2025-09-30 10:12:27 +02:00
## ref: https://hub.docker.com/r/library/nextcloud/tags/
##
image :
repository : nextcloud
flavor : apache
tag :
pullPolicy : IfNotPresent
nameOverride : ""
fullnameOverride : ""
podAnnotations : {}
deploymentAnnotations : {}
deploymentLabels : {}
replicaCount : 2
ingress :
enabled : false
classname : nginx
annotations : {}
nginx.ingress.kubernetes.io/proxy-body-size : 4G
kubernetes.io/tls-acme : "true"
cert-manager.io/cluster-issuer : letsencrypt-prod
# Keep this in sync with the README.md:
nginx.ingress.kubernetes.io/server-snippet : |-
server_tokens off;
proxy_hide_header X-Powered-By;
rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
deny all;
}
#tls:
# - secretName: nextcloud-tls
# hosts:
# - nextcloud.darkstars.local
labels : {}
path : /
pathType : Prefix
lifecycle : {}
phpClientHttpsFix :
enabled : false
protocol : https
2025-09-30 10:06:29 +02:00
nextcloud :
2025-09-30 10:12:27 +02:00
host : nextcloud.darkstars.local
username : admin
password : changeme
existingSecret :
enabled : false
usernameKey : nextcloud-username
passwordKey : nextcloud-password
tokenKey : ""
smtpUsernameKey : smtp-username
smtpPasswordKey : smtp-password
smtpHostKey : smtp-host
update : 0
containerPort : 80
datadir : /var/www/html/data
persistence :
subPath :
trustedDomains : [ ]
mail :
enabled : false
fromAddress : user
domain : domain.com
smtp :
host : domain.com
secure : ssl
port : 465
authtype : LOGIN
name : user
password : pass
objectStore :
s3 :
enabled : false
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
accessKey : ""
# ignored if nextcloud.objectstore.s3.existingSecret is not empty string
secretKey : ""
# use legacy auth method
legacyAuth : false
# s3 endpoint to use; only required if you're not using AWS
host : ""
# use TLS/SSL for S3 connections
ssl : true
# default port that can be changed based on your object store, e.g. for minio, you can use 9000
port : "443"
# this is the default in the nextcloud docs
region : "eu-west-1"
# required if using s3, the name of the bucket you'd like to use
bucket : ""
# object prefix in bucket
prefix : ""
# set to true if you are not using DNS for your buckets.
usePathStyle : false
# autocreate the bucket
autoCreate : false
# optonal parameter: you probably want to keep this as default
storageClass : "STANDARD"
# server side encryption key. learn more: https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/primary_storage.html#s3-sse-c-encryption-support
sse_c_key : ""
# use an existingSecret for S3 credentials. If set, we ignore the following under nextcloud.objectStore.s3
# endpoint, accessKey, secretKey
existingSecret : ""
secretKeys :
# key in nextcloud.objectStore.s3.existingSecret to use for s3 endpoint
host : ""
# key in nextcloud.objectStore.s3.existingSecret to use for s3 accessKeyID
accessKey : ""
# key in nextcloud.objectStore.s3.existingSecret to use for s3 secretAccessKey
secretKey : ""
# key in nextcloud.objectStore.s3.existingSecret to use for the s3 bucket
bucket : ""
# key in nextcloud.objectStore.s3.existingSecret to use for the s3 sse_c_key
sse_c_key : ""
## options related to using Swift as a primary object storage
# https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/primary_storage.html#openstack-swift
swift :
enabled : false
# swift user info
user :
domain : "Default"
name : ""
password : ""
# swift project info
project :
name : ""
domain : "Default"
# The Identity / Keystone endpoint
url : ""
region : ""
# optional on some swift implementations
service : "swift"
# the container to store the data in
container : ""
# autocreate container
autoCreate : false
## PHP Configuration files
# Will be injected in /usr/local/etc/php/conf.d for apache image and in /usr/local/etc/php-fpm.d when nginx.enabled: true
phpConfigs : {}
## Default config files that utilize environment variables:
# see: https://github.com/nextcloud/docker/tree/master#auto-configuration-via-environment-variables
# IMPORTANT: Will be used only if you put extra configs, otherwise default will come from nextcloud itself
# Default confgurations can be found here: https://github.com/nextcloud/docker/tree/master/.config
defaultConfigs :
