chore: upgrade postgresql to 17.2 (chart 16.3.1)

.github/tests/test_job.yaml

@@ -0,0 +1,63 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: test-nextcloud
+  namespace: nextcloud
+spec:
+  template:
+    metadata:
+      name: test-nextcloud
+    spec:
+      initContainers:
+        - name: 05-create-nextcloud-file
+          image: curlimages/curl
+          command:
+            - /bin/sh
+            - -c
+            - |
+              set -e
+              echo "download image:"
+              curl -s "https://upload.wikimedia.org/wikipedia/commons/d/df/Open_data.png" -o test_upload.png
+              echo "upload to nextcloud:"
+              curl \
+                -s \
+                -w "%{http_code}" \
+                -u admin:changeme \
+                -T test_upload.png \
+              "http://nextcloud.nextcloud.svc.cluster.local:8080/remote.php/dav/files/admin/test_upload.png" || exit 1;
+              echo "done"
+        - name: 10-generate-preview
+          image: docker.io/library/nextcloud:latest
+          command:
+            - /bin/sh
+            - -c
+            - |
+              set -e
+              echo "fetch preview:"
+              OUTPUT=$(curl \
+                -s \
+                -w "%{http_code}" \
+                -u admin:changeme \
+              "http://nextcloud.nextcloud.svc.cluster.local:8080/index.php/core/preview.png?file=test_upload.png&x=128&y=128&mimeFallback=true&a=0" \
+                -o - | file -)
+              echo "${OUTPUT}";
+              if ! echo "${OUTPUT}" | grep -q "PNG"; then
+                echo "PNG was not detected"
+                exit 1;
+              fi
+              if ! echo "${OUTPUT}" | grep -q "256 x 256"; then
+                echo "Image size is incorrect"
+                exit 1;
+              fi
+              echo "done"
+      containers:
+        - name: final
+          image: curlimages/curl
+          command:
+            - /bin/sh
+            - -c
+            - |
+              set -e
+              echo "All tests run successfull (initContainer in given order)"
+      restartPolicy: Never

.github/workflows/lint-test.yaml

@@ -88,6 +88,12 @@ jobs:
             # we need to skip the clean up so we can test adding a file
             helm_args: |
                 --namespace nextcloud --skip-clean-up --helm-extra-set-args "--values charts/nextcloud/test-values/s3-as-primary-storage.yaml"
+            test: true
+
+          # test the helm chart with imaginary
+          - name: Imaginary Enabled
+            helm_args: --namespace nextcloud --skip-clean-up --helm-extra-set-args "--create-namespace --values charts/nextcloud/test-values/imaginary.yaml"
+            test: true
 
     steps:
       - name: Checkout
@@ -117,7 +123,7 @@ jobs:
           fi
 
       - name: Create kind cluster
-        uses: helm/kind-action@v1.10.0
+        uses: helm/kind-action@v1.12.0
         if: steps.list-changed.outputs.changed == 'true'
 
       - name: Install MinIO for testing S3 as Primary Storage
@@ -140,18 +146,20 @@ jobs:
         if: steps.list-changed.outputs.changed == 'true'
         run: ct install --target-branch ${{ github.event.repository.default_branch }} ${{ matrix.test_cases.helm_args }}
 
-      - name: Try adding a file to Nextcloud
-        if: matrix.test_cases.name == 'S3 Enabled as Primary Storage'
+      - name: Run test for Nextcloud
+        if: matrix.test_cases.test
         # applies a kubernetes job that uploads a file and then checks log of finished pod
         run: |
+            EXIT=0
             kubectl config set-context --current --namespace=nextcloud && \
-            kubectl apply -f ./.github/tests/test_upload_job.yaml --wait=true && \
+            kubectl apply -f ./.github/tests/test_job.yaml --wait=true && \
             sleep 2 && \
-            kubectl wait --for=condition=Complete --timeout=2m job/create-nextcloud-file && \
-            echo "Here's the logs from the job:" && \
-            kubectl logs --tail=-1 -f -l batch.kubernetes.io/job-name=create-nextcloud-file && \
-            echo "Here's the logs from the nextcloud pod:" && \
-            kubectl logs -l app.kubernetes.io/name=nextcloud
+            kubectl wait --for=condition=Complete --timeout=2m job/test-nextcloud || EXIT=1
+            echo "Here's the logs from the job:"
+            kubectl logs --ignore-errors --prefix --tail=-1 --all-containers=true -l batch.kubernetes.io/job-name=test-nextcloud
+            echo "Here's the logs from the nextcloud pod:"
+            kubectl logs --ignore-errors --prefix -l app.kubernetes.io/name=nextcloud
+            exit $EXIT
 
