From 68734da23758a156fc9e48361400d5ebdf1da2ab Mon Sep 17 00:00:00 2001 From: Celestino Rey Date: Wed, 1 Feb 2023 16:36:04 +0100 Subject: [PATCH] Pruebas HTTPS, Cambio de directorio de NextCloud y pruebas miweb --- .../certbot-claim0-persistentvolumeclaim.yaml | 14 ++++ .../certbot-claim1-persistentvolumeclaim.yaml | 14 ++++ HTTPS/certbot-deployment.yaml | 44 ++++++++++ .../meta.json | 1 + .../private_key.json | 1 + .../regr.json | 1 + HTTPS/certbot/conf/csr/0000_csr-certbot.pem | 8 ++ HTTPS/certbot/conf/csr/0001_csr-certbot.pem | 7 ++ HTTPS/certbot/conf/keys/0000_key-certbot.pem | 5 ++ HTTPS/certbot/conf/keys/0001_key-certbot.pem | 5 ++ HTTPS/docker-compose.yml | 17 ++++ HTTPS/nginx/conf/nginx.conf | 15 ++++ ...ebserver-claim0-persistentvolumeclaim.yaml | 14 ++++ ...ebserver-claim1-persistentvolumeclaim.yaml | 14 ++++ HTTPS/webserver-deployment.yaml | 51 ++++++++++++ HTTPS/webserver-service.yaml | 22 +++++ HelmCharts/default.conf | 45 ++++++++++ HelmCharts/entra-miweb.sh | 2 +- HelmCharts/helmMiweb.sh | 14 ++++ HelmCharts/helmNextCloud.sh | 14 ++++ HelmCharts/miweb-chart/templates/_helpers.tpl | 62 -------------- .../templates/certbot-deployment.yaml | 45 ++++++++++ .../miweb-chart/templates/deployment.yaml | 40 --------- HelmCharts/miweb-chart/templates/example.yaml | 13 --- .../templates/miweb-deployment.yaml | 83 +++++++++++++++++++ .../miweb-chart/templates/pv-claim.yaml | 14 ---- HelmCharts/nextcloud-chart/.helmignore | 23 +++++ HelmCharts/nextcloud-chart/Chart.yaml | 24 ++++++ .../templates/mysql-deployment.yaml | 70 ++++++++++++++++ .../templates/nextcloud-deployment.yaml | 51 ++++++++++++ .../templates/nextcloud-secrets.yaml | 9 ++ .../templates/php-deployment.yaml | 56 +++++++++++++ .../templates/pvc-nextcloud.yaml | 13 +++ .../templates/registry-secrets.yaml | 11 +++ HelmCharts/nextcloud-chart/values.yaml | 82 ++++++++++++++++++ .../preparaMiweb/pv-local-miweb-certbot.yaml | 11 +++ .../preparaMiweb/pv-local-miweb-conf.yaml | 11 +++ ...v-local-nginx.yaml => pv-local-miweb.yaml} | 4 +- HelmCharts/preparaNextCloud/nc-namespace.yaml | 4 + .../preparaNextCloud/pv-local-mysql.yaml | 11 +++ .../preparaNextCloud/pv-local-nextcloud.yaml | 11 +++ 41 files changed, 824 insertions(+), 132 deletions(-) create mode 100644 HTTPS/certbot-claim0-persistentvolumeclaim.yaml create mode 100644 HTTPS/certbot-claim1-persistentvolumeclaim.yaml create mode 100644 HTTPS/certbot-deployment.yaml create mode 100644 HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/meta.json create mode 100644 HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/private_key.json create mode 100644 HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/regr.json create mode 100644 HTTPS/certbot/conf/csr/0000_csr-certbot.pem create mode 100644 HTTPS/certbot/conf/csr/0001_csr-certbot.pem create mode 100644 HTTPS/certbot/conf/keys/0000_key-certbot.pem create mode 100644 HTTPS/certbot/conf/keys/0001_key-certbot.pem create mode 100644 HTTPS/docker-compose.yml create mode 100644 HTTPS/nginx/conf/nginx.conf create mode 100644 HTTPS/webserver-claim0-persistentvolumeclaim.yaml create mode 100644 HTTPS/webserver-claim1-persistentvolumeclaim.yaml create mode 100644 HTTPS/webserver-deployment.yaml create mode 100644 HTTPS/webserver-service.yaml create mode 100644 HelmCharts/default.conf create mode 100644 HelmCharts/helmMiweb.sh create mode 100644 HelmCharts/helmNextCloud.sh delete mode 100644 HelmCharts/miweb-chart/templates/_helpers.tpl create mode 100644 HelmCharts/miweb-chart/templates/certbot-deployment.yaml delete mode 100644 HelmCharts/miweb-chart/templates/deployment.yaml delete mode 100644 HelmCharts/miweb-chart/templates/example.yaml create mode 100644 HelmCharts/miweb-chart/templates/miweb-deployment.yaml delete mode 100644 HelmCharts/miweb-chart/templates/pv-claim.yaml create mode 100644 HelmCharts/nextcloud-chart/.helmignore create mode 100644 HelmCharts/nextcloud-chart/Chart.yaml create mode 100644 HelmCharts/nextcloud-chart/templates/mysql-deployment.yaml