From c680006ddd18021cc0dd330060511535e9c8f3f4 Mon Sep 17 00:00:00 2001 From: "Winston R. Milling" Date: Sun, 16 Feb 2025 12:08:00 -0600 Subject: [PATCH] OCIS: Don't think it's worth it still --- kube-system/nfs-pv/ocis-pv.yaml | 36 ------ owncloud/namespace.yaml | 7 -- owncloud/ocis/minio.yaml | 68 ---------- owncloud/ocis/ocis.secret.yaml | 14 --- owncloud/ocis/ocis.yaml | 214 -------------------------------- owncloud/ocis/pvc.yaml | 116 ----------------- 6 files changed, 455 deletions(-) delete mode 100644 kube-system/nfs-pv/ocis-pv.yaml delete mode 100644 owncloud/namespace.yaml delete mode 100644 owncloud/ocis/minio.yaml delete mode 100644 owncloud/ocis/ocis.secret.yaml delete mode 100644 owncloud/ocis/ocis.yaml delete mode 100644 owncloud/ocis/pvc.yaml diff --git a/kube-system/nfs-pv/ocis-pv.yaml b/kube-system/nfs-pv/ocis-pv.yaml deleted file mode 100644 index b6bfd9999..000000000 --- a/kube-system/nfs-pv/ocis-pv.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolume -metadata: - name: nfs-ocis-pv - namespace: owncloud -spec: - storageClassName: ocis - capacity: - storage: 1Mi - accessModes: - - ReadWriteMany - persistentVolumeReclaimPolicy: Retain - nfs: - server: 10.10.10.30 - path: "/mnt/tardisk/ocis" - mountOptions: - - nfsvers=4.1 - - tcp - - intr - - hard - - noatime - - nodiratime ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: nfs-ocis-pvc - namespace: owncloud -spec: - accessModes: - - ReadWriteMany - storageClassName: ocis - resources: - requests: - storage: 1Mi diff --git a/owncloud/namespace.yaml b/owncloud/namespace.yaml deleted file mode 100644 index 8268a2888..000000000 --- a/owncloud/namespace.yaml +++ /dev/null @@ -1,7 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: owncloud - annotations: - # volsync.backube/privileged-movers: "true" diff --git a/owncloud/ocis/minio.yaml b/owncloud/ocis/minio.yaml deleted file mode 100644 index 62d0f893e..000000000 --- a/owncloud/ocis/minio.yaml +++ /dev/null @@ -1,68 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: ocis-minio - namespace: owncloud -spec: - interval: 5m - chart: - spec: - # renovate: registryUrl=https://charts.min.io/ - chart: minio - version: 5.4.0 - sourceRef: - kind: HelmRepository - name: minio-charts - namespace: flux-system - interval: 5m - values: - image: - repository: quay.io/minio/minio - tag: RELEASE.2025-02-07T23-21-09Z@sha256:640c22768ed5dbc92eacc14502a1b06a1c708fa60431345c78dfc22917062e93 - pullPolicy: IfNotPresent - mcImage: - repository: quay.io/minio/mc - tag: RELEASE.2023-01-11T03-14-16Z - pullPolicy: IfNotPresent - mode: standalone - rootUser: ${SECRET_MINIO_ACCESS_KEY} - rootPassword: ${SECRET_MINIO_SECRET_KEY} - users: - - accessKey: ${SECRET_OCIS_S3_ACCESS_KEY} - secretKey: ${SECRET_OCIS_S3_SECRET_KEY} - policy: readWrite - persistence: - enabled: true - existingClaim: "nfs-ocis-pvc" - ingress: - enabled: true - ingressClassName: nginx-internal - hosts: - - ocisminio.k.${SECRET_DOMAIN} - tls: - - secretName: ocis-minio-cert - hosts: - - ocisminio.k.${SECRET_DOMAIN} - consoleIngress: - enabled: true - hosts: - - ocismc.k.${SECRET_DOMAIN} - tls: - - secretName: ocis-minio-console-cert - hosts: - - ocismc.k.${SECRET_DOMAIN} - securityContext: - enabled: false - resources: - requests: - memory: 350Mi - cpu: 25m - limits: - memory: 1500Mi - metrics: - serviceMonitor: - enabled: true - serviceAccount: - create: true - name: "ocis-minio-sa" diff --git a/owncloud/ocis/ocis.secret.yaml b/owncloud/ocis/ocis.secret.yaml deleted file mode 100644 index b5e089a06..000000000 --- a/owncloud/ocis/ocis.secret.