your own data back into your hands.

charts/nextcloud/2.0.0/ci/basic-values.yaml

@@ -0,0 +1,31 @@
+ncConfig:
+  adminUser: admin
+  adminPassword: password
+  host: "127.0.0.1"
+  dataDir: /var/www/html/data
+  commands:
+    - ffmpeg
+    - smbclient
+  maxUploadLimit: 3
+  phpMemoryLimit: 512
+
+ncNetwork:
+  webPort: 30001
+  nginx:
+    proxyTimeouts: 120
+    useDifferentAccessPort: false
+    externalAccessPort: 80
+
+ncStorage:
+  pgData:
+    type: pvc
+  html:
+    type: pvc
+  data:
+    type: pvc
+  pgBackup:
+    type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""
+  additionalStorages: []

charts/nextcloud/2.0.0/ci/https-values.yaml

@@ -0,0 +1,118 @@
+ncConfig:
+  adminUser: admin
+  adminPassword: password
+  host: "127.0.0.1"
+  dataDir: /var/www/html/data
+  commands:
+    - ffmpeg
+    - smbclient
+  maxUploadLimit: 3
+  phpMemoryLimit: 512
+
+ncNetwork:
+  webPort: 30001
+  certificateID: 1
+  nginx:
+    proxyTimeouts: 120
+    useDifferentAccessPort: false
+    externalAccessPort: 80
+
+ncStorage:
+  pgData:
+    type: pvc
+  html:
+    type: pvc
+  data:
+    type: pvc
+  pgBackup:
+    type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""
+  additionalStorages: []
+
+ixCertificates:
+  "1":
+    certificate: |
+      -----BEGIN CERTIFICATE-----
+      MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+      ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+      VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+      HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+      MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+      BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+      ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+      Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+      P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+      2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+      PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+      AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+      AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+      hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+      AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+      CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+      DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+      FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+      BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+      KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+      h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+      fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+      x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+      MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+      -----END CERTIFICATE-----
+      -----BEGIN CERTIFICATE-----
+      MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+      ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+      VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+      HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+      CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+      CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+      IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+      2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+      iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+      M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+      Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+      VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+      AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+      wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+      AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+      pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+      MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+      SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+      BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+      zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+      PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+      TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+      2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+      +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+      M7Y3vwxshpo=
+      -----END CERTIFICATE-----
+    privatekey: |
+      -----BEGIN PRIVATE KEY-----
+      MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+      HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+      H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+      4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+      NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+      +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+      A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+      eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+      N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+      EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+      PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+      0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+      6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+      FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+      L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+      d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+      0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+      MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+      wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+      DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+      wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+      nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+      dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+      //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+      qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+      3G15AKCXo7jjOUtHY01DCQ==
+      -----END PRIVATE KEY-----

charts/nextcloud/2.0.0/ci/no-cron.yaml

@@ -0,0 +1,31 @@
+ncConfig:
+  adminUser: admin
+  adminPassword: password
+  host: "127.0.0.1"
+  dataDir: /var/www/html/data
+  cron:
+    enabled: false
+  commands: []
+  maxUploadLimit: 3
+  phpMemoryLimit: 512
+
+ncNetwork:
+  webPort: 30001
+  nginx:
+    proxyTimeouts: 120
+    useDifferentAccessPort: false
+    externalAccessPort: 80
+
+ncStorage:
+  pgData:
+    type: pvc
+  html:
+    type: pvc
+  data:
+    type: pvc
+  pgBackup:
+    type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""
+  additionalStorages: []

charts/nextcloud/2.0.0/ci/nocmd-values.yaml

@@ -0,0 +1,29 @@
+ncConfig:
+  adminUser: admin
+  adminPassword: password
+  host: "127.0.0.1"
+  dataDir: /var/www/html/data
+  commands: []
+  maxUploadLimit: 3
+  phpMemoryLimit: 512
+
+ncNetwork:
+  webPort: 30001
+  nginx:
+    proxyTimeouts: 120
+    useDifferentAccessPort: false
+    externalAccessPort: 80
+
+ncStorage:
+  pgData:
+    type: pvc
+  html:
+    type: pvc
+  data:
+    type: pvc
+  pgBackup:
+    type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""
+  additionalStorages: []

charts/nextcloud/2.0.0/ci/onedata-values.yaml

@@ -0,0 +1,76 @@
+ncConfig:
+  adminUser: admin
+  adminPassword: password
+  host: "127.0.0.1"
+  dataDir: /var/www/html/data
+  commands: []
+  maxUploadLimit: 3
+  phpMemoryLimit: 512
+
+ncNetwork:
+  webPort: 30001
+  nginx:
+    proxyTimeouts: 120
+    useDifferentAccessPort: false
+    externalAccessPort: 80
+
+ncStorage:
+  isDataInTheSameVolume: true
+  html:
+    type: hostPath
+    hostPathConfig:
+      hostPath: /mnt/{{ .Release.Name }}/test
+  data:
+    type: hostPath
+    hostPathConfig:
+      hostPath: /mnt/{{ .Release.Name }}/test
+  pgData:
+    type: pvc
+  pgBackup:
+    type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""
+  additionalStorages: []
+
+##### CI Hack #####
+# What this hack does is that it will create a pod before the chart install
+# A hostPath is attached to the pod, which will force k8s to create the directory on the host.
+# so the actual test run will find the directory created there. (Storage attached to the actual NC chart
+# uses `subPath` for which k8s will not created the directory on the host.)
+workload:
+  ci-hack:
+    enabled: true
+    type: Job
+    annotations:
+      "helm.sh/hook": pre-install
+      "helm.sh/hook-weight": "1"
+      "helm.sh/hook-delete-policy": hook-succeeded
+    podSpec:
+      restartPolicy: Never
+      containers:
+        ci-hack:
+          enabled: true
+          primary: true
+          image: bashImage
+          command: bash
+          args:
+            - -c
+            - exit 0
+          probes:
+            liveness:
+              enabled: false
+            readiness:
+              enabled: false
+            startup:
+              enabled: false
+persistence:
+  ci-hack:
+    enabled: true
+    type: hostPath
+    hostPath: /mnt/{{ .Release.Name }}/test/data
+    hostPathType: DirectoryOrCreate
+    targetSelector:
+      ci-hack:
+        ci-hack:
+          mountPath: /ci

