From f9b5eec5791b1dd3fd920318d2d67c8b9e121699 Mon Sep 17 00:00:00 2001 From: Felix Prasse <1330854+flx5@users.noreply.github.com> Date: Fri, 24 Oct 2025 17:53:27 +0200 Subject: [PATCH] feat(cron): Allow additional cron jobs to be specified Users should be able to specify additional cron jobs (for updating previews or running occ db:add-missing-indices automated) Signed-off-by: Felix Prasse <1330854+flx5@users.noreply.github.com> --- charts/nextcloud/Chart.yaml | 2 +- charts/nextcloud/README.md | 277 +++++++++--------- charts/nextcloud/templates/cronjob.yaml | 36 +-- .../nextcloud/test-values/cron-cronjob.yaml | 55 ++++ charts/nextcloud/values.yaml | 2 +- 5 files changed, 215 insertions(+), 157 deletions(-) diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index f80db547..4ffa997b 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 8.5.0 +version: 8.5.1 # renovate: image=docker.io/library/nextcloud appVersion: 32.0.0 description: A file sharing server that puts the control and security of your own data back into your hands. diff --git a/charts/nextcloud/README.md b/charts/nextcloud/README.md index b72b01af..2937d38d 100644 --- a/charts/nextcloud/README.md +++ b/charts/nextcloud/README.md @@ -107,145 +107,146 @@ You should read it bevore updating. The following table lists the configurable parameters of the nextcloud chart and their default values. -| Parameter | Description | Default | -| ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------- | ------------------------------------------------------------ | -| `image.repository` | nextcloud Image name | `nextcloud` | -| `image.flavor` | nextcloud Image type (Options: apache, fpm) | `apache` | -| `image.tag` | nextcloud Image tag | `appVersion` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify image pull secrets | `nil` | -| `replicaCount` | Number of nextcloud pods to deploy | `1` | -| `ingress.className` | Name of the ingress class to use | `nil` | -| `ingress.enabled` | Enable use of ingress controllers | `false` | -| `ingress.servicePort` | Ingress' backend servicePort | `http` | -| `ingress.annotations` | An array of service annotations | `nil` | -| `ingress.labels` | An array of service labels | `nil` | -| `ingress.path` | The `Path` to use in Ingress' `paths` | `/` | -| `ingress.pathType` | The `PathType` to use in Ingress' `paths` | `Prefix` | -| `ingress.tls` | Ingress TLS configuration | `[]` | -| `nextcloud.host` | nextcloud host to create application URLs, updates trusted_domains at installation time only | `nextcloud.kube.home` | -| `nextcloud.username` | User of the application | `admin` | -| `nextcloud.password` | Application password | `changeme` | -| `nextcloud.existingSecret.enabled` | Whether to use an existing secret or not | `false` | -| `nextcloud.existingSecret.secretName` | Name of the existing secret | `nil` | -| `nextcloud.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | -| `nextcloud.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | -| `nextcloud.existingSecret.smtpUsernameKey` | Name of the key that contains the SMTP username | `nil` | -| `nextcloud.existingSecret.smtpPasswordKey` | Name of the key that contains the SMTP password | `nil` | -| `nextcloud.existingSecret.smtpHostKey` | Name of the key that contains the SMTP hostname | `nil` | -| `nextcloud.existingSecret.tokenKey` | Name of the key that contains the nextcloud metrics token | `''` | -| `nextcloud.update` | Trigger update if custom command is used | `0` | -| `nextcloud.containerPort` | Customize container port when not running as root | `80` | -| `nextcloud.trustedDomains` | Optional space-separated list of trusted domains | `[]` | -| `nextcloud.datadir` | nextcloud data dir location | `/var/www/html/data` | -| `nextcloud.mail.enabled` | Whether to enable/disable email settings | `false` | -| `nextcloud.mail.fromAddress` | nextcloud mail send from field | `nil` | -| `nextcloud.mail.domain` | nextcloud mail domain | `nil` | -| `nextcloud.mail.smtp.host` | SMTP hostname | `nil` | -| `nextcloud.mail.smtp.secure` | SMTP connection `ssl` or empty | `''` | -| `nextcloud.mail.smtp.port` | Optional SMTP port | `nil` | -| `nextcloud.mail.smtp.authtype` | SMTP authentication method | `LOGIN` | -| `nextcloud.mail.smtp.name` | SMTP username, ONLY the part before the domain name. i.e. 