LAB-linuxserver/docker-nextcloud
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-nextcloud.git synced 2026-02-19 23:03:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

Use standard nginx.conf from lsio alpine nginx base image

Browse Source
This commit is contained in:
Eric Nemchik 2021-10-14 16:04:02 -05:00
parent f36f7620f6
commit bb7a68f1fd
12 changed files with 238 additions and 292 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
Dockerfile
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.15
# set version label
ARG BUILD_DATE
@ -12,18 +12,6 @@ ENV NEXTCLOUD_PATH="/config/www/nextcloud" \
LD_PRELOAD="/usr/lib/preloadable_libiconv.so"
RUN \
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies --upgrade \
autoconf \
automake \
file \
g++ \
gcc \
make \
php7-dev \
re2c \
samba-dev \
zlib-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
@ -31,52 +19,46 @@ RUN \
gnu-libiconv \
imagemagick \
libxml2 \
php7-apcu \
php7-bcmath \
php7-bz2 \
php7-ctype \
php7-curl \
php7-dom \
php7-exif \
php7-fileinfo \
php7-ftp \
php7-gd \
php7-gmp \
php7-iconv \
php7-imagick \
php7-imap \
php7-intl \
php7-ldap \
php7-mcrypt \
php7-memcached \
php7-opcache \
php7-pcntl \
php7-pdo_mysql \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-pgsql \
php7-phar \
php7-posix \
php7-redis \
php7-sodium \
php7-sqlite3 \
php7-xmlreader \
php7-zip \
php8-apcu \
php8-bcmath \
php8-bz2 \
php8-ctype \
php8-curl \
php8-dom \
php8-exif \
php8-fileinfo \
php8-ftp \
php8-gd \
php8-gmp \
php8-iconv \
php8-imap \
php8-intl \
php8-ldap \
php8-opcache \
php8-pcntl \
php8-pdo_mysql \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pecl-imagick \
php8-pecl-mcrypt \
php8-pecl-memcached \
php8-pgsql \
php8-phar \
php8-posix \
php8-redis \
php8-sodium \
php8-sqlite3 \
php8-xmlreader \
php8-zip \
samba-client \
sudo \
tar \
unzip && \
echo "**** compile smbclient ****" && \
git clone https://github.com/eduardok/libsmbclient-php.git /tmp/smbclient && \
cd /tmp/smbclient && \
phpize7 && \
./configure \
--with-php-config=/usr/bin/php-config7 && \
make && \
make install && \
apk add --no-cache \
--repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php8-pecl-smbclient && \
echo "**** configure php and nginx for nextcloud ****" && \
echo "extension="smbclient.so"" > /etc/php7/conf.d/00_smbclient.ini && \
echo 'apc.enable_cli=1' >> /etc/php7/conf.d/apcu.ini && \
echo 'apc.enable_cli=1' >> /etc/php8/conf.d/apcu.ini && \
sed -i \
-e 's/;opcache.enable.*=.*/opcache.enable=1/g' \
-e 's/;opcache.interned_strings_buffer.*=.*/opcache.interned_strings_buffer=16/g' \
@ -89,11 +71,11 @@ RUN \
-e 's/max_execution_time.*=.*30/max_execution_time=120/g' \
-e 's/upload_max_filesize.*=.*2M/upload_max_filesize=1024M/g' \
-e 's/post_max_size.*=.*8M/post_max_size=1024M/g' \
/etc/php7/php.ini && \
/etc/php8/php.ini && \
sed -i \
'/opcache.enable=1/a opcache.enable_cli=1' \
/etc/php7/php.ini && \
echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php7/php-fpm.conf && \
/etc/php8/php.ini && \
echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php8/php-fpm.conf && \
echo "**** set version tag ****" && \
if [ -z ${NEXTCLOUD_RELEASE+x} ]; then \
NEXTCLOUD_RELEASE=$(curl -sX GET https://api.github.com/repos/nextcloud/server/releases/latest \
@ -107,8 +89,6 @@ RUN \
tar xvf /app/nextcloud.tar.bz2 -C \
/tmp && \
echo "**** cleanup ****" && \
apk del --purge \
build-dependencies && \
rm -rf \
/tmp/*
@ -117,4 +97,3 @@ COPY root/ /
# ports and volumes
EXPOSE 443
VOLUME /config /data