# To protect /var/www/html/config
.htaccess : true
# Apache configuration for rewrite urls
apache-pretty-urls.config.php : true
# Define APCu as local cache
apcu.config.php : true
# Apps directory configs
apps.config.php : true
# Used for auto configure database
autoconfig.php : true
# Redis default configuration
redis.config.php : true
# Reverse proxy default configuration
reverse-proxy.config.php : true
# S3 Object Storage as primary storage
s3.config.php : true
# SMTP default configuration via environment variables
smtp.config.php : true
# Swift Object Storage as primary storage
swift.config.php : true
# disables the web based updater as the default nextcloud docker image does not support it
upgrade-disable-web.config.php : true
# -- imaginary support config
imaginary.config.php : false
# Extra config files created in /var/www/html/config/
# ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#multiple-config-php-file
configs : {}
# For example, to enable image and text file previews:
# previews.config.php: |-
# <?php
# $CONFIG = array (
# 'enable_previews' => true,
# 'enabledPreviewProviders' => array (
# 'OC\Preview\Movie',
# 'OC\Preview\PNG',
# 'OC\Preview\JPEG',
# 'OC\Preview\GIF',
# 'OC\Preview\BMP',
# 'OC\Preview\XBitmap',
# 'OC\Preview\MP3',
# 'OC\Preview\MP4',
# 'OC\Preview\TXT',
# 'OC\Preview\MarkDown',
# 'OC\Preview\PDF'
# ),
# );
# Hooks for auto configuration
# Here you could write small scripts which are placed in `/docker-entrypoint-hooks.d/<hook-name>/helm.sh`
# ref: https://github.com/nextcloud/docker?tab=readme-ov-file#auto-configuration-via-hook-folders
hooks :
pre-installation :
post-installation :
pre-upgrade :
post-upgrade :
before-starting :
## Strategy used to replace old pods
## IMPORTANT: use with care, it is suggested to leave as that for upgrade purposes
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
strategy :
type : Recreate
# type: RollingUpdate
# rollingUpdate:
# maxSurge: 1
# maxUnavailable: 0
##
## Extra environment variables
extraEnv :
# - name: SOME_SECRET_ENV
# valueFrom:
# secretKeyRef:
# name: nextcloud
# key: secret_key
# Extra init containers that runs before pods start.
extraInitContainers : [ ]
# - name: do-something
# image: busybox
# command: ['do', 'something']
# Extra sidecar containers.
extraSidecarContainers : [ ]
# - name: nextcloud-logger
# image: busybox
# command: [/bin/sh, -c, 'while ! test -f "/run/nextcloud/data/nextcloud.log"; do sleep 1; done; tail -n+1 -f /run/nextcloud/data/nextcloud.log']
# volumeMounts:
# - name: nextcloud-data
# mountPath: /run/nextcloud/data
# Extra mounts for the pods. Example shown is for connecting a legacy NFS volume
# to NextCloud pods in Kubernetes. This can then be configured in External Storage
extraVolumes :
# - name: nfs
# nfs:
# server: "10.0.0.1"
# path: "/nextcloud_data"
# readOnly: false
extraVolumeMounts :
# - name: nfs
# mountPath: "/legacy_data"
# Set securityContext parameters for the nextcloud CONTAINER only (will not affect nginx container).
# For example, you may need to define runAsNonRoot directive
securityContext : {}
# runAsUser: 33
# runAsGroup: 33
# runAsNonRoot: true
# readOnlyRootFilesystem: false
# Set securityContext parameters for the entire pod. For example, you may need to define runAsNonRoot directive
podSecurityContext : {}
# runAsUser: 33
# runAsGroup: 33
# runAsNonRoot: true
# readOnlyRootFilesystem: false
# Settings for the MariaDB init container
mariaDbInitContainer :
resources : {}
# Set mariadb initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive
securityContext : {}
# Settings for the PostgreSQL init container
postgreSqlInitContainer :
resources : {}
# Set postgresql initContainer securityContext parameters. For example, you may need to define runAsNonRoot directive
securityContext : {}
nginx :
