nextcloud: organizing things

nextcloud/11.0/rootfs/nginx/sites-enabled/nginx.conf

@@ -1,76 +0,0 @@
-server {
-        listen 8888;
-        root /nextcloud;
-        
-        fastcgi_buffers 64 4K;
-        
-        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload";
-        add_header X-Frame-Options "SAMEORIGIN";
-        add_header X-Content-Type-Options nosniff;
-        add_header X-XSS-Protection "1; mode=block";
-        add_header X-Robots-Tag none;
-        add_header X-Download-Options noopen;
-        add_header X-Permitted-Cross-Domain-Policies none;
-
-        location = /robots.txt {
-            allow all;
-            log_not_found off;
-            access_log off;
-        }
-
-        location = /.well-known/carddav {
-            return 301 $scheme://$host/remote.php/dav;
-        }
-
-        location = /.well-known/caldav {
-            return 301 $scheme://$host/remote.php/dav;
-        }
-
-        location / {
-            rewrite ^ /index.php$uri;
-        }
-
-        location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
-            deny all;
-        }
-
-        location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
-            deny all;
-        }
-
-        location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
-            include /nginx/conf/fastcgi_params;
-            fastcgi_split_path_info ^(.+\.php)(/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            fastcgi_param PATH_INFO $fastcgi_path_info;
-            fastcgi_param modHeadersAvailable true;
-            fastcgi_param front_controller_active true;
-            fastcgi_pass unix:/php/run/php-fpm.sock;
-            fastcgi_intercept_errors on;
-            fastcgi_request_buffering off;
-            fastcgi_read_timeout 1200;
-        }
-
-        location ~ ^/(?:updater|ocs-provider)(?:$|/) {
-            try_files $uri/ =404;
-            index index.php;
-        }
-
-        location ~* \.(?:css|js)$ {
-            try_files $uri /index.php$uri$is_args$args;
-            add_header Cache-Control "public, max-age=7200";
-            add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
-            add_header X-Frame-Options "SAMEORIGIN";
-            add_header X-Content-Type-Options nosniff;
-            add_header X-XSS-Protection "1; mode=block";
-            add_header X-Robots-Tag none;
-            add_header X-Download-Options noopen;
-            add_header X-Permitted-Cross-Domain-Policies none;
-            access_log off;
-        }
-
-        location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
-            try_files $uri /index.php$uri$is_args$args;
-            access_log off;
-        }
-}

nextcloud/11.0/rootfs/usr/local/bin/run.sh

@@ -1,47 +0,0 @@
-#!/bin/sh
-
-sed -i -e "s/<APC_SHM_SIZE>/$APC_SHM_SIZE/g" /php/conf.d/apcu.ini \
-       -e "s/<OPCACHE_MEM_SIZE>/$OPCACHE_MEM_SIZE/g" /php/conf.d/opcache.ini \
-       -e "s/<CRON_MEMORY_LIMIT>/$CRON_MEMORY_LIMIT/g" /etc/s6.d/cron/run \
-       -e "s/<CRON_PERIOD>/$CRON_PERIOD/g" /etc/s6.d/cron/run \
-       -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /usr/local/bin/occ \
-       -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \
-       -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /php/etc/php-fpm.conf
-
-# Put the configuration and apps into volumes
-ln -sf /config/config.php /nextcloud/config/config.php &>/dev/null
-ln -sf /apps2 /nextcloud &>/dev/null
-
-# Create folder for php sessions if not exists
-if [ ! -d /data/session ]; then
-  mkdir -p /data/session;
-fi
-
-echo "Updating permissions..."
-for dir in /nextcloud /data /config /apps2 /var/log /php /nginx /tmp /etc/s6.d; do
-  if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then
-    echo "Updating permissions in $dir..."
-    chown -R $UID:$GID $dir
-  else
-    echo "Permissions in $dir are correct."
-  fi
-done
-echo "Done updating permissions."
-
-if [ ! -f /config/config.php ]; then
-    # New installation, run the setup
-    /usr/local/bin/setup.sh
-else
-  if [ $(occ | head -n 1 | grep -ic "Nextcloud version.*") == "1" ] ; then
-    occ upgrade
-    if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then
-        echo "Trying Nextcloud upgrade again to work around Nextcloud upgrade bug..."
-        occ upgrade
-        if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then exit 1; fi
-        occ maintenance:mode --off
-        echo "...which seemed to work."
-    fi
-  fi
-fi
-
-exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d

