From b001c2ba3de6aa495ad31a6b7954a6ec9111e5b7 Mon Sep 17 00:00:00 2001
From: Massaki Archambault <marchambault@badjware.dev>
Date: Fri, 1 May 2020 21:55:34 -0400
Subject: [PATCH] nextcloud configuration

---
 kustomize/base/gitea/mariadb-deployment.yaml  |  2 +-
 kustomize/base/nextcloud/kustomization.yaml   | 11 +++
 .../base/nextcloud/mariadb-deployment.yaml    | 72 ++++++++++++++
 kustomize/base/nextcloud/namespace.yaml       |  2 +-
 .../base/nextcloud/nextcloud-cronjob.yaml     | 28 ++++++
 .../base/nextcloud/nextcloud-deployment.yaml  | 94 +++++++++++++++++++
 kustomize/environment/dev/kustomization.yaml  |  1 +
 7 files changed, 208 insertions(+), 2 deletions(-)
 create mode 100644 kustomize/base/nextcloud/mariadb-deployment.yaml
 create mode 100644 kustomize/base/nextcloud/nextcloud-cronjob.yaml
 create mode 100644 kustomize/base/nextcloud/nextcloud-deployment.yaml

diff --git a/kustomize/base/gitea/mariadb-deployment.yaml b/kustomize/base/gitea/mariadb-deployment.yaml
index 866efa3..3f8745e 100644
--- a/kustomize/base/gitea/mariadb-deployment.yaml
+++ b/kustomize/base/gitea/mariadb-deployment.yaml
@@ -69,4 +69,4 @@ spec:
     app: mariadb
   ports:
     - name: mariadb
-      port: 3306
\ No newline at end of file
+      port: 3306
diff --git a/kustomize/base/nextcloud/kustomization.yaml b/kustomize/base/nextcloud/kustomization.yaml
index c1d9b9a..c26fd1e 100644
--- a/kustomize/base/nextcloud/kustomization.yaml
+++ b/kustomize/base/nextcloud/kustomization.yaml
@@ -1,4 +1,15 @@
 resources:
   - namespace.yaml
+  - nextcloud-deployment.yaml
+  - nextcloud-cronjob.yaml
+  - mariadb-deployment.yaml
+
+secretGenerator:
+  - name: mariadb-credentials-secret
+    type: Opaque
+    literals:
+      - database=nextcloud
+      - username=nextcloud
+      - password=replaceme
 
