diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 4c673cbc..6547c4f4 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -81,6 +81,10 @@ jobs: # test the helm chart with horizontal pod autoscaling enabled - name: Horizontal Pod Autoscaling Enabled helm_args: '--helm-extra-set-args "--set=hpa.enabled=true --set=hpa.minPods=2 --set=hpa.maxPods=3 --set=hpa.targetCPUUtilizationPercentage=75"' + + # test the helm chart with notify push enabled + - name: Notify Push Enabled + helm_args: '--helm-extra-set-args "--set=notifyPush.enabled=true"' # test the helm chart with s3 as the primary storage - name: S3 Enabled as Primary Storage diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index fccbb9ae..722b3935 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 5.5.2 +version: 5.6.0 appVersion: 29.0.4 description: A file sharing server that puts the control and security of your own data back into your hands. keywords: diff --git a/charts/nextcloud/files/notify_push.sh.tpl b/charts/nextcloud/files/notify_push.sh.tpl new file mode 100644 index 00000000..4aeb9cb4 --- /dev/null +++ b/charts/nextcloud/files/notify_push.sh.tpl @@ -0,0 +1,3 @@ +#!/bin/sh +/var/www/html/occ app:install notify_push +/var/www/html/occ notify_push:setup https://{{ .Values.nextcloud.host }}{{ .Values.notifyPush.ingress.path }} diff --git a/charts/nextcloud/templates/db-secret.yaml b/charts/nextcloud/templates/db-secret.yaml index 491c460d..66691342 100644 --- a/charts/nextcloud/templates/db-secret.yaml +++ b/charts/nextcloud/templates/db-secret.yaml @@ -13,14 +13,23 @@ metadata: type: Opaque data: {{- if .Values.mariadb.enabled }} - db-username: {{ .Values.mariadb.auth.username | b64enc | quote }} - db-password: {{ .Values.mariadb.auth.password | b64enc | quote }} + {{- with .Values.mariadb.auth }} + db-username: {{ .username | b64enc | quote }} + db-password: {{ .password | b64enc | quote }} + db-url: {{ printf "mysql://%s:%s@%s/%s" .username .password (include "mariadb.primary.fullname" $.Subcharts.mariadb) .database | b64enc | quote }} + {{- end }} {{- else if .Values.postgresql.enabled }} - db-username: {{ .Values.postgresql.global.postgresql.auth.username | b64enc | quote }} - db-password: {{ .Values.postgresql.global.postgresql.auth.password | b64enc | quote }} + {{- with .Values.postgresql.global.postgresql.auth }} + db-username: {{ .username | b64enc | quote }} + db-password: {{ .password | b64enc | quote }} + db-url: {{ printf "postgres://%s:%s@%s/%s" .username .password (include "postgresql.v1.primary.fullname" $.Subcharts.postgresql) .database | b64enc | quote }} + {{- end }} {{- else }} - db-username: {{ .Values.externalDatabase.user | b64enc | quote }} - db-password: {{ .Values.externalDatabase.password | b64enc | quote }} + {{- with .Values.externalDatabase }} + db-username: {{ .user | b64enc | quote }} + db-password: {{ .password | b64enc | quote }} + db-url: {{ printf "%s://%s:%s@%s/%s" .type .user .password .host .database | b64enc | quote }} + {{- end }} {{- end }} {{- end }} {{- end }} diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index 6f601963..68f4a907 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -139,6 +139,12 @@ spec: {{- end }} volumeMounts: {{- include "nextcloud.volumeMounts" . | trim | nindent 12 }} + {{- if and .Values.notifyPush.enabled .Values.notifyPush.autoSetup }} + - name: nextcloud-notify-hooks + mountPath: /docker-entrypoint-hooks.d/before-starting/notify_push.sh + subPath: notify_push.sh + readOnly: true + {{- end }} {{- range $hook, $shell := .Values.nextcloud.hooks }} {{- if $shell }} - name: nextcloud-hooks @@ -371,6 +377,15 @@ spec: configMap: name: {{ template "nextcloud.fullname" . }}-nginxconfig {{- end }} + {{- if and .Values.notifyPush.enabled .Values.notifyPush.autoSetup }} + - name: nextcloud-notify-hooks + configMap: + name: {{ template "nextcloud.fullname" . }}-notify-push + defaultMode: 0o755 + items: + - key: hook.sh + path: notify_push.sh + {{- end }} {{- if not (values .Values.nextcloud.hooks | compact | empty) }} - name: nextcloud-hooks configMap: diff --git a/charts/nextcloud/templates/ingress.yaml b/charts/nextcloud/templates/ingress.yaml index 51a1e9d8..59bb330a 100644 --- a/charts/nextcloud/templates/ingress.yaml +++ b/charts/nextcloud/templates/ingress.yaml @@ -39,6 +39,15 @@ spec: serviceName: {{ template "nextcloud.fullname" . }} servicePort: {{ .Values.service.port }} {{- end }} + {{- if .Values.notifyPush.enabled }} + - path: {{ .Values.notifyPush.ingress.path }} + pathType: {{ .Values.notifyPush.ingress.pathType }} + backend: + service: + name: {{ template "nextcloud.fullname" . }}-notify-push + port: + name: http + {{- end }} {{- with .Values.ingress.tls }} tls: {{- toYaml . | nindent 4 }} diff --git a/charts/nextcloud/templates/metrics/service.yaml b/charts/nextcloud/templates/metrics/service.yaml index 82eb0ad8..d26d1864 100644 --- a/charts/nextcloud/templates/metrics/service.yaml +++ b/charts/nextcloud/templates/metrics/service.yaml @@ -1,35 +1,38 @@ {{- if .Values.metrics.enabled }} +{{- with .Values.metrics.service }} --- apiVersion: v1 kind: Service metadata: - name: {{ template "nextcloud.fullname" . }}-metrics + name: {{ template "nextcloud.fullname" $ }}-metrics labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: {{ include "nextcloud.name" $ }} + helm.sh/chart: {{ include "nextcloud.chart" $ }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/managed-by: {{ $.Release.Service }} app.kubernetes.io/component: metrics - {{- with .Values.metrics.service.labels }} + app.kubernetes.io/monitor: enabled + {{- with .labels }} {{- toYaml . | nindent 4 }} {{- end }} - {{- with .Values.metrics.service.annotations }} + {{- with .annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: - type: {{ .Values.metrics.service.type }} - {{- if eq .Values.metrics.service.type "LoadBalancer" }} - {{- with .Values.metrics.service.loadBalancerIP }} + type: {{ .type }} + {{- if eq .type "LoadBalancer" }} + {{- with .loadBalancerIP }} loadBalancerIP: {{ . }} {{- end }} {{- end }} + selector: + app.kubernetes.io/name: {{ include "nextcloud.name" $ }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/component: metrics ports: - name: metrics - port: 9205 + port: 9100 targetPort: metrics - selector: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: metrics +{{- end }} {{- end }} diff --git a/charts/nextcloud/templates/metrics/servicemonitor.yaml b/charts/nextcloud/templates/metrics/servicemonitor.yaml deleted file mode 100644 index 0209b4e9..00000000 --- a/charts/nextcloud/templates/metrics/servicemonitor.yaml +++ /dev/null @@ -1,40 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "nextcloud.fullname" . }} - namespace: {{ .Values.metrics.serviceMonitor.namespace | default .Release.Namespace | quote }} - labels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - helm.sh/chart: {{ include "nextcloud.chart" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/managed-by: {{ .Release.Service }} - app.kubernetes.io/component: metrics - {{- with .Values.metrics.serviceMonitor.labels }} - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel | quote }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "nextcloud.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/component: metrics - namespaceSelector: - {{- with .Values.metrics.serviceMonitor.namespaceSelector }} - {{- toYaml . | nindent 4 }} - {{- else }} - matchNames: - - {{ .Release.Namespace | quote }} - {{- end }} - endpoints: - - port: metrics - path: "/" - {{- with .Values.metrics.serviceMonitor.interval }} - interval: {{ . }} - {{- end }} - {{- with .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ . }} - {{- end }} -{{- end }} diff --git a/charts/nextcloud/templates/notify_push/configmap.yaml b/charts/nextcloud/templates/notify_push/configmap.yaml new file mode 100644 index 00000000..f13d5f1c --- /dev/null +++ b/charts/nextcloud/templates/notify_push/configmap.yaml @@ -0,0 +1,15 @@ +{{- if and .Values.notifyPush.enabled .Values.notifyPush.autoSetup }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "nextcloud.fullname" . }}-notify-push + labels: + app.kubernetes.io/name: {{ include "nextcloud.name" . }} + helm.sh/chart: {{ include "nextcloud.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +data: + hook.sh: |- + {{- tpl (.Files.Get "files/notify_push.sh.gotmpl" ) . | nindent 4 }} +{{- end }} diff --git a/charts/nextcloud/templates/notify_push/deployment.yaml b/charts/nextcloud/templates/notify_push/deployment.yaml new file mode 100644 index 00000000..5b93ddc0 --- /dev/null +++ b/charts/nextcloud/templates/notify_push/deployment.yaml @@ -0,0 +1,70 @@ +{{- if .Values.notifyPush.enabled }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "nextcloud.fullname" . }}-notify-push + labels: + app.kubernetes.io/name: {{ include "nextcloud.name" . }} + helm.sh/chart: {{ include "nextcloud.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/component: notify-push +spec: + replicas: {{ .Values.notifyPush.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "nextcloud.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: notify-push + template: + metadata: + annotations: + {{- toYaml .Values.notifyPush.podAnnotations | nindent 8 }} + labels: + app.kubernetes.io/name: {{ include "nextcloud.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: notify-push + {{- with .Values.notifyPush.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.notifyPush.image.pullSecrets }} + imagePullSecrets: + {{- range . }} + - name: {{ . }} + {{- end}} + {{- end }} + containers: + - name: notify-push + {{- with .Values.notifyPush.image }} + image: "{{ .registry }}/{{ .repository }}:{{ .tag }}" + imagePullPolicy: {{ .pullPolicy }} + {{- end }} + env: + - name: PORT + value: "7867" + - name: METRICS_PORT + value: "9867" + - name: DATABASE_URL + valueFrom: + secretKeyRef: + name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} + key: {{ .Values.externalDatabase.existingSecret.databaseURLKey }} + - name: REDIS_URL + value: "redis://{{ if .Values.redis.auth.enabled }}:{{ .Values.redis.auth.password }}@{{ end }}{{ template "nextcloud.redis.fullname" . }}-master:{{ .Values.redis.master.service.ports.redis }}" + - name: NEXTCLOUD_URL # deployment.namespace.svc.cluster.local + value: "http{{ if .Values.notifyPush.https }}s{{ end }}://{{ template "nextcloud.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.port }}" + ports: + - name: http + containerPort: 7867 + - name: metrics + containerPort: 9867 + {{- with .Values.notifyPush.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + securityContext: + runAsUser: 1000 + runAsNonRoot: true +{{- end }} diff --git a/charts/nextcloud/templates/notify_push/service.yaml b/charts/nextcloud/templates/notify_push/service.yaml new file mode 100644 index 00000000..46d59c7d --- /dev/null +++ b/charts/nextcloud/templates/notify_push/service.yaml @@ -0,0 +1,41 @@ +{{- if .Values.notifyPush.enabled }} +{{- with .Values.notifyPush.service }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "nextcloud.fullname" $ }}-notify-push + labels: + app.kubernetes.io/name: {{ include "nextcloud.name" $ }} + helm.sh/chart: {{ include "nextcloud.chart" $ }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/managed-by: {{ $.Release.Service }} + app.kubernetes.io/component: notify-push + app.kubernetes.io/monitor: enabled + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .type }} + {{- if eq .type "LoadBalancer" }} + {{- with .loadBalancerIP }} + loadBalancerIP: {{ . }} + {{- end }} + {{- end }} + selector: + app.kubernetes.io/name: {{ include "nextcloud.name" $ }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/component: notify-push + ports: + - name: http + port: 80 + targetPort: http + - name: metrics + port: 9100 + targetPort: metrics +{{- end }} +{{- end }} diff --git a/charts/nextcloud/templates/servicemonitor.yaml b/charts/nextcloud/templates/servicemonitor.yaml new file mode 100644 index 00000000..fab9449d --- /dev/null +++ b/charts/nextcloud/templates/servicemonitor.yaml @@ -0,0 +1,41 @@ +{{- with .Values.prometheus.serviceMonitor }} +{{- if .enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "nextcloud.fullname" $ }} + namespace: {{ .namespace | default $.Release.Namespace | quote }} + labels: + app.kubernetes.io/name: {{ include "nextcloud.name" $ }} + helm.sh/chart: {{ include "nextcloud.chart" $ }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/managed-by: {{ $.Release.Service }} + {{- with .labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ .jobLabel | quote }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "nextcloud.name" $ }} + app.kubernetes.io/instance: {{ $.Release.Name }} + app.kubernetes.io/monitor: enabled + namespaceSelector: + {{- with .namespaceSelector }} + {{- toYaml . | nindent 4 }} + {{- else }} + matchNames: + - {{ $.Release.Namespace | quote }} + {{- end }} + endpoints: + - port: metrics + path: "/metrics" + {{- with .interval }} + interval: {{ . }} + {{- end }} + {{- with .scrapeTimeout }} + scrapeTimeout: {{ . }} + {{- end }} +{{- end }} +{{- end }} diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index 8f44ff98..54af8c8b 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -375,11 +375,16 @@ externalDatabase: ## Use a existing secret existingSecret: enabled: false - # secretName: nameofsecret + # -- e.g. nameofsecret + secretName: usernameKey: db-username passwordKey: db-password - # hostKey: db-hostname-or-ip - # databaseKey: db-name + # -- e.g. db-hostname-or-ip + hostKey: + # -- e.g. db-name + databaseKey: + # -- complete URL with type, username and password (current only for notify_push used) + databaseURLKey: db-url ## ## MariaDB chart configuration @@ -593,12 +598,48 @@ tolerations: [] affinity: {} -dnsConfig: {} -# Custom dns config for Nextcloud containers. -# You can for example configure ndots. This may be needed in some clusters with alpine images. -# options: -# - name: ndots -# value: "1" +dnsConfig: + # -- Custom dns config for Nextcloud containers. + # You can for example configure ndots. This may be needed in some clusters with alpine images. + # options: + # - name: ndots + # value: "1" + options: [] + + +# Notify Push (Clientpush) +notifyPush: + # -- enable another deployment to handle notify_push (sometimes called ClientPush) + enabled: false + autoSetup: false + + replicaCount: 1 + + image: + registry: docker.io + # -- image of notify_push (there is no official image yet: https://github.com/nextcloud/notify_push/issues/106) + repository: miles170/notify_push + tag: v0.7.0 + pullPolicy: IfNotPresent + pullSecrets: + # - myRegistrKeySecretName + + resources: {} + + podAnnotations: {} + podLabels: {} + + service: + type: ClusterIP + # -- Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank + loadBalancerIP: + annotations: {} + labels: {} + + ingress: + # -- patch default ingress to forward following path to notify_push service + path: /push + pathType: Prefix ## Prometheus Exporter / Metrics ## @@ -665,8 +706,9 @@ metrics: # seccompProfile: # type: RuntimeDefault +prometheus: ## Prometheus Operator ServiceMonitor configuration - ## + ## collects data from nextcloud metrics and notify_push if enabled serviceMonitor: ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using PrometheusOperator ##