diff --git a/.gitignore b/.gitignore
index 15b0752..37b4d93 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,6 @@
-/data/app
+/data/data
/backup
nextcloud.conf
+db.env
+cloud.env
+docker-compose.override.yml
diff --git a/README.md b/README.md
index 25a5311..c6dd946 100644
--- a/README.md
+++ b/README.md
@@ -1,10 +1,11 @@
# Nextcloud
- [](https://paypal.me/pgollor) [](https://hub.docker.com/r/pgollor/nextcloud/)
-- app: [](https://jenkins.pgollor.de/job/nextcloud-docker-app/) [](https://microbadger.com/images/pgollor/nextcloud:app-latest "Get your own image badge on microbadger.com") [](https://microbadger.com/images/pgollor/nextcloud:app-latest "Get your own version badge on microbadger.com") [](https://hub.docker.com/_/nextcloud/)
+- app: [](https://jenkins.pgollor.de/job/nextcloud-docker-app-dev/) [](https://microbadger.com/images/pgollor/nextcloud:app-dev-latest "Get your own image badge on microbadger.com") [](https://microbadger.com/images/pgollor/nextcloud:app-dev-latest "Get your own version badge on microbadger.com") [](https://hub.docker.com/_/nextcloud/)
- web: [](https://jenkins.pgollor.de/job/nextcloud-docker-web/) [](https://microbadger.com/images/pgollor/nextcloud:web-latest "Get your own image badge on microbadger.com") [](https://microbadger.com/images/pgollor/nextcloud:web-latest "Get your own version badge on microbadger.com")
-Docker compose files for nextcloud
+Docker compose files for nextcloud with database and redis container.
+This compose set is designed fo rusing behing a revers proxy which handels the ssl certificates.
## Information
@@ -19,6 +20,10 @@
## Update hints
+### 20 to 21
+
+All containers and volumes are renamed. Make a full backup and restore it. Untestet now!
+
### 14.0.4 to 14.0.16
If you get a database error for the `activity` table, please have a look at this [issue](https://github.com/nextcloud/activity/issues/309#issuecomment-436929111).
diff --git a/backup.sh b/backup.sh
index 7721b8e..9e7b1b3 100755
--- a/backup.sh
+++ b/backup.sh
@@ -1,12 +1,14 @@
#!/bin/bash
+# project name (by default directory name of the compose project)
+PROJECT_NAME=nextcloud
# backup directory
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
backupDir=${SCRIPT_DIR}/backup
# create directories
-mkdir -p ${backupDir}/app
+mkdir -p ${backupDir}/config
mkdir -p ${backupDir}/docker-conf
mkdir -p ${backupDir}/data
mkdir -p ${backupDir}/db
@@ -14,21 +16,22 @@
# current date
currentDate=$(date +"%Y-%m-%d_%H-%M-%S")
-# backup mysql
+# backup database
dbFile="${backupDir}/db/${currentDate}.sql"
-docker exec $(docker container ls -qf name=nextcloud-database) sh -c 'mysqldump --single-transaction=TRUE --lock-tables --default-character-set=utf8mb4 -uroot -p"${MYSQL_ROOT_PASSWORD}" ${MYSQL_DATABASE}' > ${dbFile}
+docker exec $(docker container ls -qf name=${PROJECT_NAME}_database) sh -c 'mysqldump --single-transaction=TRUE --lock-tables --default-character-set=utf8mb4 -uroot -p"${MYSQL_ROOT_PASSWORD}" ${MYSQL_DATABASE}' > ${dbFile}
sed -i "/^mysqldump: \\[Warning\\]/d" ${dbFile}
tar -cj ${dbFile} -f "${dbFile}.tbz2"
rm ${dbFile}
-# backup app data as root because of permission problems
-sudo tar -C data -I pbzip2 -pc app -f "${backupDir}/app/${currentDate}.tbz2"
+# backup nextcloud conf directory as root because of permission problems
+docker run --rm -v ${PROJECT_NAME}_app-vol-1:/volume -v "${backupDir}/config":/backup debian:buster-slim bash -c "cd /volume/config && tar -czf /backup/${currentDate}.tar ." &> /dev/null
# backup data as root because of permission problems
-#sudo tar -C data -I pbzip2 -pc data -f "${backupDir}/data/${currentDate}.tbz2"
