fixt(nextcloud): extract db environment

charts/nextcloud/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
 name: nextcloud
-version: 9.1.3
+version: 9.1.4
 # renovate: image=docker.io/library/nextcloud
 appVersion: 33.0.5
 description: A file sharing server that puts the control and security of your own data back into your hands.

charts/nextcloud/templates/_helpers.tpl

@@ -64,11 +64,7 @@ Create image name that is used in the deployment
 {{/*
 Create environment variables used to configure the nextcloud container as well as the cron sidecar container.
 */}}
-{{- define "nextcloud.env" -}}
-{{- if .Values.phpClientHttpsFix.enabled }}
-- name: OVERWRITEPROTOCOL
-  value: {{ .Values.phpClientHttpsFix.protocol | quote }}
-{{- end }}
+{{- define "nextcloud.env.database" -}}
 {{- if .Values.internalDatabase.enabled }}
 - name: SQLITE_DATABASE
   value: {{ .Values.internalDatabase.name | quote }}
@@ -87,6 +83,8 @@ Create environment variables used to configure the nextcloud container as well a
     secretKeyRef:
       name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
       key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
+- name: DATABASE_URL
+  value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST)/$(MYSQL_DATABASE)"
 {{- else if .Values.postgresql.enabled }}
 - name: POSTGRES_HOST
   value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }}
@@ -106,7 +104,9 @@ Create environment variables used to configure the nextcloud container as well a
     secretKeyRef:
       name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
       key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
-{{- else }}
+- name: DATABASE_URL
+  value: "postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST)/$(POSTGRES_DB)"
+{{- else }}{{/* mariadb.enable or postgresql.enabled -> now external */}}
   {{- if eq .Values.externalDatabase.type "postgresql" }}
 - name: POSTGRES_HOST
   {{- if .Values.externalDatabase.existingSecret.hostKey }}
@@ -136,7 +136,9 @@ Create environment variables used to configure the nextcloud container as well a
     secretKeyRef:
       name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
       key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
-  {{- else }}
+- name: DATABASE_URL
+  value: "postgres://$(POSTGRES_USER):$(POSTGRES_PASSWORD)@$(POSTGRES_HOST)/$(POSTGRES_DB)"
+  {{- else }}{{/* external.type = postgresql  */}}
 - name: MYSQL_HOST
   {{- if .Values.externalDatabase.existingSecret.hostKey }}
   valueFrom:
@@ -165,8 +167,72 @@ Create environment variables used to configure the nextcloud container as well a
     secretKeyRef:
       name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
       key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
-  {{- end }}
+- name: DATABASE_URL
+  value: "mysql://$(MYSQL_USER):$(MYSQL_PASSWORD)@$(MYSQL_HOST)/$(MYSQL_DATABASE)"
+  {{- end }}{{/* external.type = postgresql */}}
+{{- end }}{{/* not mariadb.enable or postgresql.enabled -> just external*/}}
+{{- end }}
+
+{{/*
+Redis env vars
+*/}}
+{{- define "nextcloud.env.redis" -}}
+{{- if .Values.redis.enabled }}
+- name: REDIS_HOST
+  value: {{ template "nextcloud.redis.fullname" . }}-master
+- name: REDIS_HOST_PORT
+  value: {{ .Values.redis.master.service.ports.redis | quote }}
+{{- if .Values.redis.auth.enabled }}
+{{- if and .Values.redis.auth.existingSecret .Values.redis.auth.existingSecretPasswordKey }}
+- name: REDIS_HOST_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.redis.auth.existingSecret }}
+      key: {{ .Values.redis.auth.existingSecretPasswordKey }}