create mode 100644 HelmCharts/nextcloud-chart/templates/nextcloud-deployment.yaml create mode 100644 HelmCharts/nextcloud-chart/templates/nextcloud-secrets.yaml create mode 100644 HelmCharts/nextcloud-chart/templates/php-deployment.yaml create mode 100644 HelmCharts/nextcloud-chart/templates/pvc-nextcloud.yaml create mode 100644 HelmCharts/nextcloud-chart/templates/registry-secrets.yaml create mode 100644 HelmCharts/nextcloud-chart/values.yaml create mode 100644 HelmCharts/preparaMiweb/pv-local-miweb-certbot.yaml create mode 100644 HelmCharts/preparaMiweb/pv-local-miweb-conf.yaml rename HelmCharts/preparaMiweb/{pv-local-nginx.yaml => pv-local-miweb.yaml} (68%) create mode 100644 HelmCharts/preparaNextCloud/nc-namespace.yaml create mode 100644 HelmCharts/preparaNextCloud/pv-local-mysql.yaml create mode 100644 HelmCharts/preparaNextCloud/pv-local-nextcloud.yaml diff --git a/HTTPS/certbot-claim0-persistentvolumeclaim.yaml b/HTTPS/certbot-claim0-persistentvolumeclaim.yaml new file mode 100644 index 00000000..15fe9c83 --- /dev/null +++ b/HTTPS/certbot-claim0-persistentvolumeclaim.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + creationTimestamp: null + labels: + io.kompose.service: certbot-claim0 + name: certbot-claim0 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Mi +status: {} diff --git a/HTTPS/certbot-claim1-persistentvolumeclaim.yaml b/HTTPS/certbot-claim1-persistentvolumeclaim.yaml new file mode 100644 index 00000000..8165bd05 --- /dev/null +++ b/HTTPS/certbot-claim1-persistentvolumeclaim.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + creationTimestamp: null + labels: + io.kompose.service: certbot-claim1 + name: certbot-claim1 +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Mi +status: {} diff --git a/HTTPS/certbot-deployment.yaml b/HTTPS/certbot-deployment.yaml new file mode 100644 index 00000000..bc64b513 --- /dev/null +++ b/HTTPS/certbot-deployment.yaml @@ -0,0 +1,44 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.26.0 (40646f47) + creationTimestamp: null + labels: + io.kompose.service: certbot + name: certbot +spec: + replicas: 1 + selector: + matchLabels: + io.kompose.service: certbot + strategy: + type: Recreate + template: + metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.26.0 (40646f47) + creationTimestamp: null + labels: + io.kompose.service: certbot + spec: + containers: + - image: certbot/certbot:latest + name: certbot + resources: {} + volumeMounts: + - mountPath: /var/www/certbot/ + name: certbot-claim0 + - mountPath: /etc/letsencrypt/ + name: certbot-claim1 + restartPolicy: Always + volumes: + - name: certbot-claim0 + persistentVolumeClaim: + claimName: certbot-claim0 + - name: certbot-claim1 + persistentVolumeClaim: + claimName: certbot-claim1 +status: {} diff --git a/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/meta.json b/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/meta.json new file mode 100644 index 00000000..95954825 --- /dev/null +++ b/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/meta.json @@ -0,0 +1 @@ +{"creation_dt": "2023-02-01T09:26:45Z", "creation_host": "f4594feda273"} \ No newline at end of file diff --git a/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/private_key.json b/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/private_key.json new file mode 100644 index 00000000..ae99cf27 --- /dev/null +++ b/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/private_key.json @@ -0,0 +1 @@ +{"n": "16P-IALymGf5NQxYwovtP6MbSReUJtQrfIFVYZVV5tWy3y3Qf7gjwwjq4Fa9sHrn_KmUvUkBWtikAohOw8SCv-IUakxjTWIHAEIyjU9oK57olnCmdGnYQWza0ffCU69H3piMagG7es2kl4s24E1dHO37cBm8GQ-UH-0xDZ3CsWoGQLY8u9bGocdQbujozGCsaMxRso4SdkBqB3S-sJEwiKZr4iBlXCnvv0YW6t0WlfqVKzpQvU5u4UW7BBWCoxBTY0Ehj20BYsHC31mXh5d4e4Rn_THzBg9IZsKdEjNbMXETMauaW3JisMgONT8htdQUlQz1lHgWPVKi-iW0dFYJfQ", "e": "AQAB", "d": "LzFf-JQEkTeyCbrPwxX6AHMbEdpD7WKCON-aNr7Gu7vZh2_goU8Enpa5RosdPP4M_tYDLBDJ596hOD-qEzySy9k31BKvKdySASu7ogL2npNKvj_dof0XG6xt0EVrhUKHVU8n7bw-0k-mnZbVVe4AeogXvs8XBBoNdhZEJcF4vjg5pvQcK-HIOi9Fs7yUHaTqo-qQgDRBH7TjY8Uq72X--SOWV05iofQ3--riT0GWWgyld3pDgAHsM8zhyOq8XlItbS3tUTYsc4Lw8vrvx2R7aDWtzCP0LC5E1sO0WhnfHHMdaKWSJ2JDhmiJs3zF__iu95yGYIbe8Z0RX2qnVV32uQ", "p": "-hTTf6UEUOkSN4SxHcluGl0kKk7f9plyUpX5gmtZYg6MSXOAj2DkPWOim5ep_-QJdI-rTnAFbEeXVtxfCkVxmmHIPdaC7pjBA23qcdHWMu8JkrHSEM6nzIl0vI2QgXWZCDuZG6-7jjef8MKpfd1urLMkecDwuK34OhZcT1WNnNU", "q": "3L5_3iZNYLEbusaqy4ndlrPcFhSJ6QMc2PBKi3yCmXootVaL_TmQAtOaMkNdd_NO-KaqVNM9ydnJtQt0EVnG-eEqBmL1nl4L92nnbytlU9VPYDbiWQ9STArqd2Wf2kSYz80mYJ1CF4hJbqVAyrO8aj8h2q2SzpnMhqBF-9EYbgk", "dp": "NfXacPdtR_wSdzJFeVTmUf_49rwQLUiM128O6Go7XiIfeRXYDpfsh6aBBquh_dn5hFIft4wKT4PfDtn8E95KFfK1X0py9AK32wKTjL2nR1Q2r5V46zF8GXErZCfzn0t9mr4pWkT_5j7wXuXR5pup7s-0tiTAjEjVf8slXeTq6oU", "dq": "0Sdu4H5KMqOdMouqqNAoNPKWRhWP1kgsvSBwgVmoJOOqTqeCXJx95y-3mohZt53B5beFDHpawTap9_CyOP5nmbvOpd59-2AA1pxxvNPRXm1umCtorBnoUETHg_m2TIlSgRJQmppmVQW9DilmCqnijIjk-t4bi8YOFEEoDkFAdIE", "qi": "ATb2ooVw9dyrJpGbKedTz-NiGYX7n9oypPUKccy7B-UM8OD2ulmRrs2n8IQsY3JYeYfuAF-FXiRQJWIujpBR-Ao3w4eKU1kf-ucyWLyfLAaCM5F7U6cAaGN3jVblefCrLzbEKpbjc6XJtu6nKYEz1af4yQYcTWFTC4hjZwAvgCw", "kty": "RSA"} \ No newline at end of file diff --git a/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/regr.json b/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/regr.json new file mode 100644 index 00000000..14a94db4 --- /dev/null +++ b/HTTPS/certbot/conf/accounts/acme-v02.api.letsencrypt.org/directory/c969070eddffc3f18a9faeeb772e0d49/regr.json @@ -0,0 +1 @@ +{"body": {}, "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/943534587"} \ No newline at end of file diff --git a/HTTPS/certbot/conf/csr/0000_csr-certbot.pem b/HTTPS/certbot/conf/csr/0000_csr-certbot.pem new file mode 100644 index 00000000..0c5c85c1 --- /dev/null +++ b/HTTPS/certbot/conf/csr/0000_csr-certbot.pem @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIHvMIGWAgEAMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATars0S63nlblI4 +2A31mqLGhFOqrLzHl/PjalG02zLr1KsBzA/6gPdtXXZw91TSjmG9tyHaI7naVTla +jHR6VQghoDQwMgYJKoZIhvcNAQkOMSUwIzAhBgNVHREEGjAYghZyZXltb3RhLmRk +bnMubmV0OjMyMDgwMAoGCCqGSM49BAMCA0gAMEUCIQCDczOIb2HG0Ha/iow9h5zo +bPpPRytdP3GgBHlOlyPujgIgB6E44CIy/6FLACPLJGyRSQ6kxRpsLGiCEHtZJSt9 +Vs8= +-----END CERTIFICATE REQUEST----- diff --git a/HTTPS/certbot/conf/csr/0001_csr-certbot.pem b/HTTPS/certbot/conf/csr/0001_csr-certbot.pem new file mode 100644 index 00000000..0393dd8c --- /dev/null +++ b/HTTPS/certbot/conf/csr/0001_csr-certbot.pem @@ -0,0 +1,7 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIHpMIGQAgEAMAAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT05+0vm9vlNnsf +wiFQLToVJfmAkmbTpLZNKinXw00EtFAJTGff2gZ638zqcu3hXLknbLVj2n8WqHYA +I9F+SEVLoC4wLAYJKoZIhvcNAQkOMR8wHTAbBgNVHREEFDASghByZXltb3RhLmRk +bnMubmV0MAoGCCqGSM49BAMCA0gAMEUCIHkFY6vSjYUB7lLI4uQPVJiwvTohT7Po +D4AjbG7dx+FhAiEA+msGjSQGcyZBL6RVPFaZw0GHaMgAKWCPcNUt0sUFZdI= +-----END CERTIFICATE REQUEST----- diff --git a/HTTPS/certbot/conf/keys/0000_key-certbot.pem b/HTTPS/certbot/conf/keys/0000_key-certbot.pem new file mode 100644 index 00000000..dac3fcba --- /dev/null +++ b/HTTPS/certbot/conf/keys/0000_key-certbot.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgX47hYo5mX70vHNCh +pqXiiET3RBxF7/xnVhzE5TKou0mhRANCAATars0S63nlblI42A31mqLGhFOqrLzH +l/PjalG02zLr1KsBzA/6gPdtXXZw91TSjmG9tyHaI7naVTlajHR6VQgh +-----END PRIVATE KEY----- diff --git a/HTTPS/certbot/conf/keys/0001_key-certbot.pem b/HTTPS/certbot/conf/keys/0001_key-certbot.pem new file mode 100644 index 00000000..cdc41cdd --- /dev/null +++ b/HTTPS/certbot/conf/keys/0001_key-certbot.