change for the new patch system for kustomize (remove strategyMerge and JSON patch)
This commit is contained in:
parent
dbece5cad2
commit
666c1b3097
@ -39,9 +39,10 @@ data:
|
||||
## test if backend ldap is activated and create empty config if not
|
||||
#
|
||||
#touch /tmp/nxt-ldap.txt
|
||||
#su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nextcloud-ldap.txt" www-data
|
||||
#if grep -q "Invalid configID" /tmp/nextcloud-ldap.txt; then
|
||||
# sudo -u www-data php /var/www/html/nextcloud/occ ldap:create-empty-config -q
|
||||
#su -s /bin/sh -c "/var/www/html/occ ldap:show-config s01 > /tmp/nxt-ldap.txt" www-data
|
||||
#if grep -q "Invalid configID" /tmp/nxt-ldap.txt; then
|
||||
# su -s /bin/sh -c "/var/www/html/occ ldap:create-empty-config" www-data
|
||||
# #sudo -u www-data php /var/www/html/nextcloud/occ ldap:create-empty-config -q
|
||||
#fi
|
||||
|
||||
# Configurez LDAP (configuration minimale)
|
||||
@ -56,11 +57,15 @@ data:
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapExperiencedAdmin '${NEXTCLOUD_LDAP_ADMIN_EXP}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapExpertUUIDUserAttr '${NEXTCLOUD_LDAP_EXP_UUID}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapLoginFilter '${NEXTCLOUD_LDAP_LOGIN_FILTER}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapLoginFilterAttributes '${NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapPort '${NEXTCLOUD_LDAP_PORT}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapUserFilter '${NEXTCLOUD_LDAP_USR_FILTR}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapUserFilterObjectclass '${NEXTCLOUD_LDAP_OBJ_FILTR}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapEmailAttribute '${NEXTCLOUD_LDAP_MAIL_ATTR}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapUserDisplayName '${NEXTCLOUD_LDAP_USER_DISP}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilter '${NEXTCLOUD_LDAP_GROUP_FILTR}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupFilterObjectclass '${NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS}'" www-data
|
||||
su -s /bin/sh -c "/var/www/html/occ ldap:set-config s01 ldapGroupMemberAssocAttr '${NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO}'" www-data
|
||||
|
||||
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilter "${ldapGroupFilter}"
|
||||
#sudo -u www-data php /var/www/html/nextcloud/occ ldap:set-config s01 ldapGroupFilterObjectclass "${ldapGroupFilterObjectclass}"
|
||||
|
@ -1,14 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: update-config
|
||||
data:
|
||||
custom-script.sh: |
|
||||
#!/bin/sh
|
||||
|
||||
HOSTS_FILE="/etc/hosts"
|
||||
|
||||
# Ajoutez l'entrée au fichier hosts
|
||||
MINIO_SERVICE_IP="${MINIO_SERVICE_HOST}"
|
||||
MINIO_NAME="${MINIO_SERVICE_NAME}"
|
||||
echo "$MINIO_SERVICE_IP" minio >> $HOSTS_FILE
|
271
overlays/dev/patches/deployment.yaml
Normal file
271
overlays/dev/patches/deployment.yaml
Normal file
@ -0,0 +1,271 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: nextcloud
|
||||
component: app
|
||||
name: app
|
||||
spec:
|
||||
# serviceName: nextcloud
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: nextcloud
|
||||
component: app
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: nextcloud
|
||||
component: app
|
||||
spec:
|
||||
containers:
|
||||
- image: reg.cadoles.com/proxy_cache/library/nextcloud:27.0.2-apache
|
||||
imagePullPolicy: Always
|
||||
name: app
|
||||
ports:
|
||||
- containerPort: 80
|
||||
lifecycle:
|
||||
postStart:
|
||||
exec:
|
||||
command: ["/bin/sh", "-c", "cp /var/run/secrets/kubernetes.io/serviceaccount/ca.crt /usr/local/share/ca-certificates/ks.crt && update-ca-certificates && /etc/script/poststart-ldap.sh && touch /etc/script/try01.txt"]
|
||||
# envFrom:
|
||||
# - configMapRef:
|
||||
# name: nextcloud-env
|
||||
env:
|
||||
- name: POSTGRES_DB
|
||||
value: nextcloud
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-postgres-app
|
||||
key: username
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-postgres-app
|
||||
key: password
|
||||
- name: POSTGRES_HOST
|
||||
value: $(NEXTCLOUD_POSTGRES_RW_SERVICE_HOST) #value: nextcloud-postgres-rw.nextcloud.svc.cluster.local
