mirror of
https://github.com/nextcloud/docker.git
synced 2024-09-30 00:12:36 +02:00
Compare commits
3 commits
5e725e083a
...
c3461f6f7d
Author | SHA1 | Date | |
---|---|---|---|
|
c3461f6f7d | ||
|
0ffd24170f | ||
|
e72a9e97c5 |
45 changed files with 2096 additions and 15 deletions
174
30/apache/Dockerfile
Normal file
174
30/apache/Dockerfile
Normal file
|
@ -0,0 +1,174 @@
|
||||||
|
# DO NOT EDIT: created by update.sh from Dockerfile-debian.template
|
||||||
|
FROM php:8.2-apache-bookworm
|
||||||
|
|
||||||
|
# entrypoint.sh and cron.sh dependencies
|
||||||
|
RUN set -ex; \
|
||||||
|
\
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends \
|
||||||
|
busybox-static \
|
||||||
|
bzip2 \
|
||||||
|
libldap-common \
|
||||||
|
libmagickcore-6.q16-6-extra \
|
||||||
|
rsync \
|
||||||
|
; \
|
||||||
|
rm -rf /var/lib/apt/lists/*; \
|
||||||
|
\
|
||||||
|
mkdir -p /var/spool/cron/crontabs; \
|
||||||
|
echo '*/5 * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data
|
||||||
|
|
||||||
|
# install the PHP extensions we need
|
||||||
|
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
||||||
|
ENV PHP_MEMORY_LIMIT 512M
|
||||||
|
ENV PHP_UPLOAD_LIMIT 512M
|
||||||
|
RUN set -ex; \
|
||||||
|
\
|
||||||
|
savedAptMark="$(apt-mark showmanual)"; \
|
||||||
|
\
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends \
|
||||||
|
libcurl4-openssl-dev \
|
||||||
|
libevent-dev \
|
||||||
|
libfreetype6-dev \
|
||||||
|
libgmp-dev \
|
||||||
|
libicu-dev \
|
||||||
|
libjpeg-dev \
|
||||||
|
libldap2-dev \
|
||||||
|
libmagickwand-dev \
|
||||||
|
libmcrypt-dev \
|
||||||
|
libmemcached-dev \
|
||||||
|
libpng-dev \
|
||||||
|
libpq-dev \
|
||||||
|
libwebp-dev \
|
||||||
|
libxml2-dev \
|
||||||
|
libzip-dev \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
|
||||||
|
docker-php-ext-configure ftp --with-openssl-dir=/usr; \
|
||||||
|
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
|
||||||
|
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
|
||||||
|
docker-php-ext-install -j "$(nproc)" \
|
||||||
|
bcmath \
|
||||||
|
exif \
|
||||||
|
ftp \
|
||||||
|
gd \
|
||||||
|
gmp \
|
||||||
|
intl \
|
||||||
|
ldap \
|
||||||
|
opcache \
|
||||||
|
pcntl \
|
||||||
|
pdo_mysql \
|
||||||
|
pdo_pgsql \
|
||||||
|
sysvsem \
|
||||||
|
zip \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
# pecl will claim success even if one install fails, so we need to perform each install separately
|
||||||
|
pecl install APCu-5.1.23; \
|
||||||
|
pecl install imagick-3.7.0; \
|
||||||
|
pecl install memcached-3.2.0; \
|
||||||
|
pecl install redis-6.0.2; \
|
||||||
|
\
|
||||||
|
docker-php-ext-enable \
|
||||||
|
apcu \
|
||||||
|
imagick \
|
||||||
|
memcached \
|
||||||
|
redis \
|
||||||
|
; \
|
||||||
|
rm -r /tmp/pear; \
|
||||||
|
\
|
||||||
|
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
|
||||||
|
apt-mark auto '.*' > /dev/null; \
|
||||||
|
apt-mark manual $savedAptMark; \
|
||||||
|
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
|
||||||
|
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
|
||||||
|
| sort -u \
|
||||||
|
| xargs -r dpkg-query --search \
|
||||||
|
| cut -d: -f1 \
|
||||||
|
| sort -u \
|
||||||
|
| xargs -rt apt-mark manual; \
|
||||||
|
\
|
||||||
|
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
# set recommended PHP.ini settings
|
||||||
|
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||||
|
RUN { \
|
||||||
|
echo 'opcache.enable=1'; \
|
||||||
|
echo 'opcache.interned_strings_buffer=32'; \
|
||||||
|
echo 'opcache.max_accelerated_files=10000'; \
|
||||||
|
echo 'opcache.memory_consumption=128'; \
|
||||||
|
echo 'opcache.save_comments=1'; \
|
||||||
|
echo 'opcache.revalidate_freq=60'; \
|
||||||
|
echo 'opcache.jit=1255'; \
|
||||||
|
echo 'opcache.jit_buffer_size=128M'; \
|
||||||
|
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||||
|
\
|
||||||
|
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||||
|
\
|
||||||
|
{ \
|
||||||
|
echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
|
||||||
|
echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
|
||||||
|
echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
|
||||||
|
} > "${PHP_INI_DIR}/conf.d/nextcloud.ini"; \
|
||||||
|
\
|
||||||
|
mkdir /var/www/data; \
|
||||||
|
mkdir -p /docker-entrypoint-hooks.d/pre-installation \
|
||||||
|
/docker-entrypoint-hooks.d/post-installation \
|
||||||
|
/docker-entrypoint-hooks.d/pre-upgrade \
|
||||||
|
/docker-entrypoint-hooks.d/post-upgrade \
|
||||||
|
/docker-entrypoint-hooks.d/before-starting; \
|
||||||
|
chown -R www-data:root /var/www; \
|
||||||
|
chmod -R g=u /var/www
|
||||||
|
|
||||||
|
VOLUME /var/www/html
|
||||||
|
|
||||||
|
RUN a2enmod headers rewrite remoteip ; \
|
||||||
|
{ \
|
||||||
|
echo 'RemoteIPHeader X-Real-IP'; \
|
||||||
|
echo 'RemoteIPInternalProxy 10.0.0.0/8'; \
|
||||||
|
echo 'RemoteIPInternalProxy 172.16.0.0/12'; \
|
||||||
|
echo 'RemoteIPInternalProxy 192.168.0.0/16'; \
|
||||||
|
} > /etc/apache2/conf-available/remoteip.conf; \
|
||||||
|
a2enconf remoteip
|
||||||
|
|
||||||
|
# set apache config LimitRequestBody
|
||||||
|
ENV APACHE_BODY_LIMIT 1073741824
|
||||||
|
RUN { \
|
||||||
|
echo 'LimitRequestBody ${APACHE_BODY_LIMIT}'; \
|
||||||
|
} > /etc/apache2/conf-available/apache-limits.conf; \
|
||||||
|
a2enconf apache-limits
|
||||||
|
|
||||||
|
ENV NEXTCLOUD_VERSION 30.0.0
|
||||||
|
|
||||||
|
RUN set -ex; \
|
||||||
|
fetchDeps=" \
|
||||||
|
gnupg \
|
||||||
|
dirmngr \
|
||||||
|
"; \
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends $fetchDeps; \
|
||||||
|
\
|
||||||
|
curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2"; \
|
||||||
|
curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc"; \
|
||||||
|
export GNUPGHOME="$(mktemp -d)"; \
|
||||||
|
# gpg key from https://nextcloud.com/nextcloud.asc
|
||||||
|
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \
|
||||||
|
gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||||
|
tar -xjf nextcloud.tar.bz2 -C /usr/src/; \
|
||||||
|
gpgconf --kill all; \
|
||||||
|
rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||||
|
rm -rf "$GNUPGHOME" /usr/src/nextcloud/updater; \
|
||||||
|
mkdir -p /usr/src/nextcloud/data; \
|
||||||
|
mkdir -p /usr/src/nextcloud/custom_apps; \
|
||||||
|
chmod +x /usr/src/nextcloud/occ; \
|
||||||
|
\
|
||||||
|
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
COPY *.sh upgrade.exclude /
|
||||||
|
COPY config/* /usr/src/nextcloud/config/
|
||||||
|
|
||||||
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
|
CMD ["apache2-foreground"]
|
4
30/apache/config/apache-pretty-urls.config.php
Normal file
4
30/apache/config/apache-pretty-urls.config.php
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'htaccess.RewriteBase' => '/',
|
||||||
|
);
|
4
30/apache/config/apcu.config.php
Normal file
4
30/apache/config/apcu.config.php
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'memcache.local' => '\OC\Memcache\APCu',
|
||||||
|
);
|
15
30/apache/config/apps.config.php
Normal file
15
30/apache/config/apps.config.php
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'apps_paths' => array (
|
||||||
|
0 => array (
|
||||||
|
'path' => OC::$SERVERROOT.'/apps',
|
||||||
|
'url' => '/apps',
|
||||||
|
'writable' => false,
|
||||||
|
),
|
||||||
|
1 => array (
|
||||||
|
'path' => OC::$SERVERROOT.'/custom_apps',
|
||||||
|
'url' => '/custom_apps',
|
||||||
|
'writable' => true,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
41
30/apache/config/autoconfig.php
Normal file
41
30/apache/config/autoconfig.php
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
$autoconfig_enabled = false;
|
||||||
|
|
||||||
|
if (getenv('SQLITE_DATABASE')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'sqlite';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||||
|
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
|
||||||
|
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
|
||||||
|
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
|
||||||
|
$AUTOCONFIG['dbuser'] = getenv('MYSQL_USER');
|
||||||
|
$AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||||
|
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
|
||||||
|
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
|
||||||
|
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');
|
||||||
|
$AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER');
|
||||||
|
$AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD');
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($autoconfig_enabled) {
|
||||||
|
$AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
|
||||||
|
}
|
17
30/apache/config/redis.config.php
Normal file
17
30/apache/config/redis.config.php
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('REDIS_HOST')) {
|
||||||
|
$CONFIG = array(
|
||||||
|
'memcache.distributed' => '\OC\Memcache\Redis',
|
||||||
|
'memcache.locking' => '\OC\Memcache\Redis',
|
||||||
|
'redis' => array(
|
||||||
|
'host' => getenv('REDIS_HOST'),
|
||||||
|
'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('REDIS_HOST_PORT') !== false) {
|
||||||
|
$CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
|
||||||
|
} elseif (getenv('REDIS_HOST')[0] != '/') {
|
||||||
|
$CONFIG['redis']['port'] = 6379;
|
||||||
|
}
|
||||||
|
}
|
30
30/apache/config/reverse-proxy.config.php
Normal file
30
30/apache/config/reverse-proxy.config.php
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
<?php
|
||||||
|
$overwriteHost = getenv('OVERWRITEHOST');
|
||||||
|
if ($overwriteHost) {
|
||||||
|
$CONFIG['overwritehost'] = $overwriteHost;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
|
||||||
|
if ($overwriteProtocol) {
|
||||||
|
$CONFIG['overwriteprotocol'] = $overwriteProtocol;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteCliUrl = getenv('OVERWRITECLIURL');
|
||||||
|
if ($overwriteCliUrl) {
|
||||||
|
$CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
|
||||||
|
if ($overwriteWebRoot) {
|
||||||
|
$CONFIG['overwritewebroot'] = $overwriteWebRoot;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteCondAddr = getenv('OVERWRITECONDADDR');
|
||||||
|
if ($overwriteCondAddr) {
|
||||||
|
$CONFIG['overwritecondaddr'] = $overwriteCondAddr;
|
||||||
|
}
|
||||||
|
|
||||||
|
$trustedProxies = getenv('TRUSTED_PROXIES');
|
||||||
|
if ($trustedProxies) {
|
||||||
|
$CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
|
||||||
|
}
|
48
30/apache/config/s3.config.php
Normal file
48
30/apache/config/s3.config.php
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('OBJECTSTORE_S3_BUCKET')) {
|
||||||
|
$use_ssl = getenv('OBJECTSTORE_S3_SSL');
|
||||||
|
$use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
|
||||||
|
$use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
|
||||||
|
$autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
|
||||||
|
$CONFIG = array(
|
||||||
|
'objectstore' => array(
|
||||||
|
'class' => '\OC\Files\ObjectStore\S3',
|
||||||
|
'arguments' => array(
|
||||||
|
'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
|
||||||
|
'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
|
||||||
|
'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
|
||||||
|
'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
|
||||||
|
'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
|
||||||
|
'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
|
||||||
|
'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
|
||||||
|
'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
|
||||||
|
// required for some non Amazon S3 implementations
|
||||||
|
'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
|
||||||
|
// required for older protocol versions
|
||||||
|
'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_KEY')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
|
