Merge branch 'full-chart'

Author: Your Name

charts/opencloud-full/Chart.yaml

@@ -9,9 +9,9 @@ maintainers:
     email: [email protected]
     url: https://opencloud.eu
 type: application
-version: 2.0.3
+version: 2.0.4
 # renovate: datasource=docker depName=opencloudeu/opencloud-rolling
-appVersion: 2.0.2
+appVersion: 2.3.0
 kubeVersion: ""
 sources:
   - https://github.com/opencloud-eu/opencloud

charts/opencloud-full/deployments/helm/helmfile.yaml

@@ -29,6 +29,14 @@ releases:
       - minio:
           enabled: true # Enable MinIO for object storage.
           domain: minio.opencloud.test # Domain for MinIO.
+          config:
+            persistence:
+              size: "40Gi"
+      - onlyoffice:
+          enabled: true
+          domain: onlyoffice.opencloud.test # Domain for OnlyOffice.
+          persistence:
+            size: "2Gi" # Added
 
       # --- Networking Configuration ---
       - ingress:
@@ -103,26 +111,32 @@ releases:
           nats:
             persistence:
               enabled: true
+              size: "10Gi"
           search:
             persistence:
               enabled: true
+              size: "10Gi"
             extractor:
               type: tika
           storagesystem:
             persistence:
               enabled: true
+              size: "5Gi"
           storageusers:
             persistence:
               enabled: true
+              size: "50Gi"
             storageBackend:
               driver: decomposeds3
 
           thumbnails:
             persistence:
               enabled: true
+              size: "10Gi"
           web:
             persistence:
               enabled: true
+              size: "1Gi"
             config:
               oidc:
                 webClientID: web
@@ -194,6 +208,11 @@ releases:
           idm:
             persistence:
               enabled: false
+              size: "10Gi"
+          ocm:
+            persistence:
+              enabled: false
+              size: "1Gi"
       - extraResources:
           - |
             apiVersion: v1

charts/opencloud-full/deployments/timoni/configmap.yaml

@@ -17,36 +17,46 @@ data:
   APPS_INTEGRATION_ENABLED: "true"
   WEB_OIDC_WEB_CLIENT_ID: "web"
   IDM_PERSISTENCE_ENABLED: "false"
-  SEARCH_EXTRACTOR_TYPE: "tika"
-  STORAGE_USERS_BACKEND_DRIVER: "decomposeds3"
-
-  OIDC_IDP_INSECURE: "true"
-  OC_HTTP_API_INSECURE: "true"
-
+  IDM_PERSISTENCE_SIZE: "10Gi"
   NATS_PERSISTENCE_ENABLED: "true"
+  NATS_PERSISTENCE_SIZE: "10Gi"
+  OCM_PERSISTENCE_ENABLED: "false"
+  OCM_PERSISTENCE_SIZE: "1Gi"
+  ONLYOFFICE_PERSISTENCE_SIZE: "2Gi"
+  SEARCH_EXTRACTOR_TYPE: "tika"
   SEARCH_PERSISTENCE_ENABLED: "true"
+  SEARCH_PERSISTENCE_SIZE: "10Gi"
+  STORAGE_USERS_BACKEND_DRIVER: "decomposeds3"
   STORAGE_SYSTEM_PERSISTENCE_ENABLED: "true"
+  STORAGE_SYSTEM_PERSISTENCE_SIZE: "5Gi"
   STORAGE_USERS_PERSISTENCE_ENABLED: "true"
+  STORAGE_USERS_PERSISTENCE_SIZE: "50Gi"
   THUMBNAILS_PERSISTENCE_ENABLED: "true"
+  THUMBNAILS_PERSISTENCE_SIZE: "10Gi"
   WEB_PERSISTENCE_ENABLED: "true"
+  WEB_PERSISTENCE_SIZE: "1Gi"
+
+  OIDC_IDP_INSECURE: "true"
+  OC_HTTP_API_INSECURE: "true"
 
