Compare commits
9 Commits
11.4.0+30.
...
12.0.1+31.
| Author | SHA1 | Date | |
|---|---|---|---|
| 8c5d843ba4 | |||
| 7074744ba8 | |||
| cb0a103e04 | |||
| ff6873a52c | |||
| 9408a6ab81 | |||
| c4bb6d0932 | |||
| 7a6256f78d | |||
| 8be413fe71 | |||
| af36d22633 |
12
.env.sample
12
.env.sample
@ -55,6 +55,12 @@ DEFAULT_QUOTA="10 GB"
|
||||
# APPS="calendar"
|
||||
|
||||
# COLLABORA_URL=https://collabora.example.com
|
||||
## IMPORTANT FOR SECURITY REASONS WHEN RUNNING COLLABORA
|
||||
## list of IP addresses that are allowed to make WOPI requests. Use the default
|
||||
## when running the collabora server on the same machine as nextcloud.
|
||||
## Otherwise set this to the IP address range of your collabora server(s) i.e. 1.2.3.4/32
|
||||
## https://docs.nextcloud.com/server/latest/admin_manual/office/configuration.html#wopi-settings
|
||||
# COLLABORA_ALLOWLIST="172.16.0.0/12"
|
||||
|
||||
# COMPOSE_FILE="$COMPOSE_FILE:compose.onlyoffice.yml"
|
||||
# ONLYOFFICE_URL=https://onlyoffice.example.com
|
||||
@ -81,3 +87,9 @@ DEFAULT_QUOTA="10 GB"
|
||||
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.fulltextsearch.yml"
|
||||
#SECRET_ELASTICSEARCH_PASSWORD_VERSION=v1
|
||||
|
||||
# HSTS Options
|
||||
# Uncomment this line to enable HSTS: https://docs.nextcloud.com/server/30/admin_manual/installation/harden_server.html
|
||||
#HSTS_ENABLED=1
|
||||
# Uncomment this line to add the `preload` part
|
||||
#HSTS_PRELOAD=1
|
||||
|
||||
7
abra.sh
7
abra.sh
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
export FPM_TUNE_VERSION=v5
|
||||
export NGINX_CONF_VERSION=v7
|
||||
export NGINX_CONF_VERSION=v8
|
||||
export MY_CNF_VERSION=v5
|
||||
export ENTRYPOINT_VERSION=v3
|
||||
export ENTRYPOINT_WHITEBOARD_VERSION=v1
|
||||
@ -92,6 +92,9 @@ install_onlyoffice() {
|
||||
install_collabora() {
|
||||
install_apps richdocuments
|
||||
set_app_config richdocuments wopi_url "$COLLABORA_URL"
|
||||
# important for security reaosns
|
||||
# https://docs.nextcloud.com/server/latest/admin_manual/office/configuration.html#wopi-settings
|
||||
set_app_config richdocuments wopi_allowlist "$COLLABORA_ALLOWLIST"
|
||||
}
|
||||
|
||||
install_whiteboard() {
|
||||
@ -169,4 +172,4 @@ set_windowsfriendly_filenames() {
|
||||
|
||||
upgrade_mariadb() {
|
||||
mariadb-upgrade -p`cat /run/secrets/db_root_password`
|
||||
}
|
||||
}
|
||||
|
||||
@ -29,7 +29,7 @@ services:
|
||||
mode: 0600
|
||||
|
||||
searchindexer:
|
||||
image: nextcloud:30.0.6-fpm
|
||||
image: nextcloud:31.0.6-fpm
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
|
||||
@ -6,7 +6,7 @@ services:
|
||||
- whiteboard_jwt
|
||||
|
||||
whiteboard:
|
||||
image: ghcr.io/nextcloud-releases/whiteboard:v1.0.5
|
||||
image: ghcr.io/nextcloud-releases/whiteboard:v1.1.2
|
||||
deploy:
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
|
||||
13
compose.yml
13
compose.yml
@ -1,7 +1,7 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
web:
|
||||
image: nginx:1.27.4
|
||||
image: nginx:1.29.0
|
||||
depends_on:
|
||||
- app
|
||||
configs:
|
||||
@ -12,6 +12,8 @@ services:
|
||||
- X_FRAME_OPTIONS_ENABLED
|
||||
- DOMAIN
|
||||
- STACK_NAME
|
||||
- HSTS_ENABLED
|
||||
- HSTS_PRELOAD
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
@ -46,7 +48,7 @@ services:
|
||||
start_period: 5m
|
||||
|
||||
app:
|
||||
image: nextcloud:30.0.6-fpm
|
||||
image: nextcloud:31.0.6-fpm
|
||||
depends_on:
|
||||
- db
|
||||
configs:
|
||||
@ -72,6 +74,7 @@ services:
|
||||
- TRUSTED_PROXIES=10.0.0.0/8
|
||||
- REDIS_HOST=cache
|
||||
- OVERWRITEPROTOCOL=https
|
||||
- OVERWRITECLIURL=https://${DOMAIN}
|
||||
- PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT:-1G}
|
||||
- FPM_MAX_CHILDREN=${FPM_MAX_CHILDREN:-131}
|
||||
- FPM_START_SERVERS=${FPM_START_SERVERS:-32}
|
||||
@ -91,7 +94,7 @@ services:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "coop-cloud.${STACK_NAME}.version=11.3.0+30.0.6-fpm"
|
||||
- "coop-cloud.${STACK_NAME}.version=12.0.1+31.0.6-fpm"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||
- "backupbot.backup.volumes.redis=false"
|
||||
@ -105,7 +108,7 @@ services:
|
||||
start_period: 15m
|
||||
|
||||
cron:
|
||||
image: nextcloud:30.0.6-fpm
|
||||
image: nextcloud:31.0.6-fpm
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
@ -121,7 +124,7 @@ services:
|
||||
|
||||
|
||||
cache:
|
||||
image: redis:7.4.2-alpine
|
||||
image: redis:8.0.2-alpine
|
||||
networks:
|
||||
- internal
|
||||
volumes:
|
||||
|
||||
@ -45,6 +45,13 @@ http {
|
||||
# could take several months.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
|
||||
{{ if eq (env "HSTS_ENABLED") "1" }}
|
||||
{{ if eq (env "HSTS_PRELOAD") "1" }}
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
{{ else }}
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains;" always;
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
|
||||
# set max upload size
|
||||
client_max_body_size 512M;
|
||||
|
||||
Reference in New Issue
Block a user