## You need to set an fpm version of the image for nextcloud if you want to use nginx!
enabled : false
2025-09-30 10:06:29 +02:00
image :
2025-09-30 10:12:27 +02:00
repository : nginx
tag : alpine
2025-09-30 10:06:29 +02:00
pullPolicy : IfNotPresent
2025-09-30 10:12:27 +02:00
containerPort : 80
# This configures nginx to listen on either IPv4, IPv6 or both
ipFamilies :
- IPv4
# - IPv6
config :
# This generates the default nginx config as per the nextcloud documentation
default : true
headers :
# -- HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
# Example:
# "Strict-Transport-Security": "max-age=15768000; includeSubDomains; preload;"
"Strict-Transport-Security": ""
"Referrer-Policy": "no-referrer"
"X-Content-Type-Options": "nosniff"
"X-Frame-Options": "SAMEORIGIN"
"X-Permitted-Cross-Domain-Policies": "none"
"X-Robots-Tag": "noindex, nofollow"
"X-XSS-Protection": "1; mode=block"
# Added in server block of default config.
serverBlockCustom : |
# set max upload size
client_max_body_size 10G;
client_body_timeout 300s;
fastcgi_buffers 64 4K;
fastcgi_read_timeout 3600s;
custom :
# custom: |-
# worker_processes 1;..
resources : {}
# Set nginx container securityContext parameters. For example, you may need to define runAsNonRoot directive
securityContext : {}
# the nginx alpine container default user is 82
# runAsUser: 82
# runAsGroup: 33
# runAsNonRoot: true
# readOnlyRootFilesystem: true
## Extra environment variables
extraEnv : [ ]
# - name: SOME_ENV
# value: ENV_VALUE
internalDatabase :
enabled : true
name : nextcloud
##
## External database configuration
##
externalDatabase :
enabled : false
## Supported database engines: mysql or postgresql
type : mysql
## Database host. You can optionally include a colon delimited port like "myhost:1234"
host : ""
## Database user
user : nextcloud
## Database password
password : ""
## Database name
database : nextcloud
## Use a existing secret
existingSecret :
enabled : false
# secretName: nameofsecret
usernameKey : db-username
passwordKey : db-password
# hostKey: db-hostname-or-ip
# databaseKey: db-name
global :
security :
# required for bitnamilegacy repos
allowInsecureImages : true
##
## MariaDB chart configuration
## ref: https://github.com/bitnami/charts/tree/main/bitnami/mariadb
##
mariadb :
## Whether to deploy a mariadb server from the bitnami mariab db helm chart
# to satisfy the applications database requirements. if you want to deploy this bitnami mariadb, set this and externalDatabase to true
# To use an ALREADY DEPLOYED mariadb database, set this to false and configure the externalDatabase parameters
enabled : false
image :
repository : bitnamilegacy/mariadb
# see: https://github.com/bitnami/charts/tree/main/bitnami/mariadb#global-parameters
global :
# overwrites the primary.persistence.storageClass value
defaultStorageClass : ""
auth :
database : nextcloud
username : nextcloud
2025-09-30 10:06:29 +02:00
password : changeme
2025-09-30 10:12:27 +02:00
# Use existing secret (auth.rootPassword, auth.password, and auth.replicationPassword will be ignored).
# secret must contain the keys mariadb-root-password, mariadb-replication-password and mariadb-password
existingSecret : ""
2025-09-30 10:06:29 +02:00
2025-09-30 10:12:27 +02:00
architecture : standalone
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
primary :
persistence :
enabled : false
# Use an existing Persistent Volume Claim (must be created ahead of time)
existingClaim : ""
storageClass : ""
accessMode : ReadWriteOnce
size : 8Gi
##
## PostgreSQL chart configuration
## for more options see https://github.com/bitnami/charts/tree/main/bitnami/postgresql
##
postgresql :
enabled : false
image :
repository : bitnamilegacy/postgresql
global :
postgresql :
# global.postgresql.auth overrides postgresql.auth
auth :
username : nextcloud
password : changeme
database : nextcloud
# Name of existing secret to use for PostgreSQL credentials.
# auth.postgresPassword, auth.password, and auth.replicationPassword will be ignored and picked up from this secret.
# secret might also contains the key ldap-password if LDAP is enabled.
# ldap.bind_password will be ignored and picked from this secret in this case.
existingSecret : ""
# Names of keys in existing secret to use for PostgreSQL credentials
secretKeys :
adminPasswordKey : ""
userPasswordKey : ""
replicationPasswordKey : ""
primary :
persistence :
enabled : false
# Use an existing Persistent Volume Claim (must be created ahead of time)
# existingClaim: ""
# storageClass: ""
##
## External Redis configuration
##
externalRedis :
enabled : false
## Redis host
host : ""
## Redis port
port : "6379"
## Redis password
password : ""
## Use a existing secret
existingSecret :
enabled : false
# secretName: nameofsecret
passwordKey : redis-password
##
## Redis chart configuration
## for more options see https://github.com/bitnami/charts/tree/main/bitnami/redis
##
redis :
enabled : false
image :
repository : bitnamilegacy/redis
auth :
2025-09-30 10:06:29 +02:00
enabled : true
2025-09-30 10:12:27 +02:00
password : "changeme"
# name of an existing secret with Redis® credentials (instead of auth.password), must be created ahead of time
existingSecret : ""
# Password key to be retrieved from existing secret
existingSecretPasswordKey : ""
# Since Redis is used for caching only, you might want to use a storageClass with different reclaim policy and backup settings
global :
2025-09-30 10:06:29 +02:00
storageClass : ""
2025-09-30 10:12:27 +02:00
master :
persistence :
enabled : true
replica :
persistence :
enabled : true
2025-09-30 10:06:29 +02:00
2025-09-30 10:12:27 +02:00
##
## Collabora chart configuration
## for more options see https://github.com/CollaboraOnline/online/tree/master/kubernetes/helm/collabora-online
##
collabora :
enabled : false
autoscaling :
# enable autocaling, please check collabora README.md first
enabled : false
collabora :
## HTTPS nextcloud domain, if needed
aliasgroups : [ ]
# - host: "https://nextcloud.domain:443"
# set extra parameters for collabora
# you may need to add --o:ssl.termination=true
extra_params : --o:ssl.enable=false
## Specify server_name when the hostname is not reachable directly for
# example behind reverse-proxy. example: collabora.domain
server_name : null
existingSecret :
# set to true to to get collabora admin credentials from an existin secret
# if set, ignores collabora.collabora.username and password
enabled : false
# name of existing Kubernetes Secret with collboara admin credentials
secretName : ""
usernameKey : "username"
passwordKey : "password"
2025-09-30 10:06:29 +02:00
2025-09-30 10:12:27 +02:00
# setup admin login credentials, these are ignored if
# collabora.collabora.existingSecret.enabled=true
password : examplepass
username : admin
# setup ingress
2025-09-30 10:06:29 +02:00
ingress :
2025-09-30 10:12:27 +02:00
# enable ingress for collabora online
2025-09-30 10:06:29 +02:00
enabled : false
2025-09-30 10:12:27 +02:00
className : ""
# please check collabora values.yaml for nginx/haproxy annotations examples
2025-09-30 10:06:29 +02:00
annotations : {}
hosts :
2025-09-30 10:12:27 +02:00
- host : chart-example.local
2025-09-30 10:06:29 +02:00
paths :
2025-09-30 10:12:27 +02:00
- path : /
pathType : ImplementationSpecific
2025-09-30 10:06:29 +02:00
tls : [ ]
2025-09-30 10:12:27 +02:00
# - secretName: collabora-ingress-tls
# hosts:
# - collabora.domain
2025-09-30 10:06:29 +02:00
2025-09-30 10:12:27 +02:00
# see collabora helm README.md for recommended values
resources : {}
2025-09-30 10:06:29 +02:00
2025-09-30 10:12:27 +02:00
## Cronjob to execute Nextcloud background tasks
## ref: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html#cron
##
cronjob :
2025-09-30 10:06:29 +02:00
enabled : false
2025-09-30 10:12:27 +02:00
# Either 'sidecar' or 'cronjob'
type : sidecar
# Runs crond as a sidecar container in the Nextcloud pod
# Note: crond requires root
sidecar :
## Cronjob sidecar resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources : {}
# Allow configuration of lifecycle hooks
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
lifecycle : {}
# lifecycle:
# postStartCommand: []
# preStopCommand: []
# Set securityContext parameters. For example, you may need to define runAsNonRoot directive
securityContext : {}
# runAsUser: 33
# runAsGroup: 33
# runAsNonRoot: true
# readOnlyRootFilesystem: true
# The command the cronjob container executes.
command :
- /cron.sh
# Uses a Kubernetes CronJob to execute the Nextcloud cron tasks
# Note: can run as non-root user. Should run as same user as the Nextcloud pod.
cronjob :
# Use a CronJob instead of crond sidecar container
# crond does not work when not running as root user
# Note: requires `persistence.enabled=true`
schedule : "*/5 * * * *"
