nextcloud move to shared pod

apps/newcloud/base/collabora-deployment.yaml

@@ -1,45 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: collabora
-  name: collabora
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: collabora
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: collabora
-    spec:
-      containers:
-        - env:
-            - name: TZ
-              value: Europe/Berlin
-            - name: VIRTUAL_HOST
-              value: office.steffenillium.de
-            - name: VIRTUAL_PORT
-              value: "9980"
-            - name: VIRTUAL_PROTO
-              value: http
-            - name: dictionaries
-              value: en_US,de_DE
-            - name: domain
-              value: newcloud.steffenillium.de
-            - name: extra_params
-              value: --o:ssl.enable=false --o:ssl.termination=true
-          image: collabora/code
-          name: collabora
-          ports:
-            - containerPort: 9980
-              protocol: TCP
-          resources: {}
-          securityContext:
-            capabilities:
-              add:
-                - MKNOD
-      restartPolicy: Always

apps/newcloud/base/collabora-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: collabora
-  name: collabora
-type: ClusterIp
-spec:
-  ports:
-    - name: http
-      port: 8510
-      targetPort: 9980
-  selector:
-    app: collabora

apps/newcloud/base/kustomization.yaml

@@ -4,14 +4,10 @@ kind: Kustomization
 namespace: nextcloud
 
 resources:
-- collabora-deployment.yaml
+- nextcloud.yaml
-- collabora-service.yaml
-- nextcloud-app-deployment.yaml
 # - nextcloud-app-pvc.yaml
 - nextcloud-app-service.yaml
-- nextcloud-db-deployment.yaml
 # - nextcloud-db-pvc
 - nextcloud-ingress.yaml
 - nextcloud-secret-sealed.yaml
-- redis-deployment.yaml
 - nextcloud-namespace.yaml

apps/newcloud/base/nextcloud-app-deployment.yaml

@@ -1,53 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: nextcloud-app
-  name: nextcloud-app
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: nextcloud-app
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: nextcloud-app
-    spec:
-      containers:
-        - image: nextcloud
-          name: nextcloud-app
-          env:
-            - name: MYSQL_DATABASE
-              value: nextcloud
-            - name: MYSQL_HOST
-              value: nextcloud-db
-            - name: MYSQL_USER
-              value: nextcloud
-            - name: PHP_MEMORY_LIMIT
-              value: 2G
-            - name: PHP_UPLOAD_LIMIT
-              value: 100G
-            - name: REDIS_HOST
-              value: redis
-            - name: MYSQL_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: nextcloud_secret
-                  key: MYSQL_PASSWORD
-          ports:
-            - containerPort: 80
-              hostPort: 8500
-              protocol: TCP
-          resources: {}
-          volumeMounts:
-            - mountPath: /var/www/html
-              name: nextcloud-app-pvc
-      hostname: newcloud.steffenillium.de
-      restartPolicy: Always
-      volumes:
-        - name: nextcloud-app-pvc
-          persistentVolumeClaim:
-            claimName: nextcloud-app-pvc

apps/newcloud/base/nextcloud-app-service.yaml

@@ -7,7 +7,7 @@ metadata:
 spec:
   ports:
     - name: http
-      port: 8500
+      port: 80
       targetPort: 80
   selector:
     app: nextcloud-app

apps/newcloud/base/nextcloud-db-deployment.yaml

@@ -1,47 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: nextcloud-db
-  name: nextcloud-db
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: nextcloud-db
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: nextcloud-db
-    spec:
-      containers:
-        - args:
-            - --transaction-isolation=READ-COMMITTED
-            - --binlog-format=ROW
-            - --innodb-file-per-table=1
-            - --skip-innodb-read-only-compressed
-          env:
-            - name: MYSQL_DATABASE
-              value: nextcloud
-            - name: MYSQL_USER
-              value: nextcloud
-            - name: REDIS_HOST
-              value: redis
-            - name: MYSQL_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: nextcloud_secret
-                  key: MYSQL_PASSWORD
-          image: mariadb
-          name: nextcloud-db
-          resources: {}
-          volumeMounts:
-            - mountPath: /var/lib/mysql
-              name: nextcloud-db-pvc
-      restartPolicy: Always
-      volumes:
-        - name: nextcloud-db-pvc
-          persistentVolumeClaim:
-            claimName: nextcloud-db-pvc

