values.yaml 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744
  1. # helm repo add nextcloud https://nextcloud.github.io/helm/
  2. # helm upgrade --install nextcloud nextcloud/nextcloud -n nextcloud -f values.yaml --version 3.5.14
  3. # Upgrading:
  4. # su -s /bin/bash - www-data
  5. # cd /var/www/html
  6. # PHP_MEMORY_LIMIT=512M ./occ upgrade
  7. # Forwarding IPs requires:
  8. #
  9. # 'trusted_proxies' =>
  10. # array (
  11. # 0 => '10.42.0.0/16',
  12. # 1 => '127.0.0.1',
  13. # ),
  14. # 'overwritecondaddr' => '^10\.42\.[0-9]+\.[0-9]+$',
  15. #
  16. # For whatever your ingress is.
  17. ## Official nextcloud image version
  18. ## ref: https://hub.docker.com/r/library/nextcloud/tags/
  19. ##
  20. image:
  21. repository: nextcloud
  22. tag: 29.0.0-fpm
  23. pullPolicy: IfNotPresent
  24. # pullSecrets:
  25. # - myRegistrKeySecretName
  26. nameOverride: ""
  27. fullnameOverride: ""
  28. podAnnotations: {}
  29. deploymentAnnotations: {}
  30. deploymentLabels: {}
  31. # Number of replicas to be deployed
  32. replicaCount: 1
  33. ## Allowing use of ingress controllers
  34. ## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
  35. ##
  36. ingress:
  37. enabled: false
  38. # className: nginx
  39. annotations: {}
  40. # nginx.ingress.kubernetes.io/proxy-body-size: 4G
  41. # kubernetes.io/tls-acme: "true"
  42. # cert-manager.io/cluster-issuer: letsencrypt-prod
  43. # nginx.ingress.kubernetes.io/server-snippet: |-
  44. # server_tokens off;
  45. # proxy_hide_header X-Powered-By;
  46. # rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
  47. # rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
  48. # rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
  49. # rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
  50. # location = /.well-known/carddav {
  51. # return 301 $scheme://$host/remote.php/dav;
  52. # }
  53. # location = /.well-known/caldav {
  54. # return 301 $scheme://$host/remote.php/dav;
  55. # }
  56. # location = /robots.txt {
  57. # allow all;
  58. # log_not_found off;
  59. # access_log off;
  60. # }
  61. # location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
  62. # deny all;
  63. # }
  64. # location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
  65. # deny all;
  66. # }
  67. # tls:
  68. # - secretName: nextcloud-tls
  69. # hosts:
  70. # - nextcloud.kube.home
  71. labels: {}
  72. path: /
  73. pathType: Prefix
  74. # Allow configuration of lifecycle hooks
  75. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
  76. lifecycle: {}
  77. # postStartCommand: []
  78. # preStopCommand: []
  79. phpClientHttpsFix:
  80. enabled: false
  81. protocol: https
  82. nextcloud:
  83. host: nextcloud.jibby.org
  84. username: josh
  85. password: ""
  86. ## Use an existing secret
  87. existingSecret:
  88. enabled: false
  89. # secretName: nameofsecret
  90. # usernameKey: nextcloud-username
  91. # passwordKey: nextcloud-password
  92. # tokenKey: nextcloud-token
  93. # smtpUsernameKey: smtp-username
  94. # smtpPasswordKey: smtp-password
  95. update: 0
  96. # If web server is not binding default port, you can define it
  97. containerPort: 80
  98. datadir: /var/www/html/data
  99. persistence:
  100. subPath:
  101. mail:
  102. enabled: false
  103. fromAddress: user
  104. domain: domain.com
  105. smtp:
  106. host: domain.com
  107. secure: ssl
  108. port: 465
  109. authtype: LOGIN
  110. name: user
  111. password: pass
  112. # PHP Configuration files
  113. # Will be injected in /usr/local/etc/php/conf.d for apache image and in /usr/local/etc/php-fpm.d when nginx.enabled: true
  114. phpConfigs:
  115. www.conf: |
  116. [www]
  117. user = www-data
  118. group = www-data
  119. listen = 127.0.0.1:9000
  120. pm = dynamic
  121. pm.max_children = 86
  122. pm.start_servers = 21
