fixup stuff

.env.sample

@@ -5,6 +5,10 @@ DOMAIN=nextcloud.example.com
 #EXTRA_DOMAINS=', `www.nextcloud.example.com`'
 LETS_ENCRYPT_ENV=production
 
+COMPOSE_FILE="compose.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
+#COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml"
+
 ADMIN_USER=admin
 
 SECRET_DB_ROOT_PASSWORD_VERSION=v1
@@ -12,10 +16,3 @@ SECRET_DB_PASSWORD_VERSION=v1
 SECRET_ADMIN_PASSWORD_VERSION=v1
 
 EXTRA_VOLUME=/dev/null:/tmp/.dummy
-
-## SMTP settings
-#COMPOSE_FILE="compose.yml:compose.mailrelay.yml"
-#SMTP_HOST="postfix_relay_app"
-## Emails are sent from $MAIL_FROM@$MAIL_DOMAIN
-#MAIL_DOMAIN=nextcloud.example.com
-#MAIL_FROM_ADDRESS=nextcloud

README.md

@@ -2,7 +2,7 @@
 
 [![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/nextcloud/status.svg)](https://drone.autonomic.zone/coop-cloud/nextcloud)
 
-Fully automated luxury Nextcloud via docker-swarm. 
+Fully automated luxury Nextcloud via docker-swarm.
 
 <!-- metadata -->
 * **Category**: Apps
@@ -39,6 +39,26 @@ Fully automated luxury Nextcloud via docker-swarm.
 
 `abra app run --user www-data YOURAPPDOMAIN app occ app:update --all`
 
+## How do I fix a Nextcloud version snafu?
+
+`Exception: Updates between multiple major versions and downgrades are unsupported.`
+
+Solution:
+
+- Look at log files to determine the old Nextcloud version
+- Change your local `~/.abra/recipes/nextcloud/compose.yml` to the highest minor
+    version in the old version -- e.g. choose `22.2.5` for `22`, if you're
+    upgrading to `23`.
+- Then, do one of (both bad):
+  1. `abra app deploy --chaos ...`, then `app run` to go in and manually lower the version number in PHP (shell in, `apt install vim-core && vi version.php`), then try `php ./occ upgrade`
+  2. `abra app undeploy ...`, `abra volume rm`, CAREFULLY only choose the volume
+     ENDING `_nextcloud`, then `abra app deploy --chaos ...`, then edit the
+     `compose.yml` to add `entrypoint: ['tail', '-f', '/dev/null']` to `app`,
+     then `app deploy --chaos` again, then `app run --user=www-data ... app bash` to get in and run `./occ maintenance:repair`, and `./occ upgrade`. 
+- Change `compose.yml` to the new version number; `git checkout compose.yml`
+- `abra app deploy --force`
+- This wasn't even multiplle major versions was it 😾
+
 ## How do I integrate with Keycloak SSO?
 