|
||||
- name: NEXTCLOUD_ADMIN_USER
|
||||
value: admincadoles
|
||||
- name: NEXTCLOUD_ADMIN_PASSWORD # 5
|
||||
value: CadolesNotSecret
|
||||
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: "*.cadoles.fr"
|
||||
- name: NEXTCLOUD_INIT_LOCK
|
||||
value: "true"
|
||||
- name: PHP_MEMORY_LIMIT
|
||||
value: 512M
|
||||
- name: PHP_UPLOAD_LIMIT
|
||||
value: 4G
|
||||
- name: POD_INDEX
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: REDIS_HOST
|
||||
value: redis # équivaut à redis.nextcloud.svc.cluster.local
|
||||
# value: $(RFS_NEXTCLOUD_REDIS_SERVICE_HOST) => For redis-operator
|
||||
- name: REDIS_HOST_PORT
|
||||
value: "6379"
|
||||
######################
|
||||
# Partie minio S3
|
||||
- name: OBJECTSTORE_S3_HOST
|
||||
value: minio:$(MINIO_SERVICE_PORT)
|
||||
# value: $(MINIO_SERVICE_NAME):$(MINIO_SERVICE_PORT)
|
||||
- name: OBJECTSTORE_S3_BUCKET
|
||||
value: nextcloud-minio
|
||||
- name: OBJECTSTORE_S3_KEY # 15
|
||||
value: minio_root
|
||||
- name: OBJECTSTORE_S3_SECRET
|
||||
value: MinioRootNotSoSecret
|
||||
- name: OBJECTSTORE_S3_USEPATH_STYLE
|
||||
value: "true"
|
||||
- name: OBJECTSTORE_S3_SSL # 18
|
||||
value: "true"
|
||||
##################################
|
||||
# Mise en place SMTP
|
||||
- name: MAIL_FROM_ADDRESS
|
||||
value: "nextcloud"
|
||||
- name: MAIL_DOMAIN
|
||||
value: "cadoles.com"
|
||||
- name: SMTP_HOST
|
||||
value: "groupware.cadoles.com"
|
||||
- name: SMTP_SECURE
|
||||
value: "STARTTLS"
|
||||
- name: SMTP_PORT
|
||||
value: "587"
|
||||
- name: SMTP_AUTHTYPE
|
||||
value: "LOGIN"
|
||||
- name: SMTP_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-smtp
|
||||
key: smtp-username
|
||||
- name: SMTP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: nextcloud-smtp
|
||||
key: smtp-password
|
||||
|
||||
- name: NEXTCLOUD_DATA_DIR
|
||||
value: "/var/www/html/data"
|
||||
##ADD LDAP CONF
|
||||
- name: NEXTCLOUD_LDAP_HOST
|
||||
value: ldaps://ldap.cadoles.com
|
||||
- name: NEXTCLOUD_LDAP_BASE
|
||||
value: ou=cadoles,o=gouv,c=fr
|
||||
- name: NEXTCLOUD_LDAP_DN
|
||||
value: cn=reader,o=gouv,c=fr
|
||||
- name: NEXTCLOUD_LDAP_PASSWD
|
||||
value: "phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae"
|
||||
- name: NEXTCLOUD_LDAP_BASE_GROUPS
|
||||
value: ou=groups,ou=cadoles,o=gouv,c=fr
|
||||
- name: NEXTCLOUD_LDAP_BASE_USERS
|
||||
value: ou=users,ou=cadoles,o=gouv,c=fr
|
||||
- name: NEXTCLOUD_LDAP_ACTIVE_CONF
|
||||
value: "1"
|
||||
- name: NEXTCLOUD_LDAP_ADMIN_EXP
|
||||
value: "0"
|
||||
- name: NEXTCLOUD_LDAP_EXP_UUID
|
||||
value: cn
|
||||
- name: NEXTCLOUD_LDAP_LOGIN_FILTER
|
||||
value: (&(objectClass=person)(cn=%uid))
|
||||
- name: NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR
|
||||
value: uid
|
||||
- name: NEXTCLOUD_LDAP_PORT
|
||||
value: "636"
|
||||
- name: NEXTCLOUD_LDAP_USR_FILTR
|
||||
value: (|(objectclass=person))
|
||||
- name: NEXTCLOUD_LDAP_OBJ_FILTR
|
||||
value: person
|
||||
- name: NEXTCLOUD_LDAP_MAIL_ATTR
|
||||
value: mail
|
||||
- name: NEXTCLOUD_LDAP_USER_DISP
|
||||
value: cn
|
||||
- name: NEXTCLOUD_LDAP_GROUP_FILTR
|
||||
value: (&(|(objectclass=cadolesGroup)))
|
||||
- name: NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS
|
||||
value: cadolesGroup
|
||||
- name: NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO
|
||||
value: gidNumber
|
||||
|
||||
livenessProbe: # vérifie si c'est planté ou non
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 80 # en reférence à ingress.yaml ?
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml
|
||||
initialDelaySeconds: 50
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 6
|
||||
readinessProbe: # vérifie si c'est ok pour envoyer des requête ou non
|
||||
httpGet:
|
||||
path: /status.php
|
||||
port: 80 # en référence à ingress.yaml ?
|
||||
httpHeaders:
|
||||
- name: Host
|
||||
value: nxt.cadoles.fr # valeurs égale à celle dans ingress.yaml
|
||||
initialDelaySeconds: 50
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 5
|
||||
successThreshold: 1
|
||||
failureThreshold: 6
|
||||
|
||||
volumeMounts:
