From 93189b1d0c0a8543319a23c1ea26160ea8c79f7c Mon Sep 17 00:00:00 2001
From: Wonderfall <wonderfall@schrodinger.io>
Date: Sat, 29 Apr 2017 01:24:54 +0200
Subject: [PATCH] nextcloud: use nginx-php as underlying image
---
nextcloud/11.0/Dockerfile | 68 ++---------------
nextcloud/11.0/occ | 2 -
nextcloud/11.0/php-fpm.conf | 19 -----
.../{ => rootfs/etc}/s6.d/.s6-svscan/finish | 0
nextcloud/11.0/rootfs/etc/s6.d/cron/run | 6 ++
.../rootfs/nginx/sites-enabled/nginx.conf | 76 +++++++++++++++++++
.../11.0/{ => rootfs/php/conf.d}/apcu.ini | 0
.../11.0/{ => rootfs/php/conf.d}/opcache.ini | 0
nextcloud/11.0/rootfs/usr/local/bin/occ | 2 +
.../rootfs/usr/local/bin}/run.sh | 14 ++--
.../11.0/{ => rootfs/usr/local/bin}/setup.sh | 4 +-
nextcloud/11.0/s6.d/cron/run | 6 --
nextcloud/11.0/s6.d/nginx/run | 2 -
nextcloud/11.0/s6.d/php/run | 2 -
nextcloud/daily/Dockerfile | 76 +++----------------
nextcloud/daily/occ | 2 -
nextcloud/daily/php-fpm.conf | 19 -----
.../{ => rootfs/etc}/s6.d/.s6-svscan/finish | 0
nextcloud/daily/rootfs/etc/s6.d/cron/run | 6 ++
.../rootfs/nginx/sites-enabled/nginx.conf | 76 +++++++++++++++++++
.../daily/{ => rootfs/php/conf.d}/apcu.ini | 0
.../daily/{ => rootfs/php/conf.d}/opcache.ini | 0
nextcloud/daily/rootfs/usr/local/bin/occ | 2 +
.../rootfs/usr/local/bin}/run.sh | 14 ++--
.../daily/{ => rootfs/usr/local/bin}/setup.sh | 4 +-
nextcloud/daily/s6.d/cron/run | 6 --
nextcloud/daily/s6.d/nginx/run | 2 -
nextcloud/daily/s6.d/php/run | 2 -
28 files changed, 202 insertions(+), 208 deletions(-)
delete mode 100644 nextcloud/11.0/occ
delete mode 100644 nextcloud/11.0/php-fpm.conf
rename nextcloud/11.0/{ => rootfs/etc}/s6.d/.s6-svscan/finish (100%)
create mode 100644 nextcloud/11.0/rootfs/etc/s6.d/cron/run
create mode 100644 nextcloud/11.0/rootfs/nginx/sites-enabled/nginx.conf
rename nextcloud/11.0/{ => rootfs/php/conf.d}/apcu.ini (100%)
rename nextcloud/11.0/{ => rootfs/php/conf.d}/opcache.ini (100%)
create mode 100644 nextcloud/11.0/rootfs/usr/local/bin/occ
rename nextcloud/{daily => 11.0/rootfs/usr/local/bin}/run.sh (70%)
rename nextcloud/11.0/{ => rootfs/usr/local/bin}/setup.sh (97%)
delete mode 100644 nextcloud/11.0/s6.d/cron/run
delete mode 100644 nextcloud/11.0/s6.d/nginx/run
delete mode 100644 nextcloud/11.0/s6.d/php/run
delete mode 100644 nextcloud/daily/occ
delete mode 100644 nextcloud/daily/php-fpm.conf
rename nextcloud/daily/{ => rootfs/etc}/s6.d/.s6-svscan/finish (100%)
create mode 100644 nextcloud/daily/rootfs/etc/s6.d/cron/run
create mode 100644 nextcloud/daily/rootfs/nginx/sites-enabled/nginx.conf
rename nextcloud/daily/{ => rootfs/php/conf.d}/apcu.ini (100%)
rename nextcloud/daily/{ => rootfs/php/conf.d}/opcache.ini (100%)
create mode 100644 nextcloud/daily/rootfs/usr/local/bin/occ
rename nextcloud/{11.0 => daily/rootfs/usr/local/bin}/run.sh (70%)
rename nextcloud/daily/{ => rootfs/usr/local/bin}/setup.sh (97%)
delete mode 100644 nextcloud/daily/s6.d/cron/run
delete mode 100644 nextcloud/daily/s6.d/nginx/run
delete mode 100644 nextcloud/daily/s6.d/php/run
diff --git a/nextcloud/11.0/Dockerfile b/nextcloud/11.0/Dockerfile
index c2440e5..f4e7fee 100644
--- a/nextcloud/11.0/Dockerfile
+++ b/nextcloud/11.0/Dockerfile
@@ -1,8 +1,6 @@
-FROM alpine:3.5
+FROM wonderfall/nginx-php
ARG NEXTCLOUD_VERSION=11.0.3
-ARG GNU_LIBICONV_VERSION=1.15
