No introduction found. Create it?
nextcloud from nextcloud is more popular with 19 repositories.
Install with:
helm repo add nextcloud oci://ghcr.io/bjw-s-labs/helm/app-template
helm install nextcloud nextcloud/nextcloud -f values.yamlSee examples from other people.
| Name | Repo | Stars | Version | Timestamp |
|---|---|---|---|---|
| nextcloud | budimanjojo/home-cluster | 228 | 8.5.2 | 3 days ago |
| nextcloud | haraldkoch/kochhaus-home | 156 | 8.5.2 | a month ago |
| nextcloud | drag0n141/home-ops | 47 | 8.5.2 | 3 months ago |
See the most popular values for this chart:
| Key | Types |
|---|---|
| boolean | |
| boolean | |
externalDatabase.existingSecret.passwordKey (10) INIT_POSTGRES_PASS | string |
externalDatabase.existingSecret.secretName (10) nextcloud-secret | string |
externalDatabase.existingSecret.usernameKey (10) INIT_POSTGRES_USER | string |
| string | |
externalDatabase.existingSecret.hostKey (1) POSTGRES_HOST | string |
externalDatabase.type (10) postgresql | string |
externalDatabase.database (9) nextcloud | string |
externalDatabase.host (9) postgres16-rw.database.svc.cluster.local:5432 | string |
| boolean | |
| boolean | |
nextcloud.existingSecret.secretName (10) nextcloud-secret | string |
nextcloud.existingSecret.passwordKey (6) nextcloud-password | string |
nextcloud.existingSecret.usernameKey (6) nextcloud-username | string |
| string | |
nextcloud.existingSecret.smtpPasswordKey (5) SMTP_PASSWORD | string |
nextcloud.existingSecret.smtpUsernameKey (5) SMTP_USERNAME | string |
nextcloud.extraEnv[].name (10) REDIS_HOST | string |
nextcloud.extraEnv[].value (9) dragonfly.database.svc | string |
nextcloud.extraEnv[].valueFrom.secretKeyRef.key (4) redis-password | string |
nextcloud.extraEnv[].valueFrom.secretKeyRef.name (4) nextcloud-secret | string |
nextcloud.host (10) cloud.${SECRET_DOMAIN} | string |
nextcloud.mail.domain (10) ${SECRET_DOMAIN} | string |
| boolean | |
| string | |
| number | |
nextcloud.mail.smtp.host (7) smtp.${SECRET_DOMAIN} | string |
| string | |
| string | |
| string | |
| string | |
nextcloud.extraInitContainers[].envFrom[].secretRef.name (8) nextcloud-secret | string |
nextcloud.extraInitContainers[].image (8) ghcr.io/home-operations/postgres-init:17 | string |
| string | |
nextcloud.configs."misc.config.php" (7) <?php
$CONFIG = array (
'default_phone_region' => 'PL',
'maintenance_window_start' => 2,
); ?> | string |
nextcloud.configs."proxy.config.php" (7) <?php
$CONFIG = array (
'trusted_proxies' => array(
0 => '127.0.0.1',
1 => '10.43.0.0/16',
1 => '10.0.0.0/16',
),
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
); ?> | string |
nextcloud.configs."ingress.config.php" (3) <?php
$CONFIG = array (
'overwrite.cli.url' => 'https://nextcloud.${SECRET_DOMAIN}',
'overwriteprotocol' => 'https',
); | string |
nextcloud.configs."logging.config.php" (3) <?php
$CONFIG = array (
'log_type' => 'file',
'logfile' => 'nextcloud.log',
'loglevel' => 1,
'logdateformat' => 'F d, Y H:i:s'
); | string |
nextcloud.configs."sso.config.php" (3) <?php
$CONFIG = array (
'allow_user_to_change_display_name' => false,
'lost_password_link' => 'disabled',
'oidc_login_client_id' => getenv('OIDC_CLIENT_ID'),
'oidc_login_client_secret' => getenv('OIDC_CLIENT_SECRET'),
'oidc_login_provider_url' => 'https://id.${SECRET_DOMAIN}',
'oidc_login_auto_redirect' => true, //login?noredir=1
'oidc_login_end_session_redirect' => true,
'oidc_login_button_text' => 'Log in with Pocket ID',
'oidc_login_hide_password_form' => true,
'oidc_login_use_id_token' => false,
'oidc_login_attributes' => array (
'id' => 'preferred_username',
'name' => 'name',
'mail' => 'email',
'groups' => 'groups',
'login_filter' => 'groups',