|
||||
- mountPath: /var/www/
|
||||
name: nextcloud-main-volume
|
||||
- mountPath: /var/www/html
|
||||
name: nextcloud-html-volume
|
||||
- mountPath: /var/www/html/data
|
||||
name: nextcloud-data-volume
|
||||
- mountPath: /var/www/html/config
|
||||
name: nextcloud-config-volume
|
||||
- mountPath: /var/www/html/custom_apps
|
||||
name: nextcloud-custom-volume
|
||||
- mountPath: /var/www/tmp
|
||||
name: nextcloud-tmp-volume
|
||||
- mountPath: /var/www/html/themes
|
||||
name: nextcloud-themes-volume
|
||||
|
||||
# ICI montage pour les script !
|
||||
- mountPath: /etc/script/poststart-ldap.sh
|
||||
name: script-config-ldap
|
||||
subPath: poststart-ldap.sh
|
||||
- mountPath: /etc/script/custom-script.sh
|
||||
name: update-config-script
|
||||
subPath: custom-script.sh
|
||||
- mountPath: /etc/minio-ccerts
|
||||
name: minio-certs
|
||||
readOnly: true
|
||||
|
||||
# MOUNT-TRY-multi-instance
|
||||
# - name: nextcloud-config-volume # monte le fichier de configuration dans
|
||||
# mountPath: /var/www/html/config # les instances supplémentaire
|
||||
# readOnly: false # via le configmap ConfigMaps-php.yaml
|
||||
|
||||
restartPolicy: Always
|
||||
serviceAccountName: nextcloud-sa # declare user for initcontainer
|
||||
|
||||
# trois volumes pour les script
|
||||
volumes:
|
||||
- name: minio-certs
|
||||
secret:
|
||||
secretName: nextcloud-minio-tls # montage des certificat de minio
|
||||
- name: update-config-script
|
||||
configMap:
|
||||
name: update-config
|
||||
defaultMode: 0744
|
||||
- name: script-config-ldap
|
||||
configMap:
|
||||
name: script-config-ldap
|
||||
defaultMode: 0744
|
||||
|
||||
# MOUNT-TRY-multi-instance
|
||||
# - name: nextcloud-config-volume # permet de monter le fichier de configuration dans
|
||||
# configMap: # les instances supplémentaires
|
||||
# name: nextcloud-config # via le configmap ConfigMaps-php.yaml
|
||||
|
||||
- name: nextcloud-main-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-main-pvc
|
||||
- name: nextcloud-html-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-html-pvc
|
||||
- name: nextcloud-data-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-data-pvc
|
||||
- name: nextcloud-config-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-config-pvc
|
||||
- name: nextcloud-custom-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-custom-pvc
|
||||
- name: nextcloud-tmp-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-tmp-pvc
|
||||
- name: nextcloud-themes-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: nextcloud-themes-pvc
|
||||
|
||||
initContainers: # cf README.md part ##YAML explain / ### PODS WAIT
|
||||
- name: wait-for-bootstrap
|
||||
image: reg.cadoles.com/proxy_cache/groundnuty/k8s-wait-for:v1.3
|
||||
args:
|
||||
- job
|
||||
- $(MINIO_BOOTSTRAP_JOB_NAME)
|
||||
|
||||
|
||||
#####################################################
|
||||
# For REDIS-OPERATOR USE THIS TO SET PORT
|
||||
#####################################################
|
||||
# - name: REDIS_HOST_PORT
|
||||
# value: $(RFS_NEXTCLOUD_REDIS_SERVICE_PORT)
|
||||
# - name: REDIS_HOST_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: redis-secret
|
||||
# key: password
|
||||
