From c482784782b783d2ad0f0621e48cf9f07445159d Mon Sep 17 00:00:00 2001 From: Wonderfall Date: Wed, 15 Feb 2017 17:36:36 +0100 Subject: [PATCH] nextcloud: fix, php 7.1, remove redis --- nextcloud/11.0-armhf/Dockerfile | 122 ------------------- nextcloud/11.0-armhf/apcu.ini | 4 - nextcloud/11.0-armhf/nginx.conf | 113 ----------------- nextcloud/11.0-armhf/occ | 2 - nextcloud/11.0-armhf/opcache.ini | 8 -- nextcloud/11.0-armhf/php-fpm.conf | 18 --- nextcloud/11.0-armhf/redis.conf | 14 --- nextcloud/11.0-armhf/run.sh | 40 ------ nextcloud/11.0-armhf/s6.d/.s6-svscan/finish | 3 - nextcloud/11.0-armhf/s6.d/cron/run | 6 - nextcloud/11.0-armhf/s6.d/nginx/run | 2 - nextcloud/11.0-armhf/s6.d/php/run | 2 - nextcloud/11.0-armhf/s6.d/redis/run | 2 - nextcloud/11.0-armhf/setup.sh | 112 ----------------- nextcloud/11.0/Dockerfile | 93 +++++++------- nextcloud/11.0/occ | 2 +- nextcloud/11.0/redis.conf | 14 --- nextcloud/11.0/run.sh | 9 +- nextcloud/11.0/s6.d/cron/run | 2 +- nextcloud/11.0/s6.d/php/run | 2 +- nextcloud/11.0/s6.d/redis/run | 2 - nextcloud/11.0/setup.sh | 11 +- nextcloud/README.md | 42 +------ nextcloud/daily-armhf/Dockerfile | 106 ---------------- nextcloud/daily-armhf/apcu.ini | 4 - nextcloud/daily-armhf/nginx.conf | 113 ----------------- nextcloud/daily-armhf/occ | 2 - nextcloud/daily-armhf/opcache.ini | 8 -- nextcloud/daily-armhf/php-fpm.conf | 18 --- nextcloud/daily-armhf/redis.conf | 14 --- nextcloud/daily-armhf/run.sh | 33 ----- nextcloud/daily-armhf/s6.d/.s6-svscan/finish | 3 - nextcloud/daily-armhf/s6.d/cron/run | 6 - nextcloud/daily-armhf/s6.d/nginx/run | 2 - nextcloud/daily-armhf/s6.d/php/run | 2 - nextcloud/daily-armhf/s6.d/redis/run | 2 - nextcloud/daily-armhf/setup.sh | 112 ----------------- nextcloud/daily/Dockerfile | 102 ++++++++-------- nextcloud/daily/occ | 2 +- nextcloud/daily/redis.conf | 14 --- nextcloud/daily/run.sh | 17 ++- nextcloud/daily/s6.d/cron/run | 2 +- nextcloud/daily/s6.d/php/run | 2 +- nextcloud/daily/s6.d/redis/run | 2 - nextcloud/daily/setup.sh | 11 +- 45 files changed, 128 insertions(+), 1074 deletions(-) delete mode 100644 nextcloud/11.0-armhf/Dockerfile delete mode 100644 nextcloud/11.0-armhf/apcu.ini delete mode 100644 nextcloud/11.0-armhf/nginx.conf delete mode 100644 nextcloud/11.0-armhf/occ delete mode 100644 nextcloud/11.0-armhf/opcache.ini delete mode 100644 nextcloud/11.0-armhf/php-fpm.conf delete mode 100644 nextcloud/11.0-armhf/redis.conf delete mode 100644 nextcloud/11.0-armhf/run.sh delete mode 100644 nextcloud/11.0-armhf/s6.d/.s6-svscan/finish delete mode 100644 nextcloud/11.0-armhf/s6.d/cron/run delete mode 100644 nextcloud/11.0-armhf/s6.d/nginx/run delete mode 100644 nextcloud/11.0-armhf/s6.d/php/run delete mode 100644 nextcloud/11.0-armhf/s6.d/redis/run delete mode 100755 nextcloud/11.0-armhf/setup.sh delete mode 100644 nextcloud/11.0/redis.conf delete mode 100644 nextcloud/11.0/s6.d/redis/run delete mode 100644 nextcloud/daily-armhf/Dockerfile delete mode 100644 nextcloud/daily-armhf/apcu.ini delete mode 100644 nextcloud/daily-armhf/nginx.conf delete mode 100644 nextcloud/daily-armhf/occ delete mode 100644 nextcloud/daily-armhf/opcache.ini delete mode 100644 nextcloud/daily-armhf/php-fpm.conf delete mode 100644 nextcloud/daily-armhf/redis.conf delete mode 100644 nextcloud/daily-armhf/run.sh delete mode 100644 nextcloud/daily-armhf/s6.d/.s6-svscan/finish delete mode 100644 nextcloud/daily-armhf/s6.d/cron/run delete mode 100644 nextcloud/daily-armhf/s6.d/nginx/run delete mode 100644 nextcloud/daily-armhf/s6.d/php/run delete mode 100644 nextcloud/daily-armhf/s6.d/redis/run delete mode 100755 nextcloud/daily-armhf/setup.sh delete mode 100644 nextcloud/daily/redis.conf delete mode 100644 nextcloud/daily/s6.d/redis/run diff --git a/nextcloud/11.0-armhf/Dockerfile b/nextcloud/11.0-armhf/Dockerfile deleted file mode 100644 index 812fa46..0000000 --- a/nextcloud/11.0-armhf/Dockerfile +++ /dev/null @@ -1,122 +0,0 @@ -FROM orax/alpine-armhf:edge -MAINTAINER Wonderfall - -ARG NEXTCLOUD_VERSION=11.0.1 -ARG GNU_LIBICONV_VERSION=1.14 -ARG GPG_nextcloud="2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A" - -ENV UID=991 GID=991 \ - UPLOAD_MAX_SIZE=10G \ - APC_SHM_SIZE=64M \ - OPCACHE_MEM_SIZE=64 \ - REDIS_MAX_MEMORY=32mb \ - CRON_PERIOD=15m \ - TZ=Etc/UTC \ - DB_TYPE=sqlite3 \ - ADMIN_USER=admin \ - ADMIN_PASSWORD=admin - -RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \ - && echo "@testing https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ - && BUILD_DEPS=" \ - gnupg \ - tar \ - build-base \ - autoconf \ - automake \ - libtool \ - samba-dev" \ - && apk -U add \ - ${BUILD_DEPS} \ - nginx \ - s6 \ - libressl \ - ca-certificates \ - libsmbclient \ - samba-client \ - su-exec \ - tzdata \ - redis \ - php7@commuedge \ - php7-fpm@commuedge \ - php7-intl@commuedge \ - php7-mbstring@commuedge \ - php7-curl@commuedge \ - php7-gd@commuedge \ - php7-mcrypt@commuedge \ - php7-opcache@commuedge \ - php7-json@commuedge \ - php7-session@commuedge \ - php7-pdo@commuedge \ - php7-dom@commuedge \ - php7-ctype@commuedge \ - php7-pdo_mysql@commuedge \ - php7-pdo_pgsql@commuedge \ - php7-pgsql@commuedge \ - php7-pdo_sqlite@commuedge \ - php7-sqlite3@commuedge \ - php7-zlib@commuedge \ - php7-zip@commuedge \ - php7-xmlreader@commuedge \ - php7-posix@commuedge \ - php7-openssl@commuedge \ - php7-ldap@commuedge \ - php7-ftp@commuedge \ - php7-pcntl@commuedge \ - php7-exif@commuedge \ - php7-apcu@testing \ - php7-redis@testing \ - php7-pear@commuedge \ - php7-dev@commuedge \ - && sed -i "$ s|\-n||g" /usr/bin/pecl && pecl install smbclient \ - && cd /tmp && wget -q http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${GNU_LIBICONV_VERSION}.tar.gz \ - && tar xzf libiconv-${GNU_LIBICONV_VERSION}.tar.gz && cd libiconv-${GNU_LIBICONV_VERSION} \ - && ./configure --prefix=/usr/local \ - && wget -q https://raw.githubusercontent.com/mxe/mxe/7e231efd245996b886b501dad780761205ecf376/src/libiconv-1-fixes.patch \ - && patch -p1 -u < libiconv-1-fixes.patch \ - && make && make install && libtool --finish /usr/local/lib && cd /tmp \ - && wget -q http://is1.php.net/get/php-7.0.13.tar.gz/from/this/mirror -O php7.tar.gz \ - && tar xzf php7.tar.gz && cd /tmp/php-7.0.13/ext/iconv && phpize7 \ - && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7 \ - && make && cp modules/iconv.so /usr/lib/php7/modules && cd /tmp \ - && echo "extension=iconv.so" > /etc/php7/conf.d/00_iconv.ini \ - && echo "extension=smbclient.so" > /etc/php7/conf.d/00_smbclient.ini \ - && mkdir /nextcloud \ - && NEXTCLOUD_TARBALL="nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ - && wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL} \ - && wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL}.sha256 \ - && wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL}.asc \ - && wget -q https://nextcloud.com/nextcloud.asc \ - && echo "Verifying both integrity and authenticity of ${NEXTCLOUD_TARBALL}..." \ - && CHECKSUM_STATE=$(echo -n $(sha256sum -c ${NEXTCLOUD_TARBALL}.sha256) | tail -c 2) \ - && if [ "${CHECKSUM_STATE}" != "OK" ]; then echo "Warning! Checksum does not match!" && exit 1; fi \ - && gpg --import nextcloud.asc \ - && FINGERPRINT="$(LANG=C gpg --verify ${NEXTCLOUD_TARBALL}.asc ${NEXTCLOUD_TARBALL} 2>&1 \ - | sed -n "s#Primary key fingerprint: \(.