   summary:
     runs-on: ubuntu-latest-low

charts/nextcloud/Chart.lock

@@ -1,15 +1,15 @@
 dependencies:
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 15.5.0
+  version: 16.4.14
 - name: mariadb
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 18.2.0
+  version: 20.2.1
 - name: redis
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 19.6.4
+  version: 20.6.0
 - name: collabora-online
   repository: https://collaboraonline.github.io/online
   version: 1.1.20
-digest: sha256:00e8d82d28825fd3f46e7e7d888d1aac93ebdb5135f6a4d7e6ae0c3155881c27
-generated: "2024-12-15T19:47:53.357052+01:00"
+digest: sha256:60495c5fe12eba4d6732581139cc62defc092541c42e097685976a6de45865f7
+generated: "2025-02-25T09:36:49.928250314+01:00"

charts/nextcloud/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: nextcloud
-version: 6.4.1
-appVersion: 30.0.4
+version: 7.0.0
+appVersion: 31.0.0
 description: A file sharing server that puts the control and security of your own data back into your hands.
 keywords:
   - nextcloud
@@ -23,19 +23,19 @@ maintainers:
     email: [email protected]
 dependencies:
   - name: postgresql
-    version: 15.5.0
+    version: 16.4.14
     repository: oci://registry-1.docker.io/bitnamicharts
     condition: postgresql.enabled
   - name: mariadb
-    version: 18.2.0
+    version: 20.2.1
     repository: oci://registry-1.docker.io/bitnamicharts
     condition: mariadb.enabled
   - name: redis
-    version: 19.6.4
+    version: 20.6.0
     repository: oci://registry-1.docker.io/bitnamicharts
     condition: redis.enabled
   - name: collabora-online
     version: 1.1.20
     repository: https://collaboraonline.github.io/online
     condition: collabora.enabled
-    alias: collabora
+    alias: collabora

charts/nextcloud/README.md

@@ -28,6 +28,7 @@ helm install my-release nextcloud/nextcloud
     * [Headers set on NGINX](#headers-set-on-nginx)
     * [Probes Configurations](#probes-configurations)
     * [Collabora Configuration](#collabora-configuration)
+    * [Imaginary](#imaginary)
 * [Cron jobs](#cron-jobs)
 * [Using the nextcloud docker image auto-configuration via env vars](#using-the-nextcloud-docker-image-auto-configuration-via-env-vars)
 * [Multiple config.php file](#multiple-configphp-file)
@@ -319,8 +320,8 @@ Here are all the values you can currently configure in this helm chart to config
 | Parameter                                       | Description                                                           | Default     |
 |-------------------------------------------------|-----------------------------------------------------------------------|-------------|
 | `nextcloud.objectStore.s3.enabled`              | enable configuring S3 as a primary object store                       | `false`     |
-| `nextcloud.objectStore.s3.accessKey`            | accessKeyID for authing to S3, ignored if using existinSecret         | `''`        |
-| `nextcloud.objectStore.s3.secretKey`            | secretAccessKey for authing to S3, ignored if using existinSecret     | `''`        |
+| `nextcloud.objectStore.s3.accessKey`            | accessKeyID for authing to S3, ignored if using existingSecret        | `''`        |
+| `nextcloud.objectStore.s3.secretKey`            | secretAccessKey for authing to S3, ignored if using existingSecret    | `''`        |
 | `nextcloud.objectStore.s3.legacyAuth`           | use legacy authentication for S3                                      | `false`     |
 | `nextcloud.objectStore.s3.host`                 | endpoint URL to connect to. Only required if not using AWS            | `''`        |
 | `nextcloud.objectStore.s3.ssl`                  | Use TLS connection when connecting to S3                              | `true`      |
@@ -530,6 +531,44 @@ This section provides options to enable and configure the Collabora Online serve
 >
 > For more information, please check the [Collabora documentation](https://sdk.collaboraonline.com/docs/installation/index.html).
 
