hoellen/docker-nextcloud
1
0
Fork 0
mirror of https://github.com/hoellen/docker-nextcloud.git synced 2025-07-01 15:46:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: hoellen:version-30
Branches Tags
hoellen:master hoellen:version-30 hoellen:version-29 hoellen:version-28 hoellen:version-27 hoellen:version-26 hoellen:version-25 hoellen:version-24 hoellen:version-23 hoellen:version-22
..
compare: hoellen:version-27
Branches Tags
hoellen:master hoellen:version-30 hoellen:version-29 hoellen:version-28 hoellen:version-27 hoellen:version-26 hoellen:version-25 hoellen:version-24 hoellen:version-23 hoellen:version-22

9 Commits
version-30 ... version-27

Author SHA1 Message Date
Jan Wagner
266855c572 chore: update Nextcloud to 27.1.11 2024-06-25 15:04:29 +02:00
hoellen
ddc63fa70e chore: update Nextcloud to 27.1.10 2024-06-07 00:28:42 +02:00
Jan Wagner
208ed68fc3 chore: update Nextcloud to 27.1.9 2024-04-26 05:49:19 +02:00
hoellen
fe44206881 chore: update cosign 2024-03-29 15:42:18 +01:00
hoellen
6f10e62a16 chore: update Nextcloud to 27.1.8 2024-03-29 15:19:36 +01:00
Jan Wagner
d8fde6dc0a chore: update Nextcloud to 27.1.7 2024-03-02 05:01:49 +01:00
hoellen
adf43bb5bf chore: update Nextcloud to 27.1.6 2024-01-25 14:00:54 +01:00
hoellen
7422210f7c chore: adjust build pipeline for new version branch 2023-12-16 02:10:09 +01:00
Jan Wagner
0221fa4f33 chore: update Nextcloud to 27.1.5 2023-12-15 21:21:48 +01:00
8 changed files with 31 additions and 54 deletions
Expand all files Collapse all files

12
.github/workflows/build.yml vendored
View File

@ -3,9 +3,7 @@ name: build
on: on:
workflow_dispatch: workflow_dispatch:
push: push:
branches: branches: [ version-27 ]
- master
- version-*
schedule: schedule:
# Build the image regularly (each Friday) # Build the image regularly (each Friday)
- cron: '23 04 * * 5' - cron: '23 04 * * 5'
@ -29,11 +27,8 @@ jobs:
- name: Extract version for tags - name: Extract version for tags
run: | run: |
BRANCH="${GITHUB_REF#refs/heads/}" echo "FULL_VERSION=$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c6)" >> $GITHUB_ENV
VERSION=$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile) echo "MAJOR_VERSION=$(grep -oP '(?<=NEXTCLOUD_VERSION=).*' Dockerfile | head -c2)" >> $GITHUB_ENV
[ "$BRANCH" = "master" ] && echo "BRANCH_VERSION=latest" >> $GITHUB_ENV
echo "FULL_VERSION=${VERSION:0:7}" >> $GITHUB_ENV
echo "MAJOR_VERSION=${VERSION:0:2}" >> $GITHUB_ENV
- name: Install cosign - name: Install cosign
if: github.event_name != 'pull_request' if: github.event_name != 'pull_request'
@ -58,7 +53,6 @@ jobs:
with: with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: | tags: |
${{ env.BRANCH_VERSION }}
${{ env.FULL_VERSION }} ${{ env.FULL_VERSION }}
${{ env.MAJOR_VERSION }} ${{ env.MAJOR_VERSION }}