'postmaster' NOT 'postmaster@example.com' | `''` | -| `nextcloud.mail.smtp.password` | SMTP password | `''` | -| `nextcloud.configs` | Config files created in `/var/www/html/config` | `{}` | -| `nextcloud.persistence.subPath` | Set the subPath for nextcloud to use in volume | `nil` | -| `nextcloud.phpConfigs` | PHP Config files created in `/usr/local/etc/php/conf.d` | `{}` | -| `nextcloud.defaultConfigs.\.htaccess` | Default .htaccess to protect `/var/www/html/config` | `true` | -| `nextcloud.defaultConfigs.apache-pretty-urls\.config\.php` | Default Apache configuration for rewrite urls | `true` | -| `nextcloud.defaultConfigs.apcu\.config\.php` | Default configuration to define APCu as local cache | `true` | -| `nextcloud.defaultConfigs.apps\.config\.php` | Default configuration for apps | `true` | -| `nextcloud.defaultConfigs.autoconfig\.php` | Default auto-configuration for databases | `true` | -| `nextcloud.defaultConfigs.redis\.config\.php` | Default Redis configuration | `true` | -| `nextcloud.defaultConfigs.reverse-proxy\.config\.php` | Default Reverse proxy configuration | `true` | -| `nextcloud.defaultConfigs.s3\.config\.php` | Default configuration for S3 as primary Object Storage | `true` | -| `nextcloud.defaultConfigs.smtp\.config\.php` | Default configuration for smtp | `true` | -| `nextcloud.defaultConfigs.swift\.config\.php` | Default configuration for Swift as primary Object Storage | `true` | -| `nextcloud.defaultConfigs.upgrade-disable-web\.config\.php` | Default config to disable the web-based updater as the default docker image does not suppor it | `true` | -| `nextcloud.strategy` | specifies the strategy used to replace old Pods by new ones | `type: Recreate` | -| `nextcloud.extraEnv` | specify additional environment variables | `{}` | -| `nextcloud.extraSidecarContainers` | specify additional sidecar containers | `[]` | -| `nextcloud.extraInitContainers` | specify additional init containers | `[]` | -| `nextcloud.extraVolumes` | specify additional volumes for the NextCloud pod | `{}` | -| `nextcloud.extraVolumeMounts` | specify additional volume mounts for the NextCloud pod | `{}` | -| `nextcloud.mariaDbInitContainer.resources` | set the `resources` field of the MariaDB init container in the Nextcloud Pod. | `{}` | -| `nextcloud.mariaDbInitContainer.securityContext` | set the `securityContext` field of the MariaDB init container in the Nextcloud Pod. | `{}` | -| `nextcloud.postgreSqlInitContainer.resources` | set the `resources` field of the PostgreSQL init container in the Nextcloud Pod. | `{}` | -| `nextcloud.postgreSqlInitContainer.securityContext` | set the `securityContext` field of the PostgreSQL init container in the Nextcloud Pod. | `{}` | -| `nextcloud.securityContext` | Optional security context for the NextCloud container | `nil` | -| `nextcloud.podSecurityContext` | Optional security context for the NextCloud pod (applies to all containers in the pod) | `nil` | -| `nextcloud.postgreSqlInitContainer.securityContext` | Set postgresql initContainer securityContext parameters. | `{}` | -| `nginx.enabled` | Enable nginx (requires you use php-fpm image) | `false` | -| `nginx.image.repository` | nginx Image name, e.g. use `nginxinc/nginx-unprivileged` for rootless container | `nginx` | -| `nginx.image.tag` | nginx Image tag | `alpine` | -| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | -| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | -| `nginx.containerPort` | Customize container port e.g. when not running as root | `IfNotPresent` | -| `nginx.ipFamilies` | Customize container to listen