From 666c1b30979226799db3439fc8010f149c5a670b Mon Sep 17 00:00:00 2001 From: vfebvre Date: Mon, 4 Sep 2023 12:40:18 +0200 Subject: [PATCH] change for the new patch system for kustomize (remove strategyMerge and JSON patch) --- .../dev/patches/ConfigMap-ldap-script.yaml | 11 +- ...redis-config.yaml => ConfigMap-redis.yaml} | 2 +- overlays/dev/patches/ConfigMaps.yaml | 14 - overlays/dev/patches/deployment.yaml | 271 ++++++++++++++++++ overlays/dev/patches/ingress-nextcloud.yaml | 36 --- overlays/dev/patches/nextcloud-ldap.yaml | 75 ----- overlays/dev/patches/nextcloud-patch.yaml | 26 -- overlays/dev/patches/nextcloud-postgres.yaml | 34 --- overlays/dev/patches/nextcloud-probe.yaml | 47 --- overlays/dev/patches/nextcloud-smtp.yaml | 26 -- overlays/dev/patches/nextcloud-tenant.yaml | 33 +++ overlays/dev/patches/nextcloud-variables.yaml | 34 --- overlays/dev/patches/tenant-conf.yaml | 21 -- 13 files changed, 313 insertions(+), 317 deletions(-) rename overlays/dev/patches/{redis-config.yaml => ConfigMap-redis.yaml} (88%) delete mode 100644 overlays/dev/patches/ConfigMaps.yaml create mode 100644 overlays/dev/patches/deployment.yaml delete mode 100644 overlays/dev/patches/ingress-nextcloud.yaml delete mode 100644 overlays/dev/patches/nextcloud-ldap.yaml delete mode 100644 overlays/dev/patches/nextcloud-patch.yaml delete mode 100644 overlays/dev/patches/nextcloud-postgres.yaml delete mode 100644 overlays/dev/patches/nextcloud-probe.yaml delete mode 100644 overlays/dev/patches/nextcloud-smtp.yaml create mode 100644 overlays/dev/patches/nextcloud-tenant.yaml delete mode 100644 overlays/dev/patches/nextcloud-variables.yaml delete mode 100644 overlays/dev/patches/tenant-conf.yaml diff --git a/overlays/dev/patches/ConfigMap-ldap-script.yaml b/overlays/dev/patches/ConfigMap-ldap-script.yaml index 60915a6..f6405b8 100644 --- a/overlays/dev/patches/ConfigMap-ldap-script.yaml +++ b/overlays/dev/patches/ConfigMap-ldap-script.yaml @@ -39,9 +39,10 @@ data: ## test if backend ldap is activated and create empty config if not # #touch /tmp/nxt-ldap.txt - #su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nextcloud-ldap.txt" www-data - #if grep -q "Invalid configID" /tmp/nextcloud-ldap.txt; then - # sudo -u www-data php /var/www/html/nextcloud/occ ldap:create-empty-config -q + #su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data + #if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then + # su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data + # #sudo -u www-data php /var/www/html/nextcloud/occ ldap:create-empty-config -q #fi # Configurez LDAP (configuration minimale) @@ -56,11 +57,15 @@ data: su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapExperiencedAdmin '${NEXTCLOUD_LDAP_ADMIN_EXP}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapExpertUUIDUserAttr '${NEXTCLOUD_LDAP_EXP_UUID}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapLoginFilter '${NEXTCLOUD_LDAP_LOGIN_FILTER}'" www-data + su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapLoginFilterAttributes '${NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapPort '${NEXTCLOUD_LDAP_PORT}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapUserFilter '${NEXTCLOUD_LDAP_USR_FILTR}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapUserFilterObjectclass '${NEXTCLOUD_LDAP_OBJ_FILTR}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapEmailAttribute '${NEXTCLOUD_LDAP_MAIL_ATTR}'" www-data su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapUserDisplayName '${NEXTCLOUD_LDAP_USER_DISP}'" www-data + su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilter '${NEXTCLOUD_LDAP_GROUP_FILTR}'" www-data + su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilterObjectclass '${NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS}'" www-data + su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupMemberAssocAttr '${NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO}'" www-data #sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilter "${ldapGroupFilter}" #sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilterObjectclass "${ldapGroupFilterObjectclass}" diff --git a/overlays/dev/patches/redis-config.yaml b/overlays/dev/patches/ConfigMap-redis.yaml similarity index 88% rename from overlays/dev/patches/redis-config.yaml rename to overlays/dev/patches/ConfigMap-redis.yaml index fd6d819..113f162 100644 --- a/overlays/dev/patches/redis-config.yaml +++ b/overlays/dev/patches/ConfigMap-redis.yaml @@ -6,4 +6,4 @@ data: redis-config: | maxmemory 4mb maxmemory-policy volatile-lru - appendonly yes + appendonly yes \ No newline at end of file diff --git a/overlays/dev/patches/ConfigMaps.yaml b/overlays/dev/patches/ConfigMaps.yaml deleted file mode 100644 index 4f8dea7..0000000 --- a/overlays/dev/patches/ConfigMaps.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: update-config -data: - custom-script.sh: | - #!/bin/sh - - HOSTS_FILE="/etc/hosts" - - # Ajoutez l'entrée au fichier hosts - MINIO_SERVICE_IP="${MINIO_SERVICE_HOST}" - MINIO_NAME="${MINIO_SERVICE_NAME}" - echo "$MINIO_SERVICE_IP" minio >> $HOSTS_FILE \ No newline at end of file diff --git a/overlays/dev/patches/deployment.yaml b/overlays/dev/patches/deployment.yaml new file mode 100644 index 0000000..62c19b4 --- /dev/null +++ b/overlays/dev/patches/deployment.yaml @@ -0,0 +1,271 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: nextcloud + component: app + name: app +spec: +# serviceName: nextcloud + replicas: 1 + selector: + matchLabels: + app: nextcloud + component: app + template: + metadata: + labels: + app: nextcloud + component: app + spec: + containers: + - image: reg.cadoles.com/proxy_cache/library/nextcloud:27.0.2-apache + imagePullPolicy: Always + name: app + ports: + - containerPort: 80 + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "cp /var/run/secrets/kubernetes.io/serviceaccount/ca.crt /usr/local/share/ca-certificates/ks.crt && update-ca-certificates && /etc/script/poststart-ldap.sh && touch /etc/script/try01.txt"] +# envFrom: +# - configMapRef: +# name: nextcloud-env + env: + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: nextcloud-postgres-app + key: username + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: nextcloud-postgres-app + key: password + - name: POSTGRES_HOST + value: $(NEXTCLOUD_POSTGRES_RW_SERVICE_HOST) #value: nextcloud-postgres-rw.nextcloud.svc.cluster.local + - name: NEXTCLOUD_ADMIN_USER + value: admincadoles + - name: NEXTCLOUD_ADMIN_PASSWORD # 5 + value: CadolesNotSecret + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: "*.cadoles.fr" + - name: NEXTCLOUD_INIT_LOCK + value: "true" + - name: PHP_MEMORY_LIMIT + value: 512M + - name: PHP_UPLOAD_LIMIT + value: 4G + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: REDIS_HOST + value: redis # équivaut à redis.nextcloud.svc.cluster.local +# value: $(RFS_NEXTCLOUD_REDIS_SERVICE_HOST) => For redis-operator + - name: REDIS_HOST_PORT + value: "6379" + ###################### + # Partie minio S3 + - name: OBJECTSTORE_S3_HOST + value: minio:$(MINIO_SERVICE_PORT) +# value: $(MINIO_SERVICE_NAME):$(MINIO_SERVICE_PORT) + - name: OBJECTSTORE_S3_BUCKET + value: nextcloud-minio + - name: OBJECTSTORE_S3_KEY # 15 + value: minio_root + - name: OBJECTSTORE_S3_SECRET + value: MinioRootNotSoSecret + - name: OBJECTSTORE_S3_USEPATH_STYLE + value: "true" + - name: OBJECTSTORE_S3_SSL # 18 + value: "true" + ################################## +# Mise en place SMTP + - name: MAIL_FROM_ADDRESS + value: "nextcloud" + - name: MAIL_DOMAIN + value: "cadoles.com" + - name: SMTP_HOST + value: "groupware.cadoles.com" + - name: SMTP_SECURE + value: "STARTTLS" + - name: SMTP_PORT + value: "587" + - name: SMTP_AUTHTYPE + value: "LOGIN" + - name: SMTP_NAME + valueFrom: + secretKeyRef: + name: nextcloud-smtp + key: smtp-username + - name: SMTP_PASSWORD + valueFrom: + secretKeyRef: + name: nextcloud-smtp + key: smtp-password + + - name: NEXTCLOUD_DATA_DIR + value: "/var/www/html/data" + ##ADD LDAP CONF + - name: NEXTCLOUD_LDAP_HOST + value: ldaps://ldap.cadoles.com + - name: NEXTCLOUD_LDAP_BASE + value: ou=cadoles,o=gouv,c=fr + - name: NEXTCLOUD_LDAP_DN + value: cn=reader,o=gouv,c=fr + - name: NEXTCLOUD_LDAP_PASSWD + value: "phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae" + - name: NEXTCLOUD_LDAP_BASE_GROUPS + value: ou=groups,ou=cadoles,o=gouv,c=fr + - name: NEXTCLOUD_LDAP_BASE_USERS + value: ou=users,ou=cadoles,o=gouv,c=fr + - name: NEXTCLOUD_LDAP_ACTIVE_CONF + value: "1" + - name: NEXTCLOUD_LDAP_ADMIN_EXP + value: "0" + - name: NEXTCLOUD_LDAP_EXP_UUID + value: cn + - name: NEXTCLOUD_LDAP_LOGIN_FILTER + value: (&(objectClass=person)(cn=%uid)) + - name: NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR + value: uid + - name: NEXTCLOUD_LDAP_PORT + value: "636" + - name: NEXTCLOUD_LDAP_USR_FILTR + value: (|(objectclass=person)) + - name: NEXTCLOUD_LDAP_OBJ_FILTR + value: person + - name: NEXTCLOUD_LDAP_MAIL_ATTR + value: mail + - name: NEXTCLOUD_LDAP_USER_DISP + value: cn + - name: NEXTCLOUD_LDAP_GROUP_FILTR + value: (&(|(objectclass=cadolesGroup))) + - name: NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS + value: cadolesGroup + - name: NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO + value: gidNumber + + livenessProbe: # vérifie si c'est planté ou non + httpGet: + path: /status.php + port: 80 # en reférence à ingress.yaml ? + httpHeaders: + - name: Host + value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml + initialDelaySeconds: 50 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + readinessProbe: # vérifie si c'est ok pour envoyer des requête ou non + httpGet: + path: /status.php + port: 80 # en référence à ingress.yaml ? + httpHeaders: + - name: Host + value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml + initialDelaySeconds: 50 + periodSeconds: 10 + timeoutSeconds: 5 + successThreshold: 1 + failureThreshold: 6 + + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main-volume + - mountPath: /var/www/html + name: nextcloud-html-volume + - mountPath: /var/www/html/data + name: nextcloud-data-volume + - mountPath: /var/www/html/config + name: nextcloud-config-volume + - mountPath: /var/www/html/custom_apps + name: nextcloud-custom-volume + - mountPath: /var/www/tmp + name: nextcloud-tmp-volume + - mountPath: /var/www/html/themes + name: nextcloud-themes-volume + +# ICI montage pour les script ! + - mountPath: /etc/script/poststart-ldap.sh + name: script-config-ldap + subPath: poststart-ldap.sh + - mountPath: /etc/script/custom-script.sh + name: update-config-script + subPath: custom-script.sh + - mountPath: /etc/minio-ccerts + name: minio-certs + readOnly: true + + # MOUNT-TRY-multi-instance +# - name: nextcloud-config-volume # monte le fichier de configuration dans +# mountPath: /var/www/html/config # les instances supplémentaire +# readOnly: false # via le configmap ConfigMaps-php.yaml + + restartPolicy: Always + serviceAccountName: nextcloud-sa # declare user for initcontainer + + # trois volumes pour les script + volumes: + - name: minio-certs + secret: + secretName: nextcloud-minio-tls # montage des certificat de minio + - name: update-config-script + configMap: + name: update-config + defaultMode: 0744 + - name: script-config-ldap + configMap: + name: script-config-ldap + defaultMode: 0744 + +# MOUNT-TRY-multi-instance +# - name: nextcloud-config-volume # permet de monter le fichier de configuration dans +# configMap: # les instances supplémentaires +# name: nextcloud-config # via le configmap ConfigMaps-php.yaml + + - name: nextcloud-main-volume + persistentVolumeClaim: + claimName: nextcloud-main-pvc + - name: nextcloud-html-volume + persistentVolumeClaim: + claimName: nextcloud-html-pvc + - name: nextcloud-data-volume + persistentVolumeClaim: + claimName: nextcloud-data-pvc + - name: nextcloud-config-volume + persistentVolumeClaim: + claimName: nextcloud-config-pvc + - name: nextcloud-custom-volume + persistentVolumeClaim: + claimName: nextcloud-custom-pvc + - name: nextcloud-tmp-volume + persistentVolumeClaim: + claimName: nextcloud-tmp-pvc + - name: nextcloud-themes-volume + persistentVolumeClaim: + claimName: nextcloud-themes-pvc + + initContainers: # cf README.md part ##YAML explain / ### PODS WAIT + - name: wait-for-bootstrap + image: reg.cadoles.com/proxy_cache/groundnuty/k8s-wait-for:v1.3 + args: + - job + - $(MINIO_BOOTSTRAP_JOB_NAME) + + +##################################################### +# For REDIS-OPERATOR USE THIS TO SET PORT +##################################################### +# - name: REDIS_HOST_PORT +# value: $(RFS_NEXTCLOUD_REDIS_SERVICE_PORT) +# - name: REDIS_HOST_PASSWORD +# valueFrom: +# secretKeyRef: +# name: redis-secret +# key: password +##################################################### diff --git a/overlays/dev/patches/ingress-nextcloud.yaml b/overlays/dev/patches/ingress-nextcloud.yaml deleted file mode 100644 index 4243a29..0000000 --- a/overlays/dev/patches/ingress-nextcloud.yaml +++ /dev/null @@ -1,36 +0,0 @@ -#- op: replace -# path: /metadata/annotations/nginx.ingress.kubernetes.io~1proxy-body-size -# value: "1G" -#- op: replace -# path: /metadata/annotations/nginx.ingress.kubernetes.io~1enable-cors -# value: "true" -#- op: replace -# path: /metadata/annotations/nginx.ingress.kubernetes.io~1cors-allow-headers -# value: "X-Forwarded-For" - -# En cas de besoin -#- op: add -# path: /metadata/annotations/nginx.ingress.kubernetes.io~1client_max_body_size -# value: "100m" - -#- op: replace -# path: /spec/rules/0/host -# value: nxt.cadoles.fr -#- op: replace -# path: /spec/rules/0/http/paths/0/path -# value: / -#- op: replace -# path: /spec/rules/0/http/paths/0/pathType -# value: Prefix -#- op: replace -# path: /spec/rules/0/http/paths/0/backend/service/name -# value: nextcloud -#- op: replace -# path: /spec/rules/0/http/paths/0/backend/service/port/number -# value: 80 - - - -# logiquement path = -# path: /metadata/annotations/nginx.ingress.kubernetes.io/proxy-body-size -# sauf que ... json voila, "/" est à remplacer par ~1 \ No newline at end of file diff --git a/overlays/dev/patches/nextcloud-ldap.yaml b/overlays/dev/patches/nextcloud-ldap.yaml deleted file mode 100644 index 5223f3c..0000000 --- a/overlays/dev/patches/nextcloud-ldap.yaml +++ /dev/null @@ -1,75 +0,0 @@ -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_HOST - value: openldap.openldap -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_BASE - value: dc=example,dc=org -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_DN - value: cn=admin,dc=example,dc=org -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_PASSWD - value: "adminpassword" -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_BASE_GROUPS - value: dc=example,dc=org -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_BASE_USERS - value: ou=users,dc=example,dc=org -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_ACTIVE_CONF - value: "1" -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_ADMIN_EXP - value: "0" -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_EXP_UUID - value: cn -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_LOGIN_FILTER - value: (&(objectClass=posixAccount)(cn=%uid)) -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_PORT - value: "1389" -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_USR_FILTR - value: (|(objectclass=posixAccount)) -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_OBJ_FILTR - value: posixAccount -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_MAIL_ATTR - value: mail -- op: add - path: "/spec/template/spec/containers/0/env/-" - value: - name: NEXTCLOUD_LDAP_USER_DISP - value: cn \ No newline at end of file diff --git a/overlays/dev/patches/nextcloud-patch.yaml b/overlays/dev/patches/nextcloud-patch.yaml deleted file mode 100644 index 85375d3..0000000 --- a/overlays/dev/patches/nextcloud-patch.