values.yaml Description

Chart Version: 0.1.0

Values for the ocis Helm Chart
Key Type Default Description

autoscaling.enabled

bool

false

Enables autoscaling. When set to true, replicas is no longer applied.

autoscaling.maxReplicas

int

10

Sets maximum replicas for autoscaling.

autoscaling.metrics

list

[]

Metrics to use for autoscaling

autoscaling.minReplicas

int

3

Sets minimum replicas for autoscaling.

cache.nodes

list

[]

Nodes of the cache to use.

cache.type

string

"noop"

Type of the cache to use. To disable the cache, set to "noop". Can be set to "redis", then the address of Redis nodes needs to be set to cache.nodes.

configRefs.storageUsersConfigRef

string

"storage-users"

Reference to an existing storage-users config.

debug.profiling

bool

false

Profiling enables the http://<pod>:<debug-metrics>/debug/pprof endpoint to inspect various Go runtime internals. You can use the endpoint on your machine by forwarding the port, eg: kubectl port-forward -n ocis pod/auth-basic-8587dc9d64-fs24l 9147:9147 and then accessing the port on https://localhost:9147/debug/pprof or using the pprof command line tool: go tool pprof -web http://localhost:9147/debug/pprof/symbol\?seconds\=10

deploymentStrategy

object

{"type":"RollingUpdate"}

Deployment strategy.

externalDomain

string

"ocis.owncloud.test"

Domain where oCIS is reachable for the outside world

extraLabels

object

{}

Custom labels for all manifests

extraResources

list

[]

Extra resources to be included.

features.appsIntegration.enabled

bool

false

Enables the apps integration.

features.appsIntegration.mimetypes

list

default configuration of oCIS, see doc.owncloud.com

Mimetype configuration. Let’s you configure a mimetypes' default application, if it is allowed to create a new file and more.

features.appsIntegration.wopiIntegration.officeSuites[0].enabled

bool

false

Enables the office suite.

features.appsIntegration.wopiIntegration.officeSuites[0].iconURI

string

"https://collabora.owncloud.test/favicon.ico"

URI for the icon of the office suite. Will be displayed to the users.

features.appsIntegration.wopiIntegration.officeSuites[0].insecure

bool

false

Disables SSL certificate checking for connections to the office suites http api. Not recommended for production installations.

features.appsIntegration.wopiIntegration.officeSuites[0].name

string

"Collabora"

Name of the office suite. Will be displayed to the users.

features.appsIntegration.wopiIntegration.officeSuites[0].uri

string

"https://collabora.owncloud.test"

URI of the office suite.

features.appsIntegration.wopiIntegration.officeSuites[1].enabled

bool

false

Enables the office suite.

features.appsIntegration.wopiIntegration.officeSuites[1].iconURI

string

"https://onlyoffice.owncloud.test/web-apps/apps/documenteditor/main/resources/img/favicon.ico"

URI for the icon of the office suite. Will be displayed to the users.

features.appsIntegration.wopiIntegration.officeSuites[1].insecure

bool

false

Disables SSL certificate checking for connections to the office suites http api. Not recommended for production installations.

features.appsIntegration.wopiIntegration.officeSuites[1].name

string

"OnlyOffice"

Name of the office suite. Will be displayed to the users.

features.appsIntegration.wopiIntegration.officeSuites[1].uri

string

"https://onlyoffice.owncloud.test"

URI of the office suite.

features.appsIntegration.wopiIntegration.wopiServerURI

string

"https://wopiserver.owncloud.test"

URL of the cs3org/wopiserver. Can be deployed with this Chart.

features.basicAuthentication

bool

false

Enable basic authentication. Not recommended for production installations.

features.demoUsers

bool

false

Create demo users on the first startup. Not recommended for production installations.

features.emailNotifications.enabled

bool

false

Enables email notifications. This features needs the secret from notificationsSmtpSecretRef present.

features.emailNotifications.smtp.authentication

string

"none"

Authentication method for the SMTP communication. Possible values are ‘login’, ‘plain’, ‘crammd5’, ‘none’

features.emailNotifications.smtp.encryption

string

"none"

Encryption method for the SMTP communication. Possible values are ‘starttls’, ‘ssl’, ‘ssltls’, ‘tls’ and ‘none’.

features.emailNotifications.smtp.host

string

nil

SMTP host to connect to.

features.emailNotifications.smtp.port

string

nil

Port of the SMTP host to connect to.

