From cb8f16b0776ce79fbd9bdbb34956a5f305b3cf8b Mon Sep 17 00:00:00 2001
From: Massaki Archambault <marchambault@badjware.dev>
Date: Sat, 10 Jun 2023 16:07:25 -0400
Subject: [PATCH] use kubernetes cron for nextcloud cronjob

---
 kustomize/bases/nextcloud/kustomization.yaml  |  1 +
 .../bases/nextcloud/nextcloud-cronjob.yaml    | 65 +++++++++++++++++++
 kustomize/env/prod/kustomization.yaml         |  3 +-
 3 files changed, 68 insertions(+), 1 deletion(-)
 create mode 100644 kustomize/bases/nextcloud/nextcloud-cronjob.yaml

diff --git a/kustomize/bases/nextcloud/kustomization.yaml b/kustomize/bases/nextcloud/kustomization.yaml
index 2ac3ff9..fb93b7f 100644
--- a/kustomize/bases/nextcloud/kustomization.yaml
+++ b/kustomize/bases/nextcloud/kustomization.yaml
@@ -2,6 +2,7 @@ resources:
   - ../postgres
   - ../redis
   - nextcloud-deployment.yaml
+  - nextcloud-cronjob.yaml
   - nextcloud-ingress.yaml
 
 namePrefix: nextcloud-
diff --git a/kustomize/bases/nextcloud/nextcloud-cronjob.yaml b/kustomize/bases/nextcloud/nextcloud-cronjob.yaml
new file mode 100644
index 0000000..62d0417
--- /dev/null
+++ b/kustomize/bases/nextcloud/nextcloud-cronjob.yaml
@@ -0,0 +1,65 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: server-cron
+  labels:
+    app.kubernetes.io/name: nextcloud
+    app.kubernetes.io/component: cron
+spec:
+  schedule: "*/5 * * * *"
+  concurrencyPolicy: Forbid
+  successfulJobsHistoryLimit: 1
+  failedJobsHistoryLimit: 1
+  jobTemplate:
+    metadata:
+      labels:
+        app.kubernetes.io/name: nextcloud
+        app.kubernetes.io/component: cron
+    spec:
+      backoffLimit: 0 # no retry
+      template:
+        metadata:
+          labels:
+            app.kubernetes.io/name: nextcloud
+            app.kubernetes.io/component: cron
+        spec:
+          restartPolicy: Never
+          serviceAccountName: server-cron
+          containers:
+          - name: kubectl
+            image: bitnami/kubectl
+            imagePullPolicy: IfNotPresent
+            command: ["/bin/bash"]
+            args:
+              - -xc
+              - kubectl exec "$(kubectl get pods -l 'app.kubernetes.io/component=server' -o name)" -- /bin/bash -c '( if ! which sudo &>/dev/null; then apt update && apt install sudo; fi ) && sudo -u www-data php -f /var/www/html/cron.php'
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: server-cron
+automountServiceAccountToken: true
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: pod-list-exec
+rules:
+- apiGroups: [""]
+  resources: ["pods", "pods/log"]
+  verbs: ["get", "list"]
+- apiGroups: [""]
+  resources: ["pods/exec"]
+  verbs: ["create"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: server-cron
+subjects:
+- kind: ServiceAccount
+  name: server-cron
+roleRef:
+  kind: Role
+  name: pod-list-exec
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/kustomize/env/prod/kustomization.yaml b/kustomize/env/prod/kustomization.yaml
index 9b24b78..ed8d8fa 100644
--- a/kustomize/env/prod/kustomization.yaml
+++ b/kustomize/env/prod/kustomization.yaml
@@ -30,12 +30,13 @@ images:
   - name: drone/drone-runner-kube
     newTag: 1.0.0-rc.3
   - name: nextcloud
-    newName: badjware/nextcloud-tweak
     newTag: 25.0.3
   - name: postgres
     newTag: 9.6.23
   - name: redis
     newTag: 6.2.10
+  - name: bitnami/kubectl
+    newTag: "1.25"
 
 # configMapGenerator:
   # - name: ecommerce-exporter-config