marcio.fernandes/nextcloud
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: hosting on k3s

Browse Source
This commit is contained in:
Márcio Fernandes
2025-03-08 09:22:08 +00:00
parent 2653e36e69
commit d72874c7ed
14 changed files with 353 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
.gitea/workflows/ docker-image.deploy.yml
View File

@@ -1,32 +0,0 @@
on:
push:
paths:
- "docker/**"
- ".gitea/**"
# schedule:
# - cron: "0 02 * * *"
jobs:
build-docker-image:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Log in to git.limbosolutions.com docker registry
uses: docker/login-action@v3
with:
registry: git.limbosolutions.com
username: ${{ secrets.GITLIMBO_DOCKER_REGISTRY_USERNAME }}
password: ${{ secrets.GITLIMBO_DOCKER_REGISTRY_PASSWORD }}
- name: Build and push Docker images
id: push
uses: docker/build-push-action@v6
with:
context: .
file: ${{gitea.workspace}}/docker/Dockerfile
push: true
tags: git.limbosolutions.com/kb/nextcloud

1
.gitignore vendored
View File

@@ -1,3 +1,4 @@
**.env.** **.env.**
.env .env
localSettings localSettings
archive

5
.vscode/settings.json vendored
View File

@@ -1,5 +0,0 @@
{
"cSpell.words": [
"nextcloud"
]
}

62
compose.yaml
View File

@@ -1,62 +0,0 @@
version: '2'
services:
db:
image: mariadb:10.5
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
volumes:
- db:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
networks:
- cloud_limbosolutions_com_private
restart: unless-stopped
app:
image: git.limbosolutions.com/kb/nextcloud
container_name: cloud_limbosolutions_com-nextcloud
links:
- db
volumes:
- html:/var/www/html
environment:
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_HOST=db
- PHP_MEMORY_LIMIT=2048M
networks:
- cloud_limbosolutions_com_private
- wan_reverse_proxy_public
restart: unless-stopped
duplicati:
image: git.limbosolutions.com/kb/duplicati:mysql-latest
container_name: cloud_limbosolutions_com-duplicati
environment:
- MYSQL_HOST=db
- MYSQL_DATABASE=${MYSQL_DATABASE}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_BACKUP_FOLDER=/bck/db-dumps
volumes:
- duplicati_data:/data
- db:/bck/db_data:ro
- html:/bck/app_data:ro
- duplicati_data:/bck/duplicati_data:ro
- db-dumps:/bck/db_dumps
networks:
- cloud_limbosolutions_com_private
- wan_reverse_proxy_public
restart: unless-stopped
#ports:
# - 8200:8200
volumes:
html:
db:
duplicati_data:
db-dumps:
networks:
cloud_limbosolutions_com_private:
wan_reverse_proxy_public:
external: true

2
docker/Dockerfile
View File

@@ -1,2 +0,0 @@
FROM nextcloud:31
RUN apt update;apt install -y smbclient libsmbclient-dev;pecl install smbclient;echo "extension=smbclient.so" >> /usr/local/etc/php/conf.d/nextcloud.ini; echo "extension=smbclient.so" >> /usr/local/etc/php.ini

58
ingress.yml Normal file
View File

@@ -0,0 +1,58 @@
# not in use. remove and add to kb
apiVersion: v1
kind: Endpoints
metadata:
name: cloud-limbosolutions-com-service
namespace: cloud-limbosolutions-com
subsets:
- addresses:
- ip: 192.168.13.2
ports:
- name: app
port: 4000
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: cloud-limbosolutions-com-service
namespace: cloud-limbosolutions-com
spec:
ports:
- name: app
port: 4000
protocol: TCP
targetPort: 4000
clusterIP: None
type: ClusterIP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: cloud-limbosolutions-com-ingress
namespace: cloud-limbosolutions-com
# annotations:
# cert-manager.io/cluster-issuer: "letsencrypt-staging"
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
spec:
ingressClassName: traefik
# tls:
# - hosts:
# - minio.example.com
# secretName: tls-example-com
rules:
- host: cloud.icharus.dev.lan
http:
paths:
- backend:
service:
name: cloud-limbosolutions-com-service
port:
number: 4000
path: /
pathType: Prefix

