chore(deps): update nextcloud docker tag to v32.0.6

2026-03-10 17:58:46 +00:00
8 changed files with 9 additions and 75 deletions
--- a/.env.sample
+++ b/.env.sample
@ -93,14 +93,6 @@ DEFAULT_QUOTA="10 GB"
 #SECRET_TALK_TURN_SECRET_VERSION=v1 # length=64 charset=default
 #SECRET_TALK_SIGNALING_SECRET_VERSION=v1 # length=64 charset=default

-# COMPOSE_FILE="$COMPOSE_FILE:compose.user_oidc.yml"
-# APPS="$APPS user_oidc"
-# USER_OIDC_PROVIDER=
-# USER_OIDC_ID=
-# USER_OIDC_DISCOVERY_URI=
-# USER_OIDC_END_SESSION_URI=
-# USER_OIDC_LOGIN_ONLY=false
-# SECRET_USER_OIDC_SECRET_VERSION=v1

 # HSTS Options
 # Uncomment this line to enable HSTS: https://docs.nextcloud.com/server/30/admin_manual/installation/harden_server.html
--- a/README.md
+++ b/README.md
@ -25,21 +25,15 @@ Fully automated luxury Nextcloud via docker-swarm.

 ### Onlyoffice Integration

-First install onlyoffice following the instructions in the 
-[OnlyOffice Recipe](https://recipes.coopcloud.tech/onlyoffice), and enable
-the JWT secret.
-
 `abra app config <app-name>` 

-Configure the following envs with the URL of the onlyoffice service:
+Configure the following envs:
 ```
 COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yml"
 ONLYOFFICE_URL=https://onlyoffice.example.com
 SECRET_ONLYOFFICE_JWT_VERSION=v1
 ```

-Then set the onlyoffice JWT secret from the onlyoffice installation:
-
 * `abra app secret insert <app-name> onlyoffice_jwt v1 <jwt_secret>`
 * `abra app cmd <app-name> app install_onlyoffice`

@ -194,31 +188,6 @@ We've been able to get this setup by using the [social login](https://apps.nextc

 If using Keycloak, you'll want to do [this trick](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/) also.

-## How do I enable OpenID Connect (OIDC) providers?
-[user_oidc](https://github.com/nextcloud/user_oidc) is the recommended way to integrate Nextcloud with OIDC providers.
-
-Run `abra app config <app-name>`
-
-Set the following envs:
-```env
-COMPOSE_FILE="$COMPOSE_FILE:compose.user_oidc.yml"
-APPS="$APPS user_oidc"
-USER_OIDC_PROVIDER=example-provider # this has been tested with keycloak
-USER_OIDC_ID=example-client-id # get this from your oidc provider
-USER_OIDC_DISCOVERY_URI=example-oidc-provider.com/.well-known/openid-configuration # get this from your oidc provider
-USER_OIDC_END_SESSION_URI=example-oidc-provider.com/protocol/openid-connect/logout # get this from your oidc provider
-USER_OIDC_LOGIN_ONLY=false # set this to true to automatically redirect all logins to your oidc provider
-SECRET_USER_OIDC_SECRET_VERSION=v1
-```
-
-Then insert the client secret from your OIDC provider:
-```sh
-abra app secret insert <app-name> user_oidc_secret v1 <client-secret from oidc provider>
-```
-
-After you deploy (or redeploy), run the following to set up the user_oidc Nextcloud app:
-`abra app cmd <app-name> app set_user_oidc`
-
 ## How can I customise the CSS?

 There is some basic stuff in the admin settings.
--- a/abra.sh
+++ b/abra.sh
@ -159,23 +159,6 @@ set_authentik() {
    run_occ 'config:system:set lost_password_link --value=disabled'
 }

-set_user_oidc() {
-    install_apps user_oidc
-    USER_OIDC_SECRET=$(cat /run/secrets/user_oidc_secret)
-    run_occ "user_oidc:provider \
-            --clientid=${USER_OIDC_ID} \
-            --clientsecret=${USER_OIDC_SECRET} \
-            --discoveryuri=${USER_OIDC_DISCOVERY_URI} \
-            --endsessionendpointuri=${USER_OIDC_END_SESSION_URI} \
-            --postlogouturi=https://${DOMAIN} \
-            --scope='openid email profile' \
-            ${USER_OIDC_PROVIDER}"
-    # disable non user_oidc login
-    if [[ ${USER_OIDC_LOGIN_ONLY:-false} = "true" ]]; then
-        run_occ "config:app:set --value=0 user_oidc allow_multiple_user_backends"
-    fi
-}
-
 disable_skeletondirectory() {
    run_occ "config:system:set skeletondirectory --value ''"
 }
--- a/compose.fulltextsearch.yml
+++ b/compose.fulltextsearch.yml
@ -29,7 +29,7 @@ services:
        mode: 0600

  searchindexer:
-    image: nextcloud:32.0.3-fpm
+    image: nextcloud:32.0.6-fpm
    volumes:
      - nextcloud:/var/www/html/
      - nextapps:/var/www/html/custom_apps:cached
--- a/compose.talk.yml
+++ b/compose.talk.yml
@ -14,7 +14,7 @@ services:
    deploy:
      labels:
        - traefik.enable=true
-        - traefik.swarm.network=proxy
+        - traefik.docker.network=proxy
        - traefik.http.services.${STACK_NAME}_talk.loadbalancer.server.port=8081
        - traefik.http.routers.${STACK_NAME}_talk.rule=Host(`${TALK_DOMAIN}`)
        - traefik.http.routers.${STACK_NAME}_talk.entrypoints=web-secure
@ -67,4 +67,4 @@ configs:
  entrypoint_talk:
    name: ${STACK_NAME}_entrypoint_talk_${ENTRYPOINT_TALK_VERSION}
    file: entrypoint.talk.sh.tmpl
-    template_driver: golang
+    template_driver: golang
--- a/compose.user_oidc.yml
+++ b/compose.user_oidc.yml
@ -1,10 +0,0 @@
-version: "3.8"
-services:
-  app:
-    secrets:
-      - user_oidc_secret
-
-secrets:
-  user_oidc_secret:
-    external: true
-    name: ${STACK_NAME}_user_oidc_secret_${SECRET_USER_OIDC_SECRET_VERSION}
--- a/compose.whiteboard.yml
+++ b/compose.whiteboard.yml
@ -10,7 +10,7 @@ services:
    deploy:
      labels:
        - traefik.enable=true
-        - traefik.swarm.network=proxy
+        - traefik.docker.network=proxy
        - traefik.http.services.${STACK_NAME}_whiteboard.loadbalancer.server.port=3002
        - traefik.http.routers.${STACK_NAME}_whiteboard.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS}) && PathPrefix(`/whiteboard`)
        - traefik.http.routers.${STACK_NAME}_whiteboard.entrypoints=web-secure
@ -41,4 +41,4 @@ configs:
  entrypoint_whiteboard:
    name: ${STACK_NAME}_entrypoint_whiteboard_${ENTRYPOINT_WHITEBOARD_VERSION}
    file: entrypoint.whiteboard.sh.tmpl
-    template_driver: golang
+    template_driver: golang
--- a/compose.yml
+++ b/compose.yml
@ -29,7 +29,7 @@ services:
        order: start-first
      labels:
        - "traefik.enable=true"
-        - "traefik.swarm.network=proxy"
+        - "traefik.docker.network=proxy"
        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
@ -48,7 +48,7 @@ services:
      start_period: 5m

  app:
-    image: nextcloud:32.0.3-fpm
+    image: nextcloud:32.0.6-fpm
    depends_on:
      - db
    configs:
@ -109,7 +109,7 @@ services:
      start_period: 15m

  cron:
-    image: nextcloud:32.0.3-fpm
+    image: nextcloud:32.0.6-fpm
    volumes:
      - nextcloud:/var/www/html/
      - nextapps:/var/www/html/custom_apps:cached