values.yaml 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746
  1. # helm repo add nextcloud https://nextcloud.github.io/helm/
  2. # helm upgrade --install nextcloud nextcloud/nextcloud -n nextcloud -f values.yaml --version 3.5.14
  3. # Upgrading:
  4. # su -s /bin/bash - www-data
  5. # cd /var/www/html
  6. # PHP_MEMORY_LIMIT=512M ./occ upgrade
  7. # Forwarding IPs requires:
  8. #
  9. # 'trusted_proxies' =>
  10. # array (
  11. # 0 => '10.42.0.0/16',
  12. # 1 => '127.0.0.1',
  13. # ),
  14. # 'overwritecondaddr' => '^10\.42\.[0-9]+\.[0-9]+$',
  15. #
  16. # For whatever your ingress is.
  17. ## Official nextcloud image version
  18. ## ref: https://hub.docker.com/r/library/nextcloud/tags/
  19. ##
  20. image:
  21. repository: nextcloud
  22. tag: 29.0.9-apache
  23. pullPolicy: IfNotPresent
  24. # pullSecrets:
  25. # - myRegistrKeySecretName
  26. nameOverride: ""
  27. fullnameOverride: ""
  28. podAnnotations: {}
  29. deploymentAnnotations: {}
  30. deploymentLabels: {}
  31. # Number of replicas to be deployed
  32. replicaCount: 1
  33. ## Allowing use of ingress controllers
  34. ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
  35. ##
  36. ingress:
  37. enabled: false
  38. # className: nginx
  39. annotations: {}
  40. # nginx.ingress.kubernetes.io/proxy-body-size: 4G
  41. # kubernetes.io/tls-acme: "true"
  42. # cert-manager.io/cluster-issuer: letsencrypt-prod
  43. # nginx.ingress.kubernetes.io/server-snippet: |-
  44. # server_tokens off;
  45. # proxy_hide_header X-Powered-By;
  46. # rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
  47. # rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
  48. # rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
  49. # rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
  50. # location = /.well-known/carddav {
  51. # return 301 $scheme://$host/remote.php/dav;
  52. # }
  53. # location = /.well-known/caldav {
  54. # return 301 $scheme://$host/remote.php/dav;
  55. # }
  56. # location = /robots.txt {
  57. # allow all;
  58. # log_not_found off;
  59. # access_log off;
  60. # }
  61. # location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
  62. # deny all;
  63. # }
  64. # location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
  65. # deny all;
  66. # }
  67. # tls:
  68. # - secretName: nextcloud-tls
  69. # hosts:
  70. # - nextcloud.kube.home
  71. labels: {}
  72. path: /
  73. pathType: Prefix
  74. # Allow configuration of lifecycle hooks
  75. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
  76. lifecycle: {}
  77. # postStartCommand: []
  78. # preStopCommand: []
  79. phpClientHttpsFix:
  80. enabled: false
  81. protocol: https
  82. nextcloud:
  83. host: nextcloud.jibby.org
  84. username: josh
  85. password: ""
  86. ## Use an existing secret
  87. existingSecret:
  88. enabled: false
  89. # secretName: nameofsecret
  90. # usernameKey: nextcloud-username
  91. # passwordKey: nextcloud-password
  92. # tokenKey: nextcloud-token
  93. # smtpUsernameKey: smtp-username
  94. # smtpPasswordKey: smtp-password
  95. update: 0
  96. # If web server is not binding default port, you can define it
  97. containerPort: 80
  98. datadir: /var/www/html/data
  99. persistence:
  100. subPath:
  101. mail:
  102. enabled: false
  103. fromAddress: user
  104. domain: domain.com
  105. smtp:
  106. host: domain.com
  107. secure: ssl
  108. port: 465
  109. authtype: LOGIN
  110. name: user
  111. password: pass
  112. # PHP Configuration files
  113. # Will be injected in /usr/local/etc/php/conf.d for apache image and in /usr/local/etc/php-fpm.d when nginx.enabled: true
  114. phpConfigs:
  115. www.conf: |
  116. [www]
  117. user = www-data
  118. group = www-data
  119. listen = 127.0.0.1:9000
  120. pm = dynamic
  121. pm.max_children = 86
  122. pm.start_servers = 21