nextcloud/12.0/rootfs/etc/s6.d/.s6-svscan/finish

@@ -1,3 +0,0 @@
-#!/bin/sh
-
-exit 0

nextcloud/12.0/rootfs/etc/s6.d/cron/run

@@ -1,6 +0,0 @@
-#!/bin/sh
-
-while true; do
-  php -d memory_limit=<CRON_MEMORY_LIMIT> -f /nextcloud/cron.php
-  sleep <CRON_PERIOD>
-done

nextcloud/12.0/rootfs/php/conf.d/apcu.ini

@@ -1,4 +0,0 @@
-extension=apcu.so
-apc.enabled=1
-apc.shm_size=<APC_SHM_SIZE>
-apc.ttl=7200

nextcloud/12.0/rootfs/php/conf.d/opcache.ini

@@ -1,8 +0,0 @@
-zend_extension=opcache.so
-opcache.enable=1
-opcache.enable_cli=1
-opcache.fast_shutdown=1
-opcache.memory_consumption=<OPCACHE_MEM_SIZE>
-opcache.interned_strings_buffer=16
-opcache.max_accelerated_files=10000
-opcache.revalidate_freq=60

nextcloud/12.0/rootfs/usr/local/bin/occ

@@ -1,2 +0,0 @@
-#!/bin/sh
-su-exec $UID:$GID php -d memory_limit=<MEMORY_LIMIT> -f /nextcloud/occ $@

nextcloud/12.0/rootfs/usr/local/bin/setup.sh

@@ -1,109 +0,0 @@
-#!/bin/sh
-# Nextcloud
-##########################
-
-#source setup/functions.sh # load our functions
-#source /etc/mailinabox.conf # load global vars
-CONFIGFILE=/config/config.php
-
-
-# Create an initial configuration file.
-instanceid=oc$(echo $PRIMARY_HOSTNAME | sha1sum | fold -w 10 | head -n 1)
-cat > $CONFIGFILE <<EOF;
-<?php
-\$CONFIG = array (
-  'datadirectory' => '/data',
-
-  "apps_paths" => array (
-      0 => array (
-              "path"     => "/nextcloud/apps",
-              "url"      => "/apps",
-              "writable" => false,
-      ),
-      1 => array (
-              "path"     => "/apps2",
-              "url"      => "/apps2",
-              "writable" => true,
-      ),
-  ),
-
-  'memcache.local' => '\OC\Memcache\APCu',
-
-  'instanceid' => '$instanceid',
-);
-?>
-EOF
-
-# Create an auto-configuration file to fill in database settings
-# when the install script is run. Make an administrator account
-# here or else the install can't finish.
-adminpassword=$(dd if=/dev/urandom bs=1 count=40 2>/dev/null | sha1sum | fold -w 30 | head -n 1)
-cat > /nextcloud/config/autoconfig.php <<EOF;
-<?php
-\$AUTOCONFIG = array (
-  # storage/database
-  'directory'     => '/data',
-  'dbtype'        => '${DB_TYPE:-sqlite3}',
-  'dbname'        => '${DB_NAME:-nextcloud}',
-  'dbuser'        => '${DB_USER:-nextcloud}',
-  'dbpass'        => '${DB_PASSWORD:-password}',
-  'dbhost'        => '${DB_HOST:-nextcloud-db}',
-  'dbtableprefix' => 'oc_',
-EOF
-if [[ ! -z "$ADMIN_USER"  ]]; then
-  cat >> /nextcloud/config/autoconfig.php <<EOF;
-  # create an administrator account with a random password so that
-  # the user does not have to enter anything on first load of ownCloud
-  'adminlogin'    => '${ADMIN_USER}',
-  'adminpass'     => '${ADMIN_PASSWORD}',
-EOF
-fi
-cat >> /nextcloud/config/autoconfig.php <<EOF;
-);
-?>
-EOF
-
-echo "Starting automatic configuration..."
-# Execute ownCloud's setup step, which creates the ownCloud database.
-# It also wipes it if it exists. And it updates config.php with database
-# settings and deletes the autoconfig.php file.
-(cd /nextcloud; php index.php &>/dev/null)
-echo "Automatic configuration finished."
-
-# Update config.php.
-# * trusted_domains is reset to localhost by autoconfig starting with ownCloud 8.1.1,
-#   so set it here. It also can change if the box's PRIMARY_HOSTNAME changes, so
-#   this will make sure it has the right value.
-# * Some settings weren't included in previous versions of Mail-in-a-Box.
-# * We need to set the timezone to the system timezone to allow fail2ban to ban
-#   users within the proper timeframe
-# * We need to set the logdateformat to something that will work correctly with fail2ban
-# Use PHP to read the settings file, modify it, and write out the new settings array.
-
-CONFIG_TEMP=$(/bin/mktemp)
-php <<EOF > $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE
-<?php
-include("/config/config.php");
-
-//\$CONFIG['memcache.local'] = '\\OC\\Memcache\\Memcached';
-\$CONFIG['mail_from_address'] = 'administrator'; # just the local part, matches our master administrator address
-
-\$CONFIG['logtimezone'] = '$TZ';
-\$CONFIG['logdateformat'] = 'Y-m-d H:i:s';
-
-echo "<?php\n\\\$CONFIG = ";
-var_export(\$CONFIG);
-echo ";";
-?>
-EOF
-
-sed -i "s/localhost/$DOMAIN/g" /config/config.php
-
-chown -R $UID:$GID /config /data
-# Enable/disable apps. Note that this must be done after the ownCloud setup.
-# The firstrunwizard gave Josh all sorts of problems, so disabling that.
-# user_external is what allows ownCloud to use IMAP for login. The contacts
-# and calendar apps are the extensions we really care about here.
-if [[ ! -z "$ADMIN_USER"  ]]; then
-  occ app:disable firstrunwizard
-fi