apps/newcloud/base/nextcloud.yaml

@@ -17,6 +17,38 @@ spec:
         app: nextcloud-app
     spec:
       containers:
+        - image: mariadb
+          name: nextcloud-db
+          args:
+            - --transaction-isolation=READ-COMMITTED
+            - --binlog-format=ROW
+            - --innodb-file-per-table=1
+            - --skip-innodb-read-only-compressed
+          env:
+            - name: MYSQL_DATABASE
+              value: nextcloud
+            - name: MYSQL_USER
+              value: nextcloud
+            - name: REDIS_HOST
+              value: redis
+            - name: MYSQL_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: nextcloud_secret
+                  key: MYSQL_PASSWORD
+          resources: {}
+          ports:
+            - containerPort: 3306
+              protocol: TCP
+          volumeMounts:
+            - mountPath: /var/lib/mysql
+              name: nextcloud-db-pvc
+        - image: redis:alpine
+          name: redis
+          resources: {}
+          ports:
+            - containerPort: 6379
+              protocol: TCP
         - image: nextcloud
           name: nextcloud-app
           env:
@@ -39,7 +71,6 @@ spec:
                   key: MYSQL_PASSWORD
           ports:
             - containerPort: 80
-              hostPort: 8500
               protocol: TCP
           resources: {}
           volumeMounts:
@@ -50,4 +81,7 @@ spec:
       volumes:
         - name: nextcloud-app-pvc
           persistentVolumeClaim:
-            claimName: nextcloud-app-pvc
+            claimName: nextcloud-app-pvc
+        - name: nextcloud-db-pvc
+          persistentVolumeClaim:
+            claimName: nextcloud-db-pvc

apps/newcloud/base/redis-deployment.yaml

@@ -1,21 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: redis
-  name: redis
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: redis
-  template:
-    metadata:
-      labels:
-        app: redis
-    spec:
-      containers:
-        - image: redis:alpine
-          name: redis
-          resources: {}
-      restartPolicy: Always

apps/newcloud/old_base/collabora-deployment.yaml

@@ -1,45 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: collabora
-  name: collabora
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: collabora
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: collabora
-    spec:
-      containers:
-        - env:
-            - name: TZ
-              value: Europe/Berlin
-            - name: VIRTUAL_HOST
-              value: office.steffenillium.de
-            - name: VIRTUAL_PORT
-              value: "9980"
-            - name: VIRTUAL_PROTO
-              value: http
-            - name: dictionaries
-              value: en_US,de_DE
-            - name: domain
-              value: newcloud.steffenillium.de
-            - name: extra_params
-              value: --o:ssl.enable=false --o:ssl.termination=true
-          image: collabora/code
-          name: collabora
-          ports:
-            - containerPort: 9980
-              protocol: TCP
-          resources: {}
-          securityContext:
-            capabilities:
-              add:
-                - MKNOD
-      restartPolicy: Always

apps/newcloud/old_base/collabora-service.yaml

@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: collabora
-  name: collabora
-type: ClusterIp
-spec:
-  ports:
-    - name: http
-      port: 8510
-      targetPort: 9980
-  selector:
-    app: collabora

apps/newcloud/old_base/kustomization.yaml

@@ -1,17 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-namespace: nextcloud
-
-resources:
-- collabora-deployment.yaml
-- collabora-service.yaml
-- nextcloud-app-deployment.yaml
-# - nextcloud-app-pvc.yaml
-- nextcloud-app-service.yaml
-- nextcloud-db-deployment.yaml
-# - nextcloud-db-pvc
-- nextcloud-ingress.yaml
-- nextcloud-secret-sealed.yaml
-- redis-deployment.yaml
-- nextcloud-namespace.yaml

apps/newcloud/old_base/nextcloud-app-pvc.yaml

@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  labels:
-    app: nextcloud-app-pvc
-  name: nextcloud-app-pvc
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 150Gi
-status: {}

apps/newcloud/old_base/nextcloud-app-service.yaml

@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: nextcloud-app
-  name: nextcloud-app
-spec:
-  ports:
-    - name: http
-      port: 8500
-      targetPort: 80
-  selector:
-    app: nextcloud-app

apps/newcloud/old_base/nextcloud-db-deployment.yaml

@@ -1,47 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: nextcloud-db
-  name: nextcloud-db
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: nextcloud-db
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: nextcloud-db
-    spec:
-      containers:
-        - args:
-            - --transaction-isolation=READ-COMMITTED
-            - --binlog-format=ROW
-            - --innodb-file-per-table=1
-            - --skip-innodb-read-only-compressed
-          env:
-            - name: MYSQL_DATABASE
-              value: nextcloud
-            - name: MYSQL_USER
-              value: nextcloud
-            - name: REDIS_HOST
-              value: redis
-            - name: MYSQL_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: nextcloud_secret
-                  key: MYSQL_PASSWORD
-          image: mariadb
-          name: nextcloud-db
-          resources: {}
-          volumeMounts:
-            - mountPath: /var/lib/mysql
-              name: nextcloud-db-pvc
-      restartPolicy: Always
-      volumes:
-        - name: nextcloud-db-pvc
-          persistentVolumeClaim:
-            claimName: nextcloud-db-pvc

apps/newcloud/old_base/nextcloud-db-pvc.yaml

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  labels:
-    app: nextcloud-db-pvc
-  name: nextcloud-db-pvc
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 5Gi

apps/newcloud/old_base/nextcloud-ingress.yaml

@@ -1,17 +0,0 @@
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: nextcloud-ingress
-  namespace: nextcloud
-  labels:
-    expose: "true"
-spec:
-  entryPoints:
-    - web
-    - websecure
-  routes:
-  - match: Host(newcloud.steffenillium.de`)
-    kind: Rule
-    services:
-    - name: nextcloud-service
-      port: 80

apps/newcloud/old_base/nextcloud-namespace.yaml

@@ -1,4 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name:  nextcloud

apps/newcloud/old_base/nextcloud-secret-sealed.yaml

@@ -1,22 +0,0 @@
-{
-  "kind": "SealedSecret",
-  "apiVersion": "bitnami.com/v1alpha1",
-  "metadata": {
-    "name": "nextcloud-secret",
-    "namespace": "nextcloud",
-    "creationTimestamp": null
-  },
-  "spec": {
-    "template": {
-      "metadata": {
-        "name": "nextcloud-secret",
-        "namespace": "nextcloud",
-        "creationTimestamp": null
-      }
-    },
-    "encryptedData": {
-      "MYSQL_PASSWORD": "AgCEk0afYDFIu4sAFyMjAbN27l+Ibwl+HFn1J4Jc5AvWTEICJ+2HMiyqvYvZlI48xcpNPFe5FGUCrc6VjQUUuj/Lz9/SBDhl/qPZTNz4Z17EpeuN5AI3OAsBrH+4NDio197dAf2urk/vlZ+NyS1HyDOL9G0SpeODLgDlfUUC+sI/DGHtA3s/BxyyI2ddRlB2+tS1eK7RvyPAf86oSrtGJfSnfu7TVEP7mX9fMKwK6ISKTLzN1jjfFCdSwRTISCtiXS2kuSq5u2JfWRUJzr1RdxM/04mDSFtnARqVV1j8uHS130ke5UQfIM9ah7d5BKAqOB8lIndikWRA67bjI2p3T/EiJG1fBgYbq+ti/cRPjJnoTDU+XYlOPuP7dXsnbc+wPJUQoPgMnJPksIMbL+Nh3GTwkJxjuxoaxRfNz0qox2wjzYMvTi9GQ5oA8WWNHHVzhFcBahGi+bGHevSA1PFOVvdBf7ILDXZb7fAvQF9MGzot2nTyDL7y1eVm1tgyXXPjKr9i7H/UJ8U8glXahknXOEq8EX3kn+xgEENGy7n0tT7Cu9Gi3IY06MohGVtuc7W6l0Esu1dORdG7hC0awtLIjtI/LA4ZB8NnbecHykez/KWyya8F+/xuXb0MHghpWLZ7Xn89+hwTy1rQTRQBF+ZQT4Bg8nI4u8iuxGzLfvDpHHVX3kGD8dciEhiQUQhRsxNGKvatvh3jyBuH19q2iq/nJHyaHpY4hQ==",
-      "MYSQL_ROOT_PASSWORD": "AgANb53gjjJear/ipEEIURnWx97fAbx786wJr8/pZDTOS4wPmCZ2hRFkjDTdL3/uy55fyRnBPWpHf+omf6KKWXb1SbRie6Tx44ntHvCUQ5lZfL5uQWenQHDV3MBlzIHi6uQZJBWSmvGapptMFJEZfRC5y538KMEOMYIF/FaSvS7WNShrssE8Rq09QjK27cU50ICCKG464WTFs5AeNlE5uc7IBH+ycsarWw0759BM7ESytyFAnxx4TbY+IA5TrJFX/P0w/ig2DZE1NeQPGlm9nMrtX19bs7DIVA+hrru7G+jjnmuYpHzwOMXgH3K44Lh5BNRnHQKrYiFd5PRdB4BJZ2ze0uDa08+1AUB23nSdDuaBEENsyHCaXlqoZdUBadLm5OEHC77adCps2f9ZWU5YVHohI/ab/sK+TG/DArDpSxLVLcCoI/OYB5rdAUbVagIVjuB3O6PBR8Swr5O+RmJZJUjvPLR7acwrnBdhm/8gp+ni4VoFvbfl2v3tP7cpKhVWhS5bNLuO/foZMOhlTIZwJnLFu3pn9ZqebA4spuzP0LhAV8olN08dXGlqmHvIOkQsct/5Z2cM2muJgyJcsPan4Oy3dc3/eVq13uxWPhaK5pldCCgYyW5k/FJfMxhnT1hsCkGA7cDvatM5gN9koQjG0DQQ45DCnZajwTga/EDpJmn1XGPquyVklGMq/h5LKXAnVHafZA0JxECulA0Sw9jjiM7934g59CKdq+gM"
-    }
-  }
-}

apps/newcloud/old_base/nextcloud-secret.yaml

@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: nextcloud-secret
-  namespace:  nextcloud
-  annotations:
-    sealedsecrets.bitnami.com/namespace-wide: "true"
-data:
-  MYSQL_PASSWORD: <pass>
-  MYSQL_ROOT_PASSWORD: <pass>
-  

apps/newcloud/old_base/redis-deployment.yaml

@@ -1,21 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: redis
-  name: redis
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: redis
-  template:
-    metadata:
-      labels:
-        app: redis
-    spec:
-      containers:
-        - image: redis:alpine
-          name: redis
-          resources: {}
-      restartPolicy: Always