on IPv4, IPv6 or both | `["IPv4"]` | -| `nginx.config.default` | Whether to use nextcloud's recommended nginx config | `true` | -| `nginx.config.custom` | Specify a custom config for nginx | `{}` | -| `nginx.resources` | nginx resources | `{}` | -| `nginx.securityContext` | Optional security context for the nginx container | `nil` | -| `nginx.extraEnv` | Optional environment variables for the nginx container | `nil` | -| `lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand | `nil` | -| `lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand | `nil` | -| `redis.enabled` | Whether to install/use redis for locking | `false` | -| `redis.auth.enabled` | Whether to enable password authentication with redis | `true` | -| `redis.auth.password` | The password redis uses | `''` | -| `redis.auth.existingSecret` | The name of an existing secret with RedisĀ® credentials | `''` | -| `redis.auth.existingSecretPasswordKey` | Password key to be retrieved from existing secret | `''` | -| `redis.global.storageClass` | PVC Storage Class for both Redis® master and replica Persistent Volumes | `''` | -| `redis.master.persistence.enabled` | Enable persistence on Redis® master nodes using Persistent Volume Claims | `true` | -| `redis.replica.persistence.enabled` | Enable persistence on Redis® replica nodes using Persistent Volume Claims | `true` | -| `externalRedis.enabled` | Whether to use external Redis | `false` | -| `externalRedis.host` | Redis host | `""` | -| `externalRedis.port` | Redis port | `"6379"` | -| `externalRedis.password` | Redis password | `""` | -| `externalRedis.existingSecret.enabled` | Whether to use a existing secret or not | `false` | -| `externalDatabase.existingSecret.secretName` | Name of the existing secret | `nil` | -| `externalDatabase.existingSecret.passwordKey` | Name of the key that contains the Redis password | `redis-password` | -| `cronjob.enabled` | Whether to enable/disable cron jobs | `false` | -| `cronjob.type` | Choose which cron implementation to use. Either `sidecar` or `cronjob`. | `sidecar` | -| `cronjob.sidecar.command` | The command the cronjob sidecar container executes | `/cron.sh` | -| `cronjob.sidecar.lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand for the cron jobs sidecar | `nil` | -| `cronjob.sidecar.lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand for the cron jobs sidecar | `nil` | -| `cronjob.sidecar.resources` | CPU/Memory resource requests/limits for the cron jobs sidecar | `{}` | -| `cronjob.sidecar.securityContext` | Optional security context for cron jobs sidecar | `nil` | -| `cronjob.cronjob.schedule` | Cron job schedule | `*/5 * * * *` | -| `cronjob.cronjob.successfulJobsHistoryLimit` | Number of successful jobs to keep in history | `3` | -| `cronjob.cronjob.failedJobsHistoryLimit` | Number of failed jobs to keep in history | `5` | -| `cronjob.cronjob.labels` | An array of service labels | `nil` | -| `cronjob.cronjob.podLabels` | An array of service labels | `nil` | -| `cronjob.cronjob.annotations` | An array of service annotations | `nil` | -| `cronjob.cronjob.backoffLimit` | The number of retries before marking a job as failed | `1` | -| `cronjob.cronjob.affinity` | The affinity settings for the cron job | `{}` | -| `cronjob.cronjob.resources` | The resource requests/limits for the cron job | `{}` | -| `cronjob.cronjob.securityContext` | Optional security context for cronjobs | `nil` | +| Parameter | Description | Default | +|-------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|------------------------------------------------------------| +| `image.repository` | nextcloud Image name | `nextcloud` | +| `image.flavor` | nextcloud Image type (Options: apache, fpm) | `apache` | +| `image.tag` | nextcloud Image tag | `appVersion` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify image pull secrets | `nil` | +| `replicaCount` | Number of nextcloud pods to deploy | `1` | +| `ingress.className` | Name of