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: app -spec: - template: - spec: - containers: - - name: app - env: - - name: NEXTCLOUD_ADMIN_USER - value: admincadoles - - name: NEXTCLOUD_ADMIN_PASSWORD - value: cadoles - - name: PHP_MEMORY_LIMIT - value: 512M - - name: PHP_UPLOAD_LIMIT - value: 4G - - name: REDIS_HOST - value: redis - - name: REDIS_HOST_PORT - value: "6379" - - name: NEXTCLOUD_DATA_DIR - value: "/var/www/html/data" - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: "*.cadoles.fr" diff --git a/overlays/dev/patches/nextcloud-postgres.yaml b/overlays/dev/patches/nextcloud-postgres.yaml deleted file mode 100644 index 4bc95fa..0000000 --- a/overlays/dev/patches/nextcloud-postgres.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# USER POSTGRES -# UNIQUEMENT Si vous ne passez pas par l'operateur. -#- op: replace -# path: /spec/template/spec/containers/env/0/value #POSTGRES_DB -# value: username -#- op: replace -# path: /spec/template/spec/containers/env/1/value #POSTGRES_USER -# value: username -#- op: replace -# path: /spec/template/spec/containers/env/2/value #POSTGRES_PASSWORD -# value: password - -# CONF POSTGRES -- op: replace - path: /spec/template/spec/containers/0/env/3/value #POSTGRES_HOST - value: $(NEXTCLOUD_POSTGRES_RW_SERVICE_HOST) -- op: replace - path: /spec/template/spec/containers/0/env/0/value #POSTGRES_DB - value: nextcloud - - -#Name: nextcloud-postgres-app -#Namespace: nextcloud -#Labels: cnpg.io/cluster=nextcloud-postgres -# cnpg.io/reload=true -#Annotations: cnpg.io/operatorVersion: 1.18.1 -# -#Type: kubernetes.io/basic-auth -# -#Data -#==== -#password: 64 bytes -#pgpass: 112 bytes -#username: 9 bytes diff --git a/overlays/dev/patches/nextcloud-probe.yaml b/overlays/dev/patches/nextcloud-probe.yaml deleted file mode 100644 index 8b30e15..0000000 --- a/overlays/dev/patches/nextcloud-probe.yaml +++ /dev/null @@ -1,47 +0,0 @@ -# livenessProbe -- op: replace - path: /spec/template/spec/containers/0/livenessProbe/httpGet/httpHeaders/0/value - value: nxt.cadoles.fr -- op: replace - path: /spec/template/spec/containers/0/livenessProbe/httpGet/port - value: 80 -- op: replace - path: /spec/template/spec/containers/0/livenessProbe/initialDelaySeconds - value: 50 -- op: replace - path: /spec/template/spec/containers/0/livenessProbe/periodSeconds - value: 10 -- op: replace - path: /spec/template/spec/containers/0/livenessProbe/timeoutSeconds - value: 5 -- op: replace - path: /spec/template/spec/containers/0/livenessProbe/successThreshold - value: 1 -- op: replace - path: /spec/template/spec/containers/0/livenessProbe/failureThreshold - value: 6 - - -# readinessProbe -- op: replace - path: /spec/template/spec/containers/0/readinessProbe/httpGet/httpHeaders/0/value - value: nxt.cadoles.fr -- op: replace - path: /spec/template/spec/containers/0/readinessProbe/httpGet/port - value: 80 -- op: replace - path: /spec/template/spec/containers/0/readinessProbe/initialDelaySeconds - value: 50 -- op: replace - path: /spec/template/spec/containers/0/readinessProbe/periodSeconds - value: 10 -- op: replace - path: /spec/template/spec/containers/0/readinessProbe/timeoutSeconds - value: 5 -- op: replace - path: /spec/template/spec/containers/0/readinessProbe/successThreshold - value: 1 -- op: replace - path: /spec/template/spec/containers/0/readinessProbe/failureThreshold - value: 6 - diff --git a/overlays/dev/patches/nextcloud-smtp.yaml