Added nextcloud

nextcloud-syncthing-argocd-apps/templates/nextcloud-main-chart.yaml

@@ -0,0 +1,101 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: nextcloud-main-chart
+  namespace: {{ .Values.argocd.namespace }}
+  annotations:
+    argocd.argoproj.io/sync-wave: "0"
+    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
+spec:
+  project: {{ .Values.argocd.project }}
+  source:
+    repoURL: "https://nextcloud.github.io/helm"
+    chart: nextcloud
+    targetRevision: 6.x
+    helm:
+      releaseName: nextcloud
+      valuesObject:
+        image:
+          flavor: fpm
+        replicaCount: {{ .Values.nextcloud.replicaCount }}
+        ingress:
+          enabled: true
+          className: nginx
+          annotations:
+            cert-manager.io/cluster-issuer: letsencrypt
+            nginx.ingress.kubernetes.io/server-snippet: |-
+              server_tokens off;
+              proxy_hide_header X-Powered-By;
+              rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
+              rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
+              rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+              rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
+              location = /.well-known/carddav {
+                return 301 $scheme://$host/remote.php/dav;
+              }
+              location = /.well-known/caldav {
+                return 301 $scheme://$host/remote.php/dav;
+              }
+              location = /robots.txt {
+                allow all;
+                log_not_found off;
+                access_log off;
+              }
+              location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
+                deny all;
+              }
+              location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
+                deny all;
+              }
+            nginx.ingress.kubernetes.io/enable-cors: "true"
+            nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
+          tls:
+          - hosts:
+            - {{ .Values.nextcloud.url }}
+            secretname: nextcloud-cert
+        nextcloud:
+          host: {{ .Values.nextcloud.url }}
+          existingSecret:
+            enabled: true
+            secretName: nextcloud-user
+            usernameKey: nc-admin-username
+            passwordKey: nc-admin-password
+          trustedDomains: {{ .Values.nextcloud.trustedDomains }}
+          # extraInitContainers - might be useful to make sure the LUKS secret is present
+        nginx:
+          enabled: true
+        redis:
+          enabled: true
+          auth:
+            enabled: false
+        cronjob:
+          enabled: true
+        internalDatabase:
+          enabled: false
+        externalDatabase:
+          enabled: true
+          type: postgresql
+          host: "nextcloud-db-rw:5432"
+          existingSecret:
+            enabled: true
+            secretName: nextcloud-db-app
+            usernameKey: user 
+            passwordKey: password
+            databaseKey: dbname
+        persistence:
+          enabled: true
+          existingClaim: {{ .Values.nextcloud.configPvc.name }}
+          nextcloudData:
+            enabled: true
+            existingClaim: {{ .Values.dataPvc.name }}
+  destination:
+    server: https://kubernetes.default.svc  # Targeting the current Kubernetes cluster
+    namespace: {{ .Values.mainNamespace }}
+  syncPolicy:
+    automated:
+      prune: true           # Automatically remove resources no longer in the repo
+      selfHeal: true        # Automatically self-heal when drift is detected
+    syncOptions:
+      - ApplyOutOfSyncOnly=true
+      - ServerSideApply=true
+      - CreateNamespace=true

nextcloud-syncthing-argocd-apps/templates/thomflix-requirements-app.yaml

@@ -0,0 +1,48 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: nc-syncthing-requirements
+  namespace: {{ .Values.argocd.namespace }}
+  annotations:
+    argocd.argoproj.io/sync-wave: "-1"
+    notifications.argoproj.io/subscribe.on-sync-succeeded.telegram: "-1002270587578"
+spec:
+  project: {{ .Values.argocd.project }}
+  source:
+    repoURL: "https://git.blarre.net/thomas/helm-charts.git"
+    targetRevision: HEAD
+    path: nextcloud-syncthing-requirements
+    helm:
+      releaseName: nc-syncthing-requirements
+      valuesObject:
+        nextcloud:
+          enable: {{ .Values.nextcloud.enable }}
+          dbCluster:
+            numInstances: {{ .Values.nextcloud.dbCluster.numInstances }}
+            size: {{ .Values.nextcloud.dbCluster.size }}
+          configPvc:
+            name: {{ .Values.nextcloud.configPvc.name }}
+            storageClassName: {{ .Values.nextcloud.configPvc.storageClassName }}
+            size: {{ .Values.nextcloud.configPvc.size }}
+        syncthing:
+          enable: {{ .Values.syncthing.enable }}
+          configPvc:
+            name: {{ .Values.syncthing.configPvc.name }}
+            storageClassName: {{ .Values.syncthing.configPvc.storageClassName }}
+            size: {{ .Values.syncthing.configPvc.size }}
+        dataPvc:
+          name: {{ .Values.dataPvc.name }}
+          createEncryptedPvc: {{ .Values.dataPvc.createEncryptedPvc }}
+          storageClassName: {{ .Values.dataPvc.storageClassName }}
+          size: {{ .Values.dataPvc.size }}
+  destination:
+    server: {{ .Values.mainDestination }} 
+    namespace: {{ .Values.mainNamespace }}
+  syncPolicy:
+    automated:
+      prune: true           # Automatically remove resources no longer in the repo
+      selfHeal: true        # Automatically self-heal when drift is detected
+    syncOptions:
+      - ApplyOutOfSyncOnly=true
+      - ServerSideApply=true
+      - CreateNamespace=true

nextcloud-syncthing-argocd-apps/values.yaml

@@ -0,0 +1,28 @@
+argocd:
+  namespace: argocd
+  project: default
+
+nextcloud:
+  enable: true
+  dbCluster:
+    numInstances: 3
+    size: 4Gi
+  configPvc:
+    name: nextcloud-config-pvc
+    storageClassName: default
+    size: 1Gi
+  replicaCount: 1
+  url: nextcloud.domain.net
+  trustedDomains: office.domain.net
+
+syncthing: 
+  enable: true
+  configPvc:
+    storageClassName: default
+    size: 100Mi
+
+dataPvc:
+  name: data-pvc
+  createEncryptedPvc: true
+  storageClassName: linode-block-storage-retain-luks
+  size: 40Gi