mirror of
https://github.com/nextcloud/docker.git
synced 2024-11-05 22:04:58 +01:00
Runs update.sh
This commit is contained in:
parent
1c8d764f3c
commit
0ffd24170f
42 changed files with 2059 additions and 1 deletions
174
30/apache/Dockerfile
Normal file
174
30/apache/Dockerfile
Normal file
|
@ -0,0 +1,174 @@
|
|||
# DO NOT EDIT: created by update.sh from Dockerfile-debian.template
|
||||
FROM php:8.2-apache-bookworm
|
||||
|
||||
# entrypoint.sh and cron.sh dependencies
|
||||
RUN set -ex; \
|
||||
\
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
busybox-static \
|
||||
bzip2 \
|
||||
libldap-common \
|
||||
libmagickcore-6.q16-6-extra \
|
||||
rsync \
|
||||
; \
|
||||
rm -rf /var/lib/apt/lists/*; \
|
||||
\
|
||||
mkdir -p /var/spool/cron/crontabs; \
|
||||
echo '*/5 * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data
|
||||
|
||||
# install the PHP extensions we need
|
||||
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
||||
ENV PHP_MEMORY_LIMIT 512M
|
||||
ENV PHP_UPLOAD_LIMIT 512M
|
||||
RUN set -ex; \
|
||||
\
|
||||
savedAptMark="$(apt-mark showmanual)"; \
|
||||
\
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
libcurl4-openssl-dev \
|
||||
libevent-dev \
|
||||
libfreetype6-dev \
|
||||
libgmp-dev \
|
||||
libicu-dev \
|
||||
libjpeg-dev \
|
||||
libldap2-dev \
|
||||
libmagickwand-dev \
|
||||
libmcrypt-dev \
|
||||
libmemcached-dev \
|
||||
libpng-dev \
|
||||
libpq-dev \
|
||||
libwebp-dev \
|
||||
libxml2-dev \
|
||||
libzip-dev \
|
||||
; \
|
||||
\
|
||||
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
|
||||
docker-php-ext-configure ftp --with-openssl-dir=/usr; \
|
||||
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
|
||||
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
|
||||
docker-php-ext-install -j "$(nproc)" \
|
||||
bcmath \
|
||||
exif \
|
||||
ftp \
|
||||
gd \
|
||||
gmp \
|
||||
intl \
|
||||
ldap \
|
||||
opcache \
|
||||
pcntl \
|
||||
pdo_mysql \
|
||||
pdo_pgsql \
|
||||
sysvsem \
|
||||
zip \
|
||||
; \
|
||||
\
|
||||
# pecl will claim success even if one install fails, so we need to perform each install separately
|
||||
pecl install APCu-5.1.23; \
|
||||
pecl install imagick-3.7.0; \
|
||||
pecl install memcached-3.2.0; \
|
||||
pecl install redis-6.0.2; \
|
||||
\
|
||||
docker-php-ext-enable \
|
||||
apcu \
|
||||
imagick \
|
||||
memcached \
|
||||
redis \
|
||||
; \
|
||||
rm -r /tmp/pear; \
|
||||
\
|
||||
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
|
||||
apt-mark auto '.*' > /dev/null; \
|
||||
apt-mark manual $savedAptMark; \
|
||||
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
|
||||
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -rt apt-mark manual; \
|
||||
\
|
||||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# set recommended PHP.ini settings
|
||||
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||
RUN { \
|
||||
echo 'opcache.enable=1'; \
|
||||
echo 'opcache.interned_strings_buffer=32'; \
|
||||
echo 'opcache.max_accelerated_files=10000'; \
|
||||
echo 'opcache.memory_consumption=128'; \
|
||||
echo 'opcache.save_comments=1'; \
|
||||
echo 'opcache.revalidate_freq=60'; \
|
||||
echo 'opcache.jit=1255'; \
|
||||
echo 'opcache.jit_buffer_size=128M'; \
|
||||
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||
\
|
||||
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||
\
|
||||
{ \
|
||||
echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
|
||||
echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
|
||||
echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
|
||||
} > "${PHP_INI_DIR}/conf.d/nextcloud.ini"; \
|
||||
\
|
||||
mkdir /var/www/data; \
|
||||
mkdir -p /docker-entrypoint-hooks.d/pre-installation \
|
||||
/docker-entrypoint-hooks.d/post-installation \
|
||||
/docker-entrypoint-hooks.d/pre-upgrade \
|
||||
/docker-entrypoint-hooks.d/post-upgrade \
|
||||
/docker-entrypoint-hooks.d/before-starting; \
|
||||
chown -R www-data:root /var/www; \
|
||||
chmod -R g=u /var/www
|
||||
|
||||
VOLUME /var/www/html
|
||||
|
||||
RUN a2enmod headers rewrite remoteip ; \
|
||||
{ \
|
||||
echo 'RemoteIPHeader X-Real-IP'; \
|
||||
echo 'RemoteIPInternalProxy 10.0.0.0/8'; \
|
||||
echo 'RemoteIPInternalProxy 172.16.0.0/12'; \
|
||||
echo 'RemoteIPInternalProxy 192.168.0.0/16'; \
|
||||
} > /etc/apache2/conf-available/remoteip.conf; \
|
||||
a2enconf remoteip
|
||||
|
||||
# set apache config LimitRequestBody
|
||||
ENV APACHE_BODY_LIMIT 1073741824
|
||||
RUN { \
|
||||
echo 'LimitRequestBody ${APACHE_BODY_LIMIT}'; \
|
||||
} > /etc/apache2/conf-available/apache-limits.conf; \
|
||||
a2enconf apache-limits
|
||||
|
||||
ENV NEXTCLOUD_VERSION 30.0.0
|
||||
|
||||
RUN set -ex; \
|
||||
fetchDeps=" \
|
||||
gnupg \
|
||||
dirmngr \
|
||||
"; \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends $fetchDeps; \
|
||||
\
|
||||
curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2"; \
|
||||
curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
# gpg key from https://nextcloud.com/nextcloud.asc
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \
|
||||
gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||
tar -xjf nextcloud.tar.bz2 -C /usr/src/; \
|
||||
gpgconf --kill all; \
|
||||
rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||
rm -rf "$GNUPGHOME" /usr/src/nextcloud/updater; \
|
||||
mkdir -p /usr/src/nextcloud/data; \
|
||||
mkdir -p /usr/src/nextcloud/custom_apps; \
|
||||
chmod +x /usr/src/nextcloud/occ; \
|
||||
\
|
||||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY *.sh upgrade.exclude /
|
||||
COPY config/* /usr/src/nextcloud/config/
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
CMD ["apache2-foreground"]
|
4
30/apache/config/apache-pretty-urls.config.php
Normal file
4
30/apache/config/apache-pretty-urls.config.php
Normal file
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'htaccess.RewriteBase' => '/',
|
||||
);
|
4
30/apache/config/apcu.config.php
Normal file
4
30/apache/config/apcu.config.php
Normal file
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'memcache.local' => '\OC\Memcache\APCu',
|
||||
);
|
15
30/apache/config/apps.config.php
Normal file
15
30/apache/config/apps.config.php
Normal file
|
@ -0,0 +1,15 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'apps_paths' => array (
|
||||
0 => array (
|
||||
'path' => OC::$SERVERROOT.'/apps',
|
||||
'url' => '/apps',
|
||||
'writable' => false,
|
||||
),
|
||||
1 => array (
|
||||
'path' => OC::$SERVERROOT.'/custom_apps',
|
||||
'url' => '/custom_apps',
|
||||
'writable' => true,
|
||||
),
|
||||
),
|
||||
);
|
41
30/apache/config/autoconfig.php
Normal file
41
30/apache/config/autoconfig.php
Normal file
|
@ -0,0 +1,41 @@
|
|||
<?php
|
||||
|
||||
$autoconfig_enabled = false;
|
||||
|
||||
if (getenv('SQLITE_DATABASE')) {
|
||||
$AUTOCONFIG['dbtype'] = 'sqlite';
|
||||
$AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
|
||||
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
|
||||
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
|
||||
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||
$AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
|
||||
$AUTOCONFIG['dbuser'] = getenv('MYSQL_USER');
|
||||
$AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
|
||||
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
|
||||
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
|
||||
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
|
||||
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||
$AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');
|
||||
$AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER');
|
||||
$AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD');
|
||||
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
}
|
||||
|
||||
if ($autoconfig_enabled) {
|
||||
$AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
|
||||
}
|
17
30/apache/config/redis.config.php
Normal file
17
30/apache/config/redis.config.php
Normal file
|
@ -0,0 +1,17 @@
|
|||
<?php
|
||||
if (getenv('REDIS_HOST')) {
|
||||
$CONFIG = array(
|
||||
'memcache.distributed' => '\OC\Memcache\Redis',
|
||||
'memcache.locking' => '\OC\Memcache\Redis',
|
||||
'redis' => array(
|
||||
'host' => getenv('REDIS_HOST'),
|
||||
'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
|
||||
),
|
||||
);
|
||||
|
||||
if (getenv('REDIS_HOST_PORT') !== false) {
|
||||
$CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
|
||||
} elseif (getenv('REDIS_HOST')[0] != '/') {
|
||||
$CONFIG['redis']['port'] = 6379;
|
||||
}
|
||||
}
|
30
30/apache/config/reverse-proxy.config.php
Normal file
30
30/apache/config/reverse-proxy.config.php
Normal file
|
@ -0,0 +1,30 @@
|
|||
<?php
|
||||
$overwriteHost = getenv('OVERWRITEHOST');
|
||||
if ($overwriteHost) {
|
||||
$CONFIG['overwritehost'] = $overwriteHost;
|
||||
}
|
||||
|
||||
$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
|
||||
if ($overwriteProtocol) {
|
||||
$CONFIG['overwriteprotocol'] = $overwriteProtocol;
|
||||
}
|
||||
|
||||
$overwriteCliUrl = getenv('OVERWRITECLIURL');
|
||||
if ($overwriteCliUrl) {
|
||||
$CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
|
||||
}
|
||||
|
||||
$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
|
||||
if ($overwriteWebRoot) {
|
||||
$CONFIG['overwritewebroot'] = $overwriteWebRoot;
|
||||
}
|
||||
|
||||
$overwriteCondAddr = getenv('OVERWRITECONDADDR');
|
||||
if ($overwriteCondAddr) {
|
||||
$CONFIG['overwritecondaddr'] = $overwriteCondAddr;
|
||||
}
|
||||
|
||||
$trustedProxies = getenv('TRUSTED_PROXIES');
|
||||
if ($trustedProxies) {
|
||||
$CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
