diff --git a/charts/wordpress/.helmignore b/charts/wordpress/.helmignore
new file mode 100644
index 0000000000000000000000000000000000000000..0e8a0eb36f4ca2c939201c0d54b5d82a1ea34778
--- /dev/null
+++ b/charts/wordpress/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/wordpress/Chart.lock b/charts/wordpress/Chart.lock
new file mode 100644
index 0000000000000000000000000000000000000000..3aaf8870732ce6dd75504cf42f6d48cce395ec01
--- /dev/null
+++ b/charts/wordpress/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: mariadb
+ repository: https://groundhog2k.github.io/helm-charts
+ version: 0.1.3
+digest: sha256:7a1725b4d952cb76e1c3d9cb762984dfdba01cc26a282509f0aaada12c108007
+generated: "2020-11-01T17:34:27.3271202+01:00"
diff --git a/charts/wordpress/Chart.yaml b/charts/wordpress/Chart.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d2fe49056478a575f07843bcda4d91dd888312a0
--- /dev/null
+++ b/charts/wordpress/Chart.yaml
@@ -0,0 +1,20 @@
+apiVersion: v2
+name: wordpress
+description: A Helm chart for Wordpress on Kubernetes
+
+maintainers:
+ - name: groundhog2k
+
+type: application
+
+# This is the chart version.
+version: 0.1.0
+
+# This is the version number of the application being deployed.
+appVersion: "5.5.1-apache"
+
+dependencies:
+ - name: mariadb
+ version: 0.1.3
+ repository: "https://groundhog2k.github.io/helm-charts"
+ condition: mariadb.enabled
diff --git a/charts/wordpress/charts/mariadb-0.1.3.tgz b/charts/wordpress/charts/mariadb-0.1.3.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..785c7f79276dbf7153a01d9e62f5ac722ded9a7d
Binary files /dev/null and b/charts/wordpress/charts/mariadb-0.1.3.tgz differ
diff --git a/charts/wordpress/templates/_helpers.tpl b/charts/wordpress/templates/_helpers.tpl
new file mode 100644
index 0000000000000000000000000000000000000000..bcb6a06acb3eac874018f65e1e06276747be28dc
--- /dev/null
+++ b/charts/wordpress/templates/_helpers.tpl
@@ -0,0 +1,88 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "wordpress.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "wordpress.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{- define "mariadb.servicename" -}}
+{{- if .Values.mariadb.fullnameOverride }}
+{{- .Values.mariadb.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default "mariadb" .Values.mariadb.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{- define "redis.servicename" -}}
+{{- if .Values.redis.fullnameOverride }}
+{{- .Values.redis.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default "redis" .Values.redis.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "wordpress.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "wordpress.labels" -}}
+helm.sh/chart: {{ include "wordpress.chart" . }}
+{{ include "wordpress.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "wordpress.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "wordpress.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "wordpress.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "wordpress.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/charts/wordpress/templates/deployment.yaml b/charts/wordpress/templates/deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fcc6a4059e5481e8f1254abeabf77c6d5d65382f
--- /dev/null
+++ b/charts/wordpress/templates/deployment.yaml
@@ -0,0 +1,126 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ include "wordpress.fullname" . }}
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.replicaCount }}
+ selector:
+ matchLabels:
+ {{- include "wordpress.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ {{- include "wordpress.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "wordpress.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.podSecurityContext | nindent 8 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ envFrom:
+ - secretRef:
+ name: {{ include "wordpress.fullname" . }}
+ env:
+ {{- with .Values.env }}
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.containerPort }}
+ protocol: TCP