||||||
|
} else {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_SECRET')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
|
||||||
|
} else {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
|
||||||
|
}
|
||||||
|
}
|
22
30/apache/config/smtp.config.php
Normal file
22
30/apache/config/smtp.config.php
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
|
||||||
|
$CONFIG = array (
|
||||||
|
'mail_smtpmode' => 'smtp',
|
||||||
|
'mail_smtphost' => getenv('SMTP_HOST'),
|
||||||
|
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
|
||||||
|
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
|
||||||
|
'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
|
||||||
|
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
|
||||||
|
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
|
||||||
|
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
|
||||||
|
'mail_domain' => getenv('MAIL_DOMAIN'),
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('SMTP_PASSWORD_FILE')) {
|
||||||
|
$CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
|
||||||
|
} elseif (getenv('SMTP_PASSWORD')) {
|
||||||
|
$CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
|
||||||
|
} else {
|
||||||
|
$CONFIG['mail_smtppassword'] = '';
|
||||||
|
}
|
||||||
|
}
|
31
30/apache/config/swift.config.php
Normal file
31
30/apache/config/swift.config.php
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('OBJECTSTORE_SWIFT_URL')) {
|
||||||
|
$autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
|
||||||
|
$CONFIG = array(
|
||||||
|
'objectstore' => [
|
||||||
|
'class' => 'OC\\Files\\ObjectStore\\Swift',
|
||||||
|
'arguments' => [
|
||||||
|
'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
|
||||||
|
'user' => [
|
||||||
|
'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
|
||||||
|
'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
|
||||||
|
'domain' => [
|
||||||
|
'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'scope' => [
|
||||||
|
'project' => [
|
||||||
|
'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
|
||||||
|
'domain' => [
|
||||||
|
'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
|
||||||
|
'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
|
||||||
|
'url' => getenv('OBJECTSTORE_SWIFT_URL'),
|
||||||
|
'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
|
||||||
|
]
|
||||||
|
]
|
||||||
|
);
|
||||||
|
}
|
4
30/apache/config/upgrade-disable-web.config.php
Normal file
4
30/apache/config/upgrade-disable-web.config.php
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'upgrade.disable-web' => true,
|
||||||
|
);
|
4
30/apache/cron.sh
Executable file
4
30/apache/cron.sh
Executable file
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
exec busybox crond -f -L /dev/stdout
|
293
30/apache/entrypoint.sh
Executable file
293
30/apache/entrypoint.sh
Executable file
|
@ -0,0 +1,293 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
# version_greater A B returns whether A > B
|
||||||
|
version_greater() {
|
||||||
|
[ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
# return true if specified directory is empty
|
||||||
|
directory_empty() {
|
||||||
|
[ -z "$(ls -A "$1/")" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
run_as() {
|
||||||
|
if [ "$(id -u)" = 0 ]; then
|
||||||
|
su -p "$user" -s /bin/sh -c "$1"
|
||||||
|
else
|
||||||
|
sh -c "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Execute all executable files in a given directory in alphanumeric order
|
||||||
|
run_path() {
|
||||||
|
local hook_folder_path="/docker-entrypoint-hooks.d/$1"
|
||||||
|
local return_code=0
|
||||||
|
|
||||||
|
if ! [ -d "${hook_folder_path}" ]; then
|
||||||
|
echo "=> Skipping the folder \"${hook_folder_path}\", because it doesn't exist"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "=> Searching for scripts (*.sh) to run, located in the folder: ${hook_folder_path}"
|
||||||
|
|
||||||
|
(
|
||||||
|
find "${hook_folder_path}" -maxdepth 1 -iname '*.sh' '(' -type f -o -type l ')' -print | sort | while read -r script_file_path; do
|
||||||
|
if ! [ -x "${script_file_path}" ]; then
|
||||||
|
echo "==> The script \"${script_file_path}\" was skipped, because it didn't have the executable flag"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "==> Running the script (cwd: $(pwd)): \"${script_file_path}\""
|
||||||
|
|
||||||
|
run_as "${script_file_path}" || return_code="$?"
|
||||||
|
|
||||||
|
if [ "${return_code}" -ne "0" ]; then
|
||||||
|
echo "==> Failed at executing \"${script_file_path}\". Exit code: ${return_code}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "==> Finished the script: \"${script_file_path}\""
|
||||||
|
done
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: file_env VAR [DEFAULT]
|
||||||
|
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||||
|
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||||
|
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||||
|
file_env() {
|
||||||
|
local var="$1"
|
||||||
|
local fileVar="${var}_FILE"
|
||||||
|
local def="${2:-}"
|
||||||
|
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
|
||||||
|
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
|
||||||
|
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
|
||||||
|
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ -n "${varValue}" ]; then
|
||||||
|
export "$var"="${varValue}"
|
||||||
|
elif [ -n "${fileVarValue}" ]; then
|
||||||
|
export "$var"="$(cat "${fileVarValue}")"
|
||||||
|
elif [ -n "${def}" ]; then
|
||||||
|
export "$var"="$def"
|
||||||
|
fi
|
||||||
|
unset "$fileVar"
|
||||||
|
}
|
||||||
|
|
||||||
|
if expr "$1" : "apache" 1>/dev/null; then
|
||||||
|
if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then
|
||||||
|
a2disconf remoteip
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
|
||||||
|
uid="$(id -u)"
|
||||||
|
gid="$(id -g)"
|
||||||
|
if [ "$uid" = '0' ]; then
|
||||||
|
case "$1" in
|
||||||
|
apache2*)
|
||||||
|
user="${APACHE_RUN_USER:-www-data}"
|
||||||
|
group="${APACHE_RUN_GROUP:-www-data}"
|
||||||
|
|
||||||
|
# strip off any '#' symbol ('#1000' is valid syntax for Apache)
|
||||||
|
user="${user#'#'}"
|
||||||
|
group="${group#'#'}"
|
||||||
|
;;
|
||||||
|
*) # php-fpm
|
||||||
|
user='www-data'
|
||||||
|
group='www-data'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
else
|
||||||
|
user="$uid"
|
||||||
|
group="$gid"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "${REDIS_HOST+x}" ]; then
|
||||||
|
|
||||||
|
echo "Configuring Redis as session handler"
|
||||||
|
{
|
||||||
|
file_env REDIS_HOST_PASSWORD
|
||||||
|
echo 'session.save_handler = redis'
|
||||||
|
# check if redis host is an unix socket path
|
||||||
|
if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then
|
||||||
|
if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||||
|
echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\""
|
||||||
|
else
|
||||||
|
echo "session.save_path = \"unix://${REDIS_HOST}\""
|
||||||
|
fi
|
||||||
|
# check if redis password has been set
|
||||||
|
elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||||
|
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\""
|
||||||
|
else
|
||||||
|
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\""
|
||||||
|
fi
|
||||||
|
echo "redis.session.locking_enabled = 1"
|
||||||
|
echo "redis.session.lock_retries = -1"
|
||||||
|
# redis.session.lock_wait_time is specified in microseconds.
|
||||||
|
# Wait 10ms before retrying the lock rather than the default 2ms.
|
||||||
|
echo "redis.session.lock_wait_time = 10000"
|
||||||
|
} > /usr/local/etc/php/conf.d/redis-session.ini
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If another process is syncing the html folder, wait for
|
||||||
|
# it to be done, then escape initalization.
|
||||||
|
(
|
||||||
|
if ! flock -n 9; then
|
||||||
|
# If we couldn't get it immediately, show a message, then wait for real
|
||||||
|
echo "Another process is initializing Nextcloud. Waiting..."
|
||||||
|
flock 9
|
||||||
|
fi
|
||||||
|
|
||||||
|
installed_version="0.0.0.0"
|
||||||
|
if [ -f /var/www/html/version.php ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
|
||||||
|
fi
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')"
|
||||||
|
|
||||||
|
if version_greater "$installed_version" "$image_version"; then
|
||||||
|
echo "Can't start Nextcloud because the version of the data ($installed_version) is higher than the docker image version ($image_version) and downgrading is not supported. Are you sure you have pulled the newest image version?"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if version_greater "$image_version" "$installed_version"; then
|
||||||
|
echo "Initializing nextcloud $image_version ..."
|
||||||
|
if [ "$installed_version" != "0.0.0.0" ]; then
|
||||||
|
if [ "${image_version%%.*}" -gt "$((${installed_version%%.*} + 1))" ]; then
|
||||||
|
echo "Can't start Nextcloud because upgrading from $installed_version to $image_version is not supported."
|
||||||
|
echo "It is only possible to upgrade one major version at a time. For example, if you want to upgrade from version 14 to 16, you will have to upgrade from version 14 to 15, then from 15 to 16."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "Upgrading nextcloud from $installed_version ..."
|
||||||
|
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_before
|
||||||
|
fi
|
||||||
|
if [ "$(id -u)" = 0 ]; then
|
||||||
|
rsync_options="-rlDog --chown $user:$group"
|
||||||
|
else
|
||||||
|
rsync_options="-rlD"
|
||||||
|
fi
|
||||||
|
|
||||||
|
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/
|
||||||
|
for dir in config data custom_apps themes; do
|
||||||
|
if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then
|
||||||
|
rsync $rsync_options --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
rsync $rsync_options --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||||
|
|
||||||
|
# Install
|
||||||
|
if [ "$installed_version" = "0.0.0.0" ]; then
|
||||||
|
echo "New nextcloud instance"
|
||||||
|
|
||||||
|
file_env NEXTCLOUD_ADMIN_PASSWORD
|
||||||
|
file_env NEXTCLOUD_ADMIN_USER
|
||||||
|
|
||||||
|
install=false
|
||||||
|
if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"'
|
||||||
|
if [ -n "${NEXTCLOUD_DATA_DIR+x}" ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"'
|
||||||
|
fi
|
||||||
|
|
||||||
|
file_env MYSQL_DATABASE
|
||||||
|
file_env MYSQL_PASSWORD
|
||||||
|
file_env MYSQL_USER
|
||||||
|
file_env POSTGRES_DB
|
||||||
|
file_env POSTGRES_PASSWORD
|
||||||
|
file_env POSTGRES_USER
|
||||||
|
|
||||||
|
if [ -n "${SQLITE_DATABASE+x}" ]; then
|
||||||
|
echo "Installing with SQLite database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database-name "$SQLITE_DATABASE"'
|
||||||
|
install=true
|
||||||
|
elif [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ]; then
|
||||||
|
echo "Installing with MySQL database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database mysql --database-name "$MYSQL_DATABASE" --database-user "$MYSQL_USER" --database-pass "$MYSQL_PASSWORD" --database-host "$MYSQL_HOST"'
|
||||||
|
install=true
|
||||||
|
elif [ -n "${POSTGRES_DB+x}" ] && [ -n "${POSTGRES_USER+x}" ] && [ -n "${POSTGRES_PASSWORD+x}" ] && [ -n "${POSTGRES_HOST+x}" ]; then
|
||||||
|
echo "Installing with PostgreSQL database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST"'
|
||||||
|
install=true
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$install" = true ]; then
|
||||||
|
run_path pre-installation
|
||||||
|
|
||||||
|
echo "Starting nextcloud installation"
|
||||||
|
max_retries=10
|
||||||
|
try=0
|
||||||
|
until [ "$try" -gt "$max_retries" ] || run_as "php /var/www/html/occ maintenance:install $install_options"
|
||||||
|
do
|
||||||
|
echo "Retrying install..."
|
||||||
|
try=$((try+1))
|
||||||
|
sleep 10s
|
||||||
|
done
|
||||||
|
if [ "$try" -gt "$max_retries" ]; then
|
||||||
|
echo "Installing of nextcloud failed!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ -n "${NEXTCLOUD_TRUSTED_DOMAINS+x}" ]; then
|
||||||
|
echo "Setting trusted domains…"
|
||||||
|
NC_TRUSTED_DOMAIN_IDX=1
|
||||||
|
for DOMAIN in $NEXTCLOUD_TRUSTED_DOMAINS ; do
|
||||||
|
DOMAIN=$(echo "$DOMAIN" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
|
||||||
|
run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=$DOMAIN"
|
||||||
|
NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
run_path post-installation
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
# not enough specified to do a fully automated installation
|
||||||
|
if [ "$install" = false ]; then
|
||||||
|
echo "Next step: Access your instance to finish the web-based installation!"
|
||||||
|
echo "Hint: You can specify NEXTCLOUD_ADMIN_USER and NEXTCLOUD_ADMIN_PASSWORD and the database variables _prior to first launch_ to fully automate initial installation."
|
||||||
|
fi
|
||||||
|
# Upgrade
|
||||||
|
else
|
||||||
|
run_path pre-upgrade
|
||||||
|
|
||||||
|
run_as 'php /var/www/html/occ upgrade'
|
||||||
|
|
||||||
|
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_after
|
||||||
|
echo "The following apps have been disabled:"
|
||||||
|
diff /tmp/list_before /tmp/list_after | grep '<' | cut -d- -f2 | cut -d: -f1
|
||||||
|
rm -f /tmp/list_before /tmp/list_after
|
||||||
|
|
||||||
|
run_path post-upgrade
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Initializing finished"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Update htaccess after init if requested
|
||||||
|
if [ -n "${NEXTCLOUD_INIT_HTACCESS+x}" ] && [ "$installed_version" != "0.0.0.0" ]; then
|
||||||
|
run_as 'php /var/www/html/occ maintenance:update:htaccess'
|
||||||
|
fi
|
||||||
|
) 9> /var/www/html/nextcloud-init-sync.lock
|
||||||
|
|
||||||
|
# warn if config files on persistent storage differ from the latest version of this image
|
||||||
|
for cfgPath in /usr/src/nextcloud/config/*.php; do
|
||||||
|
cfgFile=$(basename "$cfgPath")
|
||||||
|
|
||||||
|
if [ "$cfgFile" != "config.sample.php" ]; then
|
||||||
|
if ! cmp -s "/usr/src/nextcloud/config/$cfgFile" "/var/www/html/config/$cfgFile"; then
|
||||||
|
echo "Warning: /var/www/html/config/$cfgFile differs from the latest version of this image at /usr/src/nextcloud/config/$cfgFile"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
run_path before-starting
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec "$@"
|
6
30/apache/upgrade.exclude
Normal file
6
30/apache/upgrade.exclude
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
/config/
|
||||||
|
/data/
|
||||||
|
/custom_apps/
|
||||||
|
/themes/
|
||||||
|
/version.php
|
||||||
|
/nextcloud-init-sync.lock
|
150
30/fpm-alpine/Dockerfile
Normal file
150
30/fpm-alpine/Dockerfile
Normal file
|
@ -0,0 +1,150 @@
|
||||||
|
# DO NOT EDIT: created by update.sh from Dockerfile-alpine.template
|
||||||
|
FROM php:8.2-fpm-alpine3.20
|
||||||
|
|
||||||
|
# entrypoint.sh and cron.sh dependencies
|
||||||
|
RUN set -ex; \
|
||||||
|
\
|
||||||
|
apk add --no-cache \
|
||||||
|
imagemagick \
|
||||||
|
imagemagick-pdf \
|
||||||
|
imagemagick-jpeg \
|
||||||
|
imagemagick-raw \
|
||||||
|
imagemagick-tiff \
|
||||||
|
imagemagick-heic \
|
||||||
|
imagemagick-webp \
|
||||||
|
imagemagick-svg \
|
||||||
|
rsync \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
rm /var/spool/cron/crontabs/root; \
|
||||||
|
echo '*/5 * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data
|
||||||
|
|
||||||
|
# install the PHP extensions we need
|
||||||
|
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
||||||
|
RUN set -ex; \
|
||||||
|
\
|
||||||
|
apk add --no-cache --virtual .build-deps \
|
||||||
|
$PHPIZE_DEPS \
|
||||||
|
autoconf \
|
||||||
|
freetype-dev \
|
||||||
|
gmp-dev \
|
||||||
|
icu-dev \
|
||||||
|
imagemagick-dev \
|
||||||
|
libevent-dev \
|
||||||
|
libjpeg-turbo-dev \
|
||||||
|
libmcrypt-dev \
|
||||||
|
libmemcached-dev \
|
||||||
|
libpng-dev \
|
||||||
|
libwebp-dev \
|
||||||
|
libxml2-dev \
|
||||||
|
libzip-dev \
|
||||||
|
openldap-dev \
|
||||||
|
pcre-dev \
|
||||||
|
postgresql-dev \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
docker-php-ext-configure ftp --with-openssl-dir=/usr; \
|
||||||
|
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
|
||||||
|
docker-php-ext-configure ldap; \
|
||||||
|
docker-php-ext-install -j "$(nproc)" \
|
||||||
|
bcmath \
|
||||||
|
exif \
|
||||||
|
ftp \
|
||||||
|
gd \
|
||||||
|
gmp \
|
||||||
|
intl \
|
||||||
|
ldap \
|
||||||
|
opcache \
|
||||||
|
pcntl \
|
||||||
|
pdo_mysql \
|
||||||
|
pdo_pgsql \
|
||||||
|
sysvsem \
|
||||||
|
zip \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
# pecl will claim success even if one install fails, so we need to perform each install separately
|
||||||
|
pecl install APCu-5.1.23; \
|
||||||
|
pecl install imagick-3.7.0; \
|
||||||
|
pecl install memcached-3.2.0; \
|
||||||
|
pecl install redis-6.0.2; \
|
||||||
|
\
|
||||||
|
docker-php-ext-enable \
|
||||||
|
apcu \
|
||||||
|
imagick \
|
||||||
|
memcached \
|
||||||
|
redis \
|
||||||
|
; \
|
||||||
|
rm -r /tmp/pear; \
|
||||||
|
\
|
||||||
|
runDeps="$( \
|
||||||
|
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
|
||||||
|
| tr ',' '\n' \
|
||||||
|
| sort -u \
|
||||||
|
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
|
||||||
|
)"; \
|
||||||
|
apk add --no-network --virtual .nextcloud-phpext-rundeps $runDeps; \
|
||||||
|
apk del --no-network .build-deps
|
||||||
|
|
||||||
|
# set recommended PHP.ini settings
|
||||||
|
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||||
|
ENV PHP_MEMORY_LIMIT 512M
|
||||||
|
ENV PHP_UPLOAD_LIMIT 512M
|
||||||
|
RUN { \
|
||||||
|
echo 'opcache.enable=1'; \
|
||||||
|
echo 'opcache.interned_strings_buffer=32'; \
|
||||||
|
echo 'opcache.max_accelerated_files=10000'; \
|
||||||
|
echo 'opcache.memory_consumption=128'; \
|
||||||
|
echo 'opcache.save_comments=1'; \
|
||||||
|
echo 'opcache.revalidate_freq=60'; \
|
||||||
|
echo 'opcache.jit=1255'; \
|
||||||
|
echo 'opcache.jit_buffer_size=128M'; \
|
||||||
|
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||||
|
\
|
||||||
|
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||||
|
\
|
||||||
|
{ \
|
||||||
|
echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
|
||||||
|
echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
|
||||||
|
echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
|
||||||
|
} > "${PHP_INI_DIR}/conf.d/nextcloud.ini"; \
|
||||||
|
\
|
||||||
|
mkdir /var/www/data; \
|
||||||
|
mkdir -p /docker-entrypoint-hooks.d/pre-installation \
|
||||||
|
/docker-entrypoint-hooks.d/post-installation \
|
||||||
|
/docker-entrypoint-hooks.d/pre-upgrade \
|
||||||
|
/docker-entrypoint-hooks.d/post-upgrade \
|
||||||
|
/docker-entrypoint-hooks.d/before-starting; \
|
||||||
|
chown -R www-data:root /var/www; \
|
||||||
|
chmod -R g=u /var/www
|
||||||
|
|
||||||
|
VOLUME /var/www/html
|
||||||
|
|
||||||
|
|
||||||
|
ENV NEXTCLOUD_VERSION 30.0.0
|
||||||
|
|
||||||
|
RUN set -ex; \
|
||||||
|
apk add --no-cache --virtual .fetch-deps \
|
||||||
|
bzip2 \
|
||||||
|
gnupg \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2"; \
|
||||||
|
curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc"; \
|
||||||
|
export GNUPGHOME="$(mktemp -d)"; \
|
||||||
|
# gpg key from https://nextcloud.com/nextcloud.asc
|
||||||
|
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \
|
||||||
|
gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||||
|
tar -xjf nextcloud.tar.bz2 -C /usr/src/; \
|
||||||
|
gpgconf --kill all; \
|
||||||
|
rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||||
|
rm -rf "$GNUPGHOME" /usr/src/nextcloud/updater; \
|
||||||
|
mkdir -p /usr/src/nextcloud/data; \
|
||||||
|
mkdir -p /usr/src/nextcloud/custom_apps; \
|
||||||
|
chmod +x /usr/src/nextcloud/occ; \
|
||||||
|
apk del --no-network .fetch-deps
|
||||||
|
|
||||||
|
COPY *.sh upgrade.exclude /
|
||||||
|
COPY config/* /usr/src/nextcloud/config/
|
||||||
|
|
||||||
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
|
CMD ["php-fpm"]
|
4
30/fpm-alpine/config/apcu.config.php
Normal file
4
30/fpm-alpine/config/apcu.config.php
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'memcache.local' => '\OC\Memcache\APCu',
|
||||||
|
);
|
15
30/fpm-alpine/config/apps.config.php
Normal file
15
30/fpm-alpine/config/apps.config.php
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'apps_paths' => array (
|
||||||
|
0 => array (
|
||||||
|
'path' => OC::$SERVERROOT.'/apps',
|
||||||
|
'url' => '/apps',
|
||||||
|
'writable' => false,
|
||||||
|
),
|
||||||
|
1 => array (
|
||||||
|
'path' => OC::$SERVERROOT.'/custom_apps',
|
||||||
|
'url' => '/custom_apps',
|
||||||
|
'writable' => true,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
41
30/fpm-alpine/config/autoconfig.php
Normal file
41
30/fpm-alpine/config/autoconfig.php
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
$autoconfig_enabled = false;
|
||||||
|
|
||||||
|
if (getenv('SQLITE_DATABASE')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'sqlite';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||||
|
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
|
||||||
|
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
|
||||||
|
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
|
||||||
|
$AUTOCONFIG['dbuser'] = getenv('MYSQL_USER');
|
||||||
|
$AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||||
|
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
|
||||||
|
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
|
||||||
|
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');
|
||||||
|
$AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER');
|
||||||
|
$AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD');
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($autoconfig_enabled) {
|
||||||
|
$AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
|
||||||
|
}
|
17
30/fpm-alpine/config/redis.config.php
Normal file
17
30/fpm-alpine/config/redis.config.php
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('REDIS_HOST')) {
|
||||||
|
$CONFIG = array(
|
||||||
|
'memcache.distributed' => '\OC\Memcache\Redis',
|
||||||
|
'memcache.locking' => '\OC\Memcache\Redis',
|
||||||
|
'redis' => array(
|
||||||
|
'host' => getenv('REDIS_HOST'),
|
||||||
|
'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('REDIS_HOST_PORT') !== false) {
|
||||||
|
$CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
|
||||||
|
} elseif (getenv('REDIS_HOST')[0] != '/') {
|
||||||
|
$CONFIG['redis']['port'] = 6379;
|
||||||
|
}
|
||||||
|
}
|
30
30/fpm-alpine/config/reverse-proxy.config.php
Normal file
30
30/fpm-alpine/config/reverse-proxy.config.php
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
<?php
|
||||||
|
$overwriteHost = getenv('OVERWRITEHOST');
|
||||||
|
if ($overwriteHost) {
|
||||||
|
$CONFIG['overwritehost'] = $overwriteHost;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
|
||||||
|
if ($overwriteProtocol) {
|
||||||
|
$CONFIG['overwriteprotocol'] = $overwriteProtocol;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteCliUrl = getenv('OVERWRITECLIURL');
|
||||||
|
if ($overwriteCliUrl) {
|
||||||
|
$CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
|
||||||
|
if ($overwriteWebRoot) {
|
||||||
|
$CONFIG['overwritewebroot'] = $overwriteWebRoot;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteCondAddr = getenv('OVERWRITECONDADDR');
|
||||||
|
if ($overwriteCondAddr) {
|
||||||
|
$CONFIG['overwritecondaddr'] = $overwriteCondAddr;
|
||||||
|
}
|
||||||
|
|
||||||
|
$trustedProxies = getenv('TRUSTED_PROXIES');
|
||||||
|
if ($trustedProxies) {
|
||||||
|
$CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
|
||||||
|
}
|
48
30/fpm-alpine/config/s3.config.php
Normal file
48
30/fpm-alpine/config/s3.config.php
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('OBJECTSTORE_S3_BUCKET')) {
|
||||||
|
$use_ssl = getenv('OBJECTSTORE_S3_SSL');
|
||||||
|
$use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
|
||||||
|
$use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
|
||||||
|
$autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
|
||||||
|
$CONFIG = array(
|
||||||
|
'objectstore' => array(
|
||||||
|
'class' => '\OC\Files\ObjectStore\S3',
|
||||||
|
'arguments' => array(
|
||||||
|
'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
|
||||||
|
'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
|
||||||
|
'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
|
||||||
|
'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
|
||||||
|
'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
|
||||||
|
'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
|
||||||
|
'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
|
||||||
|
'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
|
||||||
|
// required for some non Amazon S3 implementations
|
||||||
|
'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
|
||||||
|
// required for older protocol versions
|
||||||
|
'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_KEY')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
|
||||||
|
} else {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_SECRET')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
|
||||||
|
} else {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
|
||||||
|
}
|
||||||
|
}
|
22
30/fpm-alpine/config/smtp.config.php
Normal file
22
30/fpm-alpine/config/smtp.config.php
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
|
||||||
|
$CONFIG = array (
|
||||||
|
'mail_smtpmode' => 'smtp',
|
||||||
|
'mail_smtphost' => getenv('SMTP_HOST'),
|
||||||
|
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
|
||||||
|
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
|
||||||
|
'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
|
||||||
|
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
|
||||||
|
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
|
||||||
|
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
|
||||||
|
'mail_domain' => getenv('MAIL_DOMAIN'),
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('SMTP_PASSWORD_FILE')) {
|
||||||
|
$CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
|
||||||
|
} elseif (getenv('SMTP_PASSWORD')) {
|
||||||
|
$CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
|
||||||
|
} else {
|
||||||
|
$CONFIG['mail_smtppassword'] = '';
|
||||||
|
}
|
||||||
|
}
|
31
30/fpm-alpine/config/swift.config.php
Normal file
31
30/fpm-alpine/config/swift.config.php
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('OBJECTSTORE_SWIFT_URL')) {
|
||||||
|
$autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
|
||||||
|
$CONFIG = array(
|
||||||
|
'objectstore' => [
|
||||||
|
'class' => 'OC\\Files\\ObjectStore\\Swift',
|
||||||
|
'arguments' => [
|
||||||
|
'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
|
||||||
|
'user' => [
|
||||||
|
'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
|
||||||
|
'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
|
||||||
|
'domain' => [
|
||||||
|
'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'scope' => [
|
||||||
|
'project' => [
|
||||||
|
'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
|
||||||
|
'domain' => [
|
||||||
|
'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
|
||||||
|
'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
|
||||||
|
'url' => getenv('OBJECTSTORE_SWIFT_URL'),
|
||||||
|
'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
|
||||||
|
]
|
||||||
|
]
|
||||||
|
);
|
||||||
|
}
|
4
30/fpm-alpine/config/upgrade-disable-web.config.php
Normal file
4
30/fpm-alpine/config/upgrade-disable-web.config.php
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'upgrade.disable-web' => true,
|
||||||
|
);
|
4
30/fpm-alpine/cron.sh
Executable file
4
30/fpm-alpine/cron.sh
Executable file
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
exec busybox crond -f -L /dev/stdout
|
293
30/fpm-alpine/entrypoint.sh
Executable file
293
30/fpm-alpine/entrypoint.sh
Executable file
|
@ -0,0 +1,293 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
# version_greater A B returns whether A > B
|
||||||
|
version_greater() {
|
||||||
|
[ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
# return true if specified directory is empty
|
||||||
|
directory_empty() {
|
||||||
|
[ -z "$(ls -A "$1/")" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
run_as() {
|
||||||
|
if [ "$(id -u)" = 0 ]; then
|
||||||
|
su -p "$user" -s /bin/sh -c "$1"
|
||||||
|
else
|
||||||
|
sh -c "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Execute all executable files in a given directory in alphanumeric order
|
||||||
|
run_path() {
|
||||||
|
local hook_folder_path="/docker-entrypoint-hooks.d/$1"
|
||||||
|
local return_code=0
|
||||||
|
|
||||||
|
if ! [ -d "${hook_folder_path}" ]; then
|
||||||
|
echo "=> Skipping the folder \"${hook_folder_path}\", because it doesn't exist"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "=> Searching for scripts (*.sh) to run, located in the folder: ${hook_folder_path}"
|
||||||
|
|
||||||
|
(
|
||||||
|
find "${hook_folder_path}" -maxdepth 1 -iname '*.sh' '(' -type f -o -type l ')' -print | sort | while read -r script_file_path; do
|
||||||
|
if ! [ -x "${script_file_path}" ]; then
|
||||||
|
echo "==> The script \"${script_file_path}\" was skipped, because it didn't have the executable flag"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "==> Running the script (cwd: $(pwd)): \"${script_file_path}\""
|
||||||
|
|
||||||
|
run_as "${script_file_path}" || return_code="$?"
|
||||||
|
|
||||||
|
if [ "${return_code}" -ne "0" ]; then
|
||||||
|
echo "==> Failed at executing \"${script_file_path}\". Exit code: ${return_code}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "==> Finished the script: \"${script_file_path}\""
|
||||||
|
done
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: file_env VAR [DEFAULT]
|
||||||
|
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||||
|
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||||
|
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||||
|
file_env() {
|
||||||
|
local var="$1"
|
||||||
|
local fileVar="${var}_FILE"
|
||||||
|
local def="${2:-}"
|
||||||
|
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
|
||||||
|
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
|
||||||
|
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
|
||||||
|
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ -n "${varValue}" ]; then
|
||||||
|
export "$var"="${varValue}"
|
||||||
|
elif [ -n "${fileVarValue}" ]; then
|
||||||
|
export "$var"="$(cat "${fileVarValue}")"
|
||||||
|
elif [ -n "${def}" ]; then
|
||||||
|
export "$var"="$def"
|
||||||
|
fi
|
||||||
|
unset "$fileVar"
|
||||||
|
}
|
||||||
|
|
||||||
|
if expr "$1" : "apache" 1>/dev/null; then
|
||||||
|
if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then
|
||||||
|
a2disconf remoteip
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
|
||||||
|
uid="$(id -u)"
|
||||||
|
gid="$(id -g)"
|
||||||
|
if [ "$uid" = '0' ]; then
|
||||||
|
case "$1" in
|
||||||
|
apache2*)
|
||||||
|
user="${APACHE_RUN_USER:-www-data}"
|
||||||
|
group="${APACHE_RUN_GROUP:-www-data}"
|
||||||
|
|
||||||
|
# strip off any '#' symbol ('#1000' is valid syntax for Apache)
|
||||||
|
user="${user#'#'}"
|
||||||
|
group="${group#'#'}"
|
||||||
|
;;
|
||||||
|
*) # php-fpm
|
||||||
|
user='www-data'
|
||||||
|
group='www-data'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
else
|
||||||
|
user="$uid"
|
||||||
|
group="$gid"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "${REDIS_HOST+x}" ]; then
|
||||||
|
|
||||||
|
echo "Configuring Redis as session handler"
|
||||||
|
{
|
||||||
|
file_env REDIS_HOST_PASSWORD
|
||||||
|
echo 'session.save_handler = redis'
|
||||||
|
# check if redis host is an unix socket path
|
||||||
|
if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then
|
||||||
|
if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||||
|
echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\""
|
||||||
|
else
|
||||||
|
echo "session.save_path = \"unix://${REDIS_HOST}\""
|
||||||
|
fi
|
||||||
|
# check if redis password has been set
|
||||||
|
elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||||
|
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\""
|
||||||
|
else
|
||||||
|
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\""
|
||||||
|
fi
|
||||||
|
echo "redis.session.locking_enabled = 1"
|
||||||
|
echo "redis.session.lock_retries = -1"
|
||||||
|
# redis.session.lock_wait_time is specified in microseconds.
|
||||||
|
# Wait 10ms before retrying the lock rather than the default 2ms.
|
||||||
|
echo "redis.session.lock_wait_time = 10000"
|
||||||
|
} > /usr/local/etc/php/conf.d/redis-session.ini
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If another process is syncing the html folder, wait for
|
||||||
|
# it to be done, then escape initalization.
|
||||||
|
(
|
||||||
|
if ! flock -n 9; then
|
||||||
|
# If we couldn't get it immediately, show a message, then wait for real
|
||||||
|
echo "Another process is initializing Nextcloud. Waiting..."
|
||||||
|
flock 9
|
||||||
|
fi
|
||||||
|
|
||||||
|
installed_version="0.0.0.0"
|
||||||
|
if [ -f /var/www/html/version.php ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
|
||||||
|
fi
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')"
|
||||||
|
|
||||||
|
if version_greater "$installed_version" "$image_version"; then
|
||||||
|
echo "Can't start Nextcloud because the version of the data ($installed_version) is higher than the docker image version ($image_version) and downgrading is not supported. Are you sure you have pulled the newest image version?"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if version_greater "$image_version" "$installed_version"; then
|
||||||
|
echo "Initializing nextcloud $image_version ..."
|
||||||
|
if [ "$installed_version" != "0.0.0.0" ]; then
|
||||||
|
if [ "${image_version%%.*}" -gt "$((${installed_version%%.*} + 1))" ]; then
|
||||||
|
echo "Can't start Nextcloud because upgrading from $installed_version to $image_version is not supported."
|
||||||
|
echo "It is only possible to upgrade one major version at a time. For example, if you want to upgrade from version 14 to 16, you will have to upgrade from version 14 to 15, then from 15 to 16."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "Upgrading nextcloud from $installed_version ..."
|
||||||
|
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_before
|
||||||
|
fi
|
||||||
|
if [ "$(id -u)" = 0 ]; then
|
||||||
|
rsync_options="-rlDog --chown $user:$group"
|
||||||
|
else
|
||||||
|
rsync_options="-rlD"
|
||||||
|
fi
|
||||||
|
|
||||||
|
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/
|
||||||
|
for dir in config data custom_apps themes; do
|
||||||
|
if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then
|
||||||
|
rsync $rsync_options --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
rsync $rsync_options --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||||
|
|
||||||
|
# Install
|
||||||
|
if [ "$installed_version" = "0.0.0.0" ]; then
|
||||||
|
echo "New nextcloud instance"
|
||||||
|
|
||||||
|
file_env NEXTCLOUD_ADMIN_PASSWORD
|
||||||
|
file_env NEXTCLOUD_ADMIN_USER
|
||||||
|
|
||||||
|
install=false
|
||||||
|
if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"'
|
||||||
|
if [ -n "${NEXTCLOUD_DATA_DIR+x}" ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"'
|
||||||
|
fi
|
||||||
|
|
||||||
|
file_env MYSQL_DATABASE
|
||||||
|
file_env MYSQL_PASSWORD
|
||||||
|
file_env MYSQL_USER
|
||||||
|
file_env POSTGRES_DB
|
||||||
|
file_env POSTGRES_PASSWORD
|
||||||
|
file_env POSTGRES_USER
|
||||||
|
|
||||||
|
if [ -n "${SQLITE_DATABASE+x}" ]; then
|
||||||
|
echo "Installing with SQLite database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database-name "$SQLITE_DATABASE"'
|
||||||
|
install=true
|
||||||
|
elif [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ]; then
|
||||||
|
echo "Installing with MySQL database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database mysql --database-name "$MYSQL_DATABASE" --database-user "$MYSQL_USER" --database-pass "$MYSQL_PASSWORD" --database-host "$MYSQL_HOST"'
|
||||||
|
install=true
|
||||||
|
elif [ -n "${POSTGRES_DB+x}" ] && [ -n "${POSTGRES_USER+x}" ] && [ -n "${POSTGRES_PASSWORD+x}" ] && [ -n "${POSTGRES_HOST+x}" ]; then
|
||||||
|
echo "Installing with PostgreSQL database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST"'
|
||||||
|
install=true
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$install" = true ]; then
|
||||||
|
run_path pre-installation
|
||||||
|
|
||||||
|
echo "Starting nextcloud installation"
|
||||||
|
max_retries=10
|
||||||
|
try=0
|
||||||
|
until [ "$try" -gt "$max_retries" ] || run_as "php /var/www/html/occ maintenance:install $install_options"
|
||||||
|
do
|
||||||
|
echo "Retrying install..."
|
||||||
|
try=$((try+1))
|
||||||
|
sleep 10s
|
||||||
|
done
|
||||||
|
if [ "$try" -gt "$max_retries" ]; then
|
||||||
|
echo "Installing of nextcloud failed!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ -n "${NEXTCLOUD_TRUSTED_DOMAINS+x}" ]; then
|
||||||
|
echo "Setting trusted domains…"
|
||||||
|
NC_TRUSTED_DOMAIN_IDX=1
|
||||||
|
for DOMAIN in $NEXTCLOUD_TRUSTED_DOMAINS ; do
|
||||||
|
DOMAIN=$(echo "$DOMAIN" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
|
||||||
|
run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=$DOMAIN"
|
||||||
|
NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
run_path post-installation
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
# not enough specified to do a fully automated installation
|
||||||
|
if [ "$install" = false ]; then
|
||||||
|
echo "Next step: Access your instance to finish the web-based installation!"
|
||||||
|
echo "Hint: You can specify NEXTCLOUD_ADMIN_USER and NEXTCLOUD_ADMIN_PASSWORD and the database variables _prior to first launch_ to fully automate initial installation."
|
||||||
|
fi
|
||||||
|
# Upgrade
|
||||||
|
else
|
||||||
|
run_path pre-upgrade
|
||||||
|
|
||||||
|
run_as 'php /var/www/html/occ upgrade'
|
||||||
|
|
||||||
|
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_after
|
||||||
|
echo "The following apps have been disabled:"
|
||||||
|
diff /tmp/list_before /tmp/list_after | grep '<' | cut -d- -f2 | cut -d: -f1
|
||||||
|
rm -f /tmp/list_before /tmp/list_after
|
||||||
|
|
||||||
|
run_path post-upgrade
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Initializing finished"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Update htaccess after init if requested
|
||||||
|
if [ -n "${NEXTCLOUD_INIT_HTACCESS+x}" ] && [ "$installed_version" != "0.0.0.0" ]; then
|
||||||
|
run_as 'php /var/www/html/occ maintenance:update:htaccess'
|
||||||
|
fi
|
||||||
|
) 9> /var/www/html/nextcloud-init-sync.lock
|
||||||
|
|
||||||
|
# warn if config files on persistent storage differ from the latest version of this image
|
||||||
|
for cfgPath in /usr/src/nextcloud/config/*.php; do
|
||||||
|
cfgFile=$(basename "$cfgPath")
|
||||||
|
|
||||||
|
if [ "$cfgFile" != "config.sample.php" ]; then
|
||||||
|
if ! cmp -s "/usr/src/nextcloud/config/$cfgFile" "/var/www/html/config/$cfgFile"; then
|
||||||
|
echo "Warning: /var/www/html/config/$cfgFile differs from the latest version of this image at /usr/src/nextcloud/config/$cfgFile"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
run_path before-starting
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec "$@"
|
6
30/fpm-alpine/upgrade.exclude
Normal file
6
30/fpm-alpine/upgrade.exclude
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
/config/
|
||||||
|
/data/
|
||||||
|
/custom_apps/
|
||||||
|
/themes/
|
||||||
|
/version.php
|
||||||
|
/nextcloud-init-sync.lock
|
159
30/fpm/Dockerfile
Normal file
159
30/fpm/Dockerfile
Normal file
|
@ -0,0 +1,159 @@
|
||||||
|
# DO NOT EDIT: created by update.sh from Dockerfile-debian.template
|
||||||
|
FROM php:8.2-fpm-bookworm
|
||||||
|
|
||||||
|
# entrypoint.sh and cron.sh dependencies
|
||||||
|
RUN set -ex; \
|
||||||
|
\
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends \
|
||||||
|
busybox-static \
|
||||||
|
bzip2 \
|
||||||
|
libldap-common \
|
||||||
|
libmagickcore-6.q16-6-extra \
|
||||||
|
rsync \
|
||||||
|
; \
|
||||||
|
rm -rf /var/lib/apt/lists/*; \
|
||||||
|
\
|
||||||
|
mkdir -p /var/spool/cron/crontabs; \
|
||||||
|
echo '*/5 * * * * php -f /var/www/html/cron.php' > /var/spool/cron/crontabs/www-data
|
||||||
|
|
||||||
|
# install the PHP extensions we need
|
||||||
|
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
||||||
|
ENV PHP_MEMORY_LIMIT 512M
|
||||||
|
ENV PHP_UPLOAD_LIMIT 512M
|
||||||
|
RUN set -ex; \
|
||||||
|
\
|
||||||
|
savedAptMark="$(apt-mark showmanual)"; \
|
||||||
|
\
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends \
|
||||||
|
libcurl4-openssl-dev \
|
||||||
|
libevent-dev \
|
||||||
|
libfreetype6-dev \
|
||||||
|
libgmp-dev \
|
||||||
|
libicu-dev \
|
||||||
|
libjpeg-dev \
|
||||||
|
libldap2-dev \
|
||||||
|
libmagickwand-dev \
|
||||||
|
libmcrypt-dev \
|
||||||
|
libmemcached-dev \
|
||||||
|
libpng-dev \
|
||||||
|
libpq-dev \
|
||||||
|
libwebp-dev \
|
||||||
|
libxml2-dev \
|
||||||
|
libzip-dev \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \
|
||||||
|
docker-php-ext-configure ftp --with-openssl-dir=/usr; \
|
||||||
|
docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \
|
||||||
|
docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \
|
||||||
|
docker-php-ext-install -j "$(nproc)" \
|
||||||
|
bcmath \
|
||||||
|
exif \
|
||||||
|
ftp \
|
||||||
|
gd \
|
||||||
|
gmp \
|
||||||
|
intl \
|
||||||
|
ldap \
|
||||||
|
opcache \
|
||||||
|
pcntl \
|
||||||
|
pdo_mysql \
|
||||||
|
pdo_pgsql \
|
||||||
|
sysvsem \
|
||||||
|
zip \
|
||||||
|
; \
|
||||||
|
\
|
||||||
|
# pecl will claim success even if one install fails, so we need to perform each install separately
|
||||||
|
pecl install APCu-5.1.23; \
|
||||||
|
pecl install imagick-3.7.0; \
|
||||||
|
pecl install memcached-3.2.0; \
|
||||||
|
pecl install redis-6.0.2; \
|
||||||
|
\
|
||||||
|
docker-php-ext-enable \
|
||||||
|
apcu \
|
||||||
|
imagick \
|
||||||
|
memcached \
|
||||||
|
redis \
|
||||||
|
; \
|
||||||
|
rm -r /tmp/pear; \
|
||||||
|
\
|
||||||
|
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
|
||||||
|
apt-mark auto '.*' > /dev/null; \
|
||||||
|
apt-mark manual $savedAptMark; \
|
||||||
|
ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \
|
||||||
|
| awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); print so }' \
|
||||||
|
| sort -u \
|
||||||
|
| xargs -r dpkg-query --search \
|
||||||
|
| cut -d: -f1 \
|
||||||
|
| sort -u \
|
||||||
|
| xargs -rt apt-mark manual; \
|
||||||
|
\
|
||||||
|
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
# set recommended PHP.ini settings
|
||||||
|
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||||
|
RUN { \
|
||||||
|
echo 'opcache.enable=1'; \
|
||||||
|
echo 'opcache.interned_strings_buffer=32'; \
|
||||||
|
echo 'opcache.max_accelerated_files=10000'; \
|
||||||
|
echo 'opcache.memory_consumption=128'; \
|
||||||
|
echo 'opcache.save_comments=1'; \
|
||||||
|
echo 'opcache.revalidate_freq=60'; \
|
||||||
|
echo 'opcache.jit=1255'; \
|
||||||
|
echo 'opcache.jit_buffer_size=128M'; \
|
||||||
|
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||||
|
\
|
||||||
|
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||||
|
\
|
||||||
|
{ \
|
||||||
|
echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \
|
||||||
|
echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \
|
||||||
|
echo 'post_max_size=${PHP_UPLOAD_LIMIT}'; \
|
||||||
|
} > "${PHP_INI_DIR}/conf.d/nextcloud.ini"; \
|
||||||
|
\
|
||||||
|
mkdir /var/www/data; \
|
||||||
|
mkdir -p /docker-entrypoint-hooks.d/pre-installation \
|
||||||
|
/docker-entrypoint-hooks.d/post-installation \
|
||||||
|
/docker-entrypoint-hooks.d/pre-upgrade \
|
||||||
|
/docker-entrypoint-hooks.d/post-upgrade \
|
||||||
|
/docker-entrypoint-hooks.d/before-starting; \
|
||||||
|
chown -R www-data:root /var/www; \
|
||||||
|
chmod -R g=u /var/www
|
||||||
|
|
||||||
|
VOLUME /var/www/html
|
||||||
|
|
||||||
|
|
||||||
|
ENV NEXTCLOUD_VERSION 30.0.0
|
||||||
|
|
||||||
|
RUN set -ex; \
|
||||||
|
fetchDeps=" \
|
||||||
|
gnupg \
|
||||||
|
dirmngr \
|
||||||
|
"; \
|
||||||
|
apt-get update; \
|
||||||
|
apt-get install -y --no-install-recommends $fetchDeps; \
|
||||||
|
\
|
||||||
|
curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2"; \
|
||||||
|
curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc"; \
|
||||||
|
export GNUPGHOME="$(mktemp -d)"; \
|
||||||
|
# gpg key from https://nextcloud.com/nextcloud.asc
|
||||||
|
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \
|
||||||
|
gpg --batch --verify nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||||
|
tar -xjf nextcloud.tar.bz2 -C /usr/src/; \
|
||||||
|
gpgconf --kill all; \
|
||||||
|
rm nextcloud.tar.bz2.asc nextcloud.tar.bz2; \
|
||||||
|
rm -rf "$GNUPGHOME" /usr/src/nextcloud/updater; \
|
||||||
|
mkdir -p /usr/src/nextcloud/data; \
|
||||||
|
mkdir -p /usr/src/nextcloud/custom_apps; \
|
||||||
|
chmod +x /usr/src/nextcloud/occ; \
|
||||||
|
\
|
||||||
|
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps; \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
|
COPY *.sh upgrade.exclude /
|
||||||
|
COPY config/* /usr/src/nextcloud/config/
|
||||||
|
|
||||||
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
|
CMD ["php-fpm"]
|
4
30/fpm/config/apcu.config.php
Normal file
4
30/fpm/config/apcu.config.php
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'memcache.local' => '\OC\Memcache\APCu',
|
||||||
|
);
|
15
30/fpm/config/apps.config.php
Normal file
15
30/fpm/config/apps.config.php
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'apps_paths' => array (
|
||||||
|
0 => array (
|
||||||
|
'path' => OC::$SERVERROOT.'/apps',
|
||||||
|
'url' => '/apps',
|
||||||
|
'writable' => false,
|
||||||
|
),
|
||||||
|
1 => array (
|
||||||
|
'path' => OC::$SERVERROOT.'/custom_apps',
|
||||||
|
'url' => '/custom_apps',
|
||||||
|
'writable' => true,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
41
30/fpm/config/autoconfig.php
Normal file
41
30/fpm/config/autoconfig.php
Normal file
|
@ -0,0 +1,41 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
$autoconfig_enabled = false;
|
||||||
|
|
||||||
|
if (getenv('SQLITE_DATABASE')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'sqlite';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||||
|
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
|
||||||
|
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
|
||||||
|
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'mysql';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
|
||||||
|
$AUTOCONFIG['dbuser'] = getenv('MYSQL_USER');
|
||||||
|
$AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||||
|
$AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
|
||||||
|
$AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
|
||||||
|
$AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
} elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
|
||||||
|
$AUTOCONFIG['dbtype'] = 'pgsql';
|
||||||
|
$AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');
|
||||||
|
$AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER');
|
||||||
|
$AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD');
|
||||||
|
$AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
|
||||||
|
$autoconfig_enabled = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($autoconfig_enabled) {
|
||||||
|
$AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
|
||||||
|
}
|
17
30/fpm/config/redis.config.php
Normal file
17
30/fpm/config/redis.config.php
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('REDIS_HOST')) {
|
||||||
|
$CONFIG = array(
|
||||||
|
'memcache.distributed' => '\OC\Memcache\Redis',
|
||||||
|
'memcache.locking' => '\OC\Memcache\Redis',
|
||||||
|
'redis' => array(
|
||||||
|
'host' => getenv('REDIS_HOST'),
|
||||||
|
'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('REDIS_HOST_PORT') !== false) {
|
||||||
|
$CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
|
||||||
|
} elseif (getenv('REDIS_HOST')[0] != '/') {
|
||||||
|
$CONFIG['redis']['port'] = 6379;
|
||||||
|
}
|
||||||
|
}
|
30
30/fpm/config/reverse-proxy.config.php
Normal file
30
30/fpm/config/reverse-proxy.config.php
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
<?php
|
||||||
|
$overwriteHost = getenv('OVERWRITEHOST');
|
||||||
|
if ($overwriteHost) {
|
||||||
|
$CONFIG['overwritehost'] = $overwriteHost;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteProtocol = getenv('OVERWRITEPROTOCOL');
|
||||||
|
if ($overwriteProtocol) {
|
||||||
|
$CONFIG['overwriteprotocol'] = $overwriteProtocol;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteCliUrl = getenv('OVERWRITECLIURL');
|
||||||
|
if ($overwriteCliUrl) {
|
||||||
|
$CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteWebRoot = getenv('OVERWRITEWEBROOT');
|
||||||
|
if ($overwriteWebRoot) {
|
||||||
|
$CONFIG['overwritewebroot'] = $overwriteWebRoot;
|
||||||
|
}
|
||||||
|
|
||||||
|
$overwriteCondAddr = getenv('OVERWRITECONDADDR');
|
||||||
|
if ($overwriteCondAddr) {
|
||||||
|
$CONFIG['overwritecondaddr'] = $overwriteCondAddr;
|
||||||
|
}
|
||||||
|
|
||||||
|
$trustedProxies = getenv('TRUSTED_PROXIES');
|
||||||
|
if ($trustedProxies) {
|
||||||
|
$CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
|
||||||
|
}
|
48
30/fpm/config/s3.config.php
Normal file
48
30/fpm/config/s3.config.php
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('OBJECTSTORE_S3_BUCKET')) {
|
||||||
|
$use_ssl = getenv('OBJECTSTORE_S3_SSL');
|
||||||
|
$use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
|
||||||
|
$use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
|
||||||
|
$autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
|
||||||
|
$CONFIG = array(
|
||||||
|
'objectstore' => array(
|
||||||
|
'class' => '\OC\Files\ObjectStore\S3',
|
||||||
|
'arguments' => array(
|
||||||
|
'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
|
||||||
|
'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
|
||||||
|
'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
|
||||||
|
'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
|
||||||
|
'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
|
||||||
|
'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
|
||||||
|
'autocreate' => (strtolower($autocreate) === 'false' || $autocreate == false) ? false : true,
|
||||||
|
'use_ssl' => (strtolower($use_ssl) === 'false' || $use_ssl == false) ? false : true,
|
||||||
|
// required for some non Amazon S3 implementations
|
||||||
|
'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
|
||||||
|
// required for older protocol versions
|
||||||
|
'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_KEY')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
|
||||||
|
} else {
|
||||||
|
$CONFIG['objectstore']['arguments']['key'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_SECRET')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
|
||||||
|
} else {
|
||||||
|
$CONFIG['objectstore']['arguments']['secret'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
|
||||||
|
} elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
|
||||||
|
$CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
|
||||||
|
}
|
||||||
|
}
|
22
30/fpm/config/smtp.config.php
Normal file
22
30/fpm/config/smtp.config.php
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
|
||||||
|
$CONFIG = array (
|
||||||
|
'mail_smtpmode' => 'smtp',
|
||||||
|
'mail_smtphost' => getenv('SMTP_HOST'),
|
||||||
|
'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
|
||||||
|
'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
|
||||||
|
'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
|
||||||
|
'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
|
||||||
|
'mail_smtpname' => getenv('SMTP_NAME') ?: '',
|
||||||
|
'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
|
||||||
|
'mail_domain' => getenv('MAIL_DOMAIN'),
|
||||||
|
);
|
||||||
|
|
||||||
|
if (getenv('SMTP_PASSWORD_FILE')) {
|
||||||
|
$CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
|
||||||
|
} elseif (getenv('SMTP_PASSWORD')) {
|
||||||
|
$CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
|
||||||
|
} else {
|
||||||
|
$CONFIG['mail_smtppassword'] = '';
|
||||||
|
}
|
||||||
|
}
|
31
30/fpm/config/swift.config.php
Normal file
31
30/fpm/config/swift.config.php
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
<?php
|
||||||
|
if (getenv('OBJECTSTORE_SWIFT_URL')) {
|
||||||
|
$autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
|
||||||
|
$CONFIG = array(
|
||||||
|
'objectstore' => [
|
||||||
|
'class' => 'OC\\Files\\ObjectStore\\Swift',
|
||||||
|
'arguments' => [
|
||||||
|
'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
|
||||||
|
'user' => [
|
||||||
|
'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
|
||||||
|
'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
|
||||||
|
'domain' => [
|
||||||
|
'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'scope' => [
|
||||||
|
'project' => [
|
||||||
|
'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
|
||||||
|
'domain' => [
|
||||||
|
'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
|
||||||
|
],
|
||||||
|
],
|
||||||
|
],
|
||||||
|
'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
|
||||||
|
'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
|
||||||
|
'url' => getenv('OBJECTSTORE_SWIFT_URL'),
|
||||||
|
'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
|
||||||
|
]
|
||||||
|
]
|
||||||
|
);
|
||||||
|
}
|
4
30/fpm/config/upgrade-disable-web.config.php
Normal file
4
30/fpm/config/upgrade-disable-web.config.php
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
<?php
|
||||||
|
$CONFIG = array (
|
||||||
|
'upgrade.disable-web' => true,
|
||||||
|
);
|
4
30/fpm/cron.sh
Executable file
4
30/fpm/cron.sh
Executable file
|
@ -0,0 +1,4 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
exec busybox crond -f -L /dev/stdout
|
293
30/fpm/entrypoint.sh
Executable file
293
30/fpm/entrypoint.sh
Executable file
|
@ -0,0 +1,293 @@
|
||||||
|
#!/bin/sh
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
# version_greater A B returns whether A > B
|
||||||
|
version_greater() {
|
||||||
|
[ "$(printf '%s\n' "$@" | sort -t '.' -n -k1,1 -k2,2 -k3,3 -k4,4 | head -n 1)" != "$1" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
# return true if specified directory is empty
|
||||||
|
directory_empty() {
|
||||||
|
[ -z "$(ls -A "$1/")" ]
|
||||||
|
}
|
||||||
|
|
||||||
|
run_as() {
|
||||||
|
if [ "$(id -u)" = 0 ]; then
|
||||||
|
su -p "$user" -s /bin/sh -c "$1"
|
||||||
|
else
|
||||||
|
sh -c "$1"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
# Execute all executable files in a given directory in alphanumeric order
|
||||||
|
run_path() {
|
||||||
|
local hook_folder_path="/docker-entrypoint-hooks.d/$1"
|
||||||
|
local return_code=0
|
||||||
|
|
||||||
|
if ! [ -d "${hook_folder_path}" ]; then
|
||||||
|
echo "=> Skipping the folder \"${hook_folder_path}\", because it doesn't exist"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "=> Searching for scripts (*.sh) to run, located in the folder: ${hook_folder_path}"
|
||||||
|
|
||||||
|
(
|
||||||
|
find "${hook_folder_path}" -maxdepth 1 -iname '*.sh' '(' -type f -o -type l ')' -print | sort | while read -r script_file_path; do
|
||||||
|
if ! [ -x "${script_file_path}" ]; then
|
||||||
|
echo "==> The script \"${script_file_path}\" was skipped, because it didn't have the executable flag"
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "==> Running the script (cwd: $(pwd)): \"${script_file_path}\""
|
||||||
|
|
||||||
|
run_as "${script_file_path}" || return_code="$?"
|
||||||
|
|
||||||
|
if [ "${return_code}" -ne "0" ]; then
|
||||||
|
echo "==> Failed at executing \"${script_file_path}\". Exit code: ${return_code}"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "==> Finished the script: \"${script_file_path}\""
|
||||||
|
done
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
# usage: file_env VAR [DEFAULT]
|
||||||
|
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||||
|
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||||
|
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||||
|
file_env() {
|
||||||
|
local var="$1"
|
||||||
|
local fileVar="${var}_FILE"
|
||||||
|
local def="${2:-}"
|
||||||
|
local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
|
||||||
|
local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
|
||||||
|
if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
|
||||||
|
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ -n "${varValue}" ]; then
|
||||||
|
export "$var"="${varValue}"
|
||||||
|
elif [ -n "${fileVarValue}" ]; then
|
||||||
|
export "$var"="$(cat "${fileVarValue}")"
|
||||||
|
elif [ -n "${def}" ]; then
|
||||||
|
export "$var"="$def"
|
||||||
|
fi
|
||||||
|
unset "$fileVar"
|
||||||
|
}
|
||||||
|
|
||||||
|
if expr "$1" : "apache" 1>/dev/null; then
|
||||||
|
if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then
|
||||||
|
a2disconf remoteip
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then
|
||||||
|
uid="$(id -u)"
|
||||||
|
gid="$(id -g)"
|
||||||
|
if [ "$uid" = '0' ]; then
|
||||||
|
case "$1" in
|
||||||
|
apache2*)
|
||||||
|
user="${APACHE_RUN_USER:-www-data}"
|
||||||
|
group="${APACHE_RUN_GROUP:-www-data}"
|
||||||
|
|
||||||
|
# strip off any '#' symbol ('#1000' is valid syntax for Apache)
|
||||||
|
user="${user#'#'}"
|
||||||
|
group="${group#'#'}"
|
||||||
|
;;
|
||||||
|
*) # php-fpm
|
||||||
|
user='www-data'
|
||||||
|
group='www-data'
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
else
|
||||||
|
user="$uid"
|
||||||
|
group="$gid"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -n "${REDIS_HOST+x}" ]; then
|
||||||
|
|
||||||
|
echo "Configuring Redis as session handler"
|
||||||
|
{
|
||||||
|
file_env REDIS_HOST_PASSWORD
|
||||||
|
echo 'session.save_handler = redis'
|
||||||
|
# check if redis host is an unix socket path
|
||||||
|
if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then
|
||||||
|
if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||||
|
echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\""
|
||||||
|
else
|
||||||
|
echo "session.save_path = \"unix://${REDIS_HOST}\""
|
||||||
|
fi
|
||||||
|
# check if redis password has been set
|
||||||
|
elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then
|
||||||
|
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\""
|
||||||
|
else
|
||||||
|
echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\""
|
||||||
|
fi
|
||||||
|
echo "redis.session.locking_enabled = 1"
|
||||||
|
echo "redis.session.lock_retries = -1"
|
||||||
|
# redis.session.lock_wait_time is specified in microseconds.
|
||||||
|
# Wait 10ms before retrying the lock rather than the default 2ms.
|
||||||
|
echo "redis.session.lock_wait_time = 10000"
|
||||||
|
} > /usr/local/etc/php/conf.d/redis-session.ini
|
||||||
|
fi
|
||||||
|
|
||||||
|
# If another process is syncing the html folder, wait for
|
||||||
|
# it to be done, then escape initalization.
|
||||||
|
(
|
||||||
|
if ! flock -n 9; then
|
||||||
|
# If we couldn't get it immediately, show a message, then wait for real
|
||||||
|
echo "Another process is initializing Nextcloud. Waiting..."
|
||||||
|
flock 9
|
||||||
|
fi
|
||||||
|
|
||||||
|
installed_version="0.0.0.0"
|
||||||
|
if [ -f /var/www/html/version.php ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
installed_version="$(php -r 'require "/var/www/html/version.php"; echo implode(".", $OC_Version);')"
|
||||||
|
fi
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
image_version="$(php -r 'require "/usr/src/nextcloud/version.php"; echo implode(".", $OC_Version);')"
|
||||||
|
|
||||||
|
if version_greater "$installed_version" "$image_version"; then
|
||||||
|
echo "Can't start Nextcloud because the version of the data ($installed_version) is higher than the docker image version ($image_version) and downgrading is not supported. Are you sure you have pulled the newest image version?"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if version_greater "$image_version" "$installed_version"; then
|
||||||
|
echo "Initializing nextcloud $image_version ..."
|
||||||
|
if [ "$installed_version" != "0.0.0.0" ]; then
|
||||||
|
if [ "${image_version%%.*}" -gt "$((${installed_version%%.*} + 1))" ]; then
|
||||||
|
echo "Can't start Nextcloud because upgrading from $installed_version to $image_version is not supported."
|
||||||
|
echo "It is only possible to upgrade one major version at a time. For example, if you want to upgrade from version 14 to 16, you will have to upgrade from version 14 to 15, then from 15 to 16."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "Upgrading nextcloud from $installed_version ..."
|
||||||
|
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_before
|
||||||
|
fi
|
||||||
|
if [ "$(id -u)" = 0 ]; then
|
||||||
|
rsync_options="-rlDog --chown $user:$group"
|
||||||
|
else
|
||||||
|
rsync_options="-rlD"
|
||||||
|
fi
|
||||||
|
|
||||||
|
rsync $rsync_options --delete --exclude-from=/upgrade.exclude /usr/src/nextcloud/ /var/www/html/
|
||||||
|
for dir in config data custom_apps themes; do
|
||||||
|
if [ ! -d "/var/www/html/$dir" ] || directory_empty "/var/www/html/$dir"; then
|
||||||
|
rsync $rsync_options --include "/$dir/" --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
rsync $rsync_options --include '/version.php' --exclude '/*' /usr/src/nextcloud/ /var/www/html/
|
||||||
|
|
||||||
|
# Install
|
||||||
|
if [ "$installed_version" = "0.0.0.0" ]; then
|
||||||
|
echo "New nextcloud instance"
|
||||||
|
|
||||||
|
file_env NEXTCLOUD_ADMIN_PASSWORD
|
||||||
|
file_env NEXTCLOUD_ADMIN_USER
|
||||||
|
|
||||||
|
install=false
|
||||||
|
if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"'
|
||||||
|
if [ -n "${NEXTCLOUD_DATA_DIR+x}" ]; then
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"'
|
||||||
|
fi
|
||||||
|
|
||||||
|
file_env MYSQL_DATABASE
|
||||||
|
file_env MYSQL_PASSWORD
|
||||||
|
file_env MYSQL_USER
|
||||||
|
file_env POSTGRES_DB
|
||||||
|
file_env POSTGRES_PASSWORD
|
||||||
|
file_env POSTGRES_USER
|
||||||
|
|
||||||
|
if [ -n "${SQLITE_DATABASE+x}" ]; then
|
||||||
|
echo "Installing with SQLite database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database-name "$SQLITE_DATABASE"'
|
||||||
|
install=true
|
||||||
|
elif [ -n "${MYSQL_DATABASE+x}" ] && [ -n "${MYSQL_USER+x}" ] && [ -n "${MYSQL_PASSWORD+x}" ] && [ -n "${MYSQL_HOST+x}" ]; then
|
||||||
|
echo "Installing with MySQL database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database mysql --database-name "$MYSQL_DATABASE" --database-user "$MYSQL_USER" --database-pass "$MYSQL_PASSWORD" --database-host "$MYSQL_HOST"'
|
||||||
|
install=true
|
||||||
|
elif [ -n "${POSTGRES_DB+x}" ] && [ -n "${POSTGRES_USER+x}" ] && [ -n "${POSTGRES_PASSWORD+x}" ] && [ -n "${POSTGRES_HOST+x}" ]; then
|
||||||
|
echo "Installing with PostgreSQL database"
|
||||||
|
# shellcheck disable=SC2016
|
||||||
|
install_options=$install_options' --database pgsql --database-name "$POSTGRES_DB" --database-user "$POSTGRES_USER" --database-pass "$POSTGRES_PASSWORD" --database-host "$POSTGRES_HOST"'
|
||||||
|
install=true
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$install" = true ]; then
|
||||||
|
run_path pre-installation
|
||||||
|
|
||||||
|
echo "Starting nextcloud installation"
|
||||||
|
max_retries=10
|
||||||
|
try=0
|
||||||
|
until [ "$try" -gt "$max_retries" ] || run_as "php /var/www/html/occ maintenance:install $install_options"
|
||||||
|
do
|
||||||
|
echo "Retrying install..."
|
||||||
|
try=$((try+1))
|
||||||
|
sleep 10s
|
||||||
|
done
|
||||||
|
if [ "$try" -gt "$max_retries" ]; then
|
||||||
|
echo "Installing of nextcloud failed!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
if [ -n "${NEXTCLOUD_TRUSTED_DOMAINS+x}" ]; then
|
||||||
|
echo "Setting trusted domains…"
|
||||||
|
NC_TRUSTED_DOMAIN_IDX=1
|
||||||
|
for DOMAIN in $NEXTCLOUD_TRUSTED_DOMAINS ; do
|
||||||
|
DOMAIN=$(echo "$DOMAIN" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
|
||||||
|
run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=$DOMAIN"
|
||||||
|
NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
|
||||||
|
done
|
||||||
|
fi
|
||||||
|
|
||||||
|
run_path post-installation
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
# not enough specified to do a fully automated installation
|
||||||
|
if [ "$install" = false ]; then
|
||||||
|
echo "Next step: Access your instance to finish the web-based installation!"
|
||||||
|
echo "Hint: You can specify NEXTCLOUD_ADMIN_USER and NEXTCLOUD_ADMIN_PASSWORD and the database variables _prior to first launch_ to fully automate initial installation."