features.emailNotifications.smtp.sender

string

nil

Sender address of emails that will be sent. Example: 'ownCloud <noreply@example.com>'

features.externalUserManagement.adminUUID

string

""

UUID of the inital admin user. If the given value matches a user’s value from features.externalUserManagement.oidc.userIDClaim, the admin role will be assigned.

features.externalUserManagement.enabled

bool

false

Enables external user management (and disables internal user management). Needs an external OpenID Connect Identity Provider and an external LDAP server.

features.externalUserManagement.ldap.bindDN

string

"uid=ocis,ou=system-users,dc=owncloud,dc=test"

DN of the user to use to bind to the LDAP server. The password for the user needs to be set in the secret referenced by secretRefs.ldapSecretRef as reva-ldap-bind-password. The user needs to have permission to list users and groups.

features.externalUserManagement.ldap.certTrusted

bool

true

Set only to false, if the certificate of your LDAP secure service is not trusted. If set to false, you need to put the CA cert of the LDAP secure server into the secret referenced by "ldapCaRef"

features.externalUserManagement.ldap.group.baseDN

string

"ou=groups,dc=owncloud,dc=com"

Search base DN for looking up LDAP groups.

features.externalUserManagement.ldap.group.filter

string

nil

LDAP filter to add to the default filters for group searches.

features.externalUserManagement.ldap.group.objectClass

string

"groupOfNames"

The object class to use for groups in the default group search filter like groupOfNames.

features.externalUserManagement.ldap.group.schema.displayName

string

"cn"

LDAP Attribute to use for the displayname of groups (often the same as groupname attribute).

features.externalUserManagement.ldap.group.schema.groupName

string

"cn"

LDAP Attribute to use for the name of groups.

features.externalUserManagement.ldap.group.schema.id

string

"ownclouduuid"

LDAP Attribute to use as the unique ID for groups. This should be a stable globally unique ID like a UUID.

features.externalUserManagement.ldap.group.schema.idIsOctetString

bool

false

Set this to true if the defined id attribute for groups is of the OCTETSTRING syntax. This is e.g. required when using the objectGUID attribute of Active Directory for the group ID`s.

features.externalUserManagement.ldap.group.schema.mail

string

"mail"

LDAP Attribute to use for the email address of groups (can be empty).

features.externalUserManagement.ldap.group.schema.member

string

"member"

LDAP Attribute that is used for group members.

features.externalUserManagement.ldap.group.scope

string

"sub"

LDAP search scope to use when looking up groups. Supported values are base, one and sub.

features.externalUserManagement.ldap.insecure

bool

false

For self signed certificates, consider to put the CA cert of the LDAP secure server into the secret referenced by "ldapCaRef" Not recommended for production installations.

features.externalUserManagement.ldap.uri

string

"ldaps://ldaps.owncloud.test"

URI to connect to the LDAP secure server.

features.externalUserManagement.ldap.user.baseDN

string

"ou=users,dc=owncloud,dc=com"

Search base DN for looking up LDAP users.

features.externalUserManagement.ldap.user.filter

string

nil

LDAP filter to add to the default filters for user search like (objectclass=ownCloud).

features.externalUserManagement.ldap.user.objectClass

string

"inetOrgPerson"

The object class to use for users in the default user search filter like inetOrgPerson.

features.externalUserManagement.ldap.user.schema.displayName

string

"displayname"

LDAP Attribute to use for the displayname of users.

features.externalUserManagement.ldap.user.schema.id

string

"ownclouduuid"

LDAP Attribute to use as the unique id for users. This should be a stable globally unique id like a UUID.

features.externalUserManagement.ldap.user.schema.idIsOctetString

bool

false

Set this to true if the defined id attribute for users is of the OCTETSTRING syntax. This is e.g. required when using the objectGUID attribute of Active Directory for the user ID`s.

features.externalUserManagement.ldap.user.schema.mail

string

"mail"

LDAP Attribute to use for the email address of users.

features.externalUserManagement.ldap.user.schema.userName

string

"uid"

LDAP Attribute to use for username of users.

features.externalUserManagement.ldap.user.scope

string

"sub"

LDAP search scope to use when looking up users. Supported values are base, one and sub.

features.externalUserManagement.ldap.user.substringFilterType

string

"any"

Type of substring search filter to use for substring searches for users. Possible values: initial for doing prefix only searches, final for doing suffix only searches or any for doing full substring searches

features.externalUserManagement.oidc.issuerURI

string

"https://idp.owncloud.test/realms/ocis"

