From d4e0cba2c191603883af0f959509178b5908950d Mon Sep 17 00:00:00 2001 From: Sebastian Hugentobler Date: Thu, 15 Jun 2017 11:08:50 +0200 Subject: [PATCH] Push version to 12.0.0 --- Dockerfile | 4 +- rootfs/etc/confd/conf.d/nextcloud.conf.toml | 3 + rootfs/etc/confd/conf.d/nginx.conf.toml | 3 - rootfs/etc/confd/templates/config.php.tmpl | 2 +- .../etc/confd/templates/nextcloud.conf.tmpl | 91 +++++++++++++++ rootfs/etc/confd/templates/nginx.conf.tmpl | 106 ------------------ 6 files changed, 96 insertions(+), 113 deletions(-) create mode 100644 rootfs/etc/confd/conf.d/nextcloud.conf.toml delete mode 100644 rootfs/etc/confd/conf.d/nginx.conf.toml create mode 100644 rootfs/etc/confd/templates/nextcloud.conf.tmpl delete mode 100644 rootfs/etc/confd/templates/nginx.conf.tmpl diff --git a/Dockerfile b/Dockerfile index f4f2db0..4728179 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ FROM quay.io/thallian/php7-fpm:latest ENV FPMUSER nginx ENV FPMGROUP nginx -ENV VERSION 11.0.1 +ENV VERSION 12.0.0 RUN apk add --no-cache \ libressl \ @@ -35,8 +35,6 @@ RUN apk add --no-cache \ php7-apcu \ php7-ldap -RUN ln -s /usr/bin/php7 /usr/bin/php - RUN mkdir /var/lib/nextcloud RUN wget -qO- https://download.nextcloud.com/server/releases/nextcloud-$VERSION.tar.bz2 | tar xj -C /var/lib/nextcloud --strip 1 diff --git a/rootfs/etc/confd/conf.d/nextcloud.conf.toml b/rootfs/etc/confd/conf.d/nextcloud.conf.toml new file mode 100644 index 0000000..ee6e871 --- /dev/null +++ b/rootfs/etc/confd/conf.d/nextcloud.conf.toml @@ -0,0 +1,3 @@ +[template] +src = "nextcloud.conf.tmpl" +dest = "/etc/nginx/conf.d/nextcloud.conf" diff --git a/rootfs/etc/confd/conf.d/nginx.conf.toml b/rootfs/etc/confd/conf.d/nginx.conf.toml deleted file mode 100644 index 3e968ea..0000000 --- a/rootfs/etc/confd/conf.d/nginx.conf.toml +++ /dev/null @@ -1,3 +0,0 @@ -[template] -src = "nginx.conf.tmpl" -dest = "/etc/nginx/nginx.conf" diff --git a/rootfs/etc/confd/templates/config.php.tmpl b/rootfs/etc/confd/templates/config.php.tmpl index 2218c54..55ae11e 100644 --- a/rootfs/etc/confd/templates/config.php.tmpl +++ b/rootfs/etc/confd/templates/config.php.tmpl @@ -53,5 +53,5 @@ $CONFIG = array( 'assetdirectory' => '/var/lib/nextcloud', 'mount_file' => '/var/lib/nextcloud/data/mount.json', 'installed' => true, -'version' => '11.0.1.2', +'version' => '12.0.0', ); diff --git a/rootfs/etc/confd/templates/nextcloud.conf.tmpl b/rootfs/etc/confd/templates/nextcloud.conf.tmpl new file mode 100644 index 0000000..fa42fcc --- /dev/null +++ b/rootfs/etc/confd/templates/nextcloud.conf.tmpl @@ -0,0 +1,91 @@ +upstream php { + server 127.0.0.1:9000; +} + +server { + listen 80; + + server_name {{getenv "DOMAIN"}}; + + add_header X-Content-Type-Options nosniff; + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header X-Download-Options noopen; + add_header X-Permitted-Cross-Domain-Policies none; + + root /var/lib/nextcloud/; + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location = /.well-known/carddav { + return 301 $scheme://$host/remote.php/dav; + } + + location = /.well-known/caldav { + return 301 $scheme://$host/remote.php/dav; + } + + location /.well-known/acme-challenge { } + + client_max_body_size {{getenv "MAX_UPLOAD_SIZE"}}; + fastcgi_buffers 64 4K; + + error_page 403 /core/templates/403.php; + error_page 404 /core/templates/404.php; + + location / { + rewrite ^ /index.php$uri; + } + + location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { + deny all; + } + + location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { + deny all; + } + + location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { + include fastcgi_params; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param HTTPS on; + + #Avoid sending the security headers twice + fastcgi_param modHeadersAvailable true; + fastcgi_param front_controller_active true; + fastcgi_pass php; + fastcgi_intercept_errors on; + fastcgi_request_buffering off; + } + + location ~ ^/(?:updater|ocs-provider)(?:$|/) { + try_files $uri/ =404; + index index.php; + } + + location ~* \.(?:css|js)$ { + try_files $uri /index.php$uri$is_args$args; + add_header Cache-Control "public, max-age=7200"; + add_header X-Content-Type-Options nosniff; + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Robots-Tag none; + add_header X-Download-Options noopen; + add_header X-Permitted-Cross-Domain-Policies none; + + # Optional: Don't log access to assets + access_log off; + } + + location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { + try_files $uri /index.php$uri$is_args$args; + access_log off; + } +} diff --git a/rootfs/etc/confd/templates/nginx.conf.tmpl b/rootfs/etc/confd/templates/nginx.conf.tmpl deleted file mode 100644 index 3f53ebf..0000000 --- a/rootfs/etc/confd/templates/nginx.conf.tmpl +++ /dev/null @@ -1,106 +0,0 @@ -worker_processes 1; - -events { - worker_connections 1024; -} - -http { - include mime.types; - default_type application/octet-stream; - - sendfile off; - - keepalive_timeout 65; - - gzip off; - - upstream php { - server 127.0.0.1:9000; - } - - server { - listen 80; - - server_name {{getenv "DOMAIN"}}; - - add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - - root /var/lib/nextcloud/; - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location = /.well-known/carddav { - return 301 $scheme://$host/remote.php/dav; - } - - location = /.well-known/caldav { - return 301 $scheme://$host/remote.php/dav; - } - - location /.well-known/acme-challenge { } - - client_max_body_size {{getenv "MAX_UPLOAD_SIZE"}}; - fastcgi_buffers 64 4K; - - error_page 403 /core/templates/403.php; - error_page 404 /core/templates/404.php; - - location / { - rewrite ^ /index.php$uri; - } - - location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { - deny all; - } - - location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } - - location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { - include fastcgi_params; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_path_info; - fastcgi_param HTTPS on; - #Avoid sending the security headers twice - fastcgi_param modHeadersAvailable true; - fastcgi_param front_controller_active true; - fastcgi_pass php; - fastcgi_intercept_errors on; - fastcgi_request_buffering off; - } - - location ~ ^/(?:updater|ocs-provider)(?:$|/) { - try_files $uri/ =404; - index index.php; - } - - location ~* \.(?:css|js)$ { - try_files $uri /index.php$uri$is_args$args; - add_header Cache-Control "public, max-age=7200"; - add_header X-Content-Type-Options nosniff; - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - # Optional: Don't log access to assets - access_log off; - } - - location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { - try_files $uri /index.php$uri$is_args$args; - access_log off; - } - } -}