charts/nextcloud/2.0.0/ix_values.yaml

@@ -0,0 +1,89 @@
+image:
+  pullPolicy: IfNotPresent
+  repository: nextcloud
+  tag: 29.0.0
+nginxImage:
+  pullPolicy: IfNotPresent
+  repository: nginx
+  tag: 1.25.4
+# Keep using the same image
+# as before the migration
+ncPostgresImage:
+  pullPolicy: IfNotPresent
+  repository: postgres
+  tag: "13.1"
+
+resources:
+  limits:
+    cpu: 4000m
+    memory: 8Gi
+
+podOptions:
+  dnsConfig:
+    options: []
+
+ncConfig:
+  adminUser: admin
+  adminPassword: password
+  host: ""
+  dataDir: /var/www/html/data
+  commands:
+    - ffmpeg
+    - smbclient
+  maxUploadLimit: 3
+  phpMemoryLimit: 512
+  opCacheMemoryConsumption: 128
+  maxExecutionTime: 30
+  cron:
+    enabled: true
+    schedule: "*/15 * * * *"
+  additionalEnvs: []
+
+ncNetwork:
+  webPort: 9001
+  certificateID:
+  nginx:
+    proxyTimeouts: 120
+    useDifferentAccessPort: false
+    externalAccessPort: 80
+
+ncStorage:
+  data:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: data
+  html:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: html
+  pgData:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: pgData
+  pgBackup:
+    # TODO: NC creates a different user/pw for pg, so we should pass the
+    # config to the backup container so it can get the right details
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: pgBackup
+  additionalStorages: []
+
+notes:
+  custom: |
+    ## Database
+    You can connect to the database using the pgAdmin App from the catalog
+
+    <details>
+      <summary>Database Details</summary>
+
+      - Database: `{{ .Values.ncDbName }}`
+      - Username: `{{ .Values.ncDbUser }}`
+      - Password: `{{ .Values.ncDbPass }}`
+      - Host:     `{{ .Values.ncDbHost }}.{{ .Release.Namespace }}.svc.cluster.local`
+      - Port:     `5432`
+
+    </details>
+    {{- $_ := unset .Values "ncDbUser" }}
+    {{- $_ := unset .Values "ncDbName" }}
+    {{- $_ := unset .Values "ncDbPass" }}
+    {{- $_ := unset .Values "ncDbHost" }}

charts/nextcloud/2.0.0/metadata.yaml

@@ -0,0 +1,32 @@
+runAsContext:
+  - userName: root
+    groupName: root
+    gid: 0
+    uid: 0
+    description: Nextcloud runs as root user.
+  - userName: root
+    groupName: root
+    gid: 999
+    uid: 999
+    description: Postgres runs as root user.
+  - userName: root
+    groupName: root
+    gid: 0
+    uid: 0
+    description: Nginx runs as root user. (Nginx only runs when certificate is provided)
+capabilities:
+  - name: CHOWN
+    description: Nextcloud, Nginx and Postgres are able to chown files.
+  - name: FOWNER
+    description: Nextcloud, Nginx and Postgres are able to bypass permission checks for it's sub-processes.
+  - name: DAC_OVERRIDE
+    description: Nextcloud, Nginx and Postgres are able to bypass permission checks.
+  - name: SETGID
+    description: Nextcloud, Nginx and Postgres are able to set group ID for it's sub-processes.
+  - name: SETUID
+    description: Nextcloud, Nginx and Postgres are able to set user ID for it's sub-processes.
+  - name: NET_BIND_SERVICE
+    description: Nextcloud, Nginx and Postgres are able to bind to privileged ports.
+  - name: NET_RAW
+    description: Nextcloud, Nginx and Postgres are able to use raw sockets.
+hostMounts: []

charts/nextcloud/2.0.0/migrations/migrate

@@ -0,0 +1,110 @@
+#!/usr/bin/python3
+import json
+import os
+import sys
+
+def migrate_volume(volume, suffix=''):
+    return {
+        'type': 'hostPath',
+        'hostPathConfig': {
+            'hostPath': volume['hostPath']+suffix
+        },
+    } if volume.get('hostPathEnabled', False) else {
+        'type': 'ixVolume',
+        'ixVolumeConfig': {
+            'datasetName': volume['datasetName'],
+        },
+    }
+
+def migrate_common_lib(values):
+    delete_keys = [
+        'service', 'updateStrategy', 'certificate', 'enableResourceLimits', 'cpuLimit',
+        'memLimit', 'dnsConfig', 'environmentVariables', 'nextcloud', 'cronjob', 'nginx',
+        'nginxConfig', 'postgresAppVolumeMounts', 'extraAppVolumeMounts', 'appVolumeMounts',
+        'useServiceNameForHost',
+    ]
+
+    values.update({
+        'shouldShowStorageToggle': True,
+        'isDataInTheSameVolume': True,
+        # Migrate Network
+        'ncNetwork': {
+            'webPort': values['service']['nodePort'],
+            'certificateID': values['certificate'],
+            'nginx': {
+                'proxyTimeouts': values.get('nginxConfig', {}).get('proxy_timeouts', 60),
+                'useDifferentAccessPort': values.get('nginxConfig', {}).get('useDifferentAccessPort', False),
+                'externalAccessPort': values.get('nginxConfig', {}).get('externalAccessPort', 443)
+            }
+        },
+        # Migrate Resources
+        'resources': {
+            'limits': {
+                'cpu': values.get('cpuLimit', '4000m'),
+                'memory': values.get('memLimit', '8Gi'),
+            }
+        },
+        # Migrate DNS
+        'podOptions': {
+            'dnsConfig': {
+                'options': [
+                    {'name': opt['name'], 'value': opt['value']}
+                    for opt in values.get('dnsConfig', {}).get('options', [])
+                ]
+            }
+        },
+        # Migrate Config
+        'ncConfig': {
+            'additionalEnvs': values.get('environmentVariables', []),
+            'adminUser': values['nextcloud']['username'],
+            'adminPassword': values['nextcloud']['password'],
+            'host': values['nextcloud'].get('host', ''),
+            'dataDir': values['nextcloud']['datadir'],
+            'commands': (['ffmpeg'] if values['nextcloud']['install_ffmpeg'] else []) + (['smbclient'] if values['nextcloud']['install_smbclient'] else []),
+            'maxUploadLimit': values['nextcloud']['max_upload_size'],
+            'maxExecutionTime': values['nextcloud']['max_execution_time'],
+            'phpMemoryLimit': values['nextcloud']['php_memory_limit'],
+            'opCacheMemoryConsumption': values['nextcloud']['opcache_memory_consumption'],
+            'cron': {
+                'enabled': values['cronjob']['enabled'],
+                'schedule': values['cronjob']['schedule'] if values['cronjob']['enabled'] else '*/15 * * * *',
+            }
+        },
+        # Migrate Storage
+        'ncStorage': {
+            'pgData': migrate_volume(values['postgresAppVolumeMounts']['postgres-data']),
+            'pgBackup': migrate_volume(values['postgresAppVolumeMounts']['postgres-backup']),
+            'data': migrate_volume(values['appVolumeMounts']['nextcloud-data']),
+            'html': migrate_volume(values['appVolumeMounts']['nextcloud-data']),
+            'additionalStorages': [
+                {
+                    'type': 'hostPath',
+                    'hostPathConfig': {'hostPath': e['hostPath']},
+                    'mountPath': e['mountPath'],
+                }
+                for e in values.get('extraAppVolumeMounts', [])
+            ],
+        },
+    })
+
+    for k in delete_keys:
+        values.pop(k, None)
+
+    return values
+
+def migrate(values):
+    # If this missing, we have already migrated
+    if not 'appVolumeMounts' in values.keys():
+        return values
+
+
+    return migrate_common_lib(values)
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 2:
+        exit(1)
+
+    if os.path.exists(sys.argv[1]):
+        with open(sys.argv[1], 'r') as f:
+            print(json.dumps(migrate(json.loads(f.read()))))