 Use [this plugin](https://github.com/pulsejet/nextcloud-oidc-login). Unlike the plugin it's forked from, there is no configuration UI, so you'll need to edit `/var/www/html/config/config.php`:
@@ -69,6 +89,12 @@ docker exec -u www-data <container-id> php occ config:app:delete oidc_login last
 docker exec -u www-data <container-id> php occ config:app:delete oidc_login last_updated_jwks
 ```
 
+## How do I enable multiple SSO login buttons?
+
+We've been able to get this setup by using the [social login](https://apps.nextcloud.com/apps/sociallogin) plugin.
+
+If using Keycloak, you'll want to do [this trick](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/) also.
+
 ## How can I customise the CSS?
 
 There is some basic stuff in the admin settings.

compose.mariadb.yml

@@ -0,0 +1,40 @@
+version: "3.8"
+
+services:
+  app:
+    environment:
+      - MYSQL_HOST=db
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
+
+  db:
+    image: "mariadb:10.5"
+    environment:
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
+      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
+    configs:
+      - source: my_tune
+        target: /etc/mysql/conf.d/my-tune.cnf
+    secrets:
+      - db_root_password
+      - db_password
+    volumes:
+      - "mariadb:/var/lib/mysql"
+    networks:
+      - internal
+    deploy:
+      labels:
+          backupbot.backup: "true"
+          backupbot.backup.pre-hook: 'mkdir -p /tmp/backup/ && mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud > /tmp/backup/backup.sql'
+          backupbot.backup.post-hook: "rm -rf /tmp/backup"
+          backupbot.backup.path: "/tmp/backup/"
+configs:
+  my_tune:
+    name: ${STACK_NAME}_my_cnf_${MY_CNF_VERSION}
+    file: my-tune.cnf
+
+volumes:
+  mariadb:

compose.postgres.yml

@@ -0,0 +1,38 @@
+version: '3.8'
+
+services:
+  app:
+    entrypoint: "sh -c 'sleep 10 && /entrypoint.sh php-fpm'" # tries to mitigate this error with postgres https://github.com/nextcloud/docker/issues/1204
+    environment:
+      - POSTGRES_HOST=db
+      - POSTGRES_DB=nextcloud
+      - POSTGRES_USER=nextcloud
+      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+      - NEXTCLOUD_UPDATE=1
+
+  db:
+    image: "postgres:12"
+    volumes:
+      - "postgres:/var/lib/postgresql/data"
+    networks:
+      - internal
+    environment:
+      POSTGRES_USER: nextcloud 
+      POSTGRES_PASSWORD_FILE: /run/secrets/db_password
+      POSTGRES_DB: nextcloud 
+    secrets:
+      - db_password
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    deploy:
+      labels:
+            backupbot.backup: "true"
+            backupbot.backup.pre-hook: "mkdir -p /tmp/backup/ && PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup/backup.sql"
+            backupbot.backup.post-hook: "rm -rf /tmp/backup"
+            backupbot.backup.path: "/tmp/backup/"
+
+volumes:
+  postgres:

compose.yml

@@ -33,7 +33,7 @@ services:
         - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
 
   app:
-    image: nextcloud:23.0.1-fpm
+    image: nextcloud:23.0.3-fpm
     depends_on:
       - db
     configs:
@@ -45,10 +45,6 @@ services:
     environment:
       - DOMAIN
       - STACK_NAME
-      - MYSQL_HOST=db
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nextcloud
-      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
       - NEXTCLOUD_ADMIN_USER=${ADMIN_USER}
       - NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/admin_password
       - NEXTCLOUD_TRUSTED_DOMAINS=${DOMAIN}
@@ -73,28 +69,13 @@ services:
         failure_action: rollback
         order: start-first
       labels:
-        - "coop-cloud.${STACK_NAME}.version=1.0.0+23.0.1-fpm"
+        - "coop-cloud.${STACK_NAME}.version=2.0.0+23.0.3-fpm"
+        - "backupbot.backup=true"
+        - "backupbot.backup.path=/var/www/html/config/,/var/www/html/data/,/var/www/html/custom_apps/"
 
-  db:
-    image: "mariadb:10.5"
-    environment:
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nextcloud
-      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
-      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
-    configs:
-      - source: my_tune
-        target: /etc/mysql/conf.d/my-tune.cnf
-    secrets:
-      - db_root_password
-      - db_password
-    volumes:
-      - "mariadb:/var/lib/mysql"
-    networks:
-      - internal
 
   cron:
-    image: nextcloud:23.0.1-fpm
+    image: nextcloud:23.0.3-fpm
     volumes:
       - nextcloud:/var/www/html/
       - nextapps:/var/www/html/custom_apps:cached
@@ -128,7 +109,6 @@ volumes:
   nextapps:
   nextdata:
   nextconfig:
-  mariadb:
   redis:
 
 configs:
@@ -139,9 +119,6 @@ configs:
   fpm_tune:
     name: ${STACK_NAME}_fpm_tune_${FPM_TUNE_VERSION}
     file: fpm-tune.ini
-  my_tune:
-    name: ${STACK_NAME}_my_cnf_${MY_CNF_VERSION}
-    file: my-tune.cnf
 
 networks:
   proxy:

releases/2.0.0+23.0.3-fpm

@@ -0,0 +1,6 @@
+2.0.0 introduces a minor nextcloud update to 23.0.3 and moves the database service to a seperate override.yml file to support different database types (mariadb / postgres). This might break your installation. Please add the following snippet to your config .env to ensure the right db is used:
+
+```
+COMPOSE_FILE="compose.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
+```