Initial release with linuxserver image

class/defaults.yml

@@ -4,58 +4,33 @@ parameters:
 
     namespace: syn-nextcloud
 
-    charts:
+    images:
       nextcloud:
-        source: https://nextcloud.github.io/helm
-        version: v4.1.0
-
-    admin:
-      user: admin
-      password: changeme
-
-    ingress:
-      host: nextcloud.kube.home
-
-    mail:
-      enabled: false
-      fromAddress: user
-      domain: domain.com
-      smtp:
-        host: domain.com
-        secure: ssl
-        port: 465
-        authtype: LOGIN
-        name: user
-        password: pass
-
-    storage:
-      enabled: true
-      storageClass: null
-      accessMode: ReadWriteOnce
-      size: 10Gi
-      nextcloudData:
-        enabled: true
-        size: 50Gi
-
-    resources:
-      requests:
-        cpu: 100m
-        memory: 128Mi
-      limits:
-        cpu: 100m
-        memory: 128Mi
-
-    helmValues:
-      nextcloud:
-        host: ${nextcloud:ingress:host}
-        username: ${nextcloud:admin:user}
-        passowrd: ${nextcloud:admin:password}
-        mail: ${nextcloud:mail}
-      cronjob:
-        enabled: true
-      persistence: ${nextcloud:storage}
-      resources: ${nextcloud:resources}
-      metrics:
-        enabled: false
-        serviceMonitor:
-          enabled: true
+        registry: docker.io
+        repository: linuxserver/nextcloud
+        tag: 27.0.2
+
+    database:
+      type: cockroach
+      spec:
+        nodes: 3
+        storage:
+          accessMode: ReadWriteOnce
+          storageClass: ''
+          size: 1Gi
+
+    redis:
+      type: replication
+      spec:
+        nodes: 3
+        storage:
+          accessMode: ReadWriteOnce
+          storageClass: ''
+          size: 1Gi
+    # replicaCount: 1
+
+    # resources: {}
+
+    # secrets: {}
+
+#ALTER DATABASE nextcloud SET serial_normalization = virtual_sequence

class/nextcloud.yml

@@ -1,11 +1,5 @@
 parameters:
   kapitan:
-    dependencies:
-      - type: helm
-        source: ${nextcloud:charts:nextcloud:source}
-        chart_name: nextcloud
-        version: ${nextcloud:charts:nextcloud:version}
-        output_path: ${_base_directory}/helmcharts/nextcloud/${nextcloud:charts:nextcloud:version}/
     compile:
       - input_paths:
           - ${_base_directory}/component/app.jsonnet
@@ -15,19 +9,11 @@ parameters:
           - ${_base_directory}/component/main.jsonnet
         input_type: jsonnet
         output_path: nextcloud/
-      # Helmchart
       - input_paths:
-          - ${_base_directory}/helmcharts/nextcloud/${nextcloud:charts:nextcloud:version}
-        input_type: helm
-        output_path: nextcloud/10_helmchart
-        helm_values: ${nextcloud:helmValues}
-        helm_params:
-          name: nextcloud
-          namespace: ${nextcloud:namespace}
-          dependency_update: true
-  commodore:
-    postprocess:
-      filters:
-        - type: jsonnet
-          path: nextcloud/10_helmchart/nextcloud/templates
-          filter: postprocess/patch_labels.jsonnet
+          - ${_base_directory}/component/database.jsonnet
+        input_type: jsonnet
+        output_path: nextcloud/
+      - input_paths:
+          - ${_base_directory}/component/redis.jsonnet
+        input_type: jsonnet
+        output_path: nextcloud/

component/database.jsonnet

@@ -0,0 +1,22 @@
+// main template for nextcloud
+local crdb = import 'lib/cockroach-operator.libsonnet';
+local kap = import 'lib/kapitan.libjsonnet';
+local kube = import 'lib/kube.libjsonnet';
+local prom = import 'lib/prometheus.libsonnet';
+local inv = kap.inventory();
+// The hiera parameters for the component
+local params = inv.parameters.nextcloud;
+
+local hasPrometheus = std.member(inv.applications, 'prometheus');
+local hasOperator = std.member(inv.applications, 'cockroach-operator');
+
+
+// CockroachDB
+
+local cockroachdb = crdb.database('database', params.namespace, params.database.spec);
+
+
+// Define outputs below
+{
+  '10_database': cockroachdb,
+}

component/main.jsonnet

@@ -5,17 +5,100 @@ local prom = import 'lib/prometheus.libsonnet';
 local inv = kap.inventory();
 // The hiera parameters for the component
 local params = inv.parameters.nextcloud;
+local appName = 'nextcloud';
 local hasPrometheus = std.member(inv.applications, 'prometheus');
 
 local namespace = kube.Namespace(params.namespace) {
-//   metadata+: {
-//     labels+: {
-//       'pod-security.kubernetes.io/enforce': 'restricted',
-//     },
-//   },
+  //   metadata+: {
+  //     labels+: {
+  //       'pod-security.kubernetes.io/enforce': 'restricted',
+  //     },
+  //   },
 };
 
