Nextcloud on kubernetes with Traefik
00-nextcloud-ns.yaml
apiVersion: v1
kind: Namespace
metadata:
name: nextcloud
01-nextcloud-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: "nextcloud-data"
labels:
type: "local"
usage: "nextcloud-data"
spec:
storageClassName: "manual"
capacity:
storage: "50Gi"
accessModes:
- ReadWriteOnce
hostPath:
path: "NEXTCLOUD_DATA_PATH"
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: "nextcloud-db"
labels:
type: "local"
usage: "nextcloud-db"
app: mariadb
component: master
release: mariadb
spec:
storageClassName: "manual"
capacity:
storage: "10Gi"
accessModes:
- ReadWriteOnce
hostPath:
path: "NEXTCLOUD_DB_PATH"
02-nextcloud-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: "nextcloud"
name: "nextcloud-data-pvc"
spec:
storageClassName: "manual"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "50Gi"
selector:
matchLabels:
usage: nextcloud-data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: "nextcloud"
name: "nextcloud-db-pvc"
spec:
storageClassName: "manual"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"
selector:
matchLabels:
usage: nextcloud-db
kubectl create -f .
nextcloud-values.yaml
nextcloud:
host: HOMENAME
username: admin
password: ADMIN_PASSWD
persistence:
enabled: true
existingClaim: nextcloud-data-pvc
accessMode: ReadWriteOnce
size: "50Gi"
internalDatabase:
enabled: false
mariadb:
enabled: true
rootUser:
password: "DB_ROOT_PASSWD"
db:
user: "dbuser"
password: "DB_USER_PASSWD"
name: "nextcloud"
replication:
enabled: false
master:
persistence:
enabled: true
existingClaim: nextcloud-db-pvc
size: 10Gi
helm install nextcloud stable/nextcloud --n nextcloud -f values.yaml
03-middlewares.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: nc-rep
namespace: traefik
spec:
redirectRegex:
regex: https://(.*)/.well-known/(card|cal)dav
replacement: https://${1}/remote.php/dav/
permanent: true
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: nc-header
namespace: traefik
spec:
headers:
customFrameOptionsValue: SAMEORIGIN
stsSeconds: 15552000
04-nextcloud-ingress.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nextcloud-ingress
namespace: nextcloud
spec:
entryPoints:
- websecure
routes:
- match: Host(`HOSTNAME`)
kind: Rule
services:
- name: nextcloud
namespace: nextcloud
port: 8080
middlewares:
- name: nc-rep
namespace: traefik
- name: nc-header
namespace: traefik
tls:
certResolver: leresolver
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: nextcloud-ingress80
namespace: nextcloud
spec:
entryPoints:
- web
routes:
- match: Host(`HOSTNAME`)
kind: Rule
services:
- name: nextcloud
namespace: nextcloud
port: 8080
middlewares:
- name: https-only
namespace: traefik
- name: nc-rep
namespace: traefik
- name: nc-header
namespace: traefik
kubectl create -f 03-middlewares.yaml
kubectl create -f 04-nextcloud-ingress.yaml