From ced1758974fbbc41cf5758c2468d9a82d561142b Mon Sep 17 00:00:00 2001
From: titver968 <vermesan@hotmail.com>
Date: Fri, 17 Oct 2025 08:33:35 +0200
Subject: [PATCH] nextcloud reconfigured

---
 argocd/apps/nextcloud/.nextcloud.bak.swp | Bin 0 -> 16384 bytes
 argocd/apps/nextcloud/nextcloud.bak      | 128 +++++++++++++++
 argocd/apps/nextcloud/nextcloud.yaml     | 195 +++++++++++------------
 3 files changed, 221 insertions(+), 102 deletions(-)
 create mode 100644 argocd/apps/nextcloud/.nextcloud.bak.swp
 create mode 100644 argocd/apps/nextcloud/nextcloud.bak

diff --git a/argocd/apps/nextcloud/.nextcloud.bak.swp b/argocd/apps/nextcloud/.nextcloud.bak.swp
new file mode 100644
index 0000000000000000000000000000000000000000..eca0ecb9baa28ec7f4f0fd45a04d21a08a737152
GIT binary patch
literal 16384
zcmeI3O^6)F6~{}m9XU#z4;unLI4)@oYmB>RcP;s2a7b1=3R>)ymX)P|y<%O{T{Baf
zp6+&4^+=Q0$}KtMkU(+>hQxscLN37x7>vnHkX-De4;I9R7&`}pL70%6?SJ*RRz0KD
zY7fR#!;c<qcfI%OUmxACs?}XMyShf7a2E-VZxQn8f36PpJ$V1VD_<i-3!SJjmm{uN
zXs%B=^q4zq%sUoELuXk?H;6nIG~9dX8iTFA(44hI7)FDn+ZsNiT1@sM&u_6fR;`d<
z)LsxJe)Y@kvSEW+`zNb_RbWR7+(jN)T3j%<&K*8P@45TTj!M~^tO8a6tAJI&Dqt0`
z3RnfK0#<=9hXOj@PkxH3?9Z$7e16`y?fhAO(ERUg+x7gP_GA^X3RnfK0#*U5fK|XM
zU=^?mSOu&CRspNP7f=D_6LJc1{nsS?*#Cb%kMX^467m+f4E_fG2rdE%w!j(i05}K;
z`1l*RAG`{F4PFG#g71Sv-~jmGF5CnD0)7R0;3Sv>2f;^QC*-f-7l4B&!5p{)e1z{2
z{smqJ7r+*H0Nf7VI!MTC;AL<QJPAJgDj{!!-+}<FfrH@corJsseh!A<+u+{^2zd!`
zK*4_S?pFx;C-@C`5p04ExEBy`<qksr3@(9l;0X9GxDQ;tosieTA3zUu!2fQ8AMiVH
z0Xzy0gLkm-@&*XNIyeAKTYOk7z~t?5iziwhV-_U5P3L_P`i|0(WPLtQipvfS*$9`*
zuP<DDh9TK$;d774l_=Cqgj}lU7S6fjC`d+pElNVIo?ATUnv$g<N()D=F_SHsgnQrw
zPDjSwI@5y&Pk!VLxpWjxd*f_Mjdo|8hvQT=qklv2ol`4M9pBh`=IPU0E5|pU>8x(t
zlA9@^Ynkk_wH5agDfGnj0rUwsmSQXd-sgTpWwMrNFFod%ZnnFMh!J{blkHtwyhf8b
zx*W&L>#MXQ!Vb+lI7RJxqMt~nMHFH-D378yFCCp#n-LR%t42C@<4Ed;;)_o#xr>iJ
z?jCU$cWP-6sU}P2yQy&+ri0I?oKSEd<C1v;#Y5Mh*~n>>euPul5F+zOV&-5?i}z$S
zTK0X(m1?lj+|4{0h3BKL%R|-;8v9Lixfm4_O7qa;ZaFb^m}a+RX=)S!*UEu2If*Ob
zi-}Q$eN$(bL4KXeuUwBy?TlE6{wg<J5pA}-AVIv+5lSUo?pPqj<yd%pvu=IU#r(^A
zVhGEb?@f1@bh!+<<|=bnmQz}I!^x)W;Zr=(G<Zx&M@<mi$QdZDeo&e6q(4t-8SAVH
z-#8)}C8+<VI}*Mh@Cyu@m6j>(MbhJ^wM2#5)U<i+S~1X?yF!!vJC8;O^(b;rdGRuY
zSrxC;%7ial#0yx{Krn+e{fN=2yDmJ;7q!7f^Ju^nE4e<2$7nUjRL{}U7W%<W4*l(p
