From b617bfc7a0d1d661f688a52357bde1ea446e0ef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=ADas=20Pecchia?= <179218+mabeett@users.noreply.github.com> Date: Sun, 18 Aug 2024 22:21:05 +0200 Subject: [PATCH 1/9] Secrets handling via entrypoint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Secrets files handled only in the entrypoint, converted during initial execuition. Solves #1148 Signed-off-by: Matías Pecchia <179218+mabeett@users.noreply.github.com> --- .config/autoconfig.php | 14 -------------- .config/redis.config.php | 2 +- .config/s3.config.php | 12 +++--------- .config/smtp.config.php | 6 ++---- 28/apache/config/autoconfig.php | 14 -------------- 28/apache/config/redis.config.php | 2 +- 28/apache/config/s3.config.php | 12 +++--------- 28/apache/config/smtp.config.php | 6 ++---- 28/apache/entrypoint.sh | 27 ++++++++++++++++++++++----- 28/fpm-alpine/config/autoconfig.php | 14 -------------- 28/fpm-alpine/config/redis.config.php | 2 +- 28/fpm-alpine/config/s3.config.php | 12 +++--------- 28/fpm-alpine/config/smtp.config.php | 6 ++---- 28/fpm-alpine/entrypoint.sh | 27 ++++++++++++++++++++++----- 28/fpm/config/autoconfig.php | 14 -------------- 28/fpm/config/redis.config.php | 2 +- 28/fpm/config/s3.config.php | 12 +++--------- 28/fpm/config/smtp.config.php | 6 ++---- 28/fpm/entrypoint.sh | 27 ++++++++++++++++++++++----- 29/apache/config/autoconfig.php | 14 -------------- 29/apache/config/redis.config.php | 2 +- 29/apache/config/s3.config.php | 12 +++--------- 29/apache/config/smtp.config.php | 6 ++---- 29/apache/entrypoint.sh | 27 ++++++++++++++++++++++----- 29/fpm-alpine/config/autoconfig.php | 14 -------------- 29/fpm-alpine/config/redis.config.php | 2 +- 29/fpm-alpine/config/s3.config.php | 12 +++--------- 29/fpm-alpine/config/smtp.config.php | 6 ++---- 29/fpm-alpine/entrypoint.sh | 27 ++++++++++++++++++++++----- 29/fpm/config/autoconfig.php | 14 -------------- 29/fpm/config/redis.config.php | 2 +- 29/fpm/config/s3.config.php | 12 +++--------- 29/fpm/config/smtp.config.php | 6 ++---- 29/fpm/entrypoint.sh | 27 ++++++++++++++++++++++----- docker-entrypoint.sh | 27 ++++++++++++++++++++++----- 35 files changed, 196 insertions(+), 231 deletions(-) diff --git a/.config/autoconfig.php b/.config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/.config/autoconfig.php +++ b/.config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/.config/redis.config.php b/.config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/.config/redis.config.php +++ b/.config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/.config/s3.config.php b/.config/s3.config.php index 9941c562..b7dabf32 100644 --- a/.config/s3.config.php +++ b/.config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/.config/smtp.config.php b/.config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/.config/smtp.config.php +++ b/.config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/apache/config/autoconfig.php b/28/apache/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/28/apache/config/autoconfig.php +++ b/28/apache/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/28/apache/config/redis.config.php b/28/apache/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/28/apache/config/redis.config.php +++ b/28/apache/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/28/apache/config/s3.config.php b/28/apache/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/28/apache/config/s3.config.php +++ b/28/apache/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/28/apache/config/smtp.config.php b/28/apache/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/28/apache/config/smtp.config.php +++ b/28/apache/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/apache/entrypoint.sh b/28/apache/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/28/apache/entrypoint.sh +++ b/28/apache/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/28/fpm-alpine/config/autoconfig.php b/28/fpm-alpine/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/28/fpm-alpine/config/autoconfig.php +++ b/28/fpm-alpine/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/28/fpm-alpine/config/redis.config.php b/28/fpm-alpine/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/28/fpm-alpine/config/redis.config.php +++ b/28/fpm-alpine/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/28/fpm-alpine/config/s3.config.php b/28/fpm-alpine/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/28/fpm-alpine/config/s3.config.php +++ b/28/fpm-alpine/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/28/fpm-alpine/config/smtp.config.php b/28/fpm-alpine/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/28/fpm-alpine/config/smtp.config.php +++ b/28/fpm-alpine/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/fpm-alpine/entrypoint.sh b/28/fpm-alpine/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/28/fpm-alpine/entrypoint.sh +++ b/28/fpm-alpine/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/28/fpm/config/autoconfig.php b/28/fpm/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/28/fpm/config/autoconfig.php +++ b/28/fpm/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/28/fpm/config/redis.config.php b/28/fpm/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/28/fpm/config/redis.config.php +++ b/28/fpm/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/28/fpm/config/s3.config.php b/28/fpm/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/28/fpm/config/s3.config.php +++ b/28/fpm/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/28/fpm/config/smtp.config.php b/28/fpm/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/28/fpm/config/smtp.config.php +++ b/28/fpm/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/fpm/entrypoint.sh b/28/fpm/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/28/fpm/entrypoint.sh +++ b/28/fpm/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/29/apache/config/autoconfig.php b/29/apache/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/29/apache/config/autoconfig.php +++ b/29/apache/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/29/apache/config/redis.config.php b/29/apache/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/29/apache/config/redis.config.php +++ b/29/apache/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/29/apache/config/s3.config.php b/29/apache/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/29/apache/config/s3.config.php +++ b/29/apache/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/29/apache/config/smtp.config.php b/29/apache/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/29/apache/config/smtp.config.php +++ b/29/apache/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/29/apache/entrypoint.sh b/29/apache/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/29/apache/entrypoint.sh +++ b/29/apache/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/29/fpm-alpine/config/autoconfig.php b/29/fpm-alpine/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/29/fpm-alpine/config/autoconfig.php +++ b/29/fpm-alpine/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/29/fpm-alpine/config/redis.config.php b/29/fpm-alpine/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/29/fpm-alpine/config/redis.config.php +++ b/29/fpm-alpine/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/29/fpm-alpine/config/s3.config.php b/29/fpm-alpine/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/29/fpm-alpine/config/s3.config.php +++ b/29/fpm-alpine/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/29/fpm-alpine/config/smtp.config.php b/29/fpm-alpine/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/29/fpm-alpine/config/smtp.config.php +++ b/29/fpm-alpine/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/29/fpm-alpine/entrypoint.sh b/29/fpm-alpine/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/29/fpm-alpine/entrypoint.sh +++ b/29/fpm-alpine/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/29/fpm/config/autoconfig.php b/29/fpm/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/29/fpm/config/autoconfig.php +++ b/29/fpm/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/29/fpm/config/redis.config.php b/29/fpm/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/29/fpm/config/redis.config.php +++ b/29/fpm/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/29/fpm/config/s3.config.php b/29/fpm/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/29/fpm/config/s3.config.php +++ b/29/fpm/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/29/fpm/config/smtp.config.php b/29/fpm/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/29/fpm/config/smtp.config.php +++ b/29/fpm/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/29/fpm/entrypoint.sh b/29/fpm/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/29/fpm/entrypoint.sh +++ b/29/fpm/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 8e178f2e..809e2762 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" From 1a0fb1bfc2f4bf04ede9eab2fc3bb55482ce6946 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=ADas=20Pecchia?= <179218+mabeett@users.noreply.github.com> Date: Sun, 22 Sep 2024 19:56:30 +0200 Subject: [PATCH 2/9] Runs update.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Matías Pecchia <179218+mabeett@users.noreply.github.com> --- 30/apache/config/autoconfig.php | 14 -------------- 30/apache/config/redis.config.php | 2 +- 30/apache/config/s3.config.php | 12 +++--------- 30/apache/config/smtp.config.php | 6 ++---- 30/apache/entrypoint.sh | 27 ++++++++++++++++++++++----- 30/fpm-alpine/config/autoconfig.php | 14 -------------- 30/fpm-alpine/config/redis.config.php | 2 +- 30/fpm-alpine/config/s3.config.php | 12 +++--------- 30/fpm-alpine/config/smtp.config.php | 6 ++---- 30/fpm-alpine/entrypoint.sh | 27 ++++++++++++++++++++++----- 30/fpm/config/autoconfig.php | 14 -------------- 30/fpm/config/redis.config.php | 2 +- 30/fpm/config/s3.config.php | 12 +++--------- 30/fpm/config/smtp.config.php | 6 ++---- 30/fpm/entrypoint.sh | 27 ++++++++++++++++++++++----- 15 files changed, 84 insertions(+), 99 deletions(-) diff --git a/30/apache/config/autoconfig.php b/30/apache/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/30/apache/config/autoconfig.php +++ b/30/apache/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/30/apache/config/redis.config.php b/30/apache/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/30/apache/config/redis.config.php +++ b/30/apache/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/30/apache/config/s3.config.php b/30/apache/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/30/apache/config/s3.config.php +++ b/30/apache/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/30/apache/config/smtp.config.php b/30/apache/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/30/apache/config/smtp.config.php +++ b/30/apache/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/30/apache/entrypoint.sh b/30/apache/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/30/apache/entrypoint.sh +++ b/30/apache/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/30/fpm-alpine/config/autoconfig.php b/30/fpm-alpine/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/30/fpm-alpine/config/autoconfig.php +++ b/30/fpm-alpine/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/30/fpm-alpine/config/redis.config.php b/30/fpm-alpine/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/30/fpm-alpine/config/redis.config.php +++ b/30/fpm-alpine/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/30/fpm-alpine/config/s3.config.php b/30/fpm-alpine/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/30/fpm-alpine/config/s3.config.php +++ b/30/fpm-alpine/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/30/fpm-alpine/config/smtp.config.php b/30/fpm-alpine/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/30/fpm-alpine/config/smtp.config.php +++ b/30/fpm-alpine/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/30/fpm-alpine/entrypoint.sh b/30/fpm-alpine/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/30/fpm-alpine/entrypoint.sh +++ b/30/fpm-alpine/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/30/fpm/config/autoconfig.php b/30/fpm/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/30/fpm/config/autoconfig.php +++ b/30/fpm/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/30/fpm/config/redis.config.php b/30/fpm/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/30/fpm/config/redis.config.php +++ b/30/fpm/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/30/fpm/config/s3.config.php b/30/fpm/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/30/fpm/config/s3.config.php +++ b/30/fpm/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/30/fpm/config/smtp.config.php b/30/fpm/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/30/fpm/config/smtp.config.php +++ b/30/fpm/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/30/fpm/entrypoint.sh b/30/fpm/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/30/fpm/entrypoint.sh +++ b/30/fpm/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" From d5c6e2ff0ec45631163153d22db03bca4bc65513 Mon Sep 17 00:00:00 2001 From: Josh Date: Mon, 23 Dec 2024 09:03:54 -0500 Subject: [PATCH 3/9] docs(readme): Add community helm chart link Signed-off-by: Josh --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 152489b2..6745faa3 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ ![GitHub commit activity](https://img.shields.io/github/commit-activity/m/nextcloud/docker) ![GitHub contributors](https://img.shields.io/github/contributors/nextcloud/docker?label=contributors%20-%20Thank%20you!) ![Docker Pulls](https://img.shields.io/docker/pulls/library/nextcloud) +[![Helm](https://img.shields.io/badge/Helm-0F1689?logo=helm&logoColor=fff)](https://github.com/nextcloud/helm/?tab=readme-ov-file) # What is Nextcloud? From 08ac24880cc34d5e351bba72da219a99af253ba5 Mon Sep 17 00:00:00 2001 From: J0WI Date: Thu, 9 Jan 2025 23:01:21 +0000 Subject: [PATCH 4/9] Alpine 3.21 (#2360) --- 28/fpm-alpine/Dockerfile | 2 +- 29/fpm-alpine/Dockerfile | 2 +- 30/fpm-alpine/Dockerfile | 2 +- update.sh | 2 +- versions.json | 6 +++--- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/28/fpm-alpine/Dockerfile b/28/fpm-alpine/Dockerfile index 02cd4a23..63569f89 100644 --- a/28/fpm-alpine/Dockerfile +++ b/28/fpm-alpine/Dockerfile @@ -1,5 +1,5 @@ # DO NOT EDIT: created by update.sh from Dockerfile-alpine.template -FROM php:8.2-fpm-alpine3.20 +FROM php:8.2-fpm-alpine3.21 # entrypoint.sh and cron.sh dependencies RUN set -ex; \ diff --git a/29/fpm-alpine/Dockerfile b/29/fpm-alpine/Dockerfile index 4e147a5c..6e4ea4d1 100644 --- a/29/fpm-alpine/Dockerfile +++ b/29/fpm-alpine/Dockerfile @@ -1,5 +1,5 @@ # DO NOT EDIT: created by update.sh from Dockerfile-alpine.template -FROM php:8.2-fpm-alpine3.20 +FROM php:8.2-fpm-alpine3.21 # entrypoint.sh and cron.sh dependencies RUN set -ex; \ diff --git a/30/fpm-alpine/Dockerfile b/30/fpm-alpine/Dockerfile index 52ea716c..9bd77015 100644 --- a/30/fpm-alpine/Dockerfile +++ b/30/fpm-alpine/Dockerfile @@ -1,5 +1,5 @@ # DO NOT EDIT: created by update.sh from Dockerfile-alpine.template -FROM php:8.2-fpm-alpine3.20 +FROM php:8.2-fpm-alpine3.21 # entrypoint.sh and cron.sh dependencies RUN set -ex; \ diff --git a/update.sh b/update.sh index 6e576238..89f3d6f2 100755 --- a/update.sh +++ b/update.sh @@ -2,7 +2,7 @@ set -eo pipefail declare -A alpine_version=( - [default]='3.20' + [default]='3.21' ) declare -A debian_version=( diff --git a/versions.json b/versions.json index ec8b3ca9..09f25557 100644 --- a/versions.json +++ b/versions.json @@ -20,7 +20,7 @@ "fpm-alpine": { "variant": "fpm-alpine", "base": "alpine", - "baseVersion": "3.20", + "baseVersion": "3.21", "phpVersion": "8.2" } } @@ -46,7 +46,7 @@ "fpm-alpine": { "variant": "fpm-alpine", "base": "alpine", - "baseVersion": "3.20", + "baseVersion": "3.21", "phpVersion": "8.2" } } @@ -72,7 +72,7 @@ "fpm-alpine": { "variant": "fpm-alpine", "base": "alpine", - "baseVersion": "3.20", + "baseVersion": "3.21", "phpVersion": "8.2" } } From 5b932e390ec39c57d5280e0fa531fbd7202d49ed Mon Sep 17 00:00:00 2001 From: Hagen <2806328+derhagen@users.noreply.github.com> Date: Sat, 11 Jan 2025 19:22:09 +0100 Subject: [PATCH 5/9] Add REDIS_HOST_USER variable to specify a redis user (#2359) Signed-off-by: hagene --- .config/redis.config.php | 4 ++++ README.md | 1 + 2 files changed, 5 insertions(+) diff --git a/.config/redis.config.php b/.config/redis.config.php index a5b13da6..2069812f 100644 --- a/.config/redis.config.php +++ b/.config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/README.md b/README.md index 6745faa3..6fdd5ec9 100644 --- a/README.md +++ b/README.md @@ -236,6 +236,7 @@ To use Redis for memory caching as well as PHP session storage, specify the foll - `REDIS_HOST` (not set by default) Name of Redis container - `REDIS_HOST_PORT` (default: `6379`) Optional port for Redis, only use for external Redis servers that run on non-standard ports. +- `REDIS_HOST_USER` (not set by default) Optional username for Redis, only use for external Redis servers that require a user. - `REDIS_HOST_PASSWORD` (not set by default) Redis password Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/caching_configuration.html) for more information. From 7f707b6c5d1ded30317c4f38651b9538e879a8f0 Mon Sep 17 00:00:00 2001 From: GitHub Workflow Date: Sat, 11 Jan 2025 18:22:33 +0000 Subject: [PATCH 6/9] Runs update.sh --- 28/apache/config/redis.config.php | 4 ++++ 28/fpm-alpine/config/redis.config.php | 4 ++++ 28/fpm/config/redis.config.php | 4 ++++ 29/apache/config/redis.config.php | 4 ++++ 29/fpm-alpine/config/redis.config.php | 4 ++++ 29/fpm/config/redis.config.php | 4 ++++ 30/apache/config/redis.config.php | 4 ++++ 30/fpm-alpine/config/redis.config.php | 4 ++++ 30/fpm/config/redis.config.php | 4 ++++ 9 files changed, 36 insertions(+) diff --git a/28/apache/config/redis.config.php b/28/apache/config/redis.config.php index a5b13da6..2069812f 100644 --- a/28/apache/config/redis.config.php +++ b/28/apache/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/28/fpm-alpine/config/redis.config.php b/28/fpm-alpine/config/redis.config.php index a5b13da6..2069812f 100644 --- a/28/fpm-alpine/config/redis.config.php +++ b/28/fpm-alpine/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/28/fpm/config/redis.config.php b/28/fpm/config/redis.config.php index a5b13da6..2069812f 100644 --- a/28/fpm/config/redis.config.php +++ b/28/fpm/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/29/apache/config/redis.config.php b/29/apache/config/redis.config.php index a5b13da6..2069812f 100644 --- a/29/apache/config/redis.config.php +++ b/29/apache/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/29/fpm-alpine/config/redis.config.php b/29/fpm-alpine/config/redis.config.php index a5b13da6..2069812f 100644 --- a/29/fpm-alpine/config/redis.config.php +++ b/29/fpm-alpine/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/29/fpm/config/redis.config.php b/29/fpm/config/redis.config.php index a5b13da6..2069812f 100644 --- a/29/fpm/config/redis.config.php +++ b/29/fpm/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/30/apache/config/redis.config.php b/30/apache/config/redis.config.php index a5b13da6..2069812f 100644 --- a/30/apache/config/redis.config.php +++ b/30/apache/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/30/fpm-alpine/config/redis.config.php b/30/fpm-alpine/config/redis.config.php index a5b13da6..2069812f 100644 --- a/30/fpm-alpine/config/redis.config.php +++ b/30/fpm-alpine/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } diff --git a/30/fpm/config/redis.config.php b/30/fpm/config/redis.config.php index a5b13da6..2069812f 100644 --- a/30/fpm/config/redis.config.php +++ b/30/fpm/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + + if (getenv('REDIS_HOST_USER') !