Merge e381107323 into 86ab9d769c

Re-order and add additional links to highlight:

- where to ask a question (forum) 
- documentation resources
- upstream (server) bug reporting and enhancement ideas

Some rewording as well.

Signed-off-by: Josh <josh.t.richards@gmail.com>

.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/README.MD

@@ -0,0 +1,5 @@
+This docker-compose.yml file will create a nextcloud instance with signed certs using the lets encrypt companion and the nginx reverse proxy.  Collabora office will also be deployed using signed certs. To use collabora the app must be installed within nextcloud and configured to use office.DOMAIN.TLD.  
+
+There is no need to specify a port, simply the pubilc domain used to create your certs for the office instance.  Ports, 443 and 80 should be forwarded to the server.
+
+![Callabora Settings](collaboraOnlineNCSettings.png)

.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/docker-compose.yml

@@ -0,0 +1,109 @@
+version: '3' 
+
+services:
+
+  proxy:
+    image: jwilder/nginx-proxy:alpine
+    labels:
+      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
+    container_name: nextcloud-proxy
+    networks:
+      - nextcloud_network
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - ./proxy/conf.d:/etc/nginx/conf.d:rw
+      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
+      - ./proxy/html:/usr/share/nginx/html:rw
+      - ./proxy/certs:/etc/nginx/certs:ro
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+    restart: unless-stopped
+  
+  letsencrypt:
+    image: jrcs/letsencrypt-nginx-proxy-companion
+    container_name: nextcloud-letsencrypt
+    depends_on:
+      - proxy
+    networks:
+      - nextcloud_network
+    volumes:
+      - ./proxy/certs:/etc/nginx/certs:rw
+      - ./proxy/vhost.d:/etc/nginx/vhost.d:rw
+      - ./proxy/html:/usr/share/nginx/html:rw
+      - /etc/localtime:/etc/localtime:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    restart: unless-stopped
+  db:
+    image: mariadb
+    container_name: nextcloud-mariadb
+    networks:
+      - nextcloud_network
+    volumes:
+      - db:/var/lib/mysql
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+    # Create a root password for the maraiadb instance.
+      - MYSQL_ROOT_PASSWORD=CREATE-A-SECURE-ROOT-PASSWORD-HERE
+    # Create a password for the nextcloud users.  If you have to manually connect your database you would use the nextcloud user and this password.
+      - MYSQL_PASSWORD=CREATE-A-SECURE-NEXTCLOUD-USER-PASSWORD-HERE
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+    restart: unless-stopped
+  
+  app:
+    image: nextcloud:latest
+    container_name: nextcloud-app
+    networks:
+      - nextcloud_network
+    depends_on:
+      - letsencrypt
+      - proxy
+      - db
+    volumes:
+      - nextcloud:/var/www/html
+      - ./app/config:/var/www/html/config
+      - ./app/custom_apps:/var/www/html/custom_apps
+      - ./app/data:/var/www/html/data
+      - ./app/themes:/var/www/html/themes
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+    # The VIRTUAL_HOST and LETSENCRYPT_HOST should use the same publically reachable domain for your nextlcloud instance.
+      - VIRTUAL_HOST=cloud.DOMAIN.TLD
+      - LETSENCRYPT_HOST=cloud.DOMAIN.TLD
+    # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals.
+      - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TDL
+    restart: unless-stopped
+  collab:
+    image: collabora/code
+    container_name: nextcloud-collab
+    networks:
+      - nextcloud_network
+    depends_on:
+      - proxy
+      - letsencrypt
+    cap_add:
+     - MKNOD
+    ports:
+      - 9980:9980
+    environment:
+    # This nees to be the same as what you set your app domain too (ex: cloud.domain.tld).
+      - domain=cloud\\.DOMAIN\\.TDL
+      - username=admin
+    # Create a passoword for the collabora office admin page.
+      - password=CREATE-A-SECURE-PASSWORD-HERE
+      - VIRTUAL_PROTO=https
+      - VIRTUAL_PORT=443
+    # The VIRTUAL_HOST and LETSENCRYPT_HOST should use the same publically reachable domain for your collabora instance (ex: office.domain.tld).
+      - VIRTUAL_HOST=office.DOMAIN.TLD
+      - LETSENCRYPT_HOST=office.DOMAIN.TLD
+    # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals.
+      - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TDL
+    restart: unless-stopped 
+volumes:
+  nextcloud:
+  db: 
+  
+networks:
+  nextcloud_network:

.github/ISSUE_TEMPLATE/config.yml

@@ -1,10 +1,22 @@
 contact_links:
-    - name: 🐛 Nextcloud issue
-      url: https://github.com/nextcloud/server/issues/new/choose
-      about: Bug reports and feature requests for Nextcloud
-    - name: 🐳 Docker Support and Help
-      url: https://forums.docker.com/
-      about: Configuration, installation, networking and other questions
-    - name: ❓ Nextcloud Support and Help
+    - name: ❓ Ask a question
       url: https://help.nextcloud.com/
-      about: Configuration, webserver/proxy or performance issues and other questions
+      about: Ask a question, get assistance or start a discussion regarding Nextcloud and/or this image
+    - name: Documentation - Nextcloud Server
+      url: https://docs.nextcloud.com/
+      about: Official documentation for Nextcloud Server
+    - name: Documentation - Nextcloud Docker Image
+      url: https://github.com/nextcloud/docker/blob/master/README.md
+      about: Official documentation for this image
+    - name: 🐳 Documentation - Docker
+      url: https://docs.docker.com/
+      about: Official documentation for Docker (installing, configuring, troubleshooting)  
+    - name: 🐳 Docker Forum
+      url: https://forums.docker.com/
+      about: Ask a question, get assistance or start a discussion regarding Docker
+    - name: 🐛 Bug Report: Nextcloud Server
+      url: https://github.com/nextcloud/server/issues/new/choose
+      about: Report a bug in Nextcloud Server
+    - name: Enhancement Idea: Nextcloud Server
+      url: https://github.com/nextcloud/server/issues/new/choose
+      about: Suggest an enhancement idea for Nextcloud Server

README.md

@@ -141,6 +141,17 @@ If mounting additional volumes under `/var/www/html`, you should consider:
 
 **Data inside the main folder (`/var/www/html`) will be overridden/removed during installation and upgrades, unless listed in [upgrade.exclude](https://github.com/nextcloud/docker/blob/master/upgrade.exclude).** The additional volumes officially supported are already in that list, but custom volumes will need to be added by you. We suggest mounting custom storage volumes outside of `/var/www/html` and if possible read-only so that making this adjustment is unnecessary. If you must do so, however, you may build a custom image with a modified `/upgrade.exclude` file that incorporates your custom volume(s).
 
+## Running as an arbitrary user / file permissions / changing the default container user
+
+The default user within a container is root (uid = 0). By default, processes inside the container will expect to have root privileges. Network services will drop privileges and use `www-data` to serve requests. 
+
+Depending on your volumes configuration, this can lead to permission issues. You can address this by running the container with a different default user. When changing the default user, the image will no longer assume it has root privileges and will run all processes under the specified uid. To accomplish this, use the `--user` / `user` option in your container environment.
+
+See:
+
+- https://docs.docker.com/engine/containers/run/#user
+- https://github.com/docker-library/docs/tree/master/php#running-as-an-arbitrary-user
+- https://docs.podman.io/en/stable/markdown/podman-run.1.html#user-u-user-group
 
 ## Accessing the Nextcloud command-line interface (`occ`)