   ###############################################################################
   # Keycloak Configuration
   ###############################################################################
   KEYCLOAK_DOMAIN: "keycloak.opencloud.test"
   KEYCLOAK_ENABLED: "true"
-  # KEYCLOAK_ADMIN_PASSWORD: "admin" # Removed from configmap
+
 
   ###############################################################################
   # Minio Configuration
   ###############################################################################
   MINIO_DOMAIN: "minio.opencloud.test"
   MINIO_ENABLED: "true"
+  MINIO_PERSISTENCE_SIZE: "40Gi"
 
   ###############################################################################
   # LDAP Configuration
   ###############################################################################
-  LDAP_URI: "ldaps://openldap.openldap.svc.cluster.local:389"
+  LDAP_URI: "ldaps://openldap.openldap.svc.cluster.local:636"
   LDAP_GLOBAL_DOMAIN: "opencloud.eu"
   LDAP_WRITEABLE: "true"
   LDAP_INSECURE: "true"
@@ -84,6 +94,7 @@ data:
   # OnlyOffice Configuration
   ###############################################################################
   ONLYOFFICE_URI: "https://onlyoffice.opencloud.test"
+  ONLYOFFICE_DOMAIN: "onlyoffice.opencloud.test"
   ONLYOFFICE_ICON_URI: "https://onlyoffice.opencloud.test/web-apps/apps/documenteditor/main/resources/img/favicon.ico"
   ONLYOFFICE_ENABLED: "true"
   ONLYOFFICE_INSECURE: "true"

charts/opencloud-full/deployments/timoni/opencloud.cue

@@ -14,7 +14,7 @@ bundle: {
                 }
                 chart: {
                     name:    "opencloud-full"
-                    version: "2.0.3"
+                    version: "2.0.4"
                 }
                 sync: {
                     timeout: 5
@@ -38,11 +38,16 @@ bundle: {
                     minio: {
                         enabled: bool @timoni(runtime:bool:MINIO_ENABLED)
                         domain: string @timoni(runtime:string:MINIO_DOMAIN)
+                        persistenceSize: string @timoni(runtime:string:MINIO_PERSISTENCE_SIZE)
                         config: {
                             rootPassword: string @timoni(runtime:string:MINIO_ROOT_PASSWORD)
                         }
                     }
                     onlyoffice: {
+                        domain: string @timoni(runtime:string:ONLYOFFICE_DOMAIN)
+                        persistence: {
+                            size: string @timoni(runtime:string:ONLYOFFICE_PERSISTENCE_SIZE)
+                        }
                         config: {
                             coAuthoring: {
                                 secret: {
@@ -150,11 +155,13 @@ bundle: {
                         nats: {
                             persistence: {
                                 enabled: bool @timoni(runtime:bool:NATS_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:NATS_PERSISTENCE_SIZE)
                             }
                         }
                         search: {
                             persistence: {
                                 enabled: bool @timoni(runtime:bool:SEARCH_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:SEARCH_PERSISTENCE_SIZE)
                             }
                             extractor: {
                                 type: string @timoni(runtime:string:SEARCH_EXTRACTOR_TYPE)
@@ -163,11 +170,13 @@ bundle: {
                         storagesystem: {
                             persistence: {
                                 enabled: bool @timoni(runtime:bool:STORAGE_SYSTEM_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:STORAGE_SYSTEM_PERSISTENCE_SIZE)
                             }
                         }
                         storageusers: {
                             persistence: {
                                 enabled: bool @timoni(runtime:bool:STORAGE_USERS_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:STORAGE_USERS_PERSISTENCE_SIZE)
                             }
                             storageBackend: {
                                 driver: string @timoni(runtime:string:STORAGE_USERS_BACKEND_DRIVER)
@@ -176,11 +185,13 @@ bundle: {
                         thumbnails: {
                             persistence: {
                                 enabled: bool @timoni(runtime:bool:THUMBNAILS_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:THUMBNAILS_PERSISTENCE_SIZE)
                             }
                         }
                         web: {
                             persistence: {
                                 enabled: bool @timoni(runtime:bool:WEB_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:WEB_PERSISTENCE_SIZE)
                             }
                             config: {
                                 oidc: {
@@ -299,6 +310,13 @@ bundle: {
                         idm: {
                             persistence: {
                                 enabled: bool @timoni(runtime:bool:IDM_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:IDM_PERSISTENCE_SIZE)
+                            }
+                        }
+                        ocm: {
+                            persistence: {
+                                enabled: bool @timoni(runtime:bool:OCM_PERSISTENCE_ENABLED)
+                                size: string @timoni(runtime:string:OCM_PERSISTENCE_SIZE)
                             }
                         }
                     }

