Commit 92ba73fc authored by Maarten de Waard's avatar Maarten de Waard

also committing the charts because they *have to be there like this*. Job not working

parent 49dab576
values-local.yaml
*.swp
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
README.md
apiVersion: v1
appVersion: "1.0"
description: |
A helm chart for installing NextCloud and setting up collabora integration
name: nextcloud-collabora
version: 0.1.0
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
apiVersion: v1
appVersion: 4.0.3.1
description: A Helm chart for Collabora Office - CODE-Edition
home: https://www.collaboraoffice.com/code/
icon: https://avatars0.githubusercontent.com/u/22418908?s=200&v=4
maintainers:
- email: christian.ingenhaag@googlemail.com
name: Christian
name: collabora-code
sources:
- https://github.com/CollaboraOnline/Docker-CODE
version: 1.0.1
approvers:
- chrisingenhaag
reviewers:
- chrisingenhaag
\ No newline at end of file
# Collabora CODE
[Collabora](https://www.collaboraoffice.com/code/) is a online office suite.
## Introduction
This chart creates a single Collabora CODE Pod to run Collabora CODE suite, for example as integration together with nextcloud. Installation is based on the docker documentation [CollaboraDocker](https://www.collaboraoffice.com/code/docker/).
For most easy integration it´s recommended to use cert-manager together with your favorite ingress controller to get a fully working, ssl-terminated Collabora CODE server.
## Prerequisites
- Kubernetes 1.9+ with Beta APIs enabled
## Installing the Chart
To install the chart with the release name `my-release`, run:
```bash
$ helm install --name my-release stable/collabora
```
This command deploys a Collabora Online Development Edition server.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
Refer to [values.yaml](values.yaml) for the full run-down on defaults. These are a mixture of Kubernetes and Collabora-related directives that map to environment variables in the [CollaboraCODEDocker](https://github.com/CollaboraOnline/Docker-CODE) Docker image.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install --name my-release \
--set varname=true stable/collabora
```
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
$ helm install --name my-release -f values.yaml stable/collabora
```
> **Tip**: You can use the default [values.yaml](values.yaml)
The following tables lists the configurable parameters of this chart and their default values.
| Parameter | Description | Default |
| ------------------------------------------------- | ------------------------------------------------------------- | ----------------------------------------------------------- |
| `replicaCount` | Number of provisioner instances to deployed | `1` |
| `strategy` | Specifies the strategy used to replace old Pods by new ones | `Recreate` |
| `image.repository` | Provisioner image | `collabora/code` |
| `image.tag` | Version of provisioner image | `4.0.0.2` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `collabora.DONT_GEN_SSL_CERT` | | `true` |
| `collabora.domain` | Double escaped WOPI host | `wopihost\\.domain` |
| `collabora.extra_params` | List of params to use as env var | `--o:ssl.termination=true --o:ssl.enable=false` |
| `collabora.server_name` | Collabora server name (single escaped) | `collabora\.domain` |
| `collabora.password` | Collabora admin panel pass | `examplepass` |
| `collabora.username` | Collabora admin panel user | `admin` |
| `collabora.dictionaries` | Collabora enabled dictionaries | `de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru` |
| `ingress.enabled` | | `false` |
| `ingress.annotations` | | `{}` |
| `ingress.paths` | | `[]` |
| `ingress.hosts` | | `[]` |
| `ingress.tls` | | `[]` |
| `securityContext.allowPrivilegeEscalation` | Create & use Pod Security Policy resources | `true` |
| `securitycontext.capabilities.add` | Collabora needs to run with MKNOD as capabibility | `[MKNOD]` |
| `resources` | Resources required (e.g. CPU, memory) | `{}` |
| `nodeSelector` | Node labels for pod assignment | `{}` |
| `affinity` | Affinity settings | `{}` |
| `tolerations` | List of node taints to tolerate | `[]` |
## Persistence
There is no need for a persistent storage to run collabora code edition. All parameters in `/etc/loolwsd/loolwsd.xml` can be adjusted with using extra_params environment variable.