*\)#\1#p")" \ - && if [ -z "${FINGERPRINT}" ]; then echo "Warning! Invalid GPG signature!" && exit 1; fi \ - && if [ "${FINGERPRINT}" != "${GPG_nextcloud}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \ - && echo "All seems good, now unpacking ${NEXTCLOUD_TARBALL}..." \ - && tar xjf ${NEXTCLOUD_TARBALL} --strip 1 -C /nextcloud \ - && apk del ${BUILD_DEPS} php7-pear php7-dev \ - && rm -rf /var/cache/apk/* /tmp/* /root/.gnupg - -COPY nginx.conf /etc/nginx/nginx.conf -COPY php-fpm.conf /etc/php7/php-fpm.conf -COPY opcache.ini /etc/php7/conf.d/00_opcache.ini -COPY apcu.ini /etc/php7/conf.d/apcu.ini -COPY redis.conf /etc/redis.conf -COPY run.sh /usr/local/bin/run.sh -COPY setup.sh /usr/local/bin/setup.sh -COPY occ /usr/local/bin/occ -COPY s6.d /etc/s6.d - -RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* - -VOLUME /data /config /apps2 /var/lib/redis - -EXPOSE 8888 - -LABEL description="A server software for creating file hosting services" \ - nextcloud="Nextcloud v${NEXTCLOUD_VERSION}" - -CMD ["run.sh"] diff --git a/nextcloud/11.0-armhf/apcu.ini b/nextcloud/11.0-armhf/apcu.ini deleted file mode 100644 index 1bf9b49..0000000 --- a/nextcloud/11.0-armhf/apcu.ini +++ /dev/null @@ -1,4 +0,0 @@ -extension=apcu.so -apc.enabled=1 -apc.shm_size= -apc.ttl=7200 diff --git a/nextcloud/11.0-armhf/nginx.conf b/nextcloud/11.0-armhf/nginx.conf deleted file mode 100644 index 0633855..0000000 --- a/nextcloud/11.0-armhf/nginx.conf +++ /dev/null @@ -1,113 +0,0 @@ -worker_processes auto; -pid /tmp/nginx.pid; -daemon off; - -events { - worker_connections 1024; - use epoll; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - access_log off; - error_log /tmp/ngx_error.log error; - - sendfile on; - keepalive_timeout 15; - keepalive_disable msie6; - keepalive_requests 100; - tcp_nopush on; - tcp_nodelay on; - server_tokens off; - - fastcgi_temp_path /tmp/fastcgi 1 2; - client_body_temp_path /tmp/client_body 1 2; - proxy_temp_path /tmp/proxy 1 2; - uwsgi_temp_path /tmp/uwsgi 1 2; - scgi_temp_path /tmp/scgi 1 2; - - gzip off; - - server { - listen 8888; - root /nextcloud; - - client_max_body_size ; - fastcgi_buffers 64 4K; - - error_page 403 /core/templates/403.php; - error_page 404 /core/templates/404.php; - - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location = /.well-known/carddav { - return 301 $scheme://$host/remote.php/dav; - } - - location = /.well-known/caldav { - return 301 $scheme://$host/remote.php/dav; - } - - location / { - rewrite ^ /index.php$uri; - } - - location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { - deny all; - } - - location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } - - location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { - include fastcgi_params; - fastcgi_split_path_info ^(.+\.php)(/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param modHeadersAvailable true; - fastcgi_param front_controller_active true; - fastcgi_pass unix:/tmp/php-fpm.sock; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - fastcgi_read_timeout 1200; - } - - location ~ ^/(?:updater|ocs-provider)(?:$|/) { - try_files $uri/ =404; - index index.php; - } - - location ~* \.(?:css|js)$ { - try_files $uri /index.php$uri$is_args$args; - add_header Cache-Control "public, max-age=7200"; - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - access_log off; - } - - location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { - try_files $uri /index.php$uri$is_args$args; - access_log off; - } - } -} diff --git a/nextcloud/11.0-armhf/occ b/nextcloud/11.0-armhf/occ deleted file mode 100644 index a766ef6..0000000 --- a/nextcloud/11.0-armhf/occ +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -su-exec $UID:$GID php7 /nextcloud/occ $@ diff --git a/nextcloud/11.0-armhf/opcache.ini b/nextcloud/11.0-armhf/opcache.ini deleted file mode 100644 index 705e399..0000000 --- a/nextcloud/11.0-armhf/opcache.ini +++ /dev/null @@ -1,8 +0,0 @@ -zend_extension=opcache.so -opcache.enable=1 -opcache.enable_cli=1 -opcache.fast_shutdown=1 -opcache.memory_consumption= -opcache.interned_strings_buffer=16 -opcache.max_accelerated_files=5413 -opcache.revalidate_freq=60 diff --git a/nextcloud/11.0-armhf/php-fpm.conf b/nextcloud/11.0-armhf/php-fpm.conf deleted file mode 100644 index 2bb8380..0000000 --- a/nextcloud/11.0-armhf/php-fpm.conf +++ /dev/null @@ -1,18 +0,0 @@ -[global] -daemonize = no - -[www] -listen = /tmp/php-fpm.sock -pm = dynamic -pm.max_children = 15 -pm.start_servers = 2 -pm.min_spare_servers = 1 -pm.max_spare_servers = 6 -chdir = / -request_terminate_timeout = 0 -env[PATH] = /usr/local/bin:/usr/bin:/bin -php_admin_value[post_max_size] = -php_admin_value[upload_max_filesize] = -php_admin_value[max_execution_time] = 10800 -php_admin_value[max_input_time] = 3600 -php_admin_value[expose_php] = Off diff --git a/nextcloud/11.0-armhf/redis.conf b/nextcloud/11.0-armhf/redis.conf deleted file mode 100644 index c26fc6b..0000000 --- a/nextcloud/11.0-armhf/redis.conf +++ /dev/null @@ -1,14 +0,0 @@ -bind 127.0.0.1 -protected-mode yes -port 0 -unixsocket /tmp/redis.sock -unixsocketperm 700 -daemonize no -pidfile /tmp/redis.pid -logfile /tmp/redis.log -save 900 1 -save 300 10 -save 60 10000 -dbfilename dump.rdb -dir /var/lib/redis/ -maxmemory diff --git a/nextcloud/11.0-armhf/run.sh b/nextcloud/11.0-armhf/run.sh deleted file mode 100644 index 202fb86..0000000 --- a/nextcloud/11.0-armhf/run.