-
Pierre Ozoux authoreddb67dc26
app.yml 9.30 KiB
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
name: ${FQDN}-app
namespace: ${NS}
spec:
ports:
- name: api
port: 9000
protocol: TCP
targetPort: api
selector:
app.kubernetes.io/component: app
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/component: web
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
name: ${FQDN}-web
namespace: ${NS}
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/component: web
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
sessionAffinity: None
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 100g
nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
labels:
app.kubernetes.io/component: web
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
name: ${FQDN}-web
namespace: ${NS}
spec:
rules:
- host: ${FQDN_DOTS}
http:
paths:
- backend:
serviceName: ${FQDN}-web
servicePort: http
path: / tls:
- hosts:
- ${FQDN_DOTS}
secretName: ${FQDN}-tls
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
name: ${FQDN}-app
namespace: ${NS}
spec:
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/component: app
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
spec:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 20
preference:
matchExpressions:
- key: stateless
operator: In
values:
- "true"
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
topologyKey: kubernetes.io/hostname
labelSelector:
matchExpressions:
- key: app.kubernetes.io/instance
operator: In
values:
- ${FQDN}
- key: app.kubernetes.io/component
operator: In
values:
- app
containers:
- command:
- php-fpm
env:
#cat ./version.php | grep 'array(' | cut -d\( -f2 | cut -d\) -f1 | sed 's/,/\./g'
- name: VERSION
value: ${NC_VERSION} - name: INSTALLED
value: "true"
- name: OBJECTSTORE_S3_KEY
valueFrom:
secretKeyRef:
key: AWS_ACCESS_KEY_ID
name: ${FQDN}-s3
- name: OBJECTSTORE_S3_SECRET
valueFrom:
secretKeyRef:
key: AWS_SECRET_ACCESS_KEY
name: ${FQDN}-s3
- name: MAIL_FROM_ADDRESS
valueFrom:
secretKeyRef:
key: mail_from_address
name: ${NS}-smtp
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: ${NS}-smtp
- name: SMTP_NAME
valueFrom:
secretKeyRef:
key: username
name: ${NS}-smtp
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: nextcloud.pg-${PG_DOMAIN}.credentials
envFrom:
- secretRef:
name: ${FQDN}-app
image: libresh/nextcloud:${NC_IMAGE_TAG}
imagePullPolicy: Always
name: app
ports:
- containerPort: 9000
name: api
protocol: TCP
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
fsGroup: 82
runAsGroup: 82
runAsUser: 82
terminationGracePeriodSeconds: 30
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/component: web
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
name: ${FQDN}-web
namespace: ${NS}
spec:
progressDeadlineSeconds: 600
replicas: 2
revisionHistoryLimit: 10
selector:
matchLabels: app.kubernetes.io/component: web
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/component: web
app.kubernetes.io/instance: ${FQDN}
app.kubernetes.io/name: nextcloud
app.kubernetes.io/part-of: Nextcloud
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
topologyKey: kubernetes.io/hostname
labelSelector:
matchExpressions:
- key: app.kubernetes.io/instance
operator: In
values:
- ${FQDN}
- key: app.kubernetes.io/component
operator: In
values:
- web
containers:
- image: libresh/nextcloud:${NC_WEB_IMAGE_TAG}
imagePullPolicy: Always
name: web
ports:
- containerPort: 80
name: http
protocol: TCP
env:
- name: BACKEND_HOST
value: ${FQDN}-app
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
labels:
app.kubernetes.io/component: cron
app.kubernetes.io/instance: ${FQDN}-cron
app.kubernetes.io/part-of: nextcloud
name: ${FQDN}-cron
spec:
jobTemplate:
metadata:
labels:
app.kubernetes.io/component: cron
app.kubernetes.io/instance: ${FQDN}-cron
app.kubernetes.io/part-of: nextcloud
name: nextcloud-cron
spec: manualSelector: false
template:
metadata:
labels:
app.kubernetes.io/component: cron
app.kubernetes.io/instance: ${FQDN}-cron
app.kubernetes.io/part-of: nextcloud
name: nextcloud-cron
spec:
containers:
- args:
- /bin/echo start cron;/usr/local/bin/php occ status;/usr/local/bin/php /usr/src/nextcloud/cron.php;/bin/echo stop cron;/usr/local/bin/php occ config:list | grep lastcron | cut -d\" -f4 | xargs -I{} date -d @{}
command:
- /bin/sh
- -c
env:
- name: INSTALLED
value: "true"
- name: VERSION
value: ${NC_VERSION}
- name: OBJECTSTORE_S3_KEY
valueFrom:
secretKeyRef:
key: AWS_ACCESS_KEY_ID
name: ${FQDN}-s3
- name: OBJECTSTORE_S3_SECRET
valueFrom:
secretKeyRef:
key: AWS_SECRET_ACCESS_KEY
name: ${FQDN}-s3
- name: MAIL_FROM_ADDRESS
valueFrom:
secretKeyRef:
key: mail_from_address
name: ${NS}-smtp
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: ${NS}-smtp
- name: SMTP_NAME
valueFrom:
secretKeyRef:
key: username
name: ${NS}-smtp
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: nextcloud.pg-${PG_DOMAIN}.credentials
envFrom:
- secretRef:
name: ${FQDN}-app
image: libresh/nextcloud:${NC_IMAGE_TAG}
imagePullPolicy: Always
name: cli
restartPolicy: OnFailure
schedule: '*/5 * * * *'
successfulJobsHistoryLimit: 3
suspend: false