feat(helm): update chart nextcloud ( 8.7.0 → 8.8.2 )

[renovate]

This PR contains the following updates:

Package	Update	Change
nextcloud (source)	minor	8.7.0 → 8.8.2

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

nextcloud/helm (nextcloud)

v8.8.2

Compare Source

A file sharing server that puts the control and security of your own data back into your hands.

What's Changed

• fix(nextcloud): bump to nextcloud v32.0.5 by @​wrenix in #​828

Full Changelog: nextcloud/helm@nextcloud-8.8.1...nextcloud-8.8.2

v8.8.1

Compare Source

A file sharing server that puts the control and security of your own data back into your hands.

What's Changed

• fix(nextcloud): nginx correct protocol for redirect by @​mreiche in #​826

New Contributors

• @​mreiche made their first contribution in #​826

Full Changelog: nextcloud/helm@nextcloud-8.8.0...nextcloud-8.8.1

v8.8.0

Compare Source

A file sharing server that puts the control and security of your own data back into your hands.

What's Changed

• feat(nextcloud): add GatewayAPI httpRoute ingress successor by @​DrummyFloyd in #​817

Full Changelog: nextcloud/helm@nextcloud-8.7.0...nextcloud-8.8.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[mglants-bot]

--- kubernetes/subterra/apps/apps/nextcloud/app Kustomization: flux-system/cluster-apps-nextcloud HelmRelease: apps/nextcloud

+++ kubernetes/subterra/apps/apps/nextcloud/app Kustomization: flux-system/cluster-apps-nextcloud HelmRelease: apps/nextcloud

@@ -13,13 +13,13 @@

       chart: nextcloud
       interval: 5m
       sourceRef:
         kind: HelmRepository
         name: nextcloud-charts
         namespace: flux-system
-      version: 8.7.0
+      version: 8.8.2
   interval: 5m
   timeout: 10m0s
   values:
     cronjob:
       enabled: false
     externalDatabase:

[mglants-bot]