-ARG PHP_SOURCES_VERSION=7.0.18
ARG GPG_nextcloud="2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A"
ENV UID=991 GID=991 \
@@ -27,60 +25,15 @@ RUN BUILD_DEPS=" \
samba-dev" \
&& apk -U upgrade && apk add \
${BUILD_DEPS} \
- nginx \
- s6 \
libressl \
ca-certificates \
libsmbclient \
- samba-client \
- su-exec \
tzdata \
- php7 \
- php7-fpm \
- php7-intl \
- php7-mbstring \
- php7-curl \
- php7-gd \
- php7-mcrypt \
- php7-opcache \
- php7-json \
- php7-session \
- php7-pdo \
- php7-dom \
- php7-ctype \
- php7-mysqlnd \
- php7-pdo_mysql \
- php7-pdo_pgsql \
- php7-pgsql \
- php7-pdo_sqlite \
- php7-sqlite3 \
- php7-zlib \
- php7-zip \
- php7-xmlreader \
- php7-xml \
- php7-posix \
- php7-openssl \
- php7-ldap \
- php7-imap \
- php7-ftp \
- php7-pcntl \
- php7-exif \
- php7-pear \
- php7-dev \
- && sed -i "$ s|\-n||g" /usr/bin/pecl && pecl install smbclient apcu redis \
- && cd /tmp && wget -q http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${GNU_LIBICONV_VERSION}.tar.gz \
- && tar xzf libiconv-${GNU_LIBICONV_VERSION}.tar.gz && cd libiconv-${GNU_LIBICONV_VERSION} \
- && ./configure --prefix=/usr/local \
- && make && make install && libtool --finish /usr/local/lib && cd /tmp \
- && wget -q http://ch1.php.net/get/php-${PHP_SOURCES_VERSION}.tar.gz/from/this/mirror -O php7.tar.gz \
- && tar xzf php7.tar.gz && cd /tmp/php-${PHP_SOURCES_VERSION}/ext/iconv && phpize7 \
- && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7 \
- && make && cp modules/iconv.so /usr/lib/php7/modules && cd /tmp \
- && echo "extension=iconv.so" > /etc/php7/conf.d/00_iconv.ini \
- && echo "extension=smbclient.so" > /etc/php7/conf.d/00_smbclient.ini \
- && echo "extension=redis.so" > /etc/php7/conf.d/redis.ini \
- && sed -i 's|;session.save_path = "/tmp"|session.save_path = "/data/session"|g' /etc/php7/php.ini \
+ && pecl install smbclient apcu redis \
+ && echo "extension=smbclient.so" > /php/conf.d/smbclient.ini \
+ && echo "extension=redis.so" > /php/conf.d/redis.ini \
&& mkdir /nextcloud \
+ && cd /tmp \
&& NEXTCLOUD_TARBALL="nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \
&& wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL} \
&& wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL}.sha512 \
@@ -96,17 +49,10 @@ RUN BUILD_DEPS=" \
&& if [ "${FINGERPRINT}" != "${GPG_nextcloud}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \
&& echo "All seems good, now unpacking ${NEXTCLOUD_TARBALL}..." \
&& tar xjf ${NEXTCLOUD_TARBALL} --strip 1 -C /nextcloud \
- && apk del ${BUILD_DEPS} php7-pear php7-dev \
+ && apk del ${BUILD_DEPS} \
&& rm -rf /var/cache/apk/* /tmp/* /root/.gnupg
-COPY nginx.conf /etc/nginx/nginx.conf
-COPY php-fpm.conf /etc/php7/php-fpm.conf
-COPY opcache.ini /etc/php7/conf.d/00_opcache.ini
-COPY apcu.ini /etc/php7/conf.d/apcu.ini
-COPY run.sh /usr/local/bin/run.sh
-COPY setup.sh /usr/local/bin/setup.sh
-COPY occ /usr/local/bin/occ
-COPY s6.d /etc/s6.d
+COPY rootfs /
RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
diff --git a/nextcloud/11.0/occ b/nextcloud/11.0/occ
deleted file mode 100644
index bffa67a..0000000
--- a/nextcloud/11.0/occ
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-su-exec $UID:$GID php7 -d memory_limit=<MEMORY_LIMIT> -f /nextcloud/occ $@
diff --git a/nextcloud/11.0/php-fpm.conf b/nextcloud/11.0/php-fpm.conf