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
{{- range $.Values.ingress.paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "collabora-code.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ include "collabora-code.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "collabora-code.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "collabora-code.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:9980 to use your application"
kubectl port-forward $POD_NAME 9980:9980
{{- end }}
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "collabora-code.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "collabora-code.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "collabora-code.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "collabora-code.fullname" . }}
data:
DONT_GEN_SSL_CERT: "{{ .Values.collabora.DONT_GEN_SSL_CERT }}"
dictionaries: {{ .Values.collabora.dictionaries }}
domain: {{ .Values.collabora.domain }}
extra_params: {{ .Values.collabora.extra_params }}
server_name: {{ .Values.collabora.server_name }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "collabora-code.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "collabora-code.name" . }}
helm.sh/chart: {{ include "collabora-code.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: {{ .Values.strategy }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "collabora-code.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "collabora-code.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: DONT_GEN_SSL_CERT
valueFrom:
configMapKeyRef:
name: {{ include "collabora-code.fullname" . }}
key: DONT_GEN_SSL_CERT
- name: dictionaries
valueFrom:
configMapKeyRef:
name: {{ include "collabora-code.fullname" . }}
key: dictionaries
- name: domain
valueFrom:
configMapKeyRef:
name: {{ include "collabora-code.fullname" . }}
key: domain
- name: extra_params
valueFrom:
configMapKeyRef:
name: {{ include "collabora-code.fullname" . }}
key: extra_params
- name: server_name
valueFrom:
configMapKeyRef:
name: {{ include "collabora-code.fullname" . }}
key: server_name
- name: username
valueFrom:
secretKeyRef:
name: {{ include "collabora-code.fullname" . }}
key: username
- name: password
valueFrom:
secretKeyRef:
name: {{ include "collabora-code.fullname" . }}
key: password
livenessProbe:
failureThreshold: 3
httpGet:
path: /
port: http
scheme: HTTP
initialDelaySeconds: 90
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
readinessProbe:
failureThreshold: 3
httpGet:
path: /
port: http
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 2
ports:
- name: http
containerPort: {{ .Values.service.port }}
protocol: TCP
resources:
{{- toYaml .Values.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.securitycontext | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "collabora-code.fullname" . -}}
{{- $ingressPaths := .Values.ingress.paths -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
app.kubernetes.io/name: {{ include "collabora-code.name" . }}
helm.sh/chart: {{ include "collabora-code.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ . | quote }}
http:
paths:
{{- range $ingressPaths }}
- path: {{ . }}
backend:
serviceName: {{ $fullName }}
servicePort: http
{{- end }}
{{- end }}
{{- end }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "collabora-code.fullname" . }}
data:
username: {{ .Values.collabora.username | b64enc }}
password: {{ .Values.collabora.password | b64enc }}
\ No newline at end of file
apiVersion: v1
kind: Service
metadata:
name: {{ include "collabora-code.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "collabora-code.name" . }}
helm.sh/chart: {{ include "collabora-code.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "collabora-code.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "collabora-code.fullname" . }}-test-connection"
labels:
app.kubernetes.io/name: {{ include "collabora-code.name" . }}
helm.sh/chart: {{ include "collabora-code.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
annotations:
"helm.sh/hook": test-success
spec:
containers:
- name: wget
image: busybox
command: ['wget']
args: ['{{ include "collabora-code.fullname" . }}:{{ .Values.service.port }}']
restartPolicy: Never
# Default values for collabora-code.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: collabora/code
tag: 4.0.3.1
pullPolicy: IfNotPresent
strategy: Recreate
nameOverride: ""
fullnameOverride: ""
service:
type: ClusterIP
port: 9980
ingress:
enabled: false
annotations: {}
paths: []
hosts: []
tls: []
collabora:
DONT_GEN_SSL_CERT: true
domain: nextcloud\\.domain
extra_params: --o:ssl.termination=true --o:ssl.enable=false
server_name: collabora\.domain
password: examplepass
username: admin
dictionaries: de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru
securitycontext:
allowPrivilegeEscalation: true
capabilities:
add:
- MKNOD
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
appVersion: 15.0.2
description: A file sharing server that puts the control and security of your own
data back into your hands.
home: https://nextcloud.com/
icon: https://cdn.rawgit.com/docker-library/docs/defa5ffc7123177acd60ddef6e16bddf694cc35f/nextcloud/logo.svg
keywords:
- nextcloud
- storage
- http
- web
- php
maintainers:
- email: christian.ingenhaag@googlemail.com
name: chrisingenhaag
name: nextcloud
sources:
- https://github.com/nextcloud/docker
version: 1.0.2
approvers:
- chrisingenhaag
reviewers:
- chrisingenhaag
# nextcloud
[nextcloud](https://nextcloud.com/) is a file sharing server that puts the control and security of your own data back into your hands.
## TL;DR;
```console
$ helm install stable/nextcloud
```
## Introduction
This chart bootstraps an [nextcloud](https://hub.docker.com/_/nextcloud/) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
It also packages the [Bitnami MariaDB chart](https://github.com/kubernetes/charts/tree/master/stable/mariadb) which is required for bootstrapping a MariaDB deployment for the database requirements of the nextcloud application.
