nextcloud helm

No introduction found. Create it?

Install

Install with:

helm repo add nextcloud https://nextcloud.github.io/helm/
helm install nextcloud nextcloud/nextcloud -f values.yaml

Examples

See examples from other people.

Top Repositories (3 out of 23)

NameRepoStarsVersionTimestamp
nextcloudharaldkoch/kochhaus-home1366.6.102 hours ago
nextcloudangelnu/k8s-gitops1666.6.9a month ago
nextcloudbudimanjojo/home-cluster1936.6.9a month ago

Values

See the most popular values for this chart:

KeyTypes
boolean
nextcloud.host (23)
cloud.${SECRET_DOMAIN}
string
boolean, string
string
string
string
string
string
string
string
boolean
string
string
number, string
string
string
nextcloud.mail.smtp.host (5)
smtp-relay.default.svc.cluster.local
string
string
string
nextcloud.extraEnv[].name (12)
REDIS_HOST
REDIS_HOST_PORT
string
string
nextcloud.extraEnv[].valueFrom.secretKeyRef.key (7)
REDIS_HOST
REDIS_PORT
REDIS_DB
S3_BUCKET
S3_ACCESS_KEY
S3_SECRET_KEY
OIDC_CLIENT_PASSWORD
OIDC_CLIENT_ID
string
nextcloud.extraEnv[].valueFrom.secretKeyRef.name (7)
nextcloud-secret
nextcloud-secret
nextcloud-secret
string
string
string
string
string
nextcloud.extraInitContainers[].args[] (2)
- -c
- until nc -w 1 -v $POSTGRES_HOST; do echo "Waiting for database"; done
- -c
- until nc -w 1 -v $REDIS_HOST:$REDIS_PORT; do echo "Waiting for Redis"; done
string
string
nextcloud.extraInitContainers[].env[].name (2)
POSTGRES_HOST
REDIS_HOST
REDIS_PORT
string
nextcloud.extraInitContainers[].env[].value (1)
pgo-cluster-primary.default.svc
redis
6379
string
string
nextcloud.extraInitContainers[].env[].valueFrom.secretKeyRef.name (1)
nextcloud-secret
nextcloud-secret
nextcloud-secret
string
nextcloud.phpConfigs."uploadLimit.ini" (9)
upload_max_filesize = 16G post_max_size = 16G max_input_time = 3600 max_execution_time = 3600
string
nextcloud.phpConfigs."www.conf" (4)
[www] user = www-data group = www-data listen = 127.0.0.1:9000 pm = dynamic pm.max_children = 57 pm.start_servers = 14 pm.min_spare_servers = 14 pm.max_spare_servers = 42 pm.max_requests = 500 pm.process_idle_timeout = 10s
string
nextcloud.phpConfigs."override_max_file_size.ini" (2)
upload_max_filesize=16G post_max_size=16G
string
nextcloud.phpConfigs."custom.config.php" (1)
<?php $CONFIG = array( "check_data_directory_permissions"=> false, # fix data directory permissions error "trusted_domains" => array ( $_ENV["NEXTCLOUD_TRUSTED_DOMAINS"], # fix probes 400 error ), );
string
nextcloud.phpConfigs."custom.ini" (1)
memory_limit=512M upload_max_filesize=16G post_max_size=16G max_execution_time=3600 max_input_time=3600
string
nextcloud.configs."proxy.config.php" (8)
<?php $CONFIG = array ( 'trusted_proxies' => array( 0 => '127.0.0.1', 1 => '10.96.0.0/16', 2 => '10.69.0.0/16', ), 'trusted_domains' => array( 0 => '127.0.0.1', 1 => 'cloud.${SECRET_DOMAIN}', ), 'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'), );
string
nextcloud.configs."local.config.php" (5)
<?php $CONFIG = array ( 'trusted_proxies' => array ( 0 => '127.0.0.1', 1 => '172.16.0.0/16', 2 => '10.96.0.0/16', 3 => '10.69.0.0/16', ), 'trusted_domains' => [ 'nextcloud', 'nextcloud.selfhosted', 'nextcloud.${SECRET_DOMAIN}' ], 'forwarded_for_headers' => array ( 0 => 'HTTP_X_FORWARDED_FOR', 1 => 'X-Forwarded-For', ), 'default_timezone' => '${TIMEZONE}', 'default_phone_region' => 'US', 'trashbin_retention_obligation' => 'auto, 30', 'auth.bruteforce.protection.enabled' => true, );
string
nextcloud.configs."redis.config.php" (5)
