feat(helm): update nextcloud ( 6.1.1 → 6.2.0 )

[field-repair-bot-74a]

This PR contains the following updates:

Package	Update	Change
nextcloud (source)	minor	6.1.1 -> 6.2.0

---

Release Notes

nextcloud/helm (nextcloud)

v6.2.0

Compare Source

A file sharing server that puts the control and security of your own data back into your hands.

What's Changed

• Update README.md - update bus error info under huge pages documentation by @​jessebot in https://github.com/nextcloud/helm/pull/647
• docs: Add postgreSqlInitContainer values to README by @​lindhe in https://github.com/nextcloud/helm/pull/648
• fix(nginx): add option to easy manage HEADERS (make it possible to set HSTS) by @​wrenix in https://github.com/nextcloud/helm/pull/630

New Contributors

• @​lindhe made their first contribution in https://github.com/nextcloud/helm/pull/648

Full Changelog: nextcloud/helm@nextcloud-6.1.1...nextcloud-6.2.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[field-repair-bot-74a]

--- kubernetes/apps/default/nextcloud/app Kustomization: flux-system/nextcloud HelmRelease: default/nextcloud

+++ kubernetes/apps/default/nextcloud/app Kustomization: flux-system/nextcloud HelmRelease: default/nextcloud

@@ -13,13 +13,13 @@

     spec:
       chart: nextcloud
       sourceRef:
         kind: HelmRepository
         name: nextcloud
         namespace: flux-system
-      version: 6.1.1
+      version: 6.2.0
   install:
     remediation:
       retries: 3
   interval: 30m
   timeout: 15m
   upgrade:

[field-repair-bot-74a]

--- HelmRelease: default/nextcloud ConfigMap: default/nextcloud-nginxconfig

+++ HelmRelease: default/nextcloud ConfigMap: default/nextcloud-nginxconfig

@@ -20,13 +20,19 @@

         # HSTS settings
         # WARNING: Only add the preload option once you read about
         # the consequences in https://hstspreload.org/. This option
         # will add the domain to a hardcoded list that is shipped
         # in all major browsers and getting removed from this list
         # could take several months.
-        #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
+        add_header Referrer-Policy "no-referrer" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header X-Download-Options "noopen" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-Permitted-Cross-Domain-Policies "none" always;
+        add_header X-Robots-Tag "noindex, nofollow" always;
+        add_header X-XSS-Protection "1; mode=block" always;
 
         # set max upload size
         client_max_body_size 10G;
         fastcgi_buffers 64 4K;
 
         # Enable gzip but do not remove ETag headers
@@ -37,21 +43,12 @@

         gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
         gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
 
         # Pagespeed is not supported by Nextcloud, so if your server is built
         # with the `ngx_pagespeed` module, uncomment this line to disable it.
         #pagespeed off;
-
-        # HTTP response headers borrowed from Nextcloud `.htaccess`
-        add_header Referrer-Policy                      "no-referrer"       always;
-        add_header X-Content-Type-Options               "nosniff"           always;
-        add_header X-Download-Options                   "noopen"            always;
-        add_header X-Frame-Options                      "SAMEORIGIN"        always;
-        add_header X-Permitted-Cross-Domain-Policies    "none"              always;
-        add_header X-Robots-Tag                         "noindex, nofollow" always;
-        add_header X-XSS-Protection                     "1; mode=block"     always;
 
         # Remove X-Powered-By, which is an information leak
         fastcgi_hide_header X-Powered-By;
 
         # Add .mjs as a file extension for javascript
         # Either include it in the default mime.types list