  123. pm.min_spare_servers = 21
  124. pm.max_spare_servers = 64
  125. ; for large file uploads
  126. request_terminate_timeout = 3600
  127. # Default config files
  128. # IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself
  129. # Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/16.0/apache/config
  130. defaultConfigs:
  131. # To protect /var/www/html/config
  132. .htaccess: true
  133. # Redis default configuration
  134. redis.config.php: true
  135. # Apache configuration for rewrite urls
  136. apache-pretty-urls.config.php: true
  137. # Define APCu as local cache
  138. apcu.config.php: true
  139. # Apps directory configs
  140. apps.config.php: true
  141. # Used for auto configure database
  142. autoconfig.php: true
  143. # SMTP default configuration
  144. smtp.config.php: true
  145. # Extra config files created in /var/www/html/config/
  146. # ref: https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
  147. configs: {}
  148. # For example, to use S3 as primary storage
  149. # ref: https://docs.nextcloud.com/server/13/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3
  150. #
  151. # configs:
  152. # s3.config.php: |-
  153. # <?php
  154. # $CONFIG = array (
  155. # 'objectstore' => array(
  156. # 'class' => '\\OC\\Files\\ObjectStore\\S3',
  157. # 'arguments' => array(
  158. # 'bucket' => 'my-bucket',
  159. # 'autocreate' => true,
  160. # 'key' => 'xxx',
  161. # 'secret' => 'xxx',
  162. # 'region' => 'us-east-1',
  163. # 'use_ssl' => true
  164. # )
  165. # )
  166. # );
  167. ## Strategy used to replace old pods
  168. ## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes
  169. ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
  170. strategy:
  171. type: Recreate
  172. # type: RollingUpdate
  173. # rollingUpdate:
  174. # maxSurge: 1
  175. # maxUnavailable: 0
  176. ##
  177. ## Extra environment variables
  178. extraEnv:
  179. - name: REDIS_HOST
  180. valueFrom:
  181. secretKeyRef:
  182. name: redis-client-secret
  183. key: REDIS_HOST
  184. - name: REDIS_HOST_PASSWORD
  185. valueFrom:
  186. secretKeyRef:
  187. name: redis-client-secret
  188. key: REDIS_HOST_PASSWORD
  189. # Extra init containers that runs before pods start.
  190. extraInitContainers: []
  191. # - name: do-something
  192. # image: busybox
  193. # command: ['do', 'something']
  194. # Extra sidecar containers.
  195. extraSidecarContainers: []
  196. # - name: nextcloud-logger
  197. # image: busybox
  198. # command: [/bin/sh, -c, 'while ! test -f "/run/nextcloud/data/nextcloud.log"; do sleep 1; done; tail -n+1 -f /run/nextcloud/data/nextcloud.log']
  199. # volumeMounts:
  200. # - name: nextcloud-data
  201. # mountPath: /run/nextcloud/data
  202. # Extra mounts for the pods. Example shown is for connecting a legacy NFS volume
  203. # to NextCloud pods in Kubernetes. This can then be configured in External Storage
  204. extraVolumes:
  205. # - name: nfs
  206. # nfs:
  207. # server: "10.0.0.1"
  208. # path: "/nextcloud_data"
  209. # readOnly: false
  210. extraVolumeMounts:
  211. # - name: nfs
  212. # mountPath: "/legacy_data"
  213. # Set securityContext parameters for the nextcloud CONTAINER only (will not affect nginx container).
  214. # For example, you may need to define runAsNonRoot directive
  215. securityContext: {}
  216. # runAsUser: 33
  217. # runAsGroup: 33
  218. # runAsNonRoot: true
  219. # readOnlyRootFilesystem: false
  220. # Set securityContext parameters for the entire pod. For example, you may need to define runAsNonRoot directive
  221. podSecurityContext: {}
  222. # runAsUser: 33
  223. # runAsGroup: 33
  224. # runAsNonRoot: true
  225. # readOnlyRootFilesystem: false
  226. nginx:
  227. ## You need to set an fpm version of the image for nextcloud if you want to use nginx!
