apiVersion: argoproj.io/v1alpha1 kind: Application metadata: name: nextcloud finalizers: - resources-finalizer.argocd.argoproj.io spec: project: default source: repoURL: 'https://nextcloud.github.io/helm/' targetRevision: 8.*.* helm: values: | image: repository: nextcloud flavor: fpm ingress: enabled: true className: traefik servicePort: https annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.middlewares: kube-system-hsts@kubernetescrd cert-manager.io/cluster-issuer: lets-encrypt hosts: - innocloud.innovation-hub-niedersachsen.de tls: - secretName: innocloud-tls hosts: - innocloud.innovation-hub-niedersachsen.de service: annotations: traefik.ingress.kubernetes.io/service.sticky.cookie: "true" nginx: enabled: true phpClientHttpsFix: enabled: true protocol: https nextcloud: host: innocloud.innovation-hub-niedersachsen.de password: InnoHubADMIN_2024! mail: enabled: true fromAddress: admin domain: innovation-hub-niedersachsen.de smtp: host: 192.168.4.125 port: 25 # DinD Sidecar für AppAPI extraSidecarContainers: - name: dind image: docker:27-dind securityContext: privileged: true env: - name: DOCKER_TLS_CERTDIR value: "" volumeMounts: - name: docker-sock mountPath: /var/run - name: dind-storage mountPath: /var/lib/docker extraVolumes: - name: docker-sock emptyDir: {} - name: dind-storage emptyDir: {} extraVolumeMounts: - name: docker-sock mountPath: /var/run internalDatabase: enabled: false redis: enabled: true auth: password: redisInnoDBUser postgresql: enabled: true global: postgresql: auth: password: pgInnoDBUser primary: persistence: enabled: true persistence: enabled: true nextcloudData: enabled: true cronjob: enabled: true chart: nextcloud destination: server: 'https://kubernetes.default.svc' namespace: nextcloud syncPolicy: managedNamespaceMetadata: labels: pod-security.kubernetes.io/enforce: "privileged" automated: selfHeal: true prune: true syncOptions: - CreateNamespace=true