tailscaleHostName: 
initialNextcloudAdminUsername:
initialNextcloudAdminPassword:

nextcloud:
  nextcloud:
    host: 
    existingSecret:
      enabled: true
      secretName: nextcloud-config
      usernameKey: nc-admin-username
      passwordKey: nc-admin-password
  redis:
    enabled: true
    auth:
      enabled: false
  cronjob:
    enabled: true
  internalDatabase:
    enabled: false
  externalDatabase:
    enabled: true
    type: postgresql
    existingSecret:
      enabled: true
      secretName: nextcloud-db-app
      usernameKey: user 
      passwordKey: password
      databaseKey: dbname
      hostKey: host
  persistence:
    enabled: true
    size: 8Gi
    nextcloudData:
      enabled: true
      size: 8Gi
  image:
    flavor: fpm
  nginx:
    enabled: true
  ingress:
    className: nginx
    annotations:
      nginx.ingress.kubernetes.io/server-snippet: |-
        server_tokens off;
        proxy_hide_header X-Powered-By;
        rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
        rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
        location = /.well-known/carddav {
          return 301 $scheme://$host/remote.php/dav;
        }
        location = /.well-known/caldav {
          return 301 $scheme://$host/remote.php/dav;
        }
        location = /robots.txt {
          allow all;
          log_not_found off;
          access_log off;
        }
        location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
          deny all;
        }
        location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
          deny all;
        }
      nginx.ingress.kubernetes.io/enable-cors: "true"
      nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"