charts/nextcloud/2.0.0/questions.yaml

@@ -0,0 +1,760 @@
+groups:
+  - name: Nextcloud Configuration
+    description: Configure Nextcloud
+  - name: Advanced Pod Configuration
+    description: Configure Advanced Pod Options for Nextcloud
+  - name: Network Configuration
+    description: Configure Network for Nextcloud
+  - name: Storage Configuration
+    description: Configure Storage for Nextcloud
+  - name: Resources Configuration
+    description: Configure Resources for Nextcloud
+
+portals:
+  web_portal:
+    protocols:
+      - "$kubernetes-resource_configmap_portal_protocol"
+    host:
+      - "$kubernetes-resource_configmap_portal_host"
+    ports:
+      - "$kubernetes-resource_configmap_portal_port"
+    path: "$kubernetes-resource_configmap_portal_path"
+
+questions:
+  - variable: ncConfig
+    label: ""
+    group: Nextcloud Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: adminUser
+          label: Admin User
+          description: The Nextcloud admin user.
+          schema:
+            type: string
+            default: ""
+            required: true
+        - variable: adminPassword
+          label: Admin Password
+          description: The Nextcloud admin password.
+          schema:
+            type: string
+            default: ""
+            required: true
+        - variable: host
+          label: Host
+          description: Nextcloud host to create application URLs
+          schema:
+            type: string
+            $ref:
+              - "definitions/nodeIP"
+        - variable: dataDir
+          label: "Nextcloud data directory"
+          description: "Configures the data directory where Nextcloud stores all files from the users. The path refers to the path inside the container"
+          schema:
+            type: path
+            default: "/var/www/html/data"
+            required: true
+        - variable: commands
+          label: Commands
+          description: Commands to run in the Nextcloud container
+          schema:
+            type: list
+            items:
+              - variable: command
+                label: Command
+                schema:
+                  type: string
+                  required: true
+                  enum:
+                    - value: ffmpeg
+                      description: ffmpeg
+                    - value: smbclient
+                      description: smbclient
+        - variable: maxUploadLimit
+          label: Max Upload Size (Giga Bytes)
+          description: |
+            Applies the timeout to the following settings:</br>
+            - client_max_body_size in nginx</br>
+            - post_max_size and upload_max_filesize in php</br>
+          schema:
+            type: int
+            default: 3
+            min: 1
+            required: true
+        - variable: maxExecutionTime
+          label: Max Execution Time (Seconds)
+          description: Configures the max execution time of php
+          schema:
+            type: int
+            default: 30
+            min: 30
+            required: true
+        - variable: phpMemoryLimit
+          label: PHP Memory Limit (Mega Bytes)
+          description: Configures the memory limit of php
+          schema:
+            type: int
+            default: 512
+            min: 128
+            max: 4096
+            required: true
+        - variable: opCacheMemoryConsumption
+          label: Opcache Memory Consumption (Mega Bytes)
+          description: Configures the memory consumption of the opcache
+          schema:
+            type: int
+            min: 128
+            max: 1024
+            default: 128
+            required: true
+        - variable: cron
+          label: Cron
+          description: Configures the cron job for Nextcloud
+          schema:
+            type: dict
+            attrs:
+              - variable: enabled
+                label: Enabled
+                schema:
+                  type: boolean
+                  default: true
+                  required: true
+              - variable: schedule
+                label: Schedule
+                schema:
+                  type: string
+                  show_if: [["enabled", "=", true]]
+                  default: "*/15 * * * *"
+                  required: true
+
+  - variable: podOptions
+    label: ""
+    group: Advanced Pod Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: dnsConfig
+          label: Advanced DNS Configuration
+          schema:
+            type: dict
+            attrs:
+              - variable: options
+                label: DNS Options
+                schema:
+                  type: list
+                  items:
+                    - variable: optionsEntry
+                      label: DNS Option Entry
+                      schema:
+                        type: dict
+                        attrs:
+                          - variable: name
+                            label: Option Name
+                            schema:
+                              type: string
+                              required: true
+                          - variable: value
+                            label: Option Value
+                            schema:
+                              type: string
+                              required: true
+
+  - variable: ncNetwork
+    label: ""
+    group: Network Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: webPort
+          label: Web Port
+          description: The port for the Nextcloud Web UI.
+          schema:
+            type: int
+            default: 20810
+            min: 9000
+            max: 65535
+            required: true
+        - variable: certificateID
+          label: Certificate
+          description: The certificate to use for Nextcloud
+          schema:
+            type: int
+            "null": true
+            $ref:
+              - "definitions/certificate"
+        - variable: nginx
+          label: Nginx Configuration
+          schema:
+            type: dict
+            show_if: [["certificateID", "!=", null]]
+            attrs:
+              - variable: proxyTimeouts
+                label: Proxy timeouts (Seconds)
+                description: |
+                  Applies the timeout to the following settings:</br>
+                  - proxy_connect_timeout</br>
+                  - proxy_send_timeout</br>
+                  - proxy_read_timeout</br>
+                schema:
+                  type: int
+                  min: 30
+                  default: 60
+                  required: true
+              - variable: useDifferentAccessPort
+                label: Use different port for URL rewrites
+                description: |
+                  If enabled, the URL rewrite will use [Access Port] defined below instead of the [Node Port].</br>
+                  Note that Nextcloud will still listen on the [Node Port]. (Default 9001)
+                schema:
+                  type: boolean
+                  default: false
+              - variable: externalAccessPort
+                label: External Access Port
+                schema:
+                  type: int
+                  show_if: [["useDifferentAccessPort", "=", true]]
+                  min: 443
+                  max: 65535
+                  default: 443
+                  required: true
+
+  - variable: ncStorage
+    label: ""
+    group: Storage Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: shouldShowStorageToggle
+          label: ""
+          schema:
+            type: boolean
+            default: false
+            hidden: true
+        - variable: isDataInTheSameVolume
+          label: "Pre v2 Storage Structure (See the tooltip for more information)"
+          description: |
+            If this is checked, means that this is an installation coming from a previous version (v1.x.x).<br/>
+            In order to have backwards compatibility, the older storage structure was kept for this installation.<br/>
+            If you want to utilize the new storage structure, move 'data' in a separate directory or dataset.
