chore: publish 6.0.11+28.0.10-fpm release

.drone.yml

@@ -22,8 +22,6 @@ steps:
       NGINX_CONF_VERSION: v1
       MY_CNF_VERSION: v1
       ENTRYPOINT_VERSION: v1
-      CRONTAB_VERSION: v1
-      PG_BACKUP_VERSION: v2
       SECRET_DB_PASSWORD_VERSION: v1
       SECRET_DB_ROOT_PASSWORD_VERSION: v1
       SECRET_ADMIN_PASSWORD_VERSION: v1

README.md

@@ -87,12 +87,7 @@ OCC_CMDS="app:disable dashboard"
 
 - Configure a `defaultapp` in your `config.php` or use [apporder](https://apps.nextcloud.com/apps/apporder)
 
-## Upgrading Nextcloud
+## Upgrading Nextcloud apps
-Upgrading Nextcloud can be a hair raising experiance. They [don't support downgrading](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/upgrade.html) even for minor versions.
-
-Many of us  have found that jumping major versions when upgrading is also a bad idea. We have however found that it's ok to skip minor version upgrades and go to the last minor version before a major version (e.g. 24.0.0 to 24.9.9 before going to 25.0.0). To extra cautious just upgrade one release at a time. Read the release notes and check your logs.
-
-## Upgrading Nextcloud apps (plug-ins)
 
 `abra app cmd <app-name> app run_occ '"app:update --all"'`
 

abra.sh

@@ -5,7 +5,7 @@ export NGINX_CONF_VERSION=v7
 export MY_CNF_VERSION=v5
 export ENTRYPOINT_VERSION=v3
 export CRONTAB_VERSION=v1
-export PG_BACKUP_VERSION=v2
+export PG_BACKUP_VERSION=v1
 
 run_occ() {
     su -p www-data -s /bin/sh -c "/var/www/html/occ $@"
@@ -122,7 +122,7 @@ set_authentik() {
         \"tokenUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/token/\",
         \"displayNameClaim\":\"preferred_username\",
         \"userInfoUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
-        \"logoutUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/nextcloud/end-session/\",
+        \"logoutUrl\": \"https://$AUTHENTIK_DOMAIN/if/session-end/nextcloud/\",
         \"clientId\":\"$AUTHENTIK_ID\",
         \"clientSecret\":\"$AUTHENTIK_SECRET\",
         \"scope\":\"openid profile email nextcloud\",
@@ -148,13 +148,3 @@ set_authentik() {
 disable_skeletondirectory() {
     run_occ "config:system:set skeletondirectory --value ''"
 }
-
-set_windowsfriendly_filenames() {
-    run_occ 'config:system:set forbidden_filename_characters 0 --value=?'
-    run_occ 'config:system:set forbidden_filename_characters 1 --value=\<'
-    run_occ 'config:system:set forbidden_filename_characters 2 --value=\>'
-    run_occ 'config:system:set forbidden_filename_characters 3 --value=:'
-    run_occ 'config:system:set forbidden_filename_characters 4 --value=*'
-    run_occ 'config:system:set forbidden_filename_characters 5 --value=\|'
-    run_occ 'config:system:set forbidden_filename_characters 6 --value=\"'
-}

compose.fulltextsearch.yml

@@ -2,7 +2,7 @@ version: "3.8"
 
 services:
   elasticsearch:
-    image: "docker.elastic.co/elasticsearch/elasticsearch:8.15.3"
+    image: "docker.elastic.co/elasticsearch/elasticsearch:8.15.0"
     environment:
       - cluster.name=docker-cluster
       - bootstrap.memory_lock=true
@@ -29,7 +29,7 @@ services:
         mode: 0600
 
   searchindexer:
-    image: nextcloud:29.0.8-fpm
+    image: nextcloud:28.0.10-fpm
     volumes:
       - nextcloud:/var/www/html/
       - nextapps:/var/www/html/custom_apps:cached

compose.yml

@@ -1,7 +1,7 @@
 version: "3.8"
 services:
   web:
-    image: nginx:1.27.2
+    image: nginx:1.27.1
     depends_on:
       - app
     configs:
@@ -46,7 +46,7 @@ services:
       start_period: 5m
 
   app:
-    image: nextcloud:29.0.8-fpm
+    image: nextcloud:28.0.10-fpm
     depends_on:
       - db
     configs:
@@ -91,7 +91,7 @@ services:
         failure_action: rollback
         order: start-first
       labels:
-        - "coop-cloud.${STACK_NAME}.version=9.2.0+29.0.8-fpm"
+        - "coop-cloud.${STACK_NAME}.version=6.0.11+28.0.10-fpm"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
         - "backupbot.backup=${ENABLE_BACKUPS:-true}"
         - "backupbot.backup.volumes.redis=false"
@@ -105,7 +105,7 @@ services:
       start_period: 15m
 
   cron:
-    image: nextcloud:29.0.8-fpm
+    image: nextcloud:28.0.10-fpm
     volumes:
       - nextcloud:/var/www/html/
       - nextapps:/var/www/html/custom_apps:cached
@@ -121,7 +121,7 @@ services:
 
 
   cache:
-    image: redis:7.4.1-alpine
+    image: redis:7.4.0-alpine
     networks:
       - internal
     volumes:

entrypoint.sh.tmpl

@@ -30,7 +30,7 @@ echo "Giving the db container some time to come up"; sleep 20
 
 {{ if eq (env "X_FRAME_OPTIONS_ENABLED") "1" }}
 if ! [[ $(grep {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }} lib/public/AppFramework/Http/ContentSecurityPolicy.php) ]]; then
-  sed -i "s|protected \$allowedChildSrcDomains = \[\];|protected \$allowedChildSrcDomains = [ {{ env \"X_FRAME_OPTIONS_ALLOW_FROM\" }} ];|" lib/public/AppFramework/Http/ContentSecurityPolicy.php
+    sed -i "91 a\\\t\t'{{ env "X_FRAME_OPTIONS_ALLOW_FROM" }}', " lib/public/AppFramework/Http/ContentSecurityPolicy.php
 fi
 {{ end }}
 

pg_backup.sh

@@ -11,24 +11,17 @@ function backup {
 
 function restore {
     cd /var/lib/postgresql/data/
-    restore_config(){
-        # Restore allowed connections
-        cat pg_hba.conf.bak > pg_hba.conf
-        su postgres -c 'pg_ctl reload'
-    }
     # Don't allow any other connections than local
     cp pg_hba.conf pg_hba.conf.bak
     echo "local all all trust" > pg_hba.conf
     su postgres -c 'pg_ctl reload'
-    trap restore_config EXIT INT TERM
-
     # Recreate Database
     psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);" 
     createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
     psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
-
+    # Restore allowed connections
-    trap - EXIT INT TERM
+    cat pg_hba.conf.bak > pg_hba.conf
-    restore_config
+    su postgres -c 'pg_ctl reload'
 }
 
 $@