feat(plugins): adding default apps install with env #2
@ -2,8 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
|||||||
kind: Kustomization
|
kind: Kustomization
|
||||||
namespace: nextcloud-dev
|
namespace: nextcloud-dev
|
||||||
|
|
||||||
#namePrefix: dev-
|
|
||||||
|
|
||||||
configurations:
|
configurations:
|
||||||
- ./resources/files/minio/configurations/tenants.minio.min.io.yaml
|
- ./resources/files/minio/configurations/tenants.minio.min.io.yaml
|
||||||
|
|
||||||
@ -13,6 +11,7 @@ resources:
|
|||||||
- resources/nextcloud/namespace.yaml
|
- resources/nextcloud/namespace.yaml
|
||||||
- resources/nextcloud/ssl.yaml
|
- resources/nextcloud/ssl.yaml
|
||||||
- resources/nextcloud/cm-ldap-script.yaml
|
- resources/nextcloud/cm-ldap-script.yaml
|
||||||
|
- resources/nextcloud/cm-plugins-script.yaml
|
||||||
- resources/nextcloud/minio-tenant.yaml
|
- resources/nextcloud/minio-tenant.yaml
|
||||||
- resources/nextcloud/job-minio.yaml
|
- resources/nextcloud/job-minio.yaml
|
||||||
|
|
||||||
@ -20,51 +19,60 @@ patches:
|
|||||||
- path: patches/deployment.yaml
|
- path: patches/deployment.yaml
|
||||||
- path: patches/nginx-ingress.yaml
|
- path: patches/nginx-ingress.yaml
|
||||||
- path: patches/ConfigMap-redis.yaml
|
- path: patches/ConfigMap-redis.yaml
|
||||||
- path: patches/nextcloud-env.yaml
|
#- path: patches/nextcloud-env.yaml
|
||||||
target:
|
# target:
|
||||||
kind: ConfigMap
|
# kind: ConfigMap
|
||||||
name: nextcloud-env
|
# name: nextcloud-env
|
||||||
version: v1
|
# version: v1
|
||||||
|
|
||||||
|
|
||||||
# PARTIE MINIO
|
|
||||||
|
|
||||||
# secret re-généré
|
|
||||||
#secretGenerator:
|
|
||||||
#- name: db-user-pass
|
|
||||||
# envs:
|
|
||||||
# - ./resources/files/minio/config.env
|
|
||||||
|
|
||||||
secretGenerator:
|
secretGenerator:
|
||||||
#Voir https://github.com/minio/operator/issues/856
|
|
||||||
- name: nextcloud-minio-user
|
- name: nextcloud-minio-user
|
||||||
literals:
|
literals:
|
||||||
- CONSOLE_ACCESS_KEY=minio_root
|
- CONSOLE_ACCESS_KEY=minio_root
|
||||||
- CONSOLE_SECRET_KEY=MinioRootNotSoSecret
|
- CONSOLE_SECRET_KEY=MinioRootNotSoSecret
|
||||||
- name: nextcloud-minio-configuration
|
- name: nextcloud-minio-configuration
|
||||||
files:
|
files:
|
||||||
- ./resources/files/minio/config.env # A modifier si modification mot de passe et user CONSOLE [ACCESS-SECRET]
|
- ./resources/files/minio/config.env
|
||||||
|
|
||||||
# ajout de Variable, et redéfinition de certaines
|
|
||||||
configMapGenerator:
|
|
||||||
#- name: nextcloud-parameters
|
|
||||||
# files:
|
|
||||||
# - ./resources/files/parameters.yaml
|
|
||||||
#- name: nextcloud-env
|
|
||||||
# behavior: replace
|
|
||||||
# literals:
|
|
||||||
# - MINIO_SERVICE_NAME=$(MINIO_SERVICE_HOST):$(MINIO_SERVICE_PORT)
|
|
||||||
# - MINIO_SERVICE_HOST=minio
|
|
||||||
# - MINIO_SERVICE_PORT=443
|
|
||||||
# options:
|
|
||||||
# disableNameSuffixHash: true
|
|
||||||
- name: nextcloud-smtp
|
- name: nextcloud-smtp
|