+ {{- if .Values.livenessProbe.enabled }}
+ livenessProbe:
+ httpGet:
+ path: /wp-admin/install.php
+ port: http
+ httpHeaders:
+ - name: Host
+ value: localhost:{{ .Values.containerPort }}
+ {{- with .Values.livenessProbe }}
+ initialDelaySeconds: {{ .initialDelaySeconds }}
+ timeoutSeconds: {{ .timeoutSeconds }}
+ failureThreshold: {{ .failureThreshold }}
+ successThreshold: {{ .successThreshold }}
+ periodSeconds: {{ .periodSeconds }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.readinessProbe.enabled }}
+ readinessProbe:
+ httpGet:
+ path: /wp-login.php
+ port: http
+ httpHeaders:
+ - name: Host
+ value: localhost:{{ .Values.containerPort }}
+ {{- with .Values.readinessProbe }}
+ initialDelaySeconds: {{ .initialDelaySeconds }}
+ timeoutSeconds: {{ .timeoutSeconds }}
+ failureThreshold: {{ .failureThreshold }}
+ successThreshold: {{ .successThreshold }}
+ periodSeconds: {{ .periodSeconds }}
+ {{- end }}
+ {{- end }}
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
+ volumeMounts:
+ - mountPath: /var/www/html
+ name: wordpress-vol
+ - mountPath: /tmp
+ name: tmp
+ - mountPath: /var/run
+ name: run
+ - mountPath: /etc/apache2/ports.conf
+ subPath: ports.conf
+ name: extended
+ - mountPath: /etc/apache2/000-default.conf
+ subPath: 000-default.conf
+ name: extended
+ - mountPath: /usr/local/etc/php/conf.d/custom.ini
+ subPath: custom.ini
+ name: extended
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: tmp
+ emptyDir: {}
+ - name: run
+ emptyDir: {}
+ - name: extended
+ configMap:
+ name: {{ include "wordpress.fullname" . }}-extended
+ - name: wordpress-vol
+ {{- if .Values.storage.persistentVolumeClaimName }}
+ persistentVolumeClaim:
+ claimName: {{ .Values.storage.persistentVolumeClaimName }}
+ {{- else }}
+ {{- if .Values.storage.requestedSize }}
+ persistentVolumeClaim:
+ claimName: {{ include "wordpress.fullname" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- end }}
\ No newline at end of file
diff --git a/charts/wordpress/templates/extended-config.yaml b/charts/wordpress/templates/extended-config.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c40bcc540c439dbd7ca8ef736c3dcfad3997a09e
--- /dev/null
+++ b/charts/wordpress/templates/extended-config.yaml
@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "wordpress.fullname" . }}-extended
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+data:
+ 000-default.conf: |
+ {{- if .Values.apacheDefaultSiteConfig }}
+ {{ .Values.apacheDefaultSiteConfig | nindent 4 }}
+ {{- else }}
+ <VirtualHost *:{{ .Values.containerPort }}>
+ ServerAdmin webmaster@localhost
+ DocumentRoot /var/www/html
+
+ ErrorLog ${APACHE_LOG_DIR}/error.log
+ CustomLog ${APACHE_LOG_DIR}/access.log combined
+ </VirtualHost>
+ {{- end }}
+ ports.conf: |
+ {{- if .Values.apachePortsConfig }}
+ {{ .Values.apachePortsConfig | nindent 4 }}
+ {{- else }}
+ Listen {{ .Values.containerPort }}
+ {{- end }}
+ custom.ini: |
+ {{ .Values.customPhpConfig | nindent 4 }}
diff --git a/charts/wordpress/templates/ingress.yaml b/charts/wordpress/templates/ingress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1e1fa2990a4925e3547676098612af8e7fb0c50e
--- /dev/null
+++ b/charts/wordpress/templates/ingress.yaml
@@ -0,0 +1,43 @@
+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "wordpress.fullname" . -}}
+{{- $svcPort := .Values.service.port -}}
+{{- $maxSize := .Values.ingress.maxBodySize -}}
+{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+apiVersion: networking.k8s.io/v1beta1
+{{- else -}}
+apiVersion: extensions/v1beta1
+{{- end }}
+kind: Ingress
+metadata:
+ name: {{ $fullName }}
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+ annotations:
+ nginx.ingress.kubernetes.io/proxy-body-size: {{ $maxSize }}
+ {{- with .Values.ingress.annotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+spec:
+ {{- if .Values.ingress.tls }}
+ tls:
+ {{- range .Values.ingress.tls }}
+ - hosts:
+ {{- range .hosts }}
+ - {{ . | quote }}
+ {{- end }}
+ secretName: {{ .secretName }}