+{{- else }}
+- name: REDIS_HOST_PASSWORD
+  value: {{ .Values.redis.auth.password }}
+{{- end }}
+{{- end }}
+{{- else if .Values.externalRedis.enabled }}
+- name: REDIS_HOST
+  value: {{ .Values.externalRedis.host | quote }}
+- name: REDIS_HOST_PORT
+  value: {{ .Values.externalRedis.port | quote }}
+{{- if .Values.externalRedis.existingSecret.enabled }}
+{{- if and .Values.externalRedis.existingSecret.secretName .Values.externalRedis.existingSecret.passwordKey }}
+- name: REDIS_HOST_PASSWORD
+  valueFrom:
+    secretKeyRef:
+      name: {{ .Values.externalRedis.existingSecret.secretName | quote }}
+      key: {{ .Values.externalRedis.existingSecret.passwordKey | quote }}
+{{- end }}
+{{- else if .Values.externalRedis.password }}
+- name: REDIS_HOST_PASSWORD
+  value: {{ .Values.externalRedis.password | quote }}
+{{- end }}
+{{- end }}{{/* end-of redis-enabled*/}}
+{{- if or
+  (and .Values.redis.auth.enabled .Values.redis.auth.password)
+  (and .Values.redis.auth.enabled .Values.redis.auth.existingSecret .Values.redis.auth.existingSecretPasswordKey)
+  (and .Values.externalRedis.enabled .Values.externalRedis.existingSecret.secretName .Values.externalRedis.existingSecret.passwordKey)
+  (and .Values.externalRedis.enabled .Values.externalRedis.password)
+}}
+- name: REDIS_URL
+  value: "redis://:$(REDIS_HOST_PASSWORD)@$(REDIS_HOST):$(REDIS_HOST_PORT)"
+{{- else }}
+- name: REDIS_URL
+  value: "redis://$(REDIS_HOST):$(REDIS_HOST_PORT)"
+{{- end }}{{/* end-of redis-url*/}}
+{{- end }}{{/* end-of env.redis definition */}}
+
+{{- define "nextcloud.env" -}}
+{{- if .Values.phpClientHttpsFix.enabled }}
+- name: OVERWRITEPROTOCOL
+  value: {{ .Values.phpClientHttpsFix.protocol | quote }}
 {{- end }}
+{{- template "nextcloud.env.database" . }}
+{{- template "nextcloud.env.redis" . }}
 - name: NEXTCLOUD_ADMIN_USER
   valueFrom:
     secretKeyRef:
@@ -221,44 +287,6 @@ Create environment variables used to configure the nextcloud container as well a
       key: {{ .Values.nextcloud.existingSecret.smtpPasswordKey }}
 {{- end }}
 {{/*
-Redis env vars
-*/}}
-{{- if .Values.redis.enabled }}
-- name: REDIS_HOST
-  value: {{ template "nextcloud.redis.fullname" . }}-master
-- name: REDIS_HOST_PORT
-  value: {{ .Values.redis.master.service.ports.redis | quote }}
-{{- if .Values.redis.auth.enabled }}
-{{- if and .Values.redis.auth.existingSecret .Values.redis.auth.existingSecretPasswordKey }}
-- name: REDIS_HOST_PASSWORD
-  valueFrom:
-    secretKeyRef:
-      name: {{ .Values.redis.auth.existingSecret }}
-      key: {{ .Values.redis.auth.existingSecretPasswordKey }}
-{{- else }}
-- name: REDIS_HOST_PASSWORD
-  value: {{ .Values.redis.auth.password }}
-{{- end }}
-{{- end }}
-{{- else if .Values.externalRedis.enabled }}
-- name: REDIS_HOST
-  value: {{ .Values.externalRedis.host | quote }}
-- name: REDIS_HOST_PORT
-  value: {{ .Values.externalRedis.port | quote }}
-{{- if .Values.externalRedis.existingSecret.enabled }}
-{{- if and .Values.externalRedis.existingSecret.secretName .Values.externalRedis.existingSecret.passwordKey }}
-- name: REDIS_HOST_PASSWORD
-  valueFrom:
-    secretKeyRef:
-      name: {{ .Values.externalRedis.existingSecret.secretName | quote }}
-      key: {{ .Values.externalRedis.existingSecret.passwordKey | quote }}
-{{- end }}
-{{- else if .Values.externalRedis.password }}
-- name: REDIS_HOST_PASSWORD
-  value: {{ .Values.externalRedis.password | quote }}
-{{- end }}
-{{- end }}{{/* end if redis.enabled */}}
-{{/*
 S3 as primary object store env vars
 */}}
 {{- if .Values.nextcloud.objectStore.s3.enabled }}