Issuer URI of the OpenID Connect Identity Provider. If the IDP doesn’t have valid / trusted SSL certificates, certificate validation can be disabled with the insecure.oidcIdpInsecure option.

features.externalUserManagement.oidc.userIDClaim

string

"ocis.user.uuid"

Claim to take an unique user identifier from. It will be used to look up the user on the LDAP server.

features.externalUserManagement.oidc.userIDClaimAttributeMapping

string

"userid"

Attribute mapping of for the userIDClaim. Set to userid if the claim specified in …​oidc.userIDClaim holds the value of the ldap user attribute specified in …​ldap.user.schema.id. Set to mail if the claim specified in …​oidc.userIDClaim holds the value of the ldap user attribute specified in …​ldap.user.schema.mail. Set to username if the claim specified in …​oidc.userIDClaim holds the value of the ldap user attribute specified in …​ldap.user.schema.id.

image.pullPolicy

string

"IfNotPresent"

Image pull policy

image.repository

string

"owncloud/ocis"

Image repository

image.sha

string

""

Image sha / digest (optional).

image.tag

string

""

Image tag. Defaults to the chart’s appVersion.

ingress.annotations

object

{}

Ingress annotations.

ingress.enabled

bool

false

Enables the Ingress.

ingress.ingressClassName

string

nil

Ingress class to use. Uses the default ingress class if not set.

ingress.labels

object

{}

Labels for the ingress.

ingress.tls

list

[]

Ingress TLS configuration.

insecure.ocisHttpApiInsecure

bool

false

Disables SSL certificate checking for connections to the oCIS http apis. Not recommended for production installations.

insecure.oidcIdpInsecure

bool

false

Disables SSL certificate checking for connections to the openID connect identity provider. Not recommended for production installations.

logging.color

string

"false"

Activates colorized log output. Not recommended for production installations.

logging.level

string

"error"

Log level. Valid values: panic, fatal, error, warn, info, debug, trace.

logging.pretty

string

"false"

Activates pretty log output. Not recommended for production installations.

namespaceOverride

string

nil

Override the deployment namespace of all resources in this Helm chart.

replicas

int

1

Number of replicas for each scalable service. Has no effect when autoscaling.enabled is set to true.

resources

object

{}

Default resources to apply to all services, except per-service resources configuration in services.<service-name>.resources is set. Best practice is to: - set memory request == memory limit (compare to https://home.robusta.dev/blog/kubernetes-memory-limit) - set cpu request and omit cpu limit (compare to https://home.robusta.dev/blog/stop-using-cpu-limits)

secretRefs.adminUserSecretRef

string

"admin-user"

Reference to an existing admin user secret (see Secrets). Not used if features.externalUserManagement.enabled equals true.

secretRefs.idpSecretRef

string

"idp-secrets"

Reference to an existing IDP secret (see Secrets). Not used if features.externalUserManagement.enabled equals true.

secretRefs.jwtSecretRef

string

"jwt-secret"

Reference to an existing JWT secret (see Secrets).

secretRefs.ldapCaRef

string

"ldap-ca"

Reference to an existing LDAP certificate authority secret (see Secrets)

secretRefs.ldapCertRef

string

"ldap-cert"

Reference to an existing LDAP cert secret (see Secrets). Not used if features.externalUserManagement.enabled equals true.

secretRefs.ldapSecretRef

string

"ldap-bind-secrets"

Reference to an existing LDAP bind secret (see Secrets).

secretRefs.machineAuthApiKeySecretRef

string

"machine-auth-api-key"

Reference to an existing machine auth api key secret (see Secrets)

secretRefs.notificationsSmtpSecretRef

string

"notifications-smtp-secret"

Reference to an existing SMTP email server settings secret (see Secrets). Not used if features.emailNotifications.enabled equals false.

secretRefs.storageSystemJwtSecretRef

string

"storage-system-jwt-secret"

Reference to an existing storage-system JWT secret (see Secrets)

secretRefs.storageSystemSecretRef

string

"storage-system"

Reference to an existing storage-system secret (see Secrets)

secretRefs.thumbnailsSecretRef

string

"thumbnails-transfer-secret"

Reference to an existing thumbnails transfer secret (see Secrets)

secretRefs.transferSecretSecretRef

string

"transfer-secret"

Reference to an existing transfer secret (see Secrets)

securityContext.fsGroup

int

1000

File system group for all volumes.

securityContext.fsGroupChangePolicy

string

"OnRootMismatch"

File system group change policy for all volumes. Possible values "Always" and "OnRootMismatch".

securityContext.runAsGroup

int

1000

Group ID that all processes within any containers will run with.