99
Dockerfile.aarch64
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.15
# set version label
ARG BUILD_DATE
@ -12,18 +12,6 @@ ENV NEXTCLOUD_PATH="/config/www/nextcloud" \
LD_PRELOAD="/usr/lib/preloadable_libiconv.so"
RUN \
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies --upgrade \
autoconf \
automake \
file \
g++ \
gcc \
make \
php7-dev \
re2c \
samba-dev \
zlib-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
@ -31,52 +19,46 @@ RUN \
gnu-libiconv \
imagemagick \
libxml2 \
php7-apcu \
php7-bcmath \
php7-bz2 \
php7-ctype \
php7-curl \
php7-dom \
php7-exif \
php7-fileinfo \
php7-ftp \
php7-gd \
php7-gmp \
php7-iconv \
php7-imagick \
php7-imap \
php7-intl \
php7-ldap \
php7-mcrypt \
php7-memcached \
php7-opcache \
php7-pcntl \
php7-pdo_mysql \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-pgsql \
php7-phar \
php7-posix \
php7-redis \
php7-sodium \
php7-sqlite3 \
php7-xmlreader \
php7-zip \
php8-apcu \
php8-bcmath \
php8-bz2 \
php8-ctype \
php8-curl \
php8-dom \
php8-exif \
php8-fileinfo \
php8-ftp \
php8-gd \
php8-gmp \
php8-iconv \
php8-imap \
php8-intl \
php8-ldap \
php8-opcache \
php8-pcntl \
php8-pdo_mysql \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pecl-imagick \
php8-pecl-mcrypt \
php8-pecl-memcached \
php8-pgsql \
php8-phar \
php8-posix \
php8-redis \
php8-sodium \
php8-sqlite3 \
php8-xmlreader \
php8-zip \
samba-client \
sudo \
tar \
unzip && \
echo "**** compile smbclient ****" && \
git clone https://github.com/eduardok/libsmbclient-php.git /tmp/smbclient && \
cd /tmp/smbclient && \
phpize7 && \
./configure \
--with-php-config=/usr/bin/php-config7 && \
make && \
make install && \
apk add --no-cache \
--repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php8-pecl-smbclient && \
echo "**** configure php and nginx for nextcloud ****" && \
echo "extension="smbclient.so"" > /etc/php7/conf.d/00_smbclient.ini && \
echo 'apc.enable_cli=1' >> /etc/php7/conf.d/apcu.ini && \
echo 'apc.enable_cli=1' >> /etc/php8/conf.d/apcu.ini && \
sed -i \
-e 's/;opcache.enable.*=.*/opcache.enable=1/g' \
-e 's/;opcache.interned_strings_buffer.*=.*/opcache.interned_strings_buffer=16/g' \
@ -89,11 +71,11 @@ RUN \
-e 's/max_execution_time.*=.*30/max_execution_time=120/g' \
-e 's/upload_max_filesize.*=.*2M/upload_max_filesize=1024M/g' \
-e 's/post_max_size.*=.*8M/post_max_size=1024M/g' \
/etc/php7/php.ini && \
/etc/php8/php.ini && \
sed -i \
'/opcache.enable=1/a opcache.enable_cli=1' \
/etc/php7/php.ini && \
echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php7/php-fpm.conf && \
/etc/php8/php.ini && \
echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php8/php-fpm.conf && \
echo "**** set version tag ****" && \
if [ -z ${NEXTCLOUD_RELEASE+x} ]; then \
NEXTCLOUD_RELEASE=$(curl -sX GET https://api.github.com/repos/nextcloud/server/releases/latest \
@ -107,8 +89,6 @@ RUN \
tar xvf /app/nextcloud.tar.bz2 -C \
/tmp && \
echo "**** cleanup ****" && \
apk del --purge \
build-dependencies && \
rm -rf \
/tmp/*
@ -117,4 +97,3 @@ COPY root/ /
# ports and volumes
EXPOSE 443
VOLUME /config /data