== false) { + $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER'); + } } From e0294b65ac740ea7ce6c900e5d7e71176ad4f7e6 Mon Sep 17 00:00:00 2001 From: Thomas Clavier Date: Fri, 17 Jan 2025 00:31:57 +0100 Subject: [PATCH 7/9] use var PHP_OPCACHE_MEMORY_CONSUMPTION for configuration (#2090) * use var PHP_OPCACHE_MEMORY_CONSUMTION for configuration Signed-off-by: Thomas Clavier * Use PHP_OPCACHE_MEMORY_CONSUMTION in Dockerfile-alpine.template Signed-off-by: Thomas Clavier * fix typo : CONSUMTION -> CONSUMPTION * Add opcache.memory_consumption documentation * fix typo --------- Signed-off-by: Thomas Clavier --- Dockerfile-alpine.template | 3 ++- Dockerfile-debian.template | 3 ++- README.md | 1 + 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index de69eef2..f7568e73 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -88,11 +88,12 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index 8b66dd34..792c9fe2 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -20,6 +20,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ @@ -97,7 +98,7 @@ RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ diff --git a/README.md b/README.md index 6fdd5ec9..03de4339 100644 --- a/README.md +++ b/README.md @@ -300,6 +300,7 @@ Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/adm To customize PHP limits you can change the following variables: - `PHP_MEMORY_LIMIT` (default `512M`) This sets the maximum amount of memory in bytes that a script is allowed to allocate. This is meant to help prevent poorly written scripts from eating up all available memory but it can prevent normal operation if set too tight. - `PHP_UPLOAD_LIMIT` (default `512M`) This sets the upload limit (`post_max_size` and `upload_max_filesize`) for big files. Note that you may have to change other limits depending on your client, webserver or operating system. Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html) for more information. +- `PHP_OPCACHE_MEMORY_CONSUMPTION` (default `128`) This sets the `opcache.memory_consumption` value. It's the size of the shared memory storage used by OPcache, in megabytes. ### Apache Configuration From a43854ae5c7c6eeb327d1fc82d020d7ea21bbb33 Mon Sep 17 00:00:00 2001 From: GitHub Workflow Date: Thu, 16 Jan 2025 23:32:10 +0000 Subject: [PATCH 8/9] Runs update.sh --- 28/apache/Dockerfile | 3 ++- 28/fpm-alpine/Dockerfile | 3 ++- 28/fpm/Dockerfile | 3 ++- 29/apache/Dockerfile | 9 +++++---- 29/fpm-alpine/Dockerfile | 9 +++++---- 29/fpm/Dockerfile | 9 +++++---- 30/apache/Dockerfile | 9 +++++---- 30/fpm-alpine/Dockerfile | 9 +++++---- 30/fpm/Dockerfile | 9 +++++---- latest.txt | 2 +- versions.json | 12 ++++++------ 11 files changed, 43 insertions(+), 34 deletions(-) diff --git a/28/apache/Dockerfile b/28/apache/Dockerfile index 2060d4b0..98cb9589 100644 --- a/28/apache/Dockerfile +++ b/28/apache/Dockerfile @@ -21,6 +21,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ @@ -98,7 +99,7 @@ RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ diff --git a/28/fpm-alpine/Dockerfile b/28/fpm-alpine/Dockerfile index 63569f89..54f5ab1e 100644 --- a/28/fpm-alpine/Dockerfile +++ b/28/fpm-alpine/Dockerfile @@ -89,11 +89,12 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ diff --git a/28/fpm/Dockerfile b/28/fpm/Dockerfile index 3bf63e27..10647aac 100644 --- a/28/fpm/Dockerfile +++ b/28/fpm/Dockerfile @@ -21,6 +21,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ @@ -98,7 +99,7 @@ RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ diff --git a/29/apache/Dockerfile b/29/apache/Dockerfile index a4367003..cb48fdc7 100644 --- a/29/apache/Dockerfile +++ b/29/apache/Dockerfile @@ -21,6 +21,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ @@ -98,7 +99,7 @@ RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ @@ -140,7 +141,7 @@ RUN { \ } > /etc/apache2/conf-available/apache-limits.conf; \ a2enconf apache-limits -ENV NEXTCLOUD_VERSION 29.0.10 +ENV NEXTCLOUD_VERSION 29.0.11 RUN set -ex; \ fetchDeps=" \ @@ -150,8 +151,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/29/fpm-alpine/Dockerfile b/29/fpm-alpine/Dockerfile index 6e4ea4d1..59daebfd 100644 --- a/29/fpm-alpine/Dockerfile +++ b/29/fpm-alpine/Dockerfile @@ -89,11 +89,12 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ @@ -120,7 +121,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 