diff --git a/manifests/nextcloud_chart/manifest.yaml b/manifests/nextcloud_chart/manifest.yaml index 1bdc9e2..70f2c50 100644 --- a/manifests/nextcloud_chart/manifest.yaml +++ b/manifests/nextcloud_chart/manifest.yaml @@ -33,7 +33,6 @@ metadata: kube-1password/secret-text-parse: "true" type: Opaque - --- apiVersion: v1 kind: Secret @@ -50,173 +49,6 @@ metadata: kube-1password/secret-text-key: s3.config.php type: Opaque ---- -# Source: nextcloud/charts/redis/templates/configmap-scripts.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: nextcloud-nextcloud-redis-scripts - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - heritage: Helm - release: nextcloud-nextcloud -data: - start-master.sh: | - #!/bin/bash - if [[ -n $REDIS_PASSWORD_FILE ]]; then - password_aux=`cat ${REDIS_PASSWORD_FILE}` - export REDIS_PASSWORD=$password_aux - fi - if [[ ! -f /opt/bitnami/redis/etc/master.conf ]];then - cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf - fi - if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - ARGS=("--port" "${REDIS_PORT}") - ARGS+=("--requirepass" "${REDIS_PASSWORD}") - ARGS+=("--masterauth" "${REDIS_PASSWORD}") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf") - exec /run.sh "${ARGS[@]}" - start-slave.sh: | - #!/bin/bash - if [[ -n $REDIS_PASSWORD_FILE ]]; then - password_aux=`cat ${REDIS_PASSWORD_FILE}` - export REDIS_PASSWORD=$password_aux - fi - if [[ -n $REDIS_MASTER_PASSWORD_FILE ]]; then - password_aux=`cat ${REDIS_MASTER_PASSWORD_FILE}` - export REDIS_MASTER_PASSWORD=$password_aux - fi - if [[ ! -f /opt/bitnami/redis/etc/replica.conf ]];then - cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf - fi - if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then - cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf - fi - ARGS=("--port" "${REDIS_PORT}") - ARGS+=("--slaveof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}") - ARGS+=("--requirepass" "${REDIS_PASSWORD}") - ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}") - ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") - ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf") - exec /run.sh "${ARGS[@]}" ---- -# Source: nextcloud/charts/redis/templates/configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: nextcloud-nextcloud-redis - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - heritage: Helm - release: nextcloud-nextcloud -data: - redis.conf: |- - # User-supplied configuration: - # Enable AOF https://redis.io/topics/persistence#append-only-file - appendonly yes - # Disable RDB persistence, AOF persistence already enabled. - save "" - master.conf: |- - dir /data - rename-command FLUSHDB "" - rename-command FLUSHALL "" - replica.conf: |- - dir /data - slave-read-only yes - rename-command FLUSHDB "" - rename-command FLUSHALL "" ---- -# Source: nextcloud/charts/redis/templates/health-configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: nextcloud-nextcloud-redis-health - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - heritage: Helm - release: nextcloud-nextcloud -data: - ping_readiness_local.sh: |- - #!/bin/bash - no_auth_warning=$([[ "$(redis-cli --version)" =~ (redis-cli 5.*) ]] && echo --no-auth-warning) - response=$( - timeout -s 3 $1 \ - redis-cli \ - -a $REDIS_PASSWORD $no_auth_warning \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_liveness_local.sh: |- - #!/bin/bash - no_auth_warning=$([[ "$(redis-cli --version)" =~ (redis-cli 5.*) ]] && echo --no-auth-warning) - response=$( - timeout -s 3 $1 \ - redis-cli \ - -a $REDIS_PASSWORD $no_auth_warning \ - -h localhost \ - -p $REDIS_PORT \ - ping - ) - if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then - echo "$response" - exit 1 - fi - ping_readiness_master.sh: |- - #!/bin/bash - no_auth_warning=$([[ "$(redis-cli --version)" =~ (redis-cli 5.*) ]] && echo --no-auth-warning) - response=$( - timeout -s 3 $1 \ - redis-cli \ - -a $REDIS_MASTER_PASSWORD $no_auth_warning \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$response" != "PONG" ]; then - echo "$response" - exit 1 - fi - ping_liveness_master.sh: |- - #!/bin/bash - no_auth_warning=$([[ "$(redis-cli --version)" =~ (redis-cli 5.*) ]] && echo --no-auth-warning) - response=$( - timeout -s 3 $1 \ - redis-cli \ - -a $REDIS_MASTER_PASSWORD $no_auth_warning \ - -h $REDIS_MASTER_HOST \ - -p $REDIS_MASTER_PORT_NUMBER \ - ping - ) - if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then - echo "$response" - exit 1 - fi - ping_readiness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_readiness_local.sh" $1 || exit_status=$? - "$script_dir/ping_readiness_master.sh" $1 || exit_status=$? - exit $exit_status - ping_liveness_local_and_master.sh: |- - script_dir="$(dirname "$0")" - exit_status=0 - "$script_dir/ping_liveness_local.sh" $1 || exit_status=$? - "$script_dir/ping_liveness_master.sh" $1 || exit_status=$? - exit $exit_status --- # Source: nextcloud/templates/config.yaml apiVersion: v1 @@ -254,9 +86,10 @@ data: 'memcache.distributed' => '\\OC\\Memcache\\Redis', 'memcache.locking' => '\\OC\\Memcache\\Redis', 'redis' => array( - 'host' => getenv('REDIS_HOST'), + 'host' => getenv('REDIS_HOST'), 'port' => getenv('REDIS_HOST_PORT') ?: 6379, 'password' => getenv('REDIS_HOST_PASSWORD'), + 'dbindex' => getenv('REDIS_DB_INDEX') ?: 0, ), ); } @@ -347,72 +180,8 @@ spec: storage: "5Gi" storageClassName: "scw-bssd-retain" --- -# Source: nextcloud/charts/redis/templates/headless-svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: nextcloud-nextcloud-redis-headless - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - release: nextcloud-nextcloud - heritage: Helm -spec: - type: ClusterIP - clusterIP: None - ports: - - name: redis - port: 6379 - targetPort: redis - selector: - app: redis - release: nextcloud-nextcloud ---- -# Source: nextcloud/charts/redis/templates/redis-master-svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: nextcloud-nextcloud-redis-master - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - release: nextcloud-nextcloud - heritage: Helm -spec: - type: ClusterIP - ports: - - name: redis - port: 6379 - targetPort: redis - selector: - app: redis - release: nextcloud-nextcloud - role: master ---- -# Source: nextcloud/charts/redis/templates/redis-slave-svc.yaml -apiVersion: v1 -kind: Service -metadata: - name: nextcloud-nextcloud-redis-slave - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - release: nextcloud-nextcloud - heritage: Helm -spec: - type: ClusterIP - ports: - - name: redis - port: 6379 - targetPort: redis - selector: - app: redis - release: nextcloud-nextcloud - role: slave ---- + + # Source: nextcloud/templates/service.yaml apiVersion: v1 kind: Service @@ -485,11 +254,25 @@ spec: - name: NEXTCLOUD_DATA_DIR value: "/var/www/html/data" - name: REDIS_HOST - value: nextcloud-nextcloud-redis-master - - name: REDIS_HOST_PORT - value: "6379" + valueFrom: + secretKeyRef: + name: nextcloud-nextcloud-redis + key: redis-host + - name: REDIS_PORT + valueFrom: + secretKeyRef: + name: nextcloud-nextcloud-redis + key: redis-port - name: REDIS_HOST_PASSWORD - value: changeme + valueFrom: + secretKeyRef: + name: nextcloud-nextcloud-redis + key: redis-password + - name: REDIS_DB_INDEX + valueFrom: + secretKeyRef: + name: nextcloud-nextcloud-redis + key: redis-db-index ports: - name: http containerPort: 80 @@ -584,272 +367,6 @@ spec: securityContext: fsGroup: 33 --- -# Source: nextcloud/charts/redis/templates/redis-master-statefulset.yaml -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: nextcloud-nextcloud-redis-master - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - release: nextcloud-nextcloud - heritage: Helm -spec: - selector: - matchLabels: - app: redis - release: nextcloud-nextcloud - role: master - serviceName: nextcloud-nextcloud-redis-headless - template: - metadata: - labels: - app: redis - chart: redis-11.0.5 - release: nextcloud-nextcloud - role: master - annotations: - checksum/health: c0aae3fbf6b70535e576f3897c60cf19bbfa814f584e599380329bda59b56da1 - checksum/configmap: f8ab8ce93e6b4e78f477182c06db788d39b372cbb49261bf85c85cdfea869df5 - checksum/secret: 79779a23e0c21d77248d142206b297f89fa5241bb156f83be3705dbb0de0d6e8 - spec: - - securityContext: - fsGroup: 1001 - serviceAccountName: default - containers: - - name: redis - image: docker.io/bitnami/redis:6.0.8-debian-10-r0 - imagePullPolicy: "IfNotPresent" - securityContext: - runAsUser: 1001 - command: - - /bin/bash - - -c - - /opt/bitnami/scripts/start-scripts/start-master.sh - env: - - name: REDIS_REPLICATION_MODE - value: master - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: nextcloud-nextcloud-redis - key: redis-password - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - ports: - - name: redis - containerPort: 6379 - livenessProbe: - initialDelaySeconds: 5 - periodSeconds: 5 - # One second longer than command timeout should prevent generation of zombie processes. - timeoutSeconds: 6 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh 5 - readinessProbe: - initialDelaySeconds: 5 - periodSeconds: 5 - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 1 - resources: - null - volumeMounts: - - name: start-scripts - mountPath: /opt/bitnami/scripts/start-scripts - - name: health - mountPath: /health - - name: redis-data - mountPath: /data - subPath: - - name: config - mountPath: /opt/bitnami/redis/mounted-etc - - name: redis-tmp-conf - mountPath: /opt/bitnami/redis/etc/ - volumes: - - name: start-scripts - configMap: - name: nextcloud-nextcloud-redis-scripts - defaultMode: 0755 - - name: health - configMap: - name: nextcloud-nextcloud-redis-health - defaultMode: 0755 - - name: config - configMap: - name: nextcloud-nextcloud-redis - - name: redis-tmp-conf - emptyDir: {} - volumeClaimTemplates: - - metadata: - name: redis-data - labels: - app: redis - release: nextcloud-nextcloud - heritage: Helm - component: master - spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "8Gi" - - selector: - updateStrategy: - type: RollingUpdate ---- -# Source: nextcloud/charts/redis/templates/redis-slave-statefulset.yaml -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: nextcloud-nextcloud-redis-slave - namespace: nextcloud - labels: - app: redis - chart: redis-11.0.5 - release: nextcloud-nextcloud - heritage: Helm -spec: - replicas: 2 - serviceName: nextcloud-nextcloud-redis-headless - selector: - matchLabels: - app: redis - release: nextcloud-nextcloud - role: slave - template: - metadata: - labels: - app: redis - release: nextcloud-nextcloud - chart: redis-11.0.5 - role: slave - annotations: - checksum/health: c0aae3fbf6b70535e576f3897c60cf19bbfa814f584e599380329bda59b56da1 - checksum/configmap: f8ab8ce93e6b4e78f477182c06db788d39b372cbb49261bf85c85cdfea869df5 - checksum/secret: 79779a23e0c21d77248d142206b297f89fa5241bb156f83be3705dbb0de0d6e8 - spec: - - securityContext: - fsGroup: 1001 - serviceAccountName: default - containers: - - name: redis - image: docker.io/bitnami/redis:6.0.8-debian-10-r0 - imagePullPolicy: "IfNotPresent" - securityContext: - runAsUser: 1001 - command: - - /bin/bash - - -c - - /opt/bitnami/scripts/start-scripts/start-slave.sh - env: - - name: REDIS_REPLICATION_MODE - value: slave - - name: REDIS_MASTER_HOST - value: nextcloud-nextcloud-redis-master-0.nextcloud-nextcloud-redis-headless.nextcloud.svc.cluster.local - - name: REDIS_MASTER_PORT_NUMBER - value: "6379" - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: nextcloud-nextcloud-redis - key: redis-password - - name: REDIS_MASTER_PASSWORD - valueFrom: - secretKeyRef: - name: nextcloud-nextcloud-redis - key: redis-password - - name: REDIS_TLS_ENABLED - value: "no" - - name: REDIS_PORT - value: "6379" - ports: - - name: redis - containerPort: 6379 - livenessProbe: - initialDelaySeconds: 30 - periodSeconds: 10 - timeoutSeconds: 6 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_liveness_local_and_master.sh 5 - readinessProbe: - initialDelaySeconds: 5 - periodSeconds: 10 - timeoutSeconds: 11 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_readiness_local_and_master.sh 10 - resources: - null - volumeMounts: - - name: start-scripts - mountPath: /opt/bitnami/scripts/start-scripts - - name: health - mountPath: /health - - name: redis-data - mountPath: /data - - name: config - mountPath: /opt/bitnami/redis/mounted-etc - - name: redis-tmp-conf - mountPath: /opt/bitnami/redis/etc - volumes: - - name: start-scripts - configMap: - name: nextcloud-nextcloud-redis-scripts - defaultMode: 0755 - - name: health - configMap: - name: nextcloud-nextcloud-redis-health - defaultMode: 0755 - - name: config - configMap: - name: nextcloud-nextcloud-redis - - name: redis-tmp-conf - emptyDir: {} - volumeClaimTemplates: - - metadata: - name: redis-data - labels: - app: redis - release: nextcloud-nextcloud - heritage: Helm - component: slave - spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "8Gi" - - selector: - updateStrategy: - type: RollingUpdate ---- # Source: nextcloud/templates/cronjob.yaml apiVersion: batch/v1beta1 kind: CronJob