nextcloud.yaml
· 4.0 KiB · YAML
Raw
apiVersion: v1
kind: ConfigMap
metadata:
name: nextcloud-config
data:
POSTGRES_USER: postgres_username
POSTGRES_DB: postgres_db_for_nextcloud_name
POSTGRES_PASSWORD: postgres_password
POSTGRES_HOST: 127.0.0.1 # Don't change unless using a separate DB
NEXTCLOUD_ADMIN_USER: nextcloud-admin
NEXTCLOUD_ADMIN_PASSWORD: nextcloud-admin-password
NEXTCLOUD_TRUSTED_DOMAINS: nextcloud.example.com 192.168.23.45
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
## Tune these if necessary
PHP_MEMORY_LIMIT: 3G
PHP_UPLOAD_LIMIT: 10G
TZ: Europe/Helsinki
---
apiVersion: v1
kind: Pod
metadata:
name: nextcloud
creationTimestamp: "2022-05-25T09:38:11Z"
labels:
app: nextcloud
annotations:
spec:
volumes:
- hostPath:
path: /path/to/clamav/config/directory/on/host ## EDIT
type: Directory
name: clamav-config-host-1
- hostPath:
path: /path/to/nextcloud/webroot/on/host ## EDIT
type: Directory
name: nextcloud-app-host-0
- hostPath:
path: /path/to/redis/dump/on/host ## EDIT
type: Directory
name: nextcloud-redis-host-0
- name: clamav-db
persistentVolumeClaim:
claimName: clamav-db
- name: nextcloud-psql
persistentVolumeClaim:
claimName: nextcloud-psql
containers:
- name: clamav
image: docker.io/clamav/clamav:latest
#image: ghcr.io/0ranki/clamav-docker-arm64:v1.1.0
resources: {}
securityContext:
capabilities:
drop:
- CAP_MKNOD
- CAP_NET_RAW
- CAP_AUDIT_WRITE
volumeMounts:
- mountPath: /var/lib/clamav
name: clamav-db
- mountPath: /etc/clamav
name: clamav-config-host-1
- name: redis
image: docker.io/library/redis:alpine
args:
- redis-server
- --save
- 60
- 1
- --loglevel
- warning
resources: {}
securityContext:
capabilities:
drop:
- CAP_MKNOD
- CAP_NET_RAW
- CAP_AUDIT_WRITE
volumeMounts:
- mountPath: /data
name: nextcloud-redis-host-0
- name: psql
image: docker.io/postgres:14-alpine
args:
- postgres
command:
- docker-entrypoint.sh
envFrom:
- configMapRef:
name: nextcloud-config
optional: false
resources: {}
securityContext:
allowPrivilegeEscalation: true
capabilities:
drop:
- CAP_MKNOD
- CAP_NET_RAW
- CAP_AUDIT_WRITE
privileged: false
readOnlyRootFilesystem: false
seLinuxOptions: {}
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: nextcloud-psql
workingDir: /
- name: app
## Remember to change cron container version!
image: ghcr.io/0ranki/nextcloud-previews/nextcloud:latest
## Remember to change cron container version!
#imagePullPolicy: never
ports:
- containerPort: 80
hostPort: 8082
envFrom:
- configMapRef:
name: nextcloud-config
optional: false
resources: {}
securityContext:
capabilities:
drop:
- CAP_MKNOD
- CAP_NET_RAW
- CAP_AUDIT_WRITE
volumeMounts:
