From 34a15393321c087e805f5d6e3884535d5da6df3b Mon Sep 17 00:00:00 2001 From: Grieche Date: Sun, 24 Dec 2017 14:08:07 +0100 Subject: [PATCH 1/5] * Added example Dockerfile for FULL recommended dependencies under full/ --- .examples/dockerfiles/full/apache/Dockerfile | 25 +++++++++++++++++++ .../dockerfiles/full/apache/supervisord.conf | 22 ++++++++++++++++ .examples/dockerfiles/full/fpm/Dockerfile | 25 +++++++++++++++++++ .../dockerfiles/full/fpm/supervisord.conf | 22 ++++++++++++++++ 4 files changed, 94 insertions(+) create mode 100644 .examples/dockerfiles/full/apache/Dockerfile create mode 100644 .examples/dockerfiles/full/apache/supervisord.conf create mode 100644 .examples/dockerfiles/full/fpm/Dockerfile create mode 100644 .examples/dockerfiles/full/fpm/supervisord.conf diff --git a/.examples/dockerfiles/full/apache/Dockerfile b/.examples/dockerfiles/full/apache/Dockerfile new file mode 100644 index 00000000..13f81dee --- /dev/null +++ b/.examples/dockerfiles/full/apache/Dockerfile @@ -0,0 +1,25 @@ +FROM nextcloud:apache + +RUN echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/sources.list \ + && apt-get update && apt-get install -y \ + supervisor \ + cron \ + ffmpeg \ + libmagickwand-dev \ + libgmp3-dev \ + libc-client-dev \ + libkrb5-dev \ + smbclient \ + libsmbclient-dev \ +# LibreOffice \ + && rm -rf /var/lib/apt/lists/* \ + && docker-php-ext-configure imap --with-kerberos --with-imap-ssl \ + && docker-php-ext-install bz2 gmp imap \ + && pecl install imagick smbclient \ + && docker-php-ext-enable imagick smbclient \ + && mkdir /var/log/supervisord /var/run/supervisord \ + && echo "*/15 * * * * su - www-data -s /bin/bash -c \"php -f /var/www/html/cron.php\""| crontab - + +COPY supervisord.conf /etc/supervisor/supervisord.conf + +CMD ["/usr/bin/supervisord"] diff --git a/.examples/dockerfiles/full/apache/supervisord.conf b/.examples/dockerfiles/full/apache/supervisord.conf new file mode 100644 index 00000000..ff27295f --- /dev/null +++ b/.examples/dockerfiles/full/apache/supervisord.conf @@ -0,0 +1,22 @@ +[supervisord] +nodaemon=true +logfile=/var/log/supervisord/supervisord.log +pidfile=/var/run/supervisord/supervisord.pid +childlogdir=/var/log/supervisord/ +logfile_maxbytes=50MB ; maximum size of logfile before rotation +logfile_backups=10 ; number of backed up logfiles +loglevel=error + +[program:php-fpm] +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=php-fpm + +[program:cron] +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=cron -f diff --git a/.examples/dockerfiles/full/fpm/Dockerfile b/.examples/dockerfiles/full/fpm/Dockerfile new file mode 100644 index 00000000..e268b0d2 --- /dev/null +++ b/.examples/dockerfiles/full/fpm/Dockerfile @@ -0,0 +1,25 @@ +FROM nextcloud:fpm + +RUN echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/sources.list \ + && apt-get update && apt-get install -y \ + supervisor \ + cron \ + ffmpeg \ + libmagickwand-dev \ + libgmp3-dev \ + libc-client-dev \ + libkrb5-dev \ + smbclient \ + libsmbclient-dev \ +# LibreOffice \ + && rm -rf /var/lib/apt/lists/* \ + && docker-php-ext-configure imap --with-kerberos --with-imap-ssl \ + && docker-php-ext-install bz2 gmp imap \ + && pecl install imagick smbclient \ + && docker-php-ext-enable imagick smbclient \ + && mkdir /var/log/supervisord /var/run/supervisord \ + && echo "*/15 * * * * su - www-data -s /bin/bash -c \"php -f /var/www/html/cron.php\""| crontab - + +COPY supervisord.conf /etc/supervisor/supervisord.conf + +CMD ["/usr/bin/supervisord"] diff --git a/.examples/dockerfiles/full/fpm/supervisord.conf b/.examples/dockerfiles/full/fpm/supervisord.conf new file mode 100644 index 00000000..ff27295f --- /dev/null +++ b/.examples/dockerfiles/full/fpm/supervisord.conf @@ -0,0 +1,22 @@ +[supervisord] +nodaemon=true +logfile=/var/log/supervisord/supervisord.log +pidfile=/var/run/supervisord/supervisord.pid +childlogdir=/var/log/supervisord/ +logfile_maxbytes=50MB ; maximum size of logfile before rotation +logfile_backups=10 ; number of backed up logfiles +loglevel=error + +[program:php-fpm] +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=php-fpm + +[program:cron] +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=cron -f From 32bbf4adbc4de0609791752974a81e187d255fbd Mon Sep 17 00:00:00 2001 From: Greek64 <32879245+Greek64@users.noreply.github.com> Date: Sun, 24 Dec 2017 14:47:05 +0100 Subject: [PATCH 2/5] * Updated README.md --- .examples/README.md | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/.examples/README.md b/.examples/README.md index dbcc5b8b..5a427618 100644 --- a/.examples/README.md +++ b/.examples/README.md @@ -16,8 +16,51 @@ Example | Description [cron](https://github.com/nextcloud/docker/tree/master/.examples/dockerfiles/cron) | uses supervisor to run the cron job inside the container (so no extra container is needed). [imap](https://github.com/nextcloud/docker/tree/master/.examples/dockerfiles/imap) | adds dependencies required to authenticate users via imap [smb](https://github.com/nextcloud/docker/tree/master/.examples/dockerfiles/smb) | adds dependencies required to use smb shares +[full](https://github.com/nextcloud/docker/tree/master/.examples/dockerfiles/full) | adds dependencies for ALL optional packages and cron functionality via supervisor (as in the `cron` example Dockerfile). +### full +The `full` Dockerfile example adds dependencies for all optional packages suggested by nextcloud that may be needed for some features (e.g. Video Preview Generation), as stated in the [Administration Manual](https://docs.nextcloud.com/server/12/admin_manual/installation/source_installation.html). +NOTE: The Dockerfile does not install the LibreOffice package (line is commented), because it would increase the generated Image size by approximately 500 MB. In order to install it, simply uncomment the 14th line of the Dockerfile. + +The required steps for each optional/recommended package that is not already in the Nextcloud image are listed here, so that the Dockerfile can easily be modified to only install the needed extra packages. Simply remove the steps for the unwanted packages from the Dockerfile. + +#### PHP Module bz2 +`docker-php-ext-install bz2`
+ +#### PHP Module imagick +`apt install libmagickwand-dev`
+`pecl install imagick`
+`docker-php-ext-enable imagick`
+ +#### PHP Module imap +`apt install libc-client-dev libkrb5-dev`
+`docker-php-ext-configure imap --with-kerberos --with-imap-ssl`
+`docker-php-ext-install imap`
+ +#### PHP Module gmp +`apt install libgmp3-dev`
+`docker-php-ext-install gmp`
+ +#### PHP Module smbclient +`apt install smbclient libsmbclient-dev`
+`pecl install smbclient`
+`docker-php-ext-enable smbclient`
+ +#### ffmpeg +`echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/sources.list`
+`apt install ffmpeg`
+ +#### LibreOffice +`apt install LibreOffice`
+ +#### CRON via supervisor +`apt install supervisor cron`
+`mkdir /var/log/supervisord /var/run/supervisord`
+`echo "*/15 * * * * su - www-data -s /bin/bash -c \"php -f /var/www/html/cron.php\""| crontab -`
+The following Dockerfile commands are also necessary for a sucessfull cron installation:
+`COPY supervisord.conf /etc/supervisor/supervisord.conf`
+`CMD ["/usr/bin/supervisord"]`
From 680d8e41aab9cf58bf841fc8d63d3c2ea3f003f0 Mon Sep 17 00:00:00 2001 From: Tilo Spannagel Date: Wed, 3 Jan 2018 19:58:39 +0100 Subject: [PATCH 3/5] Fix i386 build --- .examples/dockerfiles/full/apache/Dockerfile | 1 + .examples/dockerfiles/full/fpm/Dockerfile | 1 + 2 files changed, 2 insertions(+) diff --git a/.examples/dockerfiles/full/apache/Dockerfile b/.examples/dockerfiles/full/apache/Dockerfile index 13f81dee..8a7c65da 100644 --- a/.examples/dockerfiles/full/apache/Dockerfile +++ b/.examples/dockerfiles/full/apache/Dockerfile @@ -14,6 +14,7 @@ RUN echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/so # LibreOffice \ && rm -rf /var/lib/apt/lists/* \ && docker-php-ext-configure imap --with-kerberos --with-imap-ssl \ + && ln -s "/usr/include/$(dpkg-architecture --query DEB_BUILD_MULTIARCH)/gmp.h" /usr/include/gmp.h \ && docker-php-ext-install bz2 gmp imap \ && pecl install imagick smbclient \ && docker-php-ext-enable imagick smbclient \ diff --git a/.examples/dockerfiles/full/fpm/Dockerfile b/.examples/dockerfiles/full/fpm/Dockerfile index e268b0d2..af37cd53 100644 --- a/.examples/dockerfiles/full/fpm/Dockerfile +++ b/.examples/dockerfiles/full/fpm/Dockerfile @@ -14,6 +14,7 @@ RUN echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/so # LibreOffice \ && rm -rf /var/lib/apt/lists/* \ && docker-php-ext-configure imap --with-kerberos --with-imap-ssl \ + && ln -s "/usr/include/$(dpkg-architecture --query DEB_BUILD_MULTIARCH)/gmp.h" /usr/include/gmp.h \ && docker-php-ext-install bz2 gmp imap \ && pecl install imagick smbclient \ && docker-php-ext-enable imagick smbclient \ From 52b3ce0a54afb6f0e82fcc5f0acfeaaaa2e88ade Mon Sep 17 00:00:00 2001 From: Tilo Spannagel Date: Wed, 3 Jan 2018 20:00:19 +0100 Subject: [PATCH 4/5] Fix supervisord.conf for apache --- .examples/dockerfiles/full/apache/supervisord.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.examples/dockerfiles/full/apache/supervisord.conf b/.examples/dockerfiles/full/apache/supervisord.conf index ff27295f..25ae32f8 100644 --- a/.examples/dockerfiles/full/apache/supervisord.conf +++ b/.examples/dockerfiles/full/apache/supervisord.conf @@ -7,12 +7,12 @@ logfile_maxbytes=50MB ; maximum size of logfile before logfile_backups=10 ; number of backed up logfiles loglevel=error -[program:php-fpm] +[program:apache2] stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=php-fpm +command=apache2-foreground [program:cron] stdout_logfile=/dev/stdout From b60365aba203d4900b5f3587bb0403b3fe0e7271 Mon Sep 17 00:00:00 2001 From: Greek64 <32879245+Greek64@users.noreply.github.com> Date: Thu, 4 Jan 2018 18:11:21 +0100 Subject: [PATCH 5/5] Updated README.md in .example Section --- .examples/README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.examples/README.md b/.examples/README.md index 5a427618..0b381ee5 100644 --- a/.examples/README.md +++ b/.examples/README.md @@ -21,7 +21,11 @@ Example | Description ### full The `full` Dockerfile example adds dependencies for all optional packages suggested by nextcloud that may be needed for some features (e.g. Video Preview Generation), as stated in the [Administration Manual](https://docs.nextcloud.com/server/12/admin_manual/installation/source_installation.html). -NOTE: The Dockerfile does not install the LibreOffice package (line is commented), because it would increase the generated Image size by approximately 500 MB. In order to install it, simply uncomment the 14th line of the Dockerfile. +NOTE: The Dockerfile does not install the LibreOffice package (line is commented), because it would increase the generated Image size by approximately 500 MB. In order to install it, simply uncomment the 14th line of the Dockerfile.
+ +NOTE: Per default, only previews for BMP, GIF, JPEG, MarkDown, MP3, PNG, TXT, and XBitmap Files are generated. The configuration of the preview generation can be done in config.php, as explained in the [Administration Manual](https://docs.nextcloud.com/server/12/admin_manual/configuration_server/config_sample_php_parameters.html#previews)
+ +NOTE: Nextcloud recommends [disabling preview generation](https://docs.nextcloud.com/server/12/admin_manual/configuration_server/harden_server.html?highlight=enabledpreviewproviders#disable-preview-image-generation) for high security deployments, as preview generation opens your nextcloud instance to new possible attack vectors.
The required steps for each optional/recommended package that is not already in the Nextcloud image are listed here, so that the Dockerfile can easily be modified to only install the needed extra packages. Simply remove the steps for the unwanted packages from the Dockerfile.