charts/opencloud-full/deployments/timoni/runtime.cue

@@ -47,6 +47,7 @@ runtime: {
                 "EXTERNAL_DOMAIN":           "obj.data.EXTERNAL_DOMAIN"
                 "KEYCLOAK_DOMAIN":           "obj.data.KEYCLOAK_DOMAIN"
                 "MINIO_DOMAIN":              "obj.data.MINIO_DOMAIN"
+                "MINIO_PERSISTENCE_SIZE":    "obj.data.MINIO_PERSISTENCE_SIZE"
                 "LDAP_URI":                  "obj.data.LDAP_URI"
                 "OIDC_ISSUER_URI":           "obj.data.OIDC_ISSUER_URI"
                 "COLLABORA_URI":             "obj.data.COLLABORA_URI"
@@ -91,16 +92,26 @@ runtime: {
                 "STORAGE_USERS_BACKEND_DRIVER": "obj.data.STORAGE_USERS_BACKEND_DRIVER"
                 "WEB_OIDC_WEB_CLIENT_ID": "obj.data.WEB_OIDC_WEB_CLIENT_ID"
                 "IDM_PERSISTENCE_ENABLED": "obj.data.IDM_PERSISTENCE_ENABLED"
+                "IDM_PERSISTENCE_SIZE": "obj.data.IDM_PERSISTENCE_SIZE"
+                "OCM_PERSISTENCE_ENABLED": "obj.data.OCM_PERSISTENCE_ENABLED"
+                "OCM_PERSISTENCE_SIZE": "obj.data.OCM_PERSISTENCE_SIZE"
                 "OPENLDAP_LTB_PASSWD_ENABLED": "obj.data.OPENLDAP_LTB_PASSWD_ENABLED"
                 "OPENLDAP_REPLICATION_ENABLED": "obj.data.OPENLDAP_REPLICATION_ENABLED"
                 "OIDC_IDP_INSECURE": "obj.data.OIDC_IDP_INSECURE"
                 "OC_HTTP_API_INSECURE": "obj.data.OC_HTTP_API_INSECURE"
                 "NATS_PERSISTENCE_ENABLED": "obj.data.NATS_PERSISTENCE_ENABLED"
+                "NATS_PERSISTENCE_SIZE": "obj.data.NATS_PERSISTENCE_SIZE"
                 "SEARCH_PERSISTENCE_ENABLED": "obj.data.SEARCH_PERSISTENCE_ENABLED"
+                "SEARCH_PERSISTENCE_SIZE": "obj.data.SEARCH_PERSISTENCE_SIZE"