99
Dockerfile.armhf
View File

@ -1,4 +1,4 @@
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.14
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.15
# set version label
ARG BUILD_DATE
@ -12,18 +12,6 @@ ENV NEXTCLOUD_PATH="/config/www/nextcloud" \
LD_PRELOAD="/usr/lib/preloadable_libiconv.so"
RUN \
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies --upgrade \
autoconf \
automake \
file \
g++ \
gcc \
make \
php7-dev \
re2c \
samba-dev \
zlib-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
curl \
@ -31,52 +19,46 @@ RUN \
gnu-libiconv \
imagemagick \
libxml2 \
php7-apcu \
php7-bcmath \
php7-bz2 \
php7-ctype \
php7-curl \
php7-dom \
php7-exif \
php7-fileinfo \
php7-ftp \
php7-gd \
php7-gmp \
php7-iconv \
php7-imagick \
php7-imap \
php7-intl \
php7-ldap \
php7-mcrypt \
php7-memcached \
php7-opcache \
php7-pcntl \
php7-pdo_mysql \
php7-pdo_pgsql \
php7-pdo_sqlite \
php7-pgsql \
php7-phar \
php7-posix \
php7-redis \
php7-sodium \
php7-sqlite3 \
php7-xmlreader \
php7-zip \
php8-apcu \
php8-bcmath \
php8-bz2 \
php8-ctype \
php8-curl \
php8-dom \
php8-exif \
php8-fileinfo \
php8-ftp \
php8-gd \
php8-gmp \
php8-iconv \
php8-imap \
php8-intl \
php8-ldap \
php8-opcache \
php8-pcntl \
php8-pdo_mysql \
php8-pdo_pgsql \
php8-pdo_sqlite \
php8-pecl-imagick \
php8-pecl-mcrypt \
php8-pecl-memcached \
php8-pgsql \
php8-phar \
php8-posix \
php8-redis \
php8-sodium \
php8-sqlite3 \
php8-xmlreader \
php8-zip \
samba-client \
sudo \
tar \
unzip && \
echo "**** compile smbclient ****" && \
git clone https://github.com/eduardok/libsmbclient-php.git /tmp/smbclient && \
cd /tmp/smbclient && \
phpize7 && \
./configure \
--with-php-config=/usr/bin/php-config7 && \
make && \
make install && \
apk add --no-cache \
--repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php8-pecl-smbclient && \
echo "**** configure php and nginx for nextcloud ****" && \
echo "extension="smbclient.so"" > /etc/php7/conf.d/00_smbclient.ini && \
echo 'apc.enable_cli=1' >> /etc/php7/conf.d/apcu.ini && \
echo 'apc.enable_cli=1' >> /etc/php8/conf.d/apcu.ini && \
sed -i \
-e 's/;opcache.enable.*=.*/opcache.enable=1/g' \
-e 's/;opcache.interned_strings_buffer.*=.*/opcache.interned_strings_buffer=16/g' \
@ -89,11 +71,11 @@ RUN \
-e 's/max_execution_time.*=.*30/max_execution_time=120/g' \
-e 's/upload_max_filesize.*=.*2M/upload_max_filesize=1024M/g' \
-e 's/post_max_size.*=.*8M/post_max_size=1024M/g' \
/etc/php7/php.ini && \
/etc/php8/php.ini && \
sed -i \
'/opcache.enable=1/a opcache.enable_cli=1' \
/etc/php7/php.ini && \
echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php7/php-fpm.conf && \
/etc/php8/php.ini && \
echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /etc/php8/php-fpm.conf && \
echo "**** set version tag ****" && \
if [ -z ${NEXTCLOUD_RELEASE+x} ]; then \
NEXTCLOUD_RELEASE=$(curl -sX GET https://api.github.com/repos/nextcloud/server/releases/latest \
@ -107,8 +89,6 @@ RUN \
tar xvf /app/nextcloud.tar.bz2 -C \
/tmp && \
echo "**** cleanup ****" && \
apk del --purge \
build-dependencies && \
rm -rf \
/tmp/*
@ -117,4 +97,3 @@ COPY root/ /
# ports and volumes
EXPOSE 443
VOLUME /config /data

16
README.md
View File

@ -66,8 +66,7 @@ This image provides various versions that are available via tags. Please read th
| Tag | Available | Description |
| :----: | :----: |--- |
| latest | ✅ | Stable Nextcloud releases (currently php7) |
| php8 | ✅ | Experimental php8 based Nextcloud releases |
| latest | ✅ | Stable Nextcloud releases |
## Application Setup
@ -257,25 +256,26 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **20.08.22:** - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base)).
* **21.05.22:** - Update version check endpoint.
* **28.04.22:** - Increase OPCache interned strings buffered setting to 16.
* **14.04.22:** - Nginx default site config updated for v23 (existing users should delete `/config/nginx/site-confs/default` and restart the container). Fix LDAP connection.
* **11.09.21:** - Rebasing to alpine 3.14
* **21.03.21:** - Publish `php8` tag for testing.
* **25.02.21:** - Nginx default site config updated for v21 (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **25.02.21:** - Nginx default site config updated for v21 (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container).
* **21.01.21:** - Fix php iconv (was breaking the mail addon). If installed, attempt to remove broken CODE Server app during startup.
* **20.01.21:** - Increase php fcgi timeout to prevent 504 Gateway timeout errors (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **20.01.21:** - Increase php fcgi timeout to prevent 504 Gateway timeout errors (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container).
* **16.01.21:** - Rebasing to alpine 3.13. Users with issues on 32-bit arm, [see this article](https://docs.linuxserver.io/faq#my-host-is-incompatible-with-images-based-on-ubuntu-focal-and-alpine-3-13).
* **12.08.20:** - Various updates to default site config, including added support for webfinger (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **12.08.20:** - Various updates to default site config, including added support for webfinger (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container).
* **03.06.20:** - Rebasing to alpine 3.12
* **03.06.20:** - Add php7-bcmath and php7-fileinfo
* **31.05.20:** - Add aliases for occ and updater.phar
* **31.03.20:** - Allow crontab to be user customized, fix logrotate.
* **17.01.20:** - Updated php.ini defaults and site config, including an optional HSTS directive (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **17.01.20:** - Updated php.ini defaults and site config, including an optional HSTS directive (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container).
* **19.12.19:** - Rebasing to alpine 3.11.
* **18.11.19:** - Nginx default site config updated for v17 (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **18.11.19:** - Nginx default site config updated for v17 (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container).
* **28.10.19:** - Change cronjob to run every 5 minutes.
* **24.10.19:** - Nginx default site config updated due to CVE-2019-11043 (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **24.10.19:** - Nginx default site config updated due to CVE-2019-11043 (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container).
* **14.07.19:** - Download nextcloud during build time.
* **28.06.19:** - Rebasing to alpine 3.10.
* **23.03.19:** - Switching to new Base images, shift to arm32v7 tag.

