Compare commits
13 Commits
update-ngi
...
kc_stable
| Author | SHA1 | Date | |
|---|---|---|---|
| e46a9411ef | |||
| b9a7b9730e | |||
| 00264a9c44 | |||
| d7d33b099f | |||
| 01fe498831 | |||
| 9859907d4b | |||
| 6c0fa9c12d | |||
| a3c99a72bf | |||
| c94ffed09d | |||
| 7a863573c9 | |||
| c930bbcf56 | |||
| a13e7a509c | |||
| 0f9aba3e9e |
@ -1,6 +1,7 @@
|
||||
TYPE=nextcloud
|
||||
TIMEOUT=900
|
||||
ENABLE_AUTO_UPDATE=true
|
||||
ENABLE_BACKUPS=true
|
||||
|
||||
DOMAIN=nextcloud.example.com
|
||||
## Domain aliases
|
||||
@ -44,6 +45,13 @@ DEFAULT_QUOTA="10 GB"
|
||||
# MAIL_DOMAIN=
|
||||
# SECRET_SMTP_PASSWORD_VERSION=v1
|
||||
|
||||
## Customization
|
||||
# THEMING_COLOR=
|
||||
# THEMING_SLOGAN=
|
||||
# COPY_ASSETS="flow_background.jpg|app:/var/www/html/themes/"
|
||||
# COPY_ASSETS="$COPY_ASSETS icon_left_brand.svg|app:/var/www/html/themes/"
|
||||
# COPY_ASSETS="$COPY_ASSETS icon.png|app:/var/www/html/themes/"
|
||||
|
||||
# APPS="calendar"
|
||||
|
||||
# COLLABORA_URL=https://collabora.example.com
|
||||
|
||||
29
abra.sh
29
abra.sh
@ -5,6 +5,7 @@ export NGINX_CONF_VERSION=v7
|
||||
export MY_CNF_VERSION=v5
|
||||
export ENTRYPOINT_VERSION=v3
|
||||
export CRONTAB_VERSION=v1
|
||||
export PG_BACKUP_VERSION=v1
|
||||
|
||||
run_occ() {
|
||||
su -p www-data -s /bin/sh -c "/var/www/html/occ $@"
|
||||
@ -52,6 +53,27 @@ set_logfile_stdout() {
|
||||
set_system_config logfile '/dev/stdout'
|
||||
}
|
||||
|
||||
customize() {
|
||||
if [ -z "$1" ]
|
||||
then
|
||||
echo "Usage: ... customize <assets_path>"
|
||||
exit 1
|
||||
fi
|
||||
asset_dir=$1
|
||||
for asset in $COPY_ASSETS; do
|
||||
source=$(echo $asset | cut -d "|" -f1)
|
||||
target=$(echo $asset | cut -d "|" -f2)
|
||||
echo copy $source to $target
|
||||
abra app cp $APP_NAME $asset_dir/$source $target
|
||||
done
|
||||
|
||||
abra app cmd -T $APP_NAME app set_app_config theming color \"$THEMING_COLOR\"
|
||||
abra app cmd -T $APP_NAME app set_app_config theming slogan \"$THEMING_SLOGAN\"
|
||||
abra app cmd -T $APP_NAME app run_occ '"theming:config background \"/var/www/html/themes/flow_background.jpg\""'
|
||||
abra app cmd -T $APP_NAME app run_occ '"theming:config logo \"/var/www/html/themes/icon_left_brand.svg\""'
|
||||
abra app cmd -T $APP_NAME app run_occ '"theming:config logoheader \"/var/www/html/themes/icon.png\""'
|
||||
}
|
||||
|
||||
install_bbb() {
|
||||
install_apps bbb
|
||||
set_app_config bbb app.navigation true
|
||||
@ -89,6 +111,7 @@ set_authentik() {
|
||||
install_apps sociallogin
|
||||
AUTHENTIK_SECRET=$(cat /run/secrets/authentik_secret)
|
||||
AUTHENTIK_ID=$(cat /run/secrets/authentik_id)
|
||||
set_system_config logo_url https://$AUTHENTIK_DOMAIN
|
||||
set_app_config sociallogin custom_providers "
|
||||
{
|
||||
\"custom_oidc\":[
|
||||
@ -99,7 +122,7 @@ set_authentik() {
|
||||
\"tokenUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/token/\",
|
||||
\"displayNameClaim\":\"preferred_username\",
|
||||
\"userInfoUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
|
||||
\"logoutUrl\": \"https://$AUTHENTIK_DOMAIN/if/session-end/nextcloud/\",
|
||||
\"logoutUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/nextcloud/end-session/\",
|
||||
\"clientId\":\"$AUTHENTIK_ID\",
|
||||
\"clientSecret\":\"$AUTHENTIK_SECRET\",
|
||||
\"scope\":\"openid profile email nextcloud\",
|
||||
@ -121,3 +144,7 @@ set_authentik() {
|
||||
run_occ 'config:system:set allow_user_to_change_display_name --value=false'
|
||||
run_occ 'config:system:set lost_password_link --value=disabled'
|
||||
}
|
||||
|
||||
disable_skeletondirectory() {
|
||||
run_occ "config:system:set skeletondirectory --value ''"
|
||||
}
|
||||
|
||||
@ -5,7 +5,7 @@ authentik:
|
||||
- AUTHENTIK_DOMAIN
|
||||
- SECRET_AUTHENTIK_SECRET_VERSION
|
||||
- SECRET_AUTHENTIK_ID_VERSION
|
||||
execute:
|
||||
initial-hooks:
|
||||
- app set_authentik
|
||||
shared_secrets:
|
||||
nextcloud_secret: authentik_secret
|
||||
@ -15,10 +15,10 @@ onlyoffice:
|
||||
- compose.onlyoffice.yml
|
||||
- ONLYOFFICE_URL
|
||||
- SECRET_ONLYOFFICE_JWT_VERSION
|
||||
execute:
|
||||
initial-hooks:
|
||||
- app install_onlyoffice
|
||||
collabora:
|
||||
uncomment:
|
||||
- COLLABORA_URL
|
||||
execute:
|
||||
initial-hooks:
|
||||
- app install_collabora
|
||||
|
||||
@ -2,7 +2,7 @@ version: "3.8"
|
||||
|
||||
services:
|
||||
elasticsearch:
|
||||
image: "docker.elastic.co/elasticsearch/elasticsearch:8.11.4"
|
||||
image: "docker.elastic.co/elasticsearch/elasticsearch:8.15.0"
|
||||
environment:
|
||||
- cluster.name=docker-cluster
|
||||
- bootstrap.memory_lock=true
|
||||
@ -29,7 +29,7 @@ services:
|
||||
mode: 0600
|
||||
|
||||
searchindexer:
|
||||
image: nextcloud:29.0.1-fpm
|
||||
image: nextcloud:28.0.10-fpm
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
|
||||
@ -28,10 +28,9 @@ services:
|
||||
- internal
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: 'mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud > /var/lib/mysql/backup.sql'
|
||||
backupbot.backup.post-hook: "rm -rf /var/lib/mysql/backup.sql"
|
||||
backupbot.backup.path: "/var/lib/mysql/backup.sql"
|
||||
backupbot.backup.volumes.mariadb.path: "backup.sql"
|
||||
backupbot.restore.post-hook: 'mysql -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud < /var/lib/mysql/backup.sql'
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", 'mysqladmin -p"$$(cat /run/secrets/db_root_password)" ping']
|
||||
interval: 30s
|
||||
|
||||
@ -10,7 +10,7 @@ services:
|
||||
- NEXTCLOUD_UPDATE=1
|
||||
|
||||
db:
|
||||
image: "postgres:12"
|
||||
image: "postgres:13"
|
||||
command: -c "max_connections=${MAX_DB_CONNECTIONS:-100}"
|
||||
volumes:
|
||||
- "postgres:/var/lib/postgresql/data"
|
||||
@ -29,10 +29,18 @@ services:
|
||||
retries: 5
|
||||
deploy:
|
||||
labels:
|
||||
backupbot.backup: "true"
|
||||
backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql"
|
||||
backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql"
|
||||
backupbot.backup.path: "/var/lib/postgresql/data/"
|
||||
backupbot.backup.pre-hook: "/pg_backup.sh backup"
|
||||
backupbot.backup.volumes.postgres.path: "backup.sql"
|
||||
backupbot.restore.post-hook: '/pg_backup.sh restore'
|
||||
configs:
|
||||
- source: pg_backup
|
||||
target: /pg_backup.sh
|
||||
mode: 0555
|
||||
|
||||
volumes:
|
||||
postgres:
|
||||
|
||||
configs:
|
||||
pg_backup:
|
||||
name: ${STACK_NAME}_pg_backup_${PG_BACKUP_VERSION}
|
||||
file: pg_backup.sh
|
||||
|
||||
16
compose.yml
16
compose.yml
@ -1,7 +1,7 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
web:
|
||||
image: nginx:1.26.1
|
||||
image: nginx:1.27.1
|
||||
depends_on:
|
||||
- app
|
||||
configs:
|
||||
@ -46,7 +46,7 @@ services:
|
||||
start_period: 5m
|
||||
|
||||
app:
|
||||
image: nextcloud:29.0.1-fpm
|
||||
image: nextcloud:28.0.10-fpm
|
||||
depends_on:
|
||||
- db
|
||||
configs:
|
||||
@ -91,10 +91,12 @@ services:
|
||||
failure_action: rollback
|
||||
order: start-first
|
||||
labels:
|
||||
- "coop-cloud.${STACK_NAME}.version=8.0.0+29.0.1-fpm"
|
||||
- "coop-cloud.${STACK_NAME}.version=6.0.11+28.0.10-fpm"
|
||||
- "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
|
||||
- "backupbot.backup=true"
|
||||
- "backupbot.backup.path=/var/www/html/config/,/var/www/html/data/,/var/www/html/custom_apps/"
|
||||
- "backupbot.backup=${ENABLE_BACKUPS:-true}"
|
||||
- "backupbot.backup.volumes.redis=false"
|
||||
#- "backupbot.backup.volumes.nextcloud=false"
|
||||
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", 'SCRIPT_NAME=status SCRIPT_FILENAME=/var/www/html/status.php REQUEST_METHOD=GET cgi-fcgi -bind -connect 127.0.0.1:9000 | grep "installed\":true"']
|
||||
interval: 30s
|
||||
@ -103,7 +105,7 @@ services:
|
||||
start_period: 15m
|
||||
|
||||
cron:
|
||||
image: nextcloud:29.0.1-fpm
|
||||
image: nextcloud:28.0.10-fpm
|
||||
volumes:
|
||||
- nextcloud:/var/www/html/
|
||||
- nextapps:/var/www/html/custom_apps:cached
|
||||
@ -119,7 +121,7 @@ services:
|
||||
|
||||
|
||||
cache:
|
||||
image: redis:7.2.5-alpine
|
||||
image: redis:7.4.0-alpine
|
||||
networks:
|
||||
- internal
|
||||
volumes:
|
||||
|
||||
27
pg_backup.sh
Normal file
27
pg_backup.sh
Normal file
@ -0,0 +1,27 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
BACKUP_FILE='/var/lib/postgresql/data/backup.sql'
|
||||
|
||||
function backup {
|
||||
export PGPASSWORD=$(cat /run/secrets/db_password)
|
||||
pg_dump -U ${POSTGRES_USER} ${POSTGRES_DB} > $BACKUP_FILE
|
||||
}
|
||||
|
||||
function restore {
|
||||
cd /var/lib/postgresql/data/
|
||||
# Don't allow any other connections than local
|
||||
cp pg_hba.conf pg_hba.conf.bak
|
||||
echo "local all all trust" > pg_hba.conf
|
||||
su postgres -c 'pg_ctl reload'
|
||||
# Recreate Database
|
||||
psql -U ${POSTGRES_USER} -d postgres -c "DROP DATABASE ${POSTGRES_DB} WITH (FORCE);"
|
||||
createdb -U ${POSTGRES_USER} ${POSTGRES_DB}
|
||||
psql -U ${POSTGRES_USER} -d ${POSTGRES_DB} -1 -f $BACKUP_FILE
|
||||
# Restore allowed connections
|
||||
cat pg_hba.conf.bak > pg_hba.conf
|
||||
su postgres -c 'pg_ctl reload'
|
||||
}
|
||||
|
||||
$@
|
||||
1
release/9.1.0+29.0.5-fpm
Normal file
1
release/9.1.0+29.0.5-fpm
Normal file
@ -0,0 +1 @@
|
||||
Added automated customization options. Config needs to be updated to be able to use it.
|
||||
Reference in New Issue
Block a user