deleted file mode 100644
index c30057b..0000000
--- a/nextcloud/11.0/php-fpm.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-[global]
-daemonize = no
-
-[www]
-listen = /tmp/php-fpm.sock
-pm = dynamic
-pm.max_children = 15
-pm.start_servers = 2
-pm.min_spare_servers = 1
-pm.max_spare_servers = 6
-chdir = /
-request_terminate_timeout = 0
-env[PATH] = /usr/local/bin:/usr/bin:/bin
-php_admin_value[post_max_size] = <UPLOAD_MAX_SIZE>
-php_admin_value[upload_max_filesize] = <UPLOAD_MAX_SIZE>
-php_admin_value[max_execution_time] = 10800
-php_admin_value[max_input_time] = 3600
-php_admin_value[expose_php] = Off
-php_admin_value[memory_limit] = <MEMORY_LIMIT>
diff --git a/nextcloud/11.0/s6.d/.s6-svscan/finish b/nextcloud/11.0/rootfs/etc/s6.d/.s6-svscan/finish
similarity index 100%
rename from nextcloud/11.0/s6.d/.s6-svscan/finish
rename to nextcloud/11.0/rootfs/etc/s6.d/.s6-svscan/finish
diff --git a/nextcloud/11.0/rootfs/etc/s6.d/cron/run b/nextcloud/11.0/rootfs/etc/s6.d/cron/run
new file mode 100644
index 0000000..2a3346b
--- /dev/null
+++ b/nextcloud/11.0/rootfs/etc/s6.d/cron/run
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+while true; do
+ php -d memory_limit=<CRON_MEMORY_LIMIT> -f /nextcloud/cron.php
+ sleep <CRON_PERIOD>
+done
diff --git a/nextcloud/11.0/rootfs/nginx/sites-enabled/nginx.conf b/nextcloud/11.0/rootfs/nginx/sites-enabled/nginx.conf
new file mode 100644
index 0000000..6c07899
--- /dev/null
+++ b/nextcloud/11.0/rootfs/nginx/sites-enabled/nginx.conf
@@ -0,0 +1,76 @@
+server {
+ listen 8888;
+ root /nextcloud;
+
+ fastcgi_buffers 64 4K;
+
+ add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload";
+ add_header X-Frame-Options "SAMEORIGIN";
+ add_header X-Content-Type-Options nosniff;
+ add_header X-XSS-Protection "1; mode=block";
+ add_header X-Robots-Tag none;
+ add_header X-Download-Options noopen;
+ add_header X-Permitted-Cross-Domain-Policies none;
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /.well-known/carddav {
+ return 301 $scheme://$host/remote.php/dav;
+ }
+
+ location = /.well-known/caldav {
+ return 301 $scheme://$host/remote.php/dav;
+ }
+
+ location / {
+ rewrite ^ /index.php$uri;
+ }
+
+ location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
+ deny all;
+ }
+
+ location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
+ deny all;
+ }
+
+ location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
+ include /nginx/conf/fastcgi_params;
+ fastcgi_split_path_info ^(.+\.php)(/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param modHeadersAvailable true;
+ fastcgi_param front_controller_active true;
+ fastcgi_pass unix:/php/run/php-fpm.sock;
+ fastcgi_intercept_errors on;
+ fastcgi_request_buffering off;
+ fastcgi_read_timeout 1200;
+ }
+
+ location ~ ^/(?:updater|ocs-provider)(?:$|/) {
+ try_files $uri/ =404;
+ index index.php;
+ }
+
+ location ~* \.(?:css|js)$ {
+ try_files $uri /index.php$uri$is_args$args;
+ add_header Cache-Control "public, max-age=7200";
+ add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
+ add_header X-Frame-Options "SAMEORIGIN";
+ add_header X-Content-Type-Options nosniff;
+ add_header X-XSS-Protection "1; mode=block";
+ add_header X-Robots-Tag none;
+ add_header X-Download-Options noopen;
+ add_header X-Permitted-Cross-Domain-Policies none;
+ access_log off;
+ }
+
+ location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
+ try_files $uri /index.php$uri$is_args$args;
+ access_log off;
+ }
+}
diff --git a/nextcloud/11.0/apcu.ini b/nextcloud/11.0/rootfs/php/conf.d/apcu.ini
similarity index 100%
rename from nextcloud/11.0/apcu.ini
rename to nextcloud/11.0/rootfs/php/conf.d/apcu.ini
diff --git a/nextcloud/11.0/opcache.ini b/nextcloud/11.0/rootfs/php/conf.d/opcache.ini
similarity index 100%
rename from nextcloud/11.0/opcache.ini
rename to nextcloud/11.0/rootfs/php/conf.d/opcache.ini
diff --git a/nextcloud/11.0/rootfs/usr/local/bin/occ b/nextcloud/11.0/rootfs/usr/local/bin/occ
new file mode 100644
index 0000000..3525d30
--- /dev/null
+++ b/nextcloud/11.0/rootfs/usr/local/bin/occ
@@ -0,0 +1,2 @@
+#!/bin/sh
+su-exec $UID:$GID php -d memory_limit=<MEMORY_LIMIT> -f /nextcloud/occ $@
diff --git a/nextcloud/daily/run.sh b/nextcloud/11.0/rootfs/usr/local/bin/run.sh
similarity index 70%
rename from nextcloud/daily/run.sh
rename to nextcloud/11.0/rootfs/usr/local/bin/run.sh
index db851d8..6c64503 100644
--- a/nextcloud/daily/run.sh
+++ b/nextcloud/11.0/rootfs/usr/local/bin/run.sh
@@ -1,12 +1,12 @@
#!/bin/sh
-sed -i -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7/php-fpm.conf \
- -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /etc/php7/php-fpm.conf \
- -e "s/<APC_SHM_SIZE>/$APC_SHM_SIZE/g" /etc/php7/conf.d/apcu.ini \
- -e "s/<OPCACHE_MEM_SIZE>/$OPCACHE_MEM_SIZE/g" /etc/php7/conf.d/00_opcache.ini \
+sed -i -e "s/<APC_SHM_SIZE>/$APC_SHM_SIZE/g" /php/conf.d/apcu.ini \
+ -e "s/<OPCACHE_MEM_SIZE>/$OPCACHE_MEM_SIZE/g" /php/conf.d/opcache.ini \
-e "s/<CRON_MEMORY_LIMIT>/$CRON_MEMORY_LIMIT/g" /etc/s6.d/cron/run \
-e "s/<CRON_PERIOD>/$CRON_PERIOD/g" /etc/s6.d/cron/run \
- -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /usr/local/bin/occ
+ -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /usr/local/bin/occ \
+ -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \
+ -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /php/etc/php-fpm.conf
# Put the configuration and apps into volumes
ln -sf /config/config.php /nextcloud/config/config.php &>/dev/null
@@ -18,7 +18,7 @@ if [ ! -d /data/session ]; then
fi
echo "Updating permissions..."
-for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7 /var/log /var/lib/nginx /tmp /etc/s6.d; do
+for dir in /nextcloud /data /config /apps2 /var/log /php /nginx /tmp /etc/s6.d; do
if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then
echo "Updating permissions in $dir..."
chown -R $UID:$GID $dir
@@ -32,7 +32,7 @@ if [ ! -f /config/config.php ]; then
# New installation, run the setup
/usr/local/bin/setup.sh
else
- if [ $(occ | head -n 1 | grep -ic "Nextcloud version.*") == "1" ] ; then
+ if [ $(occ | head -n 1 | grep -ic "Nextcloud version.*") == "1" ] ; then
occ upgrade
if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then
echo "Trying Nextcloud upgrade again to work around Nextcloud upgrade bug..."
diff --git a/nextcloud/11.0/setup.sh b/nextcloud/11.0/rootfs/usr/local/bin/setup.sh
similarity index 97%
rename from nextcloud/11.0/setup.sh
rename to nextcloud/11.0/rootfs/usr/local/bin/setup.sh
index bf74314..df29992 100755
--- a/nextcloud/11.0/setup.sh
+++ b/nextcloud/11.0/rootfs/usr/local/bin/setup.sh
@@ -67,7 +67,7 @@ echo "Starting automatic configuration..."
# Execute ownCloud's setup step, which creates the ownCloud database.
# It also wipes it if it exists. And it updates config.php with database
# settings and deletes the autoconfig.php file.
-(cd /nextcloud; php7 index.php &>/dev/null)
+(cd /nextcloud; php index.php &>/dev/null)
echo "Automatic configuration finished."
# Update config.php.
@@ -81,7 +81,7 @@ echo "Automatic configuration finished."
# Use PHP to read the settings file, modify it, and write out the new settings array.
CONFIG_TEMP=$(/bin/mktemp)
-php7 <<EOF > $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE
+php <<EOF > $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE
<?php
include("/config/config.php");
diff --git a/nextcloud/11.0/s6.d/cron/run b/nextcloud/11.0/s6.d/cron/run
deleted file mode 100644
index 811e3f8..0000000
--- a/nextcloud/11.0/s6.d/cron/run
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-
-while true; do
- php7 -d memory_limit=<CRON_MEMORY_LIMIT> -f /nextcloud/cron.php
- sleep <CRON_PERIOD>
-done
diff --git a/nextcloud/11.0/s6.d/nginx/run b/nextcloud/11.0/s6.d/nginx/run
deleted file mode 100644
index eaf8049..0000000
--- a/nextcloud/11.0/s6.d/nginx/run
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec nginx
diff --git a/nextcloud/11.0/s6.d/php/run b/nextcloud/11.0/s6.d/php/run
deleted file mode 100644
index e238021..0000000
--- a/nextcloud/11.0/s6.d/php/run
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec php-fpm7
diff --git a/nextcloud/daily/Dockerfile b/nextcloud/daily/Dockerfile
index 5b649c5..3c3cdb4 100644
--- a/nextcloud/daily/Dockerfile
+++ b/nextcloud/daily/Dockerfile
@@ -1,7 +1,4 @@
-FROM alpine:3.5
-
-ARG GNU_LIBICONV_VERSION=1.15
-ARG PHP_SOURCES_VERSION=7.0.18
+FROM wonderfall/nginx-php
ENV UID=991 GID=991 \
UPLOAD_MAX_SIZE=10G \
@@ -14,8 +11,7 @@ ENV UID=991 GID=991 \
DB_TYPE=sqlite3 \
DOMAIN=localhost
-RUN echo " https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
- && BUILD_DEPS=" \
+RUN BUILD_DEPS=" \
gnupg \
tar \
build-base \
@@ -26,62 +22,15 @@ RUN echo " https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositor
samba-dev" \
&& apk -U upgrade && apk add \
${BUILD_DEPS} \
- nginx \
- s6 \
libressl \
ca-certificates \
libsmbclient \
- samba-client \
- su-exec \
tzdata \
- php7 \
- php7-fpm \
- php7-intl \
- php7-mbstring \
- php7-curl \
- php7-gd \
- php7-fileinfo \
- php7-mcrypt \
- php7-opcache \
- php7-json \
- php7-session \
- php7-pdo \
- php7-dom \
- php7-ctype \
- php7-mysqlnd \
- php7-pdo_mysql \
- php7-pdo_pgsql \
- php7-pgsql \
- php7-pdo_sqlite \
- php7-sqlite3 \
- php7-zlib \
- php7-zip \
- php7-xmlreader \
- php7-xml \
- php7-xmlwriter \
- php7-posix \
- php7-openssl \
- php7-ldap \
- php7-imap \
- php7-ftp \
- php7-pcntl \
- php7-exif \
- php7-pear \
- php7-dev \
&& pecl install smbclient apcu redis \
- && cd /tmp && wget -q http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${GNU_LIBICONV_VERSION}.tar.gz \
- && tar xzf libiconv-${GNU_LIBICONV_VERSION}.tar.gz && cd libiconv-${GNU_LIBICONV_VERSION} \
- && ./configure --prefix=/usr/local \
- && make && make install && libtool --finish /usr/local/lib && cd /tmp \
- && wget -q http://is1.php.net/get/php-${PHP_SOURCES_VERSION}.tar.gz/from/this/mirror -O php7.tar.gz \
- && tar xzf php7.tar.gz && cd /tmp/php-${PHP_SOURCES_VERSION}/ext/iconv && phpize7 \
- && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7 \
- && make && cp modules/iconv.so /usr/lib/php7/modules && cd /tmp \
- && echo "extension=iconv.so" > /etc/php7/conf.d/00_iconv.ini \
- && echo "extension=smbclient.so" > /etc/php7/conf.d/00_smbclient.ini \
- && echo "extension=redis.so" > /etc/php7/conf.d/redis.ini \
- && sed -i 's|;session.save_path = "/tmp"|session.save_path = "/data/session"|g' /etc/php7/php.ini \
+ && echo "extension=smbclient.so" > /php/conf.d/smbclient.ini \
+ && echo "extension=redis.so" > /php/conf.d/redis.ini \
&& mkdir /nextcloud \
+ && cd /tmp \
&& wget -q https://download.nextcloud.com/server/daily/latest.tar.bz2 \
&& echo "Verifying checksum of latest.tar.bz2..." \
&& wget -q https://download.nextcloud.com/server/daily/latest.tar.bz2.sha512 \
@@ -90,25 +39,18 @@ RUN echo " https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositor
&& if [ "${CHECKSUM_STATE}" != "OK" ]; then echo "Warning! Checksum does not match!" && exit 1; fi \
&& tar xjf latest.tar.bz2 --strip 1 -C /nextcloud \
&& apk del ${BUILD_DEPS} php7-pear php7-dev \
- && rm -rf /var/cache/apk/* /tmp/* /root/.gnupg
+ && rm -rf /var/cache/apk/* /tmp/*
-COPY nginx.conf /etc/nginx/nginx.conf
-COPY php-fpm.conf /etc/php7/php-fpm.conf
-COPY opcache.ini /etc/php7/conf.d/00_opcache.ini
-COPY apcu.ini /etc/php7/conf.d/apcu.ini
-COPY run.sh /usr/local/bin/run.sh
-COPY setup.sh /usr/local/bin/setup.sh
-COPY occ /usr/local/bin/occ
-COPY s6.d /etc/s6.d
+COPY rootfs /
RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
-VOLUME /data /config /apps2 /nextcloud/themes
+VOLUME /data /config /apps2 /nextcloud/themes /php/session
EXPOSE 8888
LABEL description="A server software for creating file hosting services" \
- nextcloud="Nextcloud daily build" \
+ nextcloud="Nextcloud daily" \
maintainer="Wonderfall <wonderfall@targaryen.house>"
CMD ["run.sh"]
diff --git a/nextcloud/daily/occ b/nextcloud/daily/occ
deleted file mode 100644
index bffa67a..0000000
--- a/nextcloud/daily/occ
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-su-exec $UID:$GID php7 -d memory_limit=<MEMORY_LIMIT> -f /nextcloud/occ $@
diff --git a/nextcloud/daily/php-fpm.conf b/nextcloud/daily/php-fpm.conf
deleted file mode 100644
index c30057b..0000000
--- a/nextcloud/daily/php-fpm.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-[global]
-daemonize = no
-
-[www]
-listen = /tmp/php-fpm.sock
-pm = dynamic
-pm.max_children = 15
-pm.start_servers = 2
-pm.min_spare_servers = 1
-pm.max_spare_servers = 6
-chdir = /
-request_terminate_timeout = 0
-env[PATH] = /usr/local/bin:/usr/bin:/bin
-php_admin_value[post_max_size] = <UPLOAD_MAX_SIZE>
-php_admin_value[upload_max_filesize] = <UPLOAD_MAX_SIZE>
-php_admin_value[max_execution_time] = 10800
-php_admin_value[max_input_time] = 3600
-php_admin_value[expose_php] = Off
-php_admin_value[memory_limit] = <MEMORY_LIMIT>
diff --git a/nextcloud/daily/s6.d/.s6-svscan/finish b/nextcloud/daily/rootfs/etc/s6.d/.s6-svscan/finish
similarity index 100%
rename from nextcloud/daily/s6.d/.s6-svscan/finish
rename to nextcloud/daily/rootfs/etc/s6.d/.s6-svscan/finish
diff --git a/nextcloud/daily/rootfs/etc/s6.d/cron/run b/nextcloud/daily/rootfs/etc/s6.d/cron/run
new file mode 100644
index 0000000..2a3346b
--- /dev/null
+++ b/nextcloud/daily/rootfs/etc/s6.d/cron/run
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+while true; do
+ php -d memory_limit=<CRON_MEMORY_LIMIT> -f /nextcloud/cron.php
+ sleep <CRON_PERIOD>
+done
diff --git a/nextcloud/daily/rootfs/nginx/sites-enabled/nginx.conf b/nextcloud/daily/rootfs/nginx/sites-enabled/nginx.conf
new file mode 100644
index 0000000..6c07899
--- /dev/null
+++ b/nextcloud/daily/rootfs/nginx/sites-enabled/nginx.conf
@@ -0,0 +1,76 @@
+server {
+ listen 8888;
+ root /nextcloud;
+
+ fastcgi_buffers 64 4K;
+
+ add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload";
+ add_header X-Frame-Options "SAMEORIGIN";
+ add_header X-Content-Type-Options nosniff;
+ add_header X-XSS-Protection "1; mode=block";
+ add_header X-Robots-Tag none;
+ add_header X-Download-Options noopen;
+ add_header X-Permitted-Cross-Domain-Policies none;
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /.well-known/carddav {
+ return 301 $scheme://$host/remote.php/dav;
+ }
+
+ location = /.well-known/caldav {
+ return 301 $scheme://$host/remote.php/dav;
+ }
+
+ location / {
+ rewrite ^ /index.php$uri;
+ }
+
+ location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
+ deny all;
+ }
+
+ location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
+ deny all;
+ }
+
+ location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
+ include /nginx/conf/fastcgi_params;
+ fastcgi_split_path_info ^(.+\.php)(/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param modHeadersAvailable true;
+ fastcgi_param front_controller_active true;
+ fastcgi_pass unix:/php/run/php-fpm.sock;
+ fastcgi_intercept_errors on;
+ fastcgi_request_buffering off;
+ fastcgi_read_timeout 1200;
+ }
+
+ location ~ ^/(?:updater|ocs-provider)(?:$|/) {
+ try_files $uri/ =404;
+ index index.php;
+ }
+
+ location ~* \.(?:css|js)$ {
+ try_files $uri /index.php$uri$is_args$args;
+ add_header Cache-Control "public, max-age=7200";
+ add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
+ add_header X-Frame-Options "SAMEORIGIN";
+ add_header X-Content-Type-Options nosniff;
+ add_header X-XSS-Protection "1; mode=block";
+ add_header X-Robots-Tag none;
+ add_header X-Download-Options noopen;
+ add_header X-Permitted-Cross-Domain-Policies none;
+ access_log off;
+ }
+
+ location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
+ try_files $uri /index.php$uri$is_args$args;
+ access_log off;
+ }
+}
diff --git a/nextcloud/daily/apcu.ini b/nextcloud/daily/rootfs/php/conf.d/apcu.ini
similarity index 100%
rename from nextcloud/daily/apcu.ini
rename to nextcloud/daily/rootfs/php/conf.d/apcu.ini
diff --git a/nextcloud/daily/opcache.ini b/nextcloud/daily/rootfs/php/conf.d/opcache.ini
similarity index 100%
rename from nextcloud/daily/opcache.ini
rename to nextcloud/daily/rootfs/php/conf.d/opcache.ini
diff --git a/nextcloud/daily/rootfs/usr/local/bin/occ b/nextcloud/daily/rootfs/usr/local/bin/occ
new file mode 100644
index 0000000..3525d30
--- /dev/null
+++ b/nextcloud/daily/rootfs/usr/local/bin/occ
@@ -0,0 +1,2 @@
+#!/bin/sh
+su-exec $UID:$GID php -d memory_limit=<MEMORY_LIMIT> -f /nextcloud/occ $@
diff --git a/nextcloud/11.0/run.sh b/nextcloud/daily/rootfs/usr/local/bin/run.sh
similarity index 70%
rename from nextcloud/11.0/run.sh
rename to nextcloud/daily/rootfs/usr/local/bin/run.sh
index 223e6e4..6c64503 100644
--- a/nextcloud/11.0/run.sh
+++ b/nextcloud/daily/rootfs/usr/local/bin/run.sh
@@ -1,12 +1,12 @@
#!/bin/sh
-sed -i -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7/php-fpm.conf \
- -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /etc/php7/php-fpm.conf \
- -e "s/<APC_SHM_SIZE>/$APC_SHM_SIZE/g" /etc/php7/conf.d/apcu.ini \
- -e "s/<OPCACHE_MEM_SIZE>/$OPCACHE_MEM_SIZE/g" /etc/php7/conf.d/00_opcache.ini \
+sed -i -e "s/<APC_SHM_SIZE>/$APC_SHM_SIZE/g" /php/conf.d/apcu.ini \
+ -e "s/<OPCACHE_MEM_SIZE>/$OPCACHE_MEM_SIZE/g" /php/conf.d/opcache.ini \
-e "s/<CRON_MEMORY_LIMIT>/$CRON_MEMORY_LIMIT/g" /etc/s6.d/cron/run \
-e "s/<CRON_PERIOD>/$CRON_PERIOD/g" /etc/s6.d/cron/run \
- -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /usr/local/bin/occ
+ -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /usr/local/bin/occ \
+ -e "s/<UPLOAD_MAX_SIZE>/$UPLOAD_MAX_SIZE/g" /nginx/conf/nginx.conf /php/etc/php-fpm.conf \
+ -e "s/<MEMORY_LIMIT>/$MEMORY_LIMIT/g" /php/etc/php-fpm.conf
# Put the configuration and apps into volumes
ln -sf /config/config.php /nextcloud/config/config.php &>/dev/null
@@ -18,7 +18,7 @@ if [ ! -d /data/session ]; then
fi
echo "Updating permissions..."
-for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7 /var/log /var/lib/nginx /tmp /etc/s6.d; do
+for dir in /nextcloud /data /config /apps2 /var/log /php /nginx /tmp /etc/s6.d; do
if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then
echo "Updating permissions in $dir..."
chown -R $UID:$GID $dir
@@ -32,7 +32,7 @@ if [ ! -f /config/config.php ]; then
# New installation, run the setup
/usr/local/bin/setup.sh
else
- if [ $(occ | head -n 1 | grep -ic "Nextcloud version.*") == "1" ] ; then
+ if [ $(occ | head -n 1 | grep -ic "Nextcloud version.*") == "1" ] ; then
occ upgrade
if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then
echo "Trying Nextcloud upgrade again to work around Nextcloud upgrade bug..."
diff --git a/nextcloud/daily/setup.sh b/nextcloud/daily/rootfs/usr/local/bin/setup.sh
similarity index 97%
rename from nextcloud/daily/setup.sh
rename to nextcloud/daily/rootfs/usr/local/bin/setup.sh
index bf74314..df29992 100755
--- a/nextcloud/daily/setup.sh
+++ b/nextcloud/daily/rootfs/usr/local/bin/setup.sh
@@ -67,7 +67,7 @@ echo "Starting automatic configuration..."
# Execute ownCloud's setup step, which creates the ownCloud database.
# It also wipes it if it exists. And it updates config.php with database
# settings and deletes the autoconfig.php file.
-(cd /nextcloud; php7 index.php &>/dev/null)
+(cd /nextcloud; php index.php &>/dev/null)
echo "Automatic configuration finished."
# Update config.php.
@@ -81,7 +81,7 @@ echo "Automatic configuration finished."
# Use PHP to read the settings file, modify it, and write out the new settings array.
CONFIG_TEMP=$(/bin/mktemp)
-php7 <<EOF > $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE
+php <<EOF > $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE
<?php
include("/config/config.php");
diff --git a/nextcloud/daily/s6.d/cron/run b/nextcloud/daily/s6.d/cron/run
deleted file mode 100644
index 811e3f8..0000000
--- a/nextcloud/daily/s6.d/cron/run
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-
-while true; do
- php7 -d memory_limit=<CRON_MEMORY_LIMIT> -f /nextcloud/cron.php
- sleep <CRON_PERIOD>
-done
diff --git a/nextcloud/daily/s6.d/nginx/run b/nextcloud/daily/s6.d/nginx/run
deleted file mode 100644
index eaf8049..0000000
--- a/nextcloud/daily/s6.d/nginx/run
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec nginx
diff --git a/nextcloud/daily/s6.d/php/run b/nextcloud/daily/s6.d/php/run
deleted file mode 100644
index e238021..0000000
--- a/nextcloud/daily/s6.d/php/run
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-exec php-fpm7