  123. pm.min_spare_servers = 21
  124. pm.max_spare_servers = 64
  125. ; for large file uploads
  126. request_terminate_timeout = 3600
  127. # Default config files
  128. # IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself
  129. # Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/16.0/apache/config
  130. defaultConfigs:
  131. # To protect /var/www/html/config
  132. .htaccess: true
  133. # Redis default configuration
  134. redis.config.php: true
  135. # Apache configuration for rewrite urls
  136. apache-pretty-urls.config.php: true
  137. # Define APCu as local cache
  138. apcu.config.php: true
  139. # Apps directory configs
  140. apps.config.php: true
  141. # Used for auto configure database
  142. autoconfig.php: true
  143. # SMTP default configuration
  144. smtp.config.php: true
  145. # Extra config files created in /var/www/html/config/
  146. # ref: https://docs.nextcloud.com/server/15/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
  147. configs: {}
  148. # For example, to use S3 as primary storage
  149. # ref: https://docs.nextcloud.com/server/13/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3
  150. #
  151. # configs:
  152. # s3.config.php: |-
  153. # <?php
  154. # $CONFIG = array (
  155. # 'objectstore' => array(
  156. # 'class' => '\\OC\\Files\\ObjectStore\\S3',
  157. # 'arguments' => array(
  158. # 'bucket' => 'my-bucket',
  159. # 'autocreate' => true,
  160. # 'key' => 'xxx',
  161. # 'secret' => 'xxx',
  162. # 'region' => 'us-east-1',
  163. # 'use_ssl' => true
  164. # )
  165. # )
  166. # );
  167. ## Strategy used to replace old pods
  168. ## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes
  169. ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
  170. strategy:
  171. type: Recreate
  172. # type: RollingUpdate
  173. # rollingUpdate:
  174. # maxSurge: 1
  175. # maxUnavailable: 0
  176. ##
  177. ## Extra environment variables
  178. extraEnv:
  179. - name: REDIS_HOST
  180. valueFrom:
  181. secretKeyRef:
  182. name: redis-client-secret
  183. key: REDIS_HOST
  184. - name: REDIS_HOST_PASSWORD
  185. valueFrom:
  186. secretKeyRef:
  187. name: redis-client-secret
  188. key: REDIS_HOST_PASSWORD
  189. # Extra init containers that runs before pods start.
  190. extraInitContainers: []
  191. # - name: do-something
  192. # image: busybox
  193. # command: ['do', 'something']
  194. # Extra sidecar containers.
  195. extraSidecarContainers: []
  196. # - name: nextcloud-logger
  197. # image: busybox
  198. # command: [/bin/sh, -c, 'while ! test -f "/run/nextcloud/data/nextcloud.log"; do sleep 1; done; tail -n+1 -f /run/nextcloud/data/nextcloud.log']
  199. # volumeMounts:
  200. # - name: nextcloud-data
  201. # mountPath: /run/nextcloud/data
  202. # Extra mounts for the pods. Example shown is for connecting a legacy NFS volume
  203. # to NextCloud pods in Kubernetes. This can then be configured in External Storage
  204. extraVolumes:
  205. # - name: nfs
  206. # nfs:
  207. # server: "10.0.0.1"
  208. # path: "/nextcloud_data"
  209. # readOnly: false
  210. extraVolumeMounts:
  211. # - name: nfs
  212. # mountPath: "/legacy_data"
  213. # Set securityContext parameters for the nextcloud CONTAINER only (will not affect nginx container).
  214. # For example, you may need to define runAsNonRoot directive
  215. securityContext: {}
  216. # runAsUser: 33
  217. # runAsGroup: 33
  218. # runAsNonRoot: true
  219. # readOnlyRootFilesystem: false
  220. # Set securityContext parameters for the entire pod. For example, you may need to define runAsNonRoot directive
  221. podSecurityContext: {}
  222. # runAsUser: 33
  223. # runAsGroup: 33
  224. # runAsNonRoot: true
  225. # readOnlyRootFilesystem: false
  226. nginx:
  227. ## You need to set an fpm version of the image for nextcloud if you want to use nginx!