--- HelmRelease: apps/nextcloud ConfigMap: apps/nextcloud-nginxconfig

+++ HelmRelease: apps/nextcloud ConfigMap: apps/nextcloud-nginxconfig

@@ -6,39 +6,41 @@

   labels:
     app.kubernetes.io/name: nextcloud
     app.kubernetes.io/instance: nextcloud
     app.kubernetes.io/managed-by: Helm
 data:
   default.conf: "# Version 2024-07-17\n\nupstream php-handler {\n    server 127.0.0.1:9000;\n\
-    }\n\n# Set the `immutable` cache control options only for assets with a cache\
-    \ busting `v` argument\nmap $arg_v $asset_immutable {\n    \"\" \"\";\n    default\
-    \ \", immutable\";\n}\n\nserver {\n    # Default, IPv4 only\n    listen 80;\n\n\
-    \    # Path to the root of your installation\n    root /var/www/html;\n\n    #\
-    \ Prevent nginx HTTP Server Detection\n    server_tokens off;\n\n    # HSTS settings\n\
-    \    # WARNING: Only add the preload option once you read about\n    # the consequences\
-    \ in https://hstspreload.org/. This option\n    # will add the domain to a hardcoded\
-    \ list that is shipped\n    # in all major browsers and getting removed from this\
-    \ list\n    # could take several months.\n    add_header Referrer-Policy \"no-referrer\"\
-    \ always;\n    add_header X-Content-Type-Options \"nosniff\" always;\n    add_header\
-    \ X-Frame-Options \"SAMEORIGIN\" always;\n    add_header X-Permitted-Cross-Domain-Policies\
-    \ \"none\" always;\n    add_header X-Robots-Tag \"noindex, nofollow\" always;\n\
-    \    add_header X-XSS-Protection \"1; mode=block\" always;\n    # set max upload\
-    \ size\n    client_max_body_size 10G;\n    client_body_timeout 300s;\n    fastcgi_buffers\
-    \ 64 4K;\n    fastcgi_read_timeout 3600s;\n    \n\n    # Enable gzip but do not\
-    \ remove ETag headers\n    gzip on;\n    gzip_vary on;\n    gzip_comp_level 4;\n\
-    \    gzip_min_length 256;\n    gzip_proxied expired no-cache no-store private\
-    \ no_last_modified no_etag auth;\n    gzip_types application/atom+xml text/javascript\
-    \ application/javascript application/json application/ld+json application/manifest+json\
-    \ application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm\
-    \ application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml\
-    \ application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest\
-    \ text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component\
-    \ text/x-cross-domain-policy;\n\n    # Pagespeed is not supported by Nextcloud,\
-    \ so if your server is built\n    # with the `ngx_pagespeed` module, uncomment\
-    \ this line to disable it.\n    #pagespeed off;\n\n    # The settings allows you\
-    \ to optimize the HTTP2 bandwidth.\n    # See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/\n\
+    }\n\nmap $http_x_forwarded_proto $real_scheme {\n\tdefault $scheme;\n\thttps https;\n\
+    }\n\nmap $http_x_forwarded_port $real_port {\n\tdefault $server_port;\n\t443 \
+    \    443;\n}\n\n# Set the `immutable` cache control options only for assets with\
+    \ a cache busting `v` argument\nmap $arg_v $asset_immutable {\n    \"\" \"\";\n\
+    \    default \", immutable\";\n}\n\nserver {\n    # Default, IPv4 only\n    listen\
+    \ 80;\n\n    # Path to the root of your installation\n    root /var/www/html;\n\
+    \n    # Prevent nginx HTTP Server Detection\n    server_tokens off;\n\n    # HSTS\
+    \ settings\n    # WARNING: Only add the preload option once you read about\n \
+    \   # the consequences in https://hstspreload.org/. This option\n    # will add\
+    \ the domain to a hardcoded list that is shipped\n    # in all major browsers\
+    \ and getting removed from this list\n    # could take several months.\n    add_header\
+    \ Referrer-Policy \"no-referrer\" always;\n    add_header X-Content-Type-Options\
+    \ \"nosniff\" always;\n    add_header X-Frame-Options \"SAMEORIGIN\" always;\n\
+    \    add_header X-Permitted-Cross-Domain-Policies \"none\" always;\n    add_header\
+    \ X-Robots-Tag \"noindex, nofollow\" always;\n    add_header X-XSS-Protection\
+    \ \"1; mode=block\" always;\n    # set max upload size\n    client_max_body_size\
+    \ 10G;\n    client_body_timeout 300s;\n    fastcgi_buffers 64 4K;\n    fastcgi_read_timeout\
+    \ 3600s;\n    \n\n    # Enable gzip but do not remove ETag headers\n    gzip on;\n\
+    \    gzip_vary on;\n    gzip_comp_level 4;\n    gzip_min_length 256;\n    gzip_proxied\
+    \ expired no-cache no-store private no_last_modified no_etag auth;\n    gzip_types\
+    \ application/atom+xml text/javascript application/javascript application/json\
+    \ application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json\
+    \ application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json\
+    \ application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml\
+    \ image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc\
+    \ text/vtt text/x-component text/x-cross-domain-policy;\n\n    # Pagespeed is\
+    \ not supported by Nextcloud, so if your server is built\n    # with the `ngx_pagespeed`\
+    \ module, uncomment this line to disable it.\n    #pagespeed off;\n\n    # The\
+    \ settings allows you to optimize the HTTP2 bandwidth.\n    # See https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/\n\
     \    # for tuning hints\n    client_body_buffer_size 512k;\n\n    # Remove X-Powered-By,\
     \ which is an information leak\n    fastcgi_hide_header X-Powered-By;\n\n    #\
     \ Set .mjs and .wasm MIME types\n    # Either include it in the default mime.types\
     \ list\n    # and include that list explicitly or add the file extension\n   \
     \ # only for Nextcloud like below:\n    include mime.types;\n    types {\n   \
     \     text/javascript js mjs;\n        application/wasm wasm;\n    }\n\n    #\
@@ -51,32 +53,34 @@