<?php $CONFIG = array ( 'memcache.local' => '\\OC\\Memcache\\Redis', 'memcache.distributed' => '\OC\Memcache\Redis', 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => 'dragonfly.database.svc.cluster.local', 'port' => 6379, 'dbindex' => 2, 'timeout' => 1, 'read_timeout' => 1, ) );
string
nextcloud.configs."custom.config.php" (4)
<?php $CONFIG = array ( 'overwriteprotocol' => 'https', 'overwrite.cli.url' => 'https://nc.${SECRET_DOMAIN}', 'filelocking.enabled' => 'true', 'loglevel' => '2', 'enable_previews' => true, 'trusted_domains' => [ 'nextcloud', 'nc.${SECRET_DOMAIN}' ], 'trusted_proxies' => [ '10.69.0.0/16', ], 'forwarded_for_headers' => [ 0 => 'X-Forwarded-For', 1 => 'HTTP_X_FORWARDED_FOR' ], 'default_phone_region' => 'SE', 'allow_local_remote_servers' => true, 'bulkupload.enabled' => true, );
string
nextcloud.configs."misc.config.php" (4)
<?php $CONFIG = array ( 'default_phone_region' => 'NZ', 'maintenance_window_start' => 2, );
string
nextcloud.configs."sso.config.php" (4)
<?php $CONFIG = array ( 'allow_user_to_change_display_name' => false, 'lost_password_link' => 'disabled', 'oidc_login_client_id' => getenv('OIDC_CLIENT_ID'), 'oidc_login_client_secret' => getenv('OIDC_CLIENT_PASSWORD'), 'oidc_login_provider_url' => 'https://sso.${SECRET_DOMAIN}/application/o/nextcloud/', 'oidc_login_end_session_redirect' => true, 'oidc_login_logout_url' => 'https://sso.${SECRET_DOMAIN}/application/o/nextcloud/end-session/', 'oidc_login_default_quota' => '1000000000', 'oidc_login_button_text' => 'Authentik SSO', 'oidc_login_hide_password_form' => false, 'oidc_login_attributes' => array ( 'id' => 'sub', 'name' => 'name', 'mail' => 'email', ), 'oidc_create_groups' => true, 'oidc_login_code_challenge_method' => 'S256', 'oidc_login_auto_redirect' => true, 'oidc_login_webdav_enabled' => true, 'oidc_login_disable_registration' => false, );
string
nextcloud.configs."ingress.config.php" (3)
<?php $CONFIG = array ( 'overwrite.cli.url' => 'https://nextcloud.${SECRET_DOMAIN}', 'overwriteprotocol' => 'https', 'allow_local_remote_servers' => true );
string
nextcloud.configs."logging.config.php" (3)
<?php $CONFIG = array ( 'log_type' => 'file', 'logfile' => 'nextcloud.log', 'loglevel' => 0, 'logdateformat' => 'F d, Y H:i:s' );
string
nextcloud.configs."bulkupload.config.php" (2)
<?php $CONFIG = array ( 'bulkupload.enabled' => false, );
string
nextcloud.configs."gitops.config.php" (2)
<?php $CONFIG = array ( 'appstoreenabled' => true, #'appstoreurl' => 'https://apps.nextcloud.com/api/v0', 'mail_domain' => '${CLUSTER_DOMAIN}', );
string
nextcloud.configs."s3.config.php" (2)
<?php $CONFIG = array ( 'objectstore' => array( 'class' => '\\OC\\Files\\ObjectStore\\S3', 'arguments' => array( 'hostname' => 's3.${SECRET_DOMAIN}', 'port' => 443, 'use_path_style' => true, 'bucket' => getenv('S3_BUCKET'), 'autocreate' => false, 'region' => 'us-east-1', 'key' => getenv('S3_ACCESS_KEY'), 'secret' => getenv('S3_SECRET_KEY'), 'use_ssl' => true, ), ), );
string
nextcloud.configs."fed-fixes.config.php" (1)
<?php $CONFIG = array ( "davstorage.request_timeout" => 200, );
string
nextcloud.configs."minio.config.php" (1)
<?php $CONFIG = array ( 'objectstore' => array( 'class' => '\\OC\\Files\\ObjectStore\\S3', 'arguments' => array( 'hostname' => 's3.hoohoot.org', 'port' => 443, 'use_path_style' => true, 'bucket' => 'nextcloud-data', 'autocreate' => false, 'key' => getenv('S3_ACCESS_KEY'), 'secret' => getenv('S3_SECRET_KEY'), 'use_ssl' => true, ), ), );
string
nextcloud.configs."previews.config.php" (1)
<?php $CONFIG = array ( 'preview_max_x' => 512, 'preview_max_y' => 512, 'enable_previews' => true, 'enabledPreviewProviders' => array ( 0 => 'OC\\Preview\\TXT', 1 => 'OC\\Preview\\Image', 2 => 'OC\\Preview\\Movie', 3 => 'OC\\Preview\\MP4', 4 => 'OC\\Preview\\HEIC', ), 'previewgenerator' => array ( 'squareSizes' => 256, 'widthSizes' => 512, 'heightSizes' => 512, ), );
string
nextcloud.configs."timezone.config.php" (1)
<?php $CONFIG = array ( 'default_timezone' => 'America/Santiago', );
string
nextcloud.configs."user_oidc.config.php" (1)
<?php $CONFIG = array ( 'user_oidc' => [ 'user_search_match_emails' => false, ], );
string
string
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
boolean
number, string
boolean
number, string
boolean
number
string
nextcloud.extraVolumes[].name (5)
nfs-video
nfs-software
nfs-music
nfs-downloads
esphome
string
nextcloud.extraVolumes[].nfs.path (3)
${NFS_VIDEO}
${NFS_SOFTWARE}
${NFS_MUSIC}
${NFS_DOWNLOADS}
string
nextcloud.extraVolumes[].nfs.server (3)
${NFS_SERVER}
${NFS_SERVER}
${NFS_SERVER}
${NFS_SERVER}
string
string
string
string
string
nextcloud.extraVolumeMounts[].mountPath (4)
/video
/software
/software/3D-printer/projects/Electronica/esphome_devices
/music
/downloads
string
nextcloud.extraVolumeMounts[].name (4)
nfs-video
nfs-software
esphome
nfs-music
nfs-downloads
string
string
string
number
nextcloud.hooks.before-starting (1)
# disable unneceserry apps for appname in activity circles systemtags federation privacy \ nextcloud_announcements announcementcenter support survey_client \ user_status weather_status dashboard do php occ app:disable "$appname" done # install openid user backend php occ app:enable user_oidc printf "setting up OIDC\n" php occ config:app:set --value=0 user_oidc allow_multiple_user_backends # unique ids break groups php occ user_oidc:provider Keycloak \ --clientid "$OIDC_CLIENT_ID" \ --clientsecret "$OIDC_CLIENT_SECRET" \ --discoveryuri "$OIDC_DISCOVERURL" \ --mapping-display-name preferred_username \ --unique-uid=0 \ --group-provisioning 1 # install apps for appname in spreed contacts calendar user_oidc bookmarks deck do php occ app:install "$appname" done # If app is installed already occ returns 1, script fails and container refuses to start true
string
nextcloud.hooks.post-installation (1)
printf "Add missing DB indices\n" php occ db:add-missing-indices
string
nextcloud.hooks.post-upgrade (1)
# based on https://github.com/nextcloud/all-in-one/blob/25c580bca370eaead5f1fad9d3842a9c49562dff/Containers/nextcloud/entrypoint.sh#L451-L457 php occ maintenance:repair --include-expensive php occ db:add-missing-indices php occ db:add-missing-columns php occ db:add-missing-primary-keys
string
boolean
string
boolean
string
nextcloud.objectstore.s3.host (1)
s3.{SECRET_HOME_DOMAIN}
string
string
string
string
boolean
boolean
nextcloud.password (1)
${NEXTCLOUD_ADMIN_PASSWORD}
string
boolean
string
boolean
string
number
nextcloud.trustedDomains[] (1)
- localhost
- nextcloud
- nextcloud.${SERVICE_DOMAIN}
string
number
nextcloud.username (1)
${NEXTCLOUD_ADMIN_USERNAME}
string
boolean
string
boolean
string
string
string
string
string
persistence.nextcloudData.annotations."k8up.io/backup-restic-args" (1)
[ "--exclude", "nextcloud.log", "--exclude", "nextcloud.log.*", "--exclude", "appdata_*/preview", "--exclude", "*/files_external", "--exclude", "*/files/auto-upload" ]
string
string
string
string
string
string
boolean
string
ingress.annotations."nginx.ingress.kubernetes.io/server-snippet" (15)
server_tokens off; proxy_hide_header X-Powered-By; rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last; rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last; rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json; location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:autotest|occ|issue|indie|db_|console) { deny all; }
string
string
string
string
string
string
string
string
string
string
string
string
string
string
string
string
string
string
string
string
string
ingress.annotations."nginx.ingress.kubernetes.io/configuration-snippet" (1)
rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last; rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last; rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json; location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } location /.well-known/nodeinfo { return 301 $scheme://$host/index.php/.well-known/nodeinfo; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.*)$; try_files $fastcgi_script_name =404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; fastcgi_read_timeout 180; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; }
string
string
string
string
string
string
string
string
string
ingress.tls[].hosts[] (12)
- nc.${SECRET_DOMAIN}
string
string
ingress.hosts[] (1)
- nextcloud.${SECRET_DOMAIN}
string
string
string
string
string
string
boolean
ingress.main.hosts[].host (1)
nextcloud.${SECRET_DOMAIN}
string
string
string
string
ingress.main.tls[].hosts[] (1)
- nextcloud.${SECRET_DOMAIN}
string
string
boolean
string
boolean, string
string
string
string
string
string
string
externalDatabase.host (13)
postgres17-rw.database.svc.cluster.local
string
string
string
boolean
number
number
number
number
string
boolean
number
boolean
string
string
string
string
string
string
string
string
number, string
boolean
number
number
number
number
number
boolean
nginx.image.repository (7)
public.ecr.aws/nginx/nginx
string
string
boolean
nginx.config.custom (1)
upstream php-handler { server 127.0.0.1:9000; } server { # Default, IPv4 only listen 8080; # HSTS settings # WARNING: Only add the preload option once you read about # the consequences in https://hstspreload.org/. This option # will add the domain to a hardcoded list that is shipped # in all major browsers and getting removed from this list # could take several months. add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex, nofollow" always; add_header X-XSS-Protection "1; mode=block" always; # set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; # Enable gzip but do not remove ETag headers gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; # Pagespeed is not supported by Nextcloud, so if your server is built # with the `ngx_pagespeed` module, uncomment this line to disable it. #pagespeed off; # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; # Add .mjs as a file extension for javascript # Either include it in the default mime.types list # or include you can include that list explicitly and add the file extension # only for Nextcloud like below: include mime.types; types { text/javascript js mjs; } # Path to the root of your installation root /var/www/html; # Specify how to handle directories -- specifying `/index.php$request_uri` # here as the fallback means that Nginx always exhibits the desired behaviour # when a client requests a path that corresponds to a directory that exists # on the server. In particular, if that directory contains an index.php file, # that file is correctly served; if it doesn't, then the request is passed to # the front-end controller. This consistent behaviour means that we don't need # to specify custom rules for certain paths (e.g. images and other assets, # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus # `try_files $uri $uri/ /index.php$request_uri` # always provides the desired behaviour. index index.php index.html /index.php$request_uri; # Rule borrowed from `.htaccess` to handle Microsoft DAV clients location = / { if ( $http_user_agent ~ ^DavClnt ) { return 302 /remote.php/webdav/$is_args$args; } } location = /robots.txt { allow all; log_not_found off; access_log off; } # Make a regex exception for `/.well-known` so that clients can still # access it despite the existence of the regex rule # `location ~ /(\.