||||||
|
behavior: replace
|
||||||
literals:
|
literals:
|
||||||
- smtp-username=ouchemail
|
- smtp-username=ouchemail
|
||||||
- smtp-password=HjkEHJ2676yiu2
|
- smtp-password=HjkEHJ2676yiu2
|
||||||
options:
|
options:
|
||||||
disableNameSuffixHash: true
|
disableNameSuffixHash: true
|
||||||
|
|
||||||
|
configMapGenerator:
|
||||||
|
- name: nextcloud-env
|
||||||
|
behavior: merge
|
||||||
|
literals:
|
||||||
|
- NEXTCLOUD_TRUSTED_DOMAINS="*.cadoles.lan"
|
||||||
|
- OBJECTSTORE_S3_AUTOCREATE="true"
|
||||||
|
- OBJECTSTORE_S3_HOST=minio
|
||||||
|
- OBJECTSTORE_S3_PORT=443
|
||||||
|
- OBJECTSTORE_S3_BUCKET=nextcloud-minio
|
||||||
|
- OBJECTSTORE_S3_USEPATH_STYLE="true"
|
||||||
|
- OBJECTSTORE_S3_SSL="true"
|
||||||
|
- NEXTCLOUD_LDAP_HOST="ldaps://ldap.cadoles.com"
|
||||||
|
- NEXTCLOUD_LDAP_BASE="ou=cadoles,o=gouv,c=fr"
|
||||||
|
- NEXTCLOUD_LDAP_DN="cn=reader,o=gouv,c=fr"
|
||||||
|
- NEXTCLOUD_LDAP_PASSWD="phooge2jaidae4ohguChi6quoo8okahn2ru6aixutahmiuFoh6ooshae"
|
||||||
|
- NEXTCLOUD_LDAP_BASE_GROUPS="ou=groups,ou=cadoles,o=gouv,c=fr"
|
||||||
|
- NEXTCLOUD_LDAP_BASE_USERS="ou=users,ou=cadoles,o=gouv,c=fr"
|
||||||
|
- NEXTCLOUD_LDAP_ACTIVE_CONF='1'
|
||||||
|
- NEXTCLOUD_LDAP_ADMIN_EXP='0'
|
||||||
|
- NEXTCLOUD_LDAP_EXP_UUID="cn"
|
||||||
|
- NEXTCLOUD_LDAP_LOGIN_FILTER="(&(objectClass=person)(uid=%uid))"
|
||||||
|
- NEXTCLOUD_LDAP_LOGIN_FILTER_ATTR="uid"
|
||||||
|
- NEXTCLOUD_LDAP_PORT='636'
|
||||||
|
- NEXTCLOUD_LDAP_USR_FILTR="(|(objectclass=person))"
|
||||||
|
- NEXTCLOUD_LDAP_OBJ_FILTR="person"
|
||||||
|
- NEXTCLOUD_LDAP_MAIL_ATTR="mail"
|
||||||
|
- NEXTCLOUD_LDAP_USER_DISP="cn"
|
||||||
|
- NEXTCLOUD_LDAP_GROUP_FILTR="(&(|(objectclass=cadolesGroup)))"
|
||||||
|
- NEXTCLOUD_LDAP_GROUP_FILTR_OBJCLASS="cadolesGroup"
|
||||||
|
- NEXTCLOUD_LDAP_GROUP_MEMBR_ASSO="gidNumber"
|
||||||
|
- NEXTCLOUD_PLUGIN_LIST="groupfolders drawio calendar quicknotes richdocuments richdocumentscode polls keeweb"
|
||||||
|
|
||||||
vars: # génération d'information pour wait-for-bootstrap du pod nextcloud
|
vars: # génération d'information pour wait-for-bootstrap du pod nextcloud
|
||||||
- name: MINIO_BOOTSTRAP_JOB_NAME
|
- name: MINIO_BOOTSTRAP_JOB_NAME
|
||||||
objref:
|
objref:
|
||||||
|
@ -14,21 +14,10 @@ spec:
|
|||||||
- $(MINIO_BOOTSTRAP_JOB_NAME)
|
- $(MINIO_BOOTSTRAP_JOB_NAME)
|
||||||
containers:
|
containers:
|
||||||
- name: nextcloud
|
- name: nextcloud
|
||||||
|
#envFrom:
|
||||||
|
#- configMapRef:
|
||||||
|
# name: nextcloud-env-update
|
||||||
env:
|
env:
|
||||||
- name: POSTGRES_USER
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: nextcloud-postgres-app
|
|
||||||
key: username
|
|
||||||
- name: POSTGRES_PASSWORD
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: nextcloud-postgres-app
|
|
||||||
key: password
|
|
||||||
- name: OBJECTSTORE_S3_BUCKET
|
|
||||||
value: nxt-minio
|
|
||||||
- name: OBJECTSTORE_S3_AUTOCREATE
|
|
||||||
value: "true"
|
|
||||||
- name: OBJECTSTORE_S3_KEY
|
- name: OBJECTSTORE_S3_KEY