+            Change the 'Nextcloud UserData' configuration below to point to the new location and then uncheck this checkbox.
+            <br/><br/>
+            You will NOT likely want to change that if your setup uses ixVolume as storage.
+          schema:
+            type: boolean
+            show_if: [["shouldShowStorageToggle", "=", true]]
+            default: false
+        - variable: html
+          label: Nextcloud HTML Storage
+          description: The path to store Nextcloud HTML and AppData.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "html"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+        - variable: data
+          label: Nextcloud User Data Storage
+          description: The path to store Nextcloud User Data.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "html"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+
+        - variable: pgData
+          label: Nextcloud Postgres Data Storage
+          description: The path to store Nextcloud Postgres Data.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  # Nothing to show for the user
+                  hidden: true
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "pgData"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+        - variable: pgBackup
+          label: Nextcloud Postgres Backup Storage
+          description: The path to store Nextcloud Postgres Backup.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  # Nothing to show for the user
+                  hidden: true
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "pgBackup"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+
+        - variable: additionalStorages
+          label: Additional Storage
+          description: Additional storage for Nextcloud.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: storageEntry
+                label: Storage Entry
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: type
+                      label: Type
+                      description: |
+                        ixVolume: Is dataset created automatically by the system.</br>
+                        Host Path: Is a path that already exists on the system.</br>
+                        SMB Share: Is a SMB share that is mounted to a persistent volume claim.
+                      schema:
+                        type: string
+                        required: true
+                        default: "ixVolume"
+                        immutable: true
+                        enum:
+                          - value: "hostPath"
+                            description: Host Path (Path that already exists on the system)
+                          - value: "ixVolume"
+                            description: ixVolume (Dataset created automatically by the system)
+                          - value: "smb-pv-pvc"
+                            description: SMB Share (Mounts a persistent volume claim to a SMB share)
+                    - variable: readOnly
+                      label: Read Only
+                      description: Mount the volume as read only.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: mountPath
+                      label: Mount Path
+                      description: The path inside the container to mount the storage.
+                      schema:
+                        type: path
+                        required: true
+                    - variable: hostPathConfig
+                      label: Host Path Configuration
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "hostPath"]]
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: acl
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                              $ref:
+                                - "normalize/acl"
+                          - variable: hostPath
+                            label: Host Path
+                            description: The host path to use for storage.
+                            schema:
+                              type: hostpath
+                              show_if: [["aclEnable", "=", false]]
+                              required: true
+                    - variable: ixVolumeConfig
+                      label: ixVolume Configuration
+                      description: The configuration for the ixVolume dataset.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "ixVolume"]]
+                        $ref:
+                          - "normalize/ixVolume"
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: datasetName
+                            label: Dataset Name
+                            description: The name of the dataset to use for storage.
+                            schema:
+                              type: string
+                              required: true
+                              immutable: true
+                              default: "storage_entry"
+                          - variable: aclEntries
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                    - variable: smbConfig
+                      label: SMB Share Configuration
+                      description: The configuration for the SMB Share.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "smb-pv-pvc"]]
+                        attrs:
+                          - variable: server
+                            label: Server
+                            description: The server for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: share
+                            label: Share
+                            description: The share name for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: domain
+                            label: Domain (Optional)
+                            description: The domain for the SMB share.
+                            schema:
+                              type: string
+                          - variable: username
+                            label: Username
+                            description: The username for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: password
+                            label: Password
+                            description: The password for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                              private: true
+                          - variable: size
+                            label: Size (in Gi)
+                            description: The size of the volume quota.
+                            schema:
+                              type: int
+                              required: true
+                              min: 1
+                              default: 1
+
+  - variable: resources
+    group: Resources Configuration
+    label: ""
+    schema:
+      type: dict
+      attrs:
+        - variable: limits
+          label: Limits
+          schema:
+            type: dict
+            attrs:
+              - variable: cpu
+                label: CPU
+                description: CPU limit for WG-Easy.
+                schema:
+                  type: string
+                  max_length: 6
+                  valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
+                  valid_chars_error: |
+                    Valid CPU limit formats are</br>
+                    - Plain Integer - eg. 1</br>
+                    - Float - eg. 0.5</br>
+                    - Milicpu - eg. 500m
+                  default: "4000m"
+                  required: true
+              - variable: memory
+                label: Memory
+                description: Memory limit for WG-Easy.
+                schema:
+                  type: string
+                  max_length: 12
+                  valid_chars: "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$"
+                  valid_chars_error: |
+                    Valid Memory limit formats are</br>
+                    - Suffixed with E/P/T/G/M/K - eg. 1G</br>
+                    - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>
+                    - Plain Integer in bytes - eg. 1024</br>
+                    - Exponent - eg. 134e6
+                  default: "8Gi"
+                  required: true