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: ocis-secrets - namespace: owncloud -type: Opaque -stringData: - user-id: ${SECRET_OCIS_ADMIN_USER} - password: ${SECRET_OCIS_ADMIN_PASS} - smtp-username: ${SECRET_OCIS_SMTP_USER} - smtp-password: ${SECRET_OCIS_SMTP_PASS} - accessKey: ${SECRET_OCIS_S3_ACCESS_KEY} - secretKey: ${SECRET_OCIS_S3_SECRET_KEY} \ No newline at end of file diff --git a/owncloud/ocis/ocis.yaml b/owncloud/ocis/ocis.yaml deleted file mode 100644 index 422314c0f..000000000 --- a/owncloud/ocis/ocis.yaml +++ /dev/null @@ -1,214 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - name: ocis - namespace: owncloud -spec: - interval: 15m - chart: - spec: - chart: ocis - version: 0.7.0 - sourceRef: - kind: HelmRepository - name: wrmilling-charts - namespace: flux-system - values: - image: - repository: owncloud/ocis - tag: 7.0.1 - pullPolicy: IfNotPresent - - http: - cors: - allow_origins: [] - - externalDomain: cloud.${SECRET_DOMAIN} - - cache: - type: nats-js-kv - nodes: - - "{{ .appNameNats }}:9233" - - store: - type: nats-js-kv - nodes: - - "{{ .appNameNats }}:9233" - - registry: - type: nats-js-kv - nodes: - - "{{ .appNameNats }}:9233" - - features: - demoUsers: false - language: - default: en - - appsIntegration: - enabled: false - - emailNotifications: - enabled: true - smtp: - host: ${SECRET_SMTP_DOMAIN} - port: 587 - sender: "HomeLab Cloud " - authentication: auto - encryption: ssltls - - sharing: - autoAcceptShares: false - passwordPolicies: - minCharacters: 8 - minLowerCharacters: 1 - minUpperCharacters: 1 - minSpecialCharacters: 1 - minDigits: 1 - - virusscan: - enabled: true - infectedFileHandling: delete - - edition: Community - - ocm: - enabled: true - - ingress: - enabled: true - ingressClassName: nginx-external - annotations: - kubernetes.io/tls-acme: "true" - cert-manager.io/cluster-issuer: letsencrypt-prod - - securityContext: - fsGroup: 1000 - fsGroupChangePolicy: OnRootMismatch - runAsUser: 1000 - runAsGroup: 1000 - - replicas: 1 - - resources: - limits: - memory: 2048Mi - requests: - cpu: 100m - memory: 128Mi - - jobResources: - limits: - memory: 256Mi - requests: - cpu: 100m - memory: 128Mi - - services: - idm: - persistence: - enabled: true - existingClaim: ocis-idm-pvc - - nats: - persistence: - enabled: true - existingClaim: ocis-nats-pvc - - ocm: - persistence: - enabled: true - existingClaim: ocis-ocm-pvc - - search: - persistence: - enabled: true - existingClaim: ocis-search-pvc - - storagesystem: - persistence: - enabled: true - existingClaim: ocis-storage-pvc - - storageusers: - storageBackend: - # -- Configures the storage driver. Possible values are "ocis" and "s3ng". - # The oCIS driver stores all data in the persistent volume if persistence is enabled. - # The S3NG driver stores all metadata in the persistent volume and uploads blobs to s3 if persistence is enabled. - driver: s3ng - driverConfig: - s3ng: - maxConcurrency: 100 - endpoint: http://ocis-minio.owncloud.svc:9000 - bucket: ocis - - maintenance: - cleanUpExpiredUploads: - enabled: true - purgeExpiredTrashBinItems: - enabled: true - restartPostprocessing: - enabled: true - - persistence: - enabled: true - existingClaim: ocis-users-pvc - - thumbnails: - persistence: - enabled: true - existingClaim: ocis-thumbnails-pvc - maintenance: - cleanUpOldThumbnails: - enabled: true - - web: - persistence: - enabled: true - existingClaim: ocis-web-pvc - - monitoring: - enabled: true - - # Leaving secrets until I figure out which all ones I need - secretRefs: - # -- Reference to an existing admin user secret (see ref:Secrets#secrets). Not used if `features.externalUserManagement.enabled` equals `true`. - adminUserSecretRef: ocis-secrets - # -- Reference to an existing collaboration service WOPI secret (see ref:Secrets#secrets). Not used if `features.appsIntegration.enabled` equals `false`. - collaborationWopiSecret: - # -- Reference to an existing IDP secret (see ref:Secrets#secrets). Not used if `features.externalUserManagement.enabled` equals `true`. - idpSecretRef: - # -- Reference to an existing JWT secret (see ref:Secrets#secrets). - jwtSecretRef: - # -- Reference to an existing keycloak client secret, used for the GDPR export. Only used if features.externalUserManagement.gdprExport.enabled equals true. - gdprExportClientSecretRef: - # -- Reference to an existing LDAP certificate authority secret (see ref:Secrets#secrets) - ldapCaRef: - # -- Reference to an existing LDAP cert secret (see ref:Secrets#secrets). Not used if `features.externalUserManagement.enabled` equals `true`. - ldapCertRef: - # -- Reference to an existing LDAP bind secret (see ref:Secrets#secrets). - ldapSecretRef: - # -- Reference to an existing machine auth api key secret (see ref:Secrets#secrets) - machineAuthApiKeySecretRef: - # -- Reference to an existing messaging system certificate authority secret (see ref:Secrets#secrets) - messagingSystemCaRef: - # -- Reference to an existing SMTP email server settings secret (see ref:Secrets#secrets). - # Not used if `features.emailNotifications.enabled` equals `false`. - # Not used if `features.emailNotifications.smtp.authentication` equals `none`. - notificationsSmtpSecretRef: ocis-secrets - # -- Reference to an existing storage-system JWT secret (see ref:Secrets#secrets) - storagesystemJwtSecretRef: - # -- Reference to an existing storage-system secret (see ref:Secrets#secrets) - storagesystemSecretRef: - # -- Reference to an existing thumbnails transfer secret (see ref:Secrets#secrets) - thumbnailsSecretRef: - # -- Reference to an existing transfer secret (see ref:Secrets#secrets) - transferSecretSecretRef: - # -- Reference to an existing s3 secret (see ref:Secrets#secrets) - # If not filled in, will attempt to use values in `.storageusers.storageBackend.s3.driverConfig.s3ng` instead. - s3CredentialsSecretRef: ocis-secrets - # -- Reference to an existing service account secret (see ref:Secrets#secrets) - serviceAccountSecretRef: - # -- The secret to secure the global notifications endpoint. Only system admins and users knowing that secret can call the global notifications POST/DELETE endpoints. - globalNotificationsSecretRef: \ No newline at end of file diff --git a/owncloud/ocis/pvc.yaml b/owncloud/ocis/pvc.yaml deleted file mode 100644 index 6dc3988a8..000000000 --- a/owncloud/ocis/pvc.yaml +++ /dev/null @@ -1,116 +0,0 @@ ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-idm-pvc - namespace: owncloud -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - storageClassName: rook-ceph-block ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-nats-pvc - namespace: owncloud -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - storageClassName: rook-ceph-block ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-ocm-pvc - namespace: owncloud - finalizers: - - kubernetes.io/pvc-protection -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: rook-ceph-block ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-search-pvc - namespace: owncloud - finalizers: - - kubernetes.io/pvc-protection -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - storageClassName: rook-ceph-block ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-storage-pvc - namespace: owncloud - finalizers: - - kubernetes.io/pvc-protection -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi - storageClassName: rook-ceph-block ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-users-pvc - namespace: owncloud - finalizers: - - kubernetes.io/pvc-protection -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 50Gi - storageClassName: rook-ceph-block ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-thumbnails-pvc - namespace: owncloud - finalizers: - - kubernetes.io/pvc-protection -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - storageClassName: rook-ceph-block ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: ocis-web-pvc - namespace: owncloud - finalizers: - - kubernetes.io/pvc-protection -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: rook-ceph-block \ No newline at end of file