From dcc7c873f4c490c1d80a3aa9d8b0b49616bfd62b Mon Sep 17 00:00:00 2001
From: roukydesbois <thomas@blarre.net>
Date: Wed, 23 Oct 2024 11:18:30 +0100
Subject: [PATCH] starting to switch to nginx-ingress

---
 nextcloud-linode/templates/ingress.yaml    | 16 ++++++++++
 nextcloud-linode/templates/ts-ingress.yaml | 16 ----------
 nextcloud-linode/values.yaml               | 35 +++++++++++++++++++++-
 3 files changed, 50 insertions(+), 17 deletions(-)
 create mode 100644 nextcloud-linode/templates/ingress.yaml
 delete mode 100644 nextcloud-linode/templates/ts-ingress.yaml

diff --git a/nextcloud-linode/templates/ingress.yaml b/nextcloud-linode/templates/ingress.yaml
new file mode 100644
index 0000000..60dc204
--- /dev/null
+++ b/nextcloud-linode/templates/ingress.yaml
@@ -0,0 +1,16 @@
+# apiVersion: networking.k8s.io/v1
+# kind: Ingress
+# metadata:
+  # name: ts-nextcloud
+  # annotations:
+    # tailscale.com/funnel: "false"
+# spec:
+  # defaultBackend:
+    # service:
+      # name: {{ .Release.Name }}
+      # port:
+        # number: 8080
+  # ingressClassName: tailscale
+  # tls:
+    # - hosts:
+        # - "{{ .Values.tailscaleHostName }}"
diff --git a/nextcloud-linode/templates/ts-ingress.yaml b/nextcloud-linode/templates/ts-ingress.yaml
deleted file mode 100644
index 00f5f30..0000000
--- a/nextcloud-linode/templates/ts-ingress.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: ts-nextcloud
-  annotations:
-    tailscale.com/funnel: "false"
-spec:
-  defaultBackend:
-    service:
-      name: {{ .Release.Name }}
-      port:
-        number: 8080
-  ingressClassName: tailscale
-  tls:
-    - hosts:
-        - "{{ .Values.tailscaleHostName }}"
diff --git a/nextcloud-linode/values.yaml b/nextcloud-linode/values.yaml
index 7cf4be8..342f603 100644
--- a/nextcloud-linode/values.yaml
+++ b/nextcloud-linode/values.yaml
@@ -25,7 +25,7 @@ nextcloud:
       enabled: true
       secretName: nextcloud-db-app
       usernameKey: user 
-      passwordKey: password 
+      passwordKey: password
       databaseKey: dbname
       hostKey: host
   persistence:
@@ -34,3 +34,36 @@ nextcloud:
     nextcloudData:
       enabled: true
       size: 8Gi
+  image:
+    flavor: fpm
+  nginx:
+    enabled: true
+  ingress:
+    className: nginx
+    annotations:
+      nginx.ingress.kubernetes.io/server-snippet: |-
+        server_tokens off;
+        proxy_hide_header X-Powered-By;
+        rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
+        rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
+        location = /.well-known/carddav {
+          return 301 $scheme://$host/remote.php/dav;
+        }
+        location = /.well-known/caldav {
+          return 301 $scheme://$host/remote.php/dav;
+        }
+        location = /robots.txt {
+          allow all;
+          log_not_found off;
+          access_log off;
+        }
+        location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
+          deny all;
+        }
+        location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
+          deny all;
+        }
+      nginx.ingress.kubernetes.io/enable-cors: "true"
+      nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"