nextcloud: move to generic storage

author: Christian Pointner <equinox@spreadspace.org> 2024-08-25 17:26:23 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2024-08-25 17:26:23 +0200
commit: 1b677375d1b629eb848ac34d428c6e5dcacda507 (patch)
tree: a03ea510f0a4b11b8ce19734e110b5b7daf6f752 /roles/apps/nextcloud/templates
parent: nextcloud/office: move test instances to new sk-cloudio (diff)
7 files changed, 30 insertions, 136 deletions
diff --git a/roles/apps/nextcloud/templates/apache-site.conf.j2 b/roles/apps/nextcloud/templates/apache-site.conf.j2
deleted file mode 100644
index a52a7fc5..00000000
--- a/roles/apps/nextcloud/templates/apache-site.conf.j2
+++ /dev/null
@@ -1,10 +0,0 @@
-<VirtualHost *:8080>
-  ServerAdmin webmaster@localhost
-  DocumentRoot /var/www/html
-
-  UseCanonicalName Off
-  UseCanonicalPhysicalPort Off
-
-  ErrorLog ${APACHE_LOG_DIR}/error.log
-  CustomLog ${APACHE_LOG_DIR}/access.log combined
-</VirtualHost>
diff --git a/roles/apps/nextcloud/templates/cron-.timer.j2 b/roles/apps/nextcloud/templates/cron-.timer.j2
deleted file mode 100644
index 0c3f7cd7..00000000
--- a/roles/apps/nextcloud/templates/cron-.timer.j2
+++ /dev/null
@@ -1,9 +0,0 @@
-[Unit]
-Description=Nextcloud cron.php job timer for %i
-
-[Timer]
-OnCalendar=*:{{ 5 | random(seed=item) }}/5
-Unit=nextcloud-cron@{{ item }}.service
-
-[Install]
-WantedBy=timers.target
diff --git a/roles/apps/nextcloud/templates/cron@.service.j2 b/roles/apps/nextcloud/templates/cron@.service.j2
index 822f64b4..d8cde0a3 100644
--- a/roles/apps/nextcloud/templates/cron@.service.j2
+++ b/roles/apps/nextcloud/templates/cron@.service.j2
@@ -3,7 +3,7 @@ Description=Nextcloud cron.php job for %i
 
 [Service]
 Type=oneshot
-ExecStart={{ nextcloud_base_path }}/%i/config/run-cron.sh
+ExecStart=/usr/local/bin/nextcloud-cron %i
 NoNewPrivileges=yes
 PrivateTmp=yes
 PrivateDevices=yes
diff --git a/roles/apps/nextcloud/templates/nextcloud-cron.j2 b/roles/apps/nextcloud/templates/nextcloud-cron.j2
new file mode 100755
index 00000000..355ae2c3
--- /dev/null
+++ b/roles/apps/nextcloud/templates/nextcloud-cron.j2
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+INST_NAME="$1"
+shift
+
+if [ -z "$INST_NAME" ]; then
+  echo "Usage: $0 <instance>"
+  exit 1
+fi
+
+set -eu
+
+pod_id=$(crictl pods -q --state ready --name "^nextcloud-$INST_NAME-{{ ansible_nodename }}$")
+if [ -z "$pod_id" ]; then echo "Pod not found"; exit 1; fi
+
+container_id=$(crictl ps -q --name '^nextcloud$' -p "$pod_id")
+if [ -z "$container_id" ]; then echo "Container not found"; exit 1; fi
+
+exec crictl exec "$container_id" php -f /var/www/html/cron.php
diff --git a/roles/apps/nextcloud/templates/nextcloud-upgrade.j2 b/roles/apps/nextcloud/templates/nextcloud-upgrade.j2
index f59f3be6..ffa912e8 100755
--- a/roles/apps/nextcloud/templates/nextcloud-upgrade.j2
+++ b/roles/apps/nextcloud/templates/nextcloud-upgrade.j2
@@ -24,7 +24,7 @@ function cleanup {
 }
 trap cleanup EXIT
 
-IMAGE_BUILD_D="{{ nextcloud_base_path }}/$INST_NAME/build"
+IMAGE_BUILD_D=$(cat "$K8S_CONFIG_HASH_FILE" | grep "build/Dockerfile:"  | tr -d ":" | xargs dirname)
 IMAGE_NAME="nextcloud"
 if [ -e "$IMAGE_BUILD_D/Dockerfile" ]; then
   ## this only works if docker is installed...
@@ -40,15 +40,17 @@ else
   crictl pull "docker.io/library/nextcloud:$VERSION"
   echo ""
 fi
-{% if nextcloud_zfs is defined %}
 
-echo "*** creating ZFS snapshot"
-echo ""
+STORAGE_TYPE=$(findmnt -no fstype -T "$IMAGE_BUILD_D")
+if [ $STORAGE_TYPE == "zfs" ]; then
+  echo "*** creating ZFS snapshot"
+  echo ""
 
