first version of opencloud helm charts

Author: feri

README.md

@@ -10,6 +10,79 @@ This repository is created to **welcome contributions from the community**. It d
 
 ## 📦 Installing the Helm Charts
 
+Currently only deployment from the file system is supported:
+
+```
+$ helm install opencloud -n opencloud --create-namespace ./charts/opencloud --set=adminPassword="<MY-SECURE-PASSWORD>" --set=url="<PUBLIC-URL>"
+```
+
+It is important the the public-url is reachable, and forwarded to the backend-service opencloud-service:443,
+otherwise login will not be possible or the message "missing or invalid config" is shown.
+
+An example ingress for nginx with cert-manager annotations is in ./inwork/opencloud-ingress.yaml.
+
+
+For testing with the default settings port-forwarding from localhost can be used:
+
+```
+$ helm install opencloud -n opencloud --create-namespace ./charts/opencloud
+
+  Release "opencloud" does not exist. Installing it now.
+  NAME: opencloud
+  LAST DEPLOYED: Wed Apr  2 01:16:19 2025
+  NAMESPACE: opencloud
+  STATUS: deployed
+  REVISION: 1
+  TEST SUITE: None
+```
+
+Establish a port-forwarding from localhost
+
+```
+$ kubectl port-forward -n opencloud svc/opencloud-service 9200:443
+
+  Forwarding from 127.0.0.1:9200 -> 9200
+  Forwarding from [::1]:9200 -> 9200
+  ...
+```
+
+Now open in a browser the url: [https://localhost:9200](https://localhost:9200) while 
+the port forwarding is active.
+
+You need to accept the risc of a self signed certificate.
+(see [Common Issues & Help](https://docs.opencloud.eu/docs/admin/getting-started/docker/#troubleshooting)) in 
+the getting started with Docker documentation.
+
+Now you can login with the default admin / admin
+
+If you want to change the public URL you can upgrade the deployment with the following command:
+
+```
+$ helm upgrade opencloud -n opencloud ./charts/opencloud --set=url="<NEW-PUBLIC-URL>"
+
+  Release "opencloud" has been upgraded. Happy Helming!
+  NAME: opencloud
+  LAST DEPLOYED: Wed Apr  2 01:42:51 2025
+  NAMESPACE: opencloud
+  STATUS: deployed
+  REVISION: 2
+  TEST SUITE: None
+```
+
+The opencloud deployment will be restarted and is availble after a few seconds configured for the new url.
+
+If you want to uninstall opencloud this can be done with 
+
+ATTENTION: all you data will be lost, PVCs are not kept at the moment.
+
+```
+$ helm uninstall -n opencloud opencloud
+
+  release "opencloud" uninstalled
+```
+
+
+
 (please add)
 
 ## 💡 Contributing

charts/opencloud/Chart.yaml

@@ -0,0 +1,15 @@
+apiVersion: v2
+type: application
+name: opencloud
+version: 0.1.0
+description: Plain deployment of the OpenCloud dockerfile.
+  The initial helm chart follows the description given for starting a docker instance
+  https://docs.opencloud.eu/docs/admin/getting-started/docker
+  It is thought as a first starting point.
+home: https://github.com/opencloud-eu/helm
+image: https://raw.githubusercontent.com/opencloud-eu/opencloud/refs/heads/main/opencloud_logo.png
+sources:
+- https://github.com/kubernetes/ingress-nginx
+appVersion: 2.0.0
+
+

charts/opencloud/templates/opencloud-config-pvc.yaml

@@ -0,0 +1,13 @@
+# TODO: move to ConfigMap
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: opencloud-config-pvc
+  labels:
+    app: opencloud
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Mi

charts/opencloud/templates/opencloud-data-pvc.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: opencloud-data-pvc
+  labels:
+    app: opencloud
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.pvcSize }}

charts/opencloud/templates/opencloud-deployment.yaml

@@ -0,0 +1,38 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: opencloud
+  labels:
+    app: opencloud  
+spec:
+  selector:
+    matchLabels:
+      app: opencloud
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: opencloud
+    spec:
+      containers:
+      - name: opencloud
+        image: "{{ .Values.image }}:{{ .Values.tag}}"
+        env:
+        - name: OC_INSECURE
+          value: "{{ .Values.insecure }}"
+        - name: PROXY_HTTP_ADDR
+          value: "{{ .Values.proxyHttpAddr }}"
+        - name: OC_URL
+          value: "{{ .Values.url }}"
+        volumeMounts:
+          - name: opencloud-config
+            mountPath: /etc/opencloud
+          - name: opencloud-data
+            mountPath: /var/lib/opencloud                  
+      volumes:
+        - name: opencloud-config
+          persistentVolumeClaim:
+            claimName: opencloud-config-pvc
+        - name: opencloud-data
+          persistentVolumeClaim:
+            claimName: opencloud-data-pvc

charts/opencloud/templates/opencloud-init.yaml

@@ -0,0 +1,35 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: opencloud-init
+  annotations:
+    # This is what defines this resource as a hook. Without this line, the
+    # job is considered part of the release.
+    "helm.sh/hook": post-install
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+  template:
+    spec:
+      containers:
+      - name: opencloud
+        image: "{{ .Values.image }}:{{ .Values.tag}}"
+        env:
+        - name: IDM_ADMIN_PASSWORD
+          value: {{ .Values.adminPassword }}
+        - name: OC_INSECURE
+          value: "{{ .Values.insecure }}"
+        volumeMounts:
+        - name: opencloud-config
+          mountPath: /etc/opencloud
+        - name: opencloud-data
+          mountPath: /var/lib/opencloud
+        # command: ["/usr/bin/opencloud"]
+        args: ["init"]
+      volumes:
+        - name: opencloud-config
+          persistentVolumeClaim:
+            claimName: opencloud-config-pvc
+        - name: opencloud-data
+          persistentVolumeClaim:
+            claimName: opencloud-data-pvc
+      restartPolicy: Never

charts/opencloud/templates/opencloud-service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: opencloud-service
+  labels:
+    app: opencloud
+spec:
+  selector:
+    app: opencloud
+  ports:
+  - name: https
+    port: 443
+    protocol: TCP
+    targetPort: 9200

charts/opencloud/values.yaml

@@ -0,0 +1,14 @@
+# follow the description given for starting a docker instance 
+# https://docs.opencloud.eu/docs/admin/getting-started/docker
+
+image: opencloudeu/opencloud-rolling
+tag: 2.0.0
+
+adminPassword: admin
+insecure: true
+proxyHttpAddr: 0.0.0.0:9200
+url: https://localhost:9200
+
+pvcSize: 10Gi
+
+  

examples/opencloud-ingress.yaml

@@ -0,0 +1,26 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: opencloud-ingress
+  annotations:
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
+    cert-manager.io/cluster-issuer: letsencrypt-production  
+  labels:
+    app: opencloud
+spec:
+  ingressClassName: nginx
+  tls:
+    - secretName: opencloud-ssl
+      hosts:
+      - opencloud.k8s.cluster-4.de          
+  rules:
+  - host: "opencloud.k8s.cluster-4.de"
+    http:
+      paths:
+        - pathType: Prefix
+          path: "/"
+          backend:
+            service:
+              name: opencloud-service
+              port:
+                number: 443