                 "STORAGE_SYSTEM_PERSISTENCE_ENABLED": "obj.data.STORAGE_SYSTEM_PERSISTENCE_ENABLED"
+                "STORAGE_SYSTEM_PERSISTENCE_SIZE": "obj.data.STORAGE_SYSTEM_PERSISTENCE_SIZE"
                 "STORAGE_USERS_PERSISTENCE_ENABLED": "obj.data.STORAGE_USERS_PERSISTENCE_ENABLED"
+                "STORAGE_USERS_PERSISTENCE_SIZE": "obj.data.STORAGE_USERS_PERSISTENCE_SIZE"
                 "THUMBNAILS_PERSISTENCE_ENABLED": "obj.data.THUMBNAILS_PERSISTENCE_ENABLED"
+                "THUMBNAILS_PERSISTENCE_SIZE": "obj.data.THUMBNAILS_PERSISTENCE_SIZE"
                 "WEB_PERSISTENCE_ENABLED": "obj.data.WEB_PERSISTENCE_ENABLED"
+                "WEB_PERSISTENCE_SIZE": "obj.data.WEB_PERSISTENCE_SIZE"
+                "ONLYOFFICE_PERSISTENCE_SIZE": "obj.data.ONLYOFFICE_PERSISTENCE_SIZE"
             }
         }
     ]
@@ -132,6 +143,8 @@ runtime: {
         OPENCLOUD_LOGGING_LEVEL: "debug"
         KEYCLOAK_ENABLED: true
         MINIO_ENABLED: true
+        MINIO_PERSISTENCE_SIZE: "40Gi"
+        ONLYOFFICE_DOMAIN: strings.TrimPrefix(strings.TrimPrefix(parameter.ONLYOFFICE_URI, "https://"), "http://")
         INGRESS_ENABLED: false
         INGRESS_CLASS_NAME: "nginx"
         INGRESS_PROXY_BODY_SIZE: "1024m"
@@ -174,6 +187,16 @@ runtime: {
         STORAGE_USERS_PERSISTENCE_ENABLED: true
         THUMBNAILS_PERSISTENCE_ENABLED: true
         WEB_PERSISTENCE_ENABLED: true
+        IDM_PERSISTENCE_SIZE: "10Gi"
+        OCM_PERSISTENCE_ENABLED: false
+        OCM_PERSISTENCE_SIZE: "1Gi"
+        NATS_PERSISTENCE_SIZE: "10Gi"
+        SEARCH_PERSISTENCE_SIZE: "10Gi"
+        STORAGE_SYSTEM_PERSISTENCE_SIZE: "5Gi"
+        STORAGE_USERS_PERSISTENCE_SIZE: "50Gi"
+        THUMBNAILS_PERSISTENCE_SIZE: "10Gi"
+        WEB_PERSISTENCE_SIZE: "1Gi"
+        ONLYOFFICE_PERSISTENCE_SIZE: "2Gi"
 
