truenas/library/ix-dev/charts/nextcloud/templates/deployment.yaml

{{ include "common.storage.hostPathValidate" .Values }}
{{ $postgres_values := (. | mustDeepCopy) }}
{{ $_ := set $postgres_values "common" (dict "nameSuffix" "postgres") }}
{{ include "common.deployment.common_config" . | nindent 0 }}
spec: {{ include "common.deployment.common_spec" . | nindent 2 }}
  template: {{ include "common.deployment.pod.metadata" . | nindent 4 }}
    spec:
      initContainers:
        - name: init-postgresdb
          image: {{ template "postgres.imageName" . }}
          command: ['sh', '-c', "until pg_isready -U $POSTGRES_USER -d {{ include "postgres.DatabaseName" .Values }} -h {{ template "common.names.fullname" $postgres_values }}; do echo waiting for postgres; sleep 2; done"]
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          env: {{ include "postgres.envVariableConfiguration" $postgres_values | nindent 10 }}

      containers:
      {{ if eq (include "nginx.certAvailable" .) "true" }}
      - name: nginx
        {{ include "common.containers.imageConfig" .Values.nginx.image | nindent 8 }}
        volumeMounts:
          - name: nginx-configuration
            mountPath: /etc/nginx/nginx.conf
            subPath: nginx.conf
          {{ include "nginx.tlsKeysVolumeMount" . | nindent 10 }}
        ports:
          - name: nginx-http
            containerPort: 8000
            protocol: TCP
          - name: nginx-https
            containerPort: {{ .Values.service.nodePort }}
            protocol: TCP
        livenessProbe:
          httpGet:
            scheme: HTTPS
            path: /status.php
            port: {{ .Values.service.nodePort }}
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 1
        readinessProbe:
          httpGet:
            scheme: HTTPS
            path: /status.php
            port: {{ .Values.service.nodePort }}
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 2
        startupProbe:
          httpGet:
            scheme: HTTPS
            path: /status.php
            port: {{ .Values.service.nodePort }}
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 30
          periodSeconds: 5
          timeoutSeconds: 2
          failureThreshold: 60
          successThreshold: 1
      {{ end }}
      - name: {{ .Chart.Name }}
          {{ include "common.resources.limitation" . | nindent 8 }}
        {{ include "common.containers.imageConfig" .Values.image | nindent 8 }}
        env: {{ include "postgres.envVariableConfiguration" $postgres_values | nindent 10 }}
        {{ $secretName := (include "common.names.fullname" .) }}
        {{ $envList := (default list .Values.environmentVariables) }}
        {{- $_ := set .Values "nextcloudDbHost" (include "common.names.fullname" $postgres_values) -}} {{/* Temprary store it on values to display it on NOTES */}}
        {{ $envList = mustAppend $envList (dict "name" "POSTGRES_HOST" "value" (printf "%s:5432" (include "common.names.fullname" $postgres_values))) }}
        {{ $envList = mustAppend $envList (dict "name" "POSTGRES_DB" "value" (include "postgres.DatabaseName" .)) }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_DATA_DIR" "value" .Values.nextcloud.datadir) }}
        {{ $envList = mustAppend $envList (dict "name" "PHP_UPLOAD_LIMIT" "value" (printf "%vG" (.Values.nextcloud.max_upload_size | default 3))) }}
        {{ $envList = mustAppend $envList (dict "name" "PHP_MEMORY_LIMIT" "value" (printf "%vM" (.Values.nextcloud.php_memory_limit | default 512))) }}
        {{ if eq (include "nginx.certAvailable" .) "true" }}
        {{ $envList = mustAppend $envList (dict "name" "APACHE_DISABLE_REWRITE_IP" "value" "1") }}
          {{ if and .Values.nextcloud.host .Values.service.nodePort }}
            {{ if .Values.nginxConfig.use443 }}
        {{ $envList = mustAppend $envList (dict "name" "OVERWRITEHOST" "value" .Values.nextcloud.host) }}
            {{ else }}
        {{ $envList = mustAppend $envList (dict "name" "OVERWRITEHOST" "value" (printf "%v:%v" .Values.nextcloud.host .Values.service.nodePort)) }}
            {{ end }}
          {{ end }}
        {{ $envList = mustAppend $envList (dict "name" "OVERWRITEPROTOCOL" "value" "https") }}
        {{ $envList = mustAppend $envList (dict "name" "TRUSTED_PROXIES" "value" "127.0.0.1") }}
        {{ end }}
        {{ $hostName := .Values.nextcloud.host }}
        {{ if .Values.useServiceNameForHost }}
        {{ $hostName = (include "common.names.fullname" .) }}
        {{ end }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_TRUSTED_DOMAINS" "value" $hostName) }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_ADMIN_USER" "valueFromSecret" true "secretName" $secretName "secretKey" "nextcloud-username") }}