+ {{- end }}
+ {{- end }}
+ rules:
+ {{- range .Values.ingress.hosts }}
+ - host: {{ .host | quote }}
+ http:
+ paths:
+ {{- range .paths }}
+ - path: {{ . }}
+ backend:
+ serviceName: {{ $fullName }}
+ servicePort: {{ $svcPort }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
diff --git a/charts/wordpress/templates/pvcs.yaml b/charts/wordpress/templates/pvcs.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..977c6c3f3fe24e3d63dcf8f0c93d41abedfe14b2
--- /dev/null
+++ b/charts/wordpress/templates/pvcs.yaml
@@ -0,0 +1,21 @@
+{{- $createNcPvc := and (empty .Values.storage.persistentVolumeClaimName) (.Values.storage.requestedSize) }}
+{{- if $createNcPvc }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ include "wordpress.fullname" . }}
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+spec:
+ {{- with .Values.storage }}
+ accessModes:
+ {{- toYaml .accessModes | nindent 4 }}
+ volumeMode: Filesystem
+ resources:
+ requests:
+ storage: {{ .requestedSize }}
+ {{- if .storageClassName }}
+ storageClassName: {{ .storageClassName }}
+ {{- end }}
+ {{- end }}
+{{- end }}
diff --git a/charts/wordpress/templates/secureconfig.yaml b/charts/wordpress/templates/secureconfig.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..60d2d9075314ebe1cdbdd3c52a11fce3634d3ffe
--- /dev/null
+++ b/charts/wordpress/templates/secureconfig.yaml
@@ -0,0 +1,27 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "wordpress.fullname" . }}
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+stringData:
+{{- if .Values.mariadb.enabled }}
+ WORDPRESS_DB_HOST: {{ include "mariadb.servicename" . }}
+ {{- with .Values.mariadb.userDatabase }}
+ WORDPRESS_DB_NAME: {{ .name }}
+ WORDPRESS_DB_USER: {{ .user }}
+ WORDPRESS_DB_PASSWORD: {{ .password }}
+ {{- end }}
+{{- else }}
+{{- with .Values.externalDatabase }}
+ WORDPRESS_DB_NAME: {{ .name }}
+ WORDPRESS_DB_USER: {{ .user }}
+ WORDPRESS_DB_PASSWORD: {{ .password }}
+ WORDPRESS_DB_HOST: {{ .host }}
+{{- end }}
+{{- end }}
+{{- with .Values.settings }}
+ {{- if .tablePrefix }}
+ WORDPRESS_TABLE_PREFIX: {{ .tablePrefix }}
+ {{- end }}
+{{- end }}
diff --git a/charts/wordpress/templates/service.yaml b/charts/wordpress/templates/service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..2da55e9037b1efcd3923daaa57df9425b96aeb7c
--- /dev/null
+++ b/charts/wordpress/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "wordpress.fullname" . }}
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.service.type }}
+ ports:
+ - port: {{ .Values.service.port }}
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ {{- include "wordpress.selectorLabels" . | nindent 4 }}
diff --git a/charts/wordpress/templates/serviceaccount.yaml b/charts/wordpress/templates/serviceaccount.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..2db9c9cf40a6a17e3bd7a0ca77e0abbd1baf6c26
--- /dev/null
+++ b/charts/wordpress/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "wordpress.serviceAccountName" . }}
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+ {{- with .Values.serviceAccount.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- end }}
diff --git a/charts/wordpress/templates/tests/test-connection.yaml b/charts/wordpress/templates/tests/test-connection.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..95fb60fa8c187225ef262ff701431398a4061f3c
--- /dev/null
+++ b/charts/wordpress/templates/tests/test-connection.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+ name: "{{ include "wordpress.fullname" . }}-test-connection"
+ labels:
+ {{- include "wordpress.labels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": test-success
+spec:
+ containers:
+ - name: wget
+ image: busybox
+ command: ['wget']
+ args: ['{{ include "wordpress.fullname" . }}:{{ .Values.service.port }}']
+ restartPolicy: Never
diff --git a/charts/wordpress/values.yaml b/charts/wordpress/values.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c4a2edb1fdee1f64b973da558f25a24ba6b31a10
--- /dev/null