securityContext.runAsUser

int

1000

User ID that all processes within any containers will run with.

services.appProvider

object

see detailed service configuration options below

APP PROVIDER service. Not used if features.appsIntegration.enabled equals false.

services.appProvider.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.appRegistry

object

see detailed service configuration options below

APP REGISTRY service. Not used if features.appsIntegration.enabled equals false.

services.appRegistry.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.audit

object

see detailed service configuration options below

AUDIT service.

services.audit.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.authBasic

object

see detailed service configuration options below

AUTH BASIC service. Not used if features.externalUserManagement.enabled equals true.

services.authBasic.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.authMachine

object

see detailed service configuration options below

AUTH MACHINE service.

services.authMachine.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.frontend

object

see detailed service configuration options below

FRONTEND service.

services.frontend.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.gateway

object

see detailed service configuration options below

GATEWAY service.

services.gateway.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.graph

object

see detailed service configuration options below

GRAPH service.

services.graph.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.groups

object

see detailed service configuration options below

GROUPS service.

services.groups.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.idm

object

see detailed service configuration options below

IDM service. Not used if features.externalUserManagement.enabled equals true.

services.idm.persistence.accessModes

list

["ReadWriteMany"]

Persistent volume access modes. Needs to be ["ReadWriteMany"] when scaling this service beyond one instance.

services.idm.persistence.annotations

object

{}

Persistent volume annotations.

services.idm.persistence.chownInitContainer

bool

false

Enables a initContainer to chown the volume. The initContainer is run as root. This is not needed if the driver applies the fsGroup from the securityContext.

services.idm.persistence.enabled

bool

false

Enables persistence. Needs to be enabled on production installations, except features.externalUserManagement.enabled equals true. If not enabled, pod restarts will lead to data loss. Also scaling this service beyond one instance is not possible if the service instances don’t share the same storage.

services.idm.persistence.existingClaim

string

nil

Use an existing PersistentVolumeClaim for persistence.

services.idm.persistence.finalizers

list

["kubernetes.io/pvc-protection"]

Persistent volume finalizers.

services.idm.persistence.selectorLabels

object

{}

Persistent volume selector labels.

services.idm.persistence.size

string

"10Gi"

Size of the persistent volume.

services.idm.persistence.storageClassName

string

nil

Storage class to use. Uses the default storage class if not set.

services.idm.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.idp

object

see detailed service configuration options below

IDP service. Not used if features.externalUserManagement.enabled equals true.

services.idp.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.nats

object

see detailed service configuration options below

NATS service.

services.nats.persistence.accessModes

list

["ReadWriteMany"]

Persistent volume access modes. Needs to be ["ReadWriteMany"] when scaling this service beyond one instance.

services.nats.persistence.annotations

object

{}

Persistent volume annotations.

services.nats.persistence.chownInitContainer

bool

false

Enables a initContainer to chown the volume. The initContainer is run as root. This is not needed if the driver applies the fsGroup from the securityContext.

services.nats.persistence.enabled

bool

false

Enables persistence. Needs to be enabled on production installations. If not enabled, pod restarts will lead to data loss. Also scaling this service beyond one instance is not possible if the service instances don’t share the same storage.

services.nats.persistence.existingClaim

string

nil

Use an existing PersistentVolumeClaim for persistence.

services.nats.persistence.finalizers

list

["kubernetes.io/pvc-protection"]

Persistent volume finalizers.

services.nats.persistence.selectorLabels

object

{}

Persistent volume selector labels.

services.nats.persistence.size

string

"10Gi"

Size of the persistent volume.

services.nats.persistence.storageClassName

string

nil

Storage class to use. Uses the default storage class if not set.

services.nats.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.notifications

object

see detailed service configuration options below

NOTIFICATIONS service. Not used if features.emailNotifications.enabled equals true.

services.notifications.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.ocdav

object

see detailed service configuration options below

OCDAV service.

services.ocdav.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.ocs

object

see detailed service configuration options below

OCS service.

services.ocs.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.proxy

object

see detailed service configuration options below

PROXY service.

services.proxy.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.search

object

see detailed service configuration options below

SEARCH service.

services.search.persistence.accessModes

list

["ReadWriteMany"]

Persistent volume access modes. Needs to be ["ReadWriteMany"] when scaling this service beyond one instance.

services.search.persistence.annotations

object

{}

Persistent volume annotations.

services.search.persistence.chownInitContainer

bool

false

Enables a initContainer to chown the volume. The initContainer is run as root. This is not needed if the driver applies the fsGroup from the securityContext.