        {{ $envList = mustAppend $envList (dict "name" "NEXTCLOUD_ADMIN_PASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "nextcloud-password") }}
        {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 10 }}
        ports:
        - name: http
          containerPort: 80
          protocol: TCP
        livenessProbe:
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 1
        readinessProbe:
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: localhost
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 5
          successThreshold: 1
        startupProbe:
        {{ $cmds := list }}
        {{ if .Values.nextcloud.install_ffmpeg }}
          {{ $cmds = mustAppend $cmds "ffmpeg" }}
        {{ end }}
        {{ if .Values.nextcloud.install_smbclient }}
          {{ $cmds = mustAppend $cmds "smbclient" }}
        {{ end }}
        {{ if $cmds }}
          exec:
            command:
              - /bin/sh
              - -c
              - |
                commands_to_check={{ join " " $cmds }}
                for comm in $commands_to_check; do
                  if ! command -v $comm /dev/null 2>&1; then
                    echo "Command $comm not found"
                    exit 1
                  fi
                done
        {{ else }}
          httpGet:
            path: /status.php
            port: http
            httpHeaders:
            - name: Host
              value: localhost
        {{ end }}
          initialDelaySeconds: 60
          periodSeconds: 10
          timeoutSeconds: 2
          failureThreshold: 100
          successThreshold: 1
        volumeMounts:
        - name: nextcloud-data
          mountPath: /var/www/
          subPath: "root"
        - name: nextcloud-data
          mountPath: /var/www/html
          subPath: "html"
        - name: nextcloud-data
          mountPath: {{ .Values.nextcloud.datadir }}
          subPath: "data"
        - name: nextcloud-data
          mountPath: /var/www/html/config
          subPath: "config"
        - name: nextcloud-data
          mountPath: /var/www/html/custom_apps
          subPath: "custom_apps"
        - name: nextcloud-data
          mountPath: /var/www/tmp
          subPath: "tmp"
        - name: nextcloud-data
          mountPath: /var/www/html/themes
          subPath: "themes"
        - name: nextcloud-configuration
          # We use -z-99 to ensure that this file is loaded
          # after the default opcache file nextcloud provides.
          mountPath: /usr/local/etc/php/conf.d/opcache-z-99.ini
          subPath: opcache.ini
        - name: nextcloud-configuration
          # We use -z-99 to ensure that this file is loaded
          # after the default php config file nextcloud provides.
          mountPath: /usr/local/etc/php/conf.d/nextcloud-z-99.ini
          subPath: php.ini
        - name: nextcloud-configuration
          # https://github.com/nextcloud/docker/issues/1796
          mountPath: /etc/apache2/conf-enabled/limitrequestbody.conf
          subPath: limitrequestbody.conf
        {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
        - name: extrappvolume-{{ $index }}
          mountPath: {{ $hostPathConfiguration.mountPath }}
        {{ end }}
        {{ if $cmds }}
        lifecycle:
          postStart:
            exec:
              command:
                - /bin/sh
                - -c
                - |
                  echo "Installing {{ join " " $cmds }}..."
                  apt update && \
                  apt install -y --no-install-recommends \
                  {{ join " " $cmds }} || echo "Failed to install binary/binaries"
                  echo "Finished."
        {{ end }}
{{ include "common.networking.dnsConfiguration" .Values | nindent 6 }}
      volumes:
        - name: nextcloud-configuration
          configMap:
            defaultMode: 0755
            name: "nextcloud-configuration"
        - name: nginx-configuration
          configMap:
            defaultMode: 0700
            name: "nginx-configuration"
{{ include "nginx.tlsKeysVolume" . | nindent 8 }}
{{ if .Values.appVolumeMounts }}
{{ include "common.storage.configureAppVolumes" .Values | nindent 8 }}
{{ end }}
      {{ range $index, $hostPathConfiguration := .Values.extraAppVolumeMounts }}
        - name: extrappvolume-{{ $index }}
          hostPath:
            path: {{ $hostPathConfiguration.hostPath }}
      {{ end }}
      # Will mount configuration files as www-data (id: 33) for nextcloud
      securityContext:
        fsGroup: 33