the ingress class to use | `nil` | +| `ingress.enabled` | Enable use of ingress controllers | `false` | +| `ingress.servicePort` | Ingress' backend servicePort | `http` | +| `ingress.annotations` | An array of service annotations | `nil` | +| `ingress.labels` | An array of service labels | `nil` | +| `ingress.path` | The `Path` to use in Ingress' `paths` | `/` | +| `ingress.pathType` | The `PathType` to use in Ingress' `paths` | `Prefix` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `nextcloud.host` | nextcloud host to create application URLs, updates trusted_domains at installation time only | `nextcloud.kube.home` | +| `nextcloud.username` | User of the application | `admin` | +| `nextcloud.password` | Application password | `changeme` | +| `nextcloud.existingSecret.enabled` | Whether to use an existing secret or not | `false` | +| `nextcloud.existingSecret.secretName` | Name of the existing secret | `nil` | +| `nextcloud.existingSecret.usernameKey` | Name of the key that contains the username | `nil` | +| `nextcloud.existingSecret.passwordKey` | Name of the key that contains the password | `nil` | +| `nextcloud.existingSecret.smtpUsernameKey` | Name of the key that contains the SMTP username | `nil` | +| `nextcloud.existingSecret.smtpPasswordKey` | Name of the key that contains the SMTP password | `nil` | +| `nextcloud.existingSecret.smtpHostKey` | Name of the key that contains the SMTP hostname | `nil` | +| `nextcloud.existingSecret.tokenKey` | Name of the key that contains the nextcloud metrics token | `''` | +| `nextcloud.update` | Trigger update if custom command is used | `0` | +| `nextcloud.containerPort` | Customize container port when not running as root | `80` | +| `nextcloud.trustedDomains` | Optional space-separated list of trusted domains | `[]` | +| `nextcloud.datadir` | nextcloud data dir location | `/var/www/html/data` | +| `nextcloud.mail.enabled` | Whether to enable/disable email settings | `false` | +| `nextcloud.mail.fromAddress` | nextcloud mail send from field | `nil` | +| `nextcloud.mail.domain` | nextcloud mail domain | `nil` | +| `nextcloud.mail.smtp.host` | SMTP hostname | `nil` | +| `nextcloud.mail.smtp.secure` | SMTP connection `ssl` or empty | `''` | +| `nextcloud.mail.smtp.port` | Optional SMTP port | `nil` | +| `nextcloud.mail.smtp.authtype` | SMTP authentication method | `LOGIN` | +| `nextcloud.mail.smtp.name` | SMTP username, ONLY the part before the domain name. i.e. 'postmaster' NOT 'postmaster@example.com' | `''` | +| `nextcloud.mail.smtp.password` | SMTP password | `''` | +| `nextcloud.configs` | Config files created in `/var/www/html/config` | `{}` | +| `nextcloud.persistence.subPath` | Set the subPath for nextcloud to use in volume | `nil` | +| `nextcloud.phpConfigs` | PHP Config files created in `/usr/local/etc/php/conf.d` | `{}` | +| `nextcloud.defaultConfigs.\.htaccess` | Default .htaccess to protect `/var/www/html/config` | `true` | +| `nextcloud.defaultConfigs.apache-pretty-urls\.config\.php` | Default Apache configuration for rewrite urls | `true` | +| `nextcloud.defaultConfigs.apcu\.config\.php` | Default configuration to define APCu as local cache | `true` | +| `nextcloud.defaultConfigs.apps\.config\.php` | Default configuration for apps | `true` | +| `nextcloud.defaultConfigs.autoconfig\.php` | Default auto-configuration for databases | `true` | +| `nextcloud.defaultConfigs.redis\.config\.php` | Default Redis configuration | `true` | +| `nextcloud.defaultConfigs.reverse-proxy\.config\.php` | Default Reverse proxy configuration | `true` | +| `nextcloud.defaultConfigs.s3\.config\.php` | Default configuration for S3 as primary Object Storage | `true` | +| `nextcloud.defaultConfigs.smtp\.config\.php` | Default configuration for smtp | `true` | +| `nextcloud.defaultConfigs.swift\.config\.php` | Default configuration for Swift as primary Object Storage | `true` | +| `nextcloud.defaultConfigs.upgrade-disable-web\.config\.php` | Default