  228. enabled: true
  229. image:
  230. repository: nginx
  231. tag: alpine
  232. pullPolicy: IfNotPresent
  233. config:
  234. # This generates the default nginx config as per the nextcloud documentation
  235. default: false
  236. # Default is below, changes marked with CHANGE
  237. custom: |-
  238. error_log /var/log/nginx/error.log warn;
  239. pid /var/run/nginx.pid;
  240. events {
  241. worker_connections 1024;
  242. }
  243. http {
  244. include /etc/nginx/mime.types;
  245. default_type application/octet-stream;
  246. log_format main '$remote_addr - $remote_user [$time_local] "$request" '
  247. '$status $body_bytes_sent "$http_referer" '
  248. '"$http_user_agent" "$http_x_forwarded_for"';
  249. access_log /var/log/nginx/access.log main;
  250. # CHANGE for large file uploads
  251. proxy_read_timeout 3600;
  252. sendfile on;
  253. #tcp_nopush on;
  254. keepalive_timeout 65;
  255. #gzip on;
  256. upstream php-handler {
  257. server 127.0.0.1:9000;
  258. }
  259. server {
  260. listen 80;
  261. # HSTS settings
  262. # WARNING: Only add the preload option once you read about
  263. # the consequences in https://hstspreload.org/. This option
  264. # will add the domain to a hardcoded list that is shipped
  265. # in all major browsers and getting removed from this list
  266. # could take several months.
  267. #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
  268. # set max upload size
  269. client_max_body_size 10G;
  270. fastcgi_buffers 64 4K;
  271. # Enable gzip but do not remove ETag headers
  272. gzip on;
  273. gzip_vary on;
  274. gzip_comp_level 4;
  275. gzip_min_length 256;
  276. gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
  277. gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
  278. # Pagespeed is not supported by Nextcloud, so if your server is built
  279. # with the `ngx_pagespeed` module, uncomment this line to disable it.
  280. #pagespeed off;
  281. # HTTP response headers borrowed from Nextcloud `.htaccess`
  282. add_header Referrer-Policy "no-referrer" always;
  283. add_header X-Content-Type-Options "nosniff" always;
  284. add_header X-Download-Options "noopen" always;
  285. add_header X-Frame-Options "SAMEORIGIN" always;
  286. add_header X-Permitted-Cross-Domain-Policies "none" always;
  287. add_header X-Robots-Tag "noindex, nofollow" always;
  288. add_header X-XSS-Protection "1; mode=block" always;
  289. add_header X-Forwarded-For $proxy_add_x_forwarded_for;
  290. # Remove X-Powered-By, which is an information leak
  291. fastcgi_hide_header X-Powered-By;
  292. # Path to the root of your installation
  293. root /var/www/html;
  294. # Specify how to handle directories -- specifying `/index.php$request_uri`
  295. # here as the fallback means that Nginx always exhibits the desired behaviour
  296. # when a client requests a path that corresponds to a directory that exists
  297. # on the server. In particular, if that directory contains an index.php file,
  298. # that file is correctly served; if it doesn't, then the request is passed to
  299. # the front-end controller. This consistent behaviour means that we don't need
  300. # to specify custom rules for certain paths (e.g. images and other assets,
  301. # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
  302. # `try_files $uri $uri/ /index.php$request_uri`
  303. # always provides the desired behaviour.
  304. index index.php index.html /index.php$request_uri;
  305. # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
  306. location = / {
  307. if ( $http_user_agent ~ ^DavClnt ) {
  308. return 302 /remote.php/webdav/$is_args$args;
  309. }
  310. }
  311. location = /robots.txt {
  312. allow all;
  313. log_not_found off;
  314. access_log off;
  315. }
  316. # Make a regex exception for `/.well-known` so that clients can still
  317. # access it despite the existence of the regex rule
  318. # `location ~ /(\.|autotest|...)` which would otherwise handle requests
  319. # for `/.well-known`.