         LDAP_ENABLED: true
         TIKA_ENABLED: true

charts/opencloud-full/templates/_common/_tplvalues.tpl

@@ -77,6 +77,7 @@ Adds the app names to the scope and set the name of the app based on the input p
   {{- $_ := set .scope "appNameAppRegistry" "appregistry" -}}
   {{- $_ := set .scope "appNameAudit" "audit" -}}
   {{- $_ := set .scope "appNameAuthMachine" "authmachine" -}}
+  {{- $_ := set .scope "appNameAuthApp" "authapp" -}}
   {{- $_ := set .scope "appNameAuthService" "authservice" -}}
   {{- $_ := set .scope "appNameAntivirus" "antivirus" -}}
   {{- $_ := set .scope "appNameClientlog" "clientlog" -}}

charts/opencloud-full/templates/auth-app/deployment.yaml

@@ -0,0 +1,87 @@
+{{- include "oc.basicServiceTemplates" (dict "scope" . "appName" "appNameAuthApp" "appNameSuffix" "") -}}
+apiVersion: apps/v1
+kind: Deployment
+{{ include "oc.metadata" . }}
+spec:
+  {{- include "oc.selector" . | nindent 2 }}
+  {{- if and (not .Values.autoscaling.enabled) (.Values.replicas) }}
+  replicas: {{ .Values.replicas }}
+  {{- end }}
+  {{- include "oc.deploymentStrategy" . | nindent 2 }}
+  template:
+    {{- include "oc.templateMetadata" (dict "scope" $ "configCheck" false) | nindent 4 }}
+    spec:
+      {{- include "oc.affinity" $ | nindent 6 }}
+      {{- include "oc.securityContextAndtopologySpreadConstraints" . | nindent 6 }}
+      {{- include "oc.priorityClassName" $.priorityClassName | nindent 6 }}
+      {{- include "oc.hostAliases" $ | nindent 6 }}
+      nodeSelector: {{ toYaml $.nodeSelector | nindent 8 }}
+      containers:
+        - name: {{ .appName }}
+          {{- include "oc.image" $ | nindent 10 }}
+          command: ["opencloud"]
+          args: ["auth-app", "server"]
+          {{- include "oc.containerSecurityContext" . | nindent 10 }}
+          env:
+            {{- include "oc.serviceRegistry" . | nindent 12 }}
+
+            - name: AUTH_APP_LOG_COLOR
+              value: {{ .Values.logging.color | quote }}
+            - name: AUTH_APP_LOG_LEVEL
+              value: {{ .Values.logging.level | quote }}
+            - name: AUTH_APP_LOG_PRETTY
+              value: {{ .Values.logging.pretty | quote }}
+
+            - name: AUTH_APP_TRACING_ENABLED
+              value: "{{ .Values.tracing.enabled }}"
+            - name: AUTH_APP_TRACING_TYPE
+              value: {{ .Values.tracing.type | quote }}
+            - name: AUTH_APP_TRACING_ENDPOINT
+              value: {{ .Values.tracing.endpoint | quote }}
+            - name: AUTH_APP_TRACING_COLLECTOR
+              value: {{ .Values.tracing.collector | quote }}
+
+            - name: AUTH_APP_DEBUG_PPROF
+              value: {{ .Values.debug.profiling | quote }}
+
+            - name: AUTH_APP_GRPC_ADDR
+              value: 127.0.0.1:9246
+            - name: AUTH_APP_DEBUG_ADDR
+              value: 127.0.0.1:9245
+            - name: AUTH_APP_HTTP_ADDR
+              value: 127.0.0.1:9247
+            - name: AUTH_APP_HTTP_ROOT
+              value: /
+
+            - name: AUTH_APP_JWT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ include "secrets.jwtSecret" . }}
+                  key: jwt-secret
+
+
+
+            {{- include "oc.caEnv" $ | nindent 12}}
+
+          {{- include "oc.livenessProbe" . | nindent 10 }}
+
+          resources: {{ toYaml .resources | nindent 12 }}
+
+          ports:
+            - name: grpc
+              containerPort: 9246
+            - name: http
+              containerPort: 9247
+            - name: metrics-debug
+              containerPort: 9245
+
+          volumeMounts:
+            - name: tmp-volume
+              mountPath: /tmp
+            {{- include "oc.caPath" $ | nindent 12}}
+
+      {{- include "oc.imagePullSecrets" $ | nindent 6 }}
+      volumes:
+        - name: tmp-volume
+          emptyDir: {}
+        {{- include "oc.caVolume" $ | nindent 8}}

charts/opencloud-full/templates/auth-app/hpa.yaml

@@ -0,0 +1,3 @@
+{{- include "oc.basicServiceTemplates" (dict "scope" . "appName" "appNameAuthApp" "appNameSuffix" "") -}}
+{{- $_ := set . "autoscaling" (default (default (dict) .Values.autoscaling) .Values.services.authmachine.autoscaling) -}}
+{{ include "oc.hpa" . }}

charts/opencloud-full/templates/auth-app/pdb.yaml

@@ -0,0 +1,2 @@
+{{- include "oc.basicServiceTemplates" (dict "scope" . "appName" "appNameAuthApp" "appNameSuffix" "") -}}
+{{ include "oc.pdb" . }}