config to disable the web-based updater as the default docker image does not suppor it | `true` | +| `nextcloud.strategy` | specifies the strategy used to replace old Pods by new ones | `type: Recreate` | +| `nextcloud.extraEnv` | specify additional environment variables | `{}` | +| `nextcloud.extraSidecarContainers` | specify additional sidecar containers | `[]` | +| `nextcloud.extraInitContainers` | specify additional init containers | `[]` | +| `nextcloud.extraVolumes` | specify additional volumes for the NextCloud pod | `{}` | +| `nextcloud.extraVolumeMounts` | specify additional volume mounts for the NextCloud pod | `{}` | +| `nextcloud.mariaDbInitContainer.resources` | set the `resources` field of the MariaDB init container in the Nextcloud Pod. | `{}` | +| `nextcloud.mariaDbInitContainer.securityContext` | set the `securityContext` field of the MariaDB init container in the Nextcloud Pod. | `{}` | +| `nextcloud.postgreSqlInitContainer.resources` | set the `resources` field of the PostgreSQL init container in the Nextcloud Pod. | `{}` | +| `nextcloud.postgreSqlInitContainer.securityContext` | set the `securityContext` field of the PostgreSQL init container in the Nextcloud Pod. | `{}` | +| `nextcloud.securityContext` | Optional security context for the NextCloud container | `nil` | +| `nextcloud.podSecurityContext` | Optional security context for the NextCloud pod (applies to all containers in the pod) | `nil` | +| `nextcloud.postgreSqlInitContainer.securityContext` | Set postgresql initContainer securityContext parameters. | `{}` | +| `nginx.enabled` | Enable nginx (requires you use php-fpm image) | `false` | +| `nginx.image.repository` | nginx Image name, e.g. use `nginxinc/nginx-unprivileged` for rootless container | `nginx` | +| `nginx.image.tag` | nginx Image tag | `alpine` | +| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | +| `nginx.image.pullPolicy` | nginx Image pull policy | `IfNotPresent` | +| `nginx.containerPort` | Customize container port e.g. when not running as root | `IfNotPresent` | +| `nginx.ipFamilies` | Customize container to listen on IPv4, IPv6 or both | `["IPv4"]` | +| `nginx.config.default` | Whether to use nextcloud's recommended nginx config | `true` | +| `nginx.config.custom` | Specify a custom config for nginx | `{}` | +| `nginx.resources` | nginx resources | `{}` | +| `nginx.securityContext` | Optional security context for the nginx container | `nil` | +| `nginx.extraEnv` | Optional environment variables for the nginx container | `nil` | +| `lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand | `nil` | +| `lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand | `nil` | +| `redis.enabled` | Whether to install/use redis for locking | `false` | +| `redis.auth.enabled` | Whether to enable password authentication with redis | `true` | +| `redis.auth.password` | The password redis uses | `''` | +| `redis.auth.existingSecret` | The name of an existing secret with RedisĀ® credentials | `''` | +| `redis.auth.existingSecretPasswordKey` | Password key to be retrieved from existing secret | `''` | +| `redis.global.storageClass` | PVC Storage Class for both Redis® master and replica Persistent Volumes | `''` | +| `redis.master.persistence.enabled` | Enable persistence on Redis® master nodes using Persistent Volume Claims | `true` | +| `redis.replica.persistence.enabled` | Enable persistence on Redis® replica nodes using Persistent Volume Claims | `true` | +| `externalRedis.enabled` | Whether to use external Redis | `false` | +| `externalRedis.host` | Redis host | `""` | +| `externalRedis.port` | Redis port | `"6379"` | +| `externalRedis.password` | Redis password | `""` | +| `externalRedis.existingSecret.enabled` | Whether to use a existing secret or not | `false` | +| `externalDatabase.existingSecret.secretName` | Name of the existing secret | `nil` | +| `externalDatabase.existingSecret.passwordKey` | Name of the key that contains the Redis