+
+// PersistentVolumeClaims
+
+local pvc = [
+  kube.PersistentVolumeClaim(appName + '-config') {
+    storage: '10Gi',
+    storageClass: 'ceph-block',
+  },
+  kube.PersistentVolumeClaim(appName + '-data') {
+    storage: '10Gi',
+    storageClass: 'ceph-block',
+  },
+];
+
+
+// Secrets
+local secrets = [
+  kube.Secret(name) {
+    data_:: params.secrets[name],
+  }
+  for name in std.objectFields(params.secrets)
+];
+
+// Deployment
+
+local deployment = kube.Deployment(appName) {
+  spec+: {
+    replicas: params.replicaCount,
+    template+: {
+      spec+: {
+        serviceAccountName: 'default',
+        // securityContext: {
+        //   seccompProfile: { type: 'RuntimeDefault' },
+        // },
+        containers_:: {
+          default: kube.Container(appName) {
+            image: '%(registry)s/%(repository)s:%(tag)s' % params.images.nextcloud,
+            env_:: {
+              PUID: 1000,
+              PGID: 1000,
+              TZ: 'Etc/UTC',
+            },
+            ports_:: {
+              http: { containerPort: 80 },
+            },
+            resources: params.resources,
+            // securityContext: {
+            //   allowPrivilegeEscalation: false,
+            //   capabilities: { drop: [ 'ALL' ] },
+            // },
+            volumeMounts_:: {
+              config: { mountPath: '/config' },
+              data: { mountPath: '/data' },
+            } + {
+              ['secret-' + s.metadata.name]: { mountPath: '/secrets/' + s.metadata.name }
+              for s in secrets
+            },
+            // livenessProbe: {
+            //   httpGet: {
+            //     scheme: 'HTTP',
+            //     port: 'http',
+            //     path: '/-/healthy',
+            //   },
+            // },
+          },
+        },
+        volumes_:: {
+          config: kube.PersistentVolumeClaimVolume(pvc[0]),
+          data: kube.PersistentVolumeClaimVolume(pvc[1]),
+        } + {
+          ['secret-' + s.metadata.name]: kube.SecretVolume(s)
+          for s in secrets
+        },
+      },
+    },
+  },
+};
+
+
 // Define outputs below
 {
   '00_namespace': if hasPrometheus then prom.RegisterNamespace(namespace) else namespace,
+  //   '10_pvc': pvc,
+  //   '10_deployment': deployment,
+  //   '20_secrets': secrets,
 }

component/redis.jsonnet

@@ -0,0 +1,22 @@
+// main template for nextcloud
+local kap = import 'lib/kapitan.libjsonnet';
+local kube = import 'lib/kube.libjsonnet';
+local prom = import 'lib/prometheus.libsonnet';
+local redis = import 'lib/redis-operator.libsonnet';
+local inv = kap.inventory();
+// The hiera parameters for the component
+local params = inv.parameters.nextcloud;
+
+local hasPrometheus = std.member(inv.applications, 'prometheus');
+local hasOperator = std.member(inv.applications, 'redis-operator');
+
+
+// CockroachDB
+
+local replication = redis.replication('redis', params.namespace, params.redis.spec);
+
+
+// Define outputs below
+{
+  '10_redis': replication,
+}

tests/defaults.yml

@@ -1,4 +1,6 @@
 applications:
+  - cockroach-operator
+  - redis-operator
   - prometheus
 
 parameters:
@@ -7,6 +9,36 @@ parameters:
       - type: https
         source: https://raw.githubusercontent.com/projectsyn/component-prometheus/master/lib/prometheus.libsonnet
         output_path: vendor/lib/prometheus.libsonnet
+      - type: https
+        source: https://raw.githubusercontent.com/tegridy-io/component-cockroach-operator/master/lib/cockroach-operator.libsonnet
+        output_path: vendor/lib/cockroach-operator.libsonnet
+      - type: https
+        source: https://raw.githubusercontent.com/tegridy-io/component-redis-operator/feat/add-redis-lib/lib/redis-operator.libsonnet
+        output_path: vendor/lib/redis-operator.libsonnet
+
+  cockroach_operator:
+    images:
+      cockroach:
+        registry: docker.io
+        repository: cockroachdb/cockroach
+        tag: v23.1.8
+
+  redis_operator:
+    images:
+      redis:
+        registry: quay.io
+        repository: opstree/redis
+        tag: v7.0.12
+      sentinel:
+        registry: quay.io
+        repository: opstree/redis-sentinel
+        tag: v7.0.12
+      exporter:
+        registry: quay.io
+        repository: opstree/redis-exporter
+        tag: v1.48.0
 
   prometheus:
     defaultInstance: system
+
+  # nextcloud:

tests/golden/defaults/nextcloud/nextcloud/10_database.yaml

@@ -0,0 +1,37 @@
+apiVersion: crdb.cockroachlabs.com/v1alpha1
+kind: CrdbCluster
+metadata:
+  annotations: {}
+  labels:
+    app.kubernetes.io/component: database
+    app.kubernetes.io/managed-by: commodore
+    app.kubernetes.io/name: database
+    name: database
+  name: database
+  namespace: syn-nextcloud
+spec:
+  affinity:
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        - labelSelector:
+            matchExpressions:
+              - key: app.kubernetes.io/name
+                operator: In
+                values:
+                  - database
+          topologyKey: kubernetes.io/hostname
+  dataStore:
+    pvc:
+      spec:
+        accessModes:
+          - ReadWriteOnce
+        resources:
+          requests:
+            storage: 1Gi
+        storageClassName: ''
+        volumeMode: Filesystem
+  image:
+    name: docker.io/cockroachdb/cockroach:v23.1.8
+    pullPolicy: IfNotPresent
+  nodes: 3
+  tlsEnabled: true