diff --git a/charts/nextcloud/Chart.yaml b/charts/nextcloud/Chart.yaml index 615eb0a6..6f81ba40 100644 --- a/charts/nextcloud/Chart.yaml +++ b/charts/nextcloud/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: nextcloud -version: 7.0.1 +version: 7.0.2 # renovate: image=docker.io/library/nextcloud appVersion: 31.0.7 description: A file sharing server that puts the control and security of your own data back into your hands. diff --git a/charts/nextcloud/templates/deployment.yaml b/charts/nextcloud/templates/deployment.yaml index 1948e47d..e2a8aa19 100644 --- a/charts/nextcloud/templates/deployment.yaml +++ b/charts/nextcloud/templates/deployment.yaml @@ -270,6 +270,11 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: + {{- if .Values.redis.enabled }} + - name: php-confd + mountPath: "/usr/local/etc/php/conf.d/redis-session.ini" # fix permission denied error + subPath: redis-session.ini + {{- end }} {{- include "nextcloud.volumeMounts" . | trim | nindent 12 }} {{- end }}{{/* end-if cronjob.enabled */}} {{- with .Values.nextcloud.extraSidecarContainers }} @@ -279,7 +284,7 @@ spec: nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- if or .Values.nextcloud.extraInitContainers .Values.mariadb.enabled .Values.postgresql.enabled }} + {{- if or .Values.nextcloud.extraInitContainers .Values.mariadb.enabled .Values.postgresql.enabled .Values.redis.enabled }} initContainers: {{- with .Values.nextcloud.extraInitContainers }} {{- toYaml . | nindent 8 }} @@ -330,6 +335,25 @@ spec: - "-c" - "until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done" {{- end }}{{/* end-if any database-initContainer */}} + {{- if .Values.redis.enabled }} + # create empty redis file for nextcloud entrypoint to override it + - name: init-redis-session-ini + # Using the same image as nextcloud to get the same UID to write the configuration. + image: {{ include "nextcloud.image" . }} + command: ['touch', '/usr/local/etc/php/conf.d/redis-session.ini'] + {{- with .Values.nextcloud.redisInitContainer }} + resources: + {{- toYaml .resources | nindent 12 }} + {{- end }} + # Reuse the SCC from nextcloud, no need to provide a dedicated SCC for Redis init container. + {{- with .Values.nextcloud.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: php-confd + mountPath: "/usr/local/etc/php/conf.d" + {{- end }}{{/* end-if redis init */}} {{- end }}{{/* end-if any initContainer */}} {{- with .Values.affinity }} affinity: @@ -373,6 +397,10 @@ spec: name: {{ template "nextcloud.fullname" . }}-hooks defaultMode: 0o755 {{- end }} + {{- if .Values.redis.enabled }} + - name: php-confd + emptyDir: {} + {{- end }} {{- with .Values.nextcloud.extraVolumes }} {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/nextcloud/values.yaml b/charts/nextcloud/values.yaml index 9db238bd..72f48358 100644 --- a/charts/nextcloud/values.yaml +++ b/charts/nextcloud/values.yaml @@ -299,6 +299,7 @@ nextcloud: # Set securityContext parameters for the entire pod. For example, you may need to define runAsNonRoot directive podSecurityContext: {} + # fsGroup: 33 # runAsUser: 33 # runAsGroup: 33 # runAsNonRoot: true @@ -316,6 +317,9 @@ nextcloud: # Set postgresql initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive securityContext: {} + # Settings for the Redis init container that creates a configuration file to address permission issue in some cluster + redisInitContainer: + resources: {} nginx: ## You need to set an fpm version of the image for nextcloud if you want to use nginx!