From adfad7ce8df66531e3603808c7e661f36ed822fd Mon Sep 17 00:00:00 2001
From: titusvermesan <titusvermesan@Innohub-Titus.local>
Date: Tue, 12 Nov 2024 09:57:56 +0100
Subject: [PATCH]  innocloud certificate

---
 .../include/innocloud-cerficate.yaml          | 14 ++++++
 argocd/apps/nextcloud/nextcloud.yaml          | 43 +++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 argocd/apps/cert-manager/include/innocloud-cerficate.yaml
 create mode 100644 argocd/apps/nextcloud/nextcloud.yaml

diff --git a/argocd/apps/cert-manager/include/innocloud-cerficate.yaml b/argocd/apps/cert-manager/include/innocloud-cerficate.yaml
new file mode 100644
index 0000000..5cd3d71
--- /dev/null
+++ b/argocd/apps/cert-manager/include/innocloud-cerficate.yaml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: innovation-hub-niedersachsen.de-innocloud
+  namespace: kube-system
+spec:
+  secretName: innocloud-tls
+  commonName: 'innocloud.innovation-hub-niedersachsen.de'
+  dnsNames:
+    - 'innocloud.innovation-hub-niedersachsen.de'
+  issuerRef:
+    name: lets-encrypt-staging
+    kind: ClusterIssuer
+    group: cert-manager.io
diff --git a/argocd/apps/nextcloud/nextcloud.yaml b/argocd/apps/nextcloud/nextcloud.yaml
new file mode 100644
index 0000000..60a4320
--- /dev/null
+++ b/argocd/apps/nextcloud/nextcloud.yaml
@@ -0,0 +1,43 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: nextcloud
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: 'https://nextcloud.github.io/helm/'
+    targetRevision: 6.*.*
+    helm:
+      parameters:
+        - name: 'ingress.enabled'
+          value: 'true'
+        - name: 'endpoint'
+          value: 'innocloud.innovation-hub-niedersachsen.de'
+        - name: ingress.hosts[0]
+          value: 'innocloud.innovation-hub-niedersachsen.de'
+        - name: 'ingress.tls[0].hosts[0]'
+          value: 'innocloud.innovation-hub-niedersachsen.de'
+        - name: 'ingress.tls[0].secretName'
+          value: innocloud-tls
+        - name: ingress.annotations.kubernetes\.io\/ingress\.class
+          value: traefik
+        - name: ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls
+          value: 'true'
+          forceString: true
+        - name: ingress.annotations.cert-manager\.io\/cluster-issuer
+          value: lets-encrypt-staging
+    chart: nextcloud
+  destination:
+    server: 'https://kubernetes.default.svc'
+    namespace: nextcloud
+  syncPolicy:
+#    managedNamespaceMetadata:
+#      labels: 
+#        pod-security.kubernetes.io/enforce: "privileged"
+    automated:
+      selfHeal: true
+      prune: true
+    syncOptions:
+      - CreateNamespace=true