diff --git a/Dockerfile b/Dockerfile index 478f0d4..b594583 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,103 +1,104 @@ FROM alpine:3.14 AS builder -ENV NC_VERSION=21.0.2 -ENV NC_SHA256_SUM=5e5b38109a3485db5fd2d248f24478eabe6c0790ec10b030acbbee207d5511fe +ENV NC_VERSION=22.1.0 +ENV NC_SHA256_SUM=4820808f799146853604e1fa27d7f292449018a44dc73bf928a97b02028318ba RUN wget https://download.nextcloud.com/server/releases/nextcloud-$NC_VERSION.tar.bz2 RUN echo "$NC_SHA256_SUM nextcloud-$NC_VERSION.tar.bz2" | sha256sum -c - || exit 1 RUN mkdir -p /var/lib/nextcloud RUN tar xjf nextcloud-$NC_VERSION.tar.bz2 -C /var/lib/nextcloud --strip 1 -ENV TFA_VERSION=v6.0.0 -ENV TFA_SHA256_SUM=29f64c5d825ac6967d514ce0ecadc19f9b4f8f9669019db1ffa96348acbfd820 -RUN wget https://github.com/nextcloud/twofactor_totp/releases/download/$TFA_VERSION/twofactor_totp.tar.gz -RUN echo "$TFA_SHA256_SUM twofactor_totp.tar.gz" | sha256sum -c - || exit 1 +ENV TFA_VERSION=v6.1.0 +ENV TFA_SHA256_SUM=e640d59af3f595ad987cf7bd0e1ce4d043541e5817482a613eacd6b123d0b8ad +RUN wget https://github.com/nextcloud/twofactor_totp/archive/refs/tags/$TFA_VERSION.tar.gz +RUN echo "$TFA_SHA256_SUM $TFA_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/twofactor_totp -RUN tar xzf twofactor_totp.tar.gz -C /var/lib/nextcloud/apps/twofactor_totp --strip 1 +RUN tar xzf $TFA_VERSION.tar.gz -C /var/lib/nextcloud/apps/twofactor_totp --strip 1 -ENV U2F_VERSION=v6.1.0 -ENV U2F_SHA256_SUM=40bd5ccd3560358b0fc8d5ad0e541bc7f7b9229abbc4c55457dc3e9bf2c7c062 -RUN wget https://github.com/nextcloud/twofactor_u2f/releases/download/$U2F_VERSION/twofactor_u2f.tar.gz -RUN echo "$U2F_SHA256_SUM twofactor_u2f.tar.gz" | sha256sum -c - || exit 1 +ENV U2F_VERSION=v6.2.0 +ENV U2F_SHA256_SUM=a52b5513696134b7d4a8d21d24c23c4c49d90dd0a5d8ea68ddca52bc927c22f1 +RUN wget https://github.com/nextcloud/twofactor_u2f/archive/refs/tags/$U2F_VERSION.tar.gz +RUN echo "$U2F_SHA256_SUM $U2F_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/twofactor_u2f -RUN tar xzf twofactor_u2f.tar.gz -C /var/lib/nextcloud/apps/twofactor_u2f --strip 1 +RUN tar xzf $U2F_VERSION.tar.gz -C /var/lib/nextcloud/apps/twofactor_u2f --strip 1 -ENV POLLS_VERSION=2.0.2 -ENV POLLS_SHA256_SUM=4b4e734e106d8b413deeb65023b049ee747c0323860493cc7a47f84634cf0d95 +ENV POLLS_VERSION=3.1.0 +ENV POLLS_SHA256_SUM=16273dc0cd018429f27371ae024c1b0fbd12c16d785dff18dcc2b131a490cbb7 RUN wget https://github.com/nextcloud/polls/releases/download/v$POLLS_VERSION/polls-$POLLS_VERSION.tar.gz RUN echo "$POLLS_SHA256_SUM polls-$POLLS_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/polls RUN tar xzf polls-$POLLS_VERSION.tar.gz -C /var/lib/nextcloud/apps/polls --strip 1 -ENV CONTACTS_VERSION=v3.5.1 -ENV CONTACTS_SHA256_SUM=d83f6af637e436b4e16fcba8c4d4e3b878082a77f4b552738abfe1aad0b0aae7 -RUN wget https://github.com/nextcloud/contacts/releases/download/$CONTACTS_VERSION/contacts.tar.gz -RUN echo "$CONTACTS_SHA256_SUM contacts.tar.gz" | sha256sum -c - || exit 1 +ENV CONTACTS_VERSION=v4.0.1 +ENV CONTACTS_SHA256_SUM=bab5bdec9b0a7cd34c13ca52937326cba993bd9d81126156689ec74a4703756d +RUN wget https://github.com/nextcloud/contacts/archive/refs/tags/$CONTACTS_VERSION.tar.gz +RUN echo "$CONTACTS_SHA256_SUM $CONTACTS_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/contacts -RUN tar xzf contacts.tar.gz -C /var/lib/nextcloud/apps/contacts --strip 1 +RUN tar xzf $CONTACTS_VERSION.tar.gz -C /var/lib/nextcloud/apps/contacts --strip 1 -ENV CALENDAR_VERSION=v2.2.2 -ENV CALENDAR_SHA256_SUM=5080aad2e23179de454885bc27f3911d6c45c48b81d0f3163e9c84c97f00e008 -RUN wget https://github.com/nextcloud/calendar/releases/download/$CALENDAR_VERSION/calendar.tar.gz -RUN echo "$CALENDAR_SHA256_SUM calendar.tar.gz" | sha256sum -c - || exit 1 +ENV CALENDAR_VERSION=v2.3.2 +ENV CALENDAR_SHA256_SUM=1dcadd5a431907a3135aa31837a0c60b01455f84db86b74731454aeda86ee85e +RUN wget https://github.com/nextcloud/calendar/archive/refs/tags/$CALENDAR_VERSION.tar.gz +RUN echo "$CALENDAR_SHA256_SUM $CALENDAR_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/calendar -RUN tar xzf calendar.tar.gz -C /var/lib/nextcloud/apps/calendar --strip 1 +RUN tar xzf $CALENDAR_VERSION.tar.gz -C /var/lib/nextcloud/apps/calendar --strip 1 -ENV TASKS_VERSION=v0.13.6 -ENV TASKS_SHA256_SUM=98bbe7be9e0315af247572da6ef2c6f67ee1387065ca69a56988ee0a77367f11 +ENV TASKS_VERSION=v0.14.1 +ENV TASKS_SHA256_SUM=0326d6b80d7bddf7f015bff5c75725897b26575300b2c2b15c8710e8f4d20d41 RUN wget https://github.com/nextcloud/tasks/releases/download/$TASKS_VERSION/tasks.tar.gz RUN echo "$TASKS_SHA256_SUM tasks.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/tasks RUN tar xzf tasks.tar.gz -C /var/lib/nextcloud/apps/tasks --strip 1 -ENV NOTES_VERSION=v4.0.4 -ENV NOTES_SHA256_SUM=83c547a1024de1a0d31b9a1b2374124882c9e85ca0bc0c9d8ced0d08db4e0397 +ENV NOTES_VERSION=v4.1.1 +ENV NOTES_SHA256_SUM=10800e6d42f8d4976cd80247e7fa6a8f61bca8e2fe8d3c14472d4987b38d003d RUN wget https://github.com/nextcloud/notes/releases/download/$NOTES_VERSION/notes.tar.gz RUN echo "$NOTES_SHA256_SUM notes.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/notes RUN tar xzf notes.tar.gz -C /var/lib/nextcloud/apps/notes --strip 1 -ENV NEWS_VERSION=15.4.5 -ENV NEWS_SHA256_SUM=01564de929fdba032b9de236e46f9b53eac580b205f1789101870758a4a372c6 +ENV NEWS_VERSION=16.0.1 +ENV NEWS_SHA256_SUM=b2ce381307e91759ff2b95a636afec62851246cd01a705ef22330884d31ef6d2 RUN wget https://github.com/nextcloud/news/releases/download/$NEWS_VERSION/news.tar.gz RUN echo "$NEWS_SHA256_SUM news.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/news RUN tar xzf news.tar.gz -C /var/lib/nextcloud/apps/news --strip 1 -ENV EMAIL_VERSION=v1.9.5 -ENV EMAIL_SHA256_SUM=949089ac8f1cfe4d710091baef43ebdc4941e42f2687971d8dbad801a7117b66 -RUN wget https://github.com/nextcloud/mail/releases/download/$EMAIL_VERSION/mail.tar.gz -RUN echo "$EMAIL_SHA256_SUM mail.tar.gz" | sha256sum -c - || exit 1 +ENV EMAIL_VERSION=v1.10.3 +ENV EMAIL_SHA256_SUM=1d03d78936f04286d03432b26b916fd9a9f94b76169e2402aac42ff9f3c9da96 +RUN wget https://github.com/nextcloud/mail/archive/refs/tags/$EMAIL_VERSION.tar.gz +RUN echo "$EMAIL_SHA256_SUM $EMAIL_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/mail -RUN tar xzf mail.tar.gz -C /var/lib/nextcloud/apps/mail --strip 1 +RUN tar xzf $EMAIL_VERSION.tar.gz -C /var/lib/nextcloud/apps/mail --strip 1 -ENV ELEMENT_VERSION=v0.7.11 -ENV ELEMENT_SHA256_SUM=1037a7ceddff2337b96af49e219267bce772082cebe38a526c56bb9ab2d96ad7 -RUN wget https://github.com/gary-kim/riotchat/releases/download/$ELEMENT_VERSION/riotchat.tar.gz -RUN echo "$ELEMENT_SHA256_SUM riotchat.tar.gz" | sha256sum -c - || exit 1 -RUN mkdir /var/lib/nextcloud/apps/riotchat -RUN tar xzf riotchat.tar.gz -C /var/lib/nextcloud/apps/riotchat --strip 1 - -ENV MASTODON_INTEGRATION_VERSION=1.0.0 -ENV MASTODON_INTEGRATION_SHA256_SUM=7555d2c5343f3095ddaff9639215e34c6ba7aad0b2ca57926dcab052417bc3e4 +ENV MASTODON_INTEGRATION_VERSION=1.0.1 +ENV MASTODON_INTEGRATION_SHA256_SUM=fabfd6078be4a0b0cc7066624705cb1781724839a1a0c1a67c6410a3fda0810d RUN wget https://github.com/nextcloud/integration_mastodon/releases/download/v$MASTODON_INTEGRATION_VERSION/integration_mastodon-$MASTODON_INTEGRATION_VERSION.tar.gz RUN echo "$MASTODON_INTEGRATION_SHA256_SUM integration_mastodon-$MASTODON_INTEGRATION_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/integration_mastodon RUN tar xzf integration_mastodon-$MASTODON_INTEGRATION_VERSION.tar.gz -C /var/lib/nextcloud/apps/integration_mastodon --strip 1 -ENV GITHUB_INTEGRATION_VERSION=1.0.0 -ENV GITHUB_INTEGRATION_SHA256_SUM=1b35808e885d4fac350d44bf842d35245ee731d0e80f54ec5f04a4bf0592e382 +ENV GITHUB_INTEGRATION_VERSION=1.0.1 +ENV GITHUB_INTEGRATION_SHA256_SUM=4dc38c2d83455cfcd1695c3daeaae5050edfeb8b16c1460140952d652fb156bd RUN wget https://github.com/nextcloud/integration_github/releases/download/v$GITHUB_INTEGRATION_VERSION/integration_github-$GITHUB_INTEGRATION_VERSION.tar.gz RUN echo "$GITHUB_INTEGRATION_SHA256_SUM integration_github-$GITHUB_INTEGRATION_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/integration_github RUN tar xzf integration_github-$GITHUB_INTEGRATION_VERSION.tar.gz -C /var/lib/nextcloud/apps/integration_github --strip 1 -ENV GITLAB_INTEGRATION_VERSION=1.0.0 -ENV GITLAB_INTEGRATION_SHA256_SUM=a940870f78ee68c1b3ef0767aaf882ee5f863023b459467312058fa61fe11075 +ENV GITLAB_INTEGRATION_VERSION=1.0.1 +ENV GITLAB_INTEGRATION_SHA256_SUM=569c6b902f72bd3c637397b6419e498a305f3c048533d90de4701777d6c4e7eb RUN wget https://github.com/nextcloud/integration_gitlab/releases/download/v$GITLAB_INTEGRATION_VERSION/integration_gitlab-$GITLAB_INTEGRATION_VERSION.tar.gz RUN echo "$GITLAB_INTEGRATION_SHA256_SUM integration_gitlab-$GITLAB_INTEGRATION_VERSION.tar.gz" | sha256sum -c - || exit 1 RUN mkdir /var/lib/nextcloud/apps/integration_gitlab RUN tar xzf integration_gitlab-$GITLAB_INTEGRATION_VERSION.tar.gz -C /var/lib/nextcloud/apps/integration_gitlab --strip 1 +ENV SOCIAL_LOGIN_VERSION=v4.8.3 +ENV SOCIAL_LOGIN_SHA256_SUM=1aee365291749b1126b1c2661877e79e5fe957527090eec1393d97d16f4774f1 +RUN wget https://github.com/zorn-v/nextcloud-social-login/releases/download/$SOCIAL_LOGIN_VERSION/release.tar.gz +RUN echo "$SOCIAL_LOGIN_SHA256_SUM release.tar.gz" | sha256sum -c - || exit 1 +RUN mkdir /var/lib/nextcloud/apps/sociallogin +RUN tar xzf release.tar.gz -C /var/lib/nextcloud/apps/sociallogin --strip 1 + + FROM thallian/php8-fpm:latest COPY --from=builder /var/lib/nextcloud /var/lib/nextcloud @@ -113,7 +114,6 @@ RUN apk add --no-cache \ php8-pecl-apcu \ php8-opcache \ php8-pcntl \ - #php7-imagick \ php8-ctype \ php8-curl \ php8-dom \ @@ -136,8 +136,7 @@ RUN apk add --no-cache \ php8-intl \ php8-exif \ php8-bcmath \ - php8-gmp \ - php8-ldap + php8-gmp RUN chown -R nginx:nginx /var/lib/nextcloud RUN rm /etc/nginx/http.d/default.conf diff --git a/README.md b/README.md index 1ddb652..65737ff 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -[Nextcloud](https://nextcloud.com/) with ldap authentication (needs a postgres database). +[Nextcloud](https://nextcloud.com/) with postgres backend. Seperately installed apps are not persistent because there is no possibility of setting the app_path with occ. @@ -71,50 +71,6 @@ Username for SMTP authentication. ## MAIL_SMTP_PASSWORD Password for SMTP authentication. -## LDAP_HOST -Ldap host. - -## LDAP_PORT -- default: 389 - -Ldap port. - -## LDAP_TLS -Whether the ldap connection should use tls. - -## LDAP_BIND_USER -Bind DN to use when connecting to the ldap host. - -## LDAP_BIND_PASSWORD -Password to use when connecting to the ldap host. - -## LDAP_LOGIN_FILTER -Ldap filter to see if a user is allowed to login. `%uid` is replaces with the username. - -## LDAP_USER_DISPLAY_NAME -Ldap attribute for the display name. - -## LDAP_USER_FILTER -Ldap filter to find valid users. - -## LDAP_BASE_DN -Base DN of the ldap host. - -## LDAP_BASE_USER_DN -Base DN when searching for users. - -## LDAP_BASE_GROUP_DN -Base DN when looking for groups. - -## LDAP_GROUP_FILTER -Ldap filter to find valid groups. - -## LDAP_EMAIL_ATTRIBUTE -Ldap attribute for the email. - -## LDAP_UID_ATTRIBUTE -Ldap attribute for the user id. - ## ASSUME_HTTPS - default: on The value of `fastcgi_param HTTPS`. diff --git a/rootfs/etc/cont-init.d/00-nextcloud b/rootfs/etc/cont-init.d/00-nextcloud index 1744e85..ff33cf5 100644 --- a/rootfs/etc/cont-init.d/00-nextcloud +++ b/rootfs/etc/cont-init.d/00-nextcloud @@ -21,7 +21,6 @@ if [ ! -f /var/lib/nextcloud/data/.installed ]; then fi s6-setuidgid nginx ./occ config:app:set --value cron core backgroundjobs_mode -s6-setuidgid nginx ./occ app:enable user_ldap s6-setuidgid nginx ./occ app:enable files_sharing s6-setuidgid nginx ./occ app:enable text s6-setuidgid nginx ./occ app:enable files_pdfviewer @@ -38,7 +37,7 @@ s6-setuidgid nginx ./occ app:enable news s6-setuidgid nginx ./occ app:enable tasks s6-setuidgid nginx ./occ app:enable notes s6-setuidgid nginx ./occ app:enable mail -s6-setuidgid nginx ./occ app:enable riotchat +s6-setuidgid nginx ./occ app:enable sociallogin s6-setuidgid nginx ./occ app:enable integration_mastodon s6-setuidgid nginx ./occ app:enable integration_github s6-setuidgid nginx ./occ app:enable integration_gitlab @@ -75,58 +74,3 @@ s6-setuidgid nginx ./occ config:system:set --value "${MAIL_SMTP_PORT:-587}" mail s6-setuidgid nginx ./occ config:system:set --value "$MAIL_SMTP_NAME" mail_smtpname s6-setuidgid nginx ./occ config:system:set --value "$MAIL_SMTP_PASSWORD" mail_smtppassword -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BASE_DN" user_ldap ldap_base -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BASE_GROUP_DN" user_ldap ldap_base_groups -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_EMAIL_ATTRIBUTE" user_ldap ldap_email_attr -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_USER_FILTER" user_ldap ldap_userlist_filter -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_LOGIN_FILTER" user_ldap ldap_login_filter -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_TLS" user_ldap ldap_tls -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_HOST" user_ldap ldap_host -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BIND_USER" user_ldap ldap_dn -s6-setuidgid nginx ./occ config:app:set --value "$(php -r 'echo base64_encode(getenv("LDAP_BIND_PASSWORD"));')" user_ldap ldap_agent_password -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_GROUP_FILTER" user_ldap ldap_group_filter -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_USER_DISPLAY_NAME" user_ldap ldap_display_name -s6-setuidgid nginx ./occ config:app:set --value "${LDAP_PORT:-389}" user_ldap ldap_port -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_BASE_USER_DN" user_ldap ldap_base_users -s6-setuidgid nginx ./occ config:app:set --value "$LDAP_UID_ATTRIBUTE" user_ldap ldap_expert_username_attr -s6-setuidgid nginx ./occ config:app:set --value "yes" user_ldap enabled - -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_host -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_backup_port -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_user_display_name_2 -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_gid_number -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_userfilter_objectclass -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_userfilter_groups -s6-setuidgid nginx ./occ config:app:set --value "authentication" user_ldap types -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_user_filter_mode -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_group_filter_mode -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_groupfilter_objectclass -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_turn_off_cert_check -s6-setuidgid nginx ./occ config:app:set --value "uniqueMember" user_ldap ldap_group_member_assoc_attribute -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_login_filter_mode -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_loginfilter_email -s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap ldap_loginfilter_username -s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap ldap_loginfilter_attributes -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_quota_attr -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_quota_def -s6-setuidgid nginx ./occ config:app:set --value "600" user_ldap ldap_cache_ttl -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_override_main_server -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_attributes_for_user_search -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_attributes_for_group_search -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_experienced_admin -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap home_folder_naming_rule -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap has_memberof_filter_support -s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap use_memberof_to_detect_membership -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_expert_uuid_user_attr -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_expert_uuid_group_attr -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap last_jpegPhoto_lookup -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_nested_groups -s6-setuidgid nginx ./occ config:app:set --value "500" user_ldap ldap_paging_size -s6-setuidgid nginx ./occ config:app:set --value "0" user_ldap ldap_turn_on_pwd_change -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_dynamic_group_member_url -s6-setuidgid nginx ./occ config:app:set --value "" user_ldap ldap_default_ppolicy_dn -s6-setuidgid nginx ./occ config:app:set --value "1" user_ldap ldap_configuration_active