password | `redis-password` | +| `cronjob.enabled` | Whether to enable/disable cron jobs | `false` | +| `cronjob.type` | Choose which cron implementation to use. Either `sidecar` or `cronjob`. | `sidecar` | +| `cronjob.sidecar.command` | The command the cronjob sidecar container executes | `/cron.sh` | +| `cronjob.sidecar.lifecycle.postStartCommand` | Specify deployment lifecycle hook postStartCommand for the cron jobs sidecar | `nil` | +| `cronjob.sidecar.lifecycle.preStopCommand` | Specify deployment lifecycle hook preStopCommand for the cron jobs sidecar | `nil` | +| `cronjob.sidecar.resources` | CPU/Memory resource requests/limits for the cron jobs sidecar | `{}` | +| `cronjob.sidecar.securityContext` | Optional security context for cron jobs sidecar | `nil` | +| `cronjob.cronjob.schedule` | Cron job schedule | `*/5 * * * *` | +| `cronjob.cronjob.successfulJobsHistoryLimit` | Number of successful jobs to keep in history | `3` | +| `cronjob.cronjob.failedJobsHistoryLimit` | Number of failed jobs to keep in history | `5` | +| `cronjob.cronjob.labels` | An array of service labels | `nil` | +| `cronjob.cronjob.podLabels` | An array of service labels | `nil` | +| `cronjob.cronjob.annotations` | An array of service annotations | `nil` | +| `cronjob.cronjob.backoffLimit` | The number of retries before marking a job as failed | `1` | +| `cronjob.cronjob.affinity` | The affinity settings for the cron job | `{}` | +| `cronjob.cronjob.resources` | The resource requests/limits for the cron job | `{}` | +| `cronjob.cronjob.securityContext` | Optional security context for cronjobs | `nil` | | `cronjob.cronjob.command` | The command the cronjob executes | `["php", "-f", "/var/www/html/cron.php", "--", "--verbose"]` | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.loadBalancerIP` | LoadBalancerIp for service type LoadBalancer | `""` | -| `service.annotations` | Annotations for service type | `{}` | -| `service.nodePort` | NodePort for service type NodePort | `nil` | -| `service.ipFamilies` | Set ipFamilies as in k8s service objects | `nil` | -| `service.ipFamyPolicy` | define IP protocol bindings as in k8s service objects | `nil` | -| `service.sessionAffinity` | Kubernetes service Session Affinity | `nil` | -| `service.sessionAffinityConfig` | Kubernetes service Session Affinity configuration | `{}` | -| `phpClientHttpsFix.enabled` | Sets OVERWRITEPROTOCOL for https ingress redirect | `false` | -| `phpClientHttpsFix.protocol` | Sets OVERWRITEPROTOCOL for https ingress redirect | `https` | -| `resources` | CPU/Memory resource requests/limits | `{}` | -| `rbac.enabled` | Enable Role and rolebinding for priveledged PSP | `false` | -| `rbac.serviceaccount.create` | Wether to create a serviceaccount or use an existing one (requires rbac) | `true` | -| `rbac.serviceaccount.name` | The name of the sevice account that the deployment will use (requires rbac) | `nextcloud-serviceaccount` | -| `rbac.serviceaccount.annotations` | Serviceaccount annotations | `{}` | -| `hpa.enabled` | Boolean to create a HorizontalPodAutoscaler. If set to `true`, ignores `replicaCount`. | `false` | -| `hpa.cputhreshold` | CPU threshold percent for the HorizontalPodAutoscale | `60` | -| `hpa.minPods` | Min. pods for the Nextcloud HorizontalPodAutoscaler | `1` | -| `hpa.maxPods` | Max. pods for the Nextcloud HorizontalPodAutoscaler | `10` | -| `deploymentLabels` | Labels to be added at 'deployment' level | not set | -| `deploymentAnnotations` | Annotations to be added at 'deployment' level | not set | -| `podLabels` | Labels to be added at 'pod' level | not set | -| `podAnnotations` | Annotations to be added at 'pod' level | not set | -| `dnsConfig` | Custom dnsConfig for nextcloud containers | `{}` | -| `topologySpreadConstraints` | TopologySpreadConstraints for nextcloud pod and cronjob pod | `{}` | +| `cronjob.additionalCronJobs` | Array of further cronjob definiti. Elements are the same as cronjob.cronjob | `[]` | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.loadBalancerIP` | LoadBalancerIp for service type LoadBalancer | `""` | +| `service.annotations` | Annotations for service type | `{}` | +| `service.nodePort` | NodePort for service type NodePort | `nil` | +| `service.ipFamilies` | Set ipFamilies as in k8s service objects | `nil` | +| `service.ipFamyPolicy` | define IP protocol bindings as in k8s service objects | `nil` | +| `service.sessionAffinity` | Kubernetes service Session Affinity | `nil` | +| `service.sessionAffinityConfig` | Kubernetes service Session Affinity configuration | `{}` | +| `phpClientHttpsFix.enabled` | Sets OVERWRITEPROTOCOL for https ingress redirect | `false` | +| `phpClientHttpsFix.protocol` | Sets OVERWRITEPROTOCOL for https ingress redirect | `https` | +| `resources` | CPU/Memory resource requests/limits | `{}` | +| `rbac.enabled` | Enable Role and rolebinding for priveledged PSP | `false` | +| `rbac.serviceaccount.create` | Wether to create a serviceaccount or use an existing one (requires rbac) | `true` | +| `rbac.serviceaccount.name` | The name of the sevice account that the deployment will use (requires rbac) | `nextcloud-serviceaccount` | +| `rbac.serviceaccount.annotations` | Serviceaccount annotations | `{}` | +| `hpa.enabled` | Boolean to create a HorizontalPodAutoscaler. If set to `true`, ignores `replicaCount`. | `false` | +| `hpa.cputhreshold` | CPU threshold percent for the HorizontalPodAutoscale | `60` | +| `hpa.minPods` | Min. pods for the Nextcloud HorizontalPodAutoscaler | `1` | +| `hpa.maxPods` | Max. pods for the Nextcloud HorizontalPodAutoscaler | `10` | +| `deploymentLabels` | Labels to be added at 'deployment' level | not set | +| `deploymentAnnotations` | Annotations to be added at 'deployment' level | not set | +| `podLabels` | Labels to be added at 'pod' level | not set | +| `podAnnotations` | Annotations to be added at 'pod' level | not set | +| `dnsConfig` | Custom dnsConfig for nextcloud containers | `{}` | +| `topologySpreadConstraints` | TopologySpreadConstraints for nextcloud pod and cronjob pod | `{}` | ### Ingress #### Ingress Sticky-Sessions diff --git a/charts/nextcloud/templates/cronjob.yaml b/charts/nextcloud/templates/cronjob.yaml index 9393475a..a75289ad 100644 --- a/charts/nextcloud/templates/cronjob.yaml +++ b/charts/nextcloud/templates/cronjob.yaml @@ -1,10 +1,11 @@ --- {{- if and .Values.cronjob.enabled (eq .Values.cronjob.type "cronjob") }} -{{- with .Values.cronjob.cronjob }}{{/* begin with cronjob */}} +{{ range $index, $cronjob := append .Values.cronjob.additionalCronJobs .Values.cronjob.cronjob }} +{{ with $cronjob }} apiVersion: batch/v1 kind: CronJob metadata: - name: {{ template "nextcloud.fullname" $ }}-cron + name: {{ template "nextcloud.fullname" $ }}-cron-{{ $index }} labels: {{- include "nextcloud.labels" ( dict "component" "cron" "rootContext" $ ) | nindent 4 }} {{- with .labels }} @@ -77,49 +78,49 @@ spec: {{- end }}{{/* end with cronjob */}} volumes: - name: nextcloud-main - {{- if .Values.persistence.enabled }} + {{- if $.Values.persistence.enabled }} persistentVolumeClaim: - claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud{{- end }} + claimName: {{ if $.Values.persistence.existingClaim }}{{ $.Values.persistence.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud{{- end }} {{- else }} emptyDir: {} {{- end }} - {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} + {{- if and $.Values.persistence.nextcloudData.enabled $.Values.persistence.enabled }} - name: nextcloud-data persistentVolumeClaim: - claimName: {{ if .Values.persistence.nextcloudData.existingClaim }}{{ .Values.persistence.nextcloudData.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud-data{{- end }} + claimName: {{ if $.Values.persistence.nextcloudData.existingClaim }}{{ $.Values.persistence.nextcloudData.