diff --git a/README.md b/README.md index ad4157f..9b47a38 100644 --- a/README.md +++ b/README.md @@ -1,204 +1,24 @@ # Nextcloud -[![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/nextcloud/status.svg)](https://drone.autonomic.zone/coop-cloud/nextcloud) - -Fully automated luxury Nextcloud via docker-swarm. - - -* **Category**: Apps -* **Status**: 2, beta -* **Image**: [`nextcloud`](https://hub.docker.com/_/nextcloud), 4, upstream -* **Healthcheck**: Yes -* **Backups**: No -* **Email**: 3 -* **Tests**: 2 -* **SSO**: 1 (OAuth) - - -## Quick start - -* `abra app new nextcloud` -* `abra app config ` -* `abra app secret insert smtp_password v1 ` -* `abra app secret generate -a ` -* `abra app deploy ` - -### Disable Dashboard - -Disable dashboard app since it is so corporate: - -`abra app config ` -Configure the following envs: -``` -OCC_CMDS="app:disable dashboard" -``` -`abra app cmd app post_install_occ` - -## Running `occ` - -`abra app cmd app run_occ '"user:list --help"'` - -## Default user files - -- Follow [these docs](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/default_files_configuration.html) to set the default files list for each user in the Files app - -## Default App - -- Configure a `defaultapp` in your `config.php` or use [apporder](https://apps.nextcloud.com/apps/apporder) - -## Upgrading Nextcloud apps - -`abra app cmd app run_occ '"app:update --all"'` +Wiki Cafe's configuration for a Nextcloud deployment. Originally slimmed down from an `abra` [recipe](https://git.coopcloud.tech/coop-cloud/nextcloud) by [Co-op Cloud](https://coopcloud.tech/). -## How do I fix a Nextcloud version snafu? +## Deploying the app with Docker Swarm -`Exception: Updates between multiple major versions and downgrades are unsupported.` - -Solution: - -- Look at log files to determine the old Nextcloud version -- Change your local `~/.abra/recipes/nextcloud/compose.yaml` to the highest minor - version in the old version -- e.g. choose `22.2.5` for `22`, if you're - upgrading to `23`. -- Then, do one of (both bad): - 1. `abra app deploy --chaos ...`, then `app run` to go in and manually lower the version number in PHP (shell in, `apt install vim-core && vi version.php`), then try `php ./occ upgrade` - 2. `abra app undeploy ...`, `abra volume rm`, CAREFULLY only choose the volume - ENDING `_nextcloud`, then `abra app deploy --chaos ...`, then edit the - `compose.yaml` to add `entrypoint: ['tail', '-f', '/dev/null']` to `app`, - then `app deploy --chaos` again, then `app run --user=www-data ... app bash` to get in and run `./occ maintenance:repair`, and `./occ upgrade`. -- Change `compose.yaml` to the new version number; `git checkout compose.yaml` -- `abra app deploy --force` -- This wasn't even multiplle major versions was it 😾 - -## How do I integrate with Keycloak SSO? - -Use [this plugin](https://github.com/pulsejet/nextcloud-oidc-login). Unlike the plugin it's forked from, there is no configuration UI, so you'll need to edit `/var/www/html/config/config.php`: +Set the environment variables from the .env file during the shell session. ``` - 'oidc_login_client_id' => 'nextcloud', - 'oidc_login_client_secret' => 'mysecret', - 'oidc_login_provider_url' => 'https://example.com/realms/myrealm', - 'oidc_login_disable_registration' => false, - 'oidc_login_hide_password_form' => true, - 'oidc_login_button_text' => 'Log in with your myssodomain', - 'oidc_login_default_group' => 'mygroup', - 'oidc_login_attributes' => - array ( - 'id' => 'sub', - 'name' => 'name', - 'mail' => 'email', - ), - 'oidc_create_groups' => true, +set -a && source .env && set +a ``` -You can use [this trick](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/) (see "Cryptic Usernames" work-around) to get proper usernames. - -If you ever need to change the realm, you'll need to reset the cache with: +Set the secrets. ``` -docker exec -u www-data php occ config:app:delete oidc_login last_updated_well_known -docker exec -u www-data php occ config:app:delete oidc_login last_updated_jwks +printf "SECRET_HERE" | docker secret create SECRET_NAME - ``` -## How do I enable multiple SSO login buttons? - -We've been able to get this setup by using the [social login](https://apps.nextcloud.com/apps/sociallogin) plugin. - -If using Keycloak, you'll want to do [this trick](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/) also. - -## How can I customise the CSS? - -There is some basic stuff in the admin settings. - -To go a little deeper, you can use [this handy app](https://apps.nextcloud.com/apps/theming_customcss). - -Here is an example CSS config which hides the local login and makes space for a central image: - -```css -#body-login .wrapper main form[name="login"], -#body-login .wrapper main form[name="login"] ~ a { - display: none; -} - -#body-login .logo { - visibility: hidden; -} - -#body-login #alternative-logins a.button[href*="oidc"] { - background: #233b4a; - color: #fff; - transition: all 0.2s ease-in-out; -} -#body-login #alternative-logins a.button[href*="oidc"]:hover { - background: linear-gradient(-35deg, #233b4a 40%, #486c83 100%); -} - -#body-login #alternative-logins a.button[href*="/sociallogin/oauth/google"] { - border: 0; - color: #db4437 !important; - background-color: #fff; -} - -#body-login - #alternative-logins - a.button[href*="/sociallogin/oauth/google"]::before { - width: 25px; - background-color: #db4437; - border-radius: 100%; - background-size: 60%; - background-position: center; - height: 25px; - vertical-align: middle; - margin-right: 4px; -} - -#body-login main { - padding: 50vh 0 0 0; -} - -#body-login a[href*="#body-login"] { - visibility: hidden; -} - -#body-login footer a, -#body-login footer p { - color: #233b4a; -} - -#body-login footer a:hover { - color: #fff; -} - -#body-login footer p.info { - text-shadow: none; -} -``` - -[nextcloud-docker]: https://hub.docker.com/_/nextcloud/ -[`abra`]: https://git.autonomic.zone/autonomic-cooperative/abra -[`coop-cloud/traefik`]: https://git.autonomic.zone/coop-cloud/traefik - -## Using [`previewgenerator`](https://github.com/nextcloud/previewgenerator) app - -> Beware, this appp has been known to not work... - -After you install, enable etc. then you need to run the generation (**warning**: it can take a long time!): +Deploy using the `-c` flag to specify one or multiple compose files. ``` -abra app run app bash -u www-data -./occ preview:generate-all +docker stack deploy nextcloud -c compose.yaml -c compose.mariadb.yaml -c compose.smtp.yaml ``` - -To set up the cron to run again, there is [no clear solution in the context of -containers](https://github.com/nextcloud/previewgenerator/issues/1). So, a -pretty dodgy hack is to run it from the system directly: - -``` -root@foo.com /etc/cron.hourly $ cat foo-com-preview-generate -#!/bin/bash - -docker exec -u www-data $(docker ps -f name=foo_com_app -q) ./occ preview:pre-generate -``` - -This app will improve performance of image browsing at the cost of storage space. diff --git a/compose.mariadb.yaml b/compose.mariadb.yaml index daea515..8d56fed 100644 --- a/compose.mariadb.yaml +++ b/compose.mariadb.yaml @@ -35,10 +35,19 @@ services: timeout: 10s retries: 10 start_period: 1m + configs: my_tune: name: ${STACK_NAME}_my_cnf file: my-tune.cnf +secrets: + db_root_password: + external: true + name: ${STACK_NAME}_db_root_password + db_password: + external: true + name: ${STACK_NAME}_db_password + volumes: mariadb: diff --git a/compose.yaml b/compose.yaml index 6e7c483..1bbd8e1 100644 --- a/compose.yaml +++ b/compose.yaml @@ -118,9 +118,6 @@ services: retries: 20 secrets: - db_root_password: - external: true - name: ${STACK_NAME}_db_root_password db_password: external: true name: ${STACK_NAME}_db_password