z%#>n0?y;MqI)(XC(!Hq!5B)e2p>B%0xwpiqrx~s<1m<xyVshfv=aQ*2z<k_ag~pv@
zXE3rVcSXC^%=Uw*%V527#1cJlWAug#k!*T2-Z0YXQAzF#RSS%kN2zoXVtT8)qgWco
zd{%mTAUzhSS|2T(qHQoOvA|5tU8eYq>DkocMABXEtgW8hT3T2-a_D-Q%c*{roMtSf
zBkbl!MP+}=BX*#5tgeqM9>gnw;GsTYuK!S6MCXch<V8W*3{{7p(%jdXm@f8|D2l<B
z&;9Go?;FkT%lRPpTGeq|;0=8v?2GW?jF!!()5>JkJF+KdI#rrUu0gF{JZdOtUIg7<
zz{XM2qqJ<sX(c7c@D#{&Cb`F$Nw`N}RqgaI10IaBUm9PabG^aGLgD?dO&@n3avw_X
zF-Fd8JdMODZI5=V_E|bUWXCHQ9{eq1sb%6&QG!RDF^ax%o_o4Yecoe9poxmPXD&Dt
zGgEq-a(V*8M*NsdH~R!WJ(-d)id)OeX~5<+ww9q0RE7B%a&0oit8v@B*9OAN-e6fQ
z&YHI;QyF7Ax7ivmvLGI?MPl;*^T?t1BgZ!RKg|=(zayvrCHNWe!BOxX@ILZ*ljr{)
zTmnylqu^oif8_9&!JohooB|!t0u+1#A6LMez~uR_fFAe}I0hEL{lLVs57@&hU=^?m
zSOu&CRspMkRlq7>71(P9XnHtwMRKOONz7EtJpMhCIwJQ#E;9+eQ?XeP&+{dd)FdHt
zkn$GX#Dm@m&Vt$>vHE~DX3hO9w=$;U2zyTXMnY{B)1*#3OjiZl^l-JaaG01vlm@KJ
z1J%wJC$oiCzYKJ(On<Ua*CS*<lgy_{mD1YO^Ce@^WX)XGvbkzy4~yq%qUNfxXHq$z
zV^uXw)2Ym;H((O^T$y*`p5mzeEY>l1y!~~yzMZy*J6+rD8coVL=V-crM?2}(89i-I
znu?H~EdKko*%HY%{mMe+k7~8xCof%}eU}2c=^kPhN4itUN3ouCL{m0@Q`?d?lh@R0
zS8+k|S#jOO-eM6JEM61V96fF}Q)zyk_AdWJrrS@YpyiLM25J8ZM7NdgsohZK9c|TC
HyQrT78-oRU

literal 0
HcmV?d00001

diff --git a/argocd/apps/nextcloud/nextcloud.bak b/argocd/apps/nextcloud/nextcloud.bak
new file mode 100644
index 0000000..2a78e40
--- /dev/null
+++ b/argocd/apps/nextcloud/nextcloud.bak
@@ -0,0 +1,128 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: nextcloud
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: 'https://nextcloud.github.io/helm/'
+    targetRevision: 8.*.*
+    helm:
+      parameters:
+        - name: image.repository
+          value: 'nextcloud'
+        - name: image.flavor
+          value: 'fpm'
+        - name: ingress.className
+          value: 'traefik'
+        - name: nginx.enabled
+          value: 'true'  
+        - name: 'ingress.enabled'
+          value: 'true'
+        - name: ingress.servicePort
+          value: 'https'
+        - name: phpClientHttpsFix.enabled
+          value: 'true'
+        - name: phpClientHttpsFix.protocol
+          value: 'https'
+        - name: nextcloud.host
+          value: 'innocloud.innovation-hub-niedersachsen.de'
+        - name: nextcloud.password
+          value: 'InnoHubADMIN_2024!'
+        - name: internalDatabase.enabled
+          value: 'false'
+        - name: redis.enabled
+          value: 'true'  
+        - name: redis.auth.password
+          value: 'redisInnoDBUser'          
+        - name: postgresql.enabled
+          value: 'true'
+        - name: postgresql.global.postgresql.auth.password
+          value: 'pgInnoDBUser'
+        - name: postgresql.primary.persistence.enabled
+          value: 'true'
+        - name: 'endpoint'
+          value: 'innocloud.innovation-hub-niedersachsen.de'
+        - name: ingress.hosts[0]
+          value: 'innocloud.innovation-hub-niedersachsen.de'
+        - name: 'ingress.tls[0].hosts[0]'
+          value: 'innocloud.innovation-hub-niedersachsen.de'
+        - name: 'ingress.tls[0].secretName'
+          value: innocloud-tls
+        - name: ingress.annotations.kubernetes\.io\/ingress\.class
+          value: traefik
+        - name: ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls
+          value: 'true'
+          forceString: true
+        - name: ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.middlewares
+          value: 'kube-system-hsts@kubernetescrd'  
+        - name: service\.annotations\.traefik\.ingress\.kubernetes\.io\/service\.sticky\.cookie
+          value: 'true'
+        - name: ingress.annotations.cert-manager\.io\/cluster-issuer
+          value: lets-encrypt
+        - name: persistence.enabled
+          value: 'true'
+        - name: persistence.nextcloudData.enabled
+          value: 'true'
+        - name: cronjob.enabled
+          value: 'true'
+        - name: nextcloud.mail.fromAddress
+          value: 'admin'
+        - name: nextcloud.mail.domain
+          value: 'innovation-hub-niedersachsen.de'
+        - name: nextcloud.mail.smtp.host
+          value: '192.168.4.125'
+        - name: nextcloud.mail.smtp.port
+          value: '25'
+
+        # AppAPI DinD Sidecar Configuration
+        - name: nextcloud.extraSidecarContainers[0].name
+          value: 'dind'
+        - name: nextcloud.extraSidecarContainers[0].image
+          value: 'docker:27-dind'
+        - name: nextcloud.extraSidecarContainers[0].securityContext.privileged
+          value: 'true'
+        - name: nextcloud.extraSidecarContainers[0].env[0].name
+          value: 'DOCKER_TLS_CERTDIR'
+        - name: nextcloud.extraSidecarContainers[0].env[0].value
+          value: ''
+        - name: nextcloud.extraSidecarContainers[0].volumeMounts[0].name
+          value: 'docker-sock'
+        - name: nextcloud.extraSidecarContainers[0].volumeMounts[0].mountPath
+          value: '/var/run'
+        - name: nextcloud.extraSidecarContainers[0].volumeMounts[1].name
+          value: 'dind-storage'
+        - name: nextcloud.extraSidecarContainers[0].volumeMounts[1].mountPath
+          value: '/var/lib/docker'
+        
+        # Extra Volumes für DinD
+        - name: nextcloud.extraVolumes[0].name
+          value: 'docker-sock'
+        - name: nextcloud.extraVolumes[0].emptyDir
+          value: '{}'
+        - name: nextcloud.extraVolumes[1].name
+          value: 'dind-storage'
+        - name: nextcloud.extraVolumes[1].emptyDir
+          value: '{}'
+        
+        # Mount Docker Socket in Nextcloud Container
+        - name: nextcloud.extraVolumeMounts[0].name
+          value: 'docker-sock'
+        - name: nextcloud.extraVolumeMounts[0].mountPath
+          value: '/var/run'
+          
+    chart: nextcloud
+  destination:
+    server: 'https://kubernetes.default.svc'
+    namespace: nextcloud
+  syncPolicy:
+    managedNamespaceMetadata:
+      labels: 
+        pod-security.kubernetes.io/enforce: "privileged"
+    automated:
+      selfHeal: true