#####################################################
|
@ -1,36 +0,0 @@
|
||||
#- op: replace
|
||||
# path: /metadata/annotations/nginx.ingress.kubernetes.io~1proxy-body-size
|
||||
# value: "1G"
|
||||
#- op: replace
|
||||
# path: /metadata/annotations/nginx.ingress.kubernetes.io~1enable-cors
|
||||
# value: "true"
|
||||
#- op: replace
|
||||
# path: /metadata/annotations/nginx.ingress.kubernetes.io~1cors-allow-headers
|
||||
# value: "X-Forwarded-For"
|
||||
|
||||
# En cas de besoin
|
||||
#- op: add
|
||||
# path: /metadata/annotations/nginx.ingress.kubernetes.io~1client_max_body_size
|
||||
# value: "100m"
|
||||
|
||||
#- op: replace
|
||||
# path: /spec/rules/0/host
|
||||
# value: nxt.cadoles.fr
|
||||
#- op: replace
|
||||
# path: /spec/rules/0/http/paths/0/path
|
||||
# value: /
|
||||
#- op: replace
|
||||
# path: /spec/rules/0/http/paths/0/pathType
|
||||
# value: Prefix
|
||||
#- op: replace
|
||||
# path: /spec/rules/0/http/paths/0/backend/service/name
|
||||
# value: nextcloud
|
||||
#- op: replace
|
||||
# path: /spec/rules/0/http/paths/0/backend/service/port/number
|
||||
# value: 80
|
||||
|
||||
|
||||
|
||||
# logiquement path =
|
||||
# path: /metadata/annotations/nginx.ingress.kubernetes.io/proxy-body-size
|
||||
# sauf que ... json voila, "/" est à remplacer par ~1
|
@ -1,75 +0,0 @@
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_HOST
|
||||
value: openldap.openldap
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_BASE
|
||||
value: dc=example,dc=org
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_DN
|
||||
value: cn=admin,dc=example,dc=org
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_PASSWD
|
||||
value: "adminpassword"
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_BASE_GROUPS
|
||||
value: dc=example,dc=org
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_BASE_USERS
|
||||
value: ou=users,dc=example,dc=org
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_ACTIVE_CONF
|
||||
value: "1"
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_ADMIN_EXP
|
||||
value: "0"
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_EXP_UUID
|
||||
value: cn
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_LOGIN_FILTER
|
||||
value: (&(objectClass=posixAccount)(cn=%uid))
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_PORT
|
||||
value: "1389"
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_USR_FILTR
|
||||
value: (|(objectclass=posixAccount))
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_OBJ_FILTR
|
||||
value: posixAccount
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_MAIL_ATTR
|
||||
value: mail
|
||||
- op: add
|
||||
path: "/spec/template/spec/containers/0/env/-"
|
||||
value:
|
||||
name: NEXTCLOUD_LDAP_USER_DISP
|
||||
value: cn
|
@ -1,26 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: app
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: app
|
||||
env:
|
||||
- name: NEXTCLOUD_ADMIN_USER
|
||||
value: admincadoles
|
||||
- name: NEXTCLOUD_ADMIN_PASSWORD
|
||||
value: cadoles
|
||||
- name: PHP_MEMORY_LIMIT
|
||||
value: 512M
|
||||
- name: PHP_UPLOAD_LIMIT
|
||||
value: 4G
|
||||
- name: REDIS_HOST
|
||||
value: redis
|
||||
- name: REDIS_HOST_PORT
|
||||
value: "6379"
