helm chart - allow to add additional trusted domain

Signed-off-by: Simon L <szaimen@e.mail.de>

Containers/apache/Caddyfile

@@ -14,6 +14,8 @@
     }
 }
 
+if additional_trusted_domain; then generate cert and rewrite to normal domain?; fi
+
 {$PROTOCOL}://{$NC_DOMAIN}:{$APACHE_PORT} {
 
     # Collabora

Containers/nextcloud/entrypoint.sh

@@ -528,6 +528,9 @@ php /var/www/html/occ config:system:set trusted_proxies 1 --value="::1"
 if [ -n "$ADDITIONAL_TRUSTED_PROXY" ]; then
     php /var/www/html/occ config:system:set trusted_proxies 2 --value="$ADDITIONAL_TRUSTED_PROXY"
 fi
+if [ -n "$ADDITIONAL_TRUSTED_DOMAIN" ]; then
+    php /var/www/html/occ config:system:set trusted_domains 2 --value="$ADDITIONAL_TRUSTED_DOMAIN"
+fi
 php /var/www/html/occ config:app:set notify_push base_endpoint --value="https://$NC_DOMAIN/push"
 
 # Collabora

manual-install/latest.yml

@@ -110,7 +110,6 @@ services:
       - ADMIN_USER=admin
       - ADMIN_PASSWORD=${NEXTCLOUD_PASSWORD}
       - NEXTCLOUD_DATA_DIR=/mnt/ncdata
-      - OVERWRITEHOST=${NC_DOMAIN}
       - OVERWRITEPROTOCOL=https
       - TURN_SECRET=${TURN_SECRET}
       - SIGNALING_SECRET=${SIGNALING_SECRET}

nextcloud-aio-helm-chart/templates/nextcloud-aio-nextcloud-deployment.yaml

@@ -70,6 +70,8 @@ spec:
               value: "{{ .Values.APPS_ALLOWLIST }}"
             - name: ADDITIONAL_TRUSTED_PROXY
               value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}"
+            - name: ADDITIONAL_TRUSTED_DOMAIN
+              value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
             - name: SERVERINFO_TOKEN
               value: "{{ .Values.SERVERINFO_TOKEN }}"
             - name: ADDITIONAL_APKS

nextcloud-aio-helm-chart/update-helm.sh

@@ -27,6 +27,7 @@ sed -i 's|^|export |' /tmp/sample.conf
 # shellcheck disable=SC1091
 source /tmp/sample.conf
 rm /tmp/sample.conf
+sed -i '/OVERWRITEHOST/d' containers.yml
 sed -i "s|:latest$|:$DOCKER_TAG-latest|" latest.yml
 sed -i "s|\${APACHE_IP_BINDING}:||" latest.yml
 sed -i '/APACHE_IP_BINDING/d' latest.yml
@@ -255,6 +256,8 @@ cat << EOL > /tmp/additional.config
               value: "{{ .Values.APPS_ALLOWLIST }}"
             - name: ADDITIONAL_TRUSTED_PROXY
               value: "{{ .Values.ADDITIONAL_TRUSTED_PROXY }}"
+            - name: ADDITIONAL_TRUSTED_DOMAIN
+              value: "{{ .Values.ADDITIONAL_TRUSTED_DOMAIN }}"
             - name: SERVERINFO_TOKEN
               value: "{{ .Values.SERVERINFO_TOKEN }}"
 EOL
@@ -305,6 +308,7 @@ SUBSCRIPTION_KEY:        # This allows to set the Nextcloud Enterprise key via E
 SERVERINFO_TOKEN:        # This allows to set the serverinfo app token for monitoring your Nextcloud via the serverinfo app
 APPS_ALLOWLIST:        # This allows to configure allowed apps that will be shown in Nextcloud's Appstore. You need to enter the app-IDs of the apps here and separate them with spaces. E.g. 'files richdocuments'
 ADDITIONAL_TRUSTED_PROXY:        # Allows to add one additional ip-address to Nextcloud's trusted proxies and to the Office WOPI-allowlist automatically. Set it e.g. like this: 'your.public.ip-address'. You can also use an ip-range here.
+ADDITIONAL_TRUSTED_DOMAIN:        # Allows to add one domain to Nextcloud's trusted domains and also generates a certificate automatically for it
 SMTP_HOST:        # (empty by default): The hostname of the SMTP server.
 SMTP_SECURE:         # (empty by default): Set to 'ssl' to use SSL, or 'tls' to use STARTTLS.
 SMTP_PORT:         # (default: '465' for SSL and '25' for non-secure connections): Optional port for the SMTP connection. Use '587' for an alternative port for STARTTLS.