successfulJobsHistoryLimit : 3
failedJobsHistoryLimit : 5
labels : {}
annotations : {}
backoffLimit : 1
affinity : {}
# Often RWO volumes are used. But the cronjob pod needs access to the same volume as the nextcloud pod.
# Depending on your provider two pods on the same node can still access the same volume.
# Following config ensures that the cronjob pod is scheduled on the same node as the nextcloud pod.
# affinity:
# podAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# - labelSelector:
# matchExpressions:
# - key: app.kubernetes.io/name
# operator: In
# values:
# - nextcloud
# - key: app.kubernetes.io/component
# operator: In
# values:
# - app
# topologyKey: kubernetes.io/hostname
## Resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources : {}
# Allow configuration of lifecycle hooks
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
# Set securityContext parameters. For example, you may need to define runAsNonRoot directive
securityContext : {}
# runAsUser: 33
# runAsGroup: 33
# runAsNonRoot: true
# readOnlyRootFilesystem: true
# The command to run in the cronjob container
# Example to incerase memory limit: php -d memory_limit=2G ...
command :
- php
- -f
- /var/www/html/cron.php
- --
- --verbose
service :
type : ClusterIP
port : 8080
loadBalancerIP : ""
nodePort :
# -- use additional annotation on service for nextcloud
annotations : {}
# -- Set this to "ClientIP" to make sure that connections from the same client
# are passed to the same Nextcloud pod each time.
sessionAffinity : ""
sessionAffinityConfig : {}
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence :
# Nextcloud Data (/var/www/html)
2025-09-30 10:06:29 +02:00
enabled : false
2025-09-30 10:12:27 +02:00
annotations : {}
## nextcloud data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
accessMode : ReadWriteOnce
size : 8Gi
## Use an additional pvc for the data directory rather than a subpath of the default PVC
## Useful to store data on a different storageClass (e.g. on slower disks)
nextcloudData :
enabled : false
subPath :
annotations : {}
# storageClass: "-"
# existingClaim:
accessMode : ReadWriteOnce
size : 8Gi
2025-09-30 10:06:29 +02:00
2025-09-30 10:12:27 +02:00
resources : {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# resources:
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## Liveness and readiness probe values
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe :
enabled : true
initialDelaySeconds : 10
periodSeconds : 10
timeoutSeconds : 5
failureThreshold : 3
successThreshold : 1
readinessProbe :
enabled : true
initialDelaySeconds : 10
periodSeconds : 10
timeoutSeconds : 5
failureThreshold : 3
successThreshold : 1
startupProbe :
enabled : false
2025-09-30 10:06:29 +02:00
initialDelaySeconds : 30
periodSeconds : 10
timeoutSeconds : 5
2025-09-30 10:12:27 +02:00
failureThreshold : 30
successThreshold : 1
## Enable pod autoscaling using HorizontalPodAutoscaler
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
##
hpa :
enabled : false
cputhreshold : 60
minPods : 1
maxPods : 10
nodeSelector : {}
tolerations : [ ]