+### Imaginary
+
+We include an optional external preview provider from [h2non/imaginary](https://github.com/h2non/imaginary).
+
+| Parameter                              | Description                                                                             | Default           |
+|----------------------------------------|-----------------------------------------------------------------------------------------|-------------------|
+| `imaginary.enabled`                    | Start Imaginary                                                                         | `false`           |
+| `imaginary.replicaCount`               | Number of imaginary pod replicas to deploy                                              | `1`               |
+| `imaginary.image.registry`             | Imaginary image name                                                                    | `docker.io`       |
+| `imaginary.image.repository`           | Imaginary image name                                                                    | `h2non/imaginary` |
+| `imaginary.image.tag`                  | Imaginary image tag                                                                     | `1.2.4`           |
+| `imaginary.image.pullPolicy`           | Imaginary image pull policy                                                             | `IfNotPresent`    |
+| `imaginary.image.pullSecrets`          | Imaginary image pull secrets                                                            | `nil`             |
+| `imaginary.podAnnotations`             | Additional annotations for imaginary                                                    | `{}`              |
+| `imaginary.podLabels`                  | Additional labels for imaginary                                                         | `{}`              |
+| `imaginary.nodeSelector`               | Imaginary pod nodeSelector                                                                | `{}`              |
+| `imaginary.tolerations`                | Imaginary pod tolerations                                                | `[]`              |
+| `imaginary.resources`                  | imaginary resources                                                                     | `{}`              |
+| `imaginary.securityContext`            | Optional security context for the Imaginary container                                   | `nil`             |
+| `imaginary.podSecurityContext`         | Optional security context for the Imaginary pod (applies to all containers in the pod)  | `nil`             |
+| `imaginary.service.type`               | Imaginary: Kubernetes Service type                                                      | `ClusterIP`       |
+| `imaginary.service.loadBalancerIP`     | Imaginary: LoadBalancerIp for service type LoadBalancer                                 | `nil`             |
+| `imaginary.service.nodePort`           | Imaginary: NodePort for service type NodePort                                           | `nil`             |
+| `imaginary.service.annotations`        | Additional annotations for service imaginary                                            | `{}`              |
+| `imaginary.service.labels`             | Additional labels for service imaginary                                                 | `{}`              |
+
+
+> [!Note]
+> You also need to setup nextcloud, to use imaginary
+```yaml
+nextcloud:
+  defaultConfigs:
+    imaginary.config.php: true
+
+imaginary:
+  enabled: true
+```
+
 ## Cron jobs
 
 To execute [background tasks](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/background_jobs_configuration.html) by using system cron instead of default Ajax cron, set `cronjob.enabled` parameter to `true`. Background jobs are important for tasks that do not necessarily need user intervention, but still need to be executed frequently (cleaning up, sending some notifications, pulling RSS feeds, etc.).

charts/nextcloud/files/defaultConfigs/apps.config.php.tpl

@@ -1,15 +1,15 @@
 <?php
 $CONFIG = array (
-  "apps_paths" => array (
+  'apps_paths' => array (
       0 => array (
-              "path"     => OC::$SERVERROOT."/apps",
-              "url"      => "/apps",
-              "writable" => false,
+              'path'     => OC::$SERVERROOT.'/apps',
+              'url'      => '/apps',
+              'writable' => false,
       ),
       1 => array (
-              "path"     => OC::$SERVERROOT."/custom_apps",
-              "url"      => "/custom_apps",
-              "writable" => true,
+              'path'     => OC::$SERVERROOT.'/custom_apps',
+              'url'      => '/custom_apps',
+              'writable' => true,
       ),
   ),
 );

charts/nextcloud/files/defaultConfigs/imaginary.config.php.tpl

@@ -0,0 +1,23 @@
+<?php
+$CONFIG = array (
+  'preview_imaginary_url' => 'http://{{ template "nextcloud.fullname" . }}-imaginary',
+  'enable_previews' => true,
+  'enabledPreviewProviders' => array (
+    'OC\Preview\Imaginary',
+    'OC\Preview\ImaginaryPDF',
+    /*
+      defaults:
+      https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#enabledpreviewproviders
+    */
+    'OC\Preview\BMP',
+    // 'OC\Preview\GIF',
+    // 'OC\Preview\JPEG',
+    'OC\Preview\Krita',
+    'OC\Preview\MarkDown',
+    'OC\Preview\MP3',
+    'OC\Preview\OpenDocument',
+    // 'OC\Preview\PNG',
+    'OC\Preview\TXT',
+    'OC\Preview\XBitmap',
+  ),
+);

charts/nextcloud/files/defaultConfigs/reverse-proxy.config.php.tpl

@@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES');
 if ($trustedProxies) {
   $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
 }
+
+$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
+if ($forwardedForHeaders) {
+  $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
+}

charts/nextcloud/files/defaultConfigs/s3.config.php.tpl

@@ -14,8 +14,8 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) {
         'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
         'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
         'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
-        'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
-        'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
+        'autocreate' => strtolower($autocreate) !== 'false',
+        'use_ssl' => strtolower($use_ssl) !== 'false',
         // required for some non Amazon S3 implementations
         'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
         // required for older protocol versions