diff --git a/.Caddyfile b/.Caddyfile index be7c5a4..68d639c 100644 --- a/.Caddyfile +++ b/.Caddyfile @@ -1,5 +1,5 @@ :80 { - redir /.well-known/webfinger /public.php?service=webfinger 301 + redir /.well-known/webfinger /index.php/.well-known/webfinger 301 redir /.well-known/carddav /remote.php/dav 301 redir /.well-known/caldav /remote.php/dav 301 diff --git a/.gitignore b/.gitignore index 1a3fc57..858cb5e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,8 @@ /archive/ /.env +/app/ +/db/ +/user-files/ +/testing +/testing2 +build.log \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..31dc1a3 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,29 @@ +FROM nextcloud:fpm-alpine + +ADD custom_entrypoint.sh / + +# RUN if ! cat etc/group | grep host ; then \ +# addgroup --gid ${HOST_GROUP_ID:-1000} host; \ +# adduser -u ${HOST_USER_ID:-1000} -G host -g "" -D -H host host; \ +# fi +VOLUME /app +VOLUME /user-files + +RUN chmod +x /custom_entrypoint.sh &&\ + # apk add php81-pecl-imagick &&\ + apk add shadow --repository=http://dl-2.alpinelinux.org/alpine/edge/community &&\ + apk add bindfs --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing + +# add host user +RUN if ! cat /etc/group | grep host ; then \ + echo adding a host user to image; \ + addgroup --gid 1000 host; \ + adduser -u 1000 -G host -g "" -D -H host host; \ + else echo host user already exists; \ + fi \ + && cat /etc/group | grep host && cat /etc/passwd | grep host + +# will still run orginial entrypoint but will now adding this one on +ENTRYPOINT ["/custom_entrypoint.sh"] + + diff --git a/build b/build new file mode 100755 index 0000000..a006e0b --- /dev/null +++ b/build @@ -0,0 +1,4 @@ +#!/bin/bash +[[ $1 ]] && ENV_FILE=${1}.env || ENV_FILE=.env +export ENV_FILE; docker-compose --env-file $ENV_FILE build + diff --git a/config b/config new file mode 100755 index 0000000..7b609d7 --- /dev/null +++ b/config @@ -0,0 +1,4 @@ +#!/bin/bash +[[ $1 ]] && ENV_FILE=${1}.env || ENV_FILE=.env +ENV_FILE=$ENV_FILE NEXTCLOUD_INSTALL=$2 docker-compose --env-file $ENV_FILE config + diff --git a/custom_entrypoint.sh b/custom_entrypoint.sh new file mode 100644 index 0000000..dd04dc7 --- /dev/null +++ b/custom_entrypoint.sh @@ -0,0 +1,65 @@ +#!/bin/sh +echo custom entry point script, setting up containter +if [ $NEXTCLOUD_INSTALL ]; then + echo "********** INSTALLING ***************" + if [[ ! -f /app/config/config.php ]]; then + echo creating /var/www/data for user files + mkdir -p /var/www/data + chown www-data:www-data /var/www/data + echo removing execute command in original entry point script + sed -i '/exec "$@"/d' /entrypoint.sh + echo starting base nextcloud entrypoint install + . /entrypoint.sh php-fpm + echo base install in official docker completed, listing /var/www/html + ls -la /var/www/html + echo continuing with custom install + echo creating /user-files /app directorys for binding + echo "" > /var/www/html/phpinfo.php + rsync -a --chown=host:host /var/www/html/ /app/ + rm -rf /var/www/html/* + touch /var/www/data/.ocdata + rsync -a --chown=host:host /var/www/data/ /user-files/ + rm -rf /var/www/data/* + echo *********** DONE INSTALLING ******************"" + else + echo /app directory already exists can not install over existing installation, use upgrade + exit 2 + fi +fi + +[[ ! -f /user-files/.ocdata ]] && echo Nextcloud not installed can not continue && exit 