'photoURL' => 'picture',
'is_admin' => 'groups_ID-Admin',
),
'oidc_login_filter_allowed_values' => array('ID-Nextcloud'),
'oidc_login_use_external_storage' => false,
'oidc_login_scope' => 'openid profile email groups',
'oidc_login_proxy_ldap' => false,
'oidc_login_disable_registration' => false,
'oidc_login_redir_fallback' => false,
'oidc_login_tls_verify' => true,
'oidc_create_groups' => false,
'oidc_login_webdav_enabled' => false,
'oidc_login_password_authentication' => false,
'oidc_login_public_key_caching_time' => 86400,
'oidc_login_min_time_between_jwks_requests' => 10,
'oidc_login_well_known_caching_time' => 86400,
'oidc_login_update_avatar' => false,
); | string |
nextcloud.configs."local.config.php" (2) <?php
$CONFIG = array (
'trusted_proxies' =>
array (
0 => '127.0.0.1',
1 => '10.96.0.0/12',
2 => '10.244.0.0/16',
),
'trusted_domains' =>
array (
0 => 'nextcloud.${SECRET_DOMAIN_0}',
),
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
'overwrite.cli.url' => 'https://nextcloud.${SECRET_DOMAIN_0}',
'overwriteprotocol' => 'https',
'default_phone_region' => 'ID',
'maintenance_window_start' => 20,
); | string |
nextcloud.configs."caching.config.php" (1) <?php
$CONFIG = array (
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'filelocking.enabled' => true,
'redis' => array(
'host' => 'dragonfly.database.svc.cluster.local',
'port' => 6379,
'timeout' => 0.0,
'password' => '',
),
); | string |
nextcloud.configs."custom.config.php" (1) <?php
$CONFIG = array (
'overwriteprotocol' => 'https',
'overwrite.cli.url' => 'https://cloud.${SECRET_DOMAIN}',
'overewritehost' => 'cloud.${SECRET_DOMAIN}',
'filelocking.enabled' => 'true',
'default_phone_region' => 'DE',
'loglevel' => '2',
'enable_previews' => true,
'log_type' => 'syslog',
'maintenance_window_start' => 1,
'trusted_proxies' =>
array (
0 => '127.0.0.1',
1 => '10.42.0.0/16',
2 => '10.43.0.0/16',
),
); | string |
nextcloud.configs."minio.config.php" (1) <?php
$CONFIG = array (
'objectstore' => array(
'class' => '\\OC\\Files\\ObjectStore\\S3',
'arguments' => array(
'hostname' => 's3.hoohoot.org',
'port' => 443,
'use_path_style' => true,
'bucket' => 'nextcloud-data',
'autocreate' => false,
'key' => getenv('S3_ACCESS_KEY'),
'secret' => getenv('S3_SECRET_KEY'),
'use_ssl' => true,
),
),
); | string |
nextcloud.configs."oidc.config.php" (1) <?php
$CONFIG = array (
'allow_user_to_change_display_name' => false,
'lost_password_link' => 'disabled',
'oidc_login_provider_url' => 'https://auth.${SECRET_DOMAIN_0}',
'oidc_login_client_id' => 'nextcloud',
'oidc_login_client_secret' => getenv('OIDC_CLIENT_SECRET'),
'oidc_login_auto_redirect' => false,
'oidc_login_button_text' => 'Log in with Authelia',
'oidc_login_hide_password_form' => false,
'oidc_login_use_id_token' => false,
'oidc_login_attributes' => array(
'id' => 'preferred_username',
'name' => 'name',
'mail' => 'email',
'groups' => 'groups',
'is_admin' => 'is_nextcloud_admin',
),
'oidc_login_default_group' => 'oidc',
'oidc_login_use_external_storage' => false,
'oidc_login_scope' => 'openid profile email groups nextcloud_userinfo',
'oidc_login_proxy_ldap' => false,
'oidc_login_disable_registration' => true,
'oidc_login_redir_fallback' => false,
'oidc_login_tls_verify' => true,
'oidc_create_groups' => false,
'oidc_login_webdav_enabled' => false,
'oidc_login_password_authentication' => false,
'oidc_login_public_key_caching_time' => 86400,
'oidc_login_min_time_between_jwks_requests' => 10,
'oidc_login_well_known_caching_time' => 86400,
'oidc_login_update_avatar' => false,
'oidc_login_code_challenge_method' => 'S256',
); | string |
nextcloud.configs."performance.config.php" (1) <?php
$CONFIG = array (
'enable_previews' => true,
'enabledPreviewProviders' => array(
'OC\Preview\PNG',
'OC\Preview\JPEG',
'OC\Preview\GIF',
'OC\Preview\BMP',
'OC\Preview\XBitmap',
'OC\Preview\MP3',
'OC\Preview\TXT',
'OC\Preview\MarkDown',
'OC\Preview\OpenDocument',
'OC\Preview\Krita',
'OC\Preview\HEIC',
'OC\Preview\PDF',
),
'preview_max_x' => 2048,
'preview_max_y' => 2048,
'preview_max_scale_factor' => 1,
'preview_concurrency_new' => 4,
'preview_concurrency_all' => 4,
'jpeg_quality' => 60,
); | string |
nextcloud.configs."redis.config.php" (1) <?php
$CONFIG = array(
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'dragonfly.database.svc.cluster.local',
'port' => getenv('REDIS_PORT') ?: 6379,
'dbindex' => getenv('REDIS_DATABASE') ?: 10,
'password' => getenv('REDIS_PASSWORD'),
),
); | string |
| number | |
| number | |
| boolean | |
| number | |
| boolean | |
nextcloud.datadir (5) /var/www/data | string |
nextcloud.phpConfigs."www.conf" (4) [www]
user = www-data
group = www-data
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 57
pm.start_servers = 14
pm.min_spare_servers = 14
pm.max_spare_servers = 42
pm.max_requests = 500
pm.process_idle_timeout = 10s
| string |
nextcloud.phpConfigs."uploadLimit.ini" (3) upload_max_filesize = 16G
post_max_size = 16G
max_input_time = 3600
max_execution_time = 3600
| string |
nextcloud.phpConfigs."php.ini" (1) max_execution_time = 600
default_socket_timeout = 300
curl.cainfo = /etc/ssl/certs/ca-certificates.crt
| string |
nextcloud.lifecycle.postStartCommand[] (3) - /bin/bash | string |
| number | |
| boolean | |
| boolean | |
nextcloud.extraVolumeMounts[].mountPath (1) /mnt/data/home | string |
| string | |
| string | |
nextcloud.extraVolumes[].nfs.path (1) /mnt/data/home | string |
nextcloud.extraVolumes[].nfs.server (1) nas01.${SECRET_DOMAIN_INT} | string |
nextcloud.hooks.before-starting (1) # disable unneceserry apps
for appname in activity circles systemtags federation privacy \
nextcloud_announcements announcementcenter support survey_client \
user_status weather_status dashboard
do
php occ app:disable "$appname"
done | string |
nextcloud.hooks.post-installation (1) printf "Add missing DB indices\n"
php occ db:add-missing-indices | string |
nextcloud.hooks.post-upgrade (1) # based on https://github.com/nextcloud/all-in-one/blob/25c580bca370eaead5f1fad9d3842a9c49562dff/Containers/nextcloud/entrypoint.sh#L451-L457
php occ maintenance:repair --include-expensive
php occ db:add-missing-indices
php occ db:add-missing-columns
php occ db:add-missing-primary-keys | string |
| boolean | |
nextcloud.objectstore.s3.bucket (1) nextcloud-data | string |
| boolean | |
nextcloud.objectstore.s3.existingSecret (1) nextcloud-secret | string |
nextcloud.objectstore.s3.host (1) s3.{SECRET_HOME_DOMAIN} | string |
nextcloud.objectstore.s3.region (1) us-east-1 | string |
nextcloud.objectstore.s3.secretKeys.accessKey (1) S3_ACCESS_KEY | string |
nextcloud.objectstore.s3.secretKeys.secretKey (1) S3_SECRET_KEY | string |
| boolean | |
| boolean | |
| boolean | |
persistence.existingClaim (10) nextcloud | string |
| boolean | |
persistence.nextcloudData.existingClaim (4) nextcloud-nfs | string |
persistence.nextcloudData.accessMode (3) ReadWriteMany | string |
persistence.data.existingClaim (2) nextcloud-data-pvc | string |
| string | |
| boolean | |
| string | |
persistence.data.globalMounts[].path (1) /var/www/html | string |
persistence.data.type (1) persistentVolumeClaim | string |
persistence.alex-nfs.globalMounts[].path (1) /var/www/html/data/alex/files | string |
persistence.alex-nfs.path (1) /mnt/Fast/Alex | string |
persistence.alex-nfs.server (1) 192.168.42.20 | string |
| string | |
| string | |
| boolean | |
| string | |
| string | |
| boolean | |
| string | |
| string | |
| boolean | |
| string | |
persistence.app-config.existingClaim (1) nextcloud-app-pvc | string |
persistence.app-config.type (1) persistentVolumeClaim | string |
persistence.config-file.globalMounts[].path (1) /var/www/html/config/custom.config.php | string |
persistence.config-file.globalMounts[].subPath (1) custom.config.php | string |
| string | |
persistence.config-file.type (1) configMap | string |
persistence.nextcloud-config.advancedMounts.main.nextcloud[].path (1) /var/www/html/config/extra.config.php | string |
| boolean | |
| string | |
persistence.nextcloud-config.name (1) nextcloud-nextcloud-config | string |
| string | |
persistence.nginx-config.advancedMounts.main.nginx[].path (1) /etc/nginx/nginx.conf | string |
| boolean | |
| string | |
persistence.nginx-config.name (1) nextcloud-nginx-config | string |
persistence.nginx-config.type (1) configMap | string |
persistence.opcache-recommended-ini.advancedMounts.main.nextcloud[].path (1) /usr/local/etc/php/conf.d/opcache-recommended.ini | string |
| boolean | |
persistence.opcache-recommended-ini.advancedMounts.main.nextcloud[].subPath (1) opcache-recommended-ini | string |
persistence.opcache-recommended-ini.name (1) nextcloud-nextcloud-config | string |
| string | |
persistence.redis-session-ini.advancedMounts.main.nextcloud[].path (1) /usr/local/etc/php/conf.d/redis-session.ini | string |
| boolean | |
| string | |
persistence.redis-session-ini.name (1) nextcloud-nextcloud-config | string |
| string | |
persistence.tmpfs.globalMounts[].path (1) /tmp | string |
persistence.tmpfs.globalMounts[].subPath (1) tmp | string |
persistence.tmpfs.type (1) emptyDir | string |
persistence.upload-limit-ini.advancedMounts.main.nextcloud[].path (1) /usr/local/etc/php-fpm.d/uploadLimit.ini | string |
| boolean | |
| string | |
persistence.upload-limit-ini.name (1) nextcloud-nextcloud-config | string |
| string | |
persistence.www-conf.advancedMounts.main.nextcloud[].path (1) /usr/local/etc/php-fpm.d/zz-www.conf | string |
| boolean | |
| string | |
persistence.www-conf.name (1) nextcloud-nextcloud-config | string |
persistence.www-conf.type (1) configMap | string |
| boolean | |
| number | |
| number | |
| number | |
| number | |
| number | |
image.flavor (9) fpm-alpine | string |
image.tag (3) 32.0.1-fpm-alpine | string |
image.pullPolicy (1) IfNotPresent | string |
image.repository (1) nextcloud | string |
| boolean | |
nginx.config.headers.Strict-Transport-Security (1) max-age=15552000; includeSubDomains; preload; | string |
| string | |
| string | |
| string | |
ingress.enabled (8) false | boolean |
ingress.className (3) external | string |
| string | |
ingress.pathType (3) Prefix | string |
| string | |
ingress.annotations."external-dns.alpha.kubernetes.io/target" (2) ipv4.${SECRET_DOMAIN} | string |
| string | |
| string | |
| string | |
ingress.annotations."nginx.ingress.kubernetes.io/server-snippet" (2) location = /robots.txt {
return 200 "User-agent: *\nDisallow: /\n";
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
deny all;
}
| string |
| string | |
ingress.annotations."nginx.org/rewrites" (2) /.well-known/webfinger /index.php/.well-known/webfinger;
/.well-known/nodeinfo /index.php/.well-known/nodeinfo;
/.well-known/host-meta /public.php?service=host-meta;
/.well-known/host-meta.json /public.php?service=host-meta-json;
/.well-known/carddav $scheme://$host/remote.php/dav redirect=301;
/.well-known/caldav $scheme://$host/remote.php/dav redirect=301;
| string |
| string | |
| string | |
ingress.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (1) more_set_headers "Strict-Transport-Security: max-age=31536000; includeSubDomains; preload"; | string |
| string | |
| string | |
| string | |
| string | |
ingress.annotations."traefik.ingress.kubernetes.io/router.middlewares" (1) networking-traefik-middleware-chain-no-auth@kubernetescrd | string |
ingress.tls[].hosts[] (1) - nextcloud.${SECRET_DOMAIN} | string |
ingress.tls[].secretName (1) ${SECRET_DOMAIN/./-}-production-tls | string |
| boolean | |
| string | |
deploymentAnnotations."secret.reloader.stakater.com/reload" (1) nextcloud-secret | string |
| string | |
| number | |
| number, string | |
| string | |
| boolean | |
| string | |
securityContext.fsGroupChangePolicy (2) OnRootMismatch | string |
configMaps.config.data."custom.config.php" (1) <?php
$CONFIG = array(
'overwriteprotocol' => 'https',
'overwrite.cli.url' => 'https://storage.hyde.services',
'overwritehost' => 'storage.hyde.services',
'check_data_directory_permissions' => false,
'default_phone_region' => 'AU',
'trusted_proxies' => array(
0 => '127.0.0.1',
1 => '10.42.0.0/16',
),
'trusted_domains' => array(
0 => '127.0.0.1',
1 => 'storage.hyde.services',
),
'simpleSignUpLink.shown' => false,
'cache_path' => '/cache',
'forwarded_for_headers' => array('X-Forwarded-For'),
'maintenance_window_start' => 100,
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'dragonfly.databases.svc.cluster.local',
'port' => 6379,
'dbindex' => 1,
),
); | string |
configMaps.config.data."php.ini" (1) session.save_handler = redis
session.save_path = "tcp://dragonfly.databases.svc.cluster.local:6379/1"
redis.session.locking_enabled = 1
redis.session.lock_retries = -1
redis.session.lock_wait_time = 10000
upload_max_filesize = 16G
post_max_size = 16G
memory_limit = 512M
max_execution_time = 3600 | string |
configMaps.config.data."remoteip.conf" (1) RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 10.42.0.0/16 | string |
configMaps.config.data."www.conf" (1) [www]
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 50
pm.start_servers = 12
pm.min_spare_servers = 6
pm.max_spare_servers = 18 | string |
configMaps.nextcloud-config.data."extra.config.php" (1) <?php
$CONFIG = array(
'backgroundjobs_mode' => 'cron',
'activity_expire_days' => 14,
'allow_local_remote_servers' => true,
'auth.bruteforce.protection.enabled' => true,
'overwriteprotocol' => 'https',
'overwrite.cli.url' => 'https://cloud.${SECRET_DOMAIN}',
'trusted_domains' => array(
0 => 'localhost',
1 => 'cloud.${SECRET_DOMAIN}',
2 => 'id.${SECRET_DOMAIN}',
3 => 'nextcloud-collabora.default.svc.cluster.local',
),
'trusted_proxies' => array(
0 => '127.0.0.1',
1 => '10.0.0.0/8',
2 => '172.16.0.0/12',
3 => '192.168.0.0/16',
),
'forwarded_for_headers' => array(
0 => 'HTTP_X_FORWARDED_FOR',
),
'forbidden_filenames' =>
array (
0 => '.htaccess',
1 => 'Thumbs.db',
2 => 'thumbs.db',
),
'appstoreenabled' => true,
'knowledgebaseenabled' => false,
'quota_include_external_storage' => false,
'share_folder' => '/Freigaben',
'skeletondirectory' => '',
'trashbin_retention_obligation' => 'auto, 7',
'log_type' => 'file',
'logfile' => '/var/log/nextcloud.log',
'loglevel' => 0,
'memcache.local' => '\OC\Memcache\APCu',
'memcache.distributed' => '\OC\Memcache\Redis',
'memcache.locking' => '\OC\Memcache\Redis',
'redis' => array(
'host' => getenv('REDIS_HOST'),
'port' => getenv('REDIS_HOST_PORT') ?: 6379,
'password' => getenv('REDIS_HOST_PASSWORD'),
'dbindex' => 8,
'timeout' => 1.5,
'read_timeout' => 1.5,
),
'apps_paths' => array(
0 => array (
'path' => OC::$SERVERROOT.'/apps',
'url' => '/apps',
'writable' => false,
),
1 => array (
'path' => OC::$SERVERROOT.'/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'htaccess.RewriteBase' => '/',
'mail_smtpmode' => 'smtp',
'mail_smtptimeout' => 30,
'mail_sendmailmode' => 'smtp',
'mail_smtphost' => getenv('SMTP_HOST'),
'mail_smtpport' => 25,
'mail_smtpsecure' => '',
'mail_smtpauth' => false,
'mail_smtpauthtype' => '',
'mail_smtppassword' => getenv('SMTP_PASSWORD'),
'mail_smtpname' => getenv('SMTP_NAME'),
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
'mail_domain' => getenv('MAIL_DOMAIN'),
"mail_smtptimeout" => 30,
'mail_smtpstreamoptions' => array (
'ssl' => array (
'allow_self_signed' => true,
'verify_peer' => false,
'verify_peer_name' => false
),
),
'enable_previews' => true,
'enabledPreviewProviders' =>
array (
0 => 'OC\\Preview\\PNG',
1 => 'OC\\Preview\\JPEG',
2 => 'OC\\Preview\\GIF',
3 => 'OC\\Preview\\BMP',
4 => 'OC\\Preview\\XBitmap',
5 => 'OC\\Preview\\Movie',
6 => 'OC\\Preview\\PDF',
7 => 'OC\\Preview\\MP3',
8 => 'OC\\Preview\\TXT',
9 => 'OC\\Preview\\MarkDown',
10 => 'OC\\Preview\\HEIC',
11 => 'OC\\Preview\\MKV',
12 => 'OC\\Preview\\MP4',
13 => 'OC\\Preview\\AVI',
),
'preview_max_x' => 1024,
'preview_max_y' => 768,
'preview_max_scale_factor' => 1,
// Circumvention for client freezes - https://github.com/nextcloud/desktop/issues/5094
'bulkupload.enabled' => false,
'backgroundjobs_mode' => 'webcron',
'default_language' => 'de',
'default_locale' => 'de_DE',
'default_phone_region' => 'DE',
'default_timezone' => 'Europe/Berlin',
'maintenance_window_start' => 1,
);
| string |
configMaps.nextcloud-config.data.opcache-recommended-ini (1) opcache.enable=1
opcache.interned_strings_buffer=64
opcache.max_accelerated_files=20000
opcache.memory_consumption=256
opcache.save_comments=1
opcache.revalidate_freq=60
opcache.validate_timestamps=0
opcache.jit=1255
opcache.jit_buffer_size=128M
| string |
configMaps.nextcloud-config.data."redis-session.ini" (1) session.save_handler = redis
session.save_path = "tcp://${REDIS_HOST}:${REDIS_HOST_PORT}?auth=${REDIS_HOST_PASSWORD}"
redis.session.locking_enabled = 1
redis.session.lock_retries = -1
redis.session.lock_wait_time = 10000
| string |
configMaps.nextcloud-config.data."uploadLimit.ini" (1) upload_max_filesize = 16G
post_max_size = 16G
max_input_time = 3600
max_execution_time = 3600
| string |
configMaps.nextcloud-config.data."www.conf" (1) [www]
pm = dynamic
pm.max_children = 256
pm.start_servers = 14
pm.min_spare_servers = 14
pm.max_spare_servers = 236
pm.max_requests = 500
pm.process_idle_timeout = 10s
| string |
| boolean | |
configMaps.nginx-config.data."nginx.conf" (1) worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /tmp/nginx.pid;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
http {
proxy_temp_path /tmp/proxy_temp;
client_body_temp_path /tmp/client_temp;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
reset_timedout_connection on;
server_tokens off;
resolver 176.9.93.198 176.9.1.117 valid=30s;
resolver_timeout 5s;
limit_req_zone $binary_remote_addr zone=NextcloudRateLimit:10m rate=2r/s;
upstream php-handler {
server 127.0.0.1:9000;
}
types {
text/javascript mjs;
}
server {
listen 8080;
root /var/www/html;
index index.php index.html /index.php$request_uri;
# Security Headers
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload;" always;
add_header Permissions-Policy "interest-cohort=()";
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
fastcgi_hide_header X-Powered-By;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
client_max_body_size 10G;
client_body_timeout 3600s;
client_body_buffer_size 512k;
fastcgi_buffers 64 4K;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types
application/atom+xml
text/javascript
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/wasm
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
location = / {
if ($http_user_agent ~ ^DavClnt) {