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgU+yxM3TUNGNAUtEF +s1euxemWrCasGvLlDns6/zaZIMChRANCAAT05+0vm9vlNnsfwiFQLToVJfmAkmbT +pLZNKinXw00EtFAJTGff2gZ638zqcu3hXLknbLVj2n8WqHYAI9F+SEVL +-----END PRIVATE KEY----- diff --git a/HTTPS/docker-compose.yml b/HTTPS/docker-compose.yml new file mode 100644 index 00000000..133cb426 --- /dev/null +++ b/HTTPS/docker-compose.yml @@ -0,0 +1,17 @@ +version: '3' + +services: + webserver: + image: nginx:latest + ports: + - 80:80 + - 443:443 + restart: always + volumes: + - ./nginx/conf:/etc/nginx/conf.d/:ro + - ./certbot/www:/var/www/certbot/:ro + certbot: + image: certbot/certbot:latest + volumes: + - ./certbot/www/:/var/www/certbot/:rw + - ./certbot/conf/:/etc/letsencrypt/:rw diff --git a/HTTPS/nginx/conf/nginx.conf b/HTTPS/nginx/conf/nginx.conf new file mode 100644 index 00000000..2db9e368 --- /dev/null +++ b/HTTPS/nginx/conf/nginx.conf @@ -0,0 +1,15 @@ +server { + listen 80; + listen [::]:80; + + server_name reymota.ddns.net; + server_tokens off; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + return 301 https://reymota.ddns.net:30080$request_uri; + } +} diff --git a/HTTPS/webserver-claim0-persistentvolumeclaim.yaml b/HTTPS/webserver-claim0-persistentvolumeclaim.yaml new file mode 100644 index 00000000..c89090c9 --- /dev/null +++ b/HTTPS/webserver-claim0-persistentvolumeclaim.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + creationTimestamp: null + labels: + io.kompose.service: webserver-claim0 + name: webserver-claim0 +spec: + accessModes: + - ReadOnlyMany + resources: + requests: + storage: 100Mi +status: {} diff --git a/HTTPS/webserver-claim1-persistentvolumeclaim.yaml b/HTTPS/webserver-claim1-persistentvolumeclaim.yaml new file mode 100644 index 00000000..1ed477b4 --- /dev/null +++ b/HTTPS/webserver-claim1-persistentvolumeclaim.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + creationTimestamp: null + labels: + io.kompose.service: webserver-claim1 + name: webserver-claim1 +spec: + accessModes: + - ReadOnlyMany + resources: + requests: + storage: 100Mi +status: {} diff --git a/HTTPS/webserver-deployment.yaml b/HTTPS/webserver-deployment.yaml new file mode 100644 index 00000000..6ab7ee3c --- /dev/null +++ b/HTTPS/webserver-deployment.yaml @@ -0,0 +1,51 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.26.0 (40646f47) + creationTimestamp: null + labels: + io.kompose.service: webserver + name: webserver +spec: + replicas: 1 + selector: + matchLabels: + io.kompose.service: webserver + strategy: + type: Recreate + template: + metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.26.0 (40646f47) + creationTimestamp: null + labels: + io.kompose.service: webserver + spec: + containers: + - image: nginx:latest + name: webserver + ports: + - containerPort: 80 + - containerPort: 443 + resources: {} + volumeMounts: + - mountPath: /etc/nginx/conf.d/ + name: webserver-claim0 + readOnly: true + - mountPath: /var/www/certbot/ + name: webserver-claim1 + readOnly: true + restartPolicy: Always + volumes: + - name: webserver-claim0 + persistentVolumeClaim: + claimName: webserver-claim0 + readOnly: true + - name: webserver-claim1 + persistentVolumeClaim: + claimName: webserver-claim1 + readOnly: true +status: {} diff --git a/HTTPS/webserver-service.yaml b/HTTPS/webserver-service.yaml new file mode 100644 index 00000000..13a71812 --- /dev/null +++ b/HTTPS/webserver-service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.26.0 (40646f47) + creationTimestamp: null + labels: + io.kompose.service: webserver + name: webserver +spec: + ports: + - name: "80" + port: 80 + targetPort: 80 + - name: "443" + port: 443 + targetPort: 443 + selector: + io.kompose.service: webserver +status: + loadBalancer: {} diff --git a/HelmCharts/default.conf b/HelmCharts/default.conf new file mode 100644 index 00000000..ac54d8e8 --- /dev/null +++ b/HelmCharts/default.conf @@ -0,0 +1,45 @@ +server { + listen 80; + listen [::]:80; + server_name localhost; + + #access_log /var/log/nginx/host.access.log main; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} + diff --git a/HelmCharts/entra-miweb.sh b/HelmCharts/entra-miweb.sh index 5f4f26d3..a82d72c3 100644 --- a/HelmCharts/entra-miweb.sh +++ b/HelmCharts/entra-miweb.sh @@ -1 +1 @@ -kubectl exec -ti deployment.apps/miweb-miweb-chart -- /bin/bash +kubectl exec -ti deployment.apps/miweb -- /bin/bash diff --git a/HelmCharts/helmMiweb.sh b/HelmCharts/helmMiweb.sh new file mode 100644 index 00000000..27b3836d --- /dev/null +++ b/HelmCharts/helmMiweb.