b/overlays/dev/patches/nextcloud-smtp.yaml deleted file mode 100644 index c72aa6c..0000000 --- a/overlays/dev/patches/nextcloud-smtp.yaml +++ /dev/null @@ -1,26 +0,0 @@ -- op: replace - path: /spec/template/spec/containers/0/env/19/value #MAIL_FROM_ADDRESS - value: "usercadoles" -- op: replace - path: /spec/template/spec/containers/0/env/20/value #MAIL_DOMAIN - value: "cadoles.com" -- op: replace - path: /spec/template/spec/containers/0/env/21/value #SMTP_HOST - value: "groupware.cadoles.com" -- op: replace - path: /spec/template/spec/containers/0/env/22/value #SMTP_SECURE - value: "ssl" -- op: replace - path: /spec/template/spec/containers/0/env/23/value #SMTP_PORT - value: "587" -- op: replace - path: /spec/template/spec/containers/0/env/24/value #SMTP_AUTHTYPE - value: "LOGIN" - -# THEORIQUEMENT LA MODIFICATION du secret generator lié dans kustomize suffit. -#- op: replace -# path: /spec/template/spec/containers/0/env/25/value #SMTP_NAME -# value: -#- op: replace -# path: /spec/template/spec/containers/0/env/26/value #SMTP_PASSWORD -# value: diff --git a/overlays/dev/patches/nextcloud-tenant.yaml b/overlays/dev/patches/nextcloud-tenant.yaml new file mode 100644 index 0000000..0875c24 --- /dev/null +++ b/overlays/dev/patches/nextcloud-tenant.yaml @@ -0,0 +1,33 @@ +apiVersion: minio.min.io/v2 +kind: Tenant +metadata: + name: nextcloud-minio +spec: + certConfig: + dnsNames: + - "minio" + pools: + - servers: 2 + name: pool-0 + volumesPerServer: 3 + volumeClaimTemplate: + metadata: + name: nextcloud-minio-data # juste son nom dans le cluster + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi + # env: + # - name: MINIO_CONSOLE_TLS_ENABLE + # value: "off" + containerSecurityContext: + runAsUser: 1000 + runAsGroup: 1000 + runAsNonRoot: true + configuration: + name: nextcloud-minio-configuration + users: + - name: nextcloud-minio-user + diff --git a/overlays/dev/patches/nextcloud-variables.yaml b/overlays/dev/patches/nextcloud-variables.yaml deleted file mode 100644 index e3e7d44..0000000 --- a/overlays/dev/patches/nextcloud-variables.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# USER MDP NEXTCLOUD -- op: replace - path: /spec/template/spec/containers/0/env/4/value #NEXTCLOUD_ADMIN_USER - value: admincadoles -- op: replace - path: /spec/template/spec/containers/0/env/5/value #NEXTCLOUD_ADMIN_PASSWORD - value: CadolesNotSecret - -# CONF NEXTCLOUD PHP - -- op: replace - path: /spec/template/spec/containers/0/env/8/value #PHP_MEMORY_LIMIT - value: 512M -- op: replace - path: /spec/template/spec/containers/0/env/9/value #PHP_UPLOAD_LIMIT - value: 4G - -# CONF NEXTCLOUD REDIS - -- op: replace - path: /spec/template/spec/containers/0/env/11/value #REDIS_HOST - value: redis -- op: replace - path: /spec/template/spec/containers/0/env/12/value #REDIS_HOST_PORT - value: "6379" - -# CONF NEXTCLOUD - -#- op: replace -# path: /spec/template/spec/containers/0/env/27/value #NEXTCLOUD_DATA_DIR -# value: "/var/www/html/data" -- op: replace - path: /spec/template/spec/containers/0/env/6/value #NEXTCLOUD_TRUSTED_DOMAINS - value: "*.cadoles.fr" diff --git a/overlays/dev/patches/tenant-conf.yaml b/overlays/dev/patches/tenant-conf.yaml deleted file mode 100644 index d1afac5..0000000 --- a/overlays/dev/patches/tenant-conf.yaml +++ /dev/null @@ -1,21 +0,0 @@ -- op: replace - path: /spec/certConfig/dnsNames - value: ["minio"] -- op: replace - path: /spec/pools/0/servers - value: 2 -- op: replace - path: /spec/pools/0/volumesPerServer - value: 3 -- op: replace - path: /spec/pools/0/volumeClaimTemplate/spec/resources/requests/storage - value: 3Gi -- op: replace - path: /spec/pools/0/containerSecurityContext/runAsUser - value: 1000 -- op: replace - path: /spec/pools/0/containerSecurityContext/runAsGroup - value: 1000 -- op: replace - path: /spec/pools/0/containerSecurityContext/runAsNonRoot - value: true