  228. # disabling for large uploads on android(?)
  229. enabled: false
  230. image:
  231. repository: nginx
  232. tag: alpine
  233. pullPolicy: IfNotPresent
  234. config:
  235. # This generates the default nginx config as per the nextcloud documentation
  236. default: false
  237. # Default is below, changes marked with CHANGE
  238. custom: |-
  239. error_log /var/log/nginx/error.log warn;
  240. pid /var/run/nginx.pid;
  241. events {
  242. worker_connections 1024;
  243. }
  244. http {
  245. include /etc/nginx/mime.types;
  246. default_type application/octet-stream;
  247. log_format main '$remote_addr - $remote_user [$time_local] "$request" '
  248. '$status $body_bytes_sent "$http_referer" '
  249. '"$http_user_agent" "$http_x_forwarded_for"';
  250. access_log /var/log/nginx/access.log main;
  251. # CHANGE for large file uploads
  252. proxy_read_timeout 3600;
  253. fastcgi_read_timeout 300s;
  254. sendfile on;
  255. #tcp_nopush on;
  256. keepalive_timeout 65;
  257. #gzip on;
  258. upstream php-handler {
  259. server 127.0.0.1:9000;
  260. }
  261. server {
  262. listen 80;
  263. # HSTS settings
  264. # WARNING: Only add the preload option once you read about
  265. # the consequences in https://hstspreload.org/. This option
  266. # will add the domain to a hardcoded list that is shipped
  267. # in all major browsers and getting removed from this list
  268. # could take several months.
  269. #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
  270. # set max upload size
  271. client_max_body_size 10G;
  272. fastcgi_buffers 64 4K;
  273. # Enable gzip but do not remove ETag headers
  274. gzip on;
  275. gzip_vary on;
  276. gzip_comp_level 4;
  277. gzip_min_length 256;
  278. gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
  279. gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
  280. # Pagespeed is not supported by Nextcloud, so if your server is built
  281. # with the `ngx_pagespeed` module, uncomment this line to disable it.
  282. #pagespeed off;
  283. # HTTP response headers borrowed from Nextcloud `.htaccess`
  284. add_header Referrer-Policy "no-referrer" always;
  285. add_header X-Content-Type-Options "nosniff" always;
  286. add_header X-Download-Options "noopen" always;
  287. add_header X-Frame-Options "SAMEORIGIN" always;
  288. add_header X-Permitted-Cross-Domain-Policies "none" always;
  289. add_header X-Robots-Tag "noindex, nofollow" always;
  290. add_header X-XSS-Protection "1; mode=block" always;
  291. add_header X-Forwarded-For $proxy_add_x_forwarded_for;
  292. # Remove X-Powered-By, which is an information leak
  293. fastcgi_hide_header X-Powered-By;
  294. # Path to the root of your installation
  295. root /var/www/html;
  296. # Specify how to handle directories -- specifying `/index.php$request_uri`
  297. # here as the fallback means that Nginx always exhibits the desired behaviour
  298. # when a client requests a path that corresponds to a directory that exists
  299. # on the server. In particular, if that directory contains an index.php file,
  300. # that file is correctly served; if it doesn't, then the request is passed to
  301. # the front-end controller. This consistent behaviour means that we don't need
  302. # to specify custom rules for certain paths (e.g. images and other assets,
  303. # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
  304. # `try_files $uri $uri/ /index.php$request_uri`
  305. # always provides the desired behaviour.
  306. index index.php index.html /index.php$request_uri;
  307. # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
  308. location = / {
  309. if ( $http_user_agent ~ ^DavClnt ) {
  310. return 302 /remote.php/webdav/$is_args$args;
  311. }
  312. }
  313. location = /robots.txt {
  314. allow all;
  315. log_not_found off;
  316. access_log off;
  317. }
  318. # Make a regex exception for `/.well-known` so that clients can still
  319. # access it despite the existence of the regex rule
  320. # `location ~ /(\.|autotest|...)` which would otherwise handle requests
  321. # for `/.well-known`.
