From 374495c5656727adf82509aec1a79c13f3a23bf6 Mon Sep 17 00:00:00 2001 From: janz Date: Mon, 2 Sep 2024 12:01:10 +0200 Subject: [PATCH 1/7] Adding support for configuring redis dbindex value Signed-off-by: Jan Zalar jan.zalar6@gmail.com Signed-off-by: janz --- 29/apache/config/redis.config.php | 4 ++++ README.md | 1 + 2 files changed, 5 insertions(+) diff --git a/29/apache/config/redis.config.php b/29/apache/config/redis.config.php index a5b13da6..bed36145 100644 --- a/29/apache/config/redis.config.php +++ b/29/apache/config/redis.config.php @@ -14,4 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } + if (getenv('REDIS_DBINDEX') !== false) { + $CONFIG['redis']['dbindex'] = (int) getenv('REDIS_DBINDEX'); + } + } diff --git a/README.md b/README.md index b9f7a66d..b732f9dc 100644 --- a/README.md +++ b/README.md @@ -160,6 +160,7 @@ If you want to use Redis you have to create a separate [Redis](https://hub.docke - `REDIS_HOST` (not set by default) Name of Redis container - `REDIS_HOST_PORT` (default: `6379`) Optional port for Redis, only use for external Redis servers that run on non-standard ports. - `REDIS_HOST_PASSWORD` (not set by default) Redis password +- `REDIS_DBINDEX`(not set by default) Value for dbindex config value The use of Redis is recommended to prevent file locking problems. See the examples for further instructions. From 9360474bc1b25198267c145c510d025ab1690217 Mon Sep 17 00:00:00 2001 From: Jan Zalar Date: Thu, 5 Sep 2024 09:20:33 +0200 Subject: [PATCH 2/7] Adding REDIS_DB_INDEX configuration to session locking aswell. Changing naming convetion to match others Signed-off-by: Jan Zalar --- 29/apache/Dockerfile | 1 + 29/apache/config/redis.config.php | 4 ++-- README.md | 2 +- docker-entrypoint.sh | 8 ++++---- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/29/apache/Dockerfile b/29/apache/Dockerfile index b311cfbe..d86c35e9 100644 --- a/29/apache/Dockerfile +++ b/29/apache/Dockerfile @@ -21,6 +21,7 @@ RUN set -ex; \ # see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html ENV PHP_MEMORY_LIMIT 512M ENV PHP_UPLOAD_LIMIT 512M +ENV REDIS_DB_INDEX=0 RUN set -ex; \ \ savedAptMark="$(apt-mark showmanual)"; \ diff --git a/29/apache/config/redis.config.php b/29/apache/config/redis.config.php index bed36145..47a43dff 100644 --- a/29/apache/config/redis.config.php +++ b/29/apache/config/redis.config.php @@ -14,8 +14,8 @@ if (getenv('REDIS_HOST')) { } elseif (getenv('REDIS_HOST')[0] != '/') { $CONFIG['redis']['port'] = 6379; } - if (getenv('REDIS_DBINDEX') !== false) { - $CONFIG['redis']['dbindex'] = (int) getenv('REDIS_DBINDEX'); + if (getenv('REDIS_DB_INDEX') !== false) { + $CONFIG['redis']['dbindex'] = (int) getenv('REDIS_DB_INDEX'); } } diff --git a/README.md b/README.md index b732f9dc..cacb06f1 100644 --- a/README.md +++ b/README.md @@ -160,7 +160,7 @@ If you want to use Redis you have to create a separate [Redis](https://hub.docke - `REDIS_HOST` (not set by default) Name of Redis container - `REDIS_HOST_PORT` (default: `6379`) Optional port for Redis, only use for external Redis servers that run on non-standard ports. - `REDIS_HOST_PASSWORD` (not set by default) Redis password -- `REDIS_DBINDEX`(not set by default) Value for dbindex config value +- `REDIS_DB_INDEX` (default: `0`) Value for dbindex config value The use of Redis is recommended to prevent file locking problems. See the examples for further instructions. diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 4e06fcc4..6595ad2d 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -114,15 +114,15 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP # check if redis host is an unix socket path if [ "$(echo "$REDIS_HOST" | cut -c1-1)" = "/" ]; then if [ -n "${REDIS_HOST_PASSWORD+x}" ]; then - echo "session.save_path = \"unix://${REDIS_HOST}?auth=${REDIS_HOST_PASSWORD}\"" + echo "session.save_path = \"unix://${REDIS_HOST}/${REDIS_DB_INDEX}?auth=${REDIS_HOST_PASSWORD}\"" else - echo "session.save_path = \"unix://${REDIS_HOST}\"" + echo "session.save_path = \"unix://${REDIS_HOST}/${REDIS_DB_INDEX}\"" fi # check if redis password has been set elif [ -n "${REDIS_HOST_PASSWORD+x}" ]; then - echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}?auth=${REDIS_HOST_PASSWORD}\"" + echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}/${REDIS_DB_INDEX}?auth=${REDIS_HOST_PASSWORD}\"" else - echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}\"" + echo "session.save_path = \"tcp://${REDIS_HOST}:${REDIS_HOST_PORT:=6379}/${REDIS_DB_INDEX}\"" fi echo "redis.session.locking_enabled = 1" echo "redis.session.lock_retries = -1" From 5a242f605505e4389ee9b715f99df57abcbf81ef Mon Sep 17 00:00:00 2001 From: J0WI Date: Tue, 8 Oct 2024 15:33:18 +0200 Subject: [PATCH 3/7] MariaDB 10.11 (#2298) Signed-off-by: J0WI --- .../docker-compose/insecure/mariadb/apache/compose.yaml | 2 +- .examples/docker-compose/insecure/mariadb/fpm/compose.yaml | 2 +- .../with-nginx-proxy/mariadb/apache/compose.yaml | 2 +- .../with-nginx-proxy/mariadb/fpm/compose.yaml | 2 +- README.md | 6 +++--- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.examples/docker-compose/insecure/mariadb/apache/compose.yaml b/.examples/docker-compose/insecure/mariadb/apache/compose.yaml index 775c35ef..4d0fd8fd 100644 --- a/.examples/docker-compose/insecure/mariadb/apache/compose.yaml +++ b/.examples/docker-compose/insecure/mariadb/apache/compose.yaml @@ -1,6 +1,6 @@ services: db: - image: mariadb:10.6 + image: mariadb:10.11 command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW restart: always volumes: diff --git a/.examples/docker-compose/insecure/mariadb/fpm/compose.yaml b/.examples/docker-compose/insecure/mariadb/fpm/compose.yaml index 846cdaa3..06b12afb 100644 --- a/.examples/docker-compose/insecure/mariadb/fpm/compose.yaml +++ b/.examples/docker-compose/insecure/mariadb/fpm/compose.yaml @@ -1,6 +1,6 @@ services: db: - image: mariadb:10.6 + image: mariadb:10.11 command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW restart: always volumes: diff --git a/.examples/docker-compose/with-nginx-proxy/mariadb/apache/compose.yaml b/.examples/docker-compose/with-nginx-proxy/mariadb/apache/compose.yaml index 98f2ec46..7a221407 100644 --- a/.examples/docker-compose/with-nginx-proxy/mariadb/apache/compose.yaml +++ b/.examples/docker-compose/with-nginx-proxy/mariadb/apache/compose.yaml @@ -1,6 +1,6 @@ services: db: - image: mariadb:10.6 + image: mariadb:10.11 command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW restart: always volumes: diff --git a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/compose.yaml b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/compose.yaml index 863d0ac4..ff7a5388 100644 --- a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/compose.yaml +++ b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/compose.yaml @@ -1,6 +1,6 @@ services: db: - image: mariadb:10.6 + image: mariadb:10.11 command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW restart: always volumes: diff --git a/README.md b/README.md index b2ec983d..abe5b25b 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ Database: ```console $ docker run -d \ -v db:/var/lib/mysql \ -mariadb:10.6 +mariadb:10.11 ``` ### Additional volumes @@ -294,7 +294,7 @@ Make sure to pass in values for `MYSQL_ROOT_PASSWORD` and `MYSQL_PASSWORD` varia ```yaml services: db: - image: mariadb:10.6 + image: mariadb:10.11 restart: always command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW volumes: @@ -342,7 +342,7 @@ Make sure to pass in values for `MYSQL_ROOT_PASSWORD` and `MYSQL_PASSWORD` varia ```yaml services: db: - image: mariadb:10.6 + image: mariadb:10.11 restart: always command: --transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW volumes: From 8c777a4144ff406db6adfe9d674e7411b2f8871e Mon Sep 17 00:00:00 2001 From: Kaloyan Nikolov Date: Tue, 8 Oct 2024 16:53:11 +0300 Subject: [PATCH 4/7] Update examples nginx configuration (#2307) * Update config based on the official docs Signed-off-by: Kaloyan Nikolov * Update all example nginx configs according to the documentation Signed-off-by: Kaloyan Nikolov --------- Signed-off-by: Kaloyan Nikolov --- .examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf | 5 +++-- .../docker-compose/insecure/postgres/fpm/web/nginx.conf | 5 +++-- .../with-nginx-proxy/mariadb/fpm/web/nginx.conf | 5 +++-- .../with-nginx-proxy/postgres/fpm/web/nginx.conf | 5 +++-- 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf b/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf index 5dff3389..1dd6e11d 100644 --- a/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf +++ b/.examples/docker-compose/insecure/mariadb/fpm/web/nginx.conf @@ -14,6 +14,7 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -143,7 +144,7 @@ http { # to the URI, resulting in a HTTP 500 error response. location ~ \.php(?:$|/) { # Required for legacy support - rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; + rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri; fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; @@ -166,7 +167,7 @@ http { } # Serve static files - location ~ \.