+++ b/charts/wordpress/values.yaml
@@ -0,0 +1,184 @@
+## Default values for Wordpress deployment
+
+## Number of wordpress replicas
+replicaCount: 1
+
+## Netxcloud docker image
+## use arm64v8/nextcloud for the same image on ARM64v8
+image:
+ repository: wordpress
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: ""
+
+## Pull secrets and name override options
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+## Optional service account
+serviceAccount:
+ # Specifies whether a service account should be created
+ create: false
+ # Annotations to add to the service account
+ annotations: {}
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+## Default node type for the image
+## use arm64v8 for the arm64v8/nextcloud image
+nodeSelector:
+ kubernetes.io/arch: amd64
+
+## Additional pod annotations
+podAnnotations: {}
+
+## Pod security options (default: www-data as fsGroup and user running as non-root)
+podSecurityContext:
+ fsGroup: 33
+ runAsUser: 33
+ runAsNonRoot: true
+
+## Default security options to run Wordpress as read only container without privilege escalation
+securityContext:
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ privileged: false
+
+service:
+ type: ClusterIP
+ port: 80
+
+## Ingress configuration
+ingress:
+ ## Enable ingress endpoint
+ enabled: false
+
+ ## Maximal body size (default: 64m - increase if uploads to Wordpress failing)
+ maxBodySize: 64m
+
+ ## Additional ingress annotations
+ annotations: {}
+ # kubernetes.io/ingress.class: nginx
+ # kubernetes.io/tls-acme: "true"
+
+ ## Hosts
+ hosts:
+ - host:
+ paths: []
+
+ ## TLS settings for hosts
+ tls: []
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+## Resource limits and requests
+resources: {}
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+## Default liveness probe
+livenessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ periodSeconds: 10
+
+## Default readiness probe
+readinessProbe:
+ enabled: true
+ initialDelaySeconds: 30
+ timeoutSeconds: 5
+ failureThreshold: 5
+ successThreshold: 1
+ periodSeconds: 10
+
+tolerations: []
+
+affinity: {}
+
+## Internal container port (default: 8000)
+containerPort: 8000
+
+## Additional environment variables
+env: []
+
+## External database settings (is used when mariadb.enabled is false)
+externalDatabase:
+ ## Name of the database (default: wordpress)
+ name: wordpress
+
+ ## Database user
+ user:
+
+ ## Database password
+ password:
+
+ ## Database host
+ host:
+
+## Wordpress specific settings
+settings:
+ tablePrefix:
+
+## Additional PHP custom.ini
+customPhpConfig: |
+
+## Overwrite default apache ports.conf
+apachePortsConfig: |
+
+## Overwrite default apache 000-default.conf
+apacheDefaultSiteConfig: |
+
+## Storage parameters
+storage:
+ ## Set persistentVolumenClaimName to reference an existing PVC
+ # persistentVolumeClaimName: <own-pvc-name>
+
+ ## Alternative set requestedSize to define a size for a dynmaically created PVC
+ # requestedSize: <volume-size>
+
+ ## the storage class name
+ # className:
+
+ ## Default access mode (ReadWriteOnce)
+ accessModes:
+ - ReadWriteOnce
+
+## MariaDB configuration
+mariadb:
+ ## Enable MariaDB helm chart for deployment (default: false)
+ enabled: false
+
+ ## Database configuration
+ settings:
+ ## The root user password (default: a 10 char. alpahnumerical random password will be generated)
+ rootPassword:
+
+ ## Optional user database which is created during first startup with user and password
+ userDatabase:
+ ## Name of the user database
+ name:
+ ## Database user with full access rights
+ user:
+ ## Password of the database user (default: a 10 char. alpahnumerical random password will be generated)
+ password:
+
+ # Storage parameters
+ storage:
+ ## Set persistentVolumenClaimName to reference an existing PVC
+ # persistentVolumeClaimName: <own-pvc-name>
+
+ ## Alternative set requestedSize to define a size for a dynmaically created PVC
+ # requestedSize: <volume-size>
+
+ ## the storage class name
+ # className: