initial commit
This commit is contained in:
commit
8a24e3b792
2
.gitignore
vendored
Executable file
2
.gitignore
vendored
Executable file
@ -0,0 +1,2 @@
|
|||||||
|
*~
|
||||||
|
.DS_Store
|
47
Dockerfile
Normal file
47
Dockerfile
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
FROM thallian/php7-fpm:latest
|
||||||
|
|
||||||
|
RUN apk add --no-cache openssl tar nginx postgresql-client
|
||||||
|
RUN apk add --no-cache --repository http://dl-3.alpinelinux.org/alpine/edge/community/ --allow-untrusted \
|
||||||
|
php7 \
|
||||||
|
php7-ctype \
|
||||||
|
php7-curl \
|
||||||
|
php7-dom \
|
||||||
|
php7-gd \
|
||||||
|
php7-iconv \
|
||||||
|
php7-json \
|
||||||
|
php7-ldap \
|
||||||
|
php7-xml \
|
||||||
|
php7-xmlreader \
|
||||||
|
php7-zlib \
|
||||||
|
php7-zip \
|
||||||
|
php7-pgsql \
|
||||||
|
php7-pdo_pgsql \
|
||||||
|
php7-openssl \
|
||||||
|
php7-ftp \
|
||||||
|
php7-session \
|
||||||
|
php7-mbstring \
|
||||||
|
php7-posix \
|
||||||
|
php7-pcntl \
|
||||||
|
php7-mcrypt \
|
||||||
|
php7-bz2 \
|
||||||
|
php7-exif \
|
||||||
|
php7-imap
|
||||||
|
|
||||||
|
RUN apk add --no-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrusted \
|
||||||
|
php7-apcu
|
||||||
|
|
||||||
|
RUN ln -s /usr/bin/php7 /usr/bin/php
|
||||||
|
|
||||||
|
RUN mkdir /var/lib/nextcloud
|
||||||
|
RUN wget -qO- https://download.nextcloud.com/server/releases/nextcloud-10.0.0.tar.bz2 | tar xj -C /var/lib/nextcloud --strip 1
|
||||||
|
RUN chown -R nginx:nginx /var/lib/nextcloud
|
||||||
|
RUN chmod +x /var/lib/nextcloud/occ
|
||||||
|
|
||||||
|
RUN mkdir /run/nginx
|
||||||
|
|
||||||
|
ADD /rootfs /
|
||||||
|
|
||||||
|
ENV FPMUSER nginx
|
||||||
|
ENV FPMGROUP nginx
|
||||||
|
|
||||||
|
VOLUME /var/lib/nextcloud/data
|
6
rootfs/etc/confd/conf.d/config.php.toml
Normal file
6
rootfs/etc/confd/conf.d/config.php.toml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
[template]
|
||||||
|
src = "config.php.tmpl"
|
||||||
|
dest = "/var/lib/nextcloud/config/config.php"
|
||||||
|
gid = 101
|
||||||
|
uid = 100
|
||||||
|
mode = "0660"
|
3
rootfs/etc/confd/conf.d/nginx.conf.toml
Normal file
3
rootfs/etc/confd/conf.d/nginx.conf.toml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
[template]
|
||||||
|
src = "nginx.conf.tmpl"
|
||||||
|
dest = "/etc/nginx/nginx.conf"
|
64
rootfs/etc/confd/templates/config.php.tmpl
Normal file
64
rootfs/etc/confd/templates/config.php.tmpl
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
$CONFIG = array(
|
||||||
|
|
||||||
|
'trusted_domains' =>
|
||||||
|
array (
|
||||||
|
'{{getenv "DOMAIN"}}'
|
||||||
|
),
|
||||||
|
"user_backends" => array (
|
||||||
|
0 => array (
|
||||||
|
"class" => "OC_User_IMAP",
|
||||||
|
"arguments" => array (
|
||||||
|
0 => '{{"{"}}{{getenv "IMAPAUTHHOST"}}{{"}"}}'
|
||||||
|
),
|
||||||
|
),
|
||||||
|
),
|
||||||
|
'datadirectory' => '/var/lib/nextcloud/data',
|
||||||
|
|
||||||
|
'dbtype' => 'pgsql',
|
||||||
|
'dbhost' => '{{getenv "DBHOST"}}',
|
||||||
|
'dbname' => '{{getenv "DBNAME"}}',
|
||||||
|
'dbuser' => '{{getenv "DBUSER"}}',
|
||||||
|
'dbpassword' => '{{getenv "DBPASSWORD"}}',
|
||||||
|
'dbtableprefix' => '{{getenv "DBTABLEPREFIX"}}',
|
||||||
|
|
||||||
|
'skeletondirectory' => '',
|
||||||
|
|
||||||
|
'mail_domain' => '{{getenv "MAILDOMAIN"}}',
|
||||||
|
'mail_from_address' => '{{getenv "MAILFROM"}}',
|
||||||
|
'mail_smtpdebug' => false,
|
||||||
|
'mail_smtpmode' => 'smtp',
|
||||||
|
'mail_smtphost' => '{{getenv "MAILSMTPHOST"}}',
|
||||||
|
'mail_smtpport' => {{getenv "MAILSMTPPORT"}},
|
||||||
|
'mail_smtptimeout' => 10,
|
||||||
|
'mail_smtpsecure' => '{{getenv "MAILSMTPSECURITY"}}',
|
||||||
|
'mail_smtpauth' => {{getenv "MAILSMTPAUTH"}},
|
||||||
|
'mail_smtpauthtype' => '{{getenv "MAILSMTPAUTHTYPE"}}',
|
||||||
|
'mail_smtpname' => '{{getenv "MAILSMTPNAME"}}',
|
||||||
|
'mail_smtppassword' => '{{getenv "MAILSMTPPASSWORD"}}',
|
||||||
|
|
||||||
|
'overwritehost' => '{{getenv "DOMAIN"}}',
|
||||||
|
'overwriteprotocol' => 'https',
|
||||||
|
'overwritewebroot' => '',
|
||||||
|
'overwrite.cli.url' => 'https://{{getenv "DOMAIN"}}',
|
||||||
|
|
||||||
|
'apps_paths' => array(
|
||||||
|
array(
|
||||||
|
'path'=> '/var/lib/nextcloud/apps',
|
||||||
|
'url' => '/apps',
|
||||||
|
'writable' => true,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
|
||||||
|
'supportedDatabases' => array(
|
||||||
|
'pgsql',
|
||||||
|
),
|
||||||
|
|
||||||
|
'memcache.local' => '\OC\Memcache\APCu',
|
||||||
|
|
||||||
|
'assetdirectory' => '/var/lib/nextcloud',
|
||||||
|
'mount_file' => '/var/lib/nextcloud/data/mount.json',
|
||||||
|
'installed' => true,
|
||||||
|
'version' => '9.0.52.0',
|
||||||
|
);
|
106
rootfs/etc/confd/templates/nginx.conf.tmpl
Normal file
106
rootfs/etc/confd/templates/nginx.conf.tmpl
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
worker_processes 1;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
include mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
|
||||||
|
sendfile off;
|
||||||
|
|
||||||
|
keepalive_timeout 65;
|
||||||
|
|
||||||
|
gzip off;
|
||||||
|
|
||||||
|
upstream php {
|
||||||
|
server 127.0.0.1:9000;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
|
||||||
|
server_name {{getenv "DOMAIN"}};
|
||||||
|
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN";
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
add_header X-Robots-Tag none;
|
||||||
|
add_header X-Download-Options noopen;
|
||||||
|
add_header X-Permitted-Cross-Domain-Policies none;
|
||||||
|
|
||||||
|
root /var/lib/nextcloud/;
|
||||||
|
|
||||||
|
location = /robots.txt {
|
||||||
|
allow all;
|
||||||
|
log_not_found off;
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /.well-known/carddav {
|
||||||
|
return 301 $scheme://$host/remote.php/dav;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /.well-known/caldav {
|
||||||
|
return 301 $scheme://$host/remote.php/dav;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /.well-known/acme-challenge { }
|
||||||
|
|
||||||
|
client_max_body_size {{getenv "MAXUPLOADSIZE"}};
|
||||||
|
fastcgi_buffers 64 4K;
|
||||||
|
|
||||||
|
error_page 403 /core/templates/403.php;
|
||||||
|
error_page 404 /core/templates/404.php;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
rewrite ^ /index.php$uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
|
||||||
|
include fastcgi_params;
|
||||||
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||||
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||||
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||||
|
fastcgi_param HTTPS on;
|
||||||
|
#Avoid sending the security headers twice
|
||||||
|
fastcgi_param modHeadersAvailable true;
|
||||||
|
fastcgi_param front_controller_active true;
|
||||||
|
fastcgi_pass php;
|
||||||
|
fastcgi_intercept_errors on;
|
||||||
|
fastcgi_request_buffering off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
|
||||||
|
try_files $uri/ =404;
|
||||||
|
index index.php;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* \.(?:css|js)$ {
|
||||||
|
try_files $uri /index.php$uri$is_args$args;
|
||||||
|
add_header Cache-Control "public, max-age=7200";
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
add_header X-Frame-Options "SAMEORIGIN";
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
add_header X-Robots-Tag none;
|
||||||
|
add_header X-Download-Options noopen;
|
||||||
|
add_header X-Permitted-Cross-Domain-Policies none;
|
||||||
|
# Optional: Don't log access to assets
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
|
||||||
|
try_files $uri /index.php$uri$is_args$args;
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
48
rootfs/etc/cont-init.d/00-nextcloud
Normal file
48
rootfs/etc/cont-init.d/00-nextcloud
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
#!/usr/bin/with-contenv sh
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
chmod +x /var/lib/nextcloud/occ # for some reason it doesn't work when done from the Dockerfile
|
||||||
|
|
||||||
|
if [ ! -f /var/lib/nextcloud/data/.ocdata ]; then
|
||||||
|
touch /var/lib/nextcloud/data/.ocdata
|
||||||
|
fi
|
||||||
|
|
||||||
|
PGPASSWORD=$DBPASSWORD psql -h $DBHOST -U $DBUSER -d $DBNAME -c "SELECT EXISTS (SELECT 1 FROM information_schema.tables WHERE table_name = '${DBTABLEPREFIX}appconfig')" | grep f
|
||||||
|
|
||||||
|
if [ $? -ne 1 ]; then
|
||||||
|
cd /var/lib/nextcloud
|
||||||
|
|
||||||
|
s6-setuidgid nginx ./occ maintenance:install \
|
||||||
|
--database=pgsql \
|
||||||
|
--database-host=$DBHOST \
|
||||||
|
--database-name=$DBNAME \
|
||||||
|
--database-user=$DBUSER \
|
||||||
|
--database-pass=$DBPASSWORD \
|
||||||
|
--database-table-prefix=$DBTABLEPREFIX \
|
||||||
|
--admin-user=$ADMINUSER \
|
||||||
|
--admin-pass=$ADMINPASSWORD \
|
||||||
|
--no-interaction
|
||||||
|
|
||||||
|
s6-setuidgid nginx ./occ config:app:set --value cron core backgroundjobs_mode
|
||||||
|
s6-setuidgid nginx ./occ app:enable user_ldap
|
||||||
|
|
||||||
|
s6-setuidgid nginx ./occ ldap:create-empty-config
|
||||||
|
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' hasMemberOfFilterSupport "1"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapHost "$LDAPHOST"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapPort "$LDAPPORT"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapTLS "$LDAPTLS"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapAgentName "$LDAPBINDUSER"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapAgentPassword "$LDAPBINDPASSWORD"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapLoginFilter "$LDAPLOGINFILTER"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapUserDisplayName "$LDAPUSERDISPLAYNAME"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapUserFilter "$LDAPUSERFILTER"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapBase "$LDAPBASEDN"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapBaseUsers "$LDAPBASEUSERDN"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapEmailAttribute "$LDAPEMAILATTRIBUTE"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapBaseGroups "$LDAPBASEGROUPDN"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapGroupFilter "$LDAPGROUPFILTER"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapExpertUsernameAttr "$LDAPUSERNAMEATTRIBUTE"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' turnOffCertCheck "$LDAPTURNOFFCERTCHECK"
|
||||||
|
s6-setuidgid nginx ./occ ldap:set-config '' ldapConfigurationActive "1"
|
||||||
|
fi
|
1
rootfs/etc/fix-attrs.d/01-nextcloud-data-dir
Normal file
1
rootfs/etc/fix-attrs.d/01-nextcloud-data-dir
Normal file
@ -0,0 +1 @@
|
|||||||
|
/var/lib/nextcloud/ true nginx 0640 0750
|
3
rootfs/etc/services.d/crond/run
Normal file
3
rootfs/etc/services.d/crond/run
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
#!/usr/bin/with-contenv sh
|
||||||
|
|
||||||
|
exec crond -f
|
3
rootfs/etc/services.d/nginx/run
Normal file
3
rootfs/etc/services.d/nginx/run
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
#!/usr/bin/with-contenv sh
|
||||||
|
|
||||||
|
exec nginx -g "daemon off;"
|
1
rootfs/var/spool/cron/crontabs/nginx
Normal file
1
rootfs/var/spool/cron/crontabs/nginx
Normal file
@ -0,0 +1 @@
|
|||||||
|
*/15 * * * * php -f /var/lib/nextcloud/cron.php
|
Loading…
Reference in New Issue
Block a user