(?:css|svg|js|mjs|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { + location ~ \.(?:css|js|mjs|svg|gif|ico|jpg|png|webp|wasm|tflite|map|ogg|flac)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463$asset_immutable"; add_header Referrer-Policy "no-referrer" always; diff --git a/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf b/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf index 5dff3389..1dd6e11d 100644 --- a/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf +++ b/.examples/docker-compose/insecure/postgres/fpm/web/nginx.conf @@ -14,6 +14,7 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -143,7 +144,7 @@ http { # to the URI, resulting in a HTTP 500 error response. location ~ \.php(?:$|/) { # Required for legacy support - rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; + rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri; fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; @@ -166,7 +167,7 @@ http { } # Serve static files - location ~ \.(?:css|svg|js|mjs|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { + location ~ \.(?:css|js|mjs|svg|gif|ico|jpg|png|webp|wasm|tflite|map|ogg|flac)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463$asset_immutable"; add_header Referrer-Policy "no-referrer" always; diff --git a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf index 02215270..a3c9f28b 100644 --- a/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf +++ b/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf @@ -14,6 +14,7 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -143,7 +144,7 @@ http { # to the URI, resulting in a HTTP 500 error response. location ~ \.php(?:$|/) { # Required for legacy support - rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; + rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri; fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; @@ -166,7 +167,7 @@ http { } # Serve static files - location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { + location ~ \.(?:css|js|mjs|svg|gif|ico|jpg|png|webp|wasm|tflite|map|ogg|flac)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463$asset_immutable"; add_header Referrer-Policy "no-referrer" always; diff --git a/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf b/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf index d7d29c68..a3c9f28b 100644 --- a/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf +++ b/.examples/docker-compose/with-nginx-proxy/postgres/fpm/web/nginx.conf @@ -14,6 +14,7 @@ http { default_type application/octet-stream; types { text/javascript mjs; + application/wasm wasm; } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' @@ -143,7 +144,7 @@ http { # to the URI, resulting in a HTTP 500 error response. location ~ \.php(?:$|/) { # Required for legacy support - rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; + rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy) /index.php$request_uri; fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; @@ -166,7 +167,7 @@ http { } # Serve static files - location ~ \.(?:css|svg|js|mjs|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { + location ~ \.(?:css|js|mjs|svg|gif|ico|jpg|png|webp|wasm|tflite|map|ogg|flac)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463$asset_immutable"; add_header Referrer-Policy "no-referrer" always; From a9f9885e655bf1b16b7c8d3a5131ef161065492e Mon Sep 17 00:00:00 2001 From: Dominic Giebert Date: Tue, 8 Oct 2024 16:19:59 +0200 Subject: [PATCH 5/7] Add FORWARDED_FOR_HEADERS to the reverse-proxy config (#2272) * Add FORWARDED_FOR_HEADERS to the reverse-proxy config Signed-off-by: Dominic Giebert * Add FORWARDED_FOR_HEADERS to documentation Signed-off-by: Dominic Giebert --------- Signed-off-by: Dominic Giebert --- .config/reverse-proxy.config.php | 5 +++++ README.md | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.config/reverse-proxy.config.php b/.config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/.config/reverse-proxy.config.php +++ b/.config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/README.md b/README.md index abe5b25b..d8f41dcb 100644 --- a/README.md +++ b/README.md @@ -261,7 +261,7 @@ To use the hooks triggered by the `entrypoint` script, either ``` -## Using the apache image behind a reverse proxy and auto configure server host and protocol +## Using the image behind a reverse proxy and auto configure server host and protocol The apache image will replace the remote addr (IP address visible to Nextcloud) with the IP address from `X-Real-IP` if the request is coming from a proxy in `10.0.0.0/8`, `172.16.0.0/12` or `192.168.0.0/16` by default. If you want Nextcloud to pick up the server host (`HTTP_X_FORWARDED_HOST`), protocol (`HTTP_X_FORWARDED_PROTO`) and client IP (`HTTP_X_FORWARDED_FOR`) from a trusted proxy, then disable rewrite IP and add the reverse proxy's IP address to `TRUSTED_PROXIES`. @@ -276,6 +276,7 @@ If the `TRUSTED_PROXIES` approach does not work for you, try using fixed values - `OVERWRITECLIURL` (empty by default): Set the cli url of the proxy (e.g. https://mydnsname.example.com) - `OVERWRITEWEBROOT` (empty by default): Set the absolute path of the proxy. - `OVERWRITECONDADDR` (empty by default): Regex to overwrite the values dependent on the remote address. +- `FORWARDED_FOR_HEADERS` (empty by default): HTTP headers with the original client IP address Check the [Nexcloud documentation](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html) for more details. From 6c1075b88d7184b067ce7c685ed55d136f7f0635 Mon Sep 17 00:00:00 2001 From: GitHub Workflow Date: Tue, 8 Oct 2024 14:20:13 +0000 Subject: [PATCH 6/7] Runs update.sh --- 28/apache/config/reverse-proxy.config.php | 5 +++++ 28/fpm-alpine/config/reverse-proxy.config.php | 5 +++++ 28/fpm/config/reverse-proxy.config.php | 5 +++++ 29/apache/config/reverse-proxy.config.php | 5 +++++ 29/fpm-alpine/config/reverse-proxy.config.php | 5 +++++ 29/fpm/config/reverse-proxy.config.php | 5 +++++ 30/apache/config/reverse-proxy.config.php | 5 +++++ 30/fpm-alpine/config/reverse-proxy.config.php | 5 +++++ 30/fpm/config/reverse-proxy.config.php | 5 +++++ 9 files changed, 45 insertions(+) diff --git a/28/apache/config/reverse-proxy.config.php b/28/apache/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/28/apache/config/reverse-proxy.config.php +++ b/28/apache/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/28/fpm-alpine/config/reverse-proxy.config.php b/28/fpm-alpine/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/28/fpm-alpine/config/reverse-proxy.config.php +++ b/28/fpm-alpine/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/28/fpm/config/reverse-proxy.config.php b/28/fpm/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/28/fpm/config/reverse-proxy.config.php +++ b/28/fpm/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/29/apache/config/reverse-proxy.config.php b/29/apache/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/29/apache/config/reverse-proxy.config.php +++ b/29/apache/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/29/fpm-alpine/config/reverse-proxy.config.php b/29/fpm-alpine/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/29/fpm-alpine/config/reverse-proxy.config.php +++ b/29/fpm-alpine/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/29/fpm/config/reverse-proxy.config.php b/29/fpm/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/29/fpm/config/reverse-proxy.config.php +++ b/29/fpm/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/30/apache/config/reverse-proxy.config.php b/30/apache/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/30/apache/config/reverse-proxy.config.php +++ b/30/apache/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/30/fpm-alpine/config/reverse-proxy.config.php b/30/fpm-alpine/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/30/fpm-alpine/config/reverse-proxy.config.php +++ b/30/fpm-alpine/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} diff --git a/30/fpm/config/reverse-proxy.config.php b/30/fpm/config/reverse-proxy.config.php index 7df0415e..30c660ff 100644 --- a/30/fpm/config/reverse-proxy.config.php +++ b/30/fpm/config/reverse-proxy.config.php @@ -28,3 +28,8 @@ $trustedProxies = getenv('TRUSTED_PROXIES'); if ($trustedProxies) { $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies))); } + +$forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS'); +if ($forwardedForHeaders) { + $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders))); +} From 178f8b65d34f49f649aa729de148c24a4d79db84 Mon Sep 17 00:00:00 2001 From: GitHub Workflow Date: Fri, 11 Oct 2024 00:32:21 +0000 Subject: [PATCH 7/7] Runs update.sh --- 28/apache/Dockerfile | 6 +++--- 28/fpm-alpine/Dockerfile | 6 +++--- 28/fpm/Dockerfile | 6 +++--- 29/apache/Dockerfile | 6 +++--- 29/fpm-alpine/Dockerfile | 6 +++--- 29/fpm/Dockerfile | 6 +++--- versions.json | 12 ++++++------ 7 files changed, 24 insertions(+), 24 deletions(-) diff --git a/28/apache/Dockerfile b/28/apache/Dockerfile index 5834feec..a9e4f152 100644 --- a/28/apache/Dockerfile +++ b/28/apache/Dockerfile @@ -140,7 +140,7 @@ RUN { \ } > /etc/apache2/conf-available/apache-limits.conf; \ a2enconf apache-limits -ENV NEXTCLOUD_VERSION 28.0.10 +ENV NEXTCLOUD_VERSION 28.0.11 RUN set -ex; \ fetchDeps=" \ @@ -150,8 +150,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/28/fpm-alpine/Dockerfile b/28/fpm-alpine/Dockerfile index a03b7cbb..5d0f0eb5 100644 --- a/28/fpm-alpine/Dockerfile +++ b/28/fpm-alpine/Dockerfile @@ -120,7 +120,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 28.0.10 +ENV NEXTCLOUD_VERSION 28.0.11 RUN set -ex; \ apk add --no-cache --virtual .fetch-deps \ @@ -128,8 +128,8 @@ RUN set -ex; \ gnupg \ ; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/28/fpm/Dockerfile b/28/fpm/Dockerfile index 00980561..b4531eee 100644 --- a/28/fpm/Dockerfile +++ b/28/fpm/Dockerfile @@ -125,7 +125,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 28.0.10 +ENV NEXTCLOUD_VERSION 28.0.11 RUN set -ex; \ fetchDeps=" \ @@ -135,8 +135,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/29/apache/Dockerfile b/29/apache/Dockerfile index 9cec1c9d..874348e8 100644 --- a/29/apache/Dockerfile +++ b/29/apache/Dockerfile @@ -140,7 +140,7 @@ RUN { \ } > /etc/apache2/conf-available/apache-limits.conf; \ a2enconf apache-limits -ENV NEXTCLOUD_VERSION 29.0.7 +ENV NEXTCLOUD_VERSION 29.0.8 RUN set -ex; \ fetchDeps=" \ @@ -150,8 +150,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/29/fpm-alpine/Dockerfile b/29/fpm-alpine/Dockerfile index 2469a6bb..bd0828e3 100644 --- a/29/fpm-alpine/Dockerfile +++ b/29/fpm-alpine/Dockerfile @@ -120,7 +120,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 29.0.7 +ENV NEXTCLOUD_VERSION 29.0.8 RUN set -ex; \ apk add --no-cache --virtual .fetch-deps \ @@ -128,8 +128,8 @@ RUN set -ex; \ gnupg \ ; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/29/fpm/Dockerfile b/29/fpm/Dockerfile index b5836693..1b216522 100644 --- a/29/fpm/Dockerfile +++ b/29/fpm/Dockerfile @@ -125,7 +125,7 @@ RUN { \ VOLUME /var/www/html -ENV NEXTCLOUD_VERSION 29.0.7 +ENV NEXTCLOUD_VERSION 29.0.8 RUN set -ex; \ fetchDeps=" \ @@ -135,8 +135,8 @@ RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends $fetchDeps; \ \ - curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2"; \ - curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2.asc"; \ + curl -fsSL -o nextcloud.tar.bz2 "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2"; \ + curl -fsSL -o nextcloud.tar.bz2.asc "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2.asc"; \ export GNUPGHOME="$(mktemp -d)"; \ # gpg key from https://nextcloud.com/nextcloud.asc gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 28806A878AE423A28372792ED75899B9A724937A; \ diff --git a/versions.json b/versions.json index 5e2fbdcb..241dc1c1 100644 --- a/versions.json +++ b/versions.json @@ -27,9 +27,9 @@ }, "29": { "branch": "29", - "version": "29.0.7", - "url": "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2", - "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-29.0.7.tar.bz2.asc", + "version": "29.0.8", + "url": "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2", + "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-29.0.8.tar.bz2.asc", "variants": { "apache": { "variant": "apache", @@ -53,9 +53,9 @@ }, "28": { "branch": "28", - "version": "28.0.10", - "url": "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2", - "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-28.0.10.tar.bz2.asc", + "version": "28.0.11", + "url": "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2", + "ascUrl": "https://download.nextcloud.com/server/releases/nextcloud-28.0.11.tar.bz2.asc", "variants": { "apache": { "variant": "apache",