1 + +if [[ ${HOST_GROUP_ID} ]]; then + echo changing host group id to ${HOST_GROUP_ID} + groupmod -g ${HOST_GROUP_ID} host + chown -R :host /user-files /app +fi +if [[ ${HOST_USER_ID} ]]; then + echo changing host user id to ${HOST_USER_ID} + usermod -u ${HOST_USER_ID} host + chown -R host: /user-files /app +fi + +echo binding /app to /var/www/html +bindfs --force-user=www-data --force-group=www-data --create-for-user=host --create-for-group=host --chown-ignore --chgrp-ignore /app /var/www/html +echo confirming mountpoint /var/www/html +mountpoint /var/www/html +if [[ $? -ne 0 ]]; then + echo FATAL error unable to bin /app to /var/www/html + exit 1 + else + ls -la /var/www/html +fi +echo binding /user-files to /var/www/data +bindfs --force-user=www-data --force-group=www-data --create-for-user=host --create-for-group=host --chown-ignore --chgrp-ignore /user-files /var/www/data +echo confirming mountpoint /var/www/data +mountpoint /var/www/data +if [[ $? -ne 0 ]]; then + echo FATAL error unable to bin /app to /var/www/html + exit 1 + else + ls -la /var/www/data +fi +echo starting php-fpm +php-fpm + diff --git a/dev.env b/dev.env new file mode 100644 index 0000000..6fe1465 --- /dev/null +++ b/dev.env @@ -0,0 +1,50 @@ +# copy this file to just .env and edit for your instance +# GENERAL +# https://timezonedb.com/time-zones +TZ=America/Los_Angles + +# NEXTCLOUD-MARIADB +MYSQL_ROOT_PASSWORD=uSW9ewBzWZglWCEUzV1i +MYSQL_PASSWORD=uSW9ewBzWZglWCEUzV1i +MYSQL_DATABASE=nextcloud +MYSQL_USER=nextcloud + +# NEXTCLOUD +# IP of your reverse proxy +TRUSTED_PROXIES=10.0.0.2 +NEXTCLOUD_DOMAIN=dev.cloud.kebler.net +# trusted domains must include NEXTCLOUD_DOMAIN above +NEXTCLOUD_TRUSTED_DOMAINS='dev.cloud.kebler.net giskard.kebler.net' +# default set at onboarding, also can change password after onboarding +# IMPORTANT! if not set here then source backup script will use 'admin' as user by default +NEXTCLOUD_ADMIN_USER=admin +NEXTCLOUD_ADMIN_PASSWORD=admin + + +HOST_GROUP_ID=1001 +HOST_USER_ID=1001 + +# USING SENDGRID FOR SENDING EMAILS (gmail example) +MAIL_DOMAIN=gmail.com +MAIL_FROM_ADDRESS=kebler.net +SMTP_SECURE=ssl +SMTP_HOST=smtp.gmail.com +SMTP_PORT=465 +SMTP_NAME=kebler.net +SMTP_PASSWORD=jznlfiytllacqkso + +# volumes can be found at /var/lib/docker/volumes but can be bound else via below +# DOCKER HOST Volume Bindings Parent Directory +# use only if you need/want to bind the three volumes elsewhere for easier access +# will create up to three directories parent/nextcloud/ +# must pre make all the directories /nextcloud/ == db,src,user-files with proper owner/group +# use the provided script +# must uncomment driver and driver opts in docker-compose.yml in the volumes stanza +HOST_NEXTCLOUD_PARENT_DIR=./testing2 +HOST_NEXTCLOUD_SRC=${HOST_NEXTCLOUD_PARENT_DIR}/app +HOST_NEXTCLOUD_USERFILES=${HOST_NEXTCLOUD_PARENT_DIR}/user-files +HOST_NEXTCLOUD_DB=${HOST_NEXTCLOUD_PARENT_DIR}/db + + + + diff --git a/docker-compose.yml b/docker-compose.yml index 29a7a12..122cac4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,10 +1,10 @@ +# https://www.datanovia.com/en/lessons/docker-compose-wait-for-container-using-wait-tool/docker-compose-wait-for-mysql-container-to-be-ready/ +# todo add wait on db version: '3' - -networks: - default: - external: - name: nextcloud_net - +# networks: +# default: +# external: +# name: nextcloud_net services: nextcloud-db: image: mariadb:latest @@ -12,36 +12,44 @@ services: hostname: nextcloud-db command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb_read_only_compressed=OFF restart: unless-stopped - env_file: .env + env_file: ${ENV_FILE} volumes: - - db:/var/lib/mysql - - phpmyadmin: - image: phpmyadmin:latest - container_name: nextcloud-db-web - links: - - nextcloud-db:db - environment: - PMA_HOST: db - PMA_PORT: 3306 - PMA_ARBITRARY: 1 - restart: unless-stopped - ports: - - 8081:80 + - ${HOST_NEXTCLOUD_DB:-db}:/var/lib/mysql + # + # nextcloud-db-admin: + # image: phpmyadmin:latest + # container_name: nextcloud-db-admin + # depends_on: + # - nextcloud-db + # links: + # - nextcloud-db:db + # environment: + # PMA_HOST: db + # PMA_PORT: 3306 + # PMA_ARBITRARY: 1 + # restart: unless-stopped + # ports: + # - 8081:80 nextcloud-redis: image: redis:alpine container_name: nextcloud-redis + depends_on: + - nextcloud-db hostname: nextcloud-redis restart: unless-stopped nextcloud-app: - image: nextcloud:fpm-alpine + image: uci-nextcloud-app + build: + context: . container_name: nextcloud-app hostname: nextcloud-app - restart: unless-stopped - env_file: .env + restart: ${RESTART:-unless-stopped} + privileged: true + env_file: ${ENV_FILE} environment: + - NEXTCLOUD_INSTALL - MYSQL_HOST=nextcloud-db - REDIS_HOST=nextcloud-redis - NEXTCLOUD_DATA_DIR=/var/www/data @@ -51,68 +59,89 @@ services: - nextcloud-db - nextcloud-redis volumes: - - src:/var/www/html - - data:/var/www/data + - ${HOST_NEXTCLOUD_SRC:-app}:/app + - ${HOST_NEXTCLOUD_USERFILES:-user-files}:/user-files nextcloud-web: image: caddy:latest container_name: nextcloud-web hostname: nextcloud-web restart: unless-stopped + depends_on: + - nextcloud-app ports: - 8080:80 - volumes: - - ./.Caddyfile:/etc/caddy/Caddyfile - - src:/var/www/html:ro links: - nextcloud-app - - collabora: - image: collabora/code:latest - container_name: nextcloud-collabora - restart: unless-stopped + # volumes_from: + # - nextcloud-app:ro volumes: - # make sure these exist on your host - - /etc/localtime:/etc/localtime - - /etc/timezone:/etc/timezone - ports: - - "9980:9980" - environment: - - 'server_name=${NEXTCLOUD_DOMAIN}' - - 'dictionaries=${COLLABRA_DICTIONARIES:-en_US}' - - extra_params=--o:ssl.enable=true --o:ssl.termination=false - cap_add: - - MKNOD - tty: true - # nextcloud-cron: - # image: nextcloud:fpm-alpine - # container_name: nextcloud-cron - # hostname: nextcloud-cron - # restart: unless-stopped - # volumes: - # - ./nextcloud-data/:/var/www/html - # entrypoint: /cron.sh - # depends_on: - # - nextcloud-db - # - nextcloud-redis + - ./.Caddyfile:/etc/caddy/Caddyfile + - ${HOST_NEXTCLOUD_SRC:-app}:/var/www/html:ro + # - ${HOST_NEXTCLOUD_SRC}:/var/www/html:ro + # + # collabora: + # image: collabora/code:latest + # container_name: nextcloud-collabora + # restart: unless-stopped + # volumes: + # # make sure these exist on your host + # - /etc/localtime:/etc/localtime + # - /etc/timezone:/etc/timezone + # ports: + # - "9980:9980" + # depends_on: + # - nextcloud-web + # environment: + # - 'server_name=${NEXTCLOUD_DOMAIN}' + # - 'dictionaries=${COLLABRA_DICTIONARIES:-en_US}' + # - extra_params=--o:ssl.enable=true --o:ssl.termination=false + # cap_add: + # - MKNOD + # tty: true + # + # nextcloud-cron: + # image: nextcloud:fpm-alpine + # container_name: nextcloud-cron + # hostname: nextcloud-cron + # restart: unless-stopped + # env_file: ${ENV_FILE} + # environment: + # - MYSQL_HOST=nextcloud-db + # - REDIS_HOST=nextcloud-redis + # - NEXTCLOUD_DATA_DIR=/var/www/data + # - OVERWRITEPROTOCOL=https + # - OVERWRITECLIURL=${NEXTCLOUD_DOMAIN} + # volumes: + # - ${HOST_NEXTCLOUD_SRC:-app}:/var/www/html + # - ${HOST_NEXTCLOUD_USERFILES:-user-files}:/var/www/data + # entrypoint: /cron.sh + # depends_on: + # - nextcloud-app + # if bindings are desired then uncomment out driver and driveropts for a volume + # YOU MUST FIRST move volumes to this location - # if bindings are not desired then comment out (or remove) driver and driveropts for a volume volumes: db: - driver: local - driver_opts: - o: bind - type: none - device: ${HOST_NEXTCLOUD_PARENT_DIR}/nextcloud/db - src: - driver: local - driver_opts: - o: bind - type: none - device: ${HOST_NEXTCLOUD_PARENT_DIR}/nextcloud/src - data: - driver: local - driver_opts: - o: bind - type: none - device: ${HOST_NEXTCLOUD_PARENT_DIR}/nextcloud/user-files + + # driver: local + # driver_opts: + # o: bind + # type: none + # device: ${HOST_NEXTCLOUD_DB} + + app: + + # driver: local + # driver_opts: + # o: bind + # type: none + # device: ${HOST_NEXTCLOUD_SRC} + + user-files: + + # driver: local + # driver_opts: + # o: bind + # type: none + # device: ${HOST_NEXTCLOUD_USERFILES} diff --git a/imagick-update b/imagick-update new file mode 100644 index 0000000..abc56bb --- /dev/null +++ b/imagick-update @@ -0,0 +1,5 @@ +#!/bin/bash +docker-compose exec nextcloud-app apt -y install libmagickcore-6.q16-6-extra + + + diff --git a/scripts/phpinfo.php b/phpinfo.php similarity index 100% rename from scripts/phpinfo.php rename to phpinfo.php diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..7de1c6e --- /dev/null +++ b/readme.md @@ -0,0 +1,24 @@ +Best not to use bind mounts with volumes. Better to use bindfs outside of docker to mount them elsewhere with an owner map. Install if need be + +on host make a nextcloud user with id 82 (which is www-data in fpm-alpine container) + +must run bindfs as sudo for mapping + +sudo bindfs --map=nextcloud/sysadmin /var/lib/docker/volumes/nextcloud_user-files/_data /data/nextcloud/user-files +sudo bindfs --map=nextcloud/sysadmin /var/lib/docker/volumes/nextcloud_src/_data /data/nextcloud/src + + +sudo mv +sudo bindfs -o nonempty --map=sysadmin/nextcloud /data/nextcloud/user-files /var/lib/docker/volumes/nextcloud_user-files/_data + +sudo bindfs -u nextcloud -g nextcloud /data/nextcloud/user-files /var/lib/docker/volumes/nextcloud_user-files/_data +bindfs -u nextcloud -g nextcloud /data/nextcloud/src /var/lib/docker/volumes/nextcloud_user-src/_data + +# adding container directory +apk add bindfs --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing +addgroup --gid 1000 host && \ +adduser -u 1000 -G host -g "" -D -H host && \ +mkdir -p /source && \ +mkdir -p /user-files &&\ +bindfs --force-user=host --force-group=host --create-for-user=www-data --create-for-group=www-data --chown-ignore --chgrp-ignore /var/www/html /source &&\ +bindfs --force-user=host --force-group=host --create-for-user=www-data --create-for-group=www-data --chown-ignore --chgrp-ignore /var/www/data /user-files diff --git a/restart b/restart index 6c18257..fd0037e 100755 --- a/restart +++ b/restart @@ -1,3 +1,3 @@ #!/bin/bash -docker-compose down -docker-compose up -d +./stop $@ +./start $@ diff --git a/scripts/imagick-update b/scripts/imagick-update new file mode 100755 index 0000000..7a304aa --- /dev/null +++ b/scripts/imagick-update @@ -0,0 +1,7 @@ +#!/bin/bash +docker exec -w /var/www/html -e admin=$1 nextcloud-app /bin/sh -c 'env' +# docker exec -w /var/www/html -e admin=$1 nextcloud-app /bin/sh -c 'env | grep NEXTCLOUD_ADMIN && tar -czvf /var/www/data/${admin:-admin}/files/backups/nextcloud-src_$(date '+%y-%m-%d_%T' + + + + diff --git a/scripts/preparehost b/scripts/preparehost new file mode 100755 index 0000000..c365734 --- /dev/null +++ b/scripts/preparehost @@ -0,0 +1,12 @@ +#!/bin/bash +source ../.env +echo making folder for volume userfiles at $HOST_NEXTCLOUD_USERFILES +sudo mkdir -p $HOST_NEXTCLOUD_USERFILES +sudo chown -R nextcloud:docker $HOST_NEXTCLOUD_USERFILES +echo making folder for volume web app source files at $HOST_NEXTCLOUD_SRC +sudo mkdir -p $HOST_NEXTCLOUD_SRC +sudo chown -R nextcloud:docker $HOST_NEXTCLOUD_SRC +echo making folder for volume database at $HOST_NEXTCLOUD_DB +sudo mkdir -p $HOST_NEXTCLOUD_DB +sudo chown -R 999:docker $HOST_NEXTCLOUD_DB +ls -la $HOST_NEXTCLOUD_PARENT_DIR/nextcloud diff --git a/scripts/setup b/scripts/setup new file mode 100755 index 0000000..81bc43f --- /dev/null +++ b/scripts/setup @@ -0,0 +1,8 @@ +#!/bin/bash +source ../.env +docker exec -it -u 82 nextcloud-app ./occ config:system:set default_phone_region --value="${1:-US}" +docker exec -it -u 82 nextcloud-app ./occ app:install passman +docker exec -it -u 82 nextcloud-app ./occ app:install richdocuments +echo "to finish collabra office setup go to settings,administration,Nextcloud Office" +echo "choose 'Use your own server' and enter '${NEXTCLOUD_DOMAIN}' for url" +echo $NEXTCLOUD_TRUSTED_DOMAINS \ No newline at end of file diff --git a/scripts/termcron b/scripts/termcron new file mode 100755 index 0000000..227910e --- /dev/null +++ b/scripts/termcron @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it nextcloud-cron /bin/sh diff --git a/scripts/termroot b/scripts/termroot index 883be40..584d78c 100755 --- a/scripts/termroot +++ b/scripts/termroot @@ -1,2 +1,2 @@ #!/bin/bash -docker exec -it -u root -w / nextcloud-app /bin/sh +docker exec -it -u root --privileged -w / nextcloud-app /bin/sh diff --git a/start b/start index 2a67cfd..db237c9 100755 --- a/start +++ b/start @@ -1,2 +1,3 @@ #!/bin/bash -docker-compose up -d +[[ $1 ]] && ENV_FILE=${1}.env || ENV_FILE=.env +export ENV_FILE; docker-compose --env-file $ENV_FILE up -d diff --git a/stop b/stop index 86699d3..405d7c1 100755 --- a/stop +++ b/stop @@ -1,2 +1,3 @@ #!/bin/bash -docker-compose down +[[ $1 ]] && ENV_FILE=${1}.env || ENV_FILE=.env +export ENV_FILE; docker-compose --env-file $ENV_FILE down \ No newline at end of file diff --git a/test b/test new file mode 100755 index 0000000..6f3f889 --- /dev/null +++ b/test @@ -0,0 +1,4 @@ +#!/bin/bash +[[ $1 ]] && ENV_FILE=${1}.env || ENV_FILE=.env +RESTART=no ENV_FILE=$ENV_FILE NEXTCLOUD_INSTALL=$2 docker-compose --env-file $ENV_FILE up + diff --git a/update b/update index 26a101a..79b790a 100755 --- a/update +++ b/update @@ -1,4 +1,6 @@ #!/bin/bash +[[ $1 ]] && ENV_FILE=${1}.env || ENV_FILE=.env +export ENV_FILE; docker-compose --env-file $ENV_FILE down docker-compose pull -docker-compose up -d --remove-orphans +export ENV_FILE; docker-compose --env-file $ENV_FILE up --remove-orphans -d yes | docker image prune