From eb98ae2bb7f5441c6c2bdc85158df0d40f633539 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Sun, 13 Oct 2019 03:19:34 +0200
Subject: nextcloud role almost done - some stuff still missing

---
 roles/nextcloud/templates/pod-with-mariadb.yml.j2 | 45 ++++++++++++++++++-----
 1 file changed, 35 insertions(+), 10 deletions(-)

(limited to 'roles/nextcloud/templates/pod-with-mariadb.yml.j2')

diff --git a/roles/nextcloud/templates/pod-with-mariadb.yml.j2 b/roles/nextcloud/templates/pod-with-mariadb.yml.j2
index 4e2f6baa..7fa40cd4 100644
--- a/roles/nextcloud/templates/pod-with-mariadb.yml.j2
+++ b/roles/nextcloud/templates/pod-with-mariadb.yml.j2
@@ -7,17 +7,35 @@ spec:
     allowPrivilegeEscalation: false
   containers:
   - name: nextcloud
-    image: debian:buster
-    command:
-    - /bin/bash
-    - -c
-    - "sleep 7200"
-    # securityContext:
-    #   runAsUser: {{ nextcloud_app_uid }}
-    #   runAsGroup: {{ nextcloud_app_gid }}
+    image: "nextcloud:{{ item.value.version }}"
+    securityContext:
+      runAsUser: {{ nextcloud_app_uid }}
+      runAsGroup: {{ nextcloud_app_gid }}
+    resources:
+      limits:
+        memory: "4Gi"
+    env:
+    - name: NEXTCLOUD_TRUSTED_DOMAINS
+      value: "{{ item.value.hostnames | join(' ') }}"
+    - name: MYSQL_HOST
+      value: 127.0.0.1
+    - name: MYSQL_DATABASE
+      value: nextcloud
+    - name: MYSQL_USER
+      value: nextcloud
+    - name: MYSQL_PASSWORD
+      value: "{{ item.value.database.password }}"
     volumeMounts:
     - name: nextcloud
       mountPath: /var/www/html
+    - name: config
+      mountPath: /etc/apache2/sites-available/000-default.conf
+      subPath: apache-site.conf
+      readOnly: true
+    - name: config
+      mountPath: /etc/apache2/ports.conf
+      subPath: ports.conf
+      readOnly: true
     ports:
     - containerPort: 8080
       hostPort: {{ item.value.port }}
@@ -29,19 +47,26 @@ spec:
     securityContext:
       runAsUser: {{ nextcloud_db_uid }}
       runAsGroup: {{ nextcloud_db_gid }}
+    resources:
+      limits:
+        memory: "2Gi"
     env:
     - name: MYSQL_RANDOM_ROOT_PASSWORD
       value: "true"
-    - name: MYSQL_PASSWORD
-      value: "{{ item.value.database.password }}"
     - name: MYSQL_DATABASE
       value: nextcloud
     - name: MYSQL_USER
       value: nextcloud
+    - name: MYSQL_PASSWORD
+      value: "{{ item.value.database.password }}"
     volumeMounts:
     - name: database
       mountPath: /var/lib/mysql
   volumes:
+  - name: config
+    hostPath:
+      path: "{{ nextcloud_base_path }}/{{ item.key }}/config/"
+      type: Directory
   - name: nextcloud
     hostPath:
       path: "{{ nextcloud_base_path }}/{{ item.key }}/nextcloud"
-- 
cgit v1.2.3