--- apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "nextcloud.fullname" . }} labels: app.kubernetes.io/name: {{ include "nextcloud.name" . }} helm.sh/chart: {{ include "nextcloud.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/component: app {{- with .Values.deploymentLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- with .Values.deploymentAnnotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: {{- if not .Values.hpa.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} strategy: {{- toYaml .Values.nextcloud.strategy | nindent 4 }} selector: matchLabels: app.kubernetes.io/name: {{ include "nextcloud.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: app template: metadata: labels: app.kubernetes.io/name: {{ include "nextcloud.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: app {{- if .Values.redis.enabled }} {{ template "nextcloud.redis.fullname" . }}-client: "true" {{- end }} {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} annotations: nextcloud-config-hash: {{ print (toJson .Values.nextcloud.defaultConfigs) "-" (toJson .Values.nextcloud.configs) | sha256sum }} php-config-hash: {{ toJson .Values.nextcloud.phpConfigs | sha256sum }} {{- if .Values.nginx.enabled }} nginx-config-hash: {{ print .Values.nginx.config.default "-" .Values.nginx.config.custom | sha256sum }} {{- end }} hooks-hash: {{ toYaml .Values.nextcloud.hooks | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.image.pullSecrets }} imagePullSecrets: {{- range . }} - name: {{ . }} {{- end}} {{- end }} containers: - name: {{ .Chart.Name }} image: {{ include "nextcloud.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy }} {{- with .Values.lifecycle }} lifecycle: {{- with .postStartCommand }} postStart: exec: command: {{- toYaml . | nindent 18 }} {{- end }} {{- with .preStopCommand }} preStop: exec: command: {{- toYaml . | nindent 18 }} {{- end }} {{- end }} env: {{- include "nextcloud.env" . | nindent 12 }} {{- if not .Values.nginx.enabled }} ports: - name: http containerPort: {{ .Values.nextcloud.containerPort }} protocol: TCP {{- with .Values.livenessProbe }} {{- if .enabled }} livenessProbe: httpGet: path: /status.php port: {{ $.Values.nextcloud.containerPort }} httpHeaders: - name: Host value: {{ $.Values.nextcloud.host | quote }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} {{- end }} {{- with .Values.readinessProbe }} {{- if .enabled }} readinessProbe: httpGet: path: /status.php port: {{ $.Values.nextcloud.containerPort }} httpHeaders: - name: Host value: {{ $.Values.nextcloud.host | quote }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} {{- end }} {{- with .Values.startupProbe }} {{- if .enabled }} startupProbe: httpGet: path: /status.php port: {{ $.Values.nextcloud.containerPort }} httpHeaders: - name: Host value: {{ $.Values.nextcloud.host | quote }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} {{- end }} {{- end }}{{/* end-if not nginx.enabled */}} resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nextcloud.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: {{- include "nextcloud.volumeMounts" . | trim | nindent 12 }} {{- if .Values.nginx.enabled }} - name: {{ .Chart.Name }}-nginx image: "{{ .Values.nginx.image.repository }}:{{ .Values.nginx.image.tag }}" imagePullPolicy: {{ .Values.nginx.image.pullPolicy }} {{- with .Values.nginx.extraEnv }} env: {{- toYaml . | nindent 12 }} {{- end }} ports: - name: http protocol: TCP containerPort: {{ .Values.nextcloud.containerPort }} {{- with .Values.livenessProbe }} {{- if .enabled }} livenessProbe: httpGet: path: /status.php port: {{ $.Values.nextcloud.containerPort }} httpHeaders: - name: Host value: {{ $.Values.nextcloud.host | quote }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} {{- end }} {{- with .Values.readinessProbe }} {{- if .enabled }} readinessProbe: httpGet: path: /status.php port: {{ $.Values.nextcloud.containerPort }} httpHeaders: - name: Host value: {{ $.Values.nextcloud.host | quote }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} {{- end }} {{- with .Values.startupProbe }} {{- if .enabled }} startupProbe: httpGet: path: /status.php port: {{ $.Values.nextcloud.containerPort }} httpHeaders: - name: Host value: {{ $.Values.nextcloud.host | quote }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} {{- end }} resources: {{- toYaml .Values.nginx.resources | nindent 12 }} {{- with .Values.nginx.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: - name: nextcloud-main mountPath: /var/www/ subPath: {{ ternary "root" (printf "%s/root" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/html subPath: {{ ternary "html" (printf "%s/html" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} - name: nextcloud-data mountPath: {{ .Values.nextcloud.datadir }} subPath: {{ ternary "data" (printf "%s/data" .Values.persistence.nextcloudData.subPath) (empty .Values.persistence.nextcloudData.subPath) }} {{- else }} - name: nextcloud-main mountPath: {{ .Values.nextcloud.datadir }} subPath: {{ ternary "data" (printf "%s/data" .Values.persistence.subPath) (empty .Values.persistence.subPath) }} {{- end }} - name: nextcloud-main mountPath: /var/www/html/config subPath: {{ ternary "config" (printf "%s/config" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/html/custom_apps subPath: {{ ternary "custom_apps" (printf "%s/custom_apps" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/tmp subPath: {{ ternary "tmp" (printf "%s/tmp" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-main mountPath: /var/www/html/themes subPath: {{ ternary "themes" (printf "%s/themes" .Values.nextcloud.persistence.subPath) (empty .Values.nextcloud.persistence.subPath) }} - name: nextcloud-nginx-config mountPath: /etc/nginx/conf.d/ {{- with .Values.nextcloud.