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud-data{{- end }} {{- end }} - {{- if .Values.nextcloud.configs }} + {{- if $.Values.nextcloud.configs }} - name: nextcloud-config configMap: name: {{ template "nextcloud.fullname" . }}-config {{- end }} - {{- if .Values.nextcloud.phpConfigs }} + {{- if $.Values.nextcloud.phpConfigs }} - name: nextcloud-phpconfig configMap: name: {{ template "nextcloud.fullname" . }}-phpconfig {{- end }} - {{- if .Values.nginx.enabled }} + {{- if $.Values.nginx.enabled }} - name: nextcloud-nginx-config configMap: name: {{ template "nextcloud.fullname" . }}-nginxconfig {{- end }} - {{- if not (values .Values.nextcloud.hooks | compact | empty) }} + {{- if not (values $.Values.nextcloud.hooks | compact | empty) }} - name: nextcloud-hooks configMap: name: {{ template "nextcloud.fullname" . }}-hooks defaultMode: 0o755 {{- end }} - {{- with .Values.nextcloud.extraVolumes }} + {{- with $.Values.nextcloud.extraVolumes }} {{- toYaml . | nindent 12 }} {{- end }} securityContext: - {{- with .Values.securityContext }} + {{- with $.Values.securityContext }} {{- toYaml . | nindent 12 }} {{- end }} - {{- with .Values.nextcloud.podSecurityContext }} + {{- with $.Values.nextcloud.podSecurityContext }} {{- toYaml . | nindent 12 }} {{- else }} - {{- if .Values.nginx.enabled }} + {{- if $.Values.nginx.enabled }} # Will mount configuration files as www-data (id: 82) for nextcloud fsGroup: 82 {{- else }} @@ -127,11 +128,12 @@ spec: fsGroup: 33 {{- end }} {{- end }}{{/* end-with podSecurityContext */}} - {{- if .Values.rbac.enabled }} - serviceAccountName: {{ .Values.rbac.serviceaccount.name }} + {{- if $.Values.rbac.enabled }} + serviceAccountName: {{ $.Values.rbac.serviceaccount.name }} {{- end }} - {{- with .Values.dnsConfig }} + {{- with $.Values.dnsConfig }} dnsConfig: {{- toYaml . | nindent 12 }} {{- end }} {{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/nextcloud/test-values/cron-cronjob.yaml b/charts/nextcloud/test-values/cron-cronjob.yaml index 191eacd2..d8fb1813 100644 --- a/charts/nextcloud/test-values/cron-cronjob.yaml +++ b/charts/nextcloud/test-values/cron-cronjob.yaml @@ -1,3 +1,58 @@ cronjob: enabled: true type: cronjob + + additionalCronJobs: + - # Use a CronJob instead of crond sidecar container + # crond does not work when not running as root user + # Note: requires `persistence.enabled=true` + schedule: "*/5 * * * *" + successfulJobsHistoryLimit: 3 + failedJobsHistoryLimit: 5 + # -- Additional labels for cronjob + labels: { } + # -- Additional labels for cronjob pod + podLabels: { } + annotations: { } + backoffLimit: 1 + affinity: { } + # Often RWO volumes are used. But the cronjob pod needs access to the same volume as the nextcloud pod. + # Depending on your provider two pods on the same node can still access the same volume. + # Following config ensures that the cronjob pod is scheduled on the same node as the nextcloud pod. + # affinity: + # podAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app.kubernetes.io/name + # operator: In + # values: + # - nextcloud + # - key: app.kubernetes.io/component + # operator: In + # values: + # - app + # topologyKey: kubernetes.io/hostname + + ## Resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: { } + # Allow configuration of lifecycle hooks + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/ + # Set securityContext parameters. For example, you may need to define runAsNonRoot directive + securityContext: { } + # runAsUser: 33 + # runAsGroup: 33 + # runAsNonRoot: true + # readOnlyRootFilesystem: true + + # The command to run in the cronjob container + # Example to incerase memory limit: php -d memory_limit=2G ... + command: + - php + - -f + - /var/www/html/occ.php + - -- + - preview:pre-generate + - -vvv \ No newline at end of file diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index c6d80df2..c2665b84 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -683,7 +683,7 @@ cronjob: - /var/www/html/cron.php - -- - --verbose - + additionalCronJobs: [] service: type: ClusterIP port: 8080