 namespace: nextcloud
diff --git a/kustomize/base/nextcloud/mariadb-deployment.yaml b/kustomize/base/nextcloud/mariadb-deployment.yaml
new file mode 100644
index 0000000..3f8745e
--- /dev/null
+++ b/kustomize/base/nextcloud/mariadb-deployment.yaml
@@ -0,0 +1,72 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mariadb-deployment
+spec:
+  selector:
+    matchLabels:
+      app: mariadb
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: mariadb
+    spec:
+      containers:
+        - name: mariadb
+          image: mariadb:10.5.2
+          env:
+            - name: MYSQL_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: mariadb-credentials-secret
+                  key: database
+            - name: MYSQL_USER
+              valueFrom:
+                secretKeyRef:
+                  name: mariadb-credentials-secret
+                  key: username
+            - name: MYSQL_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mariadb-credentials-secret
+                  key: password
+            - name: MYSQL_RANDOM_ROOT_PASSWORD
+              value: "yes"
+          ports:
+            - name: mariadb
+              containerPort: 3306
+          volumeMounts:
+            - name: mariadb-pvc
+              mountPath: /var/lib/mysql
+      volumes:
+        - name: mariadb-pvc
+          persistentVolumeClaim:
+            claimName: mariadb-pvc
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mariadb-pvc
+  labels:
+    app: mariadb
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 20Gi
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: mariadb
+  labels:
+    app: mariadb
+spec:
+  selector:
+    app: mariadb
+  ports:
+    - name: mariadb
+      port: 3306
diff --git a/kustomize/base/nextcloud/namespace.yaml b/kustomize/base/nextcloud/namespace.yaml
index d884423..bc64f64 100644
--- a/kustomize/base/nextcloud/namespace.yaml
+++ b/kustomize/base/nextcloud/namespace.yaml
@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: gitea
\ No newline at end of file
+  name: nextcloud
\ No newline at end of file
diff --git a/kustomize/base/nextcloud/nextcloud-cronjob.yaml b/kustomize/base/nextcloud/nextcloud-cronjob.yaml
new file mode 100644
index 0000000..a2ae5a3
--- /dev/null
+++ b/kustomize/base/nextcloud/nextcloud-cronjob.yaml
@@ -0,0 +1,28 @@
+apiVersion: batch/v1beta1
+kind: CronJob
+metadata:
+  name: nextcloud-cronjob
+spec:
+  schedule: "*/15 * * * *"
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          restartPolicy: OnFailure
+          containers:
+            - name: nextcloud
+              image: nextcloud:18.0.4
+              securityContext:
+                runAsUser: 33
+                runAsGroup: 33
+              volumeMounts:
+                - name: nextcloud-pvc
+                  mountPath: /var/www/html
+              command:
+                - php
+                - -f
+                - /var/www/html/cron.php
+          volumes:
+            - name: nextcloud-pvc
+              persistentVolumeClaim:
+                claimName: nextcloud-pvc
diff --git a/kustomize/base/nextcloud/nextcloud-deployment.yaml b/kustomize/base/nextcloud/nextcloud-deployment.yaml
new file mode 100644
index 0000000..39fe753
--- /dev/null
+++ b/kustomize/base/nextcloud/nextcloud-deployment.yaml
@@ -0,0 +1,94 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nextcloud-deployment
+  labels:
+    app: nextcloud
+spec:
+  selector:
+    matchLabels:
+      app: nextcloud
+  template:
+    metadata:
+      labels:
+        app: nextcloud
+    spec:
+      containers:
+        - name: nextcloud
+          image: nextcloud:18.0.4
+          env:
+            - name: TRUSTED_PROXIES
+              value: 10.0.0.0/8
+            - name: MYSQL_HOST
+              value: mariadb.nextcloud.svc:3306
+            - name: MYSQL_DATABASE
+              valueFrom:
+                secretKeyRef:
+                  name: mariadb-credentials-secret
+                  key: database
+            - name: MYSQL_USER
+              valueFrom:
+                secretKeyRef:
+                  name: mariadb-credentials-secret
+                  key: username
+            - name: MYSQL_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: mariadb-credentials-secret
+                  key: password
+          ports:
+            - name: http
+              containerPort: 80
+          volumeMounts:
+            - name: nextcloud-pvc
+              mountPath: /var/www/html
+      volumes:
+        - name: nextcloud-pvc
+          persistentVolumeClaim:
+            claimName: nextcloud-pvc
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: nextcloud-pvc
+  labels:
+    app: nextcloud
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Gi
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nextcloud
+  labels:
+    app: nextcloud
+spec:
+  selector:
+    app: nextcloud
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort: http
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: nextcloud-ingress
+  labels:
+    app: nextcloud
+  annotations:
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  rules:
+  - host: nextcloud.127.0.0.1.nip.io
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: nextcloud
+          servicePort: http
\ No newline at end of file
diff --git a/kustomize/environment/dev/kustomization.yaml b/kustomize/environment/dev/kustomization.yaml
index 395c155..37fbfcb 100644
--- a/kustomize/environment/dev/kustomization.yaml
+++ b/kustomize/environment/dev/kustomization.yaml
@@ -2,6 +2,7 @@ bases:
   - ../../base/ingress-controller
   - ../../base/kubernetes-dashboard
   - ../../base/gitea
+  - ../../base/nextcloud
 
 # secretGenerator:
 #   - name: drone-gitea-oauth-secret