return 302 /remote.php/webdav/$is_args$args;
}
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Well-known URLs
location ^~ /.well-known {
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
return 301 /index.php$request_uri;
}
# Block unsafe paths
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# PHP Handling
location ~ \.php(?:$|/) {
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_connect_timeout 3600;
fastcgi_max_temp_file_size 0;
}
# Static files
location ~ \.(?:css|js|mjs|svg|gif|ico|jpg|png|webp|wasm|tflite|map|ogg|flac)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15768000, immutable";
expires 6M;
access_log off;
}
# Fonts
location ~ \.(otf|woff2?)$ {
try_files $uri /index.php$request_uri;
expires 7d;
access_log off;
}
# Remote redirect
location /remote {
return 301 /remote.php$request_uri;
}
# Login rate limiting
location = /login {
limit_req zone=NextcloudRateLimit burst=5 nodelay;
limit_req_status 429;
try_files $uri $uri/ /index.php$request_uri;
}
# Whiteboard reverse proxy
location /whiteboard/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://nextcloud-whiteboard.default.svc.cluster.local:3002/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# Fallback
location / {
try_files $uri $uri/ /index.php$request_uri;
}
}
}
| string |
| boolean | |
| string | |
| boolean | |
| boolean | |
| boolean | |
| number | |
| string | |
controllers.main.containers.clamav.image.tag (1) 1.5.1@sha256:a56287b4ffa299bde2ef09234cb8b6134d591d0be05b63f5065932dc93cb2435 | string |
| boolean | |
| boolean | |
| number | |
| number | |
| number | |
controllers.main.containers.collabora.env[].name (1) username | string |
controllers.main.containers.collabora.env[].value (1) --o:ssl.termination=true --o:ssl.enable=false --o:welcome.enable=false --o:languagetool.enabled=true --o:languagetool.base_url=http://nextcloud-languagetool.default.svc.cluster.local:8010/v2 --o:net.proxy_allowed_hosts=192.168.0.0/16,10.0.0.0/8,cloud.${SECRET_DOMAIN} --o:admin_console.enable=false | string |
controllers.main.containers.collabora.env[].valueFrom.secretKeyRef.key (1) COLLABORA_USERNAME | string |
controllers.main.containers.collabora.env[].valueFrom.secretKeyRef.name (1) nextcloud-secret | string |
| string | |
controllers.main.containers.collabora.image.tag (1) 25.04.7.1.1@sha256:b70d5ffb3c88ec365c3685cbd4ce56cd0d29122a1290e98e7f0e9932c2cd8246 | string |
| number | |
| number | |
| number | |
controllers.main.containers.languagetool.image.repository (1) collabora/languagetool | string |
controllers.main.containers.languagetool.image.tag (1) 6.6@sha256:a93a2470a49c28e36b0e3b73f4562dab21a532ad10819ddc50bf69f80e98240d | string |
controllers.main.containers.nextcloud.env[].name (1) TZ | string |
controllers.main.containers.nextcloud.env[].value (1) ${TIMEZONE} | string |
controllers.main.containers.nextcloud.env[].valueFrom.secretKeyRef.key (1) NEXTCLOUD_ADMIN_USER | string |
controllers.main.containers.nextcloud.env[].valueFrom.secretKeyRef.name (1) nextcloud-secret | string |
controllers.main.containers.nextcloud.image.repository (1) docker.io/library/nextcloud | string |
controllers.main.containers.nextcloud.image.tag (1) 32.0.1-fpm-alpine@sha256:f5095b42d71293b19591d156aadc578600360c1fca02fe752d65b81f05e941b6 | string |
| number | |
| number | |
| number | |
controllers.main.containers.nginx.image.repository (1) nginxinc/nginx-unprivileged | string |
controllers.main.containers.nginx.image.tag (1) 1.29-alpine@sha256:2cddd18b805962549f850a5f6f1f4b3ccb667343e3c6ba42e8ce6a6f7e389709 | string |
controllers.main.containers.whiteboard.env[].name (1) NEXTCLOUD_URL | string |
controllers.main.containers.whiteboard.env[].value (1) https://cloud.${SECRET_DOMAIN} | string |
controllers.main.containers.whiteboard.env[].valueFrom.secretKeyRef.key (1) WHITEBOARD_JWT_SECRET_KEY | string |
| string | |
controllers.main.containers.whiteboard.image.repository (1) ghcr.io/nextcloud-releases/whiteboard | string |
controllers.main.containers.whiteboard.image.tag (1) v1.4.1@sha256:c1b5b207cbffa325a8b491079c76e6c2a1b5f881e5746008486f345968c40ef2 | string |
| number | |
| number | |
| number | |
controllers.main.initContainers.init-chmod-pvc.args[] (1) - -c | string |
| string | |
controllers.main.initContainers.init-chmod-pvc.image.repository (1) docker.io/library/alpine | string |
controllers.main.initContainers.init-chmod-pvc.image.tag (1) 3.22.2@sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412 | string |
| number | |
| number | |
| number | |
controllers.main.strategy (1) RollingUpdate | string |
| string | |
controllers.nextcloud.containers.app.env.NEXTCLOUD_DATA_DIR (1) /var/www/html/data | string |
controllers.nextcloud.containers.app.env.NEXTCLOUD_TRUSTED_DOMAINS (1) storage.hyde.services | string |
controllers.nextcloud.containers.app.envFrom[].secretRef.name (1) {{ .Release.Name }}-secret | string |
controllers.nextcloud.containers.app.image.repository (1) docker.io/library/nextcloud | string |
controllers.nextcloud.containers.app.image.tag (1) 32.0.1@sha256:5b043f7ea2f609d5ff5635f475c30d303bec17775a5c3f7fa435e3818e669120 | string |
| boolean | |
| boolean | |
| number | |
| string | |
| string | |
| string | |
| number | |
| number | |
| number | |
| number | |
| boolean | |
| boolean | |
| number | |
| string | |
| string | |
| string | |
| number | |
| number | |
| number | |
| number | |
| boolean | |
| number | |
| number | |
| string | |
| string | |
| string | |
| boolean | |
| string | |
| boolean | |
controllers.nextcloud.initContainers.copy-config.command[] (1) - sh | string |
controllers.nextcloud.initContainers.copy-config.image.repository (1) docker.io/library/nextcloud | string |
controllers.nextcloud.initContainers.copy-config.image.tag (1) 32.0.1@sha256:5b043f7ea2f609d5ff5635f475c30d303bec17775a5c3f7fa435e3818e669120 | string |
| boolean | |
| string | |
| boolean | |
| string | |
| string | |
| number | |
| string | |
| number | |
| boolean | |
| number | |
| string | |
| string | |
fullnameOverride (1) nextcloud | string |
hpa.enabled (1) false | boolean |
| boolean | |
| boolean | |
redis.enabled (1) false | boolean |
| string | |
route.app.annotations."gatus.home-operations.com/endpoint" (1) url: https://storage.hyde.services/cron.php | string |
route.app.hostnames[] (1) - storage.hyde.services | string |
route.app.parentRefs[].name (1) envoy-external | string |
| string | |
| string | |
| number | |
route.app.rules[].filters[].responseHeaderModifier.add[].name (1) Strict-Transport-Security | string |
route.app.rules[].filters[].responseHeaderModifier.add[].value (1) max-age=31536000; includeSubDomains; preload | string |
route.app.rules[].filters[].type (1) ResponseHeaderModifier | string |
route.collabora.hostnames[] (1) - office.${SECRET_DOMAIN} | string |
| string | |
route.collabora.parentRefs[].namespace (1) kube-system | string |
| string | |
route.collabora.rules[].backendRefs[].name (1) nextcloud-collabora | string |
| number | |
route.nextcloud.hostnames[] (1) - cloud.${SECRET_DOMAIN} | string |
| string | |
route.nextcloud.parentRefs[].namespace (1) kube-system | string |
| string | |
route.nextcloud.rules[].backendRefs[].name (1) nextcloud-nginx | string |
| number | |
| number | |
| string | |
| number | |
| string | |
| number | |
| string | |
| number | |
| string | |
| number | |
| string | |
| number |