  322. location ^~ /.well-known {
  323. # The following 6 rules are borrowed from `.htaccess`
  324. location = /.well-known/carddav { return 301 /remote.php/dav/; }
  325. location = /.well-known/caldav { return 301 /remote.php/dav/; }
  326. # Anything else is dynamically handled by Nextcloud
  327. location ^~ /.well-known { return 301 /index.php$uri; }
  328. try_files $uri $uri/ =404;
  329. }
  330. # Rules borrowed from `.htaccess` to hide certain paths from clients
  331. location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
  332. location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
  333. # Ensure this block, which passes PHP files to the PHP process, is above the blocks
  334. # which handle static assets (as seen below). If this block is not declared first,
  335. # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
  336. # to the URI, resulting in a HTTP 500 error response.
  337. location ~ \.php(?:$|/) {
  338. fastcgi_split_path_info ^(.+?\.php)(/.*)$;
  339. set $path_info $fastcgi_path_info;
  340. try_files $fastcgi_script_name =404;
  341. include fastcgi_params;
  342. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  343. fastcgi_param PATH_INFO $path_info;
  344. #fastcgi_param HTTPS on;
  345. fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
  346. fastcgi_param front_controller_active true; # Enable pretty urls
  347. fastcgi_pass php-handler;
  348. fastcgi_intercept_errors on;
  349. fastcgi_request_buffering off;
  350. }
  351. location ~ \.(?:css|js|svg|gif)$ {
  352. try_files $uri /index.php$request_uri;
  353. expires 6M; # Cache-Control policy borrowed from `.htaccess`
  354. access_log off; # Optional: Don't log access to assets
  355. }
  356. location ~ \.woff2?$ {
  357. try_files $uri /index.php$request_uri;
  358. expires 7d; # Cache-Control policy borrowed from `.htaccess`
  359. access_log off; # Optional: Don't log access to assets
  360. }
  361. location / {
  362. try_files $uri $uri/ /index.php$request_uri;
  363. }
  364. }
  365. }
  366. resources: {}
  367. # Set nginx container securityContext parameters. For example, you may need to define runAsNonRoot directive
  368. securityContext: {}
  369. # the nginx alpine container default user is 82
  370. # runAsUser: 82
  371. # runAsGroup: 33
  372. # runAsNonRoot: true
  373. # readOnlyRootFilesystem: true
  374. internalDatabase:
  375. enabled: false
  376. name: nextcloud
  377. externalDatabase:
  378. enabled: true
  379. ## Supported database engines: mysql or postgresql
  380. type: postgresql
  381. ## Database host
  382. host: postgres-postgresql.postgres.svc.cluster.local:5432
  383. ## Database user
  384. user: nextcloud
  385. ## Database password
  386. password:
  387. ## Database name
  388. database: nextcloud
  389. ## Use a existing secret
  390. existingSecret:
  391. enabled: true
  392. secretName: postgres-secret
  393. usernameKey: username
  394. passwordKey: password
  395. ##
  396. ## MariaDB chart configuration
  397. ## ref: https://github.com/bitnami/charts/tree/main/bitnami/mariadb
  398. ##
  399. mariadb:
  400. ## Whether to deploy a mariadb server from the bitnami mariab db helm chart
  401. # to satisfy the applications database requirements. if you want to deploy this bitnami mariadb, set this and externalDatabase to true
  402. # To use an ALREADY DEPLOYED mariadb database, set this to false and configure the externalDatabase parameters
  403. enabled: false
  404. auth:
  405. database: nextcloud
  406. username: nextcloud
  407. password: changeme
  408. # Use existing secret (auth.rootPassword, auth.password, and auth.replicationPassword will be ignored).