+docker run --rm -v ${PROJECT_NAME}_data-vol-1:/volume -v "${backupDir}/data":/backup debian:buster-slim bash -c "cd /volume && tar -czf /backup/${currentDate}.tar ." &> /dev/null
-# backup config files
-tar -pcj nextcloud.conf -f "${backupDir}/docker-conf/${currentDate}.tbz2"
+# backup docker config files
+tar -pcj nextcloud.conf db.env cloud.env -f "${backupDir}/docker-conf/${currentDate}.tbz2"
# delete all files older 30 days
find ${backupDir} -iname "*.tbz2" -type f -mtime +10 -exec rm {} \; > /dev/null
+
diff --git a/cloud.env.example b/cloud.env.example
new file mode 100644
index 0000000..31c726c
--- /dev/null
+++ b/cloud.env.example
@@ -0,0 +1,2 @@
+# admin user password
+NEXTCLOUD_ADMIN_PASSWORD=changeme
diff --git a/db.env.example b/db.env.example
new file mode 100644
index 0000000..461e107
--- /dev/null
+++ b/db.env.example
@@ -0,0 +1,2 @@
+MYSQL_PASSWORD=changeme
+MYSQL_ROOT_PASSWORD=changeme
diff --git a/docker-compose.yml b/docker-compose.yml
index 884a9b2..c84a20d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,123 +1,84 @@
-version: '2.2'
+version: '3'
services:
- nextcloud-app:
- #build: ./docker/app
- image: pgollor/nextcloud:app-latest
+ app:
+ image: pgollor/nextcloud:app-dev-latest
+ build: ./docker/app
restart: always
- mem_limit: 512m
cpus: 1.5
- depends_on:
- - nextcloud-database
- - nextcloud-redis
+ env_file:
+ - db.env
+ - cloud.env
environment:
- - MYSQL_HOST=mysql
+ - MYSQL_HOST=db
- MYSQL_DATABASE=cloud
- MYSQL_USER=cloud
- - MYSQL_PASSWORD=${NEXTCLOUD_DATABASE_PASSWORD}
- NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
- - NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
- - NEXTCLOUD_DATA_DIR=/srv/data
- REDIS_HOST=redis
- TZ=${TZ}
+ - NEXTCLOUD_TRUSTED_DOMAINS=${NEXTCLOUD_TRUSTED_DOMAINS}
+ - OVERWRITEHOST=${NEXTCLOUD_OVERWRITEHOST}
+ - OVERWRITEPROTOCOL=https
tmpfs:
- /tmp
+ links:
+ - "database:db"
volumes:
- - ./data/app:/var/www/html
- - ./data/data:/srv/data
- networks:
- nextcloud-network:
- ipv4_address: ${NEXTCLOUD_IPV4_NETWORK:-172.22.5}.100
- aliases:
- - app
+ - app-vol-1:/var/www/html
+ - data-vol-1:/var/www/html/data
+ - ./data/config:/var/www/html/config
+ depends_on:
+ - database
+ - redis
- nextcloud-web:
- #build: ./docker/web
+ web:
image: pgollor/nextcloud:web-latest
restart: always
- mem_limit: 512m
logging:
driver: json-file
ports:
- "${NEXTCLOUD_WEB_BIND:-127.0.0.1}:${NEXTCLOUD_WEB_PORT:-8080}:80"
volumes:
- - ./data/app:/var/www/html:ro
+ - app-vol-1:/var/www/html:ro
+ links:
+ - "app:app"
depends_on:
- - nextcloud-app
- networks:
- nextcloud-network:
- ipv4_address: ${NEXTCLOUD_IPV4_NETWORK:-172.22.5}.101
- aliases:
- - web
+ - app
- nextcloud-database:
+ database:
image: mariadb
restart: always
- mem_limit: 1g
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
environment:
- - MYSQL_ROOT_PASSWORD=${NEXTCLOUD_DATABASE_ROOT}
- MYSQL_DATABASE=cloud
- MYSQL_USER=cloud
- - MYSQL_PASSWORD=${NEXTCLOUD_DATABASE_PASSWORD}
+ env_file:
+ - db.env
volumes:
- - nextcloud-db-vol-1:/var/lib/mysql/
- - ./data/conf/mysql:/etc/mysql/conf.d/:ro
+ - db-vol-1:/var/lib/mysql/
+ - ./data/mysql:/etc/mysql/conf.d/:ro
tmpfs:
- /tmp
- networks:
- nextcloud-network:
- ipv4_address: ${NEXTCLOUD_IPV4_NETWORK:-172.22.5}.102
- aliases:
- - mysql
- nextcloud-redis:
- mem_limit: 1g
+ redis:
image: redis:alpine
restart: always
- networks:
- nextcloud-network:
- aliases:
- - redis
- nextcloud-cron:
- #build: ./docker/app
- image: pgollor/nextcloud:app-latest
+ cron:
+ image: pgollor/nextcloud:app-dev-latest
restart: always
volumes:
- - ./data/app:/var/www/html
- - ./data/data:/srv/data
- user: www-data
- mem_limit: 256m
+ - app-vol-1:/var/www/html
+ - data-vol-1:/var/www/html/data
logging:
driver: json-file
- entrypoint: |
- bash -c 'bash -s <<EOF
- trap "break;exit" SIGHUP SIGINT SIGTERM
-
- while [ ! -f /var/www/html/config/config.php ]; do
- sleep 1
- done
-
- while true; do
- php -f /var/www/html/cron.php
- sleep 15m
- done
- EOF'
+ entrypoint: /cron.sh
depends_on:
- - nextcloud-database
- - nextcloud-redis
- networks:
- nextcloud-network:
-
-networks:
- nextcloud-network:
- driver: bridge
- enable_ipv6: false
- ipam:
- driver: default
- config:
- - subnet: ${NEXTCLOUD_IPV4_NETWORK:-172.22.5}.0/24
+ - database
+ - redis
volumes:
- nextcloud-db-vol-1:
+ db-vol-1:
+ app-vol-1:
+ data-vol-1:
+
diff --git a/docker/app/Dockerfile b/docker/app/Dockerfile
index a0355ac..475afeb 100644
--- a/docker/app/Dockerfile
+++ b/docker/app/Dockerfile
@@ -1,4 +1,4 @@
-FROM nextcloud:17-fpm
+FROM nextcloud:fpm
ARG NV
ARG VCS_REF
@@ -9,12 +9,20 @@
RUN apt-get update && \
apt-get install -y --no-install-recommends \
+ libgmp3-dev \
smbclient libsmbclient-dev \
- libbz2-dev
+ libbz2-dev \
+ libmagickcore-6.q16-6-extra \
+ ocrmypdf \
+ imagemagick ghostscript
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
RUN pecl install \
smbclient
RUN docker-php-ext-install bz2
+RUN docker-php-ext-install gmp
+RUN docker-php-ext-install bz2
+RUN docker-php-ext-install bcmath
RUN docker-php-ext-enable smbclient
+RUN sed -i '/domain="coder".*pattern="PDF"/c\<policy domain="coder" rights="read\|write" pattern="PDF" \/>' /etc/ImageMagick-6/policy.xml
COPY redis.config.php /usr/src/nextcloud/config/redis.config.php
diff --git a/generate_password.sh b/generate_password.sh
index 7ff8759..e0819c8 100755
--- a/generate_password.sh
+++ b/generate_password.sh
@@ -1,15 +1,23 @@
#!/bin/bash
-if [ ! -f "nextcloud.conf" ]; then
- cp nextcloud.conf.example nextcloud.conf
+if [ ! -f "db.env" ]; then
+ cp db.env.example db.env
pw1=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)
pw2=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)
- pw3=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)
- sed -i "/^NEXTCLOUD_DATABASE_ROOT/c\\\NEXTCLOUD_DATABASE_ROOT=${pw1}" nextcloud.conf
- sed -i "/^NEXTCLOUD_DATABASE_PASSWORD/c\\\NEXTCLOUD_DATABASE_PASSWORD=${pw2}" nextcloud.conf
- sed -i "/^NEXTCLOUD_ADMIN_PASSWORD/c\\\NEXTCLOUD_ADMIN_PASSWORD=${pw3}" nextcloud.conf
+ sed -i "/^MYSQL_PASSWORD/c\\\MYSQL_PASSWORD=${pw1}" db.env
+ sed -i "/^MYSQL_ROOT_PASSWORD/c\\\MYSQL_ROOT_PASSWORD=${pw2}" db.env
else
- echo "File already exists!"
+ echo "db.env already exists!"
+fi
+
+if [ ! -f "cloud.env" ]; then
+ cp cloud.env.example cloud.env
+
+ pw1=$(</dev/urandom tr -dc A-Za-z0-9 | head -c 28)
+
+ sed -i "/^NEXTCLOUD_ADMIN_PASSWORD/c\\\NEXTCLOUD_ADMIN_PASSWORD=${pw1}" cloud.env
+else
+ echo "cloud.env already exists!"
fi
diff --git a/nextcloud.conf.example b/nextcloud.conf.example
index bbe3689..cee84c6 100644
--- a/nextcloud.conf.example
+++ b/nextcloud.conf.example
@@ -9,20 +9,11 @@
# admin user name
NEXTCLOUD_ADMIN_USER=admin
-# admin user password
-NEXTCLOUD_ADMIN_PASSWORD=changeme
+# your primary domain
+NEXTCLOUD_OVERWRITEHOST="cloud.example.com"
-# ipv4 network (only first three bytes like: 172.22.5)
-NEXTCLOUD_IPV4_NETWORK=172.22.5
-
-
-## database configuration
-# mysql root user password
-NEXTCLOUD_DATABASE_ROOT=changeme
-
-# database password
-NEXTCLOUD_DATABASE_PASSWORD=changeme
-
+# comma seperated list of trusted domains
+NEXTCLOUD_TRUSTED_DOMAINS="cloud.example.com c.example.com"
## Timezone one of /usