eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-19 22:16:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

add volume permission workaround

Browse source 
Signed-off-by: Simon L <szaimen@e.mail.de>
This commit is contained in:
Simon L 2023-02-01 16:00:52 +01:00
parent c8576044b2
commit 0ea229e19a
11 changed files with 125 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

17
helm-chart/templates/nextcloud-aio-apache-deployment.yaml
View file

@ -21,9 +21,20 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-apache
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-nextcloud
- /nextcloud-aio-apache
volumeMounts:
- name: nextcloud-aio-apache
mountPath: /nextcloud-aio-apache
- name: nextcloud-aio-nextcloud
mountPath: /nextcloud-aio-nextcloud
containers:
- env:
- name: APACHE_MAX_SIZE

14
helm-chart/templates/nextcloud-aio-clamav-deployment.yaml
View file

@ -22,9 +22,17 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-clamav
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-clamav
volumeMounts:
- name: nextcloud-aio-clamav
mountPath: /nextcloud-aio-clamav
containers:
- env:
- name: CLAMD_STARTUP_TIMEOUT

14
helm-chart/templates/nextcloud-aio-collabora-deployment.yaml
View file

@ -22,9 +22,17 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-collabora
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-collabora-fonts
volumeMounts:
- name: nextcloud-aio-collabora-fonts
mountPath: /nextcloud-aio-collabora-fonts
containers:
- env:
- name: TZ

17
helm-chart/templates/nextcloud-aio-database-deployment.yaml
View file

@ -21,9 +21,20 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-database
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-database
- /nextcloud-aio-database-dump
volumeMounts:
- name: nextcloud-aio-database-dump
mountPath: /nextcloud-aio-database-dump
- name: nextcloud-aio-database
mountPath: /nextcloud-aio-database
containers:
- env:
- name: PGTZ

14
helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml
View file

@ -22,9 +22,17 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-fulltextsearch
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-elasticsearch
volumeMounts:
- name: nextcloud-aio-elasticsearch
mountPath: /nextcloud-aio-elasticsearch
containers:
- env:
- name: ES_JAVA_OPTS

3
helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml
View file

@ -22,9 +22,6 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-imaginary
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
containers:
- env:
- name: TZ

20
helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml
View file

@ -21,9 +21,23 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-nextcloud
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-nextcloud
- /nextcloud-aio-nextcloud-data
- /nextcloud-aio-nextcloud-trusted-cacerts
volumeMounts:
- name: nextcloud-aio-nextcloud-trusted-cacerts
mountPath: /nextcloud-aio-nextcloud-trusted-cacerts
- name: nextcloud-aio-nextcloud-data
mountPath: /nextcloud-aio-nextcloud-data
- name: nextcloud-aio-nextcloud
mountPath: /nextcloud-aio-nextcloud
containers:
- env:
- name: ADDITIONAL_APKS

14
helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml
View file

@ -22,9 +22,17 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-onlyoffice
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-onlyoffice
volumeMounts:
- name: nextcloud-aio-onlyoffice
mountPath: /nextcloud-aio-onlyoffice
containers:
- env:
- name: JWT_ENABLED

14
helm-chart/templates/nextcloud-aio-redis-deployment.yaml
View file

@ -21,9 +21,17 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-redis
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
- /nextcloud-aio-redis
volumeMounts:
- name: nextcloud-aio-redis
mountPath: /nextcloud-aio-redis
containers:
- env:
- name: REDIS_HOST_PASSWORD

3
helm-chart/templates/nextcloud-aio-talk-deployment.yaml
View file

@ -22,9 +22,6 @@ spec:
io.kompose.network/nextcloud-aio: "true"
io.kompose.service: nextcloud-aio-talk
spec:
securityContext:
fsGroup: 65534
fsGroupChangePolicy: "OnRootMismatch"
containers:
- env:
- name: JANUS_API_KEY

27
helm-chart/update-helm.sh
View file

@ -40,13 +40,36 @@ cd latest
mv ./templates/manual-install-nextcloud-aio-networkpolicy.yaml ./templates/nextcloud-aio-networkpolicy.yaml
# shellcheck disable=SC1083
find ./ -name '*networkpolicy.yaml' -exec sed -i "s|manual-install-nextcloud-aio|nextcloud-aio|" \{} \;
cat << EOL > /tmp/initcontainers
initContainers:
- name: init-volumes
image: alpine
command:
- chmod
- -R
- 777
volumeMountsInitContainer:
EOL
# shellcheck disable=SC1083
DEPLOYMENTS="$(find ./ -name '*deployment.yaml')"
mapfile -t DEPLOYMENTS <<< "$DEPLOYMENTS"
for variable in "${DEPLOYMENTS[@]}"; do
if grep -q volumeMounts "$variable"; then
sed -i "/^ spec:/r /tmp/initcontainers" "$variable"
volumeNames="$(grep -A1 mountPath "$variable" | grep -v mountPath | sed 's|.*name: ||' | sed '/^--$/d')"
mapfile -t volumeNames <<< "$volumeNames"
for volumeName in "${volumeNames[@]}"; do
sed -i "/^.*volumeMountsInitContainer:/i\ \ \ \ \ \ \ \ \ \ \ \ - /$volumeName" "$variable"
sed -i "/volumeMountsInitContainer:/a\ \ \ \ \ \ \ \ \ \ \ \ - name: $volumeName\n\ \ \ \ \ \ \ \ \ \ \ \ \ \ mountPath: /$volumeName" "$variable"
done
sed -i "s|volumeMountsInitContainer|volumeMounts|" "$variable"
fi
done
# shellcheck disable=SC1083
find ./ -name '*service.yaml' -exec sed -i "/^status:/,$ d" \{} \;
# shellcheck disable=SC1083
find ./ -name '*deployment.yaml' -exec sed -i "s|manual-install-nextcloud-aio|nextcloud-aio|" \{} \;
# shellcheck disable=SC1083
find ./ -name '*deployment.yaml' -exec sed -i "/^ spec:/a\ \ \ \ \ \ securityContext:\n\ \ \ \ \ \ \ \ fsGroup: 65534\n\ \ \ \ \ \ \ \ fsGroupChangePolicy: \"OnRootMismatch\"" \{} \;
# shellcheck disable=SC1083
find ./ -name '*persistentvolumeclaim.yaml' -exec sed -i "s|ReadOnlyMany|ReadWriteOnce|" \{} \;
# shellcheck disable=SC1083
find ./ -name '*persistentvolumeclaim.yaml' -exec sed -i "/accessModes:/i\ \ {{- if .Values.STORAGE_CLASS }}" \{} \;