     \ don't need\n    # to specify custom rules for certain paths (e.g. images and\
     \ other assets,\n    # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus\n\
     \    # `try_files $uri $uri/ /index.php$request_uri`\n    # always provides the\
     \ desired behaviour.\n    index index.php index.html /index.php$request_uri;\n\
     \n    # Rule borrowed from `.htaccess` to handle Microsoft DAV clients\n    location\
     \ = / {\n        if ( $http_user_agent ~ ^DavClnt ) {\n            return 302\
-    \ /remote.php/webdav/$is_args$args;\n        }\n    }\n\n    location = /robots.txt\
-    \ {\n        allow all;\n        log_not_found off;\n        access_log off;\n\
-    \    }\n\n    # Make a regex exception for `/.well-known` so that clients can\
-    \ still\n    # access it despite the existence of the regex rule\n    # `location\
-    \ ~ /(\\.|autotest|...)` which would otherwise handle requests\n    # for `/.well-known`.\n\
-    \    location ^~ /.well-known {\n        # The following 6 rules are borrowed\
-    \ from `.htaccess`\n\n        location = /.well-known/carddav     { return 301\
-    \ /remote.php/dav/; }\n        location = /.well-known/caldav      { return 301\
-    \ /remote.php/dav/; }\n\n        # Let Nextcloud's API for `/.well-known` URIs\
-    \ handle all other\n        # requests by passing them to the front-end controller.\n\
-    \        return 301 /index.php$request_uri;\n    }\n\n    # Rules borrowed from\
-    \ `.htaccess` to hide certain paths from clients\n    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)\
-    \  { return 404; }\n    location ~ ^/(?:\\.|autotest|occ|issue|indie|db_|console)\
-    \              { return 404; }\n\n    # Ensure this block, which passes PHP files\
-    \ to the PHP process, is above the blocks\n    # which handle static assets (as\
-    \ seen below). If this block is not declared first,\n    # then Nginx will encounter\
-    \ an infinite rewriting loop when it prepends `/index.php`\n    # to the URI,\
-    \ resulting in a HTTP 500 error response.\n    location ~ \\.php(?:$|/) {\n  \
-    \  # Required for legacy support\n        rewrite ^/(?!index|remote|public|cron|core\\\
-    /ajax\\/update|status|ocs\\/v[12]|updater\\/.+|ocs-provider\\/.+|.+\\/richdocumentscode(_arm64)?\\\
+    \ $real_scheme://$host:$real_port/remote.php/webdav/$is_args$args;\n        }\n\
+    \    }\n\n    location = /robots.txt {\n        allow all;\n        log_not_found\
+    \ off;\n        access_log off;\n    }\n\n    # Make a regex exception for `/.well-known`\
+    \ so that clients can still\n    # access it despite the existence of the regex\
+    \ rule\n    # `location ~ /(\\.|autotest|...)` which would otherwise handle requests\n\
+    \    # for `/.well-known`.\n    location ^~ /.well-known {\n        # The following\
+    \ 6 rules are borrowed from `.htaccess`\n\n        location = /.well-known/carddav\
+    \     { return 301 $real_scheme://$host:$real_port/remote.php/dav/; }\n      \
+    \  location = /.well-known/caldav      { return 301 $real_scheme://$host:$real_port/remote.php/dav/;\
+    \ }\n\n        # Let Nextcloud's API for `/.well-known` URIs handle all other\n\
+    \        # requests by passing them to the front-end controller.\n        return\
+    \ 301 $real_scheme://$host:$real_port/index.php$request_uri;\n    }\n\n    # Rules\
+    \ borrowed from `.htaccess` to hide certain paths from clients\n    location ~\
+    \ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; }\n\
+    \    location ~ ^/(?:\\.|autotest|occ|issue|indie|db_|console)              {\
+    \ return 404; }\n\n    # Ensure this block, which passes PHP files to the PHP\
+    \ process, is above the blocks\n    # which handle static assets (as seen below).\
+    \ If this block is not declared first,\n    # then Nginx will encounter an infinite\
+    \ rewriting loop when it prepends `/index.php`\n    # to the URI, resulting in\
[Diff truncated by flux-local]