From 20dc85ae0c644a9580e12314d443c3356dcab4ca Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 6 Jul 2022 23:16:29 +0200
Subject: ele-media: nextcloud base install

---
 .../nextcloud-pod-spec-with-mariadb.yml.j2         | 79 ++++++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 roles/elevate/media/templates/nextcloud-pod-spec-with-mariadb.yml.j2

(limited to 'roles/elevate/media/templates/nextcloud-pod-spec-with-mariadb.yml.j2')

diff --git a/roles/elevate/media/templates/nextcloud-pod-spec-with-mariadb.yml.j2 b/roles/elevate/media/templates/nextcloud-pod-spec-with-mariadb.yml.j2
new file mode 100644
index 00000000..b67066fc
--- /dev/null
+++ b/roles/elevate/media/templates/nextcloud-pod-spec-with-mariadb.yml.j2
@@ -0,0 +1,79 @@
+securityContext:
+  allowPrivilegeEscalation: false
+containers:
+- name: nextcloud
+  image: "nextcloud/{{ elevate_media_nextcloud_instance_name }}:{{ elevate_media_nextcloud_instance.version }}"
+  securityContext:
+    runAsUser: {{ elevate_media_share_uid }}
+    runAsGroup: {{ elevate_media_share_gid }}
+  resources:
+    limits:
+      memory: "4Gi"
+{% if 'new' in elevate_media_nextcloud_instance and elevate_media_nextcloud_instance.new %}
+  env:
+  - name: NEXTCLOUD_TRUSTED_DOMAINS
+    value: "{{ elevate_media_nextcloud_instance.hostnames | join(' ') }}"
+  - name: OVERWRITEPROTOCOL
+    value: "https"
+  - name: MYSQL_HOST
+    value: 127.0.0.1
+  - name: MYSQL_DATABASE
+    value: nextcloud
+  - name: MYSQL_USER
+    value: nextcloud
+  - name: MYSQL_PASSWORD
+    value: "{{ elevate_media_nextcloud_instance.database.password }}"
+{% endif %}
+  volumeMounts:
+  - name: nextcloud
+    mountPath: /var/www/html
+  - name: config
+    mountPath: /etc/apache2/sites-available/000-default.conf
+    subPath: apache-site.conf
+    readOnly: true
+  - name: config
+    mountPath: /etc/apache2/ports.conf
+    subPath: ports.conf
+    readOnly: true
+  ports:
+  - containerPort: 8080
+    hostPort: {{ elevate_media_nextcloud_instance.port }}
+    hostIP: 127.0.0.1
+- name: database
+  image: "mariadb:{{ elevate_media_nextcloud_instance.database.version }}"
+  args:
+  - --transaction-isolation=READ-COMMITTED
+  - --binlog-format=ROW
+  securityContext:
+    runAsUser: {{ elevate_media_nextcloud_db_uid }}
+    runAsGroup: {{ elevate_media_nextcloud_db_gid }}
+  resources:
+    limits:
+      memory: "2Gi"
+{% if 'new' in elevate_media_nextcloud_instance and elevate_media_nextcloud_instance.new %}
+  env:
+  - name: MYSQL_RANDOM_ROOT_PASSWORD
+    value: "true"
+  - name: MYSQL_DATABASE
+    value: nextcloud
+  - name: MYSQL_USER
+    value: nextcloud
+  - name: MYSQL_PASSWORD
+    value: "{{ elevate_media_nextcloud_instance.database.password }}"
+{% endif %}
+  volumeMounts:
+  - name: database
+    mountPath: /var/lib/mysql
+volumes:
+- name: config
+  hostPath:
+    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/"
+    type: Directory
+- name: nextcloud
+  hostPath:
+    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/nextcloud"
+    type: Directory
+- name: database
+  hostPath:
+    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/{{ elevate_media_nextcloud_instance.database.type }}"
+    type: Directory
-- 
cgit v1.2.3