+      prune: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/argocd/apps/nextcloud/nextcloud.yaml b/argocd/apps/nextcloud/nextcloud.yaml
index 2a78e40..5c4e298 100644
--- a/argocd/apps/nextcloud/nextcloud.yaml
+++ b/argocd/apps/nextcloud/nextcloud.yaml
@@ -10,119 +10,110 @@ spec:
     repoURL: 'https://nextcloud.github.io/helm/'
     targetRevision: 8.*.*
     helm:
-      parameters:
-        - name: image.repository
-          value: 'nextcloud'
-        - name: image.flavor
-          value: 'fpm'
-        - name: ingress.className
-          value: 'traefik'
-        - name: nginx.enabled
-          value: 'true'  
-        - name: 'ingress.enabled'
-          value: 'true'
-        - name: ingress.servicePort
-          value: 'https'
-        - name: phpClientHttpsFix.enabled
-          value: 'true'
-        - name: phpClientHttpsFix.protocol
-          value: 'https'
-        - name: nextcloud.host
-          value: 'innocloud.innovation-hub-niedersachsen.de'
-        - name: nextcloud.password
-          value: 'InnoHubADMIN_2024!'
-        - name: internalDatabase.enabled
-          value: 'false'
-        - name: redis.enabled
-          value: 'true'  
-        - name: redis.auth.password
-          value: 'redisInnoDBUser'          
-        - name: postgresql.enabled
-          value: 'true'
-        - name: postgresql.global.postgresql.auth.password
-          value: 'pgInnoDBUser'
-        - name: postgresql.primary.persistence.enabled
-          value: 'true'
-        - name: 'endpoint'
-          value: 'innocloud.innovation-hub-niedersachsen.de'
-        - name: ingress.hosts[0]
-          value: 'innocloud.innovation-hub-niedersachsen.de'
-        - name: 'ingress.tls[0].hosts[0]'
-          value: 'innocloud.innovation-hub-niedersachsen.de'
-        - name: 'ingress.tls[0].secretName'
-          value: innocloud-tls
-        - name: ingress.annotations.kubernetes\.io\/ingress\.class
-          value: traefik
-        - name: ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.tls
-          value: 'true'
-          forceString: true
-        - name: ingress.annotations.traefik\.ingress\.kubernetes\.io\/router\.middlewares
-          value: 'kube-system-hsts@kubernetescrd'  
-        - name: service\.annotations\.traefik\.ingress\.kubernetes\.io\/service\.sticky\.cookie
-          value: 'true'
-        - name: ingress.annotations.cert-manager\.io\/cluster-issuer
-          value: lets-encrypt
-        - name: persistence.enabled
-          value: 'true'
-        - name: persistence.nextcloudData.enabled
-          value: 'true'
-        - name: cronjob.enabled
-          value: 'true'
-        - name: nextcloud.mail.fromAddress
-          value: 'admin'
-        - name: nextcloud.mail.domain
-          value: 'innovation-hub-niedersachsen.de'
-        - name: nextcloud.mail.smtp.host
-          value: '192.168.4.125'
-        - name: nextcloud.mail.smtp.port
-          value: '25'
-
-        # AppAPI DinD Sidecar Configuration
-        - name: nextcloud.extraSidecarContainers[0].name
-          value: 'dind'
-        - name: nextcloud.extraSidecarContainers[0].image
-          value: 'docker:27-dind'
-        - name: nextcloud.extraSidecarContainers[0].securityContext.privileged
-          value: 'true'
-        - name: nextcloud.extraSidecarContainers[0].env[0].name
-          value: 'DOCKER_TLS_CERTDIR'
-        - name: nextcloud.extraSidecarContainers[0].env[0].value
-          value: ''
-        - name: nextcloud.extraSidecarContainers[0].volumeMounts[0].name
-          value: 'docker-sock'
-        - name: nextcloud.extraSidecarContainers[0].volumeMounts[0].mountPath
-          value: '/var/run'
-        - name: nextcloud.extraSidecarContainers[0].volumeMounts[1].name
-          value: 'dind-storage'