-IMAGE_NAME_ESCAPED=${IMAGE_NAME/\//\\/}
-CURRENT_VERSION=$(cat "$K8S_MANIFEST_FILE" | awk '/image: "'"$IMAGE_NAME_ESCAPED"':.*"/ { print($2) }' | tr -d '"' | cut -d ':' -f 2)
-zfs snapshot "{{ nextcloud_zfs.pool }}/{{ nextcloud_zfs.name }}/$INST_NAME@upgrade_$CURRENT_VERSION-to-$VERSION""_$(date '+%Y-%m-%m_%H:%M:%S')"
-{% endif %}
+  IMAGE_NAME_ESCAPED=${IMAGE_NAME/\//\\/}
+  CURRENT_VERSION=$(cat "$K8S_MANIFEST_FILE" | awk '/image: "'"$IMAGE_NAME_ESCAPED"':.*"/ { print($2) }' | tr -d '"' | cut -d ':' -f 2)
+  ZFS_VOLUME=$(findmnt -no source -T "$IMAGE_BUILD_D")
+  zfs snapshot "$ZFS_VOLUME@upgrade_$CURRENT_VERSION-to-$VERSION""_$(date '+%Y-%m-%m_%H:%M:%S')"
+fi
 
 echo "*** Rebuilding config-hash file"
 echo ""
diff --git a/roles/apps/nextcloud/templates/pod-spec-with-mariadb.yml.j2 b/roles/apps/nextcloud/templates/pod-spec-with-mariadb.yml.j2
deleted file mode 100644
index a49bc3ea..00000000
--- a/roles/apps/nextcloud/templates/pod-spec-with-mariadb.yml.j2
+++ /dev/null
@@ -1,101 +0,0 @@
-securityContext:
-  allowPrivilegeEscalation: false
-containers:
-- name: nextcloud
-{#  image: "nextcloud{% if 'custom_image' in item.value %}/{{ item.key }}{% endif %}:{{ item.value.version }}" #}
-  image: "nextcloud/{{ item.key }}:{{ item.value.version }}"
-  securityContext:
-    runAsUser: {{ nextcloud_app_uid }}
-    runAsGroup: {{ nextcloud_app_gid }}
-  resources:
-    limits:
-      memory: "4Gi"
-{% if 'new' in item.value and item.value.new %}
-  env:
-  - name: NEXTCLOUD_TRUSTED_DOMAINS
-    value: "{{ item.value.hostnames | join(' ') }}"
-  - name: OVERWRITEPROTOCOL
-    value: "https"
-  - name: MYSQL_HOST
-    value: 127.0.0.1
-  - name: MYSQL_DATABASE
-    value: nextcloud
-  - name: MYSQL_USER
-    value: nextcloud
-  - name: MYSQL_PASSWORD
-    value: "{{ item.value.database.password }}"
-{% endif %}
-  volumeMounts:
-  - name: nextcloud
-    mountPath: /var/www/html
-  - name: config
-    mountPath: /etc/apache2/sites-available/000-default.conf
-    subPath: apache-site.conf
-    readOnly: true
-  - name: config
-    mountPath: /etc/apache2/ports.conf
-    subPath: ports.conf
-    readOnly: true
-  ports:
-  - containerPort: 8080
-    hostPort: {{ item.value.port }}
-    hostIP: 127.0.0.1
-- name: redis
-  image: "redis:{{ item.value.redis.version }}"
-  args:
-  - --bind 127.0.0.1
-  securityContext:
-    runAsUser: {{ nextcloud_redis_uid }}
-    runAsGroup: {{ nextcloud_redis_gid }}
-  resources:
-    limits:
-      memory: "512Mi"
-  volumeMounts:
-  - name: redis
-    mountPath: /data
-- name: database
-  image: "mariadb:{{ item.value.database.version }}"
-  args:
-  - --transaction-isolation=READ-COMMITTED
-  - --log-bin=binlog
-  - --binlog-format=ROW
-{% for arg in (item.value.database.extra_args | default([])) %}
-  - {{ arg }}
-{% endfor %}
-  securityContext:
-    runAsUser: {{ nextcloud_db_uid }}
-    runAsGroup: {{ nextcloud_db_gid }}
-  resources:
-    limits:
-      memory: "2Gi"
-{% if 'new' in item.value and item.value.new %}
-  env:
-  - name: MYSQL_RANDOM_ROOT_PASSWORD
-    value: "true"
-  - name: MYSQL_DATABASE
-    value: nextcloud
-  - name: MYSQL_USER
-    value: nextcloud
-  - name: MYSQL_PASSWORD
-    value: "{{ item.value.database.password }}"
-{% endif %}
-  volumeMounts:
-  - name: database
-    mountPath: /var/lib/mysql
-volumes:
-- name: config
-  hostPath:
-    path: "{{ nextcloud_base_path }}/{{ item.key }}/config/"
-    type: Directory
-- name: nextcloud
-  hostPath:
-    path: "{{ nextcloud_base_path }}/{{ item.key }}/nextcloud"
-    type: Directory
-- name: redis
-  hostPath:
-    path: "{{ nextcloud_base_path }}/{{ item.key }}/redis"
-    type: Directory
-- name: database
-  hostPath:
-    path: "{{ nextcloud_base_path }}/{{ item.key }}/{{ item.value.database.type }}"
-    type: Directory
diff --git a/roles/apps/nextcloud/templates/run-cron.sh.j2 b/roles/apps/nextcloud/templates/run-cron.sh.j2
deleted file mode 100644
index 455bc3ec..00000000
--- a/roles/apps/nextcloud/templates/run-cron.sh.j2
+++ /dev/null
@@ -1,7 +0,0 @@
-#!/bin/bash
-
-POD_NAME="{{ item }}-$(hostname)"
-POD_ID=$(crictl pods --name "$POD_NAME" --state ready -q)
-CONTAINER_ID=$(crictl ps --pod "$POD_ID" --name nextcloud -q)
-
-exec crictl exec "$CONTAINER_ID" php -f /var/www/html/cron.php
author	Christian Pointner <equinox@spreadspace.org>	2024-08-25 17:26:23 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2024-08-25 17:26:23 +0200
commit	1b677375d1b629eb848ac34d428c6e5dcacda507 (patch)
tree	a03ea510f0a4b11b8ce19734e110b5b7daf6f752 /roles/apps/nextcloud/templates
parent	nextcloud/office: move test instances to new sk-cloudio (diff)