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +if [ "$1" = "i" ] +then + kubectl apply -f ./preparaMiweb/pv-local-miweb.yaml + kubectl apply -f ./preparaMiweb/pv-local-miweb-certbot.yaml + kubectl apply -f ./preparaMiweb/pv-local-miweb-conf.yaml + helm install miweb miweb-chart/ +else + helm uninstall miweb + kubectl delete -f ./preparaMiweb/pv-local-miweb.yaml + kubectl delete -f ./preparaMiweb/pv-local-miweb-certbot.yaml + kubectl delete -f ./preparaMiweb/pv-local-miweb-conf.yaml +fi diff --git a/HelmCharts/helmNextCloud.sh b/HelmCharts/helmNextCloud.sh new file mode 100644 index 00000000..a08aeb70 --- /dev/null +++ b/HelmCharts/helmNextCloud.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +if [ "$1" = "i" ] +then + kubectl apply -f ./preparaNextCloud/nc-namespace.yaml + kubectl apply -f ./preparaNextCloud/pv-local-mysql.yaml + kubectl apply -f ./preparaNextCloud/pv-local-nextcloud.yaml + helm install nextcloud nextcloud-chart/ +else + helm uninstall nextcloud + kubectl delete -f ./preparaNextCloud/nc-namespace.yaml + kubectl delete -f ./preparaNextCloud/pv-local-mysql.yaml + kubectl delete -f ./preparaNextCloud/pv-local-nextcloud.yaml +fi diff --git a/HelmCharts/miweb-chart/templates/_helpers.tpl b/HelmCharts/miweb-chart/templates/_helpers.tpl deleted file mode 100644 index 964801b1..00000000 --- a/HelmCharts/miweb-chart/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "miweb-chart.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "miweb-chart.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "miweb-chart.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "miweb-chart.labels" -}} -helm.sh/chart: {{ include "miweb-chart.chart" . }} -{{ include "miweb-chart.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "miweb-chart.selectorLabels" -}} -app.kubernetes.io/name: {{ include "miweb-chart.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "miweb-chart.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "miweb-chart.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/HelmCharts/miweb-chart/templates/certbot-deployment.yaml b/HelmCharts/miweb-chart/templates/certbot-deployment.yaml new file mode 100644 index 00000000..e13104da --- /dev/null +++ b/HelmCharts/miweb-chart/templates/certbot-deployment.yaml @@ -0,0 +1,45 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: miweb-certbot-pv-claim + labels: + app: miweb +spec: + accessModes: + - ReadWriteMany + storageClassName: "" + resources: + requests: + storage: 200M +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: miweb-certbot + labels: + app: miweb +spec: + selector: + matchLabels: + app: miweb + tier: frontend + strategy: + type: Recreate + template: + metadata: + labels: + app: miweb + tier: frontend + spec: + containers: + - name: certbot + image: certbot/certbot:latest + volumeMounts: + - name: miweb-certbot-folder + mountPath: /var/www/certbot + imagePullSecrets: + - name: reg-cred-secret + volumes: + - name: miweb-certbot-folder + persistentVolumeClaim: + claimName: miweb-certbot-pv-claim diff --git a/HelmCharts/miweb-chart/templates/deployment.yaml b/HelmCharts/miweb-chart/templates/deployment.yaml deleted file mode 100644 index c9bfb102..00000000 --- a/HelmCharts/miweb-chart/templates/deployment.yaml +++ /dev/null @@ -1,40 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "miweb-chart.fullname" . }} - labels: - app: nginx - {{- include "miweb-chart.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - app: nginx - tier: frontend - {{- include "miweb-chart.