Merge pull request #409 from jonathansmith9485/397/bug/helm_chart_correction

DioCrafts · web-flow · commit 41356b649041 · 2026-05-31T12:24:52.000+02:00
FIX : bug 397 add: helm chart changes
diff --git a/charts/oxicloud/Chart.lock b/charts/oxicloud/Chart.lock
diff --git a/charts/oxicloud/Chart.yaml b/charts/oxicloud/Chart.yaml
@@ -5,10 +5,4 @@ description: |
   Ultra-fast, secure & lightweight self-hosted cloud storage — your files, photos, calendars & contacts, all in one place. Built in Rust.
 type: application
 version: 0.1.0
-appVersion: "0.5.2"
-
-dependencies:
-  - name: postgresql
-    version: 18.5.6
-    repository: https://charts.bitnami.com/bitnami
-    condition: postgresql.enabled
+appVersion: "0.5.6"
diff --git a/charts/oxicloud/templates/configmap.yaml b/charts/oxicloud/templates/configmap.yaml
@@ -6,9 +6,7 @@ metadata:
 data:
   OXICLOUD_SERVER_PORT: {{ .Values.config.server.port | quote }}
   OXICLOUD_SERVER_HOST: {{ .Values.config.server.host | quote }}
-  {{- if .Values.config.server.baseUrl }}
   OXICLOUD_BASE_URL: {{ .Values.config.server.baseUrl | quote }}
-  {{- end }}
   OXICLOUD_ENABLE_AUTH: {{ .Values.config.features.enableAuth | quote }}
   OXICLOUD_ENABLE_FILE_SHARING: {{ .Values.config.features.enableSharing | quote }}
   MIMALLOC_PURGE_DELAY: {{ .Values.config.mimalloc.purgeDelay | quote }}
diff --git a/charts/oxicloud/templates/secret.yaml b/charts/oxicloud/templates/secret.yaml
@@ -11,11 +11,16 @@ data:
   {{- if .Values.secrets.jwtSecret }}
   OXICLOUD_JWT_SECRET: {{ .Values.secrets.jwtSecret | b64enc | quote }}
   {{- end }}
-  {{- if .Values.postgresql.enabled }}
-  DB_PASSWORD: {{ .Values.postgresql.auth.password | b64enc | quote }}
-  {{- end }}
   {{- if .Values.wopi.enabled }}
-  WOPI_ADMIN_USERNAME: {{ .Values.wopi.collabora.admin.username | b64enc | quote }}
-  WOPI_ADMIN_PASSWORD: {{ .Values.wopi.collabora.admin.password | b64enc | quote }}
+  {{- /* Existing secret retrieval to keep same password during upgrade */-}}
+  {{- $secretName := printf "%s-secret" (include "oxicloud.fullname" .) }}
+  {{- $existingSecret := lookup "v1" "Secret" .Release.Namespace $secretName }}
+  {{- $password := "" }}
+  {{- if and $existingSecret (hasKey $existingSecret.data "WOPI_ADMIN_PASSWORD") }}
+    {{- $password = index $existingSecret.data "WOPI_ADMIN_PASSWORD" }}
+  {{- else }}
+    {{- $password = .Values.wopi.collabora.admin.password | default (randAlphaNum 20) | b64enc }}
+  {{- end }}
+  WOPI_ADMIN_PASSWORD: {{ $password | quote }}
   {{- end }}
 {{- end }}
diff --git a/charts/oxicloud/templates/statefulset.yaml b/charts/oxicloud/templates/statefulset.yaml
@@ -15,8 +15,12 @@ spec:
       labels:
         {{- include "oxicloud.selectorLabels" . | nindent 8 }}
     spec:
+      {{- if and .Values.persistence.enabled .Values.persistence.fsGroup }}
+      securityContext:
+        fsGroup: {{ .Values.persistence.fsGroup }}
+      {{- end }}
       containers:
-        - name: oxicloud
+        - name: oxicloud-app
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           ports:
@@ -26,19 +30,13 @@ spec:
           envFrom:
             - configMapRef:
                 name: {{ include "oxicloud.fullname" . }}-config
-            - secretRef:
-                name: {{ if .Values.secrets.existingSecret }}{{ .Values.secrets.existingSecret }}{{ else }}{{ include "oxicloud.fullname" . }}-secret{{ end }}
+          {{- if .Values.envs }}
           env:
-            - name: DB_PASSWORD
-              valueFrom:
-                secretKeyRef:
-                  name: {{ if .Values.secrets.existingSecret }}{{ .Values.secrets.existingSecret }}{{ else }}{{ include "oxicloud.fullname" . }}-secret{{ end }}
-                  key: DB_PASSWORD
-            - name: OXICLOUD_DB_CONNECTION_STRING
-              value: "postgres://{{ .Values.postgresql.auth.username }}:$(DB_PASSWORD)@{{ .Release.Name }}-postgresql/{{ .Values.postgresql.auth.database }}"
+            {{- toYaml .Values.envs | nindent 12 }}
+          {{- end }}
           volumeMounts:
             - name: storage-data
-              mountPath: /app/storage
+              mountPath: {{ .Values.persistence.mountPath | default "/app/storage" }}
       {{- if not .Values.persistence.enabled }}
       volumes:
         - name: storage-data
diff --git a/charts/oxicloud/templates/wopi-deployment.yaml b/charts/oxicloud/templates/wopi-deployment.yaml
@@ -40,10 +40,7 @@ spec:
             - name: extra_params
               value: {{ .Values.wopi.collabora.extraParams | quote }}
             - name: username
-              valueFrom:
-                secretKeyRef:
-                  name: {{ if .Values.secrets.existingSecret }}{{ .Values.secrets.existingSecret }}{{ else }}{{ include "oxicloud.fullname" . }}-secret{{ end }}
-                  key: WOPI_ADMIN_USERNAME
+              value: admin
             - name: password
               valueFrom:
                 secretKeyRef:
diff --git a/charts/oxicloud/values.yaml b/charts/oxicloud/values.yaml
@@ -2,20 +2,19 @@
 replicaCount: 1
 