  409. # secret must contain the keys mariadb-root-password, mariadb-replication-password and mariadb-password
  410. existingSecret: ""
  411. architecture: standalone
  412. ## Enable persistence using Persistent Volume Claims
  413. ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
  414. ##
  415. primary:
  416. persistence:
  417. enabled: false
  418. # Use an existing Persistent Volume Claim (must be created ahead of time)
  419. # existingClaim: ""
  420. # storageClass: ""
  421. accessMode: ReadWriteOnce
  422. size: 8Gi
  423. ##
  424. ## PostgreSQL chart configuration
  425. ## for more options see https://github.com/bitnami/charts/tree/main/bitnami/postgresql
  426. ##
  427. postgresql:
  428. enabled: false
  429. global:
  430. postgresql:
  431. # global.postgresql.auth overrides postgresql.auth
  432. auth:
  433. username: nextcloud
  434. password: changeme
  435. database: nextcloud
  436. # Name of existing secret to use for PostgreSQL credentials.
  437. # auth.postgresPassword, auth.password, and auth.replicationPassword will be ignored and picked up from this secret.
  438. # secret might also contains the key ldap-password if LDAP is enabled.
  439. # ldap.bind_password will be ignored and picked from this secret in this case.
  440. existingSecret: ""
  441. # Names of keys in existing secret to use for PostgreSQL credentials
  442. secretKeys:
  443. adminPasswordKey: ""
  444. userPasswordKey: ""
  445. replicationPasswordKey: ""
  446. primary:
  447. persistence:
  448. enabled: false
  449. # Use an existing Persistent Volume Claim (must be created ahead of time)
  450. # existingClaim: ""
  451. # storageClass: ""
  452. ##
  453. ## Redis chart configuration
  454. ## for more options see https://github.com/bitnami/charts/tree/main/bitnami/redis
  455. ##
  456. redis:
  457. enabled: false
  458. auth:
  459. enabled: true
  460. password: 'changeme'
  461. # name of an existing secret with Redis® credentials (instead of auth.password), must be created ahead of time
  462. existingSecret: ""
  463. # Password key to be retrieved from existing secret
  464. existingSecretPasswordKey: ""
  465. ## Cronjob to execute Nextcloud background tasks
  466. ## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron
  467. ##
  468. cronjob:
  469. enabled: true
  470. ## Cronjob sidecar resource requests and limits
  471. ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  472. ##
  473. resources: {}
  474. # Allow configuration of lifecycle hooks
  475. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
  476. lifecycle: {}
  477. # postStartCommand: []
  478. # preStopCommand: []
  479. # Set securityContext parameters. For example, you may need to define runAsNonRoot directive
  480. securityContext: {}
  481. # runAsUser: 33
  482. # runAsGroup: 33
  483. # runAsNonRoot: true
  484. # readOnlyRootFilesystem: true
  485. service:
  486. type: ClusterIP
  487. port: 8080
  488. loadBalancerIP: nil
  489. nodePort: nil
  490. ## Enable persistence using Persistent Volume Claims
  491. ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
  492. ##
  493. persistence:
  494. # Nextcloud Data (/var/www/html)
  495. enabled: true
  496. annotations: {}
  497. ## nextcloud data Persistent Volume Storage Class
  498. ## If defined, storageClassName: <storageClass>
  499. ## If set to "-", storageClassName: "", which disables dynamic provisioning
  500. ## If undefined (the default) or set to null, no storageClassName spec is
  501. ## set, choosing the default provisioner. (gp2 on AWS, standard on
  502. ## GKE, AWS & OpenStack)
  503. ##
  504. storageClass: "ceph-block"
  505. ## A manually managed Persistent Volume and Claim
  506. ## Requires persistence.enabled: true
  507. ## If defined, PVC must be created manually before volume will be bound
  508. existingClaim: nextcloud-pvc
  509. accessMode: ReadWriteOnce
  510. size: 8Gi
  511. ## Use an additional pvc for the data directory rather than a subpath of the default PVC
  512. ## Useful to store data on a different storageClass (e.g. on slower disks)
  513. nextcloudData:
  514. enabled: true
  515. subPath:
  516. annotations: {}
