add shellscript

chore: publish 2.1.0+24.0.0-fpm release
chore: publish 2.0.0+23.0.4-fpm release
2022-08-04 18:29:38 +02:00 · 2022-05-18 11:12:59 +02:00 · 2022-05-18 10:49:30 +02:00 · 2022-05-18 08:36:26 +00:00 · 2022-03-24 03:17:29 +02:00 · 2022-03-16 12:46:34 +01:00
7 changed files with 177 additions and 38 deletions
--- a/.env.sample
+++ b/.env.sample
@ -5,6 +5,10 @@ DOMAIN=nextcloud.example.com
 #EXTRA_DOMAINS=', `www.nextcloud.example.com`'
 LETS_ENCRYPT_ENV=production

+COMPOSE_FILE="compose.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
+#COMPOSE_FILE="$COMPOSE_FILE:compose.postgres.yml"
+
 ADMIN_USER=admin

 SECRET_DB_ROOT_PASSWORD_VERSION=v1
@ -12,10 +16,3 @@ SECRET_DB_PASSWORD_VERSION=v1
 SECRET_ADMIN_PASSWORD_VERSION=v1

 EXTRA_VOLUME=/dev/null:/tmp/.dummy
-
-## SMTP settings
-#COMPOSE_FILE="compose.yml:compose.mailrelay.yml"
-#SMTP_HOST="postfix_relay_app"
-## Emails are sent from $MAIL_FROM@$MAIL_DOMAIN
-#MAIL_DOMAIN=nextcloud.example.com
-#MAIL_FROM_ADDRESS=nextcloud
--- a/README.md
+++ b/README.md
@ -2,7 +2,7 @@

 [![Build Status](https://drone.autonomic.zone/api/badges/coop-cloud/nextcloud/status.svg)](https://drone.autonomic.zone/coop-cloud/nextcloud)

-Fully automated luxury Nextcloud via docker-swarm. 
+Fully automated luxury Nextcloud via docker-swarm.

 <!-- metadata -->
 * **Category**: Apps
@ -39,6 +39,26 @@ Fully automated luxury Nextcloud via docker-swarm.

 `abra app run --user www-data YOURAPPDOMAIN app occ app:update --all`

+## How do I fix a Nextcloud version snafu?
+
+`Exception: Updates between multiple major versions and downgrades are unsupported.`
+
+Solution:
+
+- Look at log files to determine the old Nextcloud version
+- Change your local `~/.abra/recipes/nextcloud/compose.yml` to the highest minor
+    version in the old version -- e.g. choose `22.2.5` for `22`, if you're
+    upgrading to `23`.
+- Then, do one of (both bad):
+  1. `abra app deploy --chaos ...`, then `app run` to go in and manually lower the version number in PHP (shell in, `apt install vim-core && vi version.php`), then try `php ./occ upgrade`
+  2. `abra app undeploy ...`, `abra volume rm`, CAREFULLY only choose the volume
+     ENDING `_nextcloud`, then `abra app deploy --chaos ...`, then edit the
+     `compose.yml` to add `entrypoint: ['tail', '-f', '/dev/null']` to `app`,
+     then `app deploy --chaos` again, then `app run --user=www-data ... app bash` to get in and run `./occ maintenance:repair`, and `./occ upgrade`. 
+- Change `compose.yml` to the new version number; `git checkout compose.yml`
+- `abra app deploy --force`
+- This wasn't even multiplle major versions was it 😾
+
 ## How do I integrate with Keycloak SSO?