25
Dockerfile
View File

@ -1,29 +1,27 @@
# -------------- Build-time variables -------------- # -------------- Build-time variables --------------
ARG NEXTCLOUD_VERSION=30.0.12 ARG NEXTCLOUD_VERSION=27.1.11
ARG PHP_VERSION=8.3 ARG PHP_VERSION=8.2
ARG NGINX_VERSION=1.26 ARG NGINX_VERSION=1.24
ARG ALPINE_VERSION=3.21 ARG ALPINE_VERSION=3.18
ARG HARDENED_MALLOC_VERSION=11 ARG HARDENED_MALLOC_VERSION=11
ARG SNUFFLEUPAGUS_VERSION=0.10.0 ARG SNUFFLEUPAGUS_VERSION=0.10.0
ARG UID=1000 ARG UID=1000
ARG GID=1000 ARG GID=1000
# nextcloud-30.0.12.tar.bz2 # nextcloud-27.1.11.tar.bz2
ARG SHA256_SUM="9e19b25f42273d4361218426b4762a766bee408cfa6aa8219f8c27f72095a7a8" ARG SHA256_SUM="4edd2570f4c83442f8f0f0616fb774ed2663b11cf9f6ea49e795ab43aeef9645"
# Nextcloud Security <security@nextcloud.com> (D75899B9A724937A) # Nextcloud Security <security@nextcloud.com> (D75899B9A724937A)
ARG GPG_FINGERPRINT="2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A" ARG GPG_FINGERPRINT="2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A"
# --------------------------------------------------- # ---------------------------------------------------
### Build PHP base ### Build PHP base
FROM docker.io/library/php:${PHP_VERSION}-fpm-alpine${ALPINE_VERSION} as base FROM php:${PHP_VERSION}-fpm-alpine${ALPINE_VERSION} as base
ARG SNUFFLEUPAGUS_VERSION ARG SNUFFLEUPAGUS_VERSION
ENV IMAGICK_SHA 28f27044e435a2b203e32675e942eb8de620ee58
RUN apk -U upgrade \ RUN apk -U upgrade \
&& apk add -t build-deps \ && apk add -t build-deps \
$PHPIZE_DEPS \ $PHPIZE_DEPS \
@ -45,7 +43,6 @@ RUN apk -U upgrade \
gmp \ gmp \
icu \ icu \
libjpeg-turbo \ libjpeg-turbo \
librsvg \
libpq \ libpq \
libpq \ libpq \
libwebp \ libwebp \
@ -61,7 +58,6 @@ RUN apk -U upgrade \
bcmath \ bcmath \
exif \ exif \
gd \ gd \
bz2 \
intl \ intl \
ldap \ ldap \
opcache \ opcache \
@ -74,8 +70,7 @@ RUN apk -U upgrade \
&& pecl install smbclient \ && pecl install smbclient \
&& pecl install APCu \ && pecl install APCu \
&& pecl install redis \ && pecl install redis \
&& curl -L -o /tmp/imagick.tar.gz https://github.com/Imagick/imagick/archive/${IMAGICK_SHA}.tar.gz && tar --strip-components=1 -xf /tmp/imagick.tar.gz && phpize && ./configure && make && make install \ && pecl install imagick \
&& apk add --no-cache --virtual .imagick-runtime-deps imagemagick \
&& docker-php-ext-enable \ && docker-php-ext-enable \
smbclient \ smbclient \
redis \ redis \
@ -88,7 +83,7 @@ RUN apk -U upgrade \
### Build Hardened Malloc ### Build Hardened Malloc
ARG ALPINE_VERSION ARG ALPINE_VERSION
FROM docker.io/library/alpine:${ALPINE_VERSION} as build-malloc FROM alpine:${ALPINE_VERSION} as build-malloc
ARG HARDENED_MALLOC_VERSION ARG HARDENED_MALLOC_VERSION
ARG CONFIG_NATIVE=false ARG CONFIG_NATIVE=false
@ -102,7 +97,7 @@ RUN apk --no-cache add build-base git gnupg && cd /tmp \
### Fetch nginx ### Fetch nginx
FROM docker.io/library/nginx:${NGINX_VERSION}-alpine as nginx FROM nginx:${NGINX_VERSION}-alpine as nginx
### Build Nextcloud (production environemnt) ### Build Nextcloud (production environemnt)

4
README.md
View File

@ -58,8 +58,8 @@ Verifying the signature isn't a requirement, and might not be as seamless as usi
## Tags ## Tags
- `latest` : latest Nextcloud version - `latest` : latest Nextcloud version
- `x` : latest Nextcloud x.x (e.g. `30`) - `x` : latest Nextcloud x.x (e.g. `25`)
- `x.x.x` : Nextcloud x.x.x (e.g. `30.0.0`) - `x.x.x` : Nextcloud x.x.x (e.g. `25.0.0`)
You can always have a glance [here](https://github.com/users/hoellen/packages/container/package/nextcloud). You can always have a glance [here](https://github.com/users/hoellen/packages/container/package/nextcloud).
Only the **latest stable version** will be maintained by myself. Only the **latest stable version** will be maintained by myself.

10
SECURITY.md
View File

@ -7,18 +7,12 @@ and will receive the minor version updates and security patches.
| Version | Supported | | Version | Supported |
| ------- | ------------------ | | ------- | ------------------ |
| 30. x | :white_check_mark: | | 25. x | :white_check_mark: |
| 29. x | :white_check_mark: | | 24. x | :white_check_mark: |
| 28. x | :white_check_mark: |
| 27. x | :negative_squared_cross_mark: |
| 26. x | :negative_squared_cross_mark: |
| 25. x | :negative_squared_cross_mark: |
| 24. x | :negative_squared_cross_mark: |
| 23. x | :negative_squared_cross_mark: | | 23. x | :negative_squared_cross_mark: |
| 22. x | :negative_squared_cross_mark: | | 22. x | :negative_squared_cross_mark: |
Please update to the latest version available. Major migrations are always tested before being pushed. Please update to the latest version available. Major migrations are always tested before being pushed.
An up-to-date list of the currently maintained Nextcloud versions can also be found in the [Nextcloud Repository Wiki](https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule).
## Automated vulnerability scanning ## Automated vulnerability scanning

9
rootfs/etc/nginx/conf.d/default.conf
View File

@ -18,6 +18,7 @@ server {
add_header Referrer-Policy "no-referrer" always; add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always; add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always; add_header X-Robots-Tag "noindex, nofollow" always;
@ -30,8 +31,8 @@ server {
} }
location ^~ /.well-known { location ^~ /.well-known {
location = /.well-known/carddav { return 301 $nc_proto://$host/remote.php/dav/; } location = /.well-known/carddav { return 301 $nc_proto://$host/remote.php/dav; }
location = /.well-known/caldav { return 301 $nc_proto://$host/remote.php/dav/; } location = /.well-known/caldav { return 301 $nc_proto://$host/remote.php/dav; }
location ^~ /.well-known { return 301 $nc_proto://$host/index.php$uri; } location ^~ /.well-known { return 301 $nc_proto://$host/index.php$uri; }
try_files $uri $uri/ =404; try_files $uri $uri/ =404;
} }
@ -66,13 +67,13 @@ server {
index index.php; index index.php;
} }
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { location ~ \.(?:css|js|svg|gif|map)$ {
try_files $uri /index.php$uri$is_args$args; try_files $uri /index.php$uri$is_args$args;
expires 6M; expires 6M;
access_log off; access_log off;
} }
location ~ \.(otf|woff2)?$ { location ~ \.woff2?$ {
try_files $uri /index.php$uri$is_args$args; try_files $uri /index.php$uri$is_args$args;
expires 7d; expires 7d;
access_log off; access_log off;

5
rootfs/etc/nginx/nginx.conf
View File

@ -9,11 +9,6 @@ events {
http { http {
include /etc/nginx/mime.types; include /etc/nginx/mime.types;
# Add .mjs as a file extension for javascript
# https://github.com/nextcloud/server/pull/36057
types {
application/javascript mjs;
}
default_type application/octet-stream; default_type application/octet-stream;
access_log /nginx/logs/access.log combined; access_log /nginx/logs/access.log combined;

12
rootfs/usr/local/bin/run.sh
View File

@ -15,16 +15,6 @@ if [ "$PHP_HARDENING" == "true" ] && [ ! -f /usr/local/etc/php/conf.d/snuffleupa
cp /usr/local/etc/php/snuffleupagus/* /usr/local/etc/php/conf.d cp /usr/local/etc/php/snuffleupagus/* /usr/local/etc/php/conf.d
fi fi
# Check if database is available
if [ -n "${DB_TYPE}" ] && [ "${DB_TYPE}" != "sqlite3" ]; then
DB_PORT=${DB_PORT:-$( [ "${DB_TYPE}" = "pgsql" ] && echo 5432 || echo 3306 )}
until nc -z "${DB_HOST:-nextcloud-db}" "${DB_PORT}"
do
echo "waiting for the database container..."
sleep 1
done
fi
# If new install, run setup # If new install, run setup
if [ ! -f /nextcloud/config/config.php ]; then if [ ! -f /nextcloud/config/config.php ]; then
touch /nextcloud/config/CAN_INSTALL touch /nextcloud/config/CAN_INSTALL
@ -34,4 +24,4 @@ else
fi fi
# Run processes # Run processes
exec /usr/bin/s6-svscan /etc/s6.d exec /bin/s6-svscan /etc/s6.d

8
rootfs/usr/local/bin/setup.sh
View File

@ -55,6 +55,14 @@ cat >> /nextcloud/config/autoconfig.php <<EOF;
?> ?>
EOF EOF
if [ ${DB_TYPE} != "sqlite3" ]; then
until nc -z "${DB_HOST:-nextcloud-db}" "${DB_PORT:-3306}"
do
echo "waiting for the database container..."
sleep 1
done
fi
echo "Starting automatic configuration..." echo "Starting automatic configuration..."
# Execute setup # Execute setup
(cd /nextcloud; php index.php &>/dev/null) (cd /nextcloud; php index.php &>/dev/null)