|
||||
- name: NEXTCLOUD_DATA_DIR
|
||||
value: "/var/www/html/data"
|
||||
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: "*.cadoles.fr"
|
@ -1,34 +0,0 @@
|
||||
# USER POSTGRES
|
||||
# UNIQUEMENT Si vous ne passez pas par l'operateur.
|
||||
#- op: replace
|
||||
# path: /spec/template/spec/containers/env/0/value #POSTGRES_DB
|
||||
# value: username
|
||||
#- op: replace
|
||||
# path: /spec/template/spec/containers/env/1/value #POSTGRES_USER
|
||||
# value: username
|
||||
#- op: replace
|
||||
# path: /spec/template/spec/containers/env/2/value #POSTGRES_PASSWORD
|
||||
# value: password
|
||||
|
||||
# CONF POSTGRES
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/3/value #POSTGRES_HOST
|
||||
value: $(NEXTCLOUD_POSTGRES_RW_SERVICE_HOST)
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/0/value #POSTGRES_DB
|
||||
value: nextcloud
|
||||
|
||||
|
||||
#Name: nextcloud-postgres-app
|
||||
#Namespace: nextcloud
|
||||
#Labels: cnpg.io/cluster=nextcloud-postgres
|
||||
# cnpg.io/reload=true
|
||||
#Annotations: cnpg.io/operatorVersion: 1.18.1
|
||||
#
|
||||
#Type: kubernetes.io/basic-auth
|
||||
#
|
||||
#Data
|
||||
#====
|
||||
#password: 64 bytes
|
||||
#pgpass: 112 bytes
|
||||
#username: 9 bytes
|
@ -1,47 +0,0 @@
|
||||
# livenessProbe
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/httpGet/httpHeaders/0/value
|
||||
value: nxt.cadoles.fr
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/httpGet/port
|
||||
value: 80
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/initialDelaySeconds
|
||||
value: 50
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/periodSeconds
|
||||
value: 10
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/timeoutSeconds
|
||||
value: 5
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/successThreshold
|
||||
value: 1
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/failureThreshold
|
||||
value: 6
|
||||
|
||||
|
||||
# readinessProbe
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/httpGet/httpHeaders/0/value
|
||||
value: nxt.cadoles.fr
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/httpGet/port
|
||||
value: 80
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/initialDelaySeconds
|
||||
value: 50
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/periodSeconds
|
||||
value: 10
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/timeoutSeconds
|
||||
value: 5
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/successThreshold
|
||||
value: 1
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/failureThreshold
|
||||
value: 6
|
||||
|
@ -1,26 +0,0 @@
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/19/value #MAIL_FROM_ADDRESS
|
||||
value: "usercadoles"
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/20/value #MAIL_DOMAIN
|
||||
value: "cadoles.com"
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/21/value #SMTP_HOST
|
||||
value: "groupware.cadoles.com"
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/22/value #SMTP_SECURE
|
||||
value: "ssl"
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/23/value #SMTP_PORT
|
||||
value: "587"
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/24/value #SMTP_AUTHTYPE
|
||||
value: "LOGIN"