- mountPath: /var/www/html
name: nextcloud-app-host-0
- name: cron
# Remember to change main image version!
image: ghcr.io/0ranki/nextcloud-previews/nextcloud:latest
# Remember to change main image version!
#imagePullPolicy: never
args:
- busybox
- crond
- -f
- -l
- 0
- -L
- /dev/stdout
env:
- name: TZ
value: Europe/Helsinki
resources: {}
securityContext:
capabilities:
drop:
- CAP_MKNOD
- CAP_NET_RAW
- CAP_AUDIT_WRITE
volumeMounts:
- mountPath: /var/www/html
name: nextcloud-app-host-0
# - name: cloudflared
# image: docker.io/cloudflare/cloudflared:latest
# args:
# - tunnel
# - --no-autoupdate
# - run
# - --token
# - ### CLOUDFLARE TOKEN TÄHÄN ###
# resources: {}
# securityContext: {}
restartPolicy: Always
status: {}
| 1 | apiVersion: v1 |
| 2 | kind: ConfigMap |
| 3 | metadata: |
| 4 | name: nextcloud-config |
| 5 | data: |
| 6 | POSTGRES_USER: postgres_username |
| 7 | POSTGRES_DB: postgres_db_for_nextcloud_name |
| 8 | POSTGRES_PASSWORD: postgres_password |
| 9 | POSTGRES_HOST: 127.0.0.1 # Don't change unless using a separate DB |
| 10 | NEXTCLOUD_ADMIN_USER: nextcloud-admin |
| 11 | NEXTCLOUD_ADMIN_PASSWORD: nextcloud-admin-password |
| 12 | NEXTCLOUD_TRUSTED_DOMAINS: nextcloud.example.com 192.168.23.45 |
| 13 | REDIS_HOST: 127.0.0.1 |
| 14 | REDIS_PORT: 6379 |
| 15 | ## Tune these if necessary |
| 16 | PHP_MEMORY_LIMIT: 3G |
| 17 | PHP_UPLOAD_LIMIT: 10G |
| 18 | TZ: Europe/Helsinki |
| 19 | --- |
| 20 | apiVersion: v1 |
| 21 | kind: Pod |
| 22 | metadata: |
| 23 | name: nextcloud |
| 24 | creationTimestamp: "2022-05-25T09:38:11Z" |
| 25 | labels: |
| 26 | app: nextcloud |
| 27 | annotations: |
| 28 | spec: |
| 29 | volumes: |
| 30 | - hostPath: |
| 31 | path: /path/to/clamav/config/directory/on/host ## EDIT |
| 32 | type: Directory |
| 33 | name: clamav-config-host-1 |
| 34 | - hostPath: |
| 35 | path: /path/to/nextcloud/webroot/on/host ## EDIT |
| 36 | type: Directory |
| 37 | name: nextcloud-app-host-0 |
| 38 | - hostPath: |
| 39 | path: /path/to/redis/dump/on/host ## EDIT |
| 40 | type: Directory |
| 41 | name: nextcloud-redis-host-0 |
| 42 | - name: clamav-db |
| 43 | persistentVolumeClaim: |
| 44 | claimName: clamav-db |
| 45 | - name: nextcloud-psql |
| 46 | persistentVolumeClaim: |
| 47 | claimName: nextcloud-psql |
| 48 | containers: |
| 49 | |
| 50 | - name: clamav |
| 51 | image: docker.io/clamav/clamav:latest |
| 52 | #image: ghcr.io/0ranki/clamav-docker-arm64:v1.1.0 |
| 53 | resources: {} |
| 54 | securityContext: |
| 55 | capabilities: |
| 56 | drop: |
| 57 | - CAP_MKNOD |
| 58 | - CAP_NET_RAW |
| 59 | - CAP_AUDIT_WRITE |
| 60 | volumeMounts: |
| 61 | - mountPath: /var/lib/clamav |
| 62 | name: clamav-db |
| 63 | - mountPath: /etc/clamav |
| 64 | name: clamav-config-host-1 |
| 65 | |
| 66 | - name: redis |
| 67 | image: docker.io/library/redis:alpine |
| 68 | args: |
| 69 | - redis-server |
| 70 | - --save |
| 71 | - 60 |
| 72 | - 1 |
| 73 | - --loglevel |
| 74 | - warning |
| 75 | resources: {} |
| 76 | securityContext: |
| 77 | capabilities: |
| 78 | drop: |
| 79 | - CAP_MKNOD |
| 80 | - CAP_NET_RAW |
| 81 | - CAP_AUDIT_WRITE |
| 82 | volumeMounts: |
| 83 | - mountPath: /data |
| 84 | name: nextcloud-redis-host-0 |
| 85 | |
| 86 | - name: psql |
| 87 | image: docker.io/postgres:14-alpine |
| 88 | args: |
| 89 | - postgres |
| 90 | command: |
| 91 | - docker-entrypoint.sh |
| 92 | envFrom: |
| 93 | - configMapRef: |
| 94 | name: nextcloud-config |
| 95 | optional: false |
| 96 | resources: {} |
| 97 | securityContext: |
| 98 | allowPrivilegeEscalation: true |