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - app: nginx - tier: frontend - {{- include "miweb-chart.selectorLabels" . | nindent 8 }} - spec: - containers: - - env: - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ .Values.kubernetesClusterDomain }} - image: {{ .Values.example.nginx.image.repository }}:{{ .Values.example.nginx.image.tag - | default .Chart.AppVersion }} - name: nginx - ports: - - containerPort: 80 - name: nginx-http - resources: {} - volumeMounts: - - mountPath: /usr/share/nginx/html/ - name: nginx-www-folder - imagePullSecrets: - - name: reg-cred-secret - volumes: - - name: nginx-www-folder - persistentVolumeClaim: - claimName: {{ include "miweb-chart.fullname" . }}-pv-claim diff --git a/HelmCharts/miweb-chart/templates/example.yaml b/HelmCharts/miweb-chart/templates/example.yaml deleted file mode 100644 index 55a95bdd..00000000 --- a/HelmCharts/miweb-chart/templates/example.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "miweb-chart.fullname" . }}-example - labels: - {{- include "miweb-chart.labels" . | nindent 4 }} -spec: - type: {{ .Values.example.type }} - selector: - app: nginx - {{- include "miweb-chart.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.example.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/HelmCharts/miweb-chart/templates/miweb-deployment.yaml b/HelmCharts/miweb-chart/templates/miweb-deployment.yaml new file mode 100644 index 00000000..454b3d59 --- /dev/null +++ b/HelmCharts/miweb-chart/templates/miweb-deployment.yaml @@ -0,0 +1,83 @@ +apiVersion: v1 +kind: Service +metadata: + name: miweb +spec: + type: NodePort + ports: + - name: http + port: 80 + nodePort: 30080 + targetPort: miweb-http + selector: + app: miweb +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: miweb-pv-claim + labels: + app: miweb +spec: + accessModes: + - ReadWriteMany + storageClassName: "" + resources: + requests: + storage: 2Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: miweb-conf-pv-claim + labels: + app: miweb +spec: + accessModes: + - ReadWriteMany + storageClassName: "" + resources: + requests: + storage: 100M +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: miweb + labels: + app: miweb +spec: + selector: + matchLabels: + app: miweb + tier: frontend + strategy: + type: Recreate + template: + metadata: + labels: + app: miweb + tier: frontend + spec: + containers: + - name: miweb + #image: linuxserver/nginx + image: docker-registry:32000/minginx:2.0 + #image: httpd + ports: + - containerPort: 80 + name: "miweb-http" + volumeMounts: + - name: miweb-www-folder + mountPath: /usr/share/nginx/html + - name: miweb-conf-folder + mountPath: /etc/nginx/conf.d + imagePullSecrets: + - name: reg-cred-secret + volumes: + - name: miweb-www-folder + persistentVolumeClaim: + claimName: miweb-pv-claim + - name: miweb-conf-folder + persistentVolumeClaim: + claimName: miweb-conf-pv-claim diff --git a/HelmCharts/miweb-chart/templates/pv-claim.yaml b/HelmCharts/miweb-chart/templates/pv-claim.yaml deleted file mode 100644 index 8f99a794..00000000 --- a/HelmCharts/miweb-chart/templates/pv-claim.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "miweb-chart.fullname" . }}-pv-claim - labels: - app: nginx - {{- include "miweb-chart.labels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: {{ .Values.pvc.pvClaim.storageRequest | quote }} - storageClassName: {{ .Values.pvc.pvClaim.storageClass | quote }} \ No newline at end of file diff --git a/HelmCharts/nextcloud-chart/.helmignore b/HelmCharts/nextcloud-chart/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/HelmCharts/nextcloud-chart/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/HelmCharts/nextcloud-chart/Chart.yaml b/HelmCharts/nextcloud-chart/Chart.yaml new file mode 100644 index 00000000..d08a5350 --- /dev/null +++ b/HelmCharts/nextcloud-chart/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: nextcloud-chart +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.16.0" diff --git a/HelmCharts/nextcloud-chart/templates/mysql-deployment.yaml b/HelmCharts/nextcloud-chart/templates/mysql-deployment.yaml new file mode 100644 index 00000000..254ff194 --- /dev/null +++ b/HelmCharts/nextcloud-chart/templates/mysql-deployment.yaml @@ -0,0 +1,70 @@ +apiVersion: v1 +kind: Service +metadata: + name: nextcloud-mysql + namespace: nextcloud + labels: + app: nextcloud +spec: + ports: + - port: 3306 + selector: + app: nextcloud + tier: mysql + clusterIP: None +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: mysql-nc-pv-claim + namespace: nextcloud + labels: + app: nextcloud +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nextcloud-mysql + namespace: nextcloud + labels: + app: nextcloud +spec: + selector: + matchLabels: + app: nextcloud + tier: mysql + strategy: + type: Recreate + template: + metadata: + labels: + app: nextcloud + tier: mysql + spec: + containers: + - image: docker-registry:32000/mariadb:1.0 + name: mysql + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mysqlnc-pass + key: password + ports: + - containerPort: 3306 + name: mysql + volumeMounts: + - name: mysql-persistent-storage + mountPath: /var/lib/mysql + imagePullSecrets: + - name: reg-cred-secret + volumes: + - name: mysql-persistent-storage + persistentVolumeClaim: + claimName: mysql-nc-pv-claim diff --git a/HelmCharts/nextcloud-chart/templates/nextcloud-deployment.yaml b/HelmCharts/nextcloud-chart/templates/nextcloud-deployment.yaml new file mode 100644 index 00000000..2a9d1f54 --- /dev/null +++ b/HelmCharts/nextcloud-chart/templates/nextcloud-deployment.yaml @@ -0,0 +1,51 @@ +apiVersion: v1 +kind: Service +metadata: + name: nextcloud-server + namespace: nextcloud + labels: + app: nextcloud +spec: + selector: + pod-label: nextcloud-server-pod + type: NodePort + ports: + - port: 80 + nodePort: 30289 + targetPort: nextcloud +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nextcloud-server + namespace: nextcloud + labels: + app: nextcloud +spec: + replicas: 1 + selector: + matchLabels: + pod-label: nextcloud-server-pod + template: + metadata: + labels: + pod-label: nextcloud-server-pod + spec: + containers: + - name: nextcloud + #image: nextcloud + image: docker-registry:32000/nextcloud:1.0 + volumeMounts: + - name: server-storage + mountPath: /var/www/html + subPath: server-data + ports: + - containerPort: 80 + name: nextcloud + imagePullSecrets: + - name: reg-cred-secret + volumes: + - name: server-storage + persistentVolumeClaim: + claimName: dbnc-pv-claim + diff --git a/HelmCharts/nextcloud-chart/templates/nextcloud-secrets.yaml b/HelmCharts/nextcloud-chart/templates/nextcloud-secrets.yaml new file mode 100644 index 00000000..5b983015 --- /dev/null +++ b/HelmCharts/nextcloud-chart/templates/nextcloud-secrets.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mysqlnc-pass + namespace: nextcloud +data: + password: RHNhLTAyMTMK + db_user: cm9vdAo= + db_passwd: RHNhLTAyMTMK diff --git a/HelmCharts/nextcloud-chart/templates/php-deployment.yaml b/HelmCharts/nextcloud-chart/templates/php-deployment.yaml new file mode 100644 index 00000000..ca5f14f3 --- /dev/null +++ b/HelmCharts/nextcloud-chart/templates/php-deployment.yaml @@ -0,0 +1,56 @@ +apiVersion: v1 +kind: Service +metadata: + name: phpmyadmin-nextcloud + namespace: nextcloud + labels: + app: nextcloud +spec: + selector: + app: nextcloud + tier: phpmyadmin + type: NodePort + ports: + - name: phpadmin + port: 80 + nodePort: 30480 + targetPort: phpmyadm +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: phpmyadmin-nextcloud + namespace: nextcloud + labels: + app: nextcloud +spec: + selector: + matchLabels: + app: nextcloud + tier: phpmyadmin + strategy: + type: Recreate + template: + metadata: + labels: + app: nextcloud + tier: phpmyadmin + spec: + containers: + - name: phpmyadmin + image: docker-registry:32000/phpmyadmin:1.0 + ports: + - containerPort: 80 + name: phpmyadm + env: + - name: PMA_HOST + value: nextcloud-mysql + - name: PMA_PORT + value: "3306" + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: mysqlnc-pass + key: password + imagePullSecrets: + - name: reg-cred-secret diff --git a/HelmCharts/nextcloud-chart/templates/pvc-nextcloud.yaml b/HelmCharts/nextcloud-chart/templates/pvc-nextcloud.yaml new file mode 100644 index 00000000..21eb2120 --- /dev/null +++ b/HelmCharts/nextcloud-chart/templates/pvc-nextcloud.