  517. storageClass: "ceph-block"
  518. existingClaim: nextcloud-data-pvc
  519. accessMode: ReadWriteOnce
  520. size: 200Gi
  521. resources:
  522. # We usually recommend not to specify default resources and to leave this as a conscious
  523. # choice for the user. This also increases chances charts run on environments with little
  524. # resources, such as Minikube. If you do want to specify resources, uncomment the following
  525. # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  526. limits:
  527. # cpu: 100m
  528. memory: 4Gi
  529. requests:
  530. # cpu: 100m
  531. memory: 1Gi
  532. ## Liveness and readiness probe values
  533. ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
  534. ##
  535. livenessProbe:
  536. enabled: false
  537. initialDelaySeconds: 10
  538. periodSeconds: 10
  539. timeoutSeconds: 5
  540. failureThreshold: 3
  541. successThreshold: 1
  542. readinessProbe:
  543. enabled: false
  544. initialDelaySeconds: 10
  545. periodSeconds: 10
  546. timeoutSeconds: 5
  547. failureThreshold: 3
  548. successThreshold: 1
  549. startupProbe:
  550. enabled: false
  551. initialDelaySeconds: 30
  552. periodSeconds: 10
  553. timeoutSeconds: 5
  554. failureThreshold: 30
  555. successThreshold: 1
  556. ## Enable pod autoscaling using HorizontalPodAutoscaler
  557. ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
  558. ##
  559. hpa:
  560. enabled: false
  561. cputhreshold: 60
  562. minPods: 1
  563. maxPods: 10
  564. nodeSelector: {}
  565. tolerations: []
  566. # To speed up file transfers
  567. affinity:
  568. nodeAffinity:
  569. requiredDuringSchedulingIgnoredDuringExecution:
  570. nodeSelectorTerms:
  571. - matchExpressions:
  572. - key: cluster-ingress
  573. operator: In
  574. values:
  575. - "true"
  576. ## Prometheus Exporter / Metrics
  577. ##
  578. metrics:
  579. enabled: false
  580. replicaCount: 1
  581. # The metrics exporter needs to know how you serve Nextcloud either http or https
  582. https: false
  583. # Use API token if set, otherwise fall back to password authentication
  584. # https://github.com/xperimental/nextcloud-exporter#token-authentication
  585. # Currently you still need to set the token manually in your nextcloud install
  586. token: ""
  587. timeout: 5s
  588. # if set to true, exporter skips certificate verification of Nextcloud server.
  589. tlsSkipVerify: false
  590. image:
  591. repository: xperimental/nextcloud-exporter
  592. tag: 0.6.0
  593. pullPolicy: IfNotPresent
  594. # pullSecrets:
  595. # - myRegistrKeySecretName
  596. ## Metrics exporter resource requests and limits
  597. ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  598. ##
  599. # resources: {}
  600. ## Metrics exporter pod Annotation and Labels
  601. # podAnnotations: {}
  602. # podLabels: {}
  603. service:
  604. type: ClusterIP
  605. ## Use serviceLoadBalancerIP to request a specific static IP,
  606. ## otherwise leave blank
  607. # loadBalancerIP:
  608. annotations:
  609. prometheus.io/scrape: "true"
  610. prometheus.io/port: "9205"
  611. labels: {}
  612. ## Prometheus Operator ServiceMonitor configuration
  613. ##
  614. serviceMonitor:
  615. ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using PrometheusOperator
  616. ##
  617. enabled: false
  618. ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
  619. ##
  620. namespace: ""
  621. ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
  622. ##
  623. jobLabel: ""
  624. ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped
  625. ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
  626. ##
  627. interval: 30s
  628. ## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended
  629. ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
  630. ##
  631. scrapeTimeout: ""
  632. ## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
  633. ##
  634. labels: {}
  635. rbac:
  636. enabled: false
  637. serviceaccount:
  638. create: true
  639. name: nextcloud-serviceaccount
  640. annotations: {}
  641. ## @param securityContext for nextcloud pod @deprecated Use `nextcloud.podSecurityContext` instead
  642. securityContext: {}