 image:
-  repository: oxicloud
+  repository: diocrafts/oxicloud
   pullPolicy: IfNotPresent
-  tag: "latest"
+  tag: "0.5.6"
+
+# cf : https://github.com/AtalayaLabs/OxiCloud/blob/main/example.env
+envs:
+  - name: OXICLOUD_DB_CONNECTION_STRING
+    value: "postgres://postgres:postgres@postgres/oxicloud"
+  - name: OXICLOUD_STORAGE_PATH
+    value: /app/storage
+  - name: OXICLOUD_STATIC_PATH
+    value: /app/static
 
-postgresql:
-  enabled: true
-  auth:
-    username: postgres
-    password: "change_me_in_production"
-    database: oxicloud
-  primary:
-    persistence:
-      enabled: true
-      size: 8Gi
 
 config:
   server:
@@ -47,23 +46,16 @@ wopi:
       port: 9980
     admin:
       username: admin
-      password: "wopi_admin_password"
     # In production behind an ingress, you'd likely enable SSL termination.
     extraParams: "--o:ssl.enable=false --o:ssl.termination=false --o:net.frame_ancestors=http://* https://*"
 
-secrets:
-  # If existingSecret is set, the chart will NOT create a Secret and will use this one instead.
-  existingSecret: ""
-  jwtSecret: ""
-  oidcClientSecret: ""
-
 service:
   type: ClusterIP
   port: 8086
 
 ingress:
   enabled: true
-  className: "nginx" # Adjust to your ingress controller (e.g., traefik)
+  className: "traefik" # Adjust to your ingress controller (e.g., traefik)
   annotations: {}
   hosts:
     - host: cloud.example.com
@@ -73,4 +65,4 @@ ingress:
   tls: []
   #  - secretName: oxicloud-tls
   #    hosts:
-  #      - cloud.example.com
+  #      - cloud.example.com
diff --git a/docs/guide/installation.md b/docs/guide/installation.md
@@ -70,6 +70,8 @@ cargo run --release
 `OXICLOUD_DB_CONNECTION_STRING` is the runtime setting read by OxiCloud. `DATABASE_URL` is only needed for SQLx build-time checks.
 
 ## Kubernetes (Helm)
+* Please note the and external postgresql is required (for instance, create it with cncf postgreqsl operator), More information [HERE](https://cloudnative-pg.io/)
+* Please pay attention to pvc name change if you are using this charte with an already existing installation, you'll have to migrate the data.
 
 ```bash
 helm upgrade --install oxicloud charts/oxicloud \