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh - -sed -i -e "s//$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7/php-fpm.conf \ - -e "s//$APC_SHM_SIZE/g" /etc/php7/conf.d/apcu.ini \ - -e "s//$OPCACHE_MEM_SIZE/g" /etc/php7/conf.d/00_opcache.ini \ - -e "s//$REDIS_MAX_MEMORY/g" /etc/redis.conf \ - -e "s//$CRON_PERIOD/g" /etc/s6.d/cron/run - -# Put the configuration and apps into volumes -ln -sf /config/config.php /nextcloud/config/config.php &>/dev/null -ln -sf /apps2 /nextcloud &>/dev/null - -mv nextcloud fix && mv fix nextcloud # fix strange bug - -echo "Updating permissions..." -for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7 /var/log /var/lib/nginx /var/lib/redis /tmp /etc/s6.d; do - if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then - echo "Updating permissions in $dir..." - chown -R $UID:$GID $dir - else - echo "Permissions in $dir are correct." - fi -done -echo "Done updating permissions." - -if [ ! -f /config/config.php ]; then - # New installation, run the setup - /usr/local/bin/setup.sh -else - occ upgrade - if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then - echo "Trying ownCloud upgrade again to work around ownCloud upgrade bug..." - occ upgrade - if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then exit 1; fi - occ maintenance:mode --off - echo "...which seemed to work." - fi -fi - -exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d diff --git a/nextcloud/11.0-armhf/s6.d/.s6-svscan/finish b/nextcloud/11.0-armhf/s6.d/.s6-svscan/finish deleted file mode 100644 index c52d3c2..0000000 --- a/nextcloud/11.0-armhf/s6.d/.s6-svscan/finish +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh - -exit 0 diff --git a/nextcloud/11.0-armhf/s6.d/cron/run b/nextcloud/11.0-armhf/s6.d/cron/run deleted file mode 100644 index 2e6fec5..0000000 --- a/nextcloud/11.0-armhf/s6.d/cron/run +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -while true; do - php7 -f /nextcloud/cron.php - sleep -done diff --git a/nextcloud/11.0-armhf/s6.d/nginx/run b/nextcloud/11.0-armhf/s6.d/nginx/run deleted file mode 100644 index eaf8049..0000000 --- a/nextcloud/11.0-armhf/s6.d/nginx/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec nginx diff --git a/nextcloud/11.0-armhf/s6.d/php/run b/nextcloud/11.0-armhf/s6.d/php/run deleted file mode 100644 index e238021..0000000 --- a/nextcloud/11.0-armhf/s6.d/php/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec php-fpm7 diff --git a/nextcloud/11.0-armhf/s6.d/redis/run b/nextcloud/11.0-armhf/s6.d/redis/run deleted file mode 100644 index 4881331..0000000 --- a/nextcloud/11.0-armhf/s6.d/redis/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec redis-server /etc/redis.conf diff --git a/nextcloud/11.0-armhf/setup.sh b/nextcloud/11.0-armhf/setup.sh deleted file mode 100755 index a8ade50..0000000 --- a/nextcloud/11.0-armhf/setup.sh +++ /dev/null @@ -1,112 +0,0 @@ -#!/bin/sh -# Nextcloud -########################## - -#source setup/functions.sh # load our functions -#source /etc/mailinabox.conf # load global vars -CONFIGFILE=/config/config.php - - -# Create an initial configuration file. -instanceid=oc$(echo $PRIMARY_HOSTNAME | sha1sum | fold -w 10 | head -n 1) -cat > $CONFIGFILE < '/data', - - "apps_paths" => array ( - 0 => array ( - "path" => "/nextcloud/apps", - "url" => "/apps", - "writable" => false, - ), - 1 => array ( - "path" => "/apps2", - "url" => "/apps2", - "writable" => true, - ), - ), - - 'memcache.local' => '\OC\Memcache\APCu', - - 'memcache.locking' => '\OC\Memcache\Redis', - 'redis' => array( - 'host' => '/tmp/redis.sock', - 'port' => 0, - 'timeout' => 0.0, - ), - - 'instanceid' => '$instanceid', -); -?> -EOF - -# Create an auto-configuration file to fill in database settings -# when the install script is run. Make an administrator account -# here or else the install can't finish. -adminpassword=$(dd if=/dev/urandom bs=1 count=40 2>/dev/null | sha1sum | fold -w 30 | head -n 1) -cat > /nextcloud/config/autoconfig.php < '/data', - 'dbtype' => '${DB_TYPE:-sqlite3}', - 'dbname' => '${DB_NAME:-nextcloud}', - 'dbuser' => '${DB_USER:-nextcloud}', - 'dbpass' => '${DB_PASSWORD:-password}', - 'dbhost' => '${DB_HOST:-nextcloud-db}', - 'dbtableprefix' => 'oc_', -EOF -if [[ ! -z "$ADMIN_USER" ]]; then - cat >> /nextcloud/config/autoconfig.php < '${ADMIN_USER}', - 'adminpass' => '${ADMIN_PASSWORD}', -EOF -fi -cat >> /nextcloud/config/autoconfig.php < -EOF - -echo "Starting automatic configuration..." -# Execute ownCloud's setup step, which creates the ownCloud database. -# It also wipes it if it exists. And it updates config.php with database -# settings and deletes the autoconfig.php file. -(cd /nextcloud; php7 index.php) -echo "Automatic configuration finished." - -# Update config.php. -# * trusted_domains is reset to localhost by autoconfig starting with ownCloud 8.1.1, -# so set it here. It also can change if the box's PRIMARY_HOSTNAME changes, so -# this will make sure it has the right value. -# * Some settings weren't included in previous versions of Mail-in-a-Box. -# * We need to set the timezone to the system timezone to allow fail2ban to ban -# users within the proper timeframe -# * We need to set the logdateformat to something that will work correctly with fail2ban -# Use PHP to read the settings file, modify it, and write out the new settings array. - -CONFIG_TEMP=$(/bin/mktemp) -php7 < $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE - -EOF - -chown -R $UID:$GID /config /data -# Enable/disable apps. Note that this must be done after the ownCloud setup. -# The firstrunwizard gave Josh all sorts of problems, so disabling that. -# user_external is what allows ownCloud to use IMAP for login. The contacts -# and calendar apps are the extensions we really care about here. -occ app:disable firstrunwizard diff --git a/nextcloud/11.0/Dockerfile b/nextcloud/11.0/Dockerfile index ac6cadb..d4ea475 100644 --- a/nextcloud/11.0/Dockerfile +++ b/nextcloud/11.0/Dockerfile @@ -8,7 +8,6 @@ ENV UID=991 GID=991 \ UPLOAD_MAX_SIZE=10G \ APC_SHM_SIZE=128M \ OPCACHE_MEM_SIZE=128 \ - REDIS_MAX_MEMORY=64mb \ CRON_PERIOD=15m \ CRON_MEMORY_LIMIT=1g \ TZ=Etc/UTC \ @@ -16,7 +15,7 @@ ENV UID=991 GID=991 \ ADMIN_USER=admin \ ADMIN_PASSWORD=admin -RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \ +RUN echo "@testing https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \ && echo "@testing https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ && BUILD_DEPS=" \ gnupg \ @@ -26,7 +25,7 @@ RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/a automake \ libtool \ samba-dev" \ - && apk -U add \ + && apk -U upgrade && apk add \ ${BUILD_DEPS} \ nginx \ s6 \ @@ -36,51 +35,50 @@ RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/a samba-client \ su-exec \ tzdata \ - redis \ - php7@commuedge \ - php7-fpm@commuedge \ - php7-intl@commuedge \ - php7-mbstring@commuedge \ - php7-curl@commuedge \ - php7-gd@commuedge \ - php7-mcrypt@commuedge \ - php7-opcache@commuedge \ - php7-json@commuedge \ - php7-session@commuedge \ - php7-pdo@commuedge \ - php7-dom@commuedge \ - php7-ctype@commuedge \ - php7-pdo_mysql@commuedge \ - php7-pdo_pgsql@commuedge \ - php7-pgsql@commuedge \ - php7-pdo_sqlite@commuedge \ - php7-sqlite3@commuedge \ - php7-zlib@commuedge \ - php7-zip@commuedge \ - php7-xmlreader@commuedge \ - php7-posix@commuedge \ - php7-openssl@commuedge \ - php7-ldap@commuedge \ - php7-ftp@commuedge \ - php7-pcntl@commuedge \ - php7-exif@commuedge \ - php7-apcu@testing \ - php7-redis@testing \ - php7-pear@commuedge \ - php7-dev@commuedge \ - && sed -i "$ s|\-n||g" /usr/bin/pecl && pecl install smbclient \ + php7.1@testing \ + php7.1-fpm@testing \ + php7.1-intl@testing \ + php7.1-mbstring@testing \ + php7.1-curl@testing \ + php7.1-gd@testing \ + php7.1-mcrypt@testing \ + php7.1-opcache@testing \ + php7.1-json@testing \ + php7.1-session@testing \ + php7.1-pdo@testing \ + php7.1-dom@testing \ + php7.1-ctype@testing \ + php7.1-pdo_mysql@testing \ + php7.1-pdo_pgsql@testing \ + php7.1-pgsql@testing \ + php7.1-pdo_sqlite@testing \ + php7.1-sqlite3@testing \ + php7.1-zlib@testing \ + php7.1-zip@testing \ + php7.1-xmlreader@testing \ + php7.1-xml@testing \ + php7.1-xmlwriter@testing \ + php7.1-posix@testing \ + php7.1-openssl@testing \ + php7.1-ldap@testing \ + php7.1-ftp@testing \ + php7.1-pcntl@testing \ + php7.1-exif@testing \ + php7.1-pear@testing \ + php7.1-dev@testing \ + && sed -i "$ s|\-n||g" /usr/bin/pecl && pecl install smbclient apcu \ && cd /tmp && wget -q http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${GNU_LIBICONV_VERSION}.tar.gz \ && tar xzf libiconv-${GNU_LIBICONV_VERSION}.tar.gz && cd libiconv-${GNU_LIBICONV_VERSION} \ && ./configure --prefix=/usr/local \ && wget -q https://raw.githubusercontent.com/mxe/mxe/7e231efd245996b886b501dad780761205ecf376/src/libiconv-1-fixes.patch \ && patch -p1 -u < libiconv-1-fixes.patch \ && make && make install && libtool --finish /usr/local/lib && cd /tmp \ - && wget -q http://is1.php.net/get/php-7.0.13.tar.gz/from/this/mirror -O php7.tar.gz \ - && tar xzf php7.tar.gz && cd /tmp/php-7.0.13/ext/iconv && phpize7 \ - && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7 \ - && make && cp modules/iconv.so /usr/lib/php7/modules && cd /tmp \ - && echo "extension=iconv.so" > /etc/php7/conf.d/00_iconv.ini \ - && echo "extension=smbclient.so" > /etc/php7/conf.d/00_smbclient.ini \ + && wget -q http://is1.php.net/get/php-7.1.1.tar.gz/from/this/mirror -O php7.1.tar.gz \ + && tar xzf php7.1.tar.gz && cd /tmp/php-7.1.1/ext/iconv && phpize7.1 \ + && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7.1 \ + && make && cp modules/iconv.so /usr/lib/php7.1/modules && cd /tmp \ + && echo "extension=iconv.so" > /etc/php7.1/conf.d/00_iconv.ini \ + && echo "extension=smbclient.so" > /etc/php7.1/conf.d/00_smbclient.ini \ && mkdir /nextcloud \ && NEXTCLOUD_TARBALL="nextcloud-${NEXTCLOUD_VERSION}.tar.bz2" \ && wget -q https://download.nextcloud.com/server/releases/${NEXTCLOUD_TARBALL} \ @@ -97,14 +95,13 @@ RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/a && if [ "${FINGERPRINT}" != "${GPG_nextcloud}" ]; then echo "Warning! Wrong GPG fingerprint!" && exit 1; fi \ && echo "All seems good, now unpacking ${NEXTCLOUD_TARBALL}..." \ && tar xjf ${NEXTCLOUD_TARBALL} --strip 1 -C /nextcloud \ - && apk del ${BUILD_DEPS} php7-pear php7-dev \ + && apk del ${BUILD_DEPS} php7.1-pear php7.1-dev \ && rm -rf /var/cache/apk/* /tmp/* /root/.gnupg COPY nginx.conf /etc/nginx/nginx.conf -COPY php-fpm.conf /etc/php7/php-fpm.conf -COPY opcache.ini /etc/php7/conf.d/00_opcache.ini -COPY apcu.ini /etc/php7/conf.d/apcu.ini -COPY redis.conf /etc/redis.conf +COPY php-fpm.conf /etc/php7.1/php-fpm.conf +COPY opcache.ini /etc/php7.1/conf.d/00_opcache.ini +COPY apcu.ini /etc/php7.1/conf.d/apcu.ini COPY run.sh /usr/local/bin/run.sh COPY setup.sh /usr/local/bin/setup.sh COPY occ /usr/local/bin/occ @@ -112,7 +109,7 @@ COPY s6.d /etc/s6.d RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* -VOLUME /data /config /apps2 /var/lib/redis +VOLUME /data /config /apps2 EXPOSE 8888 diff --git a/nextcloud/11.0/occ b/nextcloud/11.0/occ index a766ef6..e7a37a7 100644 --- a/nextcloud/11.0/occ +++ b/nextcloud/11.0/occ @@ -1,2 +1,2 @@ #!/bin/sh -su-exec $UID:$GID php7 /nextcloud/occ $@ +su-exec $UID:$GID php7.1 /nextcloud/occ $@ diff --git a/nextcloud/11.0/redis.conf b/nextcloud/11.0/redis.conf deleted file mode 100644 index c26fc6b..0000000 --- a/nextcloud/11.0/redis.conf +++ /dev/null @@ -1,14 +0,0 @@ -bind 127.0.0.1 -protected-mode yes -port 0 -unixsocket /tmp/redis.sock -unixsocketperm 700 -daemonize no -pidfile /tmp/redis.pid -logfile /tmp/redis.log -save 900 1 -save 300 10 -save 60 10000 -dbfilename dump.rdb -dir /var/lib/redis/ -maxmemory diff --git a/nextcloud/11.0/run.sh b/nextcloud/11.0/run.sh index 2c8f0fd..451103d 100644 --- a/nextcloud/11.0/run.sh +++ b/nextcloud/11.0/run.sh @@ -1,9 +1,8 @@ #!/bin/sh -sed -i -e "s//$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7/php-fpm.conf \ - -e "s//$APC_SHM_SIZE/g" /etc/php7/conf.d/apcu.ini \ - -e "s//$OPCACHE_MEM_SIZE/g" /etc/php7/conf.d/00_opcache.ini \ - -e "s//$REDIS_MAX_MEMORY/g" /etc/redis.conf \ +sed -i -e "s//$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7.1/php-fpm.conf \ + -e "s//$APC_SHM_SIZE/g" /etc/php7.1/conf.d/apcu.ini \ + -e "s//$OPCACHE_MEM_SIZE/g" /etc/php7.1/conf.d/00_opcache.ini \ -e "s//$CRON_MEMORY_LIMIT/g" /etc/s6.d/cron/run \ -e "s//$CRON_PERIOD/g" /etc/s6.d/cron/run @@ -14,7 +13,7 @@ ln -sf /apps2 /nextcloud &>/dev/null mv nextcloud fix && mv fix nextcloud # fix strange bug echo "Updating permissions..." -for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7 /var/log /var/lib/nginx /var/lib/redis /tmp /etc/s6.d; do +for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7.1 /var/log /var/lib/nginx /tmp /etc/s6.d; do if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then echo "Updating permissions in $dir..." chown -R $UID:$GID $dir diff --git a/nextcloud/11.0/s6.d/cron/run b/nextcloud/11.0/s6.d/cron/run index 811e3f8..8188bcf 100644 --- a/nextcloud/11.0/s6.d/cron/run +++ b/nextcloud/11.0/s6.d/cron/run @@ -1,6 +1,6 @@ #!/bin/sh while true; do - php7 -d memory_limit= -f /nextcloud/cron.php + php7.1 -d memory_limit= -f /nextcloud/cron.php sleep done diff --git a/nextcloud/11.0/s6.d/php/run b/nextcloud/11.0/s6.d/php/run index e238021..e0b458a 100644 --- a/nextcloud/11.0/s6.d/php/run +++ b/nextcloud/11.0/s6.d/php/run @@ -1,2 +1,2 @@ #!/bin/sh -exec php-fpm7 +exec php-fpm7.1 diff --git a/nextcloud/11.0/s6.d/redis/run b/nextcloud/11.0/s6.d/redis/run deleted file mode 100644 index 4881331..0000000 --- a/nextcloud/11.0/s6.d/redis/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec redis-server /etc/redis.conf diff --git a/nextcloud/11.0/setup.sh b/nextcloud/11.0/setup.sh index a8ade50..b2c11d2 100755 --- a/nextcloud/11.0/setup.sh +++ b/nextcloud/11.0/setup.sh @@ -29,13 +29,6 @@ cat > $CONFIGFILE < '\OC\Memcache\APCu', - 'memcache.locking' => '\OC\Memcache\Redis', - 'redis' => array( - 'host' => '/tmp/redis.sock', - 'port' => 0, - 'timeout' => 0.0, - ), - 'instanceid' => '$instanceid', ); ?> @@ -74,7 +67,7 @@ echo "Starting automatic configuration..." # Execute ownCloud's setup step, which creates the ownCloud database. # It also wipes it if it exists. And it updates config.php with database # settings and deletes the autoconfig.php file. -(cd /nextcloud; php7 index.php) +(cd /nextcloud; php7.1 index.php) echo "Automatic configuration finished." # Update config.php. @@ -88,7 +81,7 @@ echo "Automatic configuration finished." # Use PHP to read the settings file, modify it, and write out the new settings array. CONFIG_TEMP=$(/bin/mktemp) -php7 < $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE +php7.1 < $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE '\OC\Memcache\Redis', - 'redis' => array( - 'host' => '/tmp/redis.sock', - 'port' => 0, - 'timeout' => 0.0, - ), -``` - -### Why choose this image over the official? -I wanted to make this official, and I was granted an access to the repository. But many people were opposed since my image doesn't respect Docker philosophy "one process per container". Honestly I don't give a shit, but I let them do their thing. Be aware I'm not a developper or anything else related, I maintain this image because I need it. Contributions are welcome! - -Why this over the official? I've already answered : this is an all-in-one container, so you can avoid complexity. Only the database is not included since the choice should be yours. Environment variables can be provided for a fast & simple setup. I also care about security : NO root processes (golden rule of my images), and the use of PGP verification whenever it's possible. So which one is better? Of course it's up to you, perhaps you'll prefer the official for its modularity, perhaps you'll prefer mine for its simplicity. - ### Tags - **latest** : latest stable version. (11.0) - **11.0** : latest 11.0.x version (stable) @@ -57,7 +40,6 @@ Other tags than `daily` are built weekly. For security reasons, you should occas - **UPLOAD_MAX_SIZE** : maximum upload size *(default : 10G)* - **APC_SHM_SIZE** : apc memory size *(default : 128M)* - **OPCACHE_MEM_SIZE** : opcache memory size in megabytes *(default : 128)* -- **REDIS_MAX_MEMORY** : memory limit for Redis *(default : 64mb)* - **CRON_PERIOD** : time interval between two cron tasks *(default : 15m)* - **CRON_MEMORY_LIMIT** : memory limit for PHP when executing cronjobs *(default : 1024m)* - **TZ** : the system/log timezone *(default : Etc/UTC)* @@ -78,7 +60,6 @@ Don't forget to use a **strong password** for the admin account! - **/data** : Nextcloud data. - **/config** : config.php location. - **/apps2** : Nextcloud downloaded apps. -- **/var/lib/redis** : Redis dumpfile location. ### Database Basically, you can use a database instance running on the host or any other machine. An easier solution is to use an external database container. I suggest you to use MariaDB, which is a reliable database server. You can use the official `mariadb` image available on Docker Hub to create a database container, which must be linked to the Nextcloud container. PostgreSQL can also be used as well. @@ -105,7 +86,6 @@ docker run -d --name nextcloud \ -e UPLOAD_MAX_SIZE=10G \ -e APC_SHM_SIZE=128M \ -e OPCACHE_MEM_SIZE=128 \ - -e REDIS_MAX_MEMORY=64mb \ -e CRON_PERIOD=15m \ -e TZ=Etc/UTC \ -e ADMIN_USER=mrrobot \ @@ -123,15 +103,7 @@ docker run -d --name nextcloud \ Now you have to use a **reverse proxy** in order to access to your container through Internet, steps and details are available at the end of the README.md. And that's it! Since you already configured Nextcloud through setting environment variables, there's no setup page. ### ARM-based devices -This image is available for `armhf` (Raspberry Pi 1 & 2, Scaleway C1, ...). Although Docker does support ARM-based devices, Docker Hub only builds for x86_64. That's why you will have to build this image yourself! Don't panic, this is easy. - -``` -git clone https://github.com/Wonderfall/dockerfiles.git -cd dockerfiles/nextcloud/10.0-armhf -docker build -t wonderfall/nextcloud . -``` - -The building process can take some time. +You will have to build yourself using an Alpine-ARM image, like `orax/alpine-armhf:edge`. ### Configure In the admin panel, you should switch from `AJAX cron` to `cron` (system cron). @@ -171,7 +143,6 @@ services: - UPLOAD_MAX_SIZE=10G - APC_SHM_SIZE=128M - OPCACHE_MEM_SIZE=128 - - REDIS_MAX_MEMORY=64mb - CRON_PERIOD=15m - TZ=Europe/Berlin - ADMIN_USER=admin @@ -203,7 +174,6 @@ nextcloud: - UPLOAD_MAX_SIZE=10G - APC_SHM_SIZE=128M - OPCACHE_MEM_SIZE=128 - - REDIS_MAX_MEMORY=64mb - CRON_PERIOD=15m - TZ=Europe/Berlin - ADMIN_USER=admin diff --git a/nextcloud/daily-armhf/Dockerfile b/nextcloud/daily-armhf/Dockerfile deleted file mode 100644 index aeb4c3b..0000000 --- a/nextcloud/daily-armhf/Dockerfile +++ /dev/null @@ -1,106 +0,0 @@ -FROM orax/alpine-armhf:edge -MAINTAINER Wonderfall - -ARG GNU_LIBICONV_VERSION=1.14 - -ENV UID=991 GID=991 \ - UPLOAD_MAX_SIZE=10G \ - APC_SHM_SIZE=128M \ - OPCACHE_MEM_SIZE=128 \ - REDIS_MAX_MEMORY=64mb \ - CRON_PERIOD=15m \ - TZ=Etc/UTC \ - DB_TYPE=sqlite3 \ - ADMIN_USER=admin \ - ADMIN_PASSWORD=admin - -RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \ - && echo "@testing https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ - && BUILD_DEPS=" \ - tar \ - build-base \ - autoconf \ - automake \ - libtool \ - samba-dev" \ - && apk -U add \ - ${BUILD_DEPS} \ - nginx \ - s6 \ - libressl \ - ca-certificates \ - libsmbclient \ - samba-client \ - su-exec \ - tzdata \ - redis \ - php7@commuedge \ - php7-fpm@commuedge \ - php7-intl@commuedge \ - php7-mbstring@commuedge \ - php7-curl@commuedge \ - php7-gd@commuedge \ - php7-mcrypt@commuedge \ - php7-opcache@commuedge \ - php7-json@commuedge \ - php7-session@commuedge \ - php7-pdo@commuedge \ - php7-dom@commuedge \ - php7-ctype@commuedge \ - php7-pdo_mysql@commuedge \ - php7-pdo_pgsql@commuedge \ - php7-pgsql@commuedge \ - php7-pdo_sqlite@commuedge \ - php7-sqlite3@commuedge \ - php7-zlib@commuedge \ - php7-zip@commuedge \ - php7-xmlreader@commuedge \ - php7-posix@commuedge \ - php7-openssl@commuedge \ - php7-ldap@commuedge \ - php7-ftp@commuedge \ - php7-pcntl@commuedge \ - php7-exif@commuedge \ - php7-apcu@testing \ - php7-redis@testing \ - php7-pear@commuedge \ - php7-dev@commuedge \ - && sed -i "$ s|\-n||g" /usr/bin/pecl && pecl install smbclient \ - && cd /tmp && wget -q http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${GNU_LIBICONV_VERSION}.tar.gz \ - && tar xzf libiconv-${GNU_LIBICONV_VERSION}.tar.gz && cd libiconv-${GNU_LIBICONV_VERSION} \ - && ./configure --prefix=/usr/local \ - && wget -q https://raw.githubusercontent.com/mxe/mxe/7e231efd245996b886b501dad780761205ecf376/src/libiconv-1-fixes.patch \ - && patch -p1 -u < libiconv-1-fixes.patch \ - && make && make install && libtool --finish /usr/local/lib && cd /tmp \ - && wget -q http://is1.php.net/get/php-7.0.13.tar.gz/from/this/mirror -O php7.tar.gz \ - && tar xzf php7.tar.gz && cd /tmp/php-7.0.13/ext/iconv && phpize7 \ - && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7 \ - && make && cp modules/iconv.so /usr/lib/php7/modules && cd /tmp \ - && echo "extension=iconv.so" > /etc/php7/conf.d/00_iconv.ini \ - && echo "extension=smbclient.so" > /etc/php7/conf.d/00_smbclient.ini \ - && mkdir /nextcloud \ - && wget -q https://download.nextcloud.com/server/daily/latest.tar.bz2 \ - && tar xjf latest.tar.bz2 --strip 1 -C /nextcloud \ - && apk del ${BUILD_DEPS} php7-pear php7-dev \ - && rm -rf /var/cache/apk/* /tmp/* - -COPY nginx.conf /etc/nginx/nginx.conf -COPY php-fpm.conf /etc/php7/php-fpm.conf -COPY opcache.ini /etc/php7/conf.d/00_opcache.ini -COPY apcu.ini /etc/php7/conf.d/apcu.ini -COPY redis.conf /etc/redis.conf -COPY run.sh /usr/local/bin/run.sh -COPY setup.sh /usr/local/bin/setup.sh -COPY occ /usr/local/bin/occ -COPY s6.d /etc/s6.d - -RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* - -VOLUME /data /config /apps2 /var/lib/redis - -EXPOSE 8888 - -LABEL description="A server software for creating file hosting services" \ - nextcloud="Nextcloud daily build" - -CMD ["run.sh"] diff --git a/nextcloud/daily-armhf/apcu.ini b/nextcloud/daily-armhf/apcu.ini deleted file mode 100644 index 1bf9b49..0000000 --- a/nextcloud/daily-armhf/apcu.ini +++ /dev/null @@ -1,4 +0,0 @@ -extension=apcu.so -apc.enabled=1 -apc.shm_size= -apc.ttl=7200 diff --git a/nextcloud/daily-armhf/nginx.conf b/nextcloud/daily-armhf/nginx.conf deleted file mode 100644 index 0633855..0000000 --- a/nextcloud/daily-armhf/nginx.conf +++ /dev/null @@ -1,113 +0,0 @@ -worker_processes auto; -pid /tmp/nginx.pid; -daemon off; - -events { - worker_connections 1024; - use epoll; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - access_log off; - error_log /tmp/ngx_error.log error; - - sendfile on; - keepalive_timeout 15; - keepalive_disable msie6; - keepalive_requests 100; - tcp_nopush on; - tcp_nodelay on; - server_tokens off; - - fastcgi_temp_path /tmp/fastcgi 1 2; - client_body_temp_path /tmp/client_body 1 2; - proxy_temp_path /tmp/proxy 1 2; - uwsgi_temp_path /tmp/uwsgi 1 2; - scgi_temp_path /tmp/scgi 1 2; - - gzip off; - - server { - listen 8888; - root /nextcloud; - - client_max_body_size ; - fastcgi_buffers 64 4K; - - error_page 403 /core/templates/403.php; - error_page 404 /core/templates/404.php; - - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location = /.well-known/carddav { - return 301 $scheme://$host/remote.php/dav; - } - - location = /.well-known/caldav { - return 301 $scheme://$host/remote.php/dav; - } - - location / { - rewrite ^ /index.php$uri; - } - - location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { - deny all; - } - - location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } - - location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { - include fastcgi_params; - fastcgi_split_path_info ^(.+\.php)(/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param modHeadersAvailable true; - fastcgi_param front_controller_active true; - fastcgi_pass unix:/tmp/php-fpm.sock; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - fastcgi_read_timeout 1200; - } - - location ~ ^/(?:updater|ocs-provider)(?:$|/) { - try_files $uri/ =404; - index index.php; - } - - location ~* \.(?:css|js)$ { - try_files $uri /index.php$uri$is_args$args; - add_header Cache-Control "public, max-age=7200"; - add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - access_log off; - } - - location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { - try_files $uri /index.php$uri$is_args$args; - access_log off; - } - } -} diff --git a/nextcloud/daily-armhf/occ b/nextcloud/daily-armhf/occ deleted file mode 100644 index a766ef6..0000000 --- a/nextcloud/daily-armhf/occ +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -su-exec $UID:$GID php7 /nextcloud/occ $@ diff --git a/nextcloud/daily-armhf/opcache.ini b/nextcloud/daily-armhf/opcache.ini deleted file mode 100644 index 705e399..0000000 --- a/nextcloud/daily-armhf/opcache.ini +++ /dev/null @@ -1,8 +0,0 @@ -zend_extension=opcache.so -opcache.enable=1 -opcache.enable_cli=1 -opcache.fast_shutdown=1 -opcache.memory_consumption= -opcache.interned_strings_buffer=16 -opcache.max_accelerated_files=5413 -opcache.revalidate_freq=60 diff --git a/nextcloud/daily-armhf/php-fpm.conf b/nextcloud/daily-armhf/php-fpm.conf deleted file mode 100644 index 2bb8380..0000000 --- a/nextcloud/daily-armhf/php-fpm.conf +++ /dev/null @@ -1,18 +0,0 @@ -[global] -daemonize = no - -[www] -listen = /tmp/php-fpm.sock -pm = dynamic -pm.max_children = 15 -pm.start_servers = 2 -pm.min_spare_servers = 1 -pm.max_spare_servers = 6 -chdir = / -request_terminate_timeout = 0 -env[PATH] = /usr/local/bin:/usr/bin:/bin -php_admin_value[post_max_size] = -php_admin_value[upload_max_filesize] = -php_admin_value[max_execution_time] = 10800 -php_admin_value[max_input_time] = 3600 -php_admin_value[expose_php] = Off diff --git a/nextcloud/daily-armhf/redis.conf b/nextcloud/daily-armhf/redis.conf deleted file mode 100644 index c26fc6b..0000000 --- a/nextcloud/daily-armhf/redis.conf +++ /dev/null @@ -1,14 +0,0 @@ -bind 127.0.0.1 -protected-mode yes -port 0 -unixsocket /tmp/redis.sock -unixsocketperm 700 -daemonize no -pidfile /tmp/redis.pid -logfile /tmp/redis.log -save 900 1 -save 300 10 -save 60 10000 -dbfilename dump.rdb -dir /var/lib/redis/ -maxmemory diff --git a/nextcloud/daily-armhf/run.sh b/nextcloud/daily-armhf/run.sh deleted file mode 100644 index 48aa6da..0000000 --- a/nextcloud/daily-armhf/run.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -sed -i -e "s//$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7/php-fpm.conf \ - -e "s//$APC_SHM_SIZE/g" /etc/php7/conf.d/apcu.ini \ - -e "s//$OPCACHE_MEM_SIZE/g" /etc/php7/conf.d/00_opcache.ini \ - -e "s//$REDIS_MAX_MEMORY/g" /etc/redis.conf \ - -e "s//$CRON_PERIOD/g" /etc/s6.d/cron/run - -# Put the configuration and apps into volumes -ln -sf /config/config.php /nextcloud/config/config.php &>/dev/null -ln -sf /apps2 /nextcloud &>/dev/null - -for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7 /var/log /var/lib/nginx /var/lib/redis /tmp /etc/s6.d; do - if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then - chown -R $UID:$GID $dir - fi -done - -if [ ! -f /config/config.php ]; then - # New installation, run the setup - /usr/local/bin/setup.sh -else - occ upgrade - if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then - echo "Trying ownCloud upgrade again to work around ownCloud upgrade bug..." - occ upgrade - if [ \( $? -ne 0 \) -a \( $? -ne 3 \) ]; then exit 1; fi - occ maintenance:mode --off - echo "...which seemed to work." - fi -fi - -exec su-exec $UID:$GID /bin/s6-svscan /etc/s6.d diff --git a/nextcloud/daily-armhf/s6.d/.s6-svscan/finish b/nextcloud/daily-armhf/s6.d/.s6-svscan/finish deleted file mode 100644 index c52d3c2..0000000 --- a/nextcloud/daily-armhf/s6.d/.s6-svscan/finish +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh - -exit 0 diff --git a/nextcloud/daily-armhf/s6.d/cron/run b/nextcloud/daily-armhf/s6.d/cron/run deleted file mode 100644 index 2e6fec5..0000000 --- a/nextcloud/daily-armhf/s6.d/cron/run +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -while true; do - php7 -f /nextcloud/cron.php - sleep -done diff --git a/nextcloud/daily-armhf/s6.d/nginx/run b/nextcloud/daily-armhf/s6.d/nginx/run deleted file mode 100644 index eaf8049..0000000 --- a/nextcloud/daily-armhf/s6.d/nginx/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec nginx diff --git a/nextcloud/daily-armhf/s6.d/php/run b/nextcloud/daily-armhf/s6.d/php/run deleted file mode 100644 index e238021..0000000 --- a/nextcloud/daily-armhf/s6.d/php/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec php-fpm7 diff --git a/nextcloud/daily-armhf/s6.d/redis/run b/nextcloud/daily-armhf/s6.d/redis/run deleted file mode 100644 index 4881331..0000000 --- a/nextcloud/daily-armhf/s6.d/redis/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec redis-server /etc/redis.conf diff --git a/nextcloud/daily-armhf/setup.sh b/nextcloud/daily-armhf/setup.sh deleted file mode 100755 index a8ade50..0000000 --- a/nextcloud/daily-armhf/setup.sh +++ /dev/null @@ -1,112 +0,0 @@ -#!/bin/sh -# Nextcloud -########################## - -#source setup/functions.sh # load our functions -#source /etc/mailinabox.conf # load global vars -CONFIGFILE=/config/config.php - - -# Create an initial configuration file. -instanceid=oc$(echo $PRIMARY_HOSTNAME | sha1sum | fold -w 10 | head -n 1) -cat > $CONFIGFILE < '/data', - - "apps_paths" => array ( - 0 => array ( - "path" => "/nextcloud/apps", - "url" => "/apps", - "writable" => false, - ), - 1 => array ( - "path" => "/apps2", - "url" => "/apps2", - "writable" => true, - ), - ), - - 'memcache.local' => '\OC\Memcache\APCu', - - 'memcache.locking' => '\OC\Memcache\Redis', - 'redis' => array( - 'host' => '/tmp/redis.sock', - 'port' => 0, - 'timeout' => 0.0, - ), - - 'instanceid' => '$instanceid', -); -?> -EOF - -# Create an auto-configuration file to fill in database settings -# when the install script is run. Make an administrator account -# here or else the install can't finish. -adminpassword=$(dd if=/dev/urandom bs=1 count=40 2>/dev/null | sha1sum | fold -w 30 | head -n 1) -cat > /nextcloud/config/autoconfig.php < '/data', - 'dbtype' => '${DB_TYPE:-sqlite3}', - 'dbname' => '${DB_NAME:-nextcloud}', - 'dbuser' => '${DB_USER:-nextcloud}', - 'dbpass' => '${DB_PASSWORD:-password}', - 'dbhost' => '${DB_HOST:-nextcloud-db}', - 'dbtableprefix' => 'oc_', -EOF -if [[ ! -z "$ADMIN_USER" ]]; then - cat >> /nextcloud/config/autoconfig.php < '${ADMIN_USER}', - 'adminpass' => '${ADMIN_PASSWORD}', -EOF -fi -cat >> /nextcloud/config/autoconfig.php < -EOF - -echo "Starting automatic configuration..." -# Execute ownCloud's setup step, which creates the ownCloud database. -# It also wipes it if it exists. And it updates config.php with database -# settings and deletes the autoconfig.php file. -(cd /nextcloud; php7 index.php) -echo "Automatic configuration finished." - -# Update config.php. -# * trusted_domains is reset to localhost by autoconfig starting with ownCloud 8.1.1, -# so set it here. It also can change if the box's PRIMARY_HOSTNAME changes, so -# this will make sure it has the right value. -# * Some settings weren't included in previous versions of Mail-in-a-Box. -# * We need to set the timezone to the system timezone to allow fail2ban to ban -# users within the proper timeframe -# * We need to set the logdateformat to something that will work correctly with fail2ban -# Use PHP to read the settings file, modify it, and write out the new settings array. - -CONFIG_TEMP=$(/bin/mktemp) -php7 < $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE - -EOF - -chown -R $UID:$GID /config /data -# Enable/disable apps. Note that this must be done after the ownCloud setup. -# The firstrunwizard gave Josh all sorts of problems, so disabling that. -# user_external is what allows ownCloud to use IMAP for login. The contacts -# and calendar apps are the extensions we really care about here. -occ app:disable firstrunwizard diff --git a/nextcloud/daily/Dockerfile b/nextcloud/daily/Dockerfile index 54c669a..4bc7b38 100644 --- a/nextcloud/daily/Dockerfile +++ b/nextcloud/daily/Dockerfile @@ -1,29 +1,30 @@ FROM alpine:edge -MAINTAINER Wonderfall ARG GNU_LIBICONV_VERSION=1.14 +ARG GPG_nextcloud="2880 6A87 8AE4 23A2 8372 792E D758 99B9 A724 937A" ENV UID=991 GID=991 \ UPLOAD_MAX_SIZE=10G \ APC_SHM_SIZE=128M \ OPCACHE_MEM_SIZE=128 \ - REDIS_MAX_MEMORY=64mb \ CRON_PERIOD=15m \ + CRON_MEMORY_LIMIT=1g \ TZ=Etc/UTC \ DB_TYPE=sqlite3 \ ADMIN_USER=admin \ ADMIN_PASSWORD=admin -RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \ +RUN echo "@testing https://nl.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \ && echo "@testing https://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \ && BUILD_DEPS=" \ + gnupg \ tar \ build-base \ autoconf \ automake \ libtool \ samba-dev" \ - && apk -U add \ + && apk -U upgrade && apk add \ ${BUILD_DEPS} \ nginx \ s6 \ @@ -33,62 +34,60 @@ RUN echo "@commuedge https://nl.alpinelinux.org/alpine/edge/community" >> /etc/a samba-client \ su-exec \ tzdata \ - redis \ - php7@commuedge \ - php7-fpm@commuedge \ - php7-intl@commuedge \ - php7-mbstring@commuedge \ - php7-curl@commuedge \ - php7-gd@commuedge \ - php7-mcrypt@commuedge \ - php7-opcache@commuedge \ - php7-json@commuedge \ - php7-session@commuedge \ - php7-pdo@commuedge \ - php7-dom@commuedge \ - php7-ctype@commuedge \ - php7-pdo_mysql@commuedge \ - php7-pdo_pgsql@commuedge \ - php7-pgsql@commuedge \ - php7-pdo_sqlite@commuedge \ - php7-sqlite3@commuedge \ - php7-zlib@commuedge \ - php7-zip@commuedge \ - php7-xmlreader@commuedge \ - php7-posix@commuedge \ - php7-openssl@commuedge \ - php7-ldap@commuedge \ - php7-ftp@commuedge \ - php7-pcntl@commuedge \ - php7-exif@commuedge \ - php7-apcu@testing \ - php7-redis@testing \ - php7-pear@commuedge \ - php7-dev@commuedge \ - && sed -i "$ s|\-n||g" /usr/bin/pecl && pecl install smbclient \ + php7.1@testing \ + php7.1-fpm@testing \ + php7.1-intl@testing \ + php7.1-mbstring@testing \ + php7.1-curl@testing \ + php7.1-gd@testing \ + php7.1-mcrypt@testing \ + php7.1-opcache@testing \ + php7.1-json@testing \ + php7.1-session@testing \ + php7.1-pdo@testing \ + php7.1-dom@testing \ + php7.1-ctype@testing \ + php7.1-pdo_mysql@testing \ + php7.1-pdo_pgsql@testing \ + php7.1-pgsql@testing \ + php7.1-pdo_sqlite@testing \ + php7.1-sqlite3@testing \ + php7.1-zlib@testing \ + php7.1-zip@testing \ + php7.1-xmlreader@testing \ + php7.1-xml@testing \ + php7.1-xmlwriter@testing \ + php7.1-posix@testing \ + php7.1-openssl@testing \ + php7.1-ldap@testing \ + php7.1-ftp@testing \ + php7.1-pcntl@testing \ + php7.1-exif@testing \ + php7.1-pear@testing \ + php7.1-dev@testing \ + && sed -i "$ s|\-n||g" /usr/bin/pecl && pecl install smbclient apcu \ && cd /tmp && wget -q http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${GNU_LIBICONV_VERSION}.tar.gz \ && tar xzf libiconv-${GNU_LIBICONV_VERSION}.tar.gz && cd libiconv-${GNU_LIBICONV_VERSION} \ && ./configure --prefix=/usr/local \ && wget -q https://raw.githubusercontent.com/mxe/mxe/7e231efd245996b886b501dad780761205ecf376/src/libiconv-1-fixes.patch \ && patch -p1 -u < libiconv-1-fixes.patch \ && make && make install && libtool --finish /usr/local/lib && cd /tmp \ - && wget -q http://is1.php.net/get/php-7.0.13.tar.gz/from/this/mirror -O php7.tar.gz \ - && tar xzf php7.tar.gz && cd /tmp/php-7.0.13/ext/iconv && phpize7 \ - && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7 \ - && make && cp modules/iconv.so /usr/lib/php7/modules && cd /tmp \ - && echo "extension=iconv.so" > /etc/php7/conf.d/00_iconv.ini \ - && echo "extension=smbclient.so" > /etc/php7/conf.d/00_smbclient.ini \ + && wget -q http://is1.php.net/get/php-7.1.1.tar.gz/from/this/mirror -O php7.1.tar.gz \ + && tar xzf php7.1.tar.gz && cd /tmp/php-7.1.1/ext/iconv && phpize7.1 \ + && ./configure --with-iconv=/usr/local --with-php-config=/usr/bin/php-config7.1 \ + && make && cp modules/iconv.so /usr/lib/php7.1/modules && cd /tmp \ + && echo "extension=iconv.so" > /etc/php7.1/conf.d/00_iconv.ini \ + && echo "extension=smbclient.so" > /etc/php7.1/conf.d/00_smbclient.ini \ && mkdir /nextcloud \ && wget -q https://download.nextcloud.com/server/daily/latest.tar.bz2 \ && tar xjf latest.tar.bz2 --strip 1 -C /nextcloud \ - && apk del ${BUILD_DEPS} php7-pear php7-dev \ - && rm -rf /var/cache/apk/* /tmp/* + && apk del ${BUILD_DEPS} php7.1-pear php7.1-dev \ + && rm -rf /var/cache/apk/* /tmp/* /root/.gnupg COPY nginx.conf /etc/nginx/nginx.conf -COPY php-fpm.conf /etc/php7/php-fpm.conf -COPY opcache.ini /etc/php7/conf.d/00_opcache.ini -COPY apcu.ini /etc/php7/conf.d/apcu.ini -COPY redis.conf /etc/redis.conf +COPY php-fpm.conf /etc/php7.1/php-fpm.conf +COPY opcache.ini /etc/php7.1/conf.d/00_opcache.ini +COPY apcu.ini /etc/php7.1/conf.d/apcu.ini COPY run.sh /usr/local/bin/run.sh COPY setup.sh /usr/local/bin/setup.sh COPY occ /usr/local/bin/occ @@ -96,11 +95,12 @@ COPY s6.d /etc/s6.d RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/* -VOLUME /data /config /apps2 /var/lib/redis +VOLUME /data /config /apps2 EXPOSE 8888 LABEL description="A server software for creating file hosting services" \ - nextcloud="Nextcloud daily build" + nextcloud="Nextcloud daily" \ + maintainer="Wonderfall " CMD ["run.sh"] diff --git a/nextcloud/daily/occ b/nextcloud/daily/occ index a766ef6..e7a37a7 100644 --- a/nextcloud/daily/occ +++ b/nextcloud/daily/occ @@ -1,2 +1,2 @@ #!/bin/sh -su-exec $UID:$GID php7 /nextcloud/occ $@ +su-exec $UID:$GID php7.1 /nextcloud/occ $@ diff --git a/nextcloud/daily/redis.conf b/nextcloud/daily/redis.conf deleted file mode 100644 index c26fc6b..0000000 --- a/nextcloud/daily/redis.conf +++ /dev/null @@ -1,14 +0,0 @@ -bind 127.0.0.1 -protected-mode yes -port 0 -unixsocket /tmp/redis.sock -unixsocketperm 700 -daemonize no -pidfile /tmp/redis.pid -logfile /tmp/redis.log -save 900 1 -save 300 10 -save 60 10000 -dbfilename dump.rdb -dir /var/lib/redis/ -maxmemory diff --git a/nextcloud/daily/run.sh b/nextcloud/daily/run.sh index 48aa6da..451103d 100644 --- a/nextcloud/daily/run.sh +++ b/nextcloud/daily/run.sh @@ -1,20 +1,27 @@ #!/bin/sh -sed -i -e "s//$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7/php-fpm.conf \ - -e "s//$APC_SHM_SIZE/g" /etc/php7/conf.d/apcu.ini \ - -e "s//$OPCACHE_MEM_SIZE/g" /etc/php7/conf.d/00_opcache.ini \ - -e "s//$REDIS_MAX_MEMORY/g" /etc/redis.conf \ +sed -i -e "s//$UPLOAD_MAX_SIZE/g" /etc/nginx/nginx.conf /etc/php7.1/php-fpm.conf \ + -e "s//$APC_SHM_SIZE/g" /etc/php7.1/conf.d/apcu.ini \ + -e "s//$OPCACHE_MEM_SIZE/g" /etc/php7.1/conf.d/00_opcache.ini \ + -e "s//$CRON_MEMORY_LIMIT/g" /etc/s6.d/cron/run \ -e "s//$CRON_PERIOD/g" /etc/s6.d/cron/run # Put the configuration and apps into volumes ln -sf /config/config.php /nextcloud/config/config.php &>/dev/null ln -sf /apps2 /nextcloud &>/dev/null -for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7 /var/log /var/lib/nginx /var/lib/redis /tmp /etc/s6.d; do +mv nextcloud fix && mv fix nextcloud # fix strange bug + +echo "Updating permissions..." +for dir in /nextcloud /data /config /apps2 /etc/nginx /etc/php7.1 /var/log /var/lib/nginx /tmp /etc/s6.d; do if $(find $dir ! -user $UID -o ! -group $GID|egrep '.' -q); then + echo "Updating permissions in $dir..." chown -R $UID:$GID $dir + else + echo "Permissions in $dir are correct." fi done +echo "Done updating permissions." if [ ! -f /config/config.php ]; then # New installation, run the setup diff --git a/nextcloud/daily/s6.d/cron/run b/nextcloud/daily/s6.d/cron/run index 2e6fec5..8188bcf 100644 --- a/nextcloud/daily/s6.d/cron/run +++ b/nextcloud/daily/s6.d/cron/run @@ -1,6 +1,6 @@ #!/bin/sh while true; do - php7 -f /nextcloud/cron.php + php7.1 -d memory_limit= -f /nextcloud/cron.php sleep done diff --git a/nextcloud/daily/s6.d/php/run b/nextcloud/daily/s6.d/php/run index e238021..e0b458a 100644 --- a/nextcloud/daily/s6.d/php/run +++ b/nextcloud/daily/s6.d/php/run @@ -1,2 +1,2 @@ #!/bin/sh -exec php-fpm7 +exec php-fpm7.1 diff --git a/nextcloud/daily/s6.d/redis/run b/nextcloud/daily/s6.d/redis/run deleted file mode 100644 index 4881331..0000000 --- a/nextcloud/daily/s6.d/redis/run +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec redis-server /etc/redis.conf diff --git a/nextcloud/daily/setup.sh b/nextcloud/daily/setup.sh index a8ade50..b2c11d2 100755 --- a/nextcloud/daily/setup.sh +++ b/nextcloud/daily/setup.sh @@ -29,13 +29,6 @@ cat > $CONFIGFILE < '\OC\Memcache\APCu', - 'memcache.locking' => '\OC\Memcache\Redis', - 'redis' => array( - 'host' => '/tmp/redis.sock', - 'port' => 0, - 'timeout' => 0.0, - ), - 'instanceid' => '$instanceid', ); ?> @@ -74,7 +67,7 @@ echo "Starting automatic configuration..." # Execute ownCloud's setup step, which creates the ownCloud database. # It also wipes it if it exists. And it updates config.php with database # settings and deletes the autoconfig.php file. -(cd /nextcloud; php7 index.php) +(cd /nextcloud; php7.1 index.php) echo "Automatic configuration finished." # Update config.php. @@ -88,7 +81,7 @@ echo "Automatic configuration finished." # Use PHP to read the settings file, modify it, and write out the new settings array. CONFIG_TEMP=$(/bin/mktemp) -php7 < $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE +php7.1 < $CONFIG_TEMP && mv $CONFIG_TEMP $CONFIGFILE