chore: publish 11.4.0+30.0.10-fpm release

.env.sample

@@ -55,12 +55,6 @@ DEFAULT_QUOTA="10 GB"
 # APPS="calendar"
 
 # COLLABORA_URL=https://collabora.example.com
-## IMPORTANT FOR SECURITY REASONS WHEN RUNNING COLLABORA
-## list of IP addresses that are allowed to make WOPI requests. Use the default
-## when running the collabora server on the same machine as nextcloud.
-## Otherwise set this to the IP address range of your collabora server(s) i.e. 1.2.3.4/32
-## https://docs.nextcloud.com/server/latest/admin_manual/office/configuration.html#wopi-settings
-# COLLABORA_ALLOWLIST="172.16.0.0/12"
 
 # COMPOSE_FILE="$COMPOSE_FILE:compose.onlyoffice.yml"
 # ONLYOFFICE_URL=https://onlyoffice.example.com
@@ -87,9 +81,3 @@ DEFAULT_QUOTA="10 GB"
 
 #COMPOSE_FILE="$COMPOSE_FILE:compose.fulltextsearch.yml"
 #SECRET_ELASTICSEARCH_PASSWORD_VERSION=v1
-
-# HSTS Options
-# Uncomment this line to enable HSTS: https://docs.nextcloud.com/server/30/admin_manual/installation/harden_server.html
-#HSTS_ENABLED=1
-# Uncomment this line to add the `preload` part
-#HSTS_PRELOAD=1

abra.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 export FPM_TUNE_VERSION=v5
-export NGINX_CONF_VERSION=v8
+export NGINX_CONF_VERSION=v7
 export MY_CNF_VERSION=v5
 export ENTRYPOINT_VERSION=v3
 export ENTRYPOINT_WHITEBOARD_VERSION=v1
@@ -92,9 +92,6 @@ install_onlyoffice() {
 install_collabora() {
     install_apps richdocuments
     set_app_config richdocuments wopi_url "$COLLABORA_URL"
-    # important for security reaosns
-    # https://docs.nextcloud.com/server/latest/admin_manual/office/configuration.html#wopi-settings
-    set_app_config richdocuments wopi_allowlist "$COLLABORA_ALLOWLIST"
 }
 
 install_whiteboard() {
@@ -172,4 +169,4 @@ set_windowsfriendly_filenames() {
 
 upgrade_mariadb() {
     mariadb-upgrade -p`cat /run/secrets/db_root_password`
-}
+}

compose.fulltextsearch.yml

@@ -2,7 +2,7 @@ version: "3.8"
 
 services:
   elasticsearch:
-    image: "docker.elastic.co/elasticsearch/elasticsearch:8.17.2"
+    image: "docker.elastic.co/elasticsearch/elasticsearch:8.17.7"
     environment:
       - cluster.name=docker-cluster
       - bootstrap.memory_lock=true
@@ -29,7 +29,7 @@ services:
         mode: 0600
 
   searchindexer:
-    image: nextcloud:31.0.6-fpm
+    image: nextcloud:30.0.10-fpm
     volumes:
       - nextcloud:/var/www/html/
       - nextapps:/var/www/html/custom_apps:cached

compose.whiteboard.yml

@@ -6,7 +6,7 @@ services:
       - whiteboard_jwt
 
   whiteboard:
-    image: ghcr.io/nextcloud-releases/whiteboard:v1.1.2
+    image: ghcr.io/nextcloud-releases/whiteboard:v1.0.5
     deploy:
       labels:
         - traefik.enable=true

compose.yml

@@ -1,7 +1,7 @@
 version: "3.8"
 services:
   web:
-    image: nginx:1.29.0
+    image: nginx:1.27.5
     depends_on:
       - app
     configs:
@@ -12,8 +12,6 @@ services:
       - X_FRAME_OPTIONS_ENABLED
       - DOMAIN
       - STACK_NAME
-      - HSTS_ENABLED
-      - HSTS_PRELOAD
     volumes:
       - nextcloud:/var/www/html/
       - nextapps:/var/www/html/custom_apps:cached
@@ -48,7 +46,7 @@ services:
       start_period: 5m
 
   app:
-    image: nextcloud:31.0.6-fpm
+    image: nextcloud:30.0.10-fpm
     depends_on:
       - db
     configs:
@@ -74,7 +72,6 @@ services:
       - TRUSTED_PROXIES=10.0.0.0/8
       - REDIS_HOST=cache
       - OVERWRITEPROTOCOL=https
-      - OVERWRITECLIURL=https://${DOMAIN}
       - PHP_MEMORY_LIMIT=${PHP_MEMORY_LIMIT:-1G}
       - FPM_MAX_CHILDREN=${FPM_MAX_CHILDREN:-131}
       - FPM_START_SERVERS=${FPM_START_SERVERS:-32}
@@ -94,7 +91,7 @@ services:
         failure_action: rollback
         order: start-first
       labels:
-        - "coop-cloud.${STACK_NAME}.version=12.0.1+31.0.6-fpm"
+        - "coop-cloud.${STACK_NAME}.version=11.4.0+30.0.10-fpm"
         - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
         - "backupbot.backup=${ENABLE_BACKUPS:-true}"
         - "backupbot.backup.volumes.redis=false"
@@ -108,7 +105,7 @@ services:
       start_period: 15m
 
   cron:
-    image: nextcloud:31.0.6-fpm
+    image: nextcloud:30.0.10-fpm
     volumes:
       - nextcloud:/var/www/html/
       - nextapps:/var/www/html/custom_apps:cached
@@ -124,7 +121,7 @@ services:
 
 
   cache:
-    image: redis:8.0.2-alpine
+    image: redis:7.4.4-alpine
     networks:
       - internal
     volumes:

nginx.conf.tmpl

@@ -45,13 +45,6 @@ http {
         # could take several months.
         #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
 
-        {{ if eq (env "HSTS_ENABLED") "1" }}
-        {{ if eq (env "HSTS_PRELOAD") "1" }}
-        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
-        {{ else }}
-        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains;" always;
-        {{ end }}
-        {{ end }}
 
         # set max upload size
         client_max_body_size 512M;