  320. location ^~ /.well-known {
  321. # The following 6 rules are borrowed from `.htaccess`
  322. location = /.well-known/carddav { return 301 /remote.php/dav/; }
  323. location = /.well-known/caldav { return 301 /remote.php/dav/; }
  324. # Anything else is dynamically handled by Nextcloud
  325. location ^~ /.well-known { return 301 /index.php$uri; }
  326. try_files $uri $uri/ =404;
  327. }
  328. # Rules borrowed from `.htaccess` to hide certain paths from clients
  329. location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
  330. location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
  331. # Ensure this block, which passes PHP files to the PHP process, is above the blocks
  332. # which handle static assets (as seen below). If this block is not declared first,
  333. # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
  334. # to the URI, resulting in a HTTP 500 error response.
  335. location ~ \.php(?:$|/) {
  336. fastcgi_split_path_info ^(.+?\.php)(/.*)$;
  337. set $path_info $fastcgi_path_info;
  338. try_files $fastcgi_script_name =404;
  339. include fastcgi_params;
  340. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  341. fastcgi_param PATH_INFO $path_info;
  342. #fastcgi_param HTTPS on;
  343. fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
  344. fastcgi_param front_controller_active true; # Enable pretty urls
  345. fastcgi_pass php-handler;
  346. fastcgi_intercept_errors on;
  347. fastcgi_request_buffering off;
  348. }
  349. location ~ \.(?:css|js|svg|gif)$ {
  350. try_files $uri /index.php$request_uri;
  351. expires 6M; # Cache-Control policy borrowed from `.htaccess`
  352. access_log off; # Optional: Don't log access to assets
  353. }
  354. location ~ \.woff2?$ {
  355. try_files $uri /index.php$request_uri;
  356. expires 7d; # Cache-Control policy borrowed from `.htaccess`
  357. access_log off; # Optional: Don't log access to assets
  358. }
  359. location / {
  360. try_files $uri $uri/ /index.php$request_uri;
  361. }
  362. }
  363. }
  364. resources: {}
  365. # Set nginx container securityContext parameters. For example, you may need to define runAsNonRoot directive
  366. securityContext: {}
  367. # the nginx alpine container default user is 82
  368. # runAsUser: 82
  369. # runAsGroup: 33
  370. # runAsNonRoot: true
  371. # readOnlyRootFilesystem: true
  372. internalDatabase:
  373. enabled: false
  374. name: nextcloud
  375. externalDatabase:
  376. enabled: true
  377. ## Supported database engines: mysql or postgresql
  378. type: postgresql
  379. ## Database host
  380. host: postgres-postgresql.postgres.svc.cluster.local:5432
  381. ## Database user
  382. user: nextcloud
  383. ## Database password
  384. password:
  385. ## Database name
  386. database: nextcloud
  387. ## Use a existing secret
  388. existingSecret:
  389. enabled: true
  390. secretName: postgres-secret
  391. usernameKey: username
  392. passwordKey: password
  393. ##
  394. ## MariaDB chart configuration
  395. ## ref: https://github.com/bitnami/charts/tree/main/bitnami/mariadb
  396. ##
  397. mariadb:
  398. ## Whether to deploy a mariadb server from the bitnami mariab db helm chart
  399. # to satisfy the applications database requirements. if you want to deploy this bitnami mariadb, set this and externalDatabase to true
  400. # To use an ALREADY DEPLOYED mariadb database, set this to false and configure the externalDatabase parameters
  401. enabled: false
  402. auth:
  403. database: nextcloud
  404. username: nextcloud
  405. password: changeme
  406. # Use existing secret (auth.rootPassword, auth.password, and auth.replicationPassword will be ignored).