29.0.10 +ENV NEXTCLOUD_VERSION 29.0.11 RUN set -ex; \ apk add --no-cache --virtual .fetch-deps \ @@ -128,8 +129,8 @@ RUN set -ex; \ gnupg \ ; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/29/fpm/Dockerfile b/29/fpm/Dockerfile index d18949cd..657df0ef 100644 --- a/29/fpm/Dockerfile +++ b/29/fpm/Dockerfile @@ -21,6 +21,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ @@ -98,7 +99,7 @@ RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ @@ -125,7 +126,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 29.0.10 +ENV NEXTCLOUD_VERSION 29.0.11 RUN set -ex; \ fetchDeps=" \ @@ -135,8 +136,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/30/apache/Dockerfile b/30/apache/Dockerfile index 73ac6ccc..21195941 100644 --- a/30/apache/Dockerfile +++ b/30/apache/Dockerfile @@ -21,6 +21,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ @@ -98,7 +99,7 @@ RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ @@ -140,7 +141,7 @@ RUN { \ } > /etc/apache2/conf-available/apache-limits.conf; \ a2enconf apache-limits -ENV NEXTCLOUD_VERSION 30.0.4 +ENV NEXTCLOUD_VERSION 30.0.5 RUN set -ex; \ fetchDeps=" \ @@ -150,8 +151,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/30/fpm-alpine/Dockerfile b/30/fpm-alpine/Dockerfile index 9bd77015..e7efd0c8 100644 --- a/30/fpm-alpine/Dockerfile +++ b/30/fpm-alpine/Dockerfile @@ -89,11 +89,12 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ @@ -120,7 +121,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 30.0.4 +ENV NEXTCLOUD_VERSION 30.0.5 RUN set -ex; \ apk add --no-cache --virtual .fetch-deps \ @@ -128,8 +129,8 @@ RUN set -ex; \ gnupg \ ; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/30/fpm/Dockerfile b/30/fpm/Dockerfile index dfe49612..593d4b30 100644 --- a/30/fpm/Dockerfile +++ b/30/fpm/Dockerfile @@ -21,6 +21,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ @@ -98,7 +99,7 @@ RUN { \ echo 'opcache.enable=1'; \ echo 'opcache.interned_strings_buffer=32'; \ echo 'opcache.max_accelerated_files=10000'; \ - echo 'opcache.memory_consumption=128'; \ + echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \ echo 'opcache.save_comments=1'; \ echo 'opcache.revalidate_freq=60'; \ echo 'opcache.jit=1255'; \ @@ -125,7 +126,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 30.0.4 +ENV NEXTCLOUD_VERSION 30.0.5 RUN set -ex; \ fetchDeps=" \ @@ -135,8 +136,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/latest.txt b/latest.txt index 49ab6171..bd980c38 100644 --- a/latest.txt +++ b/latest.txt @@ -1 +1 @@ -30.0.4 +30.0.5 diff --git a/versions.json b/versions.json index 09f25557..4d7e3497 100644 --- a/versions.json +++ b/versions.json @@ -1,9 +1,9 @@ { "30": { "branch": "30", - "version": "30.0.4", - "url": "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2", - "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-30.0.4.tar.bz2.asc", + "version": "30.0.5", + "url": "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2", + "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-30.0.5.tar.bz2.asc", "variants": { "apache": { "variant": "apache", @@ -27,9 +27,9 @@ }, "29": { "branch": "29", - "version": "29.0.10", - "url": "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2", - "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-29.0.10.tar.bz2.asc", + "version": "29.0.11", + "url": "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2", + "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-29.0.11.tar.bz2.asc", "variants": { "apache": { "variant": "apache", From 616d0dff033b4354e5ff3e411e530980733f1d03 Mon Sep 17 00:00:00 2001 From: J0WI Date: Fri, 17 Jan 2025 01:42:45 +0000 Subject: [PATCH 9/9] Bump stable to 30.0.5 Signed-off-by: J0WI --- generate-stackbrew-library.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index f65b49ed..607ee45f 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash set -Eeuo pipefail -stable_channel='30.0.4' +stable_channel='30.0.5' self="$(basename "$BASH_SOURCE")" cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"