javielico/nextcloud
0
0
Fork 0
forked from coop-cloud/nextcloud
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: javielico:main
Branches Tags
javielico:main
javielico:auto_app_install
javielico:embed_nextcloud_in_iframe
javielico:auto_configure_sso
javielico:add-postgres-db
coop-cloud:main
coop-cloud:kc_stable
coop-cloud:nextcloud-v28
coop-cloud:add-theming-v28.0.5
coop-cloud:add-theming
coop-cloud:update-nginx-conf
coop-cloud:split-bbb-onlyoffice-compos
coop-cloud:split-onlyoffice-bbb-config
coop-cloud:authentik_sso
coop-cloud:healthchecks
coop-cloud:occ_cmds
coop-cloud:auto_app_install
coop-cloud:embed_nextcloud_in_iframe
coop-cloud:auto_configure_sso
coop-cloud:add-postgres-db
javielico:2.1.4+24.0.6-fpm
javielico:2.1.3+24.0.5-fpm
javielico:2.1.2+24.0.3-fpm
javielico:2.1.1+24.0.2-fpm
javielico:2.1.0+24.0.0-fpm
javielico:2.0.0+23.0.4-fpm
javielico:1.0.0+23.0.1-fpm
coop-cloud:11.3.0+30.0.6-fpm
coop-cloud:11.2.0+30.0.6-fpm
coop-cloud:11.1.0+30.0.6-fpm
coop-cloud:11.0.1+30.0.4-fpm
coop-cloud:11.0.0+30.0.4-fpm
coop-cloud:10.0.0+30.0.4-fpm
coop-cloud:9.2.0+29.0.8-fpm
coop-cloud:6.0.11+28.0.10-fpm
coop-cloud:6.0.10+28.0.10-fpm
coop-cloud:6.0.9+28.0.10-fpm
coop-cloud:9.1.2+29.0.5-fpm
coop-cloud:6.0.8+28.0.5-fpm
coop-cloud:6.0.7+28.0.5-fpm
coop-cloud:9.1.0+29.0.5-fpm
coop-cloud:9.0.0+29.0.5-fpm
coop-cloud:6.0.6+28.0.5-fpm
coop-cloud:8.0.1+29.0.3-fpm
coop-cloud:8.0.0+29.0.1-fpm
coop-cloud:7.0.3+29.0.1-fpm
coop-cloud:6.0.5+28.0.5-fpm
coop-cloud:7.0.2+29.0.1-fpm
coop-cloud:7.0.1+29.0.1-fpm
coop-cloud:7.0.0+29.0.0-fpm
coop-cloud:6.0.4+28.0.5-fpm
coop-cloud:6.0.3+28.0.5-fpm
coop-cloud:6.0.2+28.0.5-fpm
coop-cloud:5.0.3+27.0.1-fpm
coop-cloud:6.0.1+28.0.2-fpm
coop-cloud:6.0.0+28.0.1-fpm
coop-cloud:5.2.0+27.1.5-fpm
coop-cloud:5.1.1+27.1.5-fpm
coop-cloud:5.1.0+27.1.3-fpm
coop-cloud:5.0.2+27.0.1-fpm
coop-cloud:5.0.1+27.0.1-fpm
coop-cloud:5.0.0+27.0.0-fpm
coop-cloud:4.0.7+26.0.2-fpm
coop-cloud:4.0.6+26.0.2-fpm
coop-cloud:4.0.5+26.0.2-fpm
coop-cloud:4.0.4+26.0.2-fpm
coop-cloud:4.0.3+26.0.2-fpm
coop-cloud:4.0.2+26.0.2-fpm
coop-cloud:4.0.1+26.0.1-fpm
coop-cloud:4.0.0+26.0.1-fpm
coop-cloud:3.3.2+25.0.6-fpm
coop-cloud:3.3.1+25.0.5-fpm
coop-cloud:3.3.0+25.0.5-fpm
coop-cloud:3.2.0+25.0.4-fpm
coop-cloud:3.1.2+25.0.4-fpm
coop-cloud:3.1.1+25.0.1-fpm
coop-cloud:3.1.0+25.0.1-fpm
coop-cloud:3.0.1+25.0.1-fpm
coop-cloud:3.0.0+25.0.1-fpm
coop-cloud:2.1.4+24.0.6-fpm
coop-cloud:2.1.3+24.0.5-fpm
coop-cloud:2.1.2+24.0.3-fpm
coop-cloud:2.1.1+24.0.2-fpm
coop-cloud:2.1.0+24.0.0-fpm
coop-cloud:2.0.0+23.0.4-fpm
coop-cloud:1.0.0+23.0.1-fpm
..
compare: javielico:embed_nextcloud_in_iframe
Branches Tags
javielico:main
javielico:auto_app_install
javielico:embed_nextcloud_in_iframe
javielico:auto_configure_sso
javielico:add-postgres-db
coop-cloud:main
coop-cloud:kc_stable
coop-cloud:nextcloud-v28
coop-cloud:add-theming-v28.0.5
coop-cloud:add-theming
coop-cloud:update-nginx-conf
coop-cloud:split-bbb-onlyoffice-compos
coop-cloud:split-onlyoffice-bbb-config
coop-cloud:authentik_sso
coop-cloud:healthchecks
coop-cloud:occ_cmds
coop-cloud:auto_app_install
coop-cloud:embed_nextcloud_in_iframe
coop-cloud:auto_configure_sso
coop-cloud:add-postgres-db
javielico:2.1.4+24.0.6-fpm
javielico:2.1.3+24.0.5-fpm
javielico:2.1.2+24.0.3-fpm
javielico:2.1.1+24.0.2-fpm
javielico:2.1.0+24.0.0-fpm
javielico:2.0.0+23.0.4-fpm
javielico:1.0.0+23.0.1-fpm
coop-cloud:11.3.0+30.0.6-fpm
coop-cloud:11.2.0+30.0.6-fpm
coop-cloud:11.1.0+30.0.6-fpm
coop-cloud:11.0.1+30.0.4-fpm
coop-cloud:11.0.0+30.0.4-fpm
coop-cloud:10.0.0+30.0.4-fpm
coop-cloud:9.2.0+29.0.8-fpm
coop-cloud:6.0.11+28.0.10-fpm
coop-cloud:6.0.10+28.0.10-fpm
coop-cloud:6.0.9+28.0.10-fpm
coop-cloud:9.1.2+29.0.5-fpm
coop-cloud:6.0.8+28.0.5-fpm
coop-cloud:6.0.7+28.0.5-fpm
coop-cloud:9.1.0+29.0.5-fpm
coop-cloud:9.0.0+29.0.5-fpm
coop-cloud:6.0.6+28.0.5-fpm
coop-cloud:8.0.1+29.0.3-fpm
coop-cloud:8.0.0+29.0.1-fpm
coop-cloud:7.0.3+29.0.1-fpm
coop-cloud:6.0.5+28.0.5-fpm
coop-cloud:7.0.2+29.0.1-fpm
coop-cloud:7.0.1+29.0.1-fpm
coop-cloud:7.0.0+29.0.0-fpm
coop-cloud:6.0.4+28.0.5-fpm
coop-cloud:6.0.3+28.0.5-fpm
coop-cloud:6.0.2+28.0.5-fpm
coop-cloud:5.0.3+27.0.1-fpm
coop-cloud:6.0.1+28.0.2-fpm
coop-cloud:6.0.0+28.0.1-fpm
coop-cloud:5.2.0+27.1.5-fpm
coop-cloud:5.1.1+27.1.5-fpm
coop-cloud:5.1.0+27.1.3-fpm
coop-cloud:5.0.2+27.0.1-fpm
coop-cloud:5.0.1+27.0.1-fpm
coop-cloud:5.0.0+27.0.0-fpm
coop-cloud:4.0.7+26.0.2-fpm
coop-cloud:4.0.6+26.0.2-fpm
coop-cloud:4.0.5+26.0.2-fpm
coop-cloud:4.0.4+26.0.2-fpm
coop-cloud:4.0.3+26.0.2-fpm
coop-cloud:4.0.2+26.0.2-fpm
coop-cloud:4.0.1+26.0.1-fpm
coop-cloud:4.0.0+26.0.1-fpm
coop-cloud:3.3.2+25.0.6-fpm
coop-cloud:3.3.1+25.0.5-fpm
coop-cloud:3.3.0+25.0.5-fpm
coop-cloud:3.2.0+25.0.4-fpm
coop-cloud:3.1.2+25.0.4-fpm
coop-cloud:3.1.1+25.0.1-fpm
coop-cloud:3.1.0+25.0.1-fpm
coop-cloud:3.0.1+25.0.1-fpm
coop-cloud:3.0.0+25.0.1-fpm
coop-cloud:2.1.4+24.0.6-fpm
coop-cloud:2.1.3+24.0.5-fpm
coop-cloud:2.1.2+24.0.3-fpm
coop-cloud:2.1.1+24.0.2-fpm
coop-cloud:2.1.0+24.0.0-fpm
coop-cloud:2.0.0+23.0.4-fpm
coop-cloud:1.0.0+23.0.1-fpm

1 Commits
main ... embed_next

Author SHA1 Message Date
Philipp Rothmann
e8a8f636d0 add headers to embed nextcloud in frame on external site 
This introduces new env variables to configure nextloud to be embedded via
iframe on an external site.
Setting X_FRAME_OPTIONS_ENABLED=1 will configure nginx and nextcloud to
set X-Frame-Options and CSP headers to allow the domain configured in
X_FRAME_OPTIONS_ALLOW_FROM.
 2022-08-31 15:40:18 +02:00
8 changed files with 16 additions and 32 deletions
Show Stats Expand all files Collapse all files

4
.env.sample
View File

@ -1,6 +1,6 @@
TYPE=nextcloud
DOMAIN={{ .Domain }}
DOMAIN=nextcloud.example.com
## Domain aliases
#EXTRA_DOMAINS=', `www.nextcloud.example.com`'
LETS_ENCRYPT_ENV=production
@ -19,5 +19,3 @@ EXTRA_VOLUME=/dev/null:/tmp/.dummy
# X_FRAME_OPTIONS_ENABLED=1
# X_FRAME_OPTIONS_ALLOW_FROM=embedding-site.example.org
# APPS="calendar sociallogin onlyoffice"

1
.gitignore vendored
View File

@ -1,2 +1 @@
/.envrc

5
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,5 @@
{
"shellcheck.customArgs": [
"--shell=bash"
]
}

20
abra.sh
View File

@ -1,7 +1,7 @@
export FPM_TUNE_VERSION=v4
export NGINX_CONF_VERSION=v4
export NGINX_CONF_VERSION=v3
export MY_CNF_VERSION=v4
export ENTRYPOINT_VERSION=v2
export ENTRYPOINT_VERSION=v1
NC_APP_DIR="app:/var/www/html"
@ -13,22 +13,6 @@ sub_occ(){
sub_app_run php /var/www/html/occ "$@"
}
run_occ(){
su -p www-data -s /bin/sh -c "/var/www/html/occ $@"
}
install_apps(){
install_apps="$@"
if [ -z "$install_apps" ]
then
install_apps=$APPS
fi
for app in $install_apps
do
run_occ "app:install $app"
done
}
_backup_app() {
# Copied _abra_backup_dir to make UX better on restore and backup
{

1
compose.postgres.yml
View File

@ -2,6 +2,7 @@ version: '3.8'
services:
app:
entrypoint: "sh -c 'sleep 10 && /entrypoint.sh php-fpm'" # tries to mitigate this error with postgres https://github.com/nextcloud/docker/issues/1204
environment:
- POSTGRES_HOST=db
- POSTGRES_DB=nextcloud

11
compose.yml
View File

@ -1,7 +1,7 @@
version: "3.8"
services:
web:
image: nginx:1.22.1
image: nginx:1.23.1
configs:
- source: nginx_conf
target: /etc/nginx/nginx.conf
@ -35,7 +35,7 @@ services:
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
app:
image: nextcloud:25.0.1-fpm
image: nextcloud:24.0.3-fpm
depends_on:
- db
configs:
@ -49,7 +49,6 @@ services:
- db_password
- admin_password
environment:
- APPS
- X_FRAME_OPTIONS_ALLOW_FROM
- X_FRAME_OPTIONS_ENABLED
- DOMAIN
@ -78,12 +77,12 @@ services:
failure_action: rollback
order: start-first
labels:
- "coop-cloud.${STACK_NAME}.version=2.1.6+25.0.1-fpm"
- "coop-cloud.${STACK_NAME}.version=2.1.2+24.0.3-fpm"
- "backupbot.backup=true"
- "backupbot.backup.path=/var/www/html/config/,/var/www/html/data/,/var/www/html/custom_apps/"
cron:
image: nextcloud:25.0.1-fpm
image: nextcloud:24.0.3-fpm
volumes:
- nextcloud:/var/www/html/
- nextapps:/var/www/html/custom_apps:cached
@ -95,7 +94,7 @@ services:
entrypoint: /cron.sh
cache:
image: redis:7.0.5-alpine
image: redis:7.0.4-alpine
networks:
- internal
volumes:

3
entrypoint.sh.tmpl
View File

@ -1,8 +1,5 @@
#!/bin/bash
echo "Giving the db container some time to come up"; sleep 20
# see this issue with postgres db https://github.com/nextcloud/docker/issues/1204
{{ if eq (env "X_FRAME_OPTIONS_ENABLED") "1" }}
if ! [[ $(grep {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }} lib/public/AppFramework/Http/ContentSecurityPolicy.php) ]]; then
sed -i "91 a\\\t\t'{{ env "X_FRAME_OPTIONS_ALLOW_FROM" }}', " lib/public/AppFramework/Http/ContentSecurityPolicy.php

3
nginx.conf.tmpl
View File

@ -67,7 +67,8 @@ http {
add_header X-XSS-Protection "1; mode=block" always;
{{ if eq (env "X_FRAME_OPTIONS_ENABLED") "1" }}
add_header Content-Security-Policy "frame-ancestors {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }} {{ env "DOMAIN" }}";
add_header X-Frame-Options "{{ env "X_FRAME_OPTIONS_ALLOW_FROM" }}" always;
add_header Content-Security-Policy "frame-ancestors {{ env "X_FRAME_OPTIONS_ALLOW_FROM" }}";
{{ else }}
add_header X-Frame-Options "SAMEORIGIN" always;
{{ end }}