diff --git a/nextcloud-aio-helm-chart/Chart.yaml b/nextcloud-aio-helm-chart/Chart.yaml index a81e99618b5..baa9ad85c54 100755 --- a/nextcloud-aio-helm-chart/Chart.yaml +++ b/nextcloud-aio-helm-chart/Chart.yaml @@ -1,6 +1,6 @@ name: nextcloud-aio-helm-chart description: A generated Helm Chart for Nextcloud AIO from Skippbox Kompose -version: 7.13.0 +version: 7.13.1 apiVersion: v2 keywords: - latest diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml index 542920db2f6..155eb5a8fdc 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-apache-deployment.yaml @@ -13,6 +13,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-apache + strategy: + type: Recreate template: metadata: annotations: @@ -59,13 +61,17 @@ spec: value: nextcloud-aio-talk - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-apache:20240228_172209-latest + image: nextcloud/aio-apache:20240308_092935-latest name: nextcloud-aio-apache ports: - containerPort: {{ .Values.APACHE_PORT }} protocol: TCP - containerPort: {{ .Values.APACHE_PORT }} protocol: UDP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /var/www/html name: nextcloud-aio-nextcloud diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml index 8d95fc48325..6f1426da071 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-clamav-deployment.yaml @@ -14,6 +14,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-clamav + strategy: + type: Recreate template: metadata: annotations: @@ -50,11 +52,15 @@ spec: value: "90" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-clamav:20240228_172209-latest + image: nextcloud/aio-clamav:20240308_092935-latest name: nextcloud-aio-clamav ports: - containerPort: 3310 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /var/lib/clamav subPath: data diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml index 93b75ffc367..490810cad58 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-collabora-deployment.yaml @@ -37,7 +37,7 @@ spec: value: --o:ssl.enable=false --o:ssl.termination=true --o:mount_jail_tree=false --o:logging.level=warning --o:home_mode.enable=true {{ .Values.COLLABORA_SECCOMP_POLICY }} --o:remote_font_config.url=https://{{ .Values.NC_DOMAIN }}/apps/richdocuments/settings/fonts.json - name: server_name value: "{{ .Values.NC_DOMAIN }}" - image: nextcloud/aio-collabora:20240228_172209-latest + image: nextcloud/aio-collabora:20240308_092935-latest name: nextcloud-aio-collabora ports: - containerPort: 9980 @@ -46,4 +46,6 @@ spec: capabilities: add: - MKNOD + drop: + - NET_RAW {{- end }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml index 24c89b76377..2e7cf200693 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-database-deployment.yaml @@ -13,6 +13,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-database + strategy: + type: Recreate template: metadata: annotations: @@ -61,11 +63,15 @@ spec: value: nextcloud - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-postgresql:20240228_172209-latest + image: nextcloud/aio-postgresql:20240308_092935-latest name: nextcloud-aio-database ports: - containerPort: 5432 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /var/lib/postgresql/data subPath: data diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml index a4bbf35a943..7cecee06651 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-fulltextsearch-deployment.yaml @@ -14,6 +14,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-fulltextsearch + strategy: + type: Recreate template: metadata: annotations: @@ -55,11 +57,15 @@ spec: value: basic - name: xpack.security.enabled value: "false" - image: nextcloud/aio-fulltextsearch:20240228_172209-latest + image: nextcloud/aio-fulltextsearch:20240308_092935-latest name: nextcloud-aio-fulltextsearch ports: - containerPort: 9200 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /usr/share/elasticsearch/data name: nextcloud-aio-elasticsearch diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml index d1954b2489b..f289a8f3ba1 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-imaginary-deployment.yaml @@ -27,7 +27,7 @@ spec: - env: - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-imaginary:20240228_172209-latest + image: nextcloud/aio-imaginary:20240308_092935-latest name: nextcloud-aio-imaginary ports: - containerPort: 9000 @@ -36,4 +36,6 @@ spec: capabilities: add: - SYS_NICE + drop: + - NET_RAW {{- end }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml index ef732d86b4c..37f54753806 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-namespace-namespace.yaml @@ -1,5 +1,7 @@ +{{- if ne .Values.NAMESPACE "default" }} apiVersion: v1 kind: Namespace metadata: name: "{{ .Values.NAMESPACE }}" namespace: "{{ .Values.NAMESPACE }}" +{{- end }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml index 3dc92052e3d..8df1b622a54 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml @@ -13,6 +13,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-nextcloud + strategy: + type: Recreate template: metadata: annotations: @@ -158,13 +160,17 @@ spec: value: "{{ .Values.TIMEZONE }}" - name: UPDATE_NEXTCLOUD_APPS value: "{{ .Values.UPDATE_NEXTCLOUD_APPS }}" - image: nextcloud/aio-nextcloud:20240228_172209-latest + image: nextcloud/aio-nextcloud:20240308_092935-latest name: nextcloud-aio-nextcloud ports: - containerPort: 9000 protocol: TCP - containerPort: 9001 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /var/www/html name: nextcloud-aio-nextcloud diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml index 1437caf8491..9ac50221415 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-notify-push-deployment.yaml @@ -13,6 +13,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-notify-push + strategy: + type: Recreate template: metadata: annotations: @@ -50,11 +52,15 @@ spec: value: nextcloud-aio-redis - name: REDIS_HOST_PASSWORD value: "{{ .Values.REDIS_PASSWORD }}" - image: nextcloud/aio-notify-push:20240228_172209-latest + image: nextcloud/aio-notify-push:20240308_092935-latest name: nextcloud-aio-notify-push ports: - containerPort: 7867 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /nextcloud name: nextcloud-aio-nextcloud diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml index 159e464d418..ff74f06dfc0 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-onlyoffice-deployment.yaml @@ -14,6 +14,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-onlyoffice + strategy: + type: Recreate template: metadata: annotations: @@ -43,11 +45,15 @@ spec: value: "{{ .Values.ONLYOFFICE_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-onlyoffice:20240228_172209-latest + image: nextcloud/aio-onlyoffice:20240308_092935-latest name: nextcloud-aio-onlyoffice ports: - containerPort: 80 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /var/lib/onlyoffice name: nextcloud-aio-onlyoffice diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml index 5985bd54040..2724b13b186 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-redis-deployment.yaml @@ -13,6 +13,8 @@ spec: selector: matchLabels: io.kompose.service: nextcloud-aio-redis + strategy: + type: Recreate template: metadata: annotations: @@ -38,11 +40,15 @@ spec: value: "{{ .Values.REDIS_PASSWORD }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-redis:20240228_172209-latest + image: nextcloud/aio-redis:20240308_092935-latest name: nextcloud-aio-redis ports: - containerPort: 6379 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW volumeMounts: - mountPath: /data name: nextcloud-aio-redis diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml index 36925eaf613..343fc026edd 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-deployment.yaml @@ -37,7 +37,7 @@ spec: value: "{{ .Values.TURN_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-talk:20240228_172209-latest + image: nextcloud/aio-talk:20240308_092935-latest name: nextcloud-aio-talk ports: - containerPort: {{ .Values.TALK_PORT }} @@ -46,4 +46,8 @@ spec: protocol: UDP - containerPort: 8081 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW {{- end }} diff --git a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml index 145a3cc24da..d79b2df6e04 100755 --- a/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml +++ b/nextcloud-aio-helm-chart/templates/nextcloud-aio-talk-recording-deployment.yaml @@ -33,9 +33,13 @@ spec: value: "{{ .Values.RECORDING_SECRET }}" - name: TZ value: "{{ .Values.TIMEZONE }}" - image: nextcloud/aio-talk-recording:20240228_172209-latest + image: nextcloud/aio-talk-recording:20240308_092935-latest name: nextcloud-aio-talk-recording ports: - containerPort: 1234 protocol: TCP + securityContext: + capabilities: + drop: + - NET_RAW {{- end }}