charts/nextcloud/templates/db-secret.yaml

@@ -10,14 +10,20 @@ metadata:
 type: Opaque
 data:
   {{- if .Values.mariadb.enabled }}
-  db-username: {{ .Values.mariadb.auth.username | b64enc | quote }}
-  db-password: {{ .Values.mariadb.auth.password | b64enc | quote }}
+  {{- with .Values.mariadb.auth }}
+  db-username: {{ .username | b64enc | quote }}
+  db-password: {{ .password | b64enc | quote }}
+  {{- end }}
   {{- else if .Values.postgresql.enabled }}
-  db-username: {{ .Values.postgresql.global.postgresql.auth.username | b64enc | quote }}
-  db-password: {{ .Values.postgresql.global.postgresql.auth.password | b64enc | quote }}
+  {{- with .Values.postgresql.global.postgresql.auth }}
+  db-username: {{ .username | b64enc | quote }}
+  db-password: {{ .password | b64enc | quote }}
+  {{- end }}
   {{- else }}
-  db-username: {{ .Values.externalDatabase.user | b64enc | quote }}
-  db-password: {{ .Values.externalDatabase.password | b64enc | quote }}
+  {{- with .Values.externalDatabase }}
+  db-username: {{ .user | b64enc | quote }}
+  db-password: {{ .password | b64enc | quote }}
+  {{- end }}
   {{- end }}
 {{- end }}
 {{- end }}

charts/nextcloud/templates/deployment.yaml

@@ -299,20 +299,11 @@ spec:
             {{- toYaml .securityContext | nindent 12 }}
           {{- end }}
           env:
-            - name: MYSQL_USER
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
-                  key: {{ .Values.externalDatabase.existingSecret.usernameKey }}
-            - name: MYSQL_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
-                  key: {{ .Values.externalDatabase.existingSecret.passwordKey }}
+            {{- include "nextcloud.env.database" . | nindent 12 }}
           command:
             - "sh"
             - "-c"
-            - {{ printf "until mysql --host=%s-mariadb --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" .Release.Name }}
+            - {{ printf "until mysql --host=${MYSQL_HOST} --user=${MYSQL_USER} --password=${MYSQL_PASSWORD} --execute=\"SELECT 1;\"; do echo waiting for mysql; sleep 2; done;" }}
         {{- else if .Values.postgresql.enabled }}
         - name: postgresql-isready
           image: {{ coalesce .Values.global.image.registry .Values.postgresql.image.registry "docker.io"  }}/{{ .Values.postgresql.image.repository }}:{{ .Values.postgresql.image.tag }}
@@ -323,13 +314,7 @@ spec:
             {{- toYaml .securityContext | nindent 12 }}
           {{- end }}
           env:
-            - name: POSTGRES_USER
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.externalDatabase.existingSecret.secretName | default (printf "%s-db" .Release.Name) }}
-                  key: {{ .Values.externalDatabase.existingSecret.usernameKey }}
-            - name: POSTGRES_HOST
-              value: {{ template "postgresql.v1.primary.fullname" .Subcharts.postgresql }}
+            {{- include "nextcloud.env.database" . | nindent 12 }}
           command:
             - "sh"
             - "-c"

charts/nextcloud/values.yaml

@@ -468,11 +468,14 @@ externalDatabase:
   ## Use a existing secret
   existingSecret:
     enabled: false
-    # secretName: nameofsecret
+    # -- e.g. nameofsecret
+    secretName:
     usernameKey: db-username
     passwordKey: db-password
-    # hostKey: db-hostname-or-ip
-    # databaseKey: db-name
+    # -- e.g. db-hostname-or-ip
+    hostKey:
+    # -- e.g. db-name
+    databaseKey:
 
 ##
 ## MariaDB chart configuration
@@ -866,12 +869,13 @@ topologySpreadConstraints: []
 
 affinity: {}
 
-dnsConfig: {}
-# Custom dns config for Nextcloud containers.
-# You can for example configure ndots. This may be needed in some clusters with alpine images.
-# options:
-#   - name: ndots
-#     value: "1"
+dnsConfig:
+  # -- Custom dns config for Nextcloud containers.
+  # You can for example configure ndots. This may be needed in some clusters with alpine images.
+  # options:
+  #   - name: ndots
+  #     value: "1"
+  options: []
 
 imaginary:
   # -- Start Imgaginary