Sync config files from nextcloud/docker repo; Add S3/Swift object storage config; Add S3 ci test; Add nextcloud.trustedDomains
#464
Conversation
|
Since it's taking a bit for my PR to be merged upstream, I'll try to spend some time on this later today to get it ready for merge without the encryption feature to start with. Perhaps it also makes sense to have a nextcloud:
objectStore:
s3:
enabled: true
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
accessKey: ""
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
secretKey: ""
# only required if you're not using AWS
endpoint: ""
# default port that can be changed based on your object store, e.g. for minio, you can use 9000
port: "443"
# this is the default in the nextcloud docs
region: "eu-west-1"
bucket: ""
ssl: true
# set to true if you are not using DNS for your buckets.
usePathStyle: false
existingSecret: "" |
|
I've removed the encryption key setting for now, so this could still be merged, but I haven't tested this, so it should still wait another week or two while I make sure it works without the encryption key. |
jessebot
added
2. developing
|
any plan for this to be merged? |
|
any blocker to this @jessebot |
|
No, I just was just really busy before. Let me take a look at the code now and see what's left to be done here :) |
|
gonna take a peak locally and push up some changes as nextcloud/docker#2151 was merged so we now have encryption as well :) |
jessebot
added
3. to review
|
This should be ready for review now :) Unless #480 gets merged first, then I need to update this PR again. |
|
I'd rather wait for the other PR, it has been open so long already. |
|
Sounds good to me :) |
|
As discussed in #480, I will refactor this to use the new config file format and then we can review and merge. |
jessebot
force-pushed
the
add-s3-default-configs
branch
from
a48b146
to
7fe9a3c
Compare
|
Actually, in the interest of resolving #477, should I just go ahead and add the following to the values? nextcloud:
objectStore:
s3:
enabled: true
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
accessKey: ""
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
secretKey: ""
# only required if you're not using AWS
endpoint: ""
# default port that can be changed based on your object store, e.g. for minio, you can use 9000
port: "443"
# this is the default in the nextcloud docs
region: "eu-west-1"
bucket: ""
ssl: true
# set to true if you are not using DNS for your buckets.
usePathStyle: false
existingSecret: ""Open to suggestions and feedback on better organizing this, but it feels like we could accommodate this, rather than making users manually set the env vars? |
|
How about adding the other missing configs (especially https://github.com/nextcloud/docker/blob/master/.config/upgrade-disable-web.config.php) and checking if the other ones are up-to-date? |
jessebot
changed the title
nextcloud.trustedDomainsnextcloud.trustedDomains
jessebot
force-pushed
the
add-s3-default-configs
branch
2 times, most recently
from
bb77a8b
to
84c9f37
Compare
|
OK! This is finally ready for review, @provokateurin :) |
There was a problem hiding this comment.
Could you try to separate the changes into a few commits e.g.:
- update existing config files
- add new/missing config files
- add s3 and swift values.yaml
- add s3 test
It doesn't need to be exactly these commits, but if anything here breaks something down the road it will be a lot easier to bisect if it's not a single commit.
|
Very nice work btw ❤️ |
Sure, I can do that when I get home later. I assumed you'd ask for it to be in all one commit, so I did this to solve that, but also, since we typically do a squash and merge, does this mean you'd like me to do a normal merge commit after I finish teasing apart the commits? Happy to do it, just making sure :) |
|
Well I prefer a clean history where every commit has a purpose and does only one thing. So neither fixup commits nor mega commits are great, just smallish concrete ones. |
Synchronizes default config.php files from nextcloud/docker to add file env vars: - Redis: Adds REDIS_HOST_PASSWORD_FILE, cleans up formatting to match upstream - Autoconfig: Adds MYSQL_DATABASE_FILE, MYSQL_USER_FILE, MYSQL_PASSWORD_FILE, POSTGRES_DB_FILE, POSTGRES_USER_FILE, and POSTGRES_PASSWORD_FILE - smtp: adds SMTP_PASSWORD_FILE Signed-off-by: jessebot <[email protected]>
…config.php files Signed-off-by: jessebot <[email protected]>
…ameters - also updates README and values.yaml examples Signed-off-by: jessebot <[email protected]>
Adding this directly helps with setting multiple values via helm parameters, instead of needing to pass in a whole config file. Signed-off-by: jessebot <[email protected]>
- Tests enabling bare minimum parameters to use S3 Object store as your primary storage. - Spin up a small MinIO instance to test that uploading a file via DAV actually creates the nextcloud storage bucket and puts the file into it. - Also changes main test name from run-tests to test Signed-off-by: jessebot <[email protected]>
jessebot
force-pushed
the
add-s3-default-configs
branch
from
84c9f37
to
c209445
Compare
|
OK, I think all the commits are reasonable now. It took me kind of a while to get it together, because splitting a commit can't really be done in any easy way, but like, we should be good now! Oh, when merging, do you want to do a "merge commit" or "rebase and merge"? |
|
Merge commit ;) But honestly do what you find best, as long as it works for you 🤷♀️ |
|
Okie dokie. I still need an approval, but then we can get this out the door :) |
jessebot
added
the
CI/CD
Description of the change
nextcloud/dockerconfig files:charts/nextcloud/files/defaultConfigs/autoconfig.php.tplcharts/nextcloud/files/defaultConfigs/redis.config.php.tplcharts/nextcloud/files/defaultConfigs/reverse-proxy.config.php.tpl🆕charts/nextcloud/files/defaultConfigs/s3.config.php.tpl🆕charts/nextcloud/files/defaultConfigs/smtp.config.php.tplcharts/nextcloud/files/defaultConfigs/swift.config.php.tpl🆕charts/nextcloud/files/defaultConfigs/upgrade-disable-web.config.php.tpl🆕Note
If you were already manually providing
s3.config.php,reverse-proxy.config.php,swift.config.php, orupgrade-disable-web.config.php, you can disable us deploying a default file for you by setting the respectivenextcloud.defaultConfigs.FILEto false. For instance, to disable the defaults3.config.php, you would setnextcloud.defaultConfigs.s3.config.php=false.Adds
nextcloud.objectStore.s3to use S3 for primary storage:click me for new
nextcloud.objectStore.s3valuesAdds
nextcloud.objectStore.swiftto use OpenStack Swift for primary storage:click me for new
nextcloud.objectStore.swiftvaluesadds a new ci
test_casefor enabling S3 as a primary object storeadds
nextcloud.trustedDomainsas a helm parameter. Takes a list that, if set, we then template out to a space separated list. Otherwise, we still use our default templating for that parameter (which usesnextcloud.host)rename
run-testsjob totestsince the job before it is just calledlintand it keeps the check names from truncating as much in the following view (can't be longer than 30 characters):Benefits
This lets users use both
nextcloud.configsand still use the nextcloud/docker auto configuration via environment variables. Prior to this change, you had to use one or the other when it came to s3 as primary object storage.Possible drawbacks
not sure 🤷 but always open to feedback :)
Applicable issues
nextcloud.objectStore.s3section in the values.yaml #477Checklist
Chart.yamlaccording to semver.