| 99 | capabilities: |
| 100 | drop: |
| 101 | - CAP_MKNOD |
| 102 | - CAP_NET_RAW |
| 103 | - CAP_AUDIT_WRITE |
| 104 | privileged: false |
| 105 | readOnlyRootFilesystem: false |
| 106 | seLinuxOptions: {} |
| 107 | volumeMounts: |
| 108 | - mountPath: /var/lib/postgresql/data |
| 109 | name: nextcloud-psql |
| 110 | workingDir: / |
| 111 | |
| 112 | - name: app |
| 113 | ## Remember to change cron container version! |
| 114 | image: ghcr.io/0ranki/nextcloud-previews/nextcloud:latest |
| 115 | ## Remember to change cron container version! |
| 116 | #imagePullPolicy: never |
| 117 | ports: |
| 118 | - containerPort: 80 |
| 119 | hostPort: 8082 |
| 120 | envFrom: |
| 121 | - configMapRef: |
| 122 | name: nextcloud-config |
| 123 | optional: false |
| 124 | resources: {} |
| 125 | securityContext: |
| 126 | capabilities: |
| 127 | drop: |
| 128 | - CAP_MKNOD |
| 129 | - CAP_NET_RAW |
| 130 | - CAP_AUDIT_WRITE |
| 131 | volumeMounts: |
| 132 | - mountPath: /var/www/html |
| 133 | name: nextcloud-app-host-0 |
| 134 | |
| 135 | - name: cron |
| 136 | # Remember to change main image version! |
| 137 | image: ghcr.io/0ranki/nextcloud-previews/nextcloud:latest |
| 138 | # Remember to change main image version! |
| 139 | #imagePullPolicy: never |
| 140 | args: |
| 141 | - busybox |
| 142 | - crond |
| 143 | - -f |
| 144 | - -l |
| 145 | - 0 |
| 146 | - -L |
| 147 | - /dev/stdout |
| 148 | env: |
| 149 | - name: TZ |
| 150 | value: Europe/Helsinki |
| 151 | resources: {} |
| 152 | securityContext: |
| 153 | capabilities: |
| 154 | drop: |
| 155 | - CAP_MKNOD |
| 156 | - CAP_NET_RAW |
| 157 | - CAP_AUDIT_WRITE |
| 158 | volumeMounts: |
| 159 | - mountPath: /var/www/html |
| 160 | name: nextcloud-app-host-0 |
| 161 | |
| 162 | # - name: cloudflared |
| 163 | # image: docker.io/cloudflare/cloudflared:latest |
| 164 | # args: |
| 165 | # - tunnel |
| 166 | # - --no-autoupdate |
| 167 | # - run |
| 168 | # - --token |
| 169 | # - ### CLOUDFLARE TOKEN TÄHÄN ### |
| 170 | # resources: {} |
| 171 | # securityContext: {} |
| 172 | |
| 173 | restartPolicy: Always |
| 174 | |
| 175 | status: {} |
pod-nextcloud.service
· 609 B · SYSTEMD
Raw
[Unit]
Description=Podman pod - Nextcloud
After=network-online.target
AssertPathExists=/path/to/nextcloud/webroot/on/host
[Service]
Type=forking
Restart=on-failure
RestartSec=30
ExecStartPre=/path/to/nextcloud/webroot/on/host/bin/fix-htaccess
ExecStart=podman play kube --replace /path/to/nextcloud.yaml
ExecStop=podman play kube --down /path/to/nextcloud.yaml
## Uncomment to export named volumes after stopping the pod
#ExecStopPost=podman volume export -o /path/to/clamav-db.tar clamav-db
#ExecStopPost=podman volume export -o /path/to/nextcloud-psql.tar nextcloud-psql
[Install]
WantedBy=default.target
| 1 | [Unit] |
| 2 | Description=Podman pod - Nextcloud |
| 3 | After=network-online.target |
| 4 | AssertPathExists=/path/to/nextcloud/webroot/on/host |
| 5 | |
| 6 | [Service] |
| 7 | Type=forking |
| 8 | Restart=on-failure |
| 9 | RestartSec=30 |
| 10 | ExecStartPre=/path/to/nextcloud/webroot/on/host/bin/fix-htaccess |
| 11 | ExecStart=podman play kube --replace /path/to/nextcloud.yaml |
| 12 | ExecStop=podman play kube --down /path/to/nextcloud.yaml |
| 13 | ## Uncomment to export named volumes after stopping the pod |
| 14 | #ExecStopPost=podman volume export -o /path/to/clamav-db.tar clamav-db |
| 15 | #ExecStopPost=podman volume export -o /path/to/nextcloud-psql.tar nextcloud-psql |
| 16 | |
| 17 | |
| 18 | [Install] |
| 19 | WantedBy=default.target |