services.search.persistence.enabled

bool

false

Enables persistence. Needs to be enabled on production installations. If not enabled, pod restarts will lead to data loss. Also scaling this service beyond one instance is not possible if the service instances don’t share the same storage.

services.search.persistence.existingClaim

string

nil

Use an existing PersistentVolumeClaim for persistence.

services.search.persistence.finalizers

list

["kubernetes.io/pvc-protection"]

Persistent volume finalizers.

services.search.persistence.selectorLabels

object

{}

Persistent volume selector labels.

services.search.persistence.size

string

"10Gi"

Size of the persistent volume.

services.search.persistence.storageClassName

string

nil

Storage class to use. Uses the default storage class if not set.

services.search.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.settings

object

see detailed service configuration options below

SETTINGS service.

services.settings.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.sharing

object

see detailed service configuration options below

SHARING service.

services.sharing.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.storagePublicLink

object

see detailed service configuration options below

STORAGE-PUBLICLINK service.

services.storagePublicLink.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.storageShares

object

see detailed service configuration options below

STORAGE-SHARES service.

services.storageShares.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.storageSystem

object

see detailed service configuration options below

STORAGE-SYSTEM service.

services.storageSystem.persistence.accessModes

list

["ReadWriteMany"]

Persistent volume access modes. Needs to be ["ReadWriteMany"] when scaling this service beyond one instance.

services.storageSystem.persistence.annotations

object

{}

Persistent volume annotations.

services.storageSystem.persistence.chownInitContainer

bool

false

Enables a initContainer to chown the volume. The initContainer is run as root. This is not needed if the driver applies the fsGroup from the securityContext.

services.storageSystem.persistence.enabled

bool

false

Enables persistence. Needs to be enabled on production installations. If not enabled, pod restarts will lead to data loss. Also scaling this service beyond one instance is not possible if the service instances don’t share the same storage.

services.storageSystem.persistence.existingClaim

string

nil

Use an existing PersistentVolumeClaim for persistence.

services.storageSystem.persistence.finalizers

list

["kubernetes.io/pvc-protection"]

Persistent volume finalizers.

services.storageSystem.persistence.selectorLabels

object

{}

Persistent volume selector labels.

services.storageSystem.persistence.size

string

"5Gi"

Size of the persistent volume.

services.storageSystem.persistence.storageClassName

string

nil

Storage class to use. Uses the default storage class if not set.

services.storageSystem.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.storageUsers

object

see detailed service configuration options below

STORAGE-USERS service.

services.storageUsers.maintenance.cleanUpExpiredUploads.enabled

bool

false

Enables a job, that cleans up expired uploads. Requires persistence to be enabled and RWX storage.

services.storageUsers.maintenance.cleanUpExpiredUploads.schedule

string

"* * * * *"

Cron pattern for the job to be run. Defaults to every minute.

services.storageUsers.persistence.accessModes

list

["ReadWriteMany"]

Persistent volume access modes. Needs to be ["ReadWriteMany"] when scaling this service beyond one instance.

services.storageUsers.persistence.annotations

object

{}

Persistent volume annotations.

services.storageUsers.persistence.chownInitContainer

bool

false

Enables a initContainer to chown the volume. The initContainer is run as root. This is not needed if the driver applies the fsGroup from the securityContext.

services.storageUsers.persistence.enabled

bool

false

Enables persistence. Needs to be enabled on production installations. If not enabled, pod restarts will lead to data loss. Also scaling this service beyond one instance is not possible if the service instances don’t share the same storage.

services.storageUsers.persistence.existingClaim

string

nil

Use an existing PersistentVolumeClaim for persistence.

services.storageUsers.persistence.finalizers

list

["kubernetes.io/pvc-protection"]

Persistent volume finalizers.

services.storageUsers.persistence.selectorLabels

object

{}

Persistent volume selector labels.

services.storageUsers.persistence.size

string

"50Gi"

Size of the persistent volume.

services.storageUsers.persistence.storageClassName

string

nil

Storage class to use. Uses the default storage class if not set.

services.storageUsers.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.storageUsers.storageBackend.driver

string

"ocis"

Configures the storage driver. Possible values are "ocis" and "s3ng". The oCIS driver stores all data in the persistent volume if persistence is enabled. The S3NG driver stores all metadata in the persistent volume and uploads blobs to s3 if persistence is enabled.

services.storageUsers.storageBackend.driverConfig.s3ng.accessKey

string

"lorem-ipsum"