charts/nextcloud/2.0.0/templates/NOTES.txt

@@ -0,0 +1 @@
+{{ include "ix.v1.common.lib.chart.notes" $ }}

charts/nextcloud/2.0.0/templates/_configuration.tpl

@@ -0,0 +1,101 @@
+{{- define "nextcloud.configuration" -}}
+
+  {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}}
+
+  {{- $dbHost := (printf "%s-postgres" $fullname) -}}
+  {{- $dbUser := "nextcloud" -}}
+  {{- $dbName := "nextcloud" -}}
+  {{- $dbPass := (randAlphaNum 32) -}}
+
+  {{/* Fetch secrets from pre-migration secret */}}
+  {{- with (lookup "v1" "Secret" .Release.Namespace "db-details") -}}
+    {{- $dbUser = ((index .data "db-user") | b64dec) -}}
+    {{- $dbPass = ((index .data "db-password") | b64dec) -}}
+  {{- end -}}
+
+  {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-postgres-creds" $fullname)) -}}
+    {{- $dbUser = ((index .data "POSTGRES_USER") | b64dec) -}}
+    {{- $dbPass = ((index .data "POSTGRES_PASSWORD") | b64dec) -}}
+  {{- end -}}
+
+  {{- $redisHost := (printf "%s-redis" $fullname) -}}
+
+  {{- $redisPass := randAlphaNum 32 -}}
+  {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-redis-creds" $fullname)) -}}
+    {{- $redisPass = ((index .data "REDIS_PASSWORD") | b64dec) -}}
+  {{- end -}}
+
+  {{/* Temporary set dynamic db details on values,
+  so we can print them on the notes */}}
+  {{- $_ := set .Values "ncDbPass" $dbPass -}}
+  {{- $_ := set .Values "ncDbHost" $dbHost -}}
+  {{- $_ := set .Values "ncDbName" $dbName -}}
+  {{- $_ := set .Values "ncDbUser" $dbUser -}}
+
+  {{- $dbURL := (printf "postgres://%s:%s@%s:5432/%s?sslmode=disable" $dbUser $dbPass $dbHost $dbName) }}
+secret:
+  postgres-creds:
+    enabled: true
+    data:
+      POSTGRES_USER: {{ $dbUser }}
+      POSTGRES_DB: {{ $dbName }}
+      POSTGRES_PASSWORD: {{ $dbPass }}
+      POSTGRES_HOST: {{ $dbHost }}
+      POSTGRES_URL: {{ $dbURL }}
+
+  redis-creds:
+    enabled: true
+    data:
+      ALLOW_EMPTY_PASSWORD: "no"
+      REDIS_PASSWORD: {{ $redisPass }}
+      REDIS_HOST: {{ $redisHost }}
+
+  nextcloud-creds:
+    enabled: true
+    data:
+      POSTGRES_HOST: {{ $dbHost }}:5432
+      POSTGRES_DB: {{ $dbName }}
+      POSTGRES_USER: {{ $dbUser }}
+      POSTGRES_PASSWORD: {{ $dbPass }}
+      REDIS_HOST: {{ $redisHost }}
+      REDIS_HOST_PORT: "6379"
+      REDIS_HOST_PASSWORD: {{ $redisPass }}
+      NEXTCLOUD_DATA_DIR: {{ .Values.ncConfig.dataDir }}
+      PHP_UPLOAD_LIMIT: {{ printf "%vG" .Values.ncConfig.maxUploadLimit | default 3 }}
+      PHP_MEMORY_LIMIT: {{ printf "%vM" .Values.ncConfig.phpMemoryLimit | default 512 }}
+      NEXTCLOUD_TRUSTED_DOMAINS: {{ list .Values.ncConfig.host "127.0.0.1" "localhost" $fullname (printf "%v-*" $fullname) | mustUniq | join " " | quote }}
+      NEXTCLOUD_ADMIN_USER: {{ .Values.ncConfig.adminUser }}
+      NEXTCLOUD_ADMIN_PASSWORD: {{ .Values.ncConfig.adminPassword }}
+    {{- if .Values.ncNetwork.certificateID }}
+      {{- $svcCidr := "" -}}
+      {{- $clusterCidr := "" -}}
+      {{- if .Values.global.ixChartContext -}}
+        {{- $svcCidr = .Values.global.ixChartContext.kubernetes_config.service_cidr -}}
+        {{- $clusterCidr = .Values.global.ixChartContext.kubernetes_config.cluster_cidr -}}
+      {{- end }}
+      APACHE_DISABLE_REWRITE_IP: "1"
+      OVERWRITEPROTOCOL: "https"
+      TRUSTED_PROXIES: {{ list  $svcCidr $clusterCidr "127.0.0.1" | mustUniq | join "," | quote }}
+      {{- if and .Values.ncConfig.host .Values.ncNetwork.webPort }}
+        {{- $overwritehost := .Values.ncConfig.host -}}
+        {{- if .Values.ncNetwork.nginx.useDifferentAccessPort }}
+          {{ $overwritehost = (printf "%v:%v" .Values.ncConfig.host .Values.ncNetwork.webPort) }}
+        {{- end }}
+      OVERWRITEHOST: {{ $overwritehost }}
+      {{- end }}
+    {{- end }}
+  {{- if eq (include "nextcloud.is-migration" $) "true" }}
+  postgres-backup-creds:
+    enabled: true
+    annotations:
+      helm.sh/hook: "pre-upgrade"
+      helm.sh/hook-delete-policy: "hook-succeeded"
+      helm.sh/hook-weight: "1"
+    data:
+      POSTGRES_USER: {{ $dbUser }}
+      POSTGRES_DB: {{ $dbName }}
+      POSTGRES_PASSWORD: {{ $dbPass }}
+      POSTGRES_HOST: {{ $dbHost }}
+      POSTGRES_URL: {{ printf "postgres://%s:%s@%s:5432/%s?sslmode=disable" $dbUser $dbPass $dbHost $dbName }}
+  {{- end }}
+{{- end -}}

charts/nextcloud/2.0.0/templates/_cron.tpl

@@ -0,0 +1,37 @@
+{{- define "nextcloud.cron" -}}
+workload:
+  nextcloud-cron:
+    enabled: true
+    type: CronJob
+    schedule: {{ .Values.ncConfig.cron.schedule | quote }}
+    concurrencyPolicy: Forbid
+    podSpec:
+      restartPolicy: Never
+      hostNetwork: false
+      securityContext:
+        fsGroup: 33
+      containers:
+        nextcloud-cron:
+          enabled: true
+          primary: true
+          imageSelector: image
+          securityContext:
+            runAsUser: 33
+            runAsGroup: 0
+            runAsNonRoot: false
+            readOnlyRootFilesystem: false
+          envFrom:
+            - secretRef:
+                name: nextcloud-creds
+          command:
+            - php
+            - -f
+            - /var/www/html/cron.php
+          probes:
+            liveness:
+              enabled: false
+            readiness:
+              enabled: false
+            startup:
+              enabled: false
+{{- end -}}

charts/nextcloud/2.0.0/templates/_migration.tpl

@@ -0,0 +1,48 @@
+{{- define "nextcloud.get-versions" -}}
+  {{- $oldChartVersion := "" -}}
+  {{- $newChartVersion := "" -}}
+
+  {{/* Safely access the context, so it wont block CI */}}
+  {{- if hasKey .Values.global "ixChartContext" -}}
+    {{- if .Values.global.ixChartContext.upgradeMetadata -}}
+
+      {{- $oldChartVersion = .Values.global.ixChartContext.upgradeMetadata.oldChartVersion -}}
+      {{- $newChartVersion = .Values.global.ixChartContext.upgradeMetadata.newChartVersion -}}
+      {{- if and (not $oldChartVersion) (not $newChartVersion) -}}
+        {{- fail "Upgrade Metadata is missing. Cannot proceed" -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- toYaml (dict "old" $oldChartVersion "new" $newChartVersion) -}}
+{{- end -}}
+
+{{- define "nextcloud.migration" -}}
+  {{- $versions := (fromYaml (include "nextcloud.get-versions" $)) -}}
+  {{- if and $versions.old $versions.new -}}
+    {{- $oldV := semver $versions.old -}}
+    {{- $newV := semver $versions.new -}}
+
+    {{/* If new is v2.x.x */}}
+    {{- if eq ($newV.Major | int) 2 -}}
+      {{/* And old is v1.x.x, but lower than .6.61 */}}
+      {{- if and (eq $oldV.Major 1) (or (ne $oldV.Minor 6) (lt ($oldV.Patch | int) 61)) -}}
+        {{/* Block the upgrade */}}
+        {{- fail "Migration to 2.x.x is only allowed from 1.6.61 or higher" -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "nextcloud.is-migration" -}}
+  {{- $isMigration := "" -}}
+  {{- $versions := (fromYaml (include "nextcloud.get-versions" $)) -}}
+  {{- if $versions.old -}}
+    {{- $oldV := semver $versions.old -}}
+    {{- if and (eq $oldV.Major 1) (eq ($oldV.Minor | int) 6) (eq ($oldV.Patch | int) 61) -}}
+      {{- $isMigration = "true" -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- $isMigration -}}
+{{- end -}}