46
package_versions.txt
View File

@ -2,7 +2,7 @@ alpine-baselayout-3.2.0-r16
alpine-keys-2.4-r0
alsa-lib-1.2.5-r2
aom-libs-1.0.0-r3
apache2-utils-2.4.54-r0
apache2-utils-2.4.51-r0
apk-tools-2.12.7-r0
apr-1.7.0-r1
apr-util-1.6.1-r7
@ -10,7 +10,7 @@ argon2-libs-20190702-r1
avahi-libs-0.8-r5
bash-5.1.16-r0
brotli-libs-1.0.9-r5
busybox-1.33.1-r8
busybox-1.33.1-r6
c-client-2007f-r11
ca-certificates-20220614-r0
ca-certificates-bundle-20220614-r0
@ -20,7 +20,7 @@ coreutils-8.32-r2
cups-libs-2.3.3-r3
curl-7.79.1-r2
dbus-libs-1.12.20-r2
expat-2.4.7-r0
expat-2.4.1-r0
ffmpeg-4.4.1-r0
ffmpeg-libs-4.4.1-r0
fontconfig-2.13.1-r4
@ -37,18 +37,18 @@ gnutls-3.7.1-r1
graphite2-1.3.14-r0
harfbuzz-2.8.1-r0
icu-libs-67.1-r2
imagemagick-7.0.11.14-r1
imagemagick-libs-7.0.11.14-r1
imagemagick-7.0.11.14-r0
imagemagick-libs-7.0.11.14-r0
jansson-2.13.1-r0
jbig2dec-0.19-r0
lame-3.100-r0
lcms2-2.12-r1
ldb-2.3.3-r0
libacl-2.2.53-r0
libarchive-3.5.3-r0
libarchive-3.5.2-r0
libass-0.15.1-r0
libattr-2.5.1-r0
libblkid-2.37.4-r0
libblkid-2.37.2-r0
libbsd-0.11.3-r0
libbz2-1.0.8-r1
libc-utils-0.7.2-r3
@ -72,11 +72,11 @@ libmagic-5.40-r1
libmcrypt-2.5.8-r9
libmd-1.0.3-r0
libmemcached-libs-1.0.18-r4
libmount-2.37.4-r0
libmount-2.37.2-r0
libogg-1.3.5-r0
libpciaccess-0.16-r0
libpng-1.6.37-r1
libpq-13.7-r0
libpq-13.5-r0
libproc-3.3.17-r0
libressl3.3-libcrypto-3.3.6-r0
libressl3.3-libssl-3.3.6-r0
@ -84,7 +84,7 @@ libretls-3.3.3p1-r3
librsvg-2.50.4-r1
libsasl-2.1.28-r0
libsm-1.2.3-r0
libsmbclient-4.14.12-r0
libsmbclient-4.14.8-r0
libsodium-1.0.18-r0
libsrt-1.4.2-r0
libssh-0.9.6-r0
@ -93,12 +93,12 @@ libstdc++-10.3.1_git20210424-r2
libtasn1-4.17.0-r0
libtheora-1.1.1-r16
libunistring-0.9.10-r1
libuuid-2.37.4-r0
libuuid-2.37.2-r0
libva-2.11.0-r0
libvdpau-1.4-r0
libvorbis-1.3.7-r0
libvpx-1.10.0-r0
libwbclient-4.14.12-r0
libwbclient-4.14.8-r0
libwebp-1.2.0-r2
libx11-1.7.2-r0
libxau-1.0.9-r0
@ -114,7 +114,7 @@ libxt-1.2.1-r0
libzip-1.7.3-r2
linux-pam-1.5.1-r1
lmdb-0.9.29-r0
logrotate-3.18.1-r3
logrotate-3.18.1-r0
lz4-libs-1.9.3-r1
musl-1.2.2-r3
musl-utils-1.2.2-r3
@ -123,14 +123,14 @@ ncurses-libs-6.2_p20210612-r1
ncurses-terminfo-base-6.2_p20210612-r1
nettle-3.7.3-r0
nghttp2-libs-1.43.0-r0
nginx-1.20.2-r1
nginx-1.20.2-r0
oniguruma-6.9.7.1-r0
openssl-1.1.1q-r0
opus-1.3.1-r1
p11-kit-0.23.22-r0
pango-1.48.5-r0
pcre-8.44-r0
pcre2-10.36-r1
pcre2-10.36-r0
php7-7.4.26-r0
php7-bcmath-7.4.26-r0
php7-bz2-7.4.26-r0
@ -181,11 +181,11 @@ popt-1.18-r0
procps-3.3.17-r0
readline-8.1.0-r0
s6-ipcserver-2.10.0.3-r0
samba-client-4.14.12-r0
samba-client-libs-4.14.12-r0
samba-common-4.14.12-r0
samba-libs-4.14.12-r0
samba-util-libs-4.14.12-r0
samba-client-4.14.8-r0
samba-client-libs-4.14.8-r0
samba-common-4.14.8-r0
samba-libs-4.14.8-r0
samba-util-libs-4.14.8-r0
scanelf-1.3.2-r0
sdl2-2.0.14-r1
shadow-4.8.1-r0
@ -193,14 +193,14 @@ shared-mime-info-2.1-r0
skalibs-2.10.0.3-r0
soxr-0.1.3-r2
sqlite-libs-3.35.5-r0
ssl_client-1.33.1-r8
ssl_client-1.33.1-r6
sudo-1.9.7_p1-r1
talloc-2.3.2-r1
tar-1.34-r0
tdb-libs-1.4.3-r1
tevent-0.10.2-r1
tiff-4.3.0-r0
tzdata-2022a-r0
tiff-4.2.0-r1
tzdata-2021e-r0
unzip-6.0-r9
utmps-0.1.0.2-r0
v4l-utils-libs-1.20.0-r0

16
readme-vars.yml
View File

@ -20,8 +20,7 @@ available_architectures:
# development version
development_versions: true
development_versions_items:
- { tag: "latest", desc: "Stable Nextcloud releases (currently php7)" }
- { tag: "php8", desc: "Experimental php8 based Nextcloud releases" }
- { tag: "latest", desc: "Stable Nextcloud releases" }
# container parameters
common_param_env_vars_enabled: true
@ -78,25 +77,26 @@ app_setup_block: |
# changelog
changelogs:
- { date: "20.08.22:", desc: "Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes announcement](https://info.linuxserver.io/issues/2022-08-20-nginx-base))." }
- { date: "21.05.22:", desc: "Update version check endpoint." }
- { date: "28.04.22:", desc: "Increase OPCache interned strings buffered setting to 16." }
- { date: "14.04.22:", desc: "Nginx default site config updated for v23 (existing users should delete `/config/nginx/site-confs/default` and restart the container). Fix LDAP connection." }
- { date: "11.09.21:", desc: "Rebasing to alpine 3.14" }
- { date: "21.03.21:", desc: "Publish `php8` tag for testing." }
- { date: "25.02.21:", desc: "Nginx default site config updated for v21 (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "25.02.21:", desc: "Nginx default site config updated for v21 (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container)." }
- { date: "21.01.21:", desc: "Fix php iconv (was breaking the mail addon). If installed, attempt to remove broken CODE Server app during startup." }
- { date: "20.01.21:", desc: "Increase php fcgi timeout to prevent 504 Gateway timeout errors (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "20.01.21:", desc: "Increase php fcgi timeout to prevent 504 Gateway timeout errors (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container)." }
- { date: "16.01.21:", desc: "Rebasing to alpine 3.13. Users with issues on 32-bit arm, [see this article](https://docs.linuxserver.io/faq#my-host-is-incompatible-with-images-based-on-ubuntu-focal-and-alpine-3-13)." }
- { date: "12.08.20:", desc: "Various updates to default site config, including added support for webfinger (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "12.08.20:", desc: "Various updates to default site config, including added support for webfinger (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container)." }
- { date: "03.06.20:", desc: "Rebasing to alpine 3.12" }
- { date: "03.06.20:", desc: "Add php7-bcmath and php7-fileinfo" }
- { date: "31.05.20:", desc: "Add aliases for occ and updater.phar" }
- { date: "31.03.20:", desc: "Allow crontab to be user customized, fix logrotate." }
- { date: "17.01.20:", desc: "Updated php.ini defaults and site config, including an optional HSTS directive (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "17.01.20:", desc: "Updated php.ini defaults and site config, including an optional HSTS directive (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container)." }
- { date: "19.12.19:", desc: "Rebasing to alpine 3.11." }
- { date: "18.11.19:", desc: "Nginx default site config updated for v17 (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "18.11.19:", desc: "Nginx default site config updated for v17 (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container)." }
- { date: "28.10.19:", desc: "Change cronjob to run every 5 minutes." }
- { date: "24.10.19:", desc: "Nginx default site config updated due to CVE-2019-11043 (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "24.10.19:", desc: "Nginx default site config updated due to CVE-2019-11043 (existing users should delete `/config/nginx/site-confs/default.conf` and restart the container)." }
- { date: "14.07.19:", desc: "Download nextcloud during build time." }
- { date: "28.06.19:", desc: "Rebasing to alpine 3.10." }
- { date: "23.03.19:", desc: "Switching to new Base images, shift to arm32v7 tag." }

92
root/defaults/default → root/defaults/nginx/site-confs/default.conf.sample
View File

@ -1,29 +1,35 @@
upstream php-handler {
server 127.0.0.1:9000;
}
## Version 2022/08/20 - Changelog: https://github.com/linuxserver/docker-nextcloud/commits/master/root/defaults/nginx/site-confs/default.conf.sample
# redirect all traffic to https
server {
listen 80;
listen [::]:80;
server_name _;
return 301 https://$host$request_uri;
listen 80 default_server;
listen [::]:80 default_server;
location / {
return 301 https://$host$request_uri;
}
}
# main server block
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name _;
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
server_name _;
root /config/www/nextcloud/;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# set max upload size
client_max_body_size 512M;
@ -39,35 +45,21 @@ server {
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
root /config/www/nextcloud/;
# display real ip in nginx logs when connected through reverse proxy via docker network
set_real_ip_from 172.0.0.0/8;
real_ip_header X-Forwarded-For;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = / {
if ( $http_user_agent ~ ^DavClnt ) {
@ -122,9 +114,9 @@ server {
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass php-handler;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass 127.0.0.1:9000;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
@ -144,8 +136,8 @@ server {
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
@ -154,7 +146,13 @@ server {
}
location / {
try_files $uri $uri/ /index.php$request_uri;
# enable for basic auth
#auth_basic "Restricted";
#auth_basic_user_file /config/nginx/.htpasswd;
}
# deny access to .htaccess/.htpasswd files
location ~ /\.ht {
deny all;
}
}