  407. # secret must contain the keys mariadb-root-password, mariadb-replication-password and mariadb-password
  408. existingSecret: ""
  409. architecture: standalone
  410. ## Enable persistence using Persistent Volume Claims
  411. ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
  412. ##
  413. primary:
  414. persistence:
  415. enabled: false
  416. # Use an existing Persistent Volume Claim (must be created ahead of time)
  417. # existingClaim: ""
  418. # storageClass: ""
  419. accessMode: ReadWriteOnce
  420. size: 8Gi
  421. ##
  422. ## PostgreSQL chart configuration
  423. ## for more options see https://github.com/bitnami/charts/tree/main/bitnami/postgresql
  424. ##
  425. postgresql:
  426. enabled: false
  427. global:
  428. postgresql:
  429. # global.postgresql.auth overrides postgresql.auth
  430. auth:
  431. username: nextcloud
  432. password: changeme
  433. database: nextcloud
  434. # Name of existing secret to use for PostgreSQL credentials.
  435. # auth.postgresPassword, auth.password, and auth.replicationPassword will be ignored and picked up from this secret.
  436. # secret might also contains the key ldap-password if LDAP is enabled.
  437. # ldap.bind_password will be ignored and picked from this secret in this case.
  438. existingSecret: ""
  439. # Names of keys in existing secret to use for PostgreSQL credentials
  440. secretKeys:
  441. adminPasswordKey: ""
  442. userPasswordKey: ""
  443. replicationPasswordKey: ""
  444. primary:
  445. persistence:
  446. enabled: false
  447. # Use an existing Persistent Volume Claim (must be created ahead of time)
  448. # existingClaim: ""
  449. # storageClass: ""
  450. ##
  451. ## Redis chart configuration
  452. ## for more options see https://github.com/bitnami/charts/tree/main/bitnami/redis
  453. ##
  454. redis:
  455. enabled: false
  456. auth:
  457. enabled: true
  458. password: 'changeme'
  459. # name of an existing secret with Redis® credentials (instead of auth.password), must be created ahead of time
  460. existingSecret: ""
  461. # Password key to be retrieved from existing secret
  462. existingSecretPasswordKey: ""
  463. ## Cronjob to execute Nextcloud background tasks
  464. ## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron
  465. ##
  466. cronjob:
  467. enabled: true
  468. ## Cronjob sidecar resource requests and limits
  469. ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  470. ##
  471. resources: {}
  472. # Allow configuration of lifecycle hooks
  473. # ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
  474. lifecycle: {}
  475. # postStartCommand: []
  476. # preStopCommand: []
  477. # Set securityContext parameters. For example, you may need to define runAsNonRoot directive
  478. securityContext: {}
  479. # runAsUser: 33
  480. # runAsGroup: 33
  481. # runAsNonRoot: true
  482. # readOnlyRootFilesystem: true
  483. service:
  484. type: ClusterIP
  485. port: 8080
  486. loadBalancerIP: nil
  487. nodePort: nil
  488. ## Enable persistence using Persistent Volume Claims
  489. ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
  490. ##
  491. persistence:
  492. # Nextcloud Data (/var/www/html)
  493. enabled: true
  494. annotations: {}
  495. ## nextcloud data Persistent Volume Storage Class
  496. ## If defined, storageClassName: <storageClass>
  497. ## If set to "-", storageClassName: "", which disables dynamic provisioning
  498. ## If undefined (the default) or set to null, no storageClassName spec is
  499. ## set, choosing the default provisioner. (gp2 on AWS, standard on
  500. ## GKE, AWS & OpenStack)
  501. ##
  502. storageClass: "ceph-block"
  503. ## A manually managed Persistent Volume and Claim
  504. ## Requires persistence.enabled: true
  505. ## If defined, PVC must be created manually before volume will be bound
  506. existingClaim: nextcloud-pvc
  507. accessMode: ReadWriteOnce
  508. size: 8Gi
  509. ## Use an additional pvc for the data directory rather than a subpath of the default PVC
  510. ## Useful to store data on a different storageClass (e.g. on slower disks)
  511. nextcloudData:
  512. enabled: true
  513. subPath:
  514. annotations: {}