|autotest|...)` which would otherwise handle requests # for `/.well-known`. location ^~ /.well-known { # The following 6 rules are borrowed from `.htaccess` location = /.well-known/carddav { return 301 /remote.php/dav/; } location = /.well-known/caldav { return 301 /remote.php/dav/; } # Anything else is dynamically handled by Nextcloud location ^~ /.well-known { return 301 /index.php$uri; } try_files $uri $uri/ =404; } # Rules borrowed from `.htaccess` to hide certain paths from clients location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } # Ensure this block, which passes PHP files to the PHP process, is above the blocks # which handle static assets (as seen below). If this block is not declared first, # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php` # to the URI, resulting in a HTTP 500 error response. location ~ \.php(?:$|/) { # Required for legacy support rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri; fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; #fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; fastcgi_read_timeout 200s; fastcgi_send_timeout 200s; } location ~ \.(?:css|js|svg|gif)$ { try_files $uri /index.php$request_uri; expires 6M; # Cache-Control policy borrowed from `.htaccess` access_log off; # Optional: Don't log access to assets } location ~ \.woff2?$ { try_files $uri /index.php$request_uri; expires 7d; # Cache-Control policy borrowed from `.htaccess` access_log off; # Optional: Don't log access to assets } location / { try_files $uri $uri/ /index.php$request_uri; } }
string
string
string
string
number
number
string
string
string
image.tag (11)
31.0.4-apache
string
string
boolean
boolean
string
string
string
boolean
string
string
string
string
string
string
boolean
number
redis.commonConfiguration (2)
# Enable AOF https://redis.io/topics/persistence#append-only-file appendonly yes # Disable RDB persistence, AOF persistence already enabled. save "" maxmemory 94371840 maxmemory-policy allkeys-lru
string
string
boolean
string
string
string
boolean
redis.password (1)
redis-password
string
boolean
boolean
number
number
number
number
number
boolean
number
number
number
number
number
boolean
boolean
boolean
string
string
string
string
string
metrics.image.repository (2)
xperimental/nextcloud-exporter
string
string
string
metrics.server (2)
https://nextcloud.${SERVICE_DOMAIN}
string
boolean
number
string
string
boolean
string
string
string
string
string
boolean
string
string
string
boolean
string
number
string
boolean
string
string
string
boolean
string
string
boolean
number
number
boolean
string
string
string
string
string
number
string
string
number
string
string
env.TZ (1)
${TIMEZONE}
string
lifecycle.postStartCommand[] (1)
- su
- www-data
- -s
- /bin/sh
- -c
- cd /var/www/html; ./occ upgrade; ./occ db:add-missing-indices; /bin/true
string
string
string
string
boolean
string
boolean
string
boolean
boolean
string
string
string
string
string
boolean
boolean
rbac.serviceaccount.name (1)
nextcloud-serviceaccount
string
string
string