diff --git a/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/README.MD b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/README.MD new file mode 100644 index 00000000..26dc0b4f --- /dev/null +++ b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/README.MD @@ -0,0 +1,5 @@ +This docker-compose.yml file will create a nextcloud instance with signed certs using the lets encrypt companion and the nginx reverse proxy. Collabora office will also be deployed using signed certs. To use collabora the app must be installed within nextcloud and configured to use office.DOMAIN.TLD. + +There is no need to specify a port, simply the pubilc domain used to create your certs for the office instance. Ports, 443 and 80 should be forwarded to the server. + +![Callabora Settings](collaboraOnlineNCSettings.png) diff --git a/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/collaboraOnlineNCSettings.png b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/collaboraOnlineNCSettings.png new file mode 100644 index 00000000..1922a887 Binary files /dev/null and b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/collaboraOnlineNCSettings.png differ diff --git a/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/docker-compose.yml b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/docker-compose.yml new file mode 100644 index 00000000..b6091b0b --- /dev/null +++ b/.examples/docker-compose/with-nginx-proxy-self-signed-ssl-collabora-office-mariadb/docker-compose.yml @@ -0,0 +1,109 @@ +version: '3' + +services: + + proxy: + image: jwilder/nginx-proxy:alpine + labels: + - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true" + container_name: nextcloud-proxy + networks: + - nextcloud_network + ports: + - 80:80 + - 443:443 + volumes: + - ./proxy/conf.d:/etc/nginx/conf.d:rw + - ./proxy/vhost.d:/etc/nginx/vhost.d:rw + - ./proxy/html:/usr/share/nginx/html:rw + - ./proxy/certs:/etc/nginx/certs:ro + - /etc/localtime:/etc/localtime:ro + - /var/run/docker.sock:/tmp/docker.sock:ro + restart: unless-stopped + + letsencrypt: + image: jrcs/letsencrypt-nginx-proxy-companion + container_name: nextcloud-letsencrypt + depends_on: + - proxy + networks: + - nextcloud_network + volumes: + - ./proxy/certs:/etc/nginx/certs:rw + - ./proxy/vhost.d:/etc/nginx/vhost.d:rw + - ./proxy/html:/usr/share/nginx/html:rw + - /etc/localtime:/etc/localtime:ro + - /var/run/docker.sock:/var/run/docker.sock:ro + restart: unless-stopped + db: + image: mariadb + container_name: nextcloud-mariadb + networks: + - nextcloud_network + volumes: + - db:/var/lib/mysql + - /etc/localtime:/etc/localtime:ro + environment: + # Create a root password for the maraiadb instance. + - MYSQL_ROOT_PASSWORD=CREATE-A-SECURE-ROOT-PASSWORD-HERE + # Create a password for the nextcloud users. If you have to manually connect your database you would use the nextcloud user and this password. + - MYSQL_PASSWORD=CREATE-A-SECURE-NEXTCLOUD-USER-PASSWORD-HERE + - MYSQL_DATABASE=nextcloud + - MYSQL_USER=nextcloud + restart: unless-stopped + + app: + image: nextcloud:latest + container_name: nextcloud-app + networks: + - nextcloud_network + depends_on: + - letsencrypt + - proxy + - db + volumes: + - nextcloud:/var/www/html + - ./app/config:/var/www/html/config + - ./app/custom_apps:/var/www/html/custom_apps + - ./app/data:/var/www/html/data + - ./app/themes:/var/www/html/themes + - /etc/localtime:/etc/localtime:ro + environment: + # The VIRTUAL_HOST and LETSENCRYPT_HOST should use the same publically reachable domain for your nextlcloud instance. + - VIRTUAL_HOST=cloud.DOMAIN.TLD + - LETSENCRYPT_HOST=cloud.DOMAIN.TLD + # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals. + - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TDL + restart: unless-stopped + collab: + image: collabora/code + container_name: nextcloud-collab + networks: + - nextcloud_network + depends_on: + - proxy + - letsencrypt + cap_add: + - MKNOD + ports: + - 9980:9980 + environment: + # This nees to be the same as what you set your app domain too (ex: cloud.domain.tld). + - domain=cloud\\.DOMAIN\\.TDL + - username=admin + # Create a passoword for the collabora office admin page. + - password=CREATE-A-SECURE-PASSWORD-HERE + - VIRTUAL_PROTO=https + - VIRTUAL_PORT=443 + # The VIRTUAL_HOST and LETSENCRYPT_HOST should use the same publically reachable domain for your collabora instance (ex: office.domain.tld). + - VIRTUAL_HOST=office.DOMAIN.TLD + - LETSENCRYPT_HOST=office.DOMAIN.TLD + # This needs to be a real email as it will be used by let's encrypt for your cert and is used to warn you about renewals. + - LETSENCRYPT_EMAIL=YOUR-EMAIL@DOMAIN.TDL + restart: unless-stopped +volumes: + nextcloud: + db: + +networks: + nextcloud_network: diff --git a/29/apache/Dockerfile b/29/apache/Dockerfile index fa5fabae..19c0781c 100644 --- a/29/apache/Dockerfile +++ b/29/apache/Dockerfile @@ -67,12 +67,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-5.1.24; \ + pecl install igbinary-3.2.16; \ pecl install imagick-3.7.0; \ - pecl install memcached-3.3.0; \ - pecl install redis-6.1.0; \ + pecl install memcached-3.3.0 \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-6.1.0 \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -108,6 +112,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/29/fpm-alpine/Dockerfile b/29/fpm-alpine/Dockerfile index 61c6de6e..bdec7b10 100644 --- a/29/fpm-alpine/Dockerfile +++ b/29/fpm-alpine/Dockerfile @@ -64,12 +64,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-5.1.24; \ + pecl install igbinary-3.2.16; \ pecl install imagick-3.7.0; \ - pecl install memcached-3.3.0; \ - pecl install redis-6.1.0; \ + pecl install memcached-3.3.0 \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-6.1.0 \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -103,6 +107,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/29/fpm/Dockerfile b/29/fpm/Dockerfile index 2a64b02a..ae7c527c 100644 --- a/29/fpm/Dockerfile +++ b/29/fpm/Dockerfile @@ -67,12 +67,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-5.1.24; \ + pecl install igbinary-3.2.16; \ pecl install imagick-3.7.0; \ - pecl install memcached-3.3.0; \ - pecl install redis-6.1.0; \ + pecl install memcached-3.3.0 \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-6.1.0 \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -108,6 +112,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/30/apache/Dockerfile b/30/apache/Dockerfile index f82a1d9e..4334e170 100644 --- a/30/apache/Dockerfile +++ b/30/apache/Dockerfile @@ -67,12 +67,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-5.1.24; \ + pecl install igbinary-3.2.16; \ pecl install imagick-3.7.0; \ - pecl install memcached-3.3.0; \ - pecl install redis-6.1.0; \ + pecl install memcached-3.3.0 \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-6.1.0 \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -108,6 +112,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/30/fpm-alpine/Dockerfile b/30/fpm-alpine/Dockerfile index 26e4a568..6ca9bda9 100644 --- a/30/fpm-alpine/Dockerfile +++ b/30/fpm-alpine/Dockerfile @@ -64,12 +64,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-5.1.24; \ + pecl install igbinary-3.2.16; \ pecl install imagick-3.7.0; \ - pecl install memcached-3.3.0; \ - pecl install redis-6.1.0; \ + pecl install memcached-3.3.0 \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-6.1.0 \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -103,6 +107,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/30/fpm/Dockerfile b/30/fpm/Dockerfile index c0769823..f13ce297 