## Prerequisites
- Kubernetes 1.9+ with Beta APIs enabled
- PV provisioner support in the underlying infrastructure
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ helm install --name my-release stable/nextcloud
```
The command deploys nextcloud on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the nextcloud chart and their default values.
| Parameter | Description | Default |
|-------------------------------------|-------------------------------------------|-------------------------------------------------------- |
| `image.repository` | nextcloud Image name | `nextcloud` |
| `image.tag` | nextcloud Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `nil` |
| `ingress.enabled` | Enable use of ingress controllers | `false` |
| `ingress.servicePort` | Ingress' backend servicePort | `http` |
| `ingress.annotations` | An array of service annotations | `nil` |
| `ingress.tls` | Ingress TLS configuration | `[]` |
| `nextcloud.host` | nextcloud host to create application URLs | `nextcloud.kube.home` |
| `nextcloud.username` | User of the application | `admin` |
| `nextcloud.password` | Application password | `changeme` |
| `internalDatabase.enabled` | Whether to use internal sqlite database | `true` |
| `internalDatabase.database` | Name of the existing database | `nextcloud` |
| `externalDatabase.enabled` | Whether to use external database | `false` |
| `externalDatabase.host` | Host of the external database | `nil` |
| `externalDatabase.database` | Name of the existing database | `nextcloud` |
| `externalDatabase.user` | Existing username in the external db | `nextcloud` |
| `externalDatabase.password` | Password for the above username | `nil` |
| `mariadb.enabled` | Whether to use the MariaDB chart | `false` |
| `mariadb.db.name` | Database name to create | `nextcloud` |
| `mariadb.db.password` | Password for the database | `changeme` |
| `mariadb.db.user` | Database user to create | `nextcloud` |
| `mariadb.rootUser.password` | MariaDB admin password | `nil` |
| `service.type` | Kubernetes Service type | `ClusterIp` |
| `service.loadBalancerIP` | LoadBalancerIp for service type LoadBalancer | `nil` |
| `persistence.enabled` | Enable persistence using PVC | `false` |
| `persistence.storageClass` | PVC Storage Class for nextcloud volume | `nil` (uses alpha storage class annotation) |
| `persistence.existingClaim`| An Existing PVC name for nextcloud volume | `nil` (uses alpha storage class annotation) |
| `persistence.accessMode` | PVC Access Mode for nextcloud volume | `ReadWriteOnce` |
| `persistence.size` | PVC Storage Request for nextcloud volume | `8Gi` |
| `resources` | CPU/Memory resource requests/limits | `{}` |
> **Note**:
>
> For nextcloud to function correctly, you should specify the `nextcloud.host` parameter to specify the FQDN (recommended) or the public IP address of the nextcloud service.
>
> Optionally, you can specify the `service.loadBalancerIP` parameter to assign a reserved IP address to the nextcloud service of the chart. However please note that this feature is only available on a few cloud providers (f.e. GKE).
>
> To reserve a public IP address on GKE:
>
> ```bash
> $ gcloud compute addresses create nextcloud-public-ip
> ```
>
> The reserved IP address can be associated to the nextcloud service by specifying it as the value of the `service.loadBalancerIP` parameter while installing the chart.
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install --name my-release \
--set nextcloud.username=admin,nextcloud.password=password,mariadb.rootUser.password=secretpassword \
stable/nextcloud
```
The above command sets the nextcloud administrator account username and password to `admin` and `password` respectively. Additionally, it sets the MariaDB `root` user password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
```console
$ helm install --name my-release -f values.yaml stable/nextcloud
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Persistence
The [Nextcloud](https://hub.docker.com/_/nextcloud/) image stores the nextcloud data and configurations at the `/var/www/html` paths of the container.
Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube.
See the [Configuration](#configuration) section to enable persistence and configuration of the PVC.
appVersion: 10.1.37
description: Fast, reliable, scalable, and easy to use open-source relational database
system. MariaDB Server is intended for mission-critical, heavy-load production systems
as well as for embedding into mass-deployed software. Highly available MariaDB cluster.
engine: gotpl
home: https://mariadb.org
icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png
keywords:
- mariadb
- mysql
- database
- sql
- prometheus
maintainers:
- email: containers@bitnami.com
name: Bitnami
name: mariadb
sources:
- https://github.com/bitnami/bitnami-docker-mariadb
- https://github.com/prometheus/mysqld_exporter
version: 5.5.0
approvers:
- prydonius
- tompizmor
- sameersbn
- carrodher
- juan131
reviewers:
- prydonius
- tompizmor
- sameersbn
- carrodher
- juan131
This diff is collapsed.
You can copy here your custom .sh, .sql or .sql.gz file so they are executed during the first boot of the image.
More info in the [bitnami-docker-mariadb](https://github.com/bitnami/bitnami-docker-mariadb#initializing-a-new-instance) repository.
\ No newline at end of file
Please be patient while the chart is being deployed
Tip:
Watch the deployment status using the command: kubectl get pods -w --namespace {{ .Release.Namespace }} -l release={{ .Release.Name }}
Services:
echo Master: {{ template "mariadb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.port }}
{{- if .Values.replication.enabled }}
echo Slave: {{ template "slave.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.service.port }}
{{- end }}
Administrator credentials:
Username: root
Password : $(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "mariadb.fullname" . }} -o jsonpath="{.data.mariadb-root-password}" | base64 --decode)
To connect to your database: