nextcloud-previews/examples/nextcloud-podman.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: nextcloud-config
data:
    POSTGRES_USER: nextcloud
    POSTGRES_DB: nextcloud
    POSTGRES_PASSWORD: supersecretPassw0rd
    NEXTCLOUD_ADMIN_USER: administrator
    NEXTCLOUD_ADMIN_PASSWORD: adminPassw0rd
    NEXTCLOUD_TRUSTED_DOMAINS: cloud.example.com 192.168.123.22
    REDIS_HOST: 127.0.0.1
    REDIS_PORT: 6379
    TZ: Europe/Helsinki
    ## Optionally tweak these ##
    PHP_MEMORY_LIMIT: 3G
    PHP_UPLOAD_LIMIT: 10G
    
---
apiVersion: v1
kind: Pod
metadata:
  name: nextcloud
  creationTimestamp: "2022-05-25T09:38:11Z"
  labels:
    app: nextcloud
  annotations:
spec:
  volumes:
  - hostPath:
      path: /path/to/nextcloud/clamav-config    ## Path of mounted ClamAV configuration directory ##
      type: Directory
    name: clamav-config-host-1
  - hostPath:
      path: /path/to/nextcloud/app              ## Path of mounted web root on host (/var/www/nextcloud) ##
      type: Directory
    name: nextcloud-app-host-0
  - hostPath:
      path: /path/to/nextcloud/redis            ## Path of mounted Redis db dump directory ##
      type: Directory
    name: nextcloud-redis-host-0
  - name: clamav-db
    persistentVolumeClaim:
      claimName: clamav-db
  - name: nextcloud-psql
    persistentVolumeClaim:
      claimName: nextcloud-psql
  containers:

  - name: clamav
    image: docker.io/clamav/clamav:latest
    #image: ghcr.io/0ranki/clamav-docker-arm64:v1.1.0
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /var/lib/clamav
      name: clamav-db
    - mountPath: /etc/clamav
      name: clamav-config-host-1

  - name: redis
    image: docker.io/library/redis:alpine
    args:
    - redis-server
    - --save
    - 60
    - 1
    - --loglevel
    - warning
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /data
      name: nextcloud-redis-host-0

  - name: psql
    image: docker.io/postgres:14-alpine
    args:
    - postgres
    command:
    - docker-entrypoint.sh
    envFrom:
    - configMapRef:
        name: nextcloud-config
        optional: false
    resources: {}
    securityContext:
      allowPrivilegeEscalation: true
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
      privileged: false
      readOnlyRootFilesystem: false
      seLinuxOptions: {}
    volumeMounts:
    - mountPath: /var/lib/postgresql/data
      name: nextcloud-psql
    workingDir: /

  - name: app
    ## Remember to change cron container version!
    image: ghcr.io/0ranki/nextcloud-previews:latest
    ## Remember to change cron container version!
    #imagePullPolicy: never
    ports:
    - containerPort: 80
      hostPort: 8082
    envFrom:
    - configMapRef:
        name: nextcloud-config
        optional: false
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /var/www/html
      name: nextcloud-app-host-0

  - name: cron
    # Remember to change main image version!
    image: ghcr.io/0ranki/nextcloud-previews:latest
    # Remember to change main image version!
      #imagePullPolicy: never
    args:
    - busybox
    - crond
    - -f
    - -l
    - 0
    - -L
    - /dev/stdout
    env:
    - name: TZ
      value: Europe/Helsinki
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_NET_RAW
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /var/www/html
      name: nextcloud-app-host-0

#  - name: cloudflared
#    image: docker.io/cloudflare/cloudflared:latest
#    args:
#    - tunnel
#    - --no-autoupdate
#    - run
#    - --token
#    - ### CLOUDFLARE TOKEN TÄHÄN ###
#    resources: {}
#    securityContext: {}

  restartPolicy: Always

status: {}
Added Kube YAML and systemd service examples for running with Podman. 2023-11-02 21:48:38 +02:00			`apiVersion: v1`
			`kind: ConfigMap`
			`metadata:`
			`name: nextcloud-config`
			`data:`
			`POSTGRES_USER: nextcloud`
			`POSTGRES_DB: nextcloud`
			`POSTGRES_PASSWORD: supersecretPassw0rd`
			`NEXTCLOUD_ADMIN_USER: administrator`
			`NEXTCLOUD_ADMIN_PASSWORD: adminPassw0rd`
			`NEXTCLOUD_TRUSTED_DOMAINS: cloud.example.com 192.168.123.22`
			`REDIS_HOST: 127.0.0.1`
			`REDIS_PORT: 6379`
			`TZ: Europe/Helsinki`
			`## Optionally tweak these ##`
			`PHP_MEMORY_LIMIT: 3G`
			`PHP_UPLOAD_LIMIT: 10G`

			`---`
			`apiVersion: v1`
			`kind: Pod`
			`metadata:`
			`name: nextcloud`
			`creationTimestamp: "2022-05-25T09:38:11Z"`
			`labels:`
			`app: nextcloud`
			`annotations:`
			`spec:`
			`volumes:`
			`- hostPath:`
			`path: /path/to/nextcloud/clamav-config ## Path of mounted ClamAV configuration directory ##`
			`type: Directory`
			`name: clamav-config-host-1`
			`- hostPath:`
			`path: /path/to/nextcloud/app ## Path of mounted web root on host (/var/www/nextcloud) ##`
			`type: Directory`
			`name: nextcloud-app-host-0`
			`- hostPath:`
			`path: /path/to/nextcloud/redis ## Path of mounted Redis db dump directory ##`
			`type: Directory`
			`name: nextcloud-redis-host-0`
			`- name: clamav-db`
			`persistentVolumeClaim:`
			`claimName: clamav-db`
			`- name: nextcloud-psql`
			`persistentVolumeClaim:`
			`claimName: nextcloud-psql`
			`containers:`

			`- name: clamav`
			`image: docker.io/clamav/clamav:latest`
			`#image: ghcr.io/0ranki/clamav-docker-arm64:v1.1.0`
			`resources: {}`
			`securityContext:`
			`capabilities:`
			`drop:`
			`- CAP_MKNOD`
			`- CAP_NET_RAW`
			`- CAP_AUDIT_WRITE`
			`volumeMounts:`
			`- mountPath: /var/lib/clamav`
			`name: clamav-db`
			`- mountPath: /etc/clamav`
			`name: clamav-config-host-1`

			`- name: redis`
			`image: docker.io/library/redis:alpine`
			`args:`
			`- redis-server`
			`- --save`
			`- 60`
			`- 1`
			`- --loglevel`
			`- warning`
			`resources: {}`
			`securityContext:`
			`capabilities:`
			`drop:`
			`- CAP_MKNOD`
			`- CAP_NET_RAW`
			`- CAP_AUDIT_WRITE`
			`volumeMounts:`
			`- mountPath: /data`
			`name: nextcloud-redis-host-0`

			`- name: psql`
			`image: docker.io/postgres:14-alpine`
			`args:`
			`- postgres`
			`command:`
			`- docker-entrypoint.sh`
			`envFrom:`
			`- configMapRef:`
			`name: nextcloud-config`
			`optional: false`
			`resources: {}`
			`securityContext:`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`drop:`
			`- CAP_MKNOD`
			`- CAP_NET_RAW`
			`- CAP_AUDIT_WRITE`
			`privileged: false`
			`readOnlyRootFilesystem: false`
			`seLinuxOptions: {}`
			`volumeMounts:`
			`- mountPath: /var/lib/postgresql/data`
			`name: nextcloud-psql`
			`workingDir: /`

			`- name: app`
			`## Remember to change cron container version!`
27.1.4, updated build action - Uses docker/build-push-action running on QEMU with docker/setup-qemu-action - Image name changed, dropped the /nextcloud from the end. New images will be available as ghcr.io/0ranki/nextcloud-previews:<tag> - Old image name still works, will stop pushing them at some point 2023-11-30 20:17:20 +02:00			`image: ghcr.io/0ranki/nextcloud-previews:latest`
Added Kube YAML and systemd service examples for running with Podman. 2023-11-02 21:48:38 +02:00			`## Remember to change cron container version!`
			`#imagePullPolicy: never`
			`ports:`
			`- containerPort: 80`
			`hostPort: 8082`
			`envFrom:`
			`- configMapRef:`
			`name: nextcloud-config`
			`optional: false`
			`resources: {}`
			`securityContext:`
			`capabilities:`
			`drop:`
			`- CAP_MKNOD`
			`- CAP_NET_RAW`
			`- CAP_AUDIT_WRITE`
			`volumeMounts:`
			`- mountPath: /var/www/html`
			`name: nextcloud-app-host-0`

			`- name: cron`
			`# Remember to change main image version!`
27.1.4, updated build action - Uses docker/build-push-action running on QEMU with docker/setup-qemu-action - Image name changed, dropped the /nextcloud from the end. New images will be available as ghcr.io/0ranki/nextcloud-previews:<tag> - Old image name still works, will stop pushing them at some point 2023-11-30 20:17:20 +02:00			`image: ghcr.io/0ranki/nextcloud-previews:latest`
Added Kube YAML and systemd service examples for running with Podman. 2023-11-02 21:48:38 +02:00			`# Remember to change main image version!`
			`#imagePullPolicy: never`
			`args:`
			`- busybox`
			`- crond`
			`- -f`
			`- -l`
			`- 0`
			`- -L`
			`- /dev/stdout`
			`env:`
			`- name: TZ`
			`value: Europe/Helsinki`
			`resources: {}`
			`securityContext:`
			`capabilities:`
			`drop:`
			`- CAP_MKNOD`
			`- CAP_NET_RAW`
			`- CAP_AUDIT_WRITE`
			`volumeMounts:`
			`- mountPath: /var/www/html`
			`name: nextcloud-app-host-0`

			`# - name: cloudflared`
			`# image: docker.io/cloudflare/cloudflared:latest`
			`# args:`
			`# - tunnel`
			`# - --no-autoupdate`
			`# - run`
			`# - --token`
			`# - ### CLOUDFLARE TOKEN TÄHÄN ###`
			`# resources: {}`
			`# securityContext: {}`

			`restartPolicy: Always`

			`status: {}`