affinity : {}
dnsConfig : {}
# Custom dns config for Nextcloud containers.
# You can for example configure ndots. This may be needed in some clusters with alpine images.
# options:
# - name: ndots
# value: "1"
imaginary :
# -- Start Imgaginary
enabled : false
# -- Number of imaginary pod replicas to deploy
replicaCount : 1
image :
# -- Imaginary image registry
registry : docker.io
# -- Imaginary image name
repository : h2non/imaginary
# -- Imaginary image tag
tag : 1.2 .4
# -- Imaginary image pull policy
pullPolicy : IfNotPresent
# -- Imaginary image pull secrets
pullSecrets : [ ]
# -- Additional annotations for imaginary
podAnnotations : {}
# -- Additional labels for imaginary
podLabels : {}
# -- Imaginary pod nodeSelector
nodeSelector : {}
# -- Imaginary pod tolerations
tolerations : [ ]
# -- imaginary resources
resources : {}
# -- Optional security context for the Imaginary container
securityContext :
runAsUser : 1000
runAsNonRoot : true
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - ALL
# -- Optional security context for the Imaginary pod (applies to all containers in the pod)
podSecurityContext : {}
# runAsNonRoot: true
# seccompProfile:
# type: RuntimeDefault
readinessProbe :
enabled : true
failureThreshold : 3
successThreshold : 1
periodSeconds : 10
timeoutSeconds : 1
livenessProbe :
enabled : true
failureThreshold : 3
successThreshold : 1
periodSeconds : 10
timeoutSeconds : 1
service :
# -- Imaginary: Kubernetes Service type
type : ClusterIP
# -- Imaginary: LoadBalancerIp for service type LoadBalancer
loadBalancerIP :
# -- Imaginary: NodePort for service type NodePort
nodePort :
# -- Additional annotations for service imaginary
annotations : {}
# -- Additional labels for service imaginary
labels : {}
## Prometheus Exporter / Metrics
##
metrics :
enabled : false
replicaCount : 1
# Optional: becomes NEXTCLOUD_SERVER env var in the nextcloud-exporter container.
# Without it, we will use the full name of the nextcloud service
server : ""
# The metrics exporter needs to know how you serve Nextcloud either http or https
https : false
# Use API token if set, otherwise fall back to password authentication
# https://github.com/xperimental/nextcloud-exporter#token-authentication
# Currently you still need to set the token manually in your nextcloud install
token : ""
timeout : 5s
# if set to true, exporter skips certificate verification of Nextcloud server.
tlsSkipVerify : false
info :
# Optional: becomes NEXTCLOUD_INFO_APPS env var in the nextcloud-exporter container.
# Enables gathering of apps-related metrics. Defaults to false
apps : false
update : false
image :
repository : xperimental/nextcloud-exporter
tag : 0.8 .0
pullPolicy : IfNotPresent
# pullSecrets:
# - myRegistrKeySecretName
## Metrics exporter resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources : {}
# -- Metrics exporter pod Annotation
podAnnotations : {}
# -- Metrics exporter pod Labels
podLabels : {}
# -- Metrics exporter pod nodeSelector
nodeSelector : {}
# -- Metrics exporter pod tolerations
tolerations : [ ]
# -- Metrics exporter pod affinity
affinity : {}
service :
type : ClusterIP
# Use serviceLoadBalancerIP to request a specific static IP,
# otherwise leave blank
loadBalancerIP :
annotations :
prometheus.io/scrape : "true"
prometheus.io/port : "9205"
labels : {}
# -- security context for the metrics CONTAINER in the pod
securityContext :
runAsUser : 1000
runAsNonRoot : true
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - ALL
# -- security context for the metrics POD
podSecurityContext : {}
# runAsNonRoot: true
# seccompProfile:
# type: RuntimeDefault
## Prometheus Operator ServiceMonitor configuration
##
serviceMonitor :
## @param metrics.serviceMonitor.enabled Create ServiceMonitor Resource for scraping metrics using PrometheusOperator
##
enabled : false
## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
##
namespace : ""
## @param metrics.serviceMonitor.namespaceSelector The selector of the namespace where the target service is located (defaults to the release namespace)
namespaceSelector :
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
##
jobLabel : ""
## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
##
interval : 30s
## @param metrics.serviceMonitor.scrapeTimeout Specify the timeout after which the scrape is ended
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
##
scrapeTimeout : ""
## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
##
labels : {}
rules :
# -- Deploy Prometheus Rules (Alerts) for the exporter
# @section -- Metrics
enabled : false
# -- Label on Prometheus Rules CRD Manifest
# @section -- Metrics
labels : {}
defaults :
# -- Add Default Rules
# @section -- Metrics
enabled : true
# -- Label on the rules (the severity is already set)
# @section -- Metrics
labels : {}
# -- Filter on metrics on alerts (default just for this helm-chart)
# @section -- Metrics
filter : ""
# -- Add own Rules to Prometheus Rules
# @section -- Metrics
additionalRules : [ ]
rbac :
enabled : false
serviceaccount :
create : true
name : nextcloud-serviceaccount
annotations : {}
## @param securityContext for nextcloud pod @deprecated Use `nextcloud.podSecurityContext` instead
securityContext : {}
