Update Nextcloud to 23.0.12

Update to 23.0.11
Update Nextcloud to 23.0.10
2025-06-30 23:26:32 +00:00 · 2022-12-08 15:28:45 +01:00 · 2022-11-03 18:35:38 +01:00 · 2022-10-06 14:53:11 +02:00 · 2022-09-09 09:50:10 +02:00 · 2022-08-12 08:17:21 +02:00
6 changed files with 42 additions and 26 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -3,10 +3,10 @@ name: build
 on:
  workflow_dispatch:
  push:
-    branches: [ main ]
+    branches: [ version-23 ]
  schedule:
    # Build the image regularly (each Friday)
-    - cron: '13 23 * * 5'
+    - cron: '23 04 * * 5'

 jobs:
  build:
@ -19,25 +19,24 @@ jobs:
      - name: Build an image from Dockerfile
        run: |
          docker build \
-              -t ghcr.io/hoellen/nextcloud \
-              -t ghcr.io/hoellen/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c6) \
-              -t ghcr.io/hoellen/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c2) \
+              -t ghcr.io/${{ github.actor }}/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c6) \
+              -t ghcr.io/${{ github.actor }}/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c2) \
              .

      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@master
        with:
-          image-ref: 'ghcr.io/hoellen/nextcloud'
+          image-ref: 'ghcr.io/${{ github.actor }}/nextcloud'
          format: 'template'
          template: '@/contrib/sarif.tpl'
          output: 'trivy-results.sarif'
          severity: 'CRITICAL,HIGH'
          vuln-type: "os"

-#      - name: Upload Trivy scan results to GitHub Security tab
-#        uses: github/codeql-action/upload-sarif@v1
-#        with:
-#          sarif_file: 'trivy-results.sarif'
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: 'trivy-results.sarif'

      - name: Login to the registry
        run: >-
@ -46,6 +45,6 @@ jobs:

      - name: Push image to GitHub
        run: |
-          docker push ghcr.io/hoellen/nextcloud
-          docker push ghcr.io/hoellen/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c6)
-          docker push ghcr.io/hoellen/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c2)
+          docker push ghcr.io/${{ github.actor }}/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c6)
+          docker push ghcr.io/${{ github.actor }}/nextcloud:$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c2)
+
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@ -16,7 +16,7 @@ jobs:
      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@master
        with:
-          image-ref: 'ghcr.io/hoellen/nextcloud'
+          image-ref: 'ghcr.io/${{ github.actor }}/nextcloud'
          format: 'template'
          template: '@/contrib/sarif.tpl'
          output: 'trivy-results.sarif'
--- a/25
+++ b/25
@ -1,10 +1,10 @@
 # -------------- Build-time variables --------------
-ARG NEXTCLOUD_VERSION=22.2.3
+ARG NEXTCLOUD_VERSION=23.0.12
 ARG PHP_VERSION=8.0
 ARG NGINX_VERSION=1.20

-ARG ALPINE_VERSION=3.14
-ARG HARDENED_MALLOC_VERSION=8
+ARG ALPINE_VERSION=3.15
+ARG HARDENED_MALLOC_VERSION=11

 ARG UID=1000
 ARG GID=1000
@ -28,6 +28,8 @@ RUN apk -U upgrade \
        libzip-dev \
        openldap-dev \
        postgresql-dev \
+        samba-dev \
+        imagemagick-dev \
        zlib-dev \
 && apk --no-cache add \
        freetype \
@ -38,7 +40,10 @@ RUN apk -U upgrade \
        libpq \
        libwebp \
        libzip \
+        libsmbclient \
        openldap \
+	      libgomp \
+        imagemagick \
        zlib \
 && docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp \
 && docker-php-ext-configure ldap \
@ -54,9 +59,14 @@ RUN apk -U upgrade \
        pdo_pgsql \
        zip \
        gmp \
+ && pecl install smbclient \
 && pecl install APCu \
 && pecl install redis \
- && echo "extension=redis.so" > /usr/local/etc/php/conf.d/redis.ini \
+ && pecl install imagick \
+ && docker-php-ext-enable \
+        smbclient \
+        redis \
+        imagick \
 && apk del build-deps \
 && rm -rf /var/cache/apk/*