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} {{- end }}{{/* end-if nginx.enabled */}} {{- if .Values.cronjob.enabled }} - name: {{ .Chart.Name }}-cron image: {{ include "nextcloud.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /cron.sh {{- with .Values.cronjob.lifecycle }} lifecycle: {{- with .postStartCommand }} postStart: exec: command: {{- toYaml . | nindent 18 }} {{- end }} {{- with .preStopCommand }} preStop: exec: command: {{- toYaml . | nindent 18 }} {{- end }} {{- end }} env: {{- include "nextcloud.env" . | nindent 12 }} resources: {{- toYaml .Values.cronjob.resources | nindent 12 }} {{- with .Values.cronjob.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: {{- include "nextcloud.volumeMounts" . | trim | nindent 12 }} {{- end }}{{/* end-if cronjob.enabled */}} {{- with .Values.nextcloud.extraSidecarContainers }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} initContainers: {{- with .Values.nextcloud.extraInitContainers }} {{- toYaml . | nindent 8 }} {{- end }} {{- if .Values.mariadb.enabled }} - name: mariadb-isalive image: {{ .Values.mariadb.image.registry | default "docker.io" }}/{{ .Values.mariadb.image.repository }}:{{ .Values.mariadb.image.tag }} {{- with .Values.nextcloud.mariaDbInitContainer }} resources: {{- toYaml .resources | nindent 12 }} securityContext: {{- toYaml .securityContext | nindent 12 }} {{- end }} env: - name: MYSQL_USER valueFrom: secretKeyRef: name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} key: {{ .Values.externalDatabase.existingSecret.usernameKey }} - name: MYSQL_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} key: {{ .Values.externalDatabase.existingSecret.passwordKey }} command: - "sh" - "-c" - {{ printf "until mysql --host=%s-mariadb --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" .Release.Name }} {{- else if .Values.postgresql.enabled }} - name: postgresql-isready image: {{ .Values.postgresql.image.registry | default "docker.io" }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }} {{- with .Values.nextcloud.postgreSqlInitContainer }} resources: {{- toYaml .resources | nindent 12 }} securityContext: {{- toYaml .securityContext | nindent 12 }} {{- end }} env: - name: POSTGRES_USER valueFrom: secretKeyRef: name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }} key: {{ .Values.externalDatabase.existingSecret.usernameKey }} - name: POSTGRES_HOST value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }} command: - "sh" - "-c" - "until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done" {{- end }}{{/* end-if any database-initContainer */}} - name: {{ .Chart.Name }}-upgrade image: {{ include "nextcloud.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy }} args: # Do upgrade then exit # This avoids doing it in the container, which could get killed by failed liveness probes - "true" env: - name: NEXTCLOUD_UPDATE value: "1" {{- include "nextcloud.env" . | nindent 12 }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nextcloud.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: {{- include "nextcloud.volumeMounts" . | trim | nindent 12 }} {{- range $hook, $shell := .Values.nextcloud.hooks }} {{- if $shell }} - name: nextcloud-hooks mountPath: /docker-entrypoint-hooks.d/{{ $hook }}/helm.sh subPath: {{ $hook }}.sh readOnly: true {{- end }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: nextcloud-main {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud{{- end }} {{- else }} emptyDir: {} {{- end }} {{- if and .Values.persistence.nextcloudData.enabled .Values.persistence.enabled }} - name: nextcloud-data persistentVolumeClaim: claimName: {{ if .Values.persistence.nextcloudData.existingClaim }}{{ .Values.persistence.nextcloudData.existingClaim }}{{- else }}{{ template "nextcloud.fullname" . }}-nextcloud-data{{- end }} {{- end }} {{- if .Values.nextcloud.configs }} - name: nextcloud-config configMap: name: {{ template "nextcloud.fullname" . }}-config {{- end }} {{- if .Values.nextcloud.phpConfigs }} - name: nextcloud-phpconfig configMap: name: {{ template "nextcloud.fullname" . }}-phpconfig {{- end }} {{- if .Values.nginx.enabled }} - name: nextcloud-nginx-config configMap: name: {{ template "nextcloud.fullname" . }}-nginxconfig {{- end }} {{- if not (values .Values.nextcloud.hooks | compact | empty) }} - name: nextcloud-hooks configMap: name: {{ template "nextcloud.fullname" . }}-hooks defaultMode: 0o755 {{- end }} {{- with .Values.nextcloud.extraVolumes }} {{- toYaml . | nindent 8 }} {{- end }} securityContext: {{- with .Values.securityContext }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.nextcloud.podSecurityContext }} {{- toYaml . | nindent 8 }} {{- else }} {{- if .Values.nginx.enabled }} # Will mount configuration files as www-data (id: 82) for nextcloud fsGroup: 82 {{- else }} # Will mount configuration files as www-data (id: 33) for nextcloud fsGroup: 33 {{- end }} {{- end }}{{/* end-with podSecurityContext */}} {{- if .Values.rbac.enabled }} serviceAccountName: {{ .Values.rbac.serviceaccount.name }} {{- end }} {{- with .Values.dnsConfig }} dnsConfig: {{- toYaml . | nindent 8 }} {{- end }}