diff --git a/helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 6f0b560a..2c0d6e77 100755 --- a/helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -21,9 +21,20 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-apache spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-nextcloud + - /nextcloud-aio-apache + volumeMounts: + - name: nextcloud-aio-apache + mountPath: /nextcloud-aio-apache + - name: nextcloud-aio-nextcloud + mountPath: /nextcloud-aio-nextcloud containers: - env: - name: APACHE_MAX_SIZE diff --git a/helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index cf24fe5c..189721fc 100755 --- a/helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -22,9 +22,17 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-clamav spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-clamav + volumeMounts: + - name: nextcloud-aio-clamav + mountPath: /nextcloud-aio-clamav containers: - env: - name: CLAMD_STARTUP_TIMEOUT diff --git a/helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 9068033b..024c8833 100755 --- a/helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -22,9 +22,17 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-collabora spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-collabora-fonts + volumeMounts: + - name: nextcloud-aio-collabora-fonts + mountPath: /nextcloud-aio-collabora-fonts containers: - env: - name: TZ diff --git a/helm-chart/templates/nextcloud-aio-database-deployment.yaml b/helm-chart/templates/nextcloud-aio-database-deployment.yaml index d1eb3c4e..258bf0d7 100755 --- a/helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -21,9 +21,20 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-database spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-database + - /nextcloud-aio-database-dump + volumeMounts: + - name: nextcloud-aio-database-dump + mountPath: /nextcloud-aio-database-dump + - name: nextcloud-aio-database + mountPath: /nextcloud-aio-database containers: - env: - name: PGTZ diff --git a/helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index 64ff5e48..2060316a 100755 --- a/helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -22,9 +22,17 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-fulltextsearch spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-elasticsearch + volumeMounts: + - name: nextcloud-aio-elasticsearch + mountPath: /nextcloud-aio-elasticsearch containers: - env: - name: ES_JAVA_OPTS diff --git a/helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index ea558eba..2eabe094 100755 --- a/helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -22,9 +22,6 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-imaginary spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" containers: - env: - name: TZ diff --git a/helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 6e9e1236..45b4da0e 100755 --- a/helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -21,9 +21,23 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-nextcloud spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-nextcloud + - /nextcloud-aio-nextcloud-data + - /nextcloud-aio-nextcloud-trusted-cacerts + volumeMounts: + - name: nextcloud-aio-nextcloud-trusted-cacerts + mountPath: /nextcloud-aio-nextcloud-trusted-cacerts + - name: nextcloud-aio-nextcloud-data + mountPath: /nextcloud-aio-nextcloud-data + - name: nextcloud-aio-nextcloud + mountPath: /nextcloud-aio-nextcloud containers: - env: - name: ADDITIONAL_APKS diff --git a/helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index d4c9eef3..374471c6 100755 --- a/helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -22,9 +22,17 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-onlyoffice spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-onlyoffice + volumeMounts: + - name: nextcloud-aio-onlyoffice + mountPath: /nextcloud-aio-onlyoffice containers: - env: - name: JWT_ENABLED diff --git a/helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 3525d150..57be9cd7 100755 --- a/helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -21,9 +21,17 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-redis spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + - /nextcloud-aio-redis + volumeMounts: + - name: nextcloud-aio-redis + mountPath: /nextcloud-aio-redis containers: - env: - name: REDIS_HOST_PASSWORD diff --git a/helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 9e25b9fb..06ac7f2d 100755 --- a/helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -22,9 +22,6 @@ spec: io.kompose.network/nextcloud-aio: "true" io.kompose.service: nextcloud-aio-talk spec: - securityContext: - fsGroup: 65534 - fsGroupChangePolicy: "OnRootMismatch" containers: - env: - name: JANUS_API_KEY diff --git a/helm-chart/update-helm.sh b/helm-chart/update-helm.sh index 91216e48..e60d530b 100755 --- a/helm-chart/update-helm.sh +++ b/helm-chart/update-helm.sh @@ -40,13 +40,36 @@ cd latest mv ./templates/manual-install-nextcloud-aio-networkpolicy.yaml ./templates/nextcloud-aio-networkpolicy.yaml # shellcheck disable=SC1083 find ./ -name '*networkpolicy.yaml' -exec sed -i "s|manual-install-nextcloud-aio|nextcloud-aio|" \{} \; +cat << EOL > /tmp/initcontainers + initContainers: + - name: init-volumes + image: alpine + command: + - chmod + - -R + - 777 + volumeMountsInitContainer: +EOL +# shellcheck disable=SC1083 +DEPLOYMENTS="$(find ./ -name '*deployment.yaml')" +mapfile -t DEPLOYMENTS <<< "$DEPLOYMENTS" +for variable in "${DEPLOYMENTS[@]}"; do + if grep -q volumeMounts "$variable"; then + sed -i "/^ spec:/r /tmp/initcontainers" "$variable" + volumeNames="$(grep -A1 mountPath "$variable" | grep -v mountPath | sed 's|.*name: ||' | sed '/^--$/d')" + mapfile -t volumeNames <<< "$volumeNames" + for volumeName in "${volumeNames[@]}"; do + sed -i "/^.*volumeMountsInitContainer:/i\ \ \ \ \ \ \ \ \ \ \ \ - /$volumeName" "$variable" + sed -i "/volumeMountsInitContainer:/a\ \ \ \ \ \ \ \ \ \ \ \ - name: $volumeName\n\ \ \ \ \ \ \ \ \ \ \ \ \ \ mountPath: /$volumeName" "$variable" + done + sed -i "s|volumeMountsInitContainer|volumeMounts|" "$variable" + fi +done # shellcheck disable=SC1083 find ./ -name '*service.yaml' -exec sed -i "/^status:/,$ d" \{} \; # shellcheck disable=SC1083 find ./ -name '*deployment.yaml' -exec sed -i "s|manual-install-nextcloud-aio|nextcloud-aio|" \{} \; # shellcheck disable=SC1083 -find ./ -name '*deployment.yaml' -exec sed -i "/^ spec:/a\ \ \ \ \ \ securityContext:\n\ \ \ \ \ \ \ \ fsGroup: 65534\n\ \ \ \ \ \ \ \ fsGroupChangePolicy: \"OnRootMismatch\"" \{} \; -# shellcheck disable=SC1083 find ./ -name '*persistentvolumeclaim.yaml' -exec sed -i "s|ReadOnlyMany|ReadWriteOnce|" \{} \; # shellcheck disable=SC1083 find ./ -name '*persistentvolumeclaim.yaml' -exec sed -i "/accessModes:/i\ \ {{- if .Values.STORAGE_CLASS }}" \{} \;