commit a03f3469b871924a22a3759fc0490c6c8e9fdb9a Author: kebler.net Date: Fri Sep 16 08:26:26 2022 -0700 First commit - working nextcloud 24 install via docker containers with collabra server and passman app diff --git a/.Caddyfile b/.Caddyfile new file mode 100644 index 0000000..be7c5a4 --- /dev/null +++ b/.Caddyfile @@ -0,0 +1,48 @@ +:80 { + redir /.well-known/webfinger /public.php?service=webfinger 301 + redir /.well-known/carddav /remote.php/dav 301 + redir /.well-known/caldav /remote.php/dav 301 + + header { + # enable HSTS + Strict-Transport-Security max-age=31536000; + } + + # .htaccess / data / config / ... shouldn't be accessible from outside + @forbidden { + path /.htaccess + path /data/* + path /config/* + path /db_structure + path /.xml + path /README + path /3rdparty/* + path /lib/* + path /templates/* + path /occ + path /console.php + } + respond @forbidden 404 + + + @collabora { + path /browser/* # Browser is the client part of LibreOffice Online + path /hosting/discovery # WOPI discovery URL + path /hosting/capabilities # Show capabilities as json + path /cool/* # Main websocket, uploads/downloads, presentations + } + + reverse_proxy @collabora collabora:9980 { + header_up Host "newcloud.kebler.net" + transport http { + tls_insecure_skip_verify + } + } + + root * /var/www/html + php_fastcgi nextcloud-app:9000 { + env front_controller_active true # Remove index.php form url + root /var/www/html + } + file_server +} \ No newline at end of file diff --git a/.env-example b/.env-example new file mode 100644 index 0000000..15ef596 --- /dev/null +++ b/.env-example @@ -0,0 +1,41 @@ +# copy this file to just .env and edit for your instance +# GENERAL +# https://timezonedb.com/time-zones +TZ=America/Los_Angles + +# NEXTCLOUD-MARIADB +MYSQL_ROOT_PASSWORD= +MYSQL_PASSWORD= +MYSQL_DATABASE=nextcloud +MYSQL_USER=nextcloud + +# NEXTCLOUD +TRUSTED_PROXIES= +NEXTCLOUD_DOMAIN= +TRUSTED_DOMAINS=,, +# default set at onboarding, also can change password after onboarding +# IMPORTANT! if not set here then source backup script will use 'admin' as user by default +NEXTCLOUD_ADMIN_USER=admin +NEXTCLOUD_ADMIN_PASSWORD=admin + + +# USING SENDGRID FOR SENDING EMAILS (gmail example) +MAIL_DOMAIN=gmail.com +MAIL_FROM_ADDRESS= +SMTP_SECURE=ssl +SMTP_HOST=smtp.gmail.com +SMTP_PORT=465 +SMTP_NAME= +SMTP_PASSWORD= + +# volumes can be found at /var/lib/docker/volumes but can be bound else via below +# DOCKER HOST Volume Bindings Parent Directory +# use only if you need/want to bind the three volumes elsewhere for easier access +# will create up to three directories parent/nextcloud/ +# must pre make all the directories /nextcloud/ == db,src,user-files +# must uncomment driver and driver opts in docker-compose.yml in the volumes stanza +# HOST_NEXTCLOUD_PARENT_DIR=/data + + + + diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..1a3fc57 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/archive/ +/.env diff --git a/clrlog b/clrlog new file mode 100755 index 0000000..b69674c --- /dev/null +++ b/clrlog @@ -0,0 +1,3 @@ +#!/bin/bash +docker exec -it -u 82 nextcloud-app rm ./data/nextcloud.log +docker exec -it -u 82 nextcloud-app touch ./data/nextcloud.log \ No newline at end of file diff --git a/dbdump b/dbdump new file mode 100755 index 0000000..2d6f805 --- /dev/null +++ b/dbdump @@ -0,0 +1,8 @@ +#!/bin/bash +# docker exec --env-file .env -w /var/lib/mysql nextcloud-db /bin/bash -c 'env | grep MYSQL && ls -la && mysql -p${MYSQL_ROOT_PASSWORD}' +# docker exec -w /var/lib/mysql nextcloud-db /bin/bash -c 'env | grep MYSQL && ls -la' +# docker exec -w /var/lib/mysql -e args=$1 nextcloud-db /bin/bash -c 'mysql -p${MYSQL_ROOT_PASSWORD} $args' +docker exec -w /var/lib/mysql -e args=$1 nextcloud-db /bin/bash -c 'mysqldump -p${MYSQL_ROOT_PASSWORD} $args > nextcloud.sql' +docker exec -w /var/lib/mysql nextcloud-db /bin/bash -c 'ls -la | grep .sql' + + diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..29a7a12 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,118 @@ +version: '3' + +networks: + default: + external: + name: nextcloud_net + +services: + nextcloud-db: + image: mariadb:latest + container_name: nextcloud-db + hostname: nextcloud-db + command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW --innodb_read_only_compressed=OFF + restart: unless-stopped + env_file: .env + volumes: + - db:/var/lib/mysql + + phpmyadmin: + image: phpmyadmin:latest + container_name: nextcloud-db-web + links: + - nextcloud-db:db + environment: + PMA_HOST: db + PMA_PORT: 3306 + PMA_ARBITRARY: 1 + restart: unless-stopped + ports: + - 8081:80 + + nextcloud-redis: + image: redis:alpine + container_name: nextcloud-redis + hostname: nextcloud-redis + restart: unless-stopped + + nextcloud-app: + image: nextcloud:fpm-alpine + container_name: nextcloud-app + hostname: nextcloud-app + restart: unless-stopped + env_file: .env + environment: + - MYSQL_HOST=nextcloud-db + - REDIS_HOST=nextcloud-redis + - NEXTCLOUD_DATA_DIR=/var/www/data + - OVERWRITEPROTOCOL=https + - OVERWRITECLIURL=${NEXTCLOUD_DOMAIN} + depends_on: + - nextcloud-db + - nextcloud-redis + volumes: + - src:/var/www/html + - data:/var/www/data + + nextcloud-web: + image: caddy:latest + container_name: nextcloud-web + hostname: nextcloud-web + restart: unless-stopped + ports: + - 8080:80 + volumes: + - ./.Caddyfile:/etc/caddy/Caddyfile + - src:/var/www/html:ro + links: + - nextcloud-app + + collabora: + image: collabora/code:latest + container_name: nextcloud-collabora + restart: unless-stopped + volumes: + # make sure these exist on your host + - /etc/localtime:/etc/localtime + - /etc/timezone:/etc/timezone + ports: + - "9980:9980" + environment: + - 'server_name=${NEXTCLOUD_DOMAIN}' + - 'dictionaries=${COLLABRA_DICTIONARIES:-en_US}' + - extra_params=--o:ssl.enable=true --o:ssl.termination=false + cap_add: + - MKNOD + tty: true + # nextcloud-cron: + # image: nextcloud:fpm-alpine + # container_name: nextcloud-cron + # hostname: nextcloud-cron + # restart: unless-stopped + # volumes: + # - ./nextcloud-data/:/var/www/html + # entrypoint: /cron.sh + # depends_on: + # - nextcloud-db + # - nextcloud-redis + + # if bindings are not desired then comment out (or remove) driver and driveropts for a volume +volumes: + db: + driver: local + driver_opts: + o: bind + type: none + device: ${HOST_NEXTCLOUD_PARENT_DIR}/nextcloud/db + src: + driver: local + driver_opts: + o: bind + type: none + device: ${HOST_NEXTCLOUD_PARENT_DIR}/nextcloud/src + data: + driver: local + driver_opts: + o: bind + type: none + device: ${HOST_NEXTCLOUD_PARENT_DIR}/nextcloud/user-files diff --git a/log b/log new file mode 100755 index 0000000..dbcf5b4 --- /dev/null +++ b/log @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it -u 82 nextcloud-app cat ./data/nextcloud.log \ No newline at end of file diff --git a/occ b/occ new file mode 100755 index 0000000..13229d9 --- /dev/null +++ b/occ @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it -u 82 nextcloud-app ./occ $@ \ No newline at end of file diff --git a/phonesetup b/phonesetup new file mode 100755 index 0000000..e868888 --- /dev/null +++ b/phonesetup @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it -u 82 nextcloud-app ./occ config:system:set default_phone_region --value="${1:-US}" \ No newline at end of file diff --git a/phpinfo.php b/phpinfo.php new file mode 100644 index 0000000..147cebc --- /dev/null +++ b/phpinfo.php @@ -0,0 +1 @@ + diff --git a/restart b/restart new file mode 100755 index 0000000..6c18257 --- /dev/null +++ b/restart @@ -0,0 +1,3 @@ +#!/bin/bash +docker-compose down +docker-compose up -d diff --git a/scanfiles b/scanfiles new file mode 100755 index 0000000..4490f10 --- /dev/null +++ b/scanfiles @@ -0,0 +1,9 @@ +#!/bin/bash +user=${1:---all} +echo scanning files for $user +read -p "continue? (y) : " ans +if [ $ans == "y" ]; then + docker exec -it -u 82 nextcloud-app ./occ files:scan $user + else + echo command aborted +fi diff --git a/start b/start new file mode 100755 index 0000000..2a67cfd --- /dev/null +++ b/start @@ -0,0 +1,2 @@ +#!/bin/bash +docker-compose up -d diff --git a/stop b/stop new file mode 100755 index 0000000..86699d3 --- /dev/null +++ b/stop @@ -0,0 +1,2 @@ +#!/bin/bash +docker-compose down diff --git a/tarsrc b/tarsrc new file mode 100755 index 0000000..7a304aa --- /dev/null +++ b/tarsrc @@ -0,0 +1,7 @@ +#!/bin/bash +docker exec -w /var/www/html -e admin=$1 nextcloud-app /bin/sh -c 'env' +# docker exec -w /var/www/html -e admin=$1 nextcloud-app /bin/sh -c 'env | grep NEXTCLOUD_ADMIN && tar -czvf /var/www/data/${admin:-admin}/files/backups/nextcloud-src_$(date '+%y-%m-%d_%T' + + + + diff --git a/term b/term new file mode 100755 index 0000000..84ccc9c --- /dev/null +++ b/term @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it -u 82 nextcloud-app /bin/sh diff --git a/termdb b/termdb new file mode 100755 index 0000000..c47bc3a --- /dev/null +++ b/termdb @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it nextcloud-db /bin/sh diff --git a/termroot b/termroot new file mode 100755 index 0000000..883be40 --- /dev/null +++ b/termroot @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it -u root -w / nextcloud-app /bin/sh diff --git a/termweb b/termweb new file mode 100755 index 0000000..0ed3872 --- /dev/null +++ b/termweb @@ -0,0 +1,2 @@ +#!/bin/bash +docker exec -it nextcloud-web /bin/sh diff --git a/update b/update new file mode 100755 index 0000000..26a101a --- /dev/null +++ b/update @@ -0,0 +1,4 @@ +#!/bin/bash +docker-compose pull +docker-compose up -d --remove-orphans +yes | docker image prune