@ -67,12 +77,13 @@ FROM alpine:${ALPINE_VERSION} as build-malloc

 ARG HARDENED_MALLOC_VERSION
 ARG CONFIG_NATIVE=false
+ARG VARIANT=light

 RUN apk --no-cache add build-base git gnupg && cd /tmp \
 && wget -q https://github.com/thestinger.gpg && gpg --import thestinger.gpg \
 && git clone --depth 1 --branch ${HARDENED_MALLOC_VERSION} https://github.com/GrapheneOS/hardened_malloc \
 && cd hardened_malloc && git verify-tag $(git describe --tags) \
- && make CONFIG_NATIVE=${CONFIG_NATIVE}
+ && make CONFIG_NATIVE=${CONFIG_NATIVE} VARIANT=${VARIANT}


 ### Fetch nginx
@ -84,7 +95,7 @@ FROM base as nextcloud

 COPY --from=nginx /usr/sbin/nginx /usr/sbin/nginx
 COPY --from=nginx /etc/nginx /etc/nginx
-COPY --from=build-malloc /tmp/hardened_malloc/libhardened_malloc.so /usr/local/lib/
+COPY --from=build-malloc /tmp/hardened_malloc/out-light/libhardened_malloc-light.so /usr/local/lib/

 ARG NEXTCLOUD_VERSION
 ARG GPG_nextcloud="2880 6A87 8AE4 23A2 8372  792E D758 99B9 A724 937A"
@ -100,7 +111,7 @@ ENV UPLOAD_MAX_SIZE=10G \
    CRON_MEMORY_LIMIT=1g \
    DB_TYPE=sqlite3 \
    DOMAIN=localhost \
-    LD_PRELOAD="/usr/local/lib/libhardened_malloc.so /usr/lib/preloadable_libiconv.so"
+    LD_PRELOAD="/usr/local/lib/libhardened_malloc-light.so /usr/lib/preloadable_libiconv.so"

 RUN apk --no-cache add \
        gnupg \
--- a/README.md
+++ b/README.md
@ -4,7 +4,7 @@
 Nextcloud [official website](https://nextcloud.com/) and [source code](https://github.com/nextcloud).

 ## Why this image?
-This non-official image is intended as an **all-in-one** (as in monolithic) Nextcloud **production** image. If you're not sure you want this image, you should probably use [the official image](https://hub.docker.com/r/nextcloud).
+This non-official image is intended as an **all-in-one** (as in monolithic) Nextcloud **production** image. It is based on the [Wondefall/docker-nextcloud](https://github.com/Wonderfall/docker-nextcloud) image. If you're not sure you want this image, you should probably use [the official image](https://hub.docker.com/r/nextcloud).

 ## Security
 Don't run random images from random dudes on the Internet. Ideally, you want to maintain and build it yourself.
--- a/rootfs/etc/nginx/conf.d/default.conf
+++ b/rootfs/etc/nginx/conf.d/default.conf
@ -30,10 +30,10 @@ server {
            access_log off;
        }

-        location /.well-known {
-            location = /.well-known/carddav   { return 301 $nc_proto://$host:$nc_port/remote.php/dav; }
-            location = /.well-known/caldav    { return 301 $nc_proto://$host:$nc_port/remote.php/dav; }
-            location ^~ /.well-known          { return 301 $nc_proto://$host:$nc_port/index.php$uri; }
+        location ^~ /.well-known {
+            location = /.well-known/carddav   { return 301 $nc_proto://$host/remote.php/dav; }
+            location = /.well-known/caldav    { return 301 $nc_proto://$host/remote.php/dav; }
+            location ^~ /.well-known          { return 301 $nc_proto://$host/index.php$uri;  }
            try_files $uri $uri/ =404;
        }

--- a/rootfs/usr/local/bin/setup.sh
+++ b/rootfs/usr/local/bin/setup.sh
@ -55,6 +55,12 @@ cat >> /nextcloud/config/autoconfig.php <<EOF;
 ?>
 EOF

+until nc -z "${DB_HOST:-nextcloud-db}" "${DB_PORT:-3306}"
+do
+    echo "waiting for the database container..."
+    sleep 1
+done
+
 echo "Starting automatic configuration..."
 # Execute setup
 (cd /nextcloud; php index.php &>/dev/null)
Author	SHA1	Message	Date
hoellen	9cad43ff56	Update Nextcloud to 23.0.12	2022-12-08 15:28:45 +01:00
Jan Wagner	073ca00bf4	Update to 23.0.11	2022-11-03 18:35:38 +01:00
hoellen	234d6354e9	Update Nextcloud to 23.0.10	2022-10-06 14:53:11 +02:00
hoellen	acadfd905c	Update Nextcloud to 23.0.9	2022-09-09 09:50:10 +02:00
hoellen	f86b0b79d5	chore: update Nextcloud to 23.0.8	2022-08-12 08:17:21 +02:00
Jan Wagner	2bc7d31643	Update to 23.0.7	2022-07-19 19:02:39 +02:00
hoellen	b372cdb499	Update Nextcloud to 23.0.6	2022-06-20 23:32:01 +02:00
Jan Wagner	e0f31f7fd0	Update to 23.0.5	2022-05-20 13:17:56 +02:00
Jan Wagner	3e538254d1	Update to 23.0.4 (Closes: #13 )	2022-05-06 10:17:01 +02:00
hoellen	7b65f2fb60	Create branch for version 23	2022-05-05 07:25:30 +02:00
hoellen	feae76b13a	Update Nextcloud to 23.0.3	2022-03-21 23:25:42 +01:00
hoellen	51912688d2	Update Nextcloud to 23.0.2	2022-02-15 20:44:48 +01:00
hoellen	9fbe35460b	Update Nextcloud to 23.0.1	2022-01-27 21:07:18 +01:00
hoellen	bc89ff25ed	Update hardened_malloc to 11	2022-01-27 19:56:15 +01:00
Wonderfall	d3bfe95eb4	use light variant of hardened malloc Much lower memory usage, remains security-focused	2022-01-17 10:46:41 +01:00
hoellen	beab287fc4	Update hardened malloc to 10	2022-01-13 20:05:21 +01:00
Jan Wagner	b839ac7838	Use github.actor also for trivy step	2022-01-13 19:38:14 +01:00
Jan Wagner	9851eb52ee	waiting for the database container on setup	2022-01-13 19:35:53 +01:00
Jan Wagner	9b0a84a36f	Also use github.actor for the scan workfow	2021-12-08 21:25:40 +01:00
Jan Wagner	70560d7d48	Use github.actor to detect the username for ghcr.io upload	2021-12-08 21:25:35 +01:00
Jan Wagner	8b15621860	Adding back smb support to the image	2021-12-07 15:39:06 +01:00
hoellen	63ac90199c	Fix typo in workflow cron argument	2021-12-06 08:48:44 +01:00
hoellen	a0cd4f12c9	Update README	2021-12-06 08:31:48 +01:00
hoellen	ae37864108	Enable scan during build again and change trigger	2021-12-06 08:29:08 +01:00
hoellen	94d1a1f7c7	Update to Alpine 3.15	2021-12-05 21:34:06 +01:00
hoellen	0b59268aa8	Change .well-known regex	2021-12-05 21:32:08 +01:00
hoellen	11632128e4	Add imagick dependency	2021-12-05 21:02:36 +01:00
hoellen	6d3ff722dd	Update to Nextcloud 23	2021-12-04 10:26:48 +01:00
hoellen	d279197f16	Remove nc_port	2021-12-04 10:23:36 +01:00