Compare commits
16 Commits
10.0.0+30.
...
clioverwri
| Author | SHA1 | Date | |
|---|---|---|---|
| ff6873a52c | |||
| 9408a6ab81 | |||
| c4bb6d0932 | |||
| 7a6256f78d | |||
| 8be413fe71 | |||
| af36d22633 | |||
| 85e5070b8d | |||
| 36615bc097 | |||
a3cd6741eb
|
|||
|
cb453e884d
|
|||
| 267f3cbb78 | |||
| b0c4f06af1 | |||
| 750477a409 | |||
| 7a7da21544 | |||
| d72a8fdcdb | |||
| 7aa4e15034 |
@ -45,7 +45,7 @@ steps:
|
||||
from_secret: drone_abra-bot_token
|
||||
fork: true
|
||||
repositories:
|
||||
- coop-cloud/auto-recipes-catalogue-json
|
||||
- toolshed/auto-recipes-catalogue-json
|
||||
|
||||
trigger:
|
||||
event: tag
|
||||
|
||||
10
.env.sample
10
.env.sample
@ -65,6 +65,10 @@ DEFAULT_QUOTA="10 GB"
|
||||
# BBB_URL=https://talk.example.org/bigbluebutton/ # trailing slash!
|
||||
# SECRET_BBB_SECRET_VERSION=v1
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.whiteboard.yml"
|
||||
# APPS="$APPS whiteboard"
|
||||
# SECRET_WHITEBOARD_JWT_VERSION=v1
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
|
||||
# APPS="$APPS sociallogin"
|
||||
# AUTHENTIK_USER_PREFIX=authentik
|
||||
@ -77,3 +81,9 @@ DEFAULT_QUOTA="10 GB"
|
||||
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.fulltextsearch.yml"
|
||||
#SECRET_ELASTICSEARCH_PASSWORD_VERSION=v1
|
||||
|
||||
# HSTS Options
|
||||
# Uncomment this line to enable HSTS: https://docs.nextcloud.com/server/30/admin_manual/installation/harden_server.html
|
||||
#HSTS_ENABLED=1
|
||||
# Uncomment this line to add the `preload` part
|
||||
#HSTS_PRELOAD=1
|
||||
@ -286,3 +286,11 @@ And you can populate the index manually and check if any errors occur:
|
||||
```
|
||||
abra app cmd <domain> app run_occ '"fulltextsearch:index"'
|
||||
```
|
||||
|
||||
### Troubleshooting fulltextsearch
|
||||
|
||||
The fulltextsearch plugin might be stuck with this error: "Index is already running". In that case the following command can get things runing again:
|
||||
|
||||
```
|
||||
abra app run <domain> db /bin/sh -- -c 'echo "delete from oc_fulltextsearch_ticks;" | mariadb -u root -p$(cat /run/secrets/db_root_password) nextcloud'
|
||||
```
|
||||
|
||||
14
abra.sh
14
abra.sh
@ -1,9 +1,10 @@
|
||||
#!/bin/bash
|
||||
|
||||
export FPM_TUNE_VERSION=v5
|
||||
export NGINX_CONF_VERSION=v7
|
||||
export NGINX_CONF_VERSION=v8
|
||||
export MY_CNF_VERSION=v5
|
||||
export ENTRYPOINT_VERSION=v3
|
||||
export ENTRYPOINT_WHITEBOARD_VERSION=v1
|
||||
export CRONTAB_VERSION=v1
|
||||
export PG_BACKUP_VERSION=v2
|
||||
|
||||
@ -93,6 +94,13 @@ install_collabora() {
|
||||
set_app_config richdocuments wopi_url "$COLLABORA_URL"
|
||||
}
|
||||
|
||||
install_whiteboard() {
|
||||
install_apps whiteboard
|
||||
set_app_config whiteboard collabBackendUrl "https://${DOMAIN}/whiteboard"
|
||||
set_app_config whiteboard jwt_secret_key "$(cat /run/secrets/whiteboard_jwt)"
|
||||
}
|
||||
|
||||
|
||||
install_fulltextsearch() {
|
||||
install_apps fulltextsearch
|
||||
install_apps fulltextsearch_elasticsearch
|
||||
@ -158,3 +166,7 @@ set_windowsfriendly_filenames() {
|
||||
run_occ 'config:system:set forbidden_filename_characters 5 --value=\|'
|
||||
run_occ 'config:system:set forbidden_filename_characters 6 --value=\"'
|
||||
}
|
||||
|
||||
upgrade_mariadb() {
|
||||
mariadb-upgrade -p`cat /run/secrets/db_root_password`
|
||||
}
|
||||
@ -2,7 +2,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
elasticsearch:
|
||||
image: "docker.elastic.co/elasticsearch/elasticsearch:8.17.0"
|
||||
image: "docker.elastic.co/elasticsearch/elasticsearch:8.17.2"
|
||||
environment:
|
||||
- cluster.name=docker-cluster
|
||||
- bootstrap.memory_lock=true
|
||||
@ -29,7 +29,7 @@ services:
|
||||
mode: 0600
|
||||
|
||||
searchindexer:
|
||||
image: nextcloud:30.0.4-fpm
|
||||
image: nextcloud:31.0.6-fpm
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
|
||||
@ -9,7 +9,7 @@ services:
|
||||
- MYSQL_PASSWORD_FILE=/run/secrets/db_password
|
||||
|
||||
db:
|
||||
image: "mariadb:10.5"
|
||||
image: "mariadb:11.4"
|
||||
environment:
|
||||
- MYSQL_DATABASE=nextcloud
|
||||
- MYSQL_USER=nextcloud
|
||||
@ -28,11 +28,11 @@ services:
|
||||
- internal
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup.pre-hook: 'mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud > /var/lib/mysql/backup.sql'
|
||||
backupbot.backup.pre-hook: 'mariadb-dump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud > /var/lib/mysql/backup.sql'
|
||||
backupbot.backup.volumes.mariadb.path: "backup.sql"
|
||||
backupbot.restore.post-hook: 'mysql -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud < /var/lib/mysql/backup.sql'
|
||||
backupbot.restore.post-hook: 'mariadb -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud < /var/lib/mysql/backup.sql'
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", 'mysqladmin -p"$$(cat /run/secrets/db_root_password)" ping']
|
||||
test: ["CMD-SHELL", 'mariadb-admin -p"$$(cat /run/secrets/db_root_password)" ping']
|
||||
interval: 30s
|
||||
timeout: 10s
|
||||
retries: 10
|
||||
|
||||
44
compose.whiteboard.yml
Normal file
44
compose.whiteboard.yml
Normal file
@ -0,0 +1,44 @@
|
||||
version: "3.8"
|
||||
|
||||
services:
|
||||
app:
|
||||
secrets:
|
||||
- whiteboard_jwt
|
||||
|
||||
whiteboard:
|
||||
image: ghcr.io/nextcloud-releases/whiteboard:v1.1.2
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.docker.network=proxy
|
||||
- traefik.http.services.${STACK_NAME}_whiteboard.loadbalancer.server.port=3002
|
||||
- traefik.http.routers.${STACK_NAME}_whiteboard.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS}) && PathPrefix(`/whiteboard`)
|
||||
- traefik.http.routers.${STACK_NAME}_whiteboard.entrypoints=web-secure
|
||||
- traefik.http.routers.${STACK_NAME}_whiteboard.tls.certresolver=${LETS_ENCRYPT_ENV}
|
||||
- traefik.http.middlewares.${STACK_NAME}_whiteboard-stripprefix.stripprefix.prefixes=/whiteboard
|
||||
- traefik.http.routers.${STACK_NAME}_whiteboard.middlewares=${STACK_NAME}_whiteboard-stripprefix
|
||||
configs:
|
||||
- source: entrypoint_whiteboard
|
||||
target: /custom-entrypoint.sh
|
||||
entrypoint: ["sh", "/custom-entrypoint.sh"]
|
||||
user: root
|
||||
networks:
|
||||
- proxy
|
||||
ports:
|
||||
- 3002:3002
|
||||
secrets:
|
||||
- whiteboard_jwt
|
||||
environment:
|
||||
- NEXTCLOUD_URL=https://$DOMAIN
|
||||
- JWT_SECRET_KEY_FILE=/run/secrets/whiteboard_jwt