 Use [this plugin](https://github.com/pulsejet/nextcloud-oidc-login). Unlike the plugin it's forked from, there is no configuration UI, so you'll need to edit `/var/www/html/config/config.php`:
@ -69,6 +89,12 @@ docker exec -u www-data <container-id> php occ config:app:delete oidc_login last
 docker exec -u www-data <container-id> php occ config:app:delete oidc_login last_updated_jwks
 ```

+## How do I enable multiple SSO login buttons?
+
+We've been able to get this setup by using the [social login](https://apps.nextcloud.com/apps/sociallogin) plugin.
+
+If using Keycloak, you'll want to do [this trick](https://janikvonrotz.ch/2020/10/20/openid-connect-with-nextcloud-and-keycloak/) also.
+
 ## How can I customise the CSS?

 There is some basic stuff in the admin settings.
--- a/compose.mariadb.yml
+++ b/compose.mariadb.yml
@ -0,0 +1,40 @@
+version: "3.8"
+
+services:
+  app:
+    environment:
+      - MYSQL_HOST=db
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
+
+  db:
+    image: "mariadb:10.5"
+    environment:
+      - MYSQL_DATABASE=nextcloud
+      - MYSQL_USER=nextcloud
+      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
+      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
+    configs:
+      - source: my_tune
+        target: /etc/mysql/conf.d/my-tune.cnf
+    secrets:
+      - db_root_password
+      - db_password
+    volumes:
+      - "mariadb:/var/lib/mysql"
+    networks:
+      - internal
+    deploy:
+      labels:
+          backupbot.backup: "true"
+          backupbot.backup.pre-hook: 'mkdir -p /tmp/backup/ && mysqldump --single-transaction -u root -p"$$(cat /run/secrets/db_root_password)" nextcloud > /tmp/backup/backup.sql'
+          backupbot.backup.post-hook: "rm -rf /tmp/backup"
+          backupbot.backup.path: "/tmp/backup/"
+configs:
+  my_tune:
+    name: ${STACK_NAME}_my_cnf_${MY_CNF_VERSION}
+    file: my-tune.cnf
+
+volumes:
+  mariadb:
--- a/compose.postgres.yml
+++ b/compose.postgres.yml
@ -0,0 +1,38 @@
+version: '3.8'
+
+services:
+  app:
+    entrypoint: "sh -c 'sleep 10 && /entrypoint.sh php-fpm'" # tries to mitigate this error with postgres https://github.com/nextcloud/docker/issues/1204
+    environment:
+      - POSTGRES_HOST=db
+      - POSTGRES_DB=nextcloud
+      - POSTGRES_USER=nextcloud
+      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
+      - NEXTCLOUD_UPDATE=1
+
+  db:
+    image: "postgres:12"
+    volumes:
+      - "postgres:/var/lib/postgresql/data"
+    networks:
+      - internal
+    environment:
+      POSTGRES_USER: nextcloud 
+      POSTGRES_PASSWORD_FILE: /run/secrets/db_password
+      POSTGRES_DB: nextcloud 
+    secrets:
+      - db_password
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+    deploy:
+      labels:
+            backupbot.backup: "true"
+            backupbot.backup.pre-hook: "mkdir -p /tmp/backup/ && PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /tmp/backup/backup.sql"
+            backupbot.backup.post-hook: "rm -rf /tmp/backup"
+            backupbot.backup.path: "/tmp/backup/"
+
+volumes:
+  postgres:
--- a/compose.yml
+++ b/compose.yml
@ -1,7 +1,7 @@
 version: "3.8"
 services:
  web:
-    image: nginx:1.20.0
+    image: nginx:1.21.6
    configs:
      - source: nginx_conf
        target: /etc/nginx/nginx.conf
@ -33,7 +33,7 @@ services:
        - "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"

  app:
-    image: nextcloud:23.0.1-fpm
+    image: nextcloud:24.0.0-fpm
    depends_on:
      - db
    configs:
@ -45,10 +45,6 @@ services:
    environment:
      - DOMAIN
      - STACK_NAME
-      - MYSQL_HOST=db
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nextcloud
-      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
      - NEXTCLOUD_ADMIN_USER=${ADMIN_USER}
      - NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/admin_password
      - NEXTCLOUD_TRUSTED_DOMAINS=${DOMAIN}
@ -73,28 +69,13 @@ services:
        failure_action: rollback
        order: start-first
      labels:
-        - "coop-cloud.${STACK_NAME}.version=1.0.0+23.0.1-fpm"
+        - "coop-cloud.${STACK_NAME}.version=2.1.0+24.0.0-fpm"
+        - "backupbot.backup=true"
+        - "backupbot.backup.path=/var/www/html/config/,/var/www/html/data/,/var/www/html/custom_apps/"

-  db:
-    image: "mariadb:10.5"
-    environment:
-      - MYSQL_DATABASE=nextcloud
-      - MYSQL_USER=nextcloud
-      - MYSQL_PASSWORD_FILE=/run/secrets/db_password
-      - MYSQL_ROOT_PASSWORD_FILE=/run/secrets/db_root_password
-    configs:
-      - source: my_tune
-        target: /etc/mysql/conf.d/my-tune.cnf
-    secrets:
-      - db_root_password
-      - db_password
-    volumes:
-      - "mariadb:/var/lib/mysql"
-    networks:
-      - internal

  cron:
-    image: nextcloud:23.0.1-fpm
+    image: nextcloud:24.0.0-fpm
    volumes:
      - nextcloud:/var/www/html/
      - nextapps:/var/www/html/custom_apps:cached
@ -106,7 +87,7 @@ services:
    entrypoint: /cron.sh

  cache:
-    image: redis:6.2.5-alpine
+    image: redis:7.0.0-alpine
    networks:
      - internal
    volumes:
@ -128,7 +109,6 @@ volumes:
  nextapps:
  nextdata:
  nextconfig:
-  mariadb:
  redis:

 configs:
@ -139,9 +119,6 @@ configs:
  fpm_tune:
    name: ${STACK_NAME}_fpm_tune_${FPM_TUNE_VERSION}
    file: fpm-tune.ini
-  my_tune:
-    name: ${STACK_NAME}_my_cnf_${MY_CNF_VERSION}
-    file: my-tune.cnf

 networks:
  proxy:
--- a/configure_nextcloud.sh
+++ b/configure_nextcloud.sh
@ -0,0 +1,55 @@
+#!/bin/bash
+
+set -eu
+
+app_name=$1
+domain=$2
+secret=$3
+
+sub_occ(){
+abra app run --user www-data $app_name app /var/www/html/occ "$@"
+}
+
+# Install apps
+sub_occ app:install calendar || true
+sub_occ app:install sociallogin || true
+sub_occ app:install onlyoffice || true
+
+# Disable Dashboard
+sub_occ app:disable dashboard || true
+
+# Configure SSO
+
+sub_occ config:app:set sociallogin custom_providers --value="
+{
+  \"custom_oidc\": [
+    {
+      \"name\": \"authentik\",
+      \"title\": \"Login\",
+      \"authorizeUrl\": \"https://$domain/application/o/authorize/\",
+      \"tokenUrl\": \"https://$domain/application/o/token/\",
+      \"displayNameClaim\": \"preferred_username\",
+      \"userInfoUrl\": \"https://$domain/application/o/userinfo/\",
+      \"logoutUrl\": \"https://$domain/application/o/nextcloud/end-session/\",
+      \"clientId\": \"nextcloud\",
+      \"clientSecret\": \"$secret\",
+      \"scope\": \"openid profile email nextcloud\",
+      \"groupsClaim\": \"nextcloud_groups\",
+      \"style\": \"openid\",
+      \"defaultGroup\": \"\",
+      \"groupMapping\": {
+        \"admin\": \"admin\"
+      }
+    }
+  ]
+}"
+
+sub_occ config:app:set sociallogin update_profile_on_login --value 1
+sub_occ config:app:set sociallogin auto_create_groups --value 1
+sub_occ config:app:set sociallogin hide_default_login --value 1
+
+sub_occ config:system:set allow_user_to_change_display_name --value=false
+sub_occ config:system:set lost_password_link --value=disabled
+sub_occ config:system:set social_login_auto_redirect --value=true
+
+abra app run --user www-data $app_name app cat config/config.php
--- a/releases/2.0.0+23.0.3-fpm
+++ b/releases/2.0.0+23.0.3-fpm
@ -0,0 +1,6 @@
+2.0.0 introduces a minor nextcloud update to 23.0.4 and moves the database service to a seperate override.yml file to support different database types (mariadb / postgres). This might break your installation. Please add the following snippet to your config .env to ensure the right db is used:
+
+```
+COMPOSE_FILE="compose.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml"
+```
Author	SHA1	Message	Date
Philipp Rothmann	5ee0547315	add shellscript	2022-08-04 18:29:38 +02:00
Philipp Rothmann	801e0a0762	chore: publish 2.1.0+24.0.0-fpm release	2022-05-18 11:12:59 +02:00
Philipp Rothmann	01f610d02f	chore: publish 2.0.0+23.0.4-fpm release	2022-05-18 10:49:30 +02:00
yksflip	12eea19cab	add postgres db (#26 ) This PR moves the db service into two override files `compose.mariadb.yml` and `compose.postgres.yml`. Existing installations need to add: ``` COMPOSE_FILE="compose.yml" COMPOSE_FILE="$COMPOSE_FILE:compose.mariadb.yml" ``` to their .env file to ensure mariadb is still used. Co-authored-by: Philipp Rothmann <philipprothmann@posteo.de> Reviewed-on: coop-cloud/nextcloud#26	2022-05-18 08:36:26 +00:00
3wc	c4eed9d8ea	Add upgrade fixing before I forget it again	2022-03-24 03:17:29 +02:00
decentral1se	986a6024fd	multiple sso buttons	2022-03-16 12:46:34 +01:00
decentral1se	a4102cd0ca	chore: remove old config, not there anymore	2022-02-10 13:37:20 +01:00