2
root/defaults/root
View File

@ -6,4 +6,4 @@
0 3 * * 6 run-parts /etc/periodic/weekly
0 5 1 * * run-parts /etc/periodic/monthly
# nextcloud cron
*/5 * * * * s6-setuidgid abc php7 -f /config/www/nextcloud/cron.php
*/5 * * * * s6-setuidgid abc php8 -f /config/www/nextcloud/cron.php

11
root/etc/cont-init.d/40-config
View File

@ -1,8 +1,13 @@
#!/usr/bin/with-contenv bash
# folders
mkdir -p \
/config \
/data
# permissions
chown abc:abc \
/config \
/data
/config \
/data
chown -R abc:abc \
/var/lib/nginx
/var/lib/nginx

19
root/etc/cont-init.d/50-install
View File

@ -2,19 +2,20 @@
# create folders
mkdir -p \
"${NEXTCLOUD_PATH}" \
/config/crontabs
"${NEXTCLOUD_PATH}" \
/config/crontabs
# install app
if [ ! -e "${NEXTCLOUD_PATH}/index.php" ]; then
tar xf /app/nextcloud.tar.bz2 -C \
"${NEXTCLOUD_PATH}" --strip-components=1
chown abc:abc -R \
"${NEXTCLOUD_PATH}"
chmod +x "${NEXTCLOUD_PATH}/occ"
tar xf /app/nextcloud.tar.bz2 -C \
"${NEXTCLOUD_PATH}" --strip-components=1
chown abc:abc -R \
"${NEXTCLOUD_PATH}"
chmod +x "${NEXTCLOUD_PATH}/occ"
fi
# set cronjob
[[ ! -f /config/crontabs/root ]] && \
cp /defaults/root /config/crontabs/root
if [[ ! -f /config/crontabs/root ]]; then
cp /defaults/root /config/crontabs/root
fi
cp /config/crontabs/root /etc/crontabs/root

7
root/etc/cont-init.d/60-memcache
View File

@ -1,9 +1,10 @@
#!/usr/bin/with-contenv bash
# copy config
[[ ! -f /config/www/nextcloud/config/config.php ]] && \
cp /defaults/config.php /config/www/nextcloud/config/config.php
if [[ ! -f /config/www/nextcloud/config/config.php ]]; then
cp /defaults/config.php /config/www/nextcloud/config/config.php
fi
# permissions
chown abc:abc \
/config/www/nextcloud/config/config.php
/config/www/nextcloud/config/config.php

24
root/etc/cont-init.d/70-aliases
View File

@ -1,20 +1,24 @@
#!/usr/bin/with-contenv bash
## Set alias for occ and make executable
[[ ! -f /usr/bin/occ ]] && \
echo -e '#!/bin/bash\nsudo -u abc -s /bin/bash -c "php7 /config/www/nextcloud/occ $*"' > /usr/bin/occ
if [[ ! -f /usr/bin/occ ]]; then
echo -e '#!/bin/bash\nsudo -u abc -s /bin/bash -c "php8 /config/www/nextcloud/occ $*"' > /usr/bin/occ
fi
[[ ! -x /usr/bin/occ ]] && \
chmod +x /usr/bin/occ
if [[ ! -x /usr/bin/occ ]]; then
chmod +x /usr/bin/occ
fi
## Set alias for updater.phar and make executable
[[ ! -f /usr/bin/updater.phar ]] && \
echo -e '#!/bin/bash\nsudo -u abc -s /bin/bash -c "php7 /config/www/nextcloud/updater/updater.phar $*"' > /usr/bin/updater.phar
if [[ ! -f /usr/bin/updater.phar ]]; then
echo -e '#!/bin/bash\nsudo -u abc -s /bin/bash -c "php8 /config/www/nextcloud/updater/updater.phar $*"' > /usr/bin/updater.phar
fi
[[ ! -x /usr/bin/updater.phar ]] && \
chmod +x /usr/bin/updater.phar
if [[ ! -x /usr/bin/updater.phar ]]; then
chmod +x /usr/bin/updater.phar
fi
if ( occ app:list --no-interaction | grep -q richdocumentscode) 2>/dev/null; then
echo "Removing CODE Server"
occ app:remove --no-interaction richdocumentscode 2>/dev/null
echo "Removing CODE Server"
occ app:remove --no-interaction richdocumentscode 2>/dev/null
fi