nextcloud/Dockerfile.11.0

@@ -1,6 +1,6 @@
 FROM wonderfall/nginx-php:7.1
 
-ARG NEXTCLOUD_VERSION=11.0.3
+ARG NEXTCLOUD_VERSION=11.0.4
 ARG GPG_nextcloud="2880 6A87 8AE4 23A2 8372  792E D758 99B9 A724 937A"
 
 ENV UID=991 GID=991 \

nextcloud/daily/rootfs/etc/s6.d/.s6-svscan/finish

@@ -1,3 +0,0 @@
-#!/bin/sh
-
-exit 0

nextcloud/daily/rootfs/etc/s6.d/cron/run

@@ -1,6 +0,0 @@
-#!/bin/sh
-
-while true; do
-  php -d memory_limit=<CRON_MEMORY_LIMIT> -f /nextcloud/cron.php
-  sleep <CRON_PERIOD>
-done

nextcloud/daily/rootfs/nginx/sites-enabled/nginx.conf

@@ -1,76 +0,0 @@
-server {
-        listen 8888;
-        root /nextcloud;
-        
-        fastcgi_buffers 64 4K;
-        
-        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload";
-        add_header X-Frame-Options "SAMEORIGIN";
-        add_header X-Content-Type-Options nosniff;
-        add_header X-XSS-Protection "1; mode=block";
-        add_header X-Robots-Tag none;
-        add_header X-Download-Options noopen;
-        add_header X-Permitted-Cross-Domain-Policies none;
-
-        location = /robots.txt {
-            allow all;
-            log_not_found off;
-            access_log off;
-        }
-
-        location = /.well-known/carddav {
-            return 301 $scheme://$host/remote.php/dav;
-        }
-
-        location = /.well-known/caldav {
-            return 301 $scheme://$host/remote.php/dav;
-        }
-
-        location / {
-            rewrite ^ /index.php$uri;
-        }
-
-        location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
-            deny all;
-        }
-
-        location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
-            deny all;
-        }
-
-        location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
-            include /nginx/conf/fastcgi_params;
-            fastcgi_split_path_info ^(.+\.php)(/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            fastcgi_param PATH_INFO $fastcgi_path_info;
-            fastcgi_param modHeadersAvailable true;
-            fastcgi_param front_controller_active true;
-            fastcgi_pass unix:/php/run/php-fpm.sock;
-            fastcgi_intercept_errors on;
-            fastcgi_request_buffering off;
-            fastcgi_read_timeout 1200;
-        }
-
-        location ~ ^/(?:updater|ocs-provider)(?:$|/) {
-            try_files $uri/ =404;
-            index index.php;
-        }
-
-        location ~* \.(?:css|js)$ {
-            try_files $uri /index.php$uri$is_args$args;
-            add_header Cache-Control "public, max-age=7200";
-            add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
-            add_header X-Frame-Options "SAMEORIGIN";
-            add_header X-Content-Type-Options nosniff;
-            add_header X-XSS-Protection "1; mode=block";
-            add_header X-Robots-Tag none;
-            add_header X-Download-Options noopen;
-            add_header X-Permitted-Cross-Domain-Policies none;
-            access_log off;
-        }
-
-        location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
-            try_files $uri /index.php$uri$is_args$args;
-            access_log off;
-        }
-}

nextcloud/daily/rootfs/php/conf.d/apcu.ini

@@ -1,4 +0,0 @@
-extension=apcu.so
-apc.enabled=1
-apc.shm_size=<APC_SHM_SIZE>
-apc.ttl=7200

nextcloud/daily/rootfs/php/conf.d/opcache.ini

@@ -1,8 +0,0 @@
-zend_extension=opcache.so
-opcache.enable=1
-opcache.enable_cli=1
-opcache.fast_shutdown=1
-opcache.memory_consumption=<OPCACHE_MEM_SIZE>
-opcache.interned_strings_buffer=16
-opcache.max_accelerated_files=10000
-opcache.revalidate_freq=60

nextcloud/daily/rootfs/usr/local/bin/occ

@@ -1,2 +0,0 @@
-#!/bin/sh
-su-exec $UID:$GID php -d memory_limit=<MEMORY_LIMIT> -f /nextcloud/occ $@

nextcloud/daily/rootfs/usr/local/bin/run.sh

@@ -1,47 +0,0 @@
-#!/bin/sh
-
-sed -i -e "s/<APC_SHM_SIZE>/$APC_SHM_SIZE/g" /php/conf.d/apcu.ini \
-       -e "s/<OPCACHE_MEM_SIZE>/$OPCACHE_MEM_SIZE/g" /php/conf.d/opcache.ini \
-       -e "s/<CRON_MEMORY_LIMIT>/$CRON_MEMORY_LIMIT/g" /etc/s6.d/cron/run \
-       -e "s/<CRON_PERIOD>/$CRON_PERIOD/g" /etc/s6.d/cron/run \
-       -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /usr/local/bin/occ \
-       -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \
-       -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /php/etc/php-fpm.conf
-
-# Put the configuration and apps into volumes
-ln -sf /config/config.php /nextcloud/config/config.php &>/dev/null
-ln -sf /apps2 /nextcloud &>/dev/null
-
-# Create folder for php sessions if not exists
-if [ ! -d /data/session ]; then
-  mkdir -p /data/session;
-fi
-
-echo "Updating permissions..."
-for dir in /nextcloud /data /config /apps2 /var/log /php /nginx /tmp /etc/s6.d; do
-  if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then
-    echo "Updating permissions in $dir..."
-    chown -R $UID:$GID $dir
-  else
-    echo "Permissions in $dir are correct."
-  fi
-done
-echo "Done updating permissions."
-
-if [ ! -f /config/config.php ]; then
-    # New installation, run the setup
-    /usr/local/bin/setup.sh
-else
-  if [ $(occ | head -n 1 | grep -ic "Nextcloud version.*") == "1" ] ; then
-    occ upgrade
-    if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then
-        echo "Trying Nextcloud upgrade again to work around Nextcloud upgrade bug..."
-        occ upgrade
-        if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then exit 1; fi
-        occ maintenance:mode --off
-        echo "...which seemed to work."
-    fi
-  fi
-fi
-
-exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d

nextcloud/daily/rootfs/usr/local/bin/setup.sh

@@ -1,109 +0,0 @@
-#!/bin/sh
-# Nextcloud
-##########################
-
-#source setup/functions.sh # load our functions
-#source /etc/mailinabox.conf # load global vars
-CONFIGFILE=/config/config.php
-
-
-# Create an initial configuration file.
-instanceid=oc$(echo $PRIMARY_HOSTNAME | sha1sum | fold -w 10 | head -n 1)
-cat > $CONFIGFILE <<EOF;
-<?php
-\$CONFIG = array (
-  'datadirectory' => '/data',
-
-  "apps_paths" => array (
-      0 => array (
-              "path"     => "/nextcloud/apps",
-              "url"      => "/apps",
-              "writable" => false,
-      ),
-      1 => array (
-              "path"     => "/apps2",
-              "url"      => "/apps2",
-              "writable" => true,
-      ),
-  ),
-
-  'memcache.local' => '\OC\Memcache\APCu',
-
-  'instanceid' => '$instanceid',
-);
-?>
-EOF
-
-# Create an auto-configuration file to fill in database settings
-# when the install script is run. Make an administrator account
-# here or else the install can't finish.
-adminpassword=$(dd if=/dev/urandom bs=1 count=40 2>/dev/null | sha1sum | fold -w 30 | head -n 1)
-cat > /nextcloud/config/autoconfig.php <<EOF;
-<?php
-\$AUTOCONFIG = array (
-  # storage/database
-  'directory'     => '/data',
-  'dbtype'        => '${DB_TYPE:-sqlite3}',
-  'dbname'        => '${DB_NAME:-nextcloud}',
-  'dbuser'        => '${DB_USER:-nextcloud}',
-  'dbpass'        => '${DB_PASSWORD:-password}',
-  'dbhost'        => '${DB_HOST:-nextcloud-db}',
-  'dbtableprefix' => 'oc_',
-EOF
-if [[ ! -z "$ADMIN_USER"  ]]; then
-  cat >> /nextcloud/config/autoconfig.php <<EOF;
-  # create an administrator account with a random password so that
-  # the user does not have to enter anything on first load of ownCloud
-  'adminlogin'    => '${ADMIN_USER}',
-  'adminpass'     => '${ADMIN_PASSWORD}',
-EOF
-fi
-cat >> /nextcloud/config/autoconfig.php <<EOF;
-);
-?>
-EOF
-
-echo "Starting automatic configuration..."
-# Execute ownCloud's setup step, which creates the ownCloud database.
-# It also wipes it if it exists. And it updates config.php with database
-# settings and deletes the autoconfig.php file.
-(cd /nextcloud; php index.php &>/dev/null)
-echo "Automatic configuration finished."
-
-# Update config.php.
-# * trusted_domains is reset to localhost by autoconfig starting with ownCloud 8.1.1,
-#   so set it here. It also can change if the box's PRIMARY_HOSTNAME changes, so
-#   this will make sure it has the right value.
-# * Some settings weren't included in previous versions of Mail-in-a-Box.
-# * We need to set the timezone to the system timezone to allow fail2ban to ban
-#   users within the proper timeframe
-# * We need to set the logdateformat to something that will work correctly with fail2ban
-# Use PHP to read the settings file, modify it, and write out the new settings array.
-
-CONFIG_TEMP=$(/bin/mktemp)
-php <<EOF > $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE
-<?php
-include("/config/config.php");
-
-//\$CONFIG['memcache.local'] = '\\OC\\Memcache\\Memcached';
-\$CONFIG['mail_from_address'] = 'administrator'; # just the local part, matches our master administrator address
-
-\$CONFIG['logtimezone'] = '$TZ';
-\$CONFIG['logdateformat'] = 'Y-m-d H:i:s';
-
-echo "<?php\n\\\$CONFIG = ";
-var_export(\$CONFIG);
-echo ";";
-?>
-EOF
-
-sed -i "s/localhost/$DOMAIN/g" /config/config.php
-
-chown -R $UID:$GID /config /data
-# Enable/disable apps. Note that this must be done after the ownCloud setup.
-# The firstrunwizard gave Josh all sorts of problems, so disabling that.
-# user_external is what allows ownCloud to use IMAP for login. The contacts
-# and calendar apps are the extensions we really care about here.
-if [[ ! -z "$ADMIN_USER"  ]]; then
-  occ app:disable firstrunwizard
-fi