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
@ -39,14 +28,6 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: nextcloud-minio-user
|
name: nextcloud-minio-user
|
||||||
key: CONSOLE_SECRET_KEY
|
key: CONSOLE_SECRET_KEY
|
||||||
- name: OBJECTSTORE_S3_HOST
|
|
||||||
value: minio:$(MINIO_SERVICE_PORT)
|
|
||||||
- name: OBJECTSTORE_S3_PORT
|
|
||||||
value: "443"
|
|
||||||
- name: OBJECTSTORE_S3_SSL
|
|
||||||
value: "true"
|
|
||||||
- name: OBJECTSTORE_S3_USEPATH_STYLE
|
|
||||||
value: "true"
|
|
||||||
|
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
@ -76,6 +57,9 @@ spec:
|
|||||||
- mountPath: /docker-entrypoint-hooks.d/post-installation/ldap.sh
|
- mountPath: /docker-entrypoint-hooks.d/post-installation/ldap.sh
|
||||||
name: script-config-ldap
|
name: script-config-ldap
|
||||||
subPath: poststart-ldap.sh
|
subPath: poststart-ldap.sh
|
||||||
|
- mountPath: /docker-entrypoint-hooks.d/before-starting/plugins.sh
|
||||||
|
name: script-config-plugins
|
||||||
|
subPath: poststart-plugins.sh
|
||||||
- mountPath: /etc/minio-ccerts
|
- mountPath: /etc/minio-ccerts
|
||||||
name: minio-certs
|
name: minio-certs
|
||||||
readOnly: true
|
readOnly: true
|
||||||
@ -87,5 +71,9 @@ spec:
|
|||||||
configMap:
|
configMap:
|
||||||
name: script-config-ldap
|
name: script-config-ldap
|
||||||
defaultMode: 0755
|
defaultMode: 0755
|
||||||
|
- name: script-config-plugins
|
||||||
|
configMap:
|
||||||
|
name: script-config-plugins
|
||||||
|
defaultMode: 0755
|
||||||
restartPolicy: Always
|
restartPolicy: Always
|
||||||
serviceAccountName: nextcloud-sa
|
serviceAccountName: nextcloud-sa
|
||||||
|
34
overlays/dev/resources/nextcloud/cm-plugins-script.yaml
Normal file
34
overlays/dev/resources/nextcloud/cm-plugins-script.yaml
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: script-config-plugins
|
||||||
|
data:
|
||||||
|
poststart-plugins.sh: |
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
(
|
||||||
|
if ! flock -n 7; then
|
||||||
|
echo "Another process is installing plugins. waiting"
|
||||||
|
flock 7
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Installing default apps"
|
||||||
|
plugin_list="${NEXTCLOUD_PLUGIN_LIST}"
|
||||||
|
OPTS=""
|
||||||
|
occ="/var/www/html/occ"
|
||||||
|
|
||||||
|
installed_apps=$(mktemp)
|
||||||
|
/bin/sh -c "${occ} app:list" | awk '!/Enabled|Disabled/ {print substr($2, 1, length($2)-1)}' > "${installed_apps}"
|
||||||
|
|
||||||
|
for plugin in ${plugin_list}; do
|
||||||
|
if ! grep -q "${plugin}" "${installed_apps}"; then
|
||||||
|
/bin/sh -c "${occ} ${OPTS} app:install ${plugin}"
|
||||||
|
/bin/sh -c "${occ} ${OPTS} app:update ${plugin}"
|
||||||
|
/bin/sh -c "${occ} ${OPTS} app:enable ${plugin}"
|
||||||
|
else
|
||||||
|
echo "${plugin} allready installed"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
) 7> /var/www/html/nextcloud-plugin-install.lock
|
||||||
|
echo "Apps installation finished"
|
Loading…
Reference in New Issue
Block a user