100644 --- a/30/fpm/Dockerfile +++ b/30/fpm/Dockerfile @@ -67,12 +67,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-5.1.24; \ + pecl install igbinary-3.2.16; \ pecl install imagick-3.7.0; \ - pecl install memcached-3.3.0; \ - pecl install redis-6.1.0; \ + pecl install memcached-3.3.0 \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-6.1.0 \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -108,6 +112,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index c5517536..cf6af0ff 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -63,12 +63,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-%%APCU_VERSION%%; \ + pecl install igbinary-%%IGBINARY_VERSION%%; \ pecl install imagick-%%IMAGICK_VERSION%%; \ - pecl install memcached-%%MEMCACHED_VERSION%%; \ - pecl install redis-%%REDIS_VERSION%%; \ + pecl install memcached-%%MEMCACHED_VERSION%% \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-%%REDIS_VERSION%% \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -102,6 +106,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index 9695c010..cadae18a 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -66,12 +66,16 @@ RUN set -ex; \ \ # pecl will claim success even if one install fails, so we need to perform each install separately pecl install APCu-%%APCU_VERSION%%; \ + pecl install igbinary-%%IGBINARY_VERSION%%; \ pecl install imagick-%%IMAGICK_VERSION%%; \ - pecl install memcached-%%MEMCACHED_VERSION%%; \ - pecl install redis-%%REDIS_VERSION%%; \ + pecl install memcached-%%MEMCACHED_VERSION%% \ + --configureoptions 'enable-memcached-igbinary="yes"'; \ + pecl install redis-%%REDIS_VERSION%% \ + --configureoptions 'enable-redis-igbinary="yes" enable-redis-zstd="yes" enable-redis-lz4="yes"'; \ \ docker-php-ext-enable \ apcu \ + igbinary \ imagick \ memcached \ redis \ @@ -107,6 +111,11 @@ RUN { \ \ echo 'apc.enable_cli=1' >> "${PHP_INI_DIR}/conf.d/docker-php-ext-apcu.ini"; \ \ + { \ + echo 'apc.serializer=igbinary'; \ + echo 'session.serialize_handler=igbinary'; \ + } >> "${PHP_INI_DIR}/conf.d/docker-php-ext-igbinary.ini"; \ + \ { \ echo 'memory_limit=${PHP_MEMORY_LIMIT}'; \ echo 'upload_max_filesize=${PHP_UPLOAD_LIMIT}'; \ diff --git a/update.sh b/update.sh index 9898a6c0..f55da259 100755 --- a/update.sh +++ b/update.sh @@ -44,6 +44,24 @@ apcu_version="$( | tail -1 )" +igbinary_version="$( + git ls-remote --tags https://github.com/igbinary/igbinary.git \ + | cut -d/ -f3 \ + | grep -viE '[a-z]' \ + | tr -d '^{}' \ + | sort -V \ + | tail -1 +)" + +imagick_version="$( + git ls-remote --tags https://github.com/mkoppanen/imagick.git \ + | cut -d/ -f3 \ + | grep -viE '[a-z]' \ + | tr -d '^{}' \ + | sort -V \ + | tail -1 +)" + memcached_version="$( git ls-remote --tags https://github.com/php-memcached-dev/php-memcached.git \ | cut -d/ -f3 \ @@ -62,20 +80,12 @@ redis_version="$( | tail -1 )" -imagick_version="$( - git ls-remote --tags https://github.com/mkoppanen/imagick.git \ - | cut -d/ -f3 \ - | grep -viE '[a-z]' \ - | tr -d '^{}' \ - | sort -V \ - | tail -1 -)" - declare -A pecl_versions=( [APCu]="$apcu_version" + [igbinary]="$igbinary_version" + [imagick]="$imagick_version" [memcached]="$memcached_version" [redis]="$redis_version" - [imagick]="$imagick_version" ) variants=( @@ -121,9 +131,10 @@ function create_variant() { s/%%CMD%%/'"${cmd[$variant]}"'/g; s|%%VARIANT_EXTRAS%%|'"${extras[$variant]}"'|g; s/%%APCU_VERSION%%/'"${pecl_versions[APCu]}"'/g; + s/%%IGBINARY_VERSION%%/'"${pecl_versions[igbinary]}"'/g; + s/%%IMAGICK_VERSION%%/'"${pecl_versions[imagick]}"'/g; s/%%MEMCACHED_VERSION%%/'"${pecl_versions[memcached]}"'/g; s/%%REDIS_VERSION%%/'"${pecl_versions[redis]}"'/g; - s/%%IMAGICK_VERSION%%/'"${pecl_versions[imagick]}"'/g; s/%%CRONTAB_INT%%/'"$crontabInt"'/g; ' "$dir/Dockerfile"