S3 access key to use for the S3NG driver. Only used if driver is set to "s3ng".

services.storageUsers.storageBackend.driverConfig.s3ng.bucket

string

"example-bucket"

S3 bucket to use for the S3NG driver. Only used if driver is set to "s3ng".

services.storageUsers.storageBackend.driverConfig.s3ng.endpoint

string

"https://localhost:1234"

S3 endpoint to use for the S3NG driver. Only used if driver is set to "s3ng".

services.storageUsers.storageBackend.driverConfig.s3ng.region

string

"default"

S3 region to use for the S3NG driver. Only used if driver is set to "s3ng".

services.storageUsers.storageBackend.driverConfig.s3ng.secretKey

string

"lorem-ipsum"

S3 secret key to use for the S3NG driver. Only used if driver is set to "s3ng".

services.store

object

see detailed service configuration options below

STORE service.

services.store.persistence.accessModes

list

["ReadWriteMany"]

Persistent volume access modes. Needs to be ["ReadWriteMany"] when scaling this service beyond one instance.

services.store.persistence.annotations

object

{}

Persistent volume annotations.

services.store.persistence.chownInitContainer

bool

false

Enables a initContainer to chown the volume. The initContainer is run as root. This is not needed if the driver applies the fsGroup from the securityContext.

services.store.persistence.enabled

bool

false

Enables persistence. Needs to be enabled on production installations. If not enabled, pod restarts will lead to data loss. Also scaling this service beyond one instance is not possible if the service instances don’t share the same storage.

services.store.persistence.existingClaim

string

nil

Use an existing PersistentVolumeClaim for persistence.

services.store.persistence.finalizers

list

["kubernetes.io/pvc-protection"]

Persistent volume finalizers.

services.store.persistence.selectorLabels

object

{}

Persistent volume selector labels.

services.store.persistence.size

string

"5Gi"

Size of the persistent volume.

services.store.persistence.storageClassName

string

nil

Storage class to use. Uses the default storage class if not set.

services.store.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.thumbnails

object

see detailed service configuration options below

THUMBNAILS service.

services.thumbnails.persistence.accessModes

list

["ReadWriteMany"]

Persistent volume access modes. Needs to be ["ReadWriteMany"] when scaling this service beyond one instance or persistence needs to be disabled.

services.thumbnails.persistence.annotations

object

{}

Persistent volume annotations.

services.thumbnails.persistence.chownInitContainer

bool

false

Enables a initContainer to chown the volume. The initContainer is run as root. This is not needed if the driver applies the fsGroup from the securityContext.

services.thumbnails.persistence.enabled

bool

false

Enables persistence. Is recommended to be enabled on production installations. If enabled, generated thumbnails are cached on this volume and available across pod restarts and service instances. If not enabled, thumbnail generation might lead to higher CPU usage.

services.thumbnails.persistence.existingClaim

string

nil

Use an existing PersistentVolumeClaim for persistence.

services.thumbnails.persistence.finalizers

list

[]

Persistent volume finalizers.

services.thumbnails.persistence.selectorLabels

object

{}

Persistent volume selector labels.

services.thumbnails.persistence.size

string

"10Gi"

Size of the persistent volume.

services.thumbnails.persistence.storageClassName

string

nil

Storage class to use. Uses the default storage class if not set.

services.thumbnails.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.users

object

see detailed service configuration options below

USERS service.

services.users.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.web

object

see detailed service configuration options below

ownCloud WEB service.

services.web.config.applications

list

[]

Configure the {"applications": []} section in the Web config.json.

services.web.config.apps

list

[]

Configure the {"apps": []} section in the Web config.json.

services.web.config.disableFeedbackLink

bool

false

Disables the feedback link in the Web UI.

services.web.config.externalApplications

list

[]

Configure the {"external_apps": []} section in the Web config.json.

services.web.config.theme.path

string

""

URL path to load themes from. The theme server will be prepended. Defaults to the ownCloud Web default theme.

services.web.config.theme.server

string

""

URL to load themes from. Will be prepended to the theme path. Defaults to the value of "externalDomain".

services.web.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

services.webdav

object

see detailed service configuration options below

WEBDAV service.

services.webdav.resources

object

{}

Per-service resources configuration. Overrides the default setting from resources if set.

topologySpreadConstraints

string

""

TopologySpreadConstraints controls how Pods of a service are spread across the cluster among failure-domains. Defaults to allow skew no more then 1 node per node. Passed through tpl and therefore needs to be configured as string.