securityContext:
  allowPrivilegeEscalation: false
containers:
- name: nextcloud
  image: "nextcloud/{{ elevate_media_nextcloud_instance_name }}:{{ elevate_media_nextcloud_instance.version }}"
  securityContext:
    runAsUser: {{ elevate_media_share_uid }}
    runAsGroup: {{ elevate_media_share_gid }}
  resources:
    limits:
      memory: "4Gi"
  volumeMounts:
  - name: nextcloud
    mountPath: /var/www/html
  - name: config
    mountPath: /etc/apache2/sites-available/000-default.conf
    subPath: apache-site.conf
    readOnly: true
  - name: config
    mountPath: /etc/apache2/ports.conf
    subPath: ports.conf
    readOnly: true
  ports:
  - containerPort: 8080
    hostPort: {{ elevate_media_nextcloud_instance.port }}
    hostIP: 127.0.0.1
- name: database
  image: "mariadb:{{ elevate_media_nextcloud_instance.database.version }}"
  args:
  - --transaction-isolation=READ-COMMITTED
  - --binlog-format=ROW
  securityContext:
    runAsUser: {{ elevate_media_nextcloud_db_uid }}
    runAsGroup: {{ elevate_media_nextcloud_db_gid }}
  resources:
    limits:
      memory: "2Gi"
  env:
  - name: MYSQL_RANDOM_ROOT_PASSWORD
    value: "true"
  - name: MYSQL_DATABASE
    value: nextcloud
  - name: MYSQL_USER
    value: nextcloud
  - name: MYSQL_PASSWORD
    value: "{{ elevate_media_nextcloud_instance.database.password }}"
  volumeMounts:
  - name: database
    mountPath: /var/lib/mysql
volumes:
- name: config
  hostPath:
    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/config/"
    type: Directory
- name: nextcloud
  hostPath:
    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/nextcloud"
    type: Directory
- name: database
  hostPath:
    path: "{{ elevate_media_nextcloud_base_path }}/{{ elevate_media_nextcloud_instance_name }}/{{ elevate_media_nextcloud_instance.database.type }}"
    type: Directory