|
||||
|
||||
# THEORIQUEMENT LA MODIFICATION du secret generator lié dans kustomize suffit.
|
||||
#- op: replace
|
||||
# path: /spec/template/spec/containers/0/env/25/value #SMTP_NAME
|
||||
# value:
|
||||
#- op: replace
|
||||
# path: /spec/template/spec/containers/0/env/26/value #SMTP_PASSWORD
|
||||
# value:
|
33
overlays/dev/patches/nextcloud-tenant.yaml
Normal file
33
overlays/dev/patches/nextcloud-tenant.yaml
Normal file
@ -0,0 +1,33 @@
|
||||
apiVersion: minio.min.io/v2
|
||||
kind: Tenant
|
||||
metadata:
|
||||
name: nextcloud-minio
|
||||
spec:
|
||||
certConfig:
|
||||
dnsNames:
|
||||
- "minio"
|
||||
pools:
|
||||
- servers: 2
|
||||
name: pool-0
|
||||
volumesPerServer: 3
|
||||
volumeClaimTemplate:
|
||||
metadata:
|
||||
name: nextcloud-minio-data # juste son nom dans le cluster
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 3Gi
|
||||
# env:
|
||||
# - name: MINIO_CONSOLE_TLS_ENABLE
|
||||
# value: "off"
|
||||
containerSecurityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
runAsNonRoot: true
|
||||
configuration:
|
||||
name: nextcloud-minio-configuration
|
||||
users:
|
||||
- name: nextcloud-minio-user
|
||||
|
@ -1,34 +0,0 @@
|
||||
# USER MDP NEXTCLOUD
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/4/value #NEXTCLOUD_ADMIN_USER
|
||||
value: admincadoles
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/5/value #NEXTCLOUD_ADMIN_PASSWORD
|
||||
value: CadolesNotSecret
|
||||
|
||||
# CONF NEXTCLOUD PHP
|
||||
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/8/value #PHP_MEMORY_LIMIT
|
||||
value: 512M
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/9/value #PHP_UPLOAD_LIMIT
|
||||
value: 4G
|
||||
|
||||
# CONF NEXTCLOUD REDIS
|
||||
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/11/value #REDIS_HOST
|
||||
value: redis
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/12/value #REDIS_HOST_PORT
|
||||
value: "6379"
|
||||
|
||||
# CONF NEXTCLOUD
|
||||
|
||||
#- op: replace
|
||||
# path: /spec/template/spec/containers/0/env/27/value #NEXTCLOUD_DATA_DIR
|
||||
# value: "/var/www/html/data"
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/6/value #NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: "*.cadoles.fr"
|
@ -1,21 +0,0 @@
|
||||
- op: replace
|
||||
path: /spec/certConfig/dnsNames
|
||||
value: ["minio"]
|
||||
- op: replace
|
||||
path: /spec/pools/0/servers
|
||||
value: 2
|
||||
- op: replace
|
||||
path: /spec/pools/0/volumesPerServer
|
||||
value: 3
|
||||
- op: replace
|
||||
path: /spec/pools/0/volumeClaimTemplate/spec/resources/requests/storage
|
||||
value: 3Gi
|
||||
- op: replace
|
||||
path: /spec/pools/0/containerSecurityContext/runAsUser
|
||||
value: 1000
|
||||
- op: replace
|
||||
path: /spec/pools/0/containerSecurityContext/runAsGroup
|
||||
value: 1000
|
||||
- op: replace
|
||||
path: /spec/pools/0/containerSecurityContext/runAsNonRoot
|
||||
value: true
|
Loading…
Reference in New Issue
Block a user