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dbnc-pv-claim + namespace: nextcloud + labels: + app: nextcloud +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 50Gi diff --git a/HelmCharts/nextcloud-chart/templates/registry-secrets.yaml b/HelmCharts/nextcloud-chart/templates/registry-secrets.yaml new file mode 100644 index 00000000..3f56538e --- /dev/null +++ b/HelmCharts/nextcloud-chart/templates/registry-secrets.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +data: + .dockerconfigjson: eyJhdXRocyI6eyJkb2NrZXItcmVnaXN0cnk6MzIwMDAiOnsidXNlcm5hbWUiOiJjcmV5bG9wZXoiLCJwYXNzd29yZCI6IlJleS0xMTc2IiwiYXV0aCI6IlkzSmxlV3h2Y0dWNk9sSmxlUzB4TVRjMiJ9fX0= +kind: Secret +metadata: + creationTimestamp: "2023-01-29T10:54:14Z" + name: reg-cred-secret + namespace: nextcloud + resourceVersion: "19890385" + uid: 66b3b7c5-26c1-4e5a-af4e-dc973aaafe4b +type: kubernetes.io/dockerconfigjson diff --git a/HelmCharts/nextcloud-chart/values.yaml b/HelmCharts/nextcloud-chart/values.yaml new file mode 100644 index 00000000..4a1d14f5 --- /dev/null +++ b/HelmCharts/nextcloud-chart/values.yaml @@ -0,0 +1,82 @@ +# Default values for nextcloud-chart. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: nginx + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" + +imagePullSecrets: [reg-cred-secret] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "" + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/HelmCharts/preparaMiweb/pv-local-miweb-certbot.yaml b/HelmCharts/preparaMiweb/pv-local-miweb-certbot.yaml new file mode 100644 index 00000000..c17fa69f --- /dev/null +++ b/HelmCharts/preparaMiweb/pv-local-miweb-certbot.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: miweb-certbot-folder +spec: + capacity: + storage: 200M + accessModes: + - ReadWriteMany + hostPath: + path: "/mnt/cluster/miweb/certbot" diff --git a/HelmCharts/preparaMiweb/pv-local-miweb-conf.yaml b/HelmCharts/preparaMiweb/pv-local-miweb-conf.yaml new file mode 100644 index 00000000..b999f27e --- /dev/null +++ b/HelmCharts/preparaMiweb/pv-local-miweb-conf.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: miweb-conf-folder +spec: + capacity: + storage: 100M + accessModes: + - ReadWriteMany + hostPath: + path: "/mnt/cluster/miweb/conf" diff --git a/HelmCharts/preparaMiweb/pv-local-nginx.yaml b/HelmCharts/preparaMiweb/pv-local-miweb.yaml similarity index 68% rename from HelmCharts/preparaMiweb/pv-local-nginx.yaml rename to HelmCharts/preparaMiweb/pv-local-miweb.yaml index 847ba768..10be64f1 100644 --- a/HelmCharts/preparaMiweb/pv-local-nginx.yaml +++ b/HelmCharts/preparaMiweb/pv-local-miweb.yaml @@ -1,11 +1,11 @@ apiVersion: v1 kind: PersistentVolume metadata: - name: www-nginx-folder + name: miweb-www-folder spec: capacity: storage: 2Gi accessModes: - ReadWriteMany hostPath: - path: "/mnt/cluster/nginx/www" + path: "/mnt/cluster/miweb/www" diff --git a/HelmCharts/preparaNextCloud/nc-namespace.yaml b/HelmCharts/preparaNextCloud/nc-namespace.yaml new file mode 100644 index 00000000..16a19737 --- /dev/null +++ b/HelmCharts/preparaNextCloud/nc-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: nextcloud diff --git a/HelmCharts/preparaNextCloud/pv-local-mysql.yaml b/HelmCharts/preparaNextCloud/pv-local-mysql.yaml new file mode 100644 index 00000000..b4f8f479 --- /dev/null +++ b/HelmCharts/preparaNextCloud/pv-local-mysql.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: nc-data +spec: + capacity: + storage: 20Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/Externo/nextcloud/nextcloud-db" diff --git a/HelmCharts/preparaNextCloud/pv-local-nextcloud.yaml b/HelmCharts/preparaNextCloud/pv-local-nextcloud.yaml new file mode 100644 index 00000000..2ca5b98a --- /dev/null +++ b/HelmCharts/preparaNextCloud/pv-local-nextcloud.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: nextcloud +spec: + capacity: + storage: 50Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/Externo/nextcloud"