admin/homelab-manifests
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

fixed geoip tag

Browse Source
This commit is contained in:
authentik Default Admin
2026-01-20 18:01:32 +01:00
parent 7595cbe4ad
commit 99548a235e
33 changed files with 2864 additions and 2863 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nextcloud-system/nextcloud.yaml
+54 -57
View File
@@ -112,19 +112,19 @@ data:
<ifModule mod_autoindex.c>
IndexIgnore *
</ifModule>
apache-pretty-urls.config.php: |-
<?php
$CONFIG = array (
'htaccess.RewriteBase' => '/',
);
apcu.config.php: |-
<?php
$CONFIG = array (
'memcache.local' => '\OC\Memcache\APCu',
);
apps.config.php: |-
<?php
$CONFIG = array (
@@ -141,12 +141,12 @@ data:
),
),
);
autoconfig.php: |-
<?php
$autoconfig_enabled = false;
if (getenv('SQLITE_DATABASE')) {
$AUTOCONFIG['dbtype'] = 'sqlite';
$AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
@@ -180,48 +180,48 @@ data:
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
$autoconfig_enabled = true;
}
if ($autoconfig_enabled) {
$AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
}
reverse-proxy.config.php: |-
<?php
$overwriteHost = getenv('OVERWRITEHOST');
if ($overwriteHost) {
$CONFIG['overwritehost'] = $overwriteHost;
}
$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
if ($overwriteProtocol) {
$CONFIG['overwriteprotocol'] = $overwriteProtocol;
}
$overwriteCliUrl = getenv('OVERWRITECLIURL');
if ($overwriteCliUrl) {
$CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
}
$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
if ($overwriteWebRoot) {
$CONFIG['overwritewebroot'] = $overwriteWebRoot;
}
$overwriteCondAddr = getenv('OVERWRITECONDADDR');
if ($overwriteCondAddr) {
$CONFIG['overwritecondaddr'] = $overwriteCondAddr;
}
$trustedProxies = getenv('TRUSTED_PROXIES');
if ($trustedProxies) {
$CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
}
$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
if ($forwardedForHeaders) {
$CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
}
upgrade-disable-web.config.php: |-
<?php
$CONFIG = array (
@@ -450,8 +450,7 @@ spec:
value: "https://nextcloud.dooplex.hu"
- name: NEXTCLOUD_DATA_DIR
value: "/data"
resources:
{}
resources: {}
volumeMounts:
- name: nextcloud-main
mountPath: /var/www/
@@ -515,8 +514,8 @@ spec:
path: /status.php
port: 80
httpHeaders:
- name: Host
value: localhost
- name: Host
value: localhost
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
@@ -524,10 +523,10 @@ spec:
livenessProbe:
httpGet:
path: /status.php
port: 80
port: 80
httpHeaders:
- name: Host
value: localhost
- name: Host
value: localhost
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
@@ -536,10 +535,10 @@ spec:
readinessProbe:
httpGet:
path: /status.php
port: 80
port: 80
httpHeaders:
- name: Host
value: localhost
- name: Host
value: localhost
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
@@ -548,10 +547,8 @@ spec:
initContainers:
- name: postgresql-isready
image: docker.io/bitnamilegacy/postgresql:17.5.0-debian-12-r3
resources:
{}
securityContext:
{}
resources: {}
securityContext: {}
env:
- name: POSTGRES_USER
valueFrom:
@@ -640,7 +637,7 @@ spec:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsGroup: 1001
@@ -750,7 +747,7 @@ spec:
medium: Memory
- name: data
persistentVolumeClaim:
claimName: nextcloud-postgresql-data # NOW PERSISTENT
claimName: nextcloud-postgresql-data # NOW PERSISTENT
---
apiVersion: networking.k8s.io/v1
kind: Ingress
@@ -763,7 +760,7 @@ metadata:
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_hide_header Content-Security-Policy;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https:; media-src 'self'; frame-ancestors 'self' https://home.dooplex.hu https://orsi.dooplex.hu https://kisfenyo.dooplex.hu;" always;
if ($geoip2_city_country_code != "HU") {
if ($geoip2_country_code != "HU") {
return 403 "Access restricted to Hungary";
}
name: nextcloud
@@ -771,32 +768,32 @@ metadata:
spec:
ingressClassName: nginx-internal
rules:
- host: nextcloud.dooplex.hu
http:
paths:
- backend:
service:
name: nextcloud
port:
number: 80
path: /
pathType: Prefix
- host: nextcloud.home
http:
paths:
- backend:
service:
name: nextcloud
port:
number: 80
path: /
pathType: Prefix
- host: nextcloud.dooplex.hu
http:
paths:
- backend:
service:
name: nextcloud
port:
number: 80
path: /
pathType: Prefix
- host: nextcloud.home
http:
paths:
- backend:
service:
name: nextcloud
port:
number: 80
path: /
pathType: Prefix
tls:
- hosts:
- nextcloud.dooplex.hu
secretName: nextcloud-tls
- hosts:
- nextcloud.dooplex.hu
secretName: nextcloud-tls
status:
loadBalancer:
ingress:
- ip: 192.168.0.192
---
- ip: 192.168.0.192
---