|
||||||
|
fi
|
||||||
|
# Upgrade
|
||||||
|
else
|
||||||
|
run_path pre-upgrade
|
||||||
|
|
||||||
|
run_as 'php /var/www/html/occ upgrade'
|
||||||
|
|
||||||
|
run_as 'php /var/www/html/occ app:list' | sed -n "/Enabled:/,/Disabled:/p" > /tmp/list_after
|
||||||
|
echo "The following apps have been disabled:"
|
||||||
|
diff /tmp/list_before /tmp/list_after | grep '<' | cut -d- -f2 | cut -d: -f1
|
||||||
|
rm -f /tmp/list_before /tmp/list_after
|
||||||
|
|
||||||
|
run_path post-upgrade
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Initializing finished"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Update htaccess after init if requested
|
||||||
|
if [ -n "${NEXTCLOUD_INIT_HTACCESS+x}" ] && [ "$installed_version" != "0.0.0.0" ]; then
|
||||||
|
run_as 'php /var/www/html/occ maintenance:update:htaccess'
|
||||||
|
fi
|
||||||
|
) 9> /var/www/html/nextcloud-init-sync.lock
|
||||||
|
|
||||||
|
# warn if config files on persistent storage differ from the latest version of this image
|
||||||
|
for cfgPath in /usr/src/nextcloud/config/*.php; do
|
||||||
|
cfgFile=$(basename "$cfgPath")
|
||||||
|
|
||||||
|
if [ "$cfgFile" != "config.sample.php" ]; then
|
||||||
|
if ! cmp -s "/usr/src/nextcloud/config/$cfgFile" "/var/www/html/config/$cfgFile"; then
|
||||||
|
echo "Warning: /var/www/html/config/$cfgFile differs from the latest version of this image at /usr/src/nextcloud/config/$cfgFile"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
run_path before-starting
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec "$@"
|
6
30/fpm/upgrade.exclude
Normal file
6
30/fpm/upgrade.exclude
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
/config/
|
||||||
|
/data/
|
||||||
|
/custom_apps/
|
||||||
|
/themes/
|
||||||
|
/version.php
|
||||||
|
/nextcloud-init-sync.lock
|
|
@ -88,15 +88,22 @@ RUN set -ex; \
|
||||||
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||||
ENV PHP_MEMORY_LIMIT 512M
|
ENV PHP_MEMORY_LIMIT 512M
|
||||||
ENV PHP_UPLOAD_LIMIT 512M
|
ENV PHP_UPLOAD_LIMIT 512M
|
||||||
|
ENV PHP_OPCACHE_INTERNED_STRINGS_BUFFER 32
|
||||||
|
ENV PHP_OPCACHE_MAX_ACCELERATED_FILES 10000
|
||||||
|
ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
|
||||||
|
ENV PHP_OPCACHE_SAVE_COMMENTS 1
|
||||||
|
ENV PHP_OPCACHE_REVALIDATE_FREQ 60
|
||||||
|
ENV PHP_OPCACHE_JIT 1255
|
||||||
|
ENV PHP_OPCACHE_JIT_BUFFER_SIZE 128M
|
||||||
RUN { \
|
RUN { \
|
||||||
echo 'opcache.enable=1'; \
|
echo 'opcache.enable=1'; \
|
||||||
echo 'opcache.interned_strings_buffer=32'; \
|
echo 'opcache.interned_strings_buffer=${PHP_OPCACHE_INTERNED_STRINGS_BUFFER}'; \
|
||||||
echo 'opcache.max_accelerated_files=10000'; \
|
echo 'opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}'; \
|
||||||
echo 'opcache.memory_consumption=128'; \
|
echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
|
||||||
echo 'opcache.save_comments=1'; \
|
echo 'opcache.save_comments=${PHP_OPCACHE_SAVE_COMMENTS}'; \
|
||||||
echo 'opcache.revalidate_freq=60'; \
|
echo 'opcache.revalidate_freq=${PHP_OPCACHE_REVALIDATE_FREQ}'; \
|
||||||
echo 'opcache.jit=1255'; \
|
echo 'opcache.jit=${PHP_OPCACHE_JIT}'; \
|
||||||
echo 'opcache.jit_buffer_size=128M'; \
|
echo 'opcache.jit_buffer_size=${PHP_OPCACHE_JIT_BUFFER_SIZE}'; \
|
||||||
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||||
\
|
\
|
||||||
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||||
|
|
|
@ -20,6 +20,13 @@ RUN set -ex; \
|
||||||
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html
|
||||||
ENV PHP_MEMORY_LIMIT 512M
|
ENV PHP_MEMORY_LIMIT 512M
|
||||||
ENV PHP_UPLOAD_LIMIT 512M
|
ENV PHP_UPLOAD_LIMIT 512M
|
||||||
|
ENV PHP_OPCACHE_INTERNED_STRINGS_BUFFER 32
|
||||||
|
ENV PHP_OPCACHE_MAX_ACCELERATED_FILES 10000
|
||||||
|
ENV PHP_OPCACHE_MEMORY_CONSUMPTION 128
|
||||||
|
ENV PHP_OPCACHE_SAVE_COMMENTS 1
|
||||||
|
ENV PHP_OPCACHE_REVALIDATE_FREQ 60
|
||||||
|
ENV PHP_OPCACHE_JIT 1255
|
||||||
|
ENV PHP_OPCACHE_JIT_BUFFER_SIZE 128M
|
||||||
RUN set -ex; \
|
RUN set -ex; \
|
||||||
\
|
\
|
||||||
savedAptMark="$(apt-mark showmanual)"; \
|
savedAptMark="$(apt-mark showmanual)"; \
|
||||||
|
@ -95,13 +102,13 @@ RUN set -ex; \
|
||||||
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
# see https://docs.nextcloud.com/server/latest/admin_manual/installation/server_tuning.html#enable-php-opcache
|
||||||
RUN { \
|
RUN { \
|
||||||
echo 'opcache.enable=1'; \
|
echo 'opcache.enable=1'; \
|
||||||
echo 'opcache.interned_strings_buffer=32'; \
|
echo 'opcache.interned_strings_buffer=${PHP_OPCACHE_INTERNED_STRINGS_BUFFER}'; \
|
||||||
echo 'opcache.max_accelerated_files=10000'; \
|
echo 'opcache.max_accelerated_files=${PHP_OPCACHE_MAX_ACCELERATED_FILES}'; \
|
||||||
echo 'opcache.memory_consumption=128'; \
|
echo 'opcache.memory_consumption=${PHP_OPCACHE_MEMORY_CONSUMPTION}'; \
|
||||||
echo 'opcache.save_comments=1'; \
|
echo 'opcache.save_comments=${PHP_OPCACHE_SAVE_COMMENTS}'; \
|
||||||
echo 'opcache.revalidate_freq=60'; \
|
echo 'opcache.revalidate_freq=${PHP_OPCACHE_REVALIDATE_FREQ}'; \
|
||||||
echo 'opcache.jit=1255'; \
|
echo 'opcache.jit=${PHP_OPCACHE_JIT}'; \
|
||||||
echo 'opcache.jit_buffer_size=128M'; \
|
echo 'opcache.jit_buffer_size=${PHP_OPCACHE_JIT_BUFFER_SIZE}'; \
|
||||||
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
} > "${PHP_INI_DIR}/conf.d/opcache-recommended.ini"; \
|
||||||
\
|
\
|
||||||
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \
|
||||||
|
|
|
@ -217,6 +217,15 @@ To customize Apache max file upload limit you can change the following variable:
|
||||||
- `APACHE_BODY_LIMIT` (default `1073741824` [1GiB]) This restricts the total
|
- `APACHE_BODY_LIMIT` (default `1073741824` [1GiB]) This restricts the total
|
||||||
size of the HTTP request body sent from the client. It specifies the number of _bytes_ that are allowed in a request body. A value of **0** means **unlimited**. Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html#apache) for more information.
|
size of the HTTP request body sent from the client. It specifies the number of _bytes_ that are allowed in a request body. A value of **0** means **unlimited**. Check the [Nextcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html#apache) for more information.
|
||||||
|
|
||||||
|
To customize OPcache parameters you can change the following variables:
|
||||||
|
- `PHP_OPCACHE_INTERNED_STRINGS_BUFFER` (default `32`) The amount of memory used to store interned strings, in megabytes.
|
||||||
|
- `PHP_OPCACHE_MAX_ACCELERATED_FILES` (default `10000`) The maximum number of keys (and therefore scripts) in the OPcache hash table. The actual value used will be the first number in the set of prime numbers { 223, 463, 983, 1979, 3907, 7963, 16229, 32531, 65407, 130987, 262237, 524521, 1048793 } that is greater than or equal to the configured value. The minimum value is 200. The maximum value is 1000000. Values outside of this range are clamped to the permissible range.
|
||||||
|
- `PHP_OPCACHE_MEMORY_CONSUMPTION` (default `128`) The size of the shared memory storage used by OPcache, in megabytes. The minimum permissible value is "8", which is enforced if a smaller value is set.
|
||||||
|
- `PHP_OPCACHE_SAVE_COMMENT` (default `1`) If disabled, all documentation comments will be discarded from the opcode cache to reduce the size of the optimised code. Disabling this configuration directive may break applications and frameworks that rely on comment parsing for annotations, including Doctrine, Zend Framework 2 and PHPUnit.
|
||||||
|
- `PHP_OPCACHE_REVALIDATE_FREQ` (default `60`) How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.
|
||||||
|
- `PHP_OPCACHE_JIT` (default `1255`) This set JIT configuration mode. Check the [OPcache JIT configuration](https://www.php.net/manual/en/opcache.configuration.php#ini.opcache.jit) for more information.
|
||||||
|
- `PHP_OPCACHE_JIT_BUFFER_SIZE` (default `128M`) The amount of shared memory to reserve for compiled JIT code. A zero value disables the JIT.
|
||||||
|
|
||||||
### Auto configuration and Nextcloud updates
|
### Auto configuration and Nextcloud updates
|
||||||
The image comes with special config files for Nextcloud that set parameters specific to containerized usage (e.g. `upgrade-disable-web.config.php`) or enable auto configuration via environment variables (e.g. `reverse-proxy.config.php`). Within the image, the latest version of these config files are located in `/usr/src/nextcloud/config`.
|
The image comes with special config files for Nextcloud that set parameters specific to containerized usage (e.g. `upgrade-disable-web.config.php`) or enable auto configuration via environment variables (e.g. `reverse-proxy.config.php`). Within the image, the latest version of these config files are located in `/usr/src/nextcloud/config`.
|
||||||
|
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
29.0.7
|
30.0.0
|
||||||
|
|
|
@ -1,4 +1,30 @@
|
||||||
{
|
{
|
||||||
|
"30": {
|
||||||
|
"branch": "30",
|
||||||
|
"version": "30.0.0",
|
||||||
|
"url": "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2",
|
||||||
|
"ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-30.0.0.tar.bz2.asc",
|
||||||
|
"variants": {
|
||||||
|
"apache": {
|
||||||
|
"variant": "apache",
|
||||||
|
"base": "debian",
|
||||||
|
"baseVersion": "bookworm",
|
||||||
|
"phpVersion": "8.2"
|
||||||
|
},
|
||||||
|
"fpm": {
|
||||||
|
"variant": "fpm",
|
||||||
|
"base": "debian",
|
||||||
|
"baseVersion": "bookworm",
|
||||||
|
"phpVersion": "8.2"
|
||||||
|
},
|
||||||
|
"fpm-alpine": {
|
||||||
|
"variant": "fpm-alpine",
|
||||||
|
"base": "alpine",
|
||||||
|
"baseVersion": "3.20",
|
||||||
|
"phpVersion": "8.2"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"29": {
|
"29": {
|
||||||
"branch": "29",
|
"branch": "29",
|
||||||
"version": "29.0.7",
|
"version": "29.0.7",
|
||||||
|
|
Loading…
Reference in a new issue