  515. storageClass: "ceph-block"
  516. existingClaim: nextcloud-data-pvc
  517. accessMode: ReadWriteOnce
  518. size: 200Gi
  519. resources:
  520. # We usually recommend not to specify default resources and to leave this as a conscious
  521. # choice for the user. This also increases chances charts run on environments with little
  522. # resources, such as Minikube. If you do want to specify resources, uncomment the following
  523. # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  524. limits:
  525. # cpu: 100m
  526. memory: 4Gi
  527. requests:
  528. # cpu: 100m
  529. memory: 1Gi
  530. ## Liveness and readiness probe values
  531. ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
  532. ##
  533. livenessProbe:
  534. enabled: false
  535. initialDelaySeconds: 10
  536. periodSeconds: 10
  537. timeoutSeconds: 5
  538. failureThreshold: 3
  539. successThreshold: 1
  540. readinessProbe:
  541. enabled: false
  542. initialDelaySeconds: 10
  543. periodSeconds: 10
  544. timeoutSeconds: 5
  545. failureThreshold: 3
  546. successThreshold: 1
  547. startupProbe:
  548. enabled: false
  549. initialDelaySeconds: 30
  550. periodSeconds: 10
  551. timeoutSeconds: 5
  552. failureThreshold: 30
  553. successThreshold: 1
  554. ## Enable pod autoscaling using HorizontalPodAutoscaler
  555. ## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
  556. ##
  557. hpa:
  558. enabled: false
  559. cputhreshold: 60
  560. minPods: 1
  561. maxPods: 10
  562. nodeSelector: {}
  563. tolerations: []
  564. # To speed up file transfers
  565. affinity:
  566. nodeAffinity:
  567. requiredDuringSchedulingIgnoredDuringExecution:
  568. nodeSelectorTerms:
  569. - matchExpressions:
  570. - key: cluster-ingress
  571. operator: In
  572. values:
  573. - "true"
  574. ## Prometheus Exporter / Metrics
  575. ##
  576. metrics:
  577. enabled: false
  578. replicaCount: 1
  579. # The metrics exporter needs to know how you serve Nextcloud either http or https
  580. https: false
  581. # Use API token if set, otherwise fall back to password authentication
  582. # https://github.com/xperimental/nextcloud-exporter#token-authentication
  583. # Currently you still need to set the token manually in your nextcloud install
  584. token: ""
  585. timeout: 5s
  586. # if set to true, exporter skips certificate verification of Nextcloud server.
  587. tlsSkipVerify: false
  588. image:
  589. repository: xperimental/nextcloud-exporter
  590. tag: 0.6.0
  591. pullPolicy: IfNotPresent
  592. # pullSecrets:
  593. # - myRegistrKeySecretName
  594. ## Metrics exporter resource requests and limits
  595. ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  596. ##
  597. # resources: {}
  598. ## Metrics exporter pod Annotation and Labels
  599. # podAnnotations: {}
  600. # podLabels: {}
  601. service:
  602. type: ClusterIP
  603. ## Use serviceLoadBalancerIP to request a specific static IP,
  604. ## otherwise leave blank
  605. # loadBalancerIP:
  606. annotations:
  607. prometheus.io/scrape: "true"
  608. prometheus.io/port: "9205"
  609. labels: {}
  610. ## Prometheus Operator ServiceMonitor configuration
  611. ##
  612. serviceMonitor:
  613. ## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using PrometheusOperator
  614. ##
  615. enabled: false
  616. ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
  617. ##
  618. namespace: ""
  619. ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
  620. ##
  621. jobLabel: ""
  622. ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped
  623. ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
  624. ##
  625. interval: 30s
  626. ## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended
  627. ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
  628. ##
  629. scrapeTimeout: ""
  630. ## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
  631. ##
  632. labels: {}
  633. rbac:
  634. enabled: false
  635. serviceaccount:
  636. create: true
  637. name: nextcloud-serviceaccount
  638. annotations: {}
  639. ## @param securityContext for nextcloud pod @deprecated Use `nextcloud.podSecurityContext` instead
  640. securityContext: {}