129
jobs/backup/backup-cronjob.yaml Normal file
View File

@@ -0,0 +1,129 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: backup
namespace: cloud-limbosolutions-com
spec:
schedule: "0 2 * * *"
jobTemplate:
spec:
backoffLimit: 1
template:
spec:
restartPolicy: Never
initContainers:
- name: mariadb-client
resources:
limits:
memory: "512Mi"
cpu: "500m"
requests:
memory: "256Mi"
cpu: "250m"
image: bitnami/mysql:latest
command: ["bash", "-c"]
args:
- |
#while true; do sleep 30; done
mkdir -p /data/mariadb-export
echo "INFO: Exporting database"
mysqldump --column-statistics=0 -u ${DB_USER} -p${DB_PASSWORD} -h ${DB_HOST} ${DB_NAME} > /data/mariadb-export/backup.sql
if [ $? -ne 0 ]; then
echo "ERROR: Exporting database failed"
exit 1
fi
echo "INFO: Exporting database finished"
env:
- name: DB_USER
valueFrom:
secretKeyRef:
name: nextcloud-db
key: db-username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: nextcloud-db
key: db-password
- name: DB_NAME
valueFrom:
secretKeyRef:
name: backup-secret
key: DB_NAME
- name: DB_HOST
valueFrom:
secretKeyRef:
name: backup-secret
key: DB_HOST
volumeMounts:
- name: backup-var
mountPath: /data/mariadb-export
subPath: mariadb-export
containers:
- name: gitea-pbs-client
image: git.limbosolutions.com/kb/pbsclient
env:
- name: MODE
value: shell
- name: PBS_REPOSITORY
valueFrom:
secretKeyRef:
name: backup-secret
key: PBS_REPOSITORY
- name: PBS_PASSWORD
valueFrom:
secretKeyRef:
name: backup-secret
key: PBS_PASSWORD
- name: PBS_FINGERPRINT
valueFrom:
secretKeyRef:
name: backup-secret
key: PBS_FINGERPRINT
command: ["bash", "-c"]
args:
- |
proxmox-backup-client backup nextcloud-html.pxar:/data/nextcloud-html nextcloud-data.pxar:/data/nextcloud-data mariadb-data.pxar:/data/mariadb-data mariadb-export.pxar:/data/mariadb-export --include-dev /data/nextcloud-html --include-dev /data/nextcloud-data --include-dev /data/mariadb-data --include-dev /data/mariadb-export --backup-id "nextcloud-full" -ns cloud.limbosolutions.com
echo "INFO: cloud.limbosolutions.com finished"
volumeMounts:
- name: nextcloud-html
mountPath: /data/nextcloud-html
- name: nextcloud-data
mountPath: /data/nextcloud-data
- name: db-data
mountPath: /data/mariadb-data
- name: backup-var
mountPath: /tmp
subPath: tmp
- name: backup-var
mountPath: /data/mariadb-export
subPath: mariadb-export
volumes:
- name: nextcloud-html
persistentVolumeClaim:
claimName: nextcloud-nextcloud
- name: nextcloud-data
persistentVolumeClaim:
claimName: nextcloud-nextcloud-data
- name: db-data
persistentVolumeClaim:
claimName: data-nextcloud-mariadb-0
- name: backup-var
emptyDir: {}

8
jobs/backup/secret-deploy.sh Executable file
View File

@@ -0,0 +1,8 @@
#/bin/bash
# set source env variables
. ./.env
export $(cut -d= -f1 ./.env)
envsubst < secret.yaml | kubectl apply -f -

13
jobs/backup/secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
name: backup-secret
namespace: cloud-limbosolutions-com
data:
PBS_REPOSITORY: ${PBS_REPOSITORY}
PBS_PASSWORD: ${PBS_PASSWORD}
PBS_FINGERPRINT: ${PBS_FINGERPRINT}
DB_NAME: ${DB_NAME}
DB_HOST: ${DB_HOST}
# get sql client user and password from nextcloud secret

63
jobs/backup/tests/mysql-client-test-pod.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: v1
kind: Pod
metadata:
name: mariadb-client-test-pod
namespace: cloud-limbosolutions-com
spec:
containers:
- name: mariadb-client
resources:
limits:
memory: "512Mi"
cpu: "500m"
requests:
memory: "256Mi"
cpu: "250m"
image: bitnami/mysql:latest
command: ["bash", "-c"]
args:
- |
#while true; do sleep 30; done
mkdir -p /data/mariadb-export
echo "INFO: Exporting database"
mysqldump --column-statistics=0 -u ${DB_USER} -p${DB_PASSWORD} -h ${DB_HOST} ${DB_NAME} > /data/mariadb-export/backup.sql
if [ $? -ne 0 ]; then
echo "ERROR: Exporting database failed"
exit 1
fi
echo "INFO: Exporting database finished"
env:
- name: DB_USER
valueFrom:
secretKeyRef:
name: nextcloud-db
key: db-username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: nextcloud-db
key: db-password
- name: DB_NAME
valueFrom:
secretKeyRef:
name: backup-secret
key: DB_NAME
- name: DB_HOST
valueFrom:
secretKeyRef:
name: backup-secret
key: DB_HOST
volumeMounts:
- name: backup-var
mountPath: /data/mariadb-export
subPath: mariadb-export
volumes:
- name: backup-var
emptyDir: {}

2
local/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
**
!.gitignore

1
nexcloud/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
**.local**.yaml

5
nexcloud/helm-up.sh Executable file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
helm upgrade --install nextcloud nextcloud/nextcloud \
--values ./values.yaml \
--values ./values.local.yaml \
--namespace=cloud-limbosolutions-com

73
nexcloud/values.yaml Normal file
View File

@@ -0,0 +1,73 @@
image:
repository: nextcloud
flavor: apache
tag:
pullPolicy: Always
replicaCount: 1
internalDatabase:
enabled: false
externalDatabase:
enabled: type
type: mysql
mariadb:
enabled: true
architecture: standalone
primary:
persistence:
enabled: true
existingClaim: ""
storageClass: ""
accessMode: ReadWriteOnce
size: 8Gi
service:
type: ClusterIP
port: 8080
loadBalancerIP: ""
nodePort:
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 8Gi
nextcloudData:
enabled: true
subPath:
annotations: {}
accessMode: ReadWriteOnce
size: 8Gi
#limits:
# cpu: 100m
# memory: 128Mi
#requests:
# cpu: 100m
# memory: 128Mi
ingress:
enabled: true
className: traefik
annotations:
kubernetes.io/ingress.class: traefik
hosts:
- host: cloud.limbosolutions.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: cloud-limbosolutions-com-secret-tls
hosts:
- "cloud.limbosolutions.com"