|
||||
|
||||
secrets:
|
||||
whiteboard_jwt:
|
||||
external: true
|
||||
name: ${STACK_NAME}_whiteboard_jwt_${SECRET_WHITEBOARD_JWT_VERSION}
|
||||
|
||||
configs:
|
||||
entrypoint_whiteboard:
|
||||
name: ${STACK_NAME}_entrypoint_whiteboard_${ENTRYPOINT_WHITEBOARD_VERSION}
|
||||
file: entrypoint.whiteboard.sh.tmpl
|
||||
template_driver: golang
|
||||
13
compose.yml
13
compose.yml
@ -1,7 +1,7 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
web:
|
||||
image: nginx:1.27.2
|
||||
image: nginx:1.29.0
|
||||
depends_on:
|
||||
- app
|
||||
configs:
|
||||
@ -12,6 +12,8 @@ services:
|
||||
- X_FRAME_OPTIONS_ENABLED
|
||||
- DOMAIN
|
||||
- STACK_NAME
|
||||
- HSTS_ENABLED
|
||||
- HSTS_PRELOAD
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
@ -46,7 +48,7 @@ services:
|
||||
start_period: 5m
|
||||
|
||||
app:
|
||||
image: nextcloud:30.0.4-fpm
|
||||
image: nextcloud:31.0.6-fpm
|
||||
depends_on:
|
||||
- db
|
||||
configs:
|
||||
@ -72,6 +74,7 @@ services:
|
||||
- TRUSTED_PROXIES=10.0.0.0/8
|
||||
- REDIS_HOST=cache
|
||||
- OVERWRITEPROTOCOL=https
|
||||
- OVERWRITECLIURL=https://${DOMAIN}
|
||||
- PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT:-1G}
|
||||
- FPM_MAX_CHILDREN=${FPM_MAX_CHILDREN:-131}
|
||||
- FPM_START_SERVERS=${FPM_START_SERVERS:-32}
|
||||
@ -91,7 +94,7 @@ services:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "coop-cloud.${STACK_NAME}.version=10.0.0+30.0.4-fpm"
|
||||
- "coop-cloud.${STACK_NAME}.version=12.0.0+31.0.6-fpm"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||
- "backupbot.backup.volumes.redis=false"
|
||||
@ -105,7 +108,7 @@ services:
|
||||
start_period: 15m
|
||||
|
||||
cron:
|
||||
image: nextcloud:30.0.4-fpm
|
||||
image: nextcloud:31.0.6-fpm
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
@ -121,7 +124,7 @@ services:
|
||||
|
||||
|
||||
cache:
|
||||
image: redis:7.4.1-alpine
|
||||
image: redis:8.0.2-alpine
|
||||
networks:
|
||||
- internal
|
||||
volumes:
|
||||
|
||||
6
entrypoint.whiteboard.sh.tmpl
Normal file
6
entrypoint.whiteboard.sh.tmpl
Normal file
@ -0,0 +1,6 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
export JWT_SECRET_KEY=$(cat /run/secrets/whiteboard_jwt)
|
||||
|
||||
exec npm run server:start
|
||||
@ -45,6 +45,13 @@ http {
|
||||
# could take several months.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
|
||||
{{ if eq (env "HSTS_ENABLED") "1" }}
|
||||
{{ if eq (env "HSTS_PRELOAD") "1" }}
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
{{ else }}
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains;" always;
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
|
||||
# set max upload size
|
||||
client_max_body_size 512M;
|
||||
|
||||
4
release/11.0.0+30.0.4-fpm
Normal file
4
release/11.0.0+30.0.4-fpm
Normal file
@ -0,0 +1,4 @@
|
||||
Upgrades mariadb from 10.5 to 11.4
|
||||
NOTE: If your Nextcloud instance is using mariadb, after running this update you MUST run the database upgrade command:
|
||||
`abra app command nextcloud.yourserver.org db upgrade_mariadb`
|
||||
More info: https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-4/
|
||||
Reference in New Issue
Block a user