|
||||
}
|
48
30/apache/config/s3.config.php
Normal file
48
30/apache/config/s3.config.php
Normal file
|
@ -0,0 +1,48 @@
|
|||
<?php
|
||||
if (getenv('OBJECTSTORE_S3_BUCKET')) {
|
||||
$use_ssl = getenv('OBJECTSTORE_S3_SSL');
|
||||
$use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
|
||||
$use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
|
||||
$autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
|
||||
$CONFIG = array(
|
||||
'objectstore' => array(
|
||||
'class' => '\OC\Files\ObjectStore\S3',
|
||||
'arguments' => array(
|
||||
'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
|
||||
'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
|
||||
'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
|
||||
'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
|
||||
'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
|
||||
'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
|
||||
'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
|
||||
'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
|
||||
// required for some non Amazon S3 implementations
|
||||
'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
|
||||
// required for older protocol versions
|
||||
'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_KEY')) {
|
||||
$CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
|
||||
} else {
|
||||
$CONFIG['objectstore']['arguments']['key'] = '';
|
||||
}
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_SECRET')) {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
|
||||
} else {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = '';
|
||||
}
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
|
||||
$CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
|
||||
}
|
||||
}
|
22
30/apache/config/smtp.config.php
Normal file
22
30/apache/config/smtp.config.php
Normal file
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
|
||||
$CONFIG = array (
|
||||
'mail_smtpmode' => 'smtp',
|
||||
'mail_smtphost' => getenv('SMTP_HOST'),
|
||||
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
|
||||
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
|
||||
'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
|
||||
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
|
||||
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
|
||||
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
|
||||
'mail_domain' => getenv('MAIL_DOMAIN'),
|
||||
);
|
||||
|
||||
if (getenv('SMTP_PASSWORD_FILE')) {
|
||||
$CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
|
||||
} elseif (getenv('SMTP_PASSWORD')) {
|
||||
$CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
|
||||
} else {
|
||||
$CONFIG['mail_smtppassword'] = '';
|
||||
}
|
||||
}
|
31
30/apache/config/swift.config.php
Normal file
31
30/apache/config/swift.config.php
Normal file
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
if (getenv('OBJECTSTORE_SWIFT_URL')) {
|
||||
$autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
|
||||
$CONFIG = array(
|
||||
'objectstore' => [
|
||||
'class' => 'OC\\Files\\ObjectStore\\Swift',
|
||||
'arguments' => [
|
||||
'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
|
||||
'user' => [
|
||||
'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
|
||||
'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
|
||||
'domain' => [
|
||||
'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
|
||||
],
|
||||
],
|
||||
'scope' => [
|
||||
'project' => [
|
||||
'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
|
||||
'domain' => [
|
||||
'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
|
||||
],
|
||||
],
|
||||
],
|
||||
'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
|
||||
'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
|
||||
'url' => getenv('OBJECTSTORE_SWIFT_URL'),
|
||||
'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
|
||||
]
|
||||
]
|
||||
);
|
||||
}
|
4
30/apache/config/upgrade-disable-web.config.php
Normal file
4
30/apache/config/upgrade-disable-web.config.php
Normal file
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'upgrade.disable-web' => true,
|
||||
);
|
4
30/apache/cron.sh
Executable file
4
30/apache/cron.sh
Executable file
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
exec busybox crond -f -L /dev/stdout
|
293
30/apache/entrypoint.sh
Executable file
293
30/apache/entrypoint.sh
Executable file
|
@ -0,0 +1,293 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
# version_greater A B returns whether A > B
|
||||
version_greater() {
|
||||
[ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ]
|
||||
}
|
||||
|
||||
# return true if specified directory is empty
|
||||
directory_empty() {
|
||||
[ -z "$(ls -A "$1/")" ]
|
||||
}
|
||||
|
||||
run_as() {
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
su -p "$user" -s /bin/sh -c "$1"
|
||||
else
|
||||
sh -c "$1"
|
||||
fi
|
||||
}
|
||||
|
||||
# Execute all executable files in a given directory in alphanumeric order
|
||||
run_path() {
|
||||
local hook_folder_path="/docker-entrypoint-hooks.d/$1"
|
||||
local return_code=0
|
||||
|
||||
if ! [ -d "${hook_folder_path}" ]; then
|
||||
echo "=> Skipping the folder \"${hook_folder_path}\", because it doesn't exist"
|
||||
return 0
|
||||
fi
|
||||
|
||||
echo "=> Searching for scripts (*.sh) to run, located in the folder: ${hook_folder_path}"
|
||||
|
||||
(
|
||||
find "${hook_folder_path}" -maxdepth 1 -iname '*.sh' '(' -type f -o -type l ')' -print | sort | while read -r script_file_path; do
|
||||
if ! [ -x "${script_file_path}" ]; then
|
||||
echo "==> The script \"${script_file_path}\" was skipped, because it didn't have the executable flag"
|
||||
continue
|
||||
fi
|
||||
|
||||
echo "==> Running the script (cwd: $(pwd)): \"${script_file_path}\""
|
||||
|
||||
run_as "${script_file_path}" || return_code="$?"
|
||||
|
||||
if [ "${return_code}" -ne "0" ]; then
|
||||
echo "==> Failed at executing \"${script_file_path}\". Exit code: ${return_code}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "==> Finished the script: \"${script_file_path}\""
|
||||
done
|
||||
)
|
||||
}
|
||||
|
||||
# usage: file_env VAR [DEFAULT]
|
||||
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||
file_env() {
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
|
||||
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
|
||||
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
if [ -n "${varValue}" ]; then
|
||||
export "$var"="${varValue}"
|
||||
elif [ -n "${fileVarValue}" ]; then
|
||||
export "$var"="$(cat "${fileVarValue}")"
|
||||
elif [ -n "${def}" ]; then
|
||||
export "$var"="$def"
|
||||
fi
|
||||
unset "$fileVar"
|
||||
}
|
||||
|
||||
if expr "$1" : "apache" 1>/dev/null; then
|
||||
if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then
|
||||
a2disconf remoteip
|
||||
fi
|
||||
fi
|
||||
|
||||
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
|
||||
uid="$(id -u)"
|
||||
gid="$(id -g)"
|
||||
if [ "$uid" = '0' ]; then
|
||||
case "$1" in
|
||||
apache2*)
|
||||
user="${APACHE_RUN_USER:-www-data}"
|
||||
group="${APACHE_RUN_GROUP:-www-data}"
|
||||
|
||||
# strip off any '#' symbol ('#1000' is valid syntax for Apache)
|
||||
user="${user#'#'}"
|
||||
group="${group#'#'}"
|
||||
;;
|
||||
*) # php-fpm
|
||||
user='www-data'
|
||||
group='www-data'
|
||||
;;
|
||||
esac
|
||||
else
|
||||
user="$uid"
|
||||
group="$gid"
|
||||
fi
|
||||
|
||||
if [ -n "${REDIS_HOST+x}" ]; then
|
||||
|
||||
echo "Configuring Redis as session handler"
|
||||
{
|
||||
file_env REDIS_HOST_PASSWORD
|
||||
echo 'session.save_handler = redis'
|
||||
# check if redis host is an unix socket path
|
||||
if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then
|
||||
if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||
echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\""
|
||||
else
|
||||
echo "session.save_path = \"unix://${REDIS_HOST}\""
|
||||
fi
|
||||
# check if redis password has been set
|
||||
elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\""
|
||||
else
|
||||
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\""
|
||||
fi
|
||||
echo "redis.session.locking_enabled = 1"
|
||||
echo "redis.session.lock_retries = -1"
|
||||
# redis.session.lock_wait_time is specified in microseconds.
|
||||
# Wait 10ms before retrying the lock rather than the default 2ms.
|
||||
echo "redis.session.lock_wait_time = 10000"
|
||||
} > /usr/local/etc/php/conf.d/redis-session.ini
|
||||
fi
|
||||
|
||||
# If another process is syncing the html folder, wait for
|
||||
# it to be done, then escape initalization.
|
||||
(
|
||||
if ! flock -n 9; then
|
||||
# If we couldn't get it immediately, show a message, then wait for real
|
||||
echo "Another process is initializing Nextcloud. Waiting..."
|
||||
flock 9
|
||||
fi
|
||||
|
||||
installed_version="0.0.0.0"
|
||||
if [ -f /var/www/html/version.php ]; then
|
||||
# shellcheck disable=SC2016
|
||||
installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
|
||||
fi
|
||||
# shellcheck disable=SC2016
|
||||
image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')"
|
||||
|
||||
if version_greater "$installed_version" "$image_version"; then
|
||||
echo "Can't start Nextcloud because the version of the data ($installed_version) is higher than the docker image version ($image_version) and downgrading is not supported. Are you sure you have pulled the newest image version?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if version_greater "$image_version" "$installed_version"; then
|
||||
echo "Initializing nextcloud $image_version ..."
|
||||
if [ "$installed_version" != "0.0.0.0" ]; then
|
||||
if [ "${image_version%%.*}" -gt "$((${installed_version%%.*} + 1))" ]; then
|
||||
echo "Can't start Nextcloud because upgrading from $installed_version to $image_version is not supported."
|
||||
echo "It is only possible to upgrade one major version at a time. For example, if you want to upgrade from version 14 to 16, you will have to upgrade from version 14 to 15, then from 15 to 16."
|
||||
exit 1
|
||||
fi
|
||||
echo "Upgrading nextcloud from $installed_version ..."
|
||||
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_before
|
||||
fi
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
rsync_options="-rlDog --chown $user:$group"
|
||||
else
|
||||
rsync_options="-rlD"
|
||||
fi
|
||||
|
||||
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/
|
||||
for dir in config data custom_apps themes; do
|
||||
if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then
|
||||
rsync $rsync_options --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||
fi
|
||||
done
|
||||
rsync $rsync_options --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||
|
||||
# Install
|
||||
if [ "$installed_version" = "0.0.0.0" ]; then
|
||||
echo "New nextcloud instance"
|
||||
|
||||
file_env NEXTCLOUD_ADMIN_PASSWORD
|
||||
file_env NEXTCLOUD_ADMIN_USER
|
||||
|
||||
install=false
|
||||
if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then
|
||||
# shellcheck disable=SC2016
|
||||
install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"'
|
||||
if [ -n "${NEXTCLOUD_DATA_DIR+x}" ]; then
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"'
|
||||
fi
|
||||
|
||||
file_env MYSQL_DATABASE
|
||||
file_env MYSQL_PASSWORD
|
||||
file_env MYSQL_USER
|
||||
file_env POSTGRES_DB
|
||||
file_env POSTGRES_PASSWORD
|
||||
file_env POSTGRES_USER
|
||||
|
||||
if [ -n "${SQLITE_DATABASE+x}" ]; then
|
||||
echo "Installing with SQLite database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database-name "$SQLITE_DATABASE"'
|
||||
install=true
|
||||
elif [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ]; then
|
||||
echo "Installing with MySQL database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database mysql --database-name "$MYSQL_DATABASE" --database-user "$MYSQL_USER" --database-pass "$MYSQL_PASSWORD" --database-host "$MYSQL_HOST"'
|
||||
install=true
|
||||
elif [ -n "${POSTGRES_DB+x}" ] && [ -n "${POSTGRES_USER+x}" ] && [ -n "${POSTGRES_PASSWORD+x}" ] && [ -n "${POSTGRES_HOST+x}" ]; then
|
||||
echo "Installing with PostgreSQL database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST"'
|
||||
install=true
|
||||
fi
|
||||
|
||||
if [ "$install" = true ]; then
|
||||
run_path pre-installation
|
||||
|
||||
echo "Starting nextcloud installation"
|
||||
max_retries=10
|
||||
try=0
|
||||
until [ "$try" -gt "$max_retries" ] || run_as "php /var/www/html/occ maintenance:install $install_options"
|
||||
do
|
||||
echo "Retrying install..."
|
||||
try=$((try+1))
|
||||
sleep 10s
|
||||
done
|
||||
if [ "$try" -gt "$max_retries" ]; then
|
||||
echo "Installing of nextcloud failed!"
|
||||
exit 1
|
||||
fi
|
||||
if [ -n "${NEXTCLOUD_TRUSTED_DOMAINS+x}" ]; then
|
||||
echo "Setting trusted domains…"
|
||||
NC_TRUSTED_DOMAIN_IDX=1
|
||||
for DOMAIN in $NEXTCLOUD_TRUSTED_DOMAINS ; do
|
||||
DOMAIN=$(echo "$DOMAIN" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
|
||||
run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=$DOMAIN"
|
||||
NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
|
||||
done
|
||||
fi
|
||||
|
||||
run_path post-installation
|
||||
fi
|
||||
fi
|
||||
# not enough specified to do a fully automated installation
|
||||
if [ "$install" = false ]; then
|
||||
echo "Next step: Access your instance to finish the web-based installation!"
|
||||
echo "Hint: You can specify NEXTCLOUD_ADMIN_USER and NEXTCLOUD_ADMIN_PASSWORD and the database variables _prior to first launch_ to fully automate initial installation."
|
||||
fi
|
||||
# Upgrade
|
||||
else
|
||||
run_path pre-upgrade
|
||||
|
||||
run_as 'php /var/www/html/occ upgrade'
|
||||
|
||||
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_after
|
||||
echo "The following apps have been disabled:"
|
||||
diff /tmp/list_before /tmp/list_after | grep '<' | cut -d- -f2 | cut -d: -f1
|
||||
rm -f /tmp/list_before /tmp/list_after
|
||||
|
||||
run_path post-upgrade
|
||||
fi
|
||||
|
||||
echo "Initializing finished"
|
||||
fi
|
||||
|
||||
# Update htaccess after init if requested
|
||||
if [ -n "${NEXTCLOUD_INIT_HTACCESS+x}" ] && [ "$installed_version" != "0.0.0.0" ]; then
|
||||
run_as 'php /var/www/html/occ maintenance:update:htaccess'
|
||||
fi
|
||||
) 9> /var/www/html/nextcloud-init-sync.lock
|
||||
|
||||
# warn if config files on persistent storage differ from the latest version of this image
|
||||
for cfgPath in /usr/src/nextcloud/config/*.php; do
|
||||
cfgFile=$(basename "$cfgPath")
|
||||
|
||||
if [ "$cfgFile" != "config.sample.php" ]; then
|
||||
if ! cmp -s "/usr/src/nextcloud/config/$cfgFile" "/var/www/html/config/$cfgFile"; then
|
||||
echo "Warning: /var/www/html/config/$cfgFile differs from the latest version of this image at /usr/src/nextcloud/config/$cfgFile"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
run_path before-starting
|
||||
fi
|
||||
|
||||
exec "$@"
|
6
30/apache/upgrade.exclude
Normal file
6
30/apache/upgrade.exclude
Normal file
|
@ -0,0 +1,6 @@
|
|||
/config/
|
||||
/data/
|
||||
/custom_apps/
|
||||
/themes/
|
||||
/version.php
|
||||
/nextcloud-init-sync.lock
|
150
30/fpm-alpine/Dockerfile
Normal file
150
30/fpm-alpine/Dockerfile
Normal file
|
@ -0,0 +1,150 @@
|
|||
# DO NOT EDIT: created by update.sh from Dockerfile-alpine.template
|
||||
FROM php:8.2-fpm-alpine3.20
|
||||
|
||||
# entrypoint.sh and cron.sh dependencies
|
||||
RUN set -ex; \
|
||||
\
|
||||
apk add --no-cache \
|
||||
imagemagick \
|
||||
imagemagick-pdf \
|
||||
imagemagick-jpeg \
|
||||
imagemagick-raw \
|
||||
imagemagick-tiff \
|
||||
imagemagick-heic \
|
||||
imagemagick-webp \
|
||||
imagemagick-svg \
|
||||
rsync \
|
||||
; \
|
||||
\
|
||||
rm /var/spool/cron/crontabs/root; \
|
||||
echo '*/5 * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data
|
||||
|
||||
# install the PHP extensions we need
|
||||
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
||||
RUN set -ex; \
|
||||
\
|
||||
apk add --no-cache --virtual .build-deps \
|
||||
$PHPIZE_DEPS \
|
||||
autoconf \
|
||||
freetype-dev \
|
||||
gmp-dev \
|
||||
icu-dev \
|
||||
imagemagick-dev \
|
||||
libevent-dev \
|
||||
libjpeg-turbo-dev \
|
||||
libmcrypt-dev \
|
||||
libmemcached-dev \
|
||||
libpng-dev \
|
||||
libwebp-dev \
|
||||
libxml2-dev \
|
||||
libzip-dev \
|
||||
openldap-dev \
|
||||
pcre-dev \
|
||||
postgresql-dev \
|
||||
; \
|
||||
\
|
||||
docker-php-ext-configure ftp --with-openssl-dir=/usr; \
|
||||
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
|
||||
docker-php-ext-configure ldap; \
|
||||
docker-php-ext-install -j "$(nproc)" \
|
||||
bcmath \
|
||||
exif \
|
||||
ftp \
|
||||
gd \
|
||||
gmp \
|
||||
intl \
|
||||
ldap \
|
||||
opcache \
|
||||
pcntl \
|
||||
pdo_mysql \
|
||||
pdo_pgsql \
|
||||
sysvsem \
|
||||
zip \
|
||||
; \
|
||||
\
|
||||
# pecl will claim success even if one install fails, so we need to perform each install separately
|
||||
pecl install APCu-5.1.23; \
|
||||
pecl install imagick-3.7.0; \
|
||||
pecl install memcached-3.2.0; \
|
||||
pecl install redis-6.0.2; \
|
||||
\
|
||||
docker-php-ext-enable \
|
||||
apcu \
|
||||
imagick \
|
||||
memcached \
|
||||
redis \
|
||||
; \
|
||||
rm -r /tmp/pear; \
|
||||
\
|
||||
runDeps="$( \
|
||||
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
|
||||
| tr ',' '\n' \
|
||||
| sort -u \
|
||||
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
|
||||
)"; \
|
||||
apk add --no-network --virtual .nextcloud-phpext-rundeps $runDeps; \
|
||||
apk del --no-network .build-deps
|
||||
|
||||
# set recommended PHP.ini settings
|
||||
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||
ENV PHP_MEMORY_LIMIT 512M
|
||||
ENV PHP_UPLOAD_LIMIT 512M
|
||||
RUN { \
|
||||
echo 'opcache.enable=1'; \
|
||||
echo 'opcache.interned_strings_buffer=32'; \
|
||||
echo 'opcache.max_accelerated_files=10000'; \
|
||||
echo 'opcache.memory_consumption=128'; \
|
||||
echo 'opcache.save_comments=1'; \
|
||||
echo 'opcache.revalidate_freq=60'; \
|
||||
echo 'opcache.jit=1255'; \
|
||||
echo 'opcache.jit_buffer_size=128M'; \
|
||||
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||
\
|
||||
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||
\
|
||||
{ \
|
||||
echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
|
||||
echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
|
||||
echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
|
||||
} > "${PHP_INI_DIR}/conf.d/nextcloud.ini"; \
|
||||
\
|
||||
mkdir /var/www/data; \
|
||||
mkdir -p /docker-entrypoint-hooks.d/pre-installation \
|
||||
/docker-entrypoint-hooks.d/post-installation \
|
||||
/docker-entrypoint-hooks.d/pre-upgrade \
|
||||
/docker-entrypoint-hooks.d/post-upgrade \
|
||||
/docker-entrypoint-hooks.d/before-starting; \
|
||||
chown -R www-data:root /var/www; \
|
||||
chmod -R g=u /var/www
|
||||
|
||||
VOLUME /var/www/html
|
||||
|
||||
|
||||
ENV NEXTCLOUD_VERSION 30.0.0
|
||||
|
||||
RUN set -ex; \
|
||||
apk add --no-cache --virtual .fetch-deps \
|
||||
bzip2 \
|
||||
gnupg \
|
||||
; \
|
||||
\
|
||||
curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2"; \
|
||||
curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
# gpg key from https://nextcloud.com/nextcloud.asc
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \
|
||||
gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||
tar -xjf nextcloud.tar.bz2 -C /usr/src/; \
|
||||
gpgconf --kill all; \
|
||||
rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||
rm -rf "$GNUPGHOME" /usr/src/nextcloud/updater; \
|
||||
mkdir -p /usr/src/nextcloud/data; \
|
||||
mkdir -p /usr/src/nextcloud/custom_apps; \
|
||||
chmod +x /usr/src/nextcloud/occ; \
|
||||
apk del --no-network .fetch-deps
|
||||
|
||||
COPY *.sh upgrade.exclude /
|
||||
COPY config/* /usr/src/nextcloud/config/
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
CMD ["php-fpm"]
|
4
30/fpm-alpine/config/apcu.config.php
Normal file
4
30/fpm-alpine/config/apcu.config.php
Normal file
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'memcache.local' => '\OC\Memcache\APCu',
|
||||
);
|
15
30/fpm-alpine/config/apps.config.php
Normal file
15
30/fpm-alpine/config/apps.config.php
Normal file
|
@ -0,0 +1,15 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'apps_paths' => array (
|
||||
0 => array (
|
||||
'path' => OC::$SERVERROOT.'/apps',
|
||||
'url' => '/apps',
|
||||
'writable' => false,
|
||||
),
|
||||
1 => array (
|
||||
'path' => OC::$SERVERROOT.'/custom_apps',
|
||||
'url' => '/custom_apps',
|
||||
'writable' => true,
|
||||
),
|
||||
),
|
||||
);
|
41
30/fpm-alpine/config/autoconfig.php
Normal file
41
30/fpm-alpine/config/autoconfig.php
Normal file
|
@ -0,0 +1,41 @@
|
|||
<?php
|
||||
|
||||
$autoconfig_enabled = false;
|
||||
|
||||
if (getenv('SQLITE_DATABASE')) {
|
||||
$AUTOCONFIG['dbtype'] = 'sqlite';
|
||||
$AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
|
||||
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
|
||||
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
|
||||
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||
$AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
|
||||
$AUTOCONFIG['dbuser'] = getenv('MYSQL_USER');
|
||||
$AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
|
||||
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
|
||||
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
|
||||
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
|
||||
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||
$AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');
|
||||
$AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER');
|
||||
$AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD');
|
||||
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
}
|
||||
|
||||
if ($autoconfig_enabled) {
|
||||
$AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
|
||||
}
|
17
30/fpm-alpine/config/redis.config.php
Normal file
17
30/fpm-alpine/config/redis.config.php
Normal file
|
@ -0,0 +1,17 @@
|
|||
<?php
|
||||
if (getenv('REDIS_HOST')) {
|
||||
$CONFIG = array(
|
||||
'memcache.distributed' => '\OC\Memcache\Redis',
|
||||
'memcache.locking' => '\OC\Memcache\Redis',
|
||||
'redis' => array(
|
||||
'host' => getenv('REDIS_HOST'),
|
||||
'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
|
||||
),
|
||||
);
|
||||
|
||||
if (getenv('REDIS_HOST_PORT') !== false) {
|
||||
$CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
|
||||
} elseif (getenv('REDIS_HOST')[0] != '/') {
|
||||
$CONFIG['redis']['port'] = 6379;
|
||||
}
|
||||
}
|
30
30/fpm-alpine/config/reverse-proxy.config.php
Normal file
30
30/fpm-alpine/config/reverse-proxy.config.php
Normal file
|
@ -0,0 +1,30 @@
|
|||
<?php
|
||||
$overwriteHost = getenv('OVERWRITEHOST');
|
||||
if ($overwriteHost) {
|
||||
$CONFIG['overwritehost'] = $overwriteHost;
|
||||
}
|
||||
|
||||
$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
|
||||
if ($overwriteProtocol) {
|
||||
$CONFIG['overwriteprotocol'] = $overwriteProtocol;
|
||||
}
|
||||
|
||||
$overwriteCliUrl = getenv('OVERWRITECLIURL');
|
||||
if ($overwriteCliUrl) {
|
||||
$CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
|
||||
}
|
||||
|
||||
$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
|
||||
if ($overwriteWebRoot) {
|
||||
$CONFIG['overwritewebroot'] = $overwriteWebRoot;
|
||||
}
|
||||
|
||||
$overwriteCondAddr = getenv('OVERWRITECONDADDR');
|
||||
if ($overwriteCondAddr) {
|
||||
$CONFIG['overwritecondaddr'] = $overwriteCondAddr;
|
||||
}
|
||||
|
||||
$trustedProxies = getenv('TRUSTED_PROXIES');
|
||||
if ($trustedProxies) {
|
||||
$CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
|
||||
}
|
48
30/fpm-alpine/config/s3.config.php
Normal file
48
30/fpm-alpine/config/s3.config.php
Normal file
|
@ -0,0 +1,48 @@
|
|||
<?php
|
||||
if (getenv('OBJECTSTORE_S3_BUCKET')) {
|
||||
$use_ssl = getenv('OBJECTSTORE_S3_SSL');
|
||||
$use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
|
||||
$use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
|
||||
$autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
|
||||
$CONFIG = array(
|
||||
'objectstore' => array(
|
||||
'class' => '\OC\Files\ObjectStore\S3',
|
||||
'arguments' => array(
|
||||
'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
|
||||
'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
|
||||
'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
|
||||
'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
|
||||
'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
|
||||
'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
|
||||
'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
|
||||
'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
|
||||
// required for some non Amazon S3 implementations
|
||||
'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
|
||||
// required for older protocol versions
|
||||
'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_KEY')) {
|
||||
$CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
|
||||
} else {
|
||||
$CONFIG['objectstore']['arguments']['key'] = '';
|
||||
}
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_SECRET')) {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
|
||||
} else {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = '';
|
||||
}
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
|
||||
$CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
|
||||
}
|
||||
}
|
22
30/fpm-alpine/config/smtp.config.php
Normal file
22
30/fpm-alpine/config/smtp.config.php
Normal file
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
|
||||
$CONFIG = array (
|
||||
'mail_smtpmode' => 'smtp',
|
||||
'mail_smtphost' => getenv('SMTP_HOST'),
|
||||
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
|
||||
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
|
||||
'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
|
||||
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
|
||||
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
|
||||
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
|
||||
'mail_domain' => getenv('MAIL_DOMAIN'),
|
||||
);
|
||||
|
||||
if (getenv('SMTP_PASSWORD_FILE')) {
|
||||
$CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
|
||||
} elseif (getenv('SMTP_PASSWORD')) {
|
||||
$CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
|
||||
} else {
|
||||
$CONFIG['mail_smtppassword'] = '';
|
||||
}
|
||||
}
|
31
30/fpm-alpine/config/swift.config.php
Normal file
31
30/fpm-alpine/config/swift.config.php
Normal file
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
if (getenv('OBJECTSTORE_SWIFT_URL')) {
|
||||
$autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
|
||||
$CONFIG = array(
|
||||
'objectstore' => [
|
||||
'class' => 'OC\\Files\\ObjectStore\\Swift',
|
||||
'arguments' => [
|
||||
'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
|
||||
'user' => [
|
||||
'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
|
||||
'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
|
||||
'domain' => [
|
||||
'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
|
||||
],
|
||||
],
|
||||
'scope' => [
|
||||
'project' => [
|
||||
'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
|
||||
'domain' => [
|
||||
'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
|
||||
],
|
||||
],
|
||||
],
|
||||
'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
|
||||
'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
|
||||
'url' => getenv('OBJECTSTORE_SWIFT_URL'),
|
||||
'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
|
||||
]
|
||||
]
|
||||
);
|
||||
}
|
4
30/fpm-alpine/config/upgrade-disable-web.config.php
Normal file
4
30/fpm-alpine/config/upgrade-disable-web.config.php
Normal file
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'upgrade.disable-web' => true,
|
||||
);
|
4
30/fpm-alpine/cron.sh
Executable file
4
30/fpm-alpine/cron.sh
Executable file
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
exec busybox crond -f -L /dev/stdout
|
293
30/fpm-alpine/entrypoint.sh
Executable file
293
30/fpm-alpine/entrypoint.sh
Executable file
|
@ -0,0 +1,293 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
# version_greater A B returns whether A > B
|
||||
version_greater() {
|
||||
[ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ]
|
||||
}
|
||||
|
||||
# return true if specified directory is empty
|
||||
directory_empty() {
|
||||
[ -z "$(ls -A "$1/")" ]
|
||||
}
|
||||
|
||||
run_as() {
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
su -p "$user" -s /bin/sh -c "$1"
|
||||
else
|
||||
sh -c "$1"
|
||||
fi
|
||||
}
|
||||
|
||||
# Execute all executable files in a given directory in alphanumeric order
|
||||
run_path() {
|
||||
local hook_folder_path="/docker-entrypoint-hooks.d/$1"
|
||||
local return_code=0
|
||||
|
||||
if ! [ -d "${hook_folder_path}" ]; then
|
||||
echo "=> Skipping the folder \"${hook_folder_path}\", because it doesn't exist"
|
||||
return 0
|
||||
fi
|
||||
|
||||
echo "=> Searching for scripts (*.sh) to run, located in the folder: ${hook_folder_path}"
|
||||
|
||||
(
|
||||
find "${hook_folder_path}" -maxdepth 1 -iname '*.sh' '(' -type f -o -type l ')' -print | sort | while read -r script_file_path; do
|
||||
if ! [ -x "${script_file_path}" ]; then
|
||||
echo "==> The script \"${script_file_path}\" was skipped, because it didn't have the executable flag"
|
||||
continue
|
||||
fi
|
||||
|
||||
echo "==> Running the script (cwd: $(pwd)): \"${script_file_path}\""
|
||||
|
||||
run_as "${script_file_path}" || return_code="$?"
|
||||
|
||||
if [ "${return_code}" -ne "0" ]; then
|
||||
echo "==> Failed at executing \"${script_file_path}\". Exit code: ${return_code}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "==> Finished the script: \"${script_file_path}\""
|
||||
done
|
||||
)
|
||||
}
|
||||
|
||||
# usage: file_env VAR [DEFAULT]
|
||||
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||
file_env() {
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
|
||||
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
|
||||
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
if [ -n "${varValue}" ]; then
|
||||
export "$var"="${varValue}"
|
||||
elif [ -n "${fileVarValue}" ]; then
|
||||
export "$var"="$(cat "${fileVarValue}")"
|
||||
elif [ -n "${def}" ]; then
|
||||
export "$var"="$def"
|
||||
fi
|
||||
unset "$fileVar"
|
||||
}
|
||||
|
||||
if expr "$1" : "apache" 1>/dev/null; then
|
||||
if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then
|
||||
a2disconf remoteip
|
||||
fi
|
||||
fi
|
||||
|
||||
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
|
||||
uid="$(id -u)"
|
||||
gid="$(id -g)"
|
||||
if [ "$uid" = '0' ]; then
|
||||
case "$1" in
|
||||
apache2*)
|
||||
user="${APACHE_RUN_USER:-www-data}"
|
||||
group="${APACHE_RUN_GROUP:-www-data}"
|
||||
|
||||
# strip off any '#' symbol ('#1000' is valid syntax for Apache)
|
||||
user="${user#'#'}"
|
||||
group="${group#'#'}"
|
||||
;;
|
||||
*) # php-fpm
|
||||
user='www-data'
|
||||
group='www-data'
|
||||
;;
|
||||
esac
|
||||
else
|
||||
user="$uid"
|
||||
group="$gid"
|
||||
fi
|
||||
|
||||
if [ -n "${REDIS_HOST+x}" ]; then
|
||||
|
||||
echo "Configuring Redis as session handler"
|
||||
{
|
||||
file_env REDIS_HOST_PASSWORD
|
||||
echo 'session.save_handler = redis'
|
||||
# check if redis host is an unix socket path
|
||||
if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then
|
||||
if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||
echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\""
|
||||
else
|
||||
echo "session.save_path = \"unix://${REDIS_HOST}\""
|
||||
fi
|
||||
# check if redis password has been set
|
||||
elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\""
|
||||
else
|
||||
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\""
|
||||
fi
|
||||
echo "redis.session.locking_enabled = 1"
|
||||
echo "redis.session.lock_retries = -1"
|
||||
# redis.session.lock_wait_time is specified in microseconds.
|
||||
# Wait 10ms before retrying the lock rather than the default 2ms.
|
||||
echo "redis.session.lock_wait_time = 10000"
|
||||
} > /usr/local/etc/php/conf.d/redis-session.ini
|
||||
fi
|
||||
|
||||
# If another process is syncing the html folder, wait for
|
||||
# it to be done, then escape initalization.
|
||||
(
|
||||
if ! flock -n 9; then
|
||||
# If we couldn't get it immediately, show a message, then wait for real
|
||||
echo "Another process is initializing Nextcloud. Waiting..."
|
||||
flock 9
|
||||
fi
|
||||
|
||||
installed_version="0.0.0.0"
|
||||
if [ -f /var/www/html/version.php ]; then
|
||||
# shellcheck disable=SC2016
|
||||
installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
|
||||
fi
|
||||
# shellcheck disable=SC2016
|
||||
image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')"
|
||||
|
||||
if version_greater "$installed_version" "$image_version"; then
|
||||
echo "Can't start Nextcloud because the version of the data ($installed_version) is higher than the docker image version ($image_version) and downgrading is not supported. Are you sure you have pulled the newest image version?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if version_greater "$image_version" "$installed_version"; then
|
||||
echo "Initializing nextcloud $image_version ..."
|
||||
if [ "$installed_version" != "0.0.0.0" ]; then
|
||||
if [ "${image_version%%.*}" -gt "$((${installed_version%%.*} + 1))" ]; then
|
||||
echo "Can't start Nextcloud because upgrading from $installed_version to $image_version is not supported."
|
||||
echo "It is only possible to upgrade one major version at a time. For example, if you want to upgrade from version 14 to 16, you will have to upgrade from version 14 to 15, then from 15 to 16."
|
||||
exit 1
|
||||
fi
|
||||
echo "Upgrading nextcloud from $installed_version ..."
|
||||
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_before
|
||||
fi
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
rsync_options="-rlDog --chown $user:$group"
|
||||
else
|
||||
rsync_options="-rlD"
|
||||
fi
|
||||
|
||||
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/
|
||||
for dir in config data custom_apps themes; do
|
||||
if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then
|
||||
rsync $rsync_options --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||
fi
|
||||
done
|
||||
rsync $rsync_options --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||
|
||||
# Install
|
||||
if [ "$installed_version" = "0.0.0.0" ]; then
|
||||
echo "New nextcloud instance"
|
||||
|
||||
file_env NEXTCLOUD_ADMIN_PASSWORD
|
||||
file_env NEXTCLOUD_ADMIN_USER
|
||||
|
||||
install=false
|
||||
if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then
|
||||
# shellcheck disable=SC2016
|
||||
install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"'
|
||||
if [ -n "${NEXTCLOUD_DATA_DIR+x}" ]; then
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"'
|
||||
fi
|
||||
|
||||
file_env MYSQL_DATABASE
|
||||
file_env MYSQL_PASSWORD
|
||||
file_env MYSQL_USER
|
||||
file_env POSTGRES_DB
|
||||
file_env POSTGRES_PASSWORD
|
||||
file_env POSTGRES_USER
|
||||
|
||||
if [ -n "${SQLITE_DATABASE+x}" ]; then
|
||||
echo "Installing with SQLite database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database-name "$SQLITE_DATABASE"'
|
||||
install=true
|
||||
elif [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ]; then
|
||||
echo "Installing with MySQL database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database mysql --database-name "$MYSQL_DATABASE" --database-user "$MYSQL_USER" --database-pass "$MYSQL_PASSWORD" --database-host "$MYSQL_HOST"'
|
||||
install=true
|
||||
elif [ -n "${POSTGRES_DB+x}" ] && [ -n "${POSTGRES_USER+x}" ] && [ -n "${POSTGRES_PASSWORD+x}" ] && [ -n "${POSTGRES_HOST+x}" ]; then
|
||||
echo "Installing with PostgreSQL database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST"'
|
||||
install=true
|
||||
fi
|
||||
|
||||
if [ "$install" = true ]; then
|
||||
run_path pre-installation
|
||||
|
||||
echo "Starting nextcloud installation"
|
||||
max_retries=10
|
||||
try=0
|
||||
until [ "$try" -gt "$max_retries" ] || run_as "php /var/www/html/occ maintenance:install $install_options"
|
||||
do
|
||||
echo "Retrying install..."
|
||||
try=$((try+1))
|
||||
sleep 10s
|
||||
done
|
||||
if [ "$try" -gt "$max_retries" ]; then
|
||||
echo "Installing of nextcloud failed!"
|
||||
exit 1
|
||||
fi
|
||||
if [ -n "${NEXTCLOUD_TRUSTED_DOMAINS+x}" ]; then
|
||||
echo "Setting trusted domains…"
|
||||
NC_TRUSTED_DOMAIN_IDX=1
|
||||
for DOMAIN in $NEXTCLOUD_TRUSTED_DOMAINS ; do
|
||||
DOMAIN=$(echo "$DOMAIN" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
|
||||
run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=$DOMAIN"
|
||||
NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
|
||||
done
|
||||
fi
|
||||
|
||||
run_path post-installation
|
||||
fi
|
||||
fi
|
||||
# not enough specified to do a fully automated installation
|
||||
if [ "$install" = false ]; then
|
||||
echo "Next step: Access your instance to finish the web-based installation!"
|
||||
echo "Hint: You can specify NEXTCLOUD_ADMIN_USER and NEXTCLOUD_ADMIN_PASSWORD and the database variables _prior to first launch_ to fully automate initial installation."
|
||||
fi
|
||||
# Upgrade
|
||||
else
|
||||
run_path pre-upgrade
|
||||
|
||||
run_as 'php /var/www/html/occ upgrade'
|
||||
|
||||
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_after
|
||||
echo "The following apps have been disabled:"
|
||||
diff /tmp/list_before /tmp/list_after | grep '<' | cut -d- -f2 | cut -d: -f1
|
||||
rm -f /tmp/list_before /tmp/list_after
|
||||
|
||||
run_path post-upgrade
|
||||
fi
|
||||
|
||||
echo "Initializing finished"
|
||||
fi
|
||||
|
||||
# Update htaccess after init if requested
|
||||
if [ -n "${NEXTCLOUD_INIT_HTACCESS+x}" ] && [ "$installed_version" != "0.0.0.0" ]; then
|
||||
run_as 'php /var/www/html/occ maintenance:update:htaccess'
|
||||
fi
|
||||
) 9> /var/www/html/nextcloud-init-sync.lock
|
||||
|
||||
# warn if config files on persistent storage differ from the latest version of this image
|
||||
for cfgPath in /usr/src/nextcloud/config/*.php; do
|
||||
cfgFile=$(basename "$cfgPath")
|
||||
|
||||
if [ "$cfgFile" != "config.sample.php" ]; then
|
||||
if ! cmp -s "/usr/src/nextcloud/config/$cfgFile" "/var/www/html/config/$cfgFile"; then
|
||||
echo "Warning: /var/www/html/config/$cfgFile differs from the latest version of this image at /usr/src/nextcloud/config/$cfgFile"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
run_path before-starting
|
||||
fi
|
||||
|
||||
exec "$@"
|
6
30/fpm-alpine/upgrade.exclude
Normal file
6
30/fpm-alpine/upgrade.exclude
Normal file
|
@ -0,0 +1,6 @@
|
|||
/config/
|
||||
/data/
|
||||
/custom_apps/
|
||||
/themes/
|
||||
/version.php
|
||||
/nextcloud-init-sync.lock
|
159
30/fpm/Dockerfile
Normal file
159
30/fpm/Dockerfile
Normal file
|
@ -0,0 +1,159 @@
|
|||
# DO NOT EDIT: created by update.sh from Dockerfile-debian.template
|
||||
FROM php:8.2-fpm-bookworm
|
||||
|
||||
# entrypoint.sh and cron.sh dependencies
|
||||
RUN set -ex; \
|
||||
\
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
busybox-static \
|
||||
bzip2 \
|
||||
libldap-common \
|
||||
libmagickcore-6.q16-6-extra \
|
||||
rsync \
|
||||
; \
|
||||
rm -rf /var/lib/apt/lists/*; \
|
||||
\
|
||||
mkdir -p /var/spool/cron/crontabs; \
|
||||
echo '*/5 * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data
|
||||
|
||||
# install the PHP extensions we need
|
||||
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
||||
ENV PHP_MEMORY_LIMIT 512M
|
||||
ENV PHP_UPLOAD_LIMIT 512M
|
||||
RUN set -ex; \
|
||||
\
|
||||
savedAptMark="$(apt-mark showmanual)"; \
|
||||
\
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends \
|
||||
libcurl4-openssl-dev \
|
||||
libevent-dev \
|
||||
libfreetype6-dev \
|
||||
libgmp-dev \
|
||||
libicu-dev \
|
||||
libjpeg-dev \
|
||||
libldap2-dev \
|
||||
libmagickwand-dev \
|
||||
libmcrypt-dev \
|
||||
libmemcached-dev \
|
||||
libpng-dev \
|
||||
libpq-dev \
|
||||
libwebp-dev \
|
||||
libxml2-dev \
|
||||
libzip-dev \
|
||||
; \
|
||||
\
|
||||
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
|
||||
docker-php-ext-configure ftp --with-openssl-dir=/usr; \
|
||||
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
|
||||
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
|
||||
docker-php-ext-install -j "$(nproc)" \
|
||||
bcmath \
|
||||
exif \
|
||||
ftp \
|
||||
gd \
|
||||
gmp \
|
||||
intl \
|
||||
ldap \
|
||||
opcache \
|
||||
pcntl \
|
||||
pdo_mysql \
|
||||
pdo_pgsql \
|
||||
sysvsem \
|
||||
zip \
|
||||
; \
|
||||
\
|
||||
# pecl will claim success even if one install fails, so we need to perform each install separately
|
||||
pecl install APCu-5.1.23; \
|
||||
pecl install imagick-3.7.0; \
|
||||
pecl install memcached-3.2.0; \
|
||||
pecl install redis-6.0.2; \
|
||||
\
|
||||
docker-php-ext-enable \
|
||||
apcu \
|
||||
imagick \
|
||||
memcached \
|
||||
redis \
|
||||
; \
|
||||
rm -r /tmp/pear; \
|
||||
\
|
||||
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
|
||||
apt-mark auto '.*' > /dev/null; \
|
||||
apt-mark manual $savedAptMark; \
|
||||
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
|
||||
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
|
||||
| sort -u \
|
||||
| xargs -r dpkg-query --search \
|
||||
| cut -d: -f1 \
|
||||
| sort -u \
|
||||
| xargs -rt apt-mark manual; \
|
||||
\
|
||||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# set recommended PHP.ini settings
|
||||
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||
RUN { \
|
||||
echo 'opcache.enable=1'; \
|
||||
echo 'opcache.interned_strings_buffer=32'; \
|
||||
echo 'opcache.max_accelerated_files=10000'; \
|
||||
echo 'opcache.memory_consumption=128'; \
|
||||
echo 'opcache.save_comments=1'; \
|
||||
echo 'opcache.revalidate_freq=60'; \
|
||||
echo 'opcache.jit=1255'; \
|
||||
echo 'opcache.jit_buffer_size=128M'; \
|
||||
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||
\
|
||||
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||
\
|
||||
{ \
|
||||
echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
|
||||
echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
|
||||
echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
|
||||
} > "${PHP_INI_DIR}/conf.d/nextcloud.ini"; \
|
||||
\
|
||||
mkdir /var/www/data; \
|
||||
mkdir -p /docker-entrypoint-hooks.d/pre-installation \
|
||||
/docker-entrypoint-hooks.d/post-installation \
|
||||
/docker-entrypoint-hooks.d/pre-upgrade \
|
||||
/docker-entrypoint-hooks.d/post-upgrade \
|
||||
/docker-entrypoint-hooks.d/before-starting; \
|
||||
chown -R www-data:root /var/www; \
|
||||
chmod -R g=u /var/www
|
||||
|
||||
VOLUME /var/www/html
|
||||
|
||||
|
||||
ENV NEXTCLOUD_VERSION 30.0.0
|
||||
|
||||
RUN set -ex; \
|
||||
fetchDeps=" \
|
||||
gnupg \
|
||||
dirmngr \
|
||||
"; \
|
||||
apt-get update; \
|
||||
apt-get install -y --no-install-recommends $fetchDeps; \
|
||||
\
|
||||
curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2"; \
|
||||
curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc"; \
|
||||
export GNUPGHOME="$(mktemp -d)"; \
|
||||
# gpg key from https://nextcloud.com/nextcloud.asc
|
||||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \
|
||||
gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||
tar -xjf nextcloud.tar.bz2 -C /usr/src/; \
|
||||
gpgconf --kill all; \
|
||||
rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||
rm -rf "$GNUPGHOME" /usr/src/nextcloud/updater; \
|
||||
mkdir -p /usr/src/nextcloud/data; \
|
||||
mkdir -p /usr/src/nextcloud/custom_apps; \
|
||||
chmod +x /usr/src/nextcloud/occ; \
|
||||
\
|
||||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY *.sh upgrade.exclude /
|
||||
COPY config/* /usr/src/nextcloud/config/
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
CMD ["php-fpm"]
|
4
30/fpm/config/apcu.config.php
Normal file
4
30/fpm/config/apcu.config.php
Normal file
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'memcache.local' => '\OC\Memcache\APCu',
|
||||
);
|
15
30/fpm/config/apps.config.php
Normal file
15
30/fpm/config/apps.config.php
Normal file
|
@ -0,0 +1,15 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'apps_paths' => array (
|
||||
0 => array (
|
||||
'path' => OC::$SERVERROOT.'/apps',
|
||||
'url' => '/apps',
|
||||
'writable' => false,
|
||||
),
|
||||
1 => array (
|
||||
'path' => OC::$SERVERROOT.'/custom_apps',
|
||||
'url' => '/custom_apps',
|
||||
'writable' => true,
|
||||
),
|
||||
),
|
||||
);
|
41
30/fpm/config/autoconfig.php
Normal file
41
30/fpm/config/autoconfig.php
Normal file
|
@ -0,0 +1,41 @@
|
|||
<?php
|
||||
|
||||
$autoconfig_enabled = false;
|
||||
|
||||
if (getenv('SQLITE_DATABASE')) {
|
||||
$AUTOCONFIG['dbtype'] = 'sqlite';
|
||||
$AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
|
||||
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
|
||||
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
|
||||
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||
$AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
|
||||
$AUTOCONFIG['dbuser'] = getenv('MYSQL_USER');
|
||||
$AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
|
||||
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
|
||||
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
|
||||
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
|
||||
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
|
||||
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||
$AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');
|
||||
$AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER');
|
||||
$AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD');
|
||||
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||
$autoconfig_enabled = true;
|
||||
}
|
||||
|
||||
if ($autoconfig_enabled) {
|
||||
$AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
|
||||
}
|
17
30/fpm/config/redis.config.php
Normal file
17
30/fpm/config/redis.config.php
Normal file
|
@ -0,0 +1,17 @@
|
|||
<?php
|
||||
if (getenv('REDIS_HOST')) {
|
||||
$CONFIG = array(
|
||||
'memcache.distributed' => '\OC\Memcache\Redis',
|
||||
'memcache.locking' => '\OC\Memcache\Redis',
|
||||
'redis' => array(
|
||||
'host' => getenv('REDIS_HOST'),
|
||||
'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
|
||||
),
|
||||
);
|
||||
|
||||
if (getenv('REDIS_HOST_PORT') !== false) {
|
||||
$CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
|
||||
} elseif (getenv('REDIS_HOST')[0] != '/') {
|
||||
$CONFIG['redis']['port'] = 6379;
|
||||
}
|
||||
}
|
30
30/fpm/config/reverse-proxy.config.php
Normal file
30
30/fpm/config/reverse-proxy.config.php
Normal file
|
@ -0,0 +1,30 @@
|
|||
<?php
|
||||
$overwriteHost = getenv('OVERWRITEHOST');
|
||||
if ($overwriteHost) {
|
||||
$CONFIG['overwritehost'] = $overwriteHost;
|
||||
}
|
||||
|
||||
$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
|
||||
if ($overwriteProtocol) {
|
||||
$CONFIG['overwriteprotocol'] = $overwriteProtocol;
|
||||
}
|
||||
|
||||
$overwriteCliUrl = getenv('OVERWRITECLIURL');
|
||||
if ($overwriteCliUrl) {
|
||||
$CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
|
||||
}
|
||||
|
||||
$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
|
||||
if ($overwriteWebRoot) {
|
||||
$CONFIG['overwritewebroot'] = $overwriteWebRoot;
|
||||
}
|
||||
|
||||
$overwriteCondAddr = getenv('OVERWRITECONDADDR');
|
||||
if ($overwriteCondAddr) {
|
||||
$CONFIG['overwritecondaddr'] = $overwriteCondAddr;
|
||||
}
|
||||
|
||||
$trustedProxies = getenv('TRUSTED_PROXIES');
|
||||
if ($trustedProxies) {
|
||||
$CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
|
||||
}
|
48
30/fpm/config/s3.config.php
Normal file
48
30/fpm/config/s3.config.php
Normal file
|
@ -0,0 +1,48 @@
|
|||
<?php
|
||||
if (getenv('OBJECTSTORE_S3_BUCKET')) {
|
||||
$use_ssl = getenv('OBJECTSTORE_S3_SSL');
|
||||
$use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
|
||||
$use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
|
||||
$autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
|
||||
$CONFIG = array(
|
||||
'objectstore' => array(
|
||||
'class' => '\OC\Files\ObjectStore\S3',
|
||||
'arguments' => array(
|
||||
'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
|
||||
'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
|
||||
'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
|
||||
'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
|
||||
'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
|
||||
'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
|
||||
'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
|
||||
'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
|
||||
// required for some non Amazon S3 implementations
|
||||
'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
|
||||
// required for older protocol versions
|
||||
'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_KEY')) {
|
||||
$CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
|
||||
} else {
|
||||
$CONFIG['objectstore']['arguments']['key'] = '';
|
||||
}
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_SECRET')) {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
|
||||
} else {
|
||||
$CONFIG['objectstore']['arguments']['secret'] = '';
|
||||
}
|
||||
|
||||
if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
|
||||
$CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
|
||||
} elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
|
||||
$CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
|
||||
}
|
||||
}
|
22
30/fpm/config/smtp.config.php
Normal file
22
30/fpm/config/smtp.config.php
Normal file
|
@ -0,0 +1,22 @@
|
|||
<?php
|
||||
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
|
||||
$CONFIG = array (
|
||||
'mail_smtpmode' => 'smtp',
|
||||
'mail_smtphost' => getenv('SMTP_HOST'),
|
||||
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
|
||||
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
|
||||
'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
|
||||
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
|
||||
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
|
||||
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
|
||||
'mail_domain' => getenv('MAIL_DOMAIN'),
|
||||
);
|
||||
|
||||
if (getenv('SMTP_PASSWORD_FILE')) {
|
||||
$CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
|
||||
} elseif (getenv('SMTP_PASSWORD')) {
|
||||
$CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
|
||||
} else {
|
||||
$CONFIG['mail_smtppassword'] = '';
|
||||
}
|
||||
}
|
31
30/fpm/config/swift.config.php
Normal file
31
30/fpm/config/swift.config.php
Normal file
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
if (getenv('OBJECTSTORE_SWIFT_URL')) {
|
||||
$autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
|
||||
$CONFIG = array(
|
||||
'objectstore' => [
|
||||
'class' => 'OC\\Files\\ObjectStore\\Swift',
|
||||
'arguments' => [
|
||||
'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
|
||||
'user' => [
|
||||
'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
|
||||
'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
|
||||
'domain' => [
|
||||
'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
|
||||
],
|
||||
],
|
||||
'scope' => [
|
||||
'project' => [
|
||||
'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
|
||||
'domain' => [
|
||||
'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
|
||||
],
|
||||
],
|
||||
],
|
||||
'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
|
||||
'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
|
||||
'url' => getenv('OBJECTSTORE_SWIFT_URL'),
|
||||
'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
|
||||
]
|
||||
]
|
||||
);
|
||||
}
|
4
30/fpm/config/upgrade-disable-web.config.php
Normal file
4
30/fpm/config/upgrade-disable-web.config.php
Normal file
|
@ -0,0 +1,4 @@
|
|||
<?php
|
||||
$CONFIG = array (
|
||||
'upgrade.disable-web' => true,
|
||||
);
|
4
30/fpm/cron.sh
Executable file
4
30/fpm/cron.sh
Executable file
|
@ -0,0 +1,4 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
exec busybox crond -f -L /dev/stdout
|
293
30/fpm/entrypoint.sh
Executable file
293
30/fpm/entrypoint.sh
Executable file
|
@ -0,0 +1,293 @@
|
|||
#!/bin/sh
|
||||
set -eu
|
||||
|
||||
# version_greater A B returns whether A > B
|
||||
version_greater() {
|
||||
[ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ]
|
||||
}
|
||||
|
||||
# return true if specified directory is empty
|
||||
directory_empty() {
|
||||
[ -z "$(ls -A "$1/")" ]
|
||||
}
|
||||
|
||||
run_as() {
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
su -p "$user" -s /bin/sh -c "$1"
|
||||
else
|
||||
sh -c "$1"
|
||||
fi
|
||||
}
|
||||
|
||||
# Execute all executable files in a given directory in alphanumeric order
|
||||
run_path() {
|
||||
local hook_folder_path="/docker-entrypoint-hooks.d/$1"
|
||||
local return_code=0
|
||||
|
||||
if ! [ -d "${hook_folder_path}" ]; then
|
||||
echo "=> Skipping the folder \"${hook_folder_path}\", because it doesn't exist"
|
||||
return 0
|
||||
fi
|
||||
|
||||
echo "=> Searching for scripts (*.sh) to run, located in the folder: ${hook_folder_path}"
|
||||
|
||||
(
|
||||
find "${hook_folder_path}" -maxdepth 1 -iname '*.sh' '(' -type f -o -type l ')' -print | sort | while read -r script_file_path; do
|
||||
if ! [ -x "${script_file_path}" ]; then
|
||||
echo "==> The script \"${script_file_path}\" was skipped, because it didn't have the executable flag"
|
||||
continue
|
||||
fi
|
||||
|
||||
echo "==> Running the script (cwd: $(pwd)): \"${script_file_path}\""
|
||||
|
||||
run_as "${script_file_path}" || return_code="$?"
|
||||
|
||||
if [ "${return_code}" -ne "0" ]; then
|
||||
echo "==> Failed at executing \"${script_file_path}\". Exit code: ${return_code}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "==> Finished the script: \"${script_file_path}\""
|
||||
done
|
||||
)
|
||||
}
|
||||
|
||||
# usage: file_env VAR [DEFAULT]
|
||||
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||
file_env() {
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
|
||||
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
|
||||
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
if [ -n "${varValue}" ]; then
|
||||
export "$var"="${varValue}"
|
||||
elif [ -n "${fileVarValue}" ]; then
|
||||
export "$var"="$(cat "${fileVarValue}")"
|
||||
elif [ -n "${def}" ]; then
|
||||
export "$var"="$def"
|
||||
fi
|
||||
unset "$fileVar"
|
||||
}
|
||||
|
||||
if expr "$1" : "apache" 1>/dev/null; then
|
||||
if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then
|
||||
a2disconf remoteip
|
||||
fi
|
||||
fi
|
||||
|
||||
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
|
||||
uid="$(id -u)"
|
||||
gid="$(id -g)"
|
||||
if [ "$uid" = '0' ]; then
|
||||
case "$1" in
|
||||
apache2*)
|
||||
user="${APACHE_RUN_USER:-www-data}"
|
||||
group="${APACHE_RUN_GROUP:-www-data}"
|
||||
|
||||
# strip off any '#' symbol ('#1000' is valid syntax for Apache)
|
||||
user="${user#'#'}"
|
||||
group="${group#'#'}"
|
||||
;;
|
||||
*) # php-fpm
|
||||
user='www-data'
|
||||
group='www-data'
|
||||
;;
|
||||
esac
|
||||
else
|
||||
user="$uid"
|
||||
group="$gid"
|
||||
fi
|
||||
|
||||
if [ -n "${REDIS_HOST+x}" ]; then
|
||||
|
||||
echo "Configuring Redis as session handler"
|
||||
{
|
||||
file_env REDIS_HOST_PASSWORD
|
||||
echo 'session.save_handler = redis'
|
||||
# check if redis host is an unix socket path
|
||||
if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then
|
||||
if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||
echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\""
|
||||
else
|
||||
echo "session.save_path = \"unix://${REDIS_HOST}\""
|
||||
fi
|
||||
# check if redis password has been set
|
||||
elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\""
|
||||
else
|
||||
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\""
|
||||
fi
|
||||
echo "redis.session.locking_enabled = 1"
|
||||
echo "redis.session.lock_retries = -1"
|
||||
# redis.session.lock_wait_time is specified in microseconds.
|
||||
# Wait 10ms before retrying the lock rather than the default 2ms.
|
||||
echo "redis.session.lock_wait_time = 10000"
|
||||
} > /usr/local/etc/php/conf.d/redis-session.ini
|
||||
fi
|
||||
|
||||
# If another process is syncing the html folder, wait for
|
||||
# it to be done, then escape initalization.
|
||||
(
|
||||
if ! flock -n 9; then
|
||||
# If we couldn't get it immediately, show a message, then wait for real
|
||||
echo "Another process is initializing Nextcloud. Waiting..."
|
||||
flock 9
|
||||
fi
|
||||
|
||||
installed_version="0.0.0.0"
|
||||
if [ -f /var/www/html/version.php ]; then
|
||||
# shellcheck disable=SC2016
|
||||
installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
|
||||
fi
|
||||
# shellcheck disable=SC2016
|
||||
image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')"
|
||||
|
||||
if version_greater "$installed_version" "$image_version"; then
|
||||
echo "Can't start Nextcloud because the version of the data ($installed_version) is higher than the docker image version ($image_version) and downgrading is not supported. Are you sure you have pulled the newest image version?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if version_greater "$image_version" "$installed_version"; then
|
||||
echo "Initializing nextcloud $image_version ..."
|
||||
if [ "$installed_version" != "0.0.0.0" ]; then
|
||||
if [ "${image_version%%.*}" -gt "$((${installed_version%%.*} + 1))" ]; then
|
||||
echo "Can't start Nextcloud because upgrading from $installed_version to $image_version is not supported."
|
||||
echo "It is only possible to upgrade one major version at a time. For example, if you want to upgrade from version 14 to 16, you will have to upgrade from version 14 to 15, then from 15 to 16."
|
||||
exit 1
|
||||
fi
|
||||
echo "Upgrading nextcloud from $installed_version ..."
|
||||
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_before
|
||||
fi
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
rsync_options="-rlDog --chown $user:$group"
|
||||
else
|
||||
rsync_options="-rlD"
|
||||
fi
|
||||
|
||||
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/
|
||||
for dir in config data custom_apps themes; do
|
||||
if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then
|
||||
rsync $rsync_options --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||
fi
|
||||
done
|
||||
rsync $rsync_options --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||
|
||||
# Install
|
||||
if [ "$installed_version" = "0.0.0.0" ]; then
|
||||
echo "New nextcloud instance"
|
||||
|
||||
file_env NEXTCLOUD_ADMIN_PASSWORD
|
||||
file_env NEXTCLOUD_ADMIN_USER
|
||||
|
||||
install=false
|
||||
if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then
|
||||
# shellcheck disable=SC2016
|
||||
install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"'
|
||||
if [ -n "${NEXTCLOUD_DATA_DIR+x}" ]; then
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"'
|
||||
fi
|
||||
|
||||
file_env MYSQL_DATABASE
|
||||
file_env MYSQL_PASSWORD
|
||||
file_env MYSQL_USER
|
||||
file_env POSTGRES_DB
|
||||
file_env POSTGRES_PASSWORD
|
||||
file_env POSTGRES_USER
|
||||
|
||||
if [ -n "${SQLITE_DATABASE+x}" ]; then
|
||||
echo "Installing with SQLite database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database-name "$SQLITE_DATABASE"'
|
||||
install=true
|
||||
elif [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ]; then
|
||||
echo "Installing with MySQL database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database mysql --database-name "$MYSQL_DATABASE" --database-user "$MYSQL_USER" --database-pass "$MYSQL_PASSWORD" --database-host "$MYSQL_HOST"'
|
||||
install=true
|
||||
elif [ -n "${POSTGRES_DB+x}" ] && [ -n "${POSTGRES_USER+x}" ] && [ -n "${POSTGRES_PASSWORD+x}" ] && [ -n "${POSTGRES_HOST+x}" ]; then
|
||||
echo "Installing with PostgreSQL database"
|
||||
# shellcheck disable=SC2016
|
||||
install_options=$install_options' --database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST"'
|
||||
install=true
|
||||
fi
|
||||
|
||||
if [ "$install" = true ]; then
|
||||
run_path pre-installation
|
||||
|
||||
echo "Starting nextcloud installation"
|
||||
max_retries=10
|
||||
try=0
|
||||
until [ "$try" -gt "$max_retries" ] || run_as "php /var/www/html/occ maintenance:install $install_options"
|
||||
do
|
||||
echo "Retrying install..."
|
||||
try=$((try+1))
|
||||
sleep 10s
|
||||
done
|
||||
if [ "$try" -gt "$max_retries" ]; then
|
||||
echo "Installing of nextcloud failed!"
|
||||
exit 1
|
||||
fi
|
||||
if [ -n "${NEXTCLOUD_TRUSTED_DOMAINS+x}" ]; then
|
||||
echo "Setting trusted domains…"
|
||||
NC_TRUSTED_DOMAIN_IDX=1
|
||||
for DOMAIN in $NEXTCLOUD_TRUSTED_DOMAINS ; do
|
||||
DOMAIN=$(echo "$DOMAIN" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
|
||||
run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=$DOMAIN"
|
||||
NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
|
||||
done
|
||||
fi
|
||||
|
||||
run_path post-installation
|
||||
fi
|
||||
fi
|
||||
# not enough specified to do a fully automated installation
|
||||
if [ "$install" = false ]; then
|
||||
echo "Next step: Access your instance to finish the web-based installation!"
|
||||
echo "Hint: You can specify NEXTCLOUD_ADMIN_USER and NEXTCLOUD_ADMIN_PASSWORD and the database variables _prior to first launch_ to fully automate initial installation."
|
||||
fi
|
||||
# Upgrade
|
||||
else
|
||||
run_path pre-upgrade
|
||||
|
||||
run_as 'php /var/www/html/occ upgrade'
|
||||
|
||||
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_after
|
||||
echo "The following apps have been disabled:"
|
||||
diff /tmp/list_before /tmp/list_after | grep '<' | cut -d- -f2 | cut -d: -f1
|
||||
rm -f /tmp/list_before /tmp/list_after
|
||||
|
||||
run_path post-upgrade
|
||||
fi
|
||||
|
||||
echo "Initializing finished"
|
||||
fi
|
||||
|
||||
# Update htaccess after init if requested
|
||||
if [ -n "${NEXTCLOUD_INIT_HTACCESS+x}" ] && [ "$installed_version" != "0.0.0.0" ]; then
|
||||
run_as 'php /var/www/html/occ maintenance:update:htaccess'
|
||||
fi
|
||||
) 9> /var/www/html/nextcloud-init-sync.lock
|
||||
|
||||
# warn if config files on persistent storage differ from the latest version of this image
|
||||
for cfgPath in /usr/src/nextcloud/config/*.php; do
|
||||
cfgFile=$(basename "$cfgPath")
|
||||
|
||||
if [ "$cfgFile" != "config.sample.php" ]; then
|
||||
if ! cmp -s "/usr/src/nextcloud/config/$cfgFile" "/var/www/html/config/$cfgFile"; then
|
||||
echo "Warning: /var/www/html/config/$cfgFile differs from the latest version of this image at /usr/src/nextcloud/config/$cfgFile"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
run_path before-starting
|
||||
fi
|
||||
|
||||
exec "$@"
|
6
30/fpm/upgrade.exclude
Normal file
6
30/fpm/upgrade.exclude
Normal file
|
@ -0,0 +1,6 @@
|
|||
/config/
|
||||
/data/
|
||||
/custom_apps/
|
||||
/themes/
|
||||
/version.php
|
||||
/nextcloud-init-sync.lock
|
|
@ -1 +1 @@
|
|||
29.0.7
|
||||
30.0.0
|
||||
|
|
|
@ -1,4 +1,30 @@
|
|||
{
|
||||
"30": {
|
||||
"branch": "30",
|
||||
"version": "30.0.0",
|
||||
"url": "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2",
|
||||
"ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc",
|
||||
"variants": {
|
||||
"apache": {
|
||||
"variant": "apache",
|
||||
"base": "debian",
|
||||
"baseVersion": "bookworm",
|
||||
"phpVersion": "8.2"
|
||||
},
|
||||
"fpm": {
|
||||
"variant": "fpm",
|
||||
"base": "debian",
|
||||
"baseVersion": "bookworm",
|
||||
"phpVersion": "8.2"
|
||||
},
|
||||
"fpm-alpine": {
|
||||
"variant": "fpm-alpine",
|
||||
"base": "alpine",
|
||||
"baseVersion": "3.20",
|
||||
"phpVersion": "8.2"
|
||||
}
|
||||
}
|
||||
},
|
||||
"29": {
|
||||
"branch": "29",
|
||||
"version": "29.0.7",
|
||||
|
|
Loading…
Reference in a new issue