charts/nextcloud/2.0.0/templates/_nextcloud-configs.tpl

@@ -0,0 +1,15 @@
+{{- define "nextcloud.configs" -}}
+{{ $bytesGB := 1073741824 }}
+configmap:
+  nextcloud-config:
+    enabled: true
+    data:
+      opcache.ini: |
+        opcache.memory_consumption={{ .Values.ncConfig.opCacheMemoryConsumption }}
+
+      php.ini: |
+        max_execution_time={{ .Values.ncConfig.maxExecutionTime }}
+
+      limitrequestbody.conf: |
+        LimitRequestBody {{ mul .Values.ncConfig.maxUploadLimit $bytesGB }}
+{{- end -}}

charts/nextcloud/2.0.0/templates/_nextcloud.tpl

@@ -0,0 +1,106 @@
+{{- define "nextcloud.workload" -}}
+workload:
+  nextcloud:
+    enabled: true
+    primary: true
+    type: Deployment
+    podSpec:
+      hostNetwork: false
+      securityContext:
+        fsGroup: 33
+      containers:
+        nextcloud:
+          enabled: true
+          primary: true
+          imageSelector: image
+          securityContext:
+            runAsUser: 0
+            runAsGroup: 0
+            runAsNonRoot: false
+            readOnlyRootFilesystem: false
+            capabilities:
+              add:
+                - CHOWN
+                - DAC_OVERRIDE
+                - FOWNER
+                - NET_BIND_SERVICE
+                - NET_RAW
+                - SETGID
+                - SETUID
+          envFrom:
+            - secretRef:
+                name: nextcloud-creds
+          {{ with .Values.ncConfig.additionalEnvs }}
+          envList:
+            {{ range $env := . }}
+            - name: {{ $env.name }}
+              value: {{ $env.value }}
+            {{ end }}
+          {{ end }}
+          probes:
+            liveness:
+              enabled: true
+              type: http
+              port: 80
+              path: /status.php
+              httpHeaders:
+                Host: localhost
+            readiness:
+              enabled: true
+              type: http
+              port: 80
+              path: /status.php
+              httpHeaders:
+                Host: localhost
+            startup:
+              enabled: true
+            {{- include "nextcloud.validate-commands" $ -}}
+            {{- $cmds := .Values.ncConfig.commands | mustUniq -}}
+            {{- if not $cmds }}
+              type: http
+              port: 80
+              path: /status.php
+              httpHeaders:
+                Host: localhost
+            {{- else }}
+              type: exec
+              command:
+                - /bin/sh
+                - -c
+                - |
+                  check_commands={{ join " " $cmds }}
+                  for comm in $check_commands; do
+                    if ! command -v $comm /dev/null 2>&1; then
+                      echo "Command $comm not found"
+                      exit 1
+                    fi
+                  done
+            {{- end }}
+          lifecycle:
+            postStart:
+              type: exec
+              command:
+                - /bin/sh
+                - -c
+                - |
+                  echo "Installing {{ join " " $cmds }}..."
+                  apt update && apt install -y --no-install-recommends \
+                  {{ join " " $cmds }} || echo "Failed to install binary/binaries..."
+                  echo "Finished."
+      initContainers:
+      {{- include "ix.v1.common.app.postgresWait" (dict "name" "postgres-wait"
+                                                        "secretName" "postgres-creds") | nindent 8 }}
+      {{- include "ix.v1.common.app.redisWait" (dict  "name" "redis-wait"
+                                                      "secretName" "redis-creds") | nindent 8 }}
+{{- end -}}
+
+
+{{- define "nextcloud.validate-commands" -}}
+  {{- $allowedCommmads := list "ffmpeg" "smbclient" -}}
+
+  {{- range $c := .Values.ncConfig.commands | mustUniq -}}
+    {{- if not (mustHas $c $allowedCommmads) -}}
+      {{- fail (printf "Nextcloud - Expected command to be one of [%s], but got [%s]" (join ", " $allowedCommmads) $c) -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}

charts/nextcloud/2.0.0/templates/_nginx-configuration.tpl

@@ -0,0 +1,102 @@
+{{- define "nginx.configuration" -}}
+{{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}}
+
+{{- if .Values.ncNetwork.certificateID }}
+scaleCertificate:
+  nextcloud-cert:
+    enabled: true
+    id: {{ .Values.ncNetwork.certificateID }}
+
+  {{ $timeout := 60 }}
+  {{ $size := .Values.ncConfig.maxUploadLimit | default 3 }}
+  {{ $useDiffAccessPort := false }}
+  {{ $externalAccessPort := "" }}
+  {{/* Safely access key as it is conditionaly shown */}}
+  {{ if hasKey .Values.ncNetwork "nginx" }}
+    {{ $useDiffAccessPort = .Values.ncNetwork.nginx.useDifferentAccessPort }}
+    {{ $externalAccessPort = printf ":%v" .Values.ncNetwork.nginx.externalAccessPort }}
+    {{ $timeout = .Values.ncNetwork.nginx.proxyTimeouts | default 60 }}
+  {{ end }}
+  {{/* If its 443, do not append it on the rewrite at all */}}
+  {{ if eq $externalAccessPort ":443" }}
+    {{ $externalAccessPort = "" }}
+  {{ end }}
+configmap:
+  nginx:
+    enabled: true
+    data:
+      nginx.conf: |
+        events {}
+        http {
+          server {
+            # redirects all http requests to https requests
+            listen 8000 default_server;
+            listen [::]:8000 default_server;
+            return 301 https://$host$request_uri;
+          }
+
+          server {
+            server_name localhost;
+
+            listen {{ .Values.ncNetwork.webPort }} ssl http2;
+            listen [::]:{{ .Values.ncNetwork.webPort }} ssl http2;
+
+            ssl_certificate '/etc/nginx-certs/public.crt';
+            ssl_certificate_key '/etc/nginx-certs/private.key';
+
+            # maximum 3GB Upload File; change to fit your needs
+            client_max_body_size {{ $size }}G;
+
+            add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" always;
+
+            location = /robots.txt {
+              allow all;
+              log_not_found off;
+              access_log off;
+            }
+
+            location = /.well-known/carddav {
+              {{ if $useDiffAccessPort }}
+              return 301 $scheme://$host{{ $externalAccessPort }}/remote.php/dav;
+              {{ else }}
+              return 301 $scheme://$host:$server_port/remote.php/dav;
+              {{ end }}
+            }
+
+            location = /.well-known/caldav {
+              {{ if $useDiffAccessPort }}
+              return 301 $scheme://$host{{ $externalAccessPort }}/remote.php/dav;
+              {{ else }}
+              return 301 $scheme://$host:$server_port/remote.php/dav;
+              {{ end }}
+            }
+
+            location / {
+              proxy_pass http://{{ $fullname }}:80;
+              proxy_http_version                 1.1;
+              proxy_cache_bypass                 $http_upgrade;
+              proxy_request_buffering            off;
+
+              # Proxy headers
+              proxy_set_header Upgrade           $http_upgrade;
+              proxy_set_header Connection        "upgrade";
+              proxy_set_header Host              $http_host;
+              proxy_set_header X-Real-IP         $remote_addr;
+              proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+              proxy_set_header X-Forwarded-Proto https;
+              proxy_set_header X-Forwarded-Host  $host;
+              {{ if $useDiffAccessPort }}
+              proxy_set_header X-Forwarded-Port  {{ $externalAccessPort | default "443" | trimPrefix ":" }};
+              {{ else }}
+              proxy_set_header X-Forwarded-Port  $server_port;
+              {{ end }}
+
+              # Proxy timeouts
+              proxy_connect_timeout              {{ $timeout }}s;
+              proxy_send_timeout                 {{ $timeout }}s;
+              proxy_read_timeout                 {{ $timeout }}s;
+            }
+          }
+        }
+{{- end -}}
+{{- end -}}

charts/nextcloud/2.0.0/templates/_nginx.tpl

@@ -0,0 +1,68 @@
+{{- define "nginx.workload" -}}
+  {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}}
+  {{- $ncUrl := printf "http://%s:80" $fullname }}
+workload:
+  nginx:
+    enabled: true
+    type: Deployment
+    podSpec:
+      hostNetwork: false
+      containers:
+        nginx:
+          enabled: true
+          primary: true
+          imageSelector: nginxImage
+          securityContext:
+            runAsUser: 0
+            runAsGroup: 0
+            runAsNonRoot: false
+            readOnlyRootFilesystem: false
+            capabilities:
+              add:
+                - CHOWN
+                - DAC_OVERRIDE
+                - FOWNER
+                - NET_BIND_SERVICE
+                - NET_RAW
+                - SETGID
+                - SETUID
+          probes:
+            liveness:
+              enabled: true
+              type: https
+              port: {{ .Values.ncNetwork.webPort }}
+              path: /status.php
+              httpHeaders:
+                Host: localhost
+            readiness:
+              enabled: true
+              type: https
+              port: {{ .Values.ncNetwork.webPort }}
+              path: /status.php
+              httpHeaders:
+                Host: localhost
+            startup:
+              enabled: true
+              type: https
+              port: {{ .Values.ncNetwork.webPort }}
+              path: /status.php
+              httpHeaders:
+                Host: localhost
+      initContainers:
+        01-wait-server:
+          enabled: true
+          type: init
+          imageSelector: bashImage
+          command:
+            - bash
+          args:
+            - -c
+            - |
+              echo "Waiting for [{{ $ncUrl }}]";
+              until wget --spider --quiet --timeout=3 --tries=1 {{ $ncUrl }}/status.php;
+              do
+                echo "Waiting for [{{ $ncUrl }}]";
+                sleep 2;
+              done
+              echo "Nextcloud is up: {{ $ncUrl }}";
+{{- end -}}

charts/nextcloud/2.0.0/templates/_persistence.tpl

@@ -0,0 +1,179 @@
+{{- define "nextcloud.persistence" -}}
+persistence:
+  html:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.ncStorage.html) | nindent 4 }}
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          mountPath: /var/www/html
+          {{- if .Values.ncStorage.isDataInTheSameVolume }}
+          subPath: html
+          {{- end }}
+      nextcloud-cron:
+        nextcloud-cron:
+          mountPath: /var/www/html
+          {{- if .Values.ncStorage.isDataInTheSameVolume }}
+          subPath: html
+          {{- end }}
+      postgresbackup:
+        postgresbackup:
+          mountPath: /nc-config
+  data:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.ncStorage.data) | nindent 4 }}
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          mountPath: {{ .Values.ncConfig.dataDir }}
+          {{- if .Values.ncStorage.isDataInTheSameVolume }}
+          subPath: data
+          {{- end }}
+      nextcloud-cron:
+        nextcloud-cron:
+          mountPath: {{ .Values.ncConfig.dataDir }}
+          {{- if .Values.ncStorage.isDataInTheSameVolume }}
+          subPath: data
+          {{- end }}
+  {{- if .Values.ncStorage.isDataInTheSameVolume }}
+  config:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.ncStorage.html) | nindent 4 }}
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          mountPath: /var/www/html/config
+          subPath: config
+      nextcloud-cron:
+        nextcloud-cron:
+          mountPath: /var/www/html/config
+          subPath: config
+  customapps:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.ncStorage.html) | nindent 4 }}
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          mountPath: /var/www/html/custom_apps
+          subPath: custom_apps
+      nextcloud-cron:
+        nextcloud-cron:
+          mountPath: /var/www/html/custom_apps
+          subPath: custom_apps
+  themes:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.ncStorage.html) | nindent 4 }}
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          mountPath: /var/www/html/themes
+          subPath: themes
+      nextcloud-cron:
+        nextcloud-cron:
+          mountPath: /var/www/html/themes
+          subPath: themes
+  {{- end }}
+
+  # Configuration files mounting
+  nc-config-opcache:
+    enabled: true
+    type: configmap
+    objectName: nextcloud-config
+    defaultMode: "0755"
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          # z-99 is used to ensure that this file is loaded last
+          mountPath: /usr/local/etc/php/conf.d/opcache-z-99.ini
+          subPath: opcache.ini
+  nc-config-php:
+    enabled: true
+    type: configmap
+    objectName: nextcloud-config
+    defaultMode: "0755"
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          # z-99 is used to ensure that this file is loaded last
+          mountPath: /usr/local/etc/php/conf.d/nextcloud-z-99.ini
+          subPath: php.ini
+  nc-config-limreqbody:
+    enabled: true
+    type: configmap
+    objectName: nextcloud-config
+    defaultMode: "0755"
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          # https://github.com/nextcloud/docker/issues/1796
+          mountPath: /etc/apache2/conf-enabled/limitrequestbody.conf
+          subPath: limitrequestbody.conf
+  tmp:
+    enabled: true
+    type: emptyDir
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          mountPath: /tmp
+  {{- range $idx, $storage := .Values.ncStorage.additionalStorages }}
+  {{ printf "nc-%v:" (int $idx) }}
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
+    targetSelector:
+      nextcloud:
+        nextcloud:
+          mountPath: {{ $storage.mountPath }}
+      nextcloud-cron:
+        nextcloud-cron:
+          mountPath: {{ $storage.mountPath }}
+  {{- end }}
+  {{- if .Values.ncNetwork.certificateID }}
+  nginx-cert:
+    enabled: true
+    type: secret
+    objectName: nextcloud-cert
+    defaultMode: "0600"
+    items:
+      - key: tls.key
+        path: private.key
+      - key: tls.crt
+        path: public.crt
+    targetSelector:
+      nginx:
+        nginx:
+          mountPath: /etc/nginx-certs
+          readOnly: true
+  nginx-conf:
+    enabled: true
+    type: configmap
+    objectName: nginx
+    defaultMode: "0600"
+    items:
+      - key: nginx.conf
+        path: nginx.conf
+    targetSelector:
+      nginx:
+        nginx:
+          mountPath: /etc/nginx
+          readOnly: true
+  {{- end -}}
+
+  {{- include "ix.v1.common.app.postgresPersistence"
+      (dict "pgData" .Values.ncStorage.pgData
+            "pgBackup" .Values.ncStorage.pgBackup
+      ) | nindent 2 }}
+{{- end -}}
+
+{{- define "isOldIxVol" -}}
+  {{- $oldDatasetName := "ix-nextcloud_data" -}}
+  {{- $isOld := "false" -}}
+  {{- $storage := .storage -}}
+
+  {{- if eq $storage.type "ixVolume" -}}
+    {{- if eq $storage.ixVolumeConfig.datasetName $oldDatasetName -}}
+      {{- $isOld = "true" -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- $isOld }}
+{{- end -}}

charts/nextcloud/2.0.0/templates/_portal.tpl

@@ -0,0 +1,12 @@
+{{- define "nextcloud.portal" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: portal
+data:
+  port: {{ .Values.ncNetwork.webPort | quote }}
+  path: "/"
+  protocol: "http"
+  host: $node_ip
+{{- end -}}

charts/nextcloud/2.0.0/templates/_postgres.tpl

@@ -0,0 +1,12 @@
+{{- define "postgres.workload" -}}
+  {{- $backupSecretName := "postgres-creds" -}}
+  {{- if eq (include "nextcloud.is-migration" $) "true" }}
+    {{- $backupSecretName = "postgres-backup-creds" -}}
+  {{- end }}
+workload:
+{{- include "ix.v1.common.app.postgres" (dict "secretName" "postgres-creds"
+                                              "backupSecretName" $backupSecretName
+                                              "resources" .Values.resources
+                                              "imageSelector" "ncPostgresImage"
+                                              "ixChartContext" .Values.ixChartContext) | nindent 2 }}
+{{- end -}}

charts/nextcloud/2.0.0/templates/_redis.tpl

@@ -0,0 +1,6 @@
+{{- define "redis.workload" -}}
+workload:
+{{- include "ix.v1.common.app.redis" (dict  "secretName" "redis-creds"
+                                            "resources" .Values.resources) | nindent 2 }}
+
+{{- end -}}

charts/nextcloud/2.0.0/templates/_service.tpl

@@ -0,0 +1,49 @@
+{{- define "nextcloud.service" -}}
+service:
+  nextcloud:
+    enabled: true
+    primary: true
+    {{- if not .Values.ncNetwork.certificateID }}
+    type: NodePort
+    {{- else }}
+    type: ClusterIP
+    {{- end }}
+    targetSelector: nextcloud
+    ports:
+      webui:
+        enabled: true
+        primary: true
+        {{- if not .Values.ncNetwork.certificateID }}
+        nodePort: {{ .Values.ncNetwork.webPort }}
+        {{- end }}
+        port: 80
+        targetPort: 80
+        targetSelector: nextcloud
+  {{- if .Values.ncNetwork.certificateID }}
+  nextcloud-nginx:
+    enabled: true
+    type: NodePort
+    targetSelector: nginx
+    ports:
+      webui-tls:
+        enabled: true
+        port: {{ .Values.ncNetwork.webPort }}
+        nodePort: {{ .Values.ncNetwork.webPort }}
+        targetPort: {{ .Values.ncNetwork.webPort }}
+        targetSelector: nginx
+  {{- end }}
+
+  # Redis
+  redis:
+    enabled: true
+    type: ClusterIP
+    targetSelector: redis
+    ports:
+      redis:
+        enabled: true
+        primary: true
+        port: 6379
+        targetPort: 6379
+        targetSelector: redis
+  {{- include "ix.v1.common.app.postgresService" $ | nindent 2 }}
+{{- end -}}

charts/nextcloud/2.0.0/templates/common.yaml

@@ -0,0 +1,38 @@
+{{- include "ix.v1.common.loader.init" . -}}
+
+{{- include "nextcloud.migration" $ -}}
+
+{{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "nextcloud.workload" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "nextcloud.configuration" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "nextcloud.configs" $ | fromYaml) -}}
+{{- if .Values.ncNetwork.certificateID }}
+  {{- $_ := mustMergeOverwrite .Values (include "nginx.workload" $ | fromYaml) -}}
+{{- end }}
+{{- if .Values.ncConfig.cron.enabled }}
+  {{- $_ := mustMergeOverwrite .Values (include "nextcloud.cron" $ | fromYaml) -}}
+{{- end }}
+{{- $_ := mustMergeOverwrite .Values (include "nginx.configuration" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "postgres.workload" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "redis.workload" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "nextcloud.service" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "nextcloud.persistence" $ | fromYaml) -}}
+
+{{/* Mutate postgres backup command to handle nextcloud config */}}
+{{- $cmd := .Values.workload.postgresbackup.podSpec.containers.postgresbackup.command -}}
+{{- $temp := printf ("%s\n%s\n%s\n%s\n%s\n%s\n%s")
+  "echo 'Fetching password from config.php'"
+  "# sed removes ' , => spaces and db* from the string"
+  "POSTGRES_USER=$(cat /nc-config/config/config.php | grep 'dbuser' | sed \"s/dbuser\\| \\|'\\|,\\|=>//g\")"
+  "POSTGRES_PASSWORD=$(cat /nc-config/config/config.php | grep 'dbpassword' | sed \"s/dbpassword\\| \\|'\\|,\\|=>//g\")"
+  "POSTGRES_DB=$(cat /nc-config/config/config.php | grep 'dbname' | sed \"s/dbname\\| \\|'\\|,\\|=>//g\")"
+  "[ -n \"$POSTGRES_USER\" ] && [ -n \"$POSTGRES_PASSWORD\" ] && [ -n \"$POSTGRES_DB\" ] && echo 'User, Database and password fetched from config.php'"
+  (index $cmd 2) -}}
+{{- $newCmd := (list (index $cmd 0) (index $cmd 1) $temp) -}}
+{{- $_ := set .Values.workload.postgresbackup.podSpec.containers.postgresbackup "command" $newCmd -}}
+{{- $_ := set .Values.workload.postgresbackup.podSpec "securityContext" (dict "fsGroup" "33") -}}
+
+{{/* Create the configmap for portal manually*/}}
+{{- include "nextcloud.portal" $ -}}
+
+{{- include "ix.v1.common.loader.apply" . -}}

charts/nextcloud/2.0.0/to_keep_versions.md

@@ -0,0 +1,17 @@
+# To keep versions
+
+## 1.6.29
+
+Latest 26.x.x version
+
+## 1.6.53
+
+Latest 27.x.x version
+
+## 1.6.59
+
+Latest 28.x.x version
+
+## 1.6.61
+
+Latest release before migration to 2.x.x