-        - name: nextcloud.extraSidecarContainers[0].volumeMounts[1].mountPath
-          value: '/var/lib/docker'
+      values: |
+        image:
+          repository: nextcloud
+          flavor: fpm
         
-        # Extra Volumes für DinD
-        - name: nextcloud.extraVolumes[0].name
-          value: 'docker-sock'
-        - name: nextcloud.extraVolumes[0].emptyDir
-          value: '{}'
-        - name: nextcloud.extraVolumes[1].name
-          value: 'dind-storage'
-        - name: nextcloud.extraVolumes[1].emptyDir
-          value: '{}'
+        ingress:
+          enabled: true
+          className: traefik
+          servicePort: https
+          annotations:
+            kubernetes.io/ingress.class: traefik
+            traefik.ingress.kubernetes.io/router.tls: "true"
+            traefik.ingress.kubernetes.io/router.middlewares: kube-system-hsts@kubernetescrd
+            cert-manager.io/cluster-issuer: lets-encrypt
+          hosts:
+            - innocloud.innovation-hub-niedersachsen.de
+          tls:
+            - secretName: innocloud-tls
+              hosts:
+                - innocloud.innovation-hub-niedersachsen.de
         
-        # Mount Docker Socket in Nextcloud Container
-        - name: nextcloud.extraVolumeMounts[0].name
-          value: 'docker-sock'
-        - name: nextcloud.extraVolumeMounts[0].mountPath
-          value: '/var/run'
+        service:
+          annotations:
+            traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
+        
+        nginx:
+          enabled: true
+        
+        phpClientHttpsFix:
+          enabled: true
+          protocol: https
+        
+        nextcloud:
+          host: innocloud.innovation-hub-niedersachsen.de
+          password: InnoHubADMIN_2024!
+          mail:
+            enabled: true
+            fromAddress: admin
+            domain: innovation-hub-niedersachsen.de
+            smtp:
+              host: 192.168.4.125
+              port: 25
           
+          # DinD Sidecar für AppAPI
+          extraSidecarContainers:
+            - name: dind
+              image: docker:27-dind
+              securityContext:
+                privileged: true
+              env:
+                - name: DOCKER_TLS_CERTDIR
+                  value: ""
+              volumeMounts:
+                - name: docker-sock
+                  mountPath: /var/run
+                - name: dind-storage
+                  mountPath: /var/lib/docker
+          
+          extraVolumes:
+            - name: docker-sock
+              emptyDir: {}
+            - name: dind-storage
+              emptyDir: {}
+          
+          extraVolumeMounts:
+            - name: docker-sock
+              mountPath: /var/run
+        
+        internalDatabase:
+          enabled: false
+        
+        redis:
+          enabled: true
+          auth:
+            password: redisInnoDBUser
+        
+        postgresql:
+          enabled: true
+          global:
+            postgresql:
+              auth:
+                password: pgInnoDBUser
+          primary:
+            persistence:
+              enabled: true
+        
+        persistence:
+          enabled: true
+          nextcloudData:
+            enabled: true
+        
+        cronjob:
+          enabled: true
+    
     chart: nextcloud
   destination:
     server: 'https://kubernetes.default.svc'
     namespace: nextcloud
   syncPolicy:
     managedNamespaceMetadata:
-      labels: 
+      labels:
         pod-security.kubernetes.io/enforce: "privileged"
     automated:
       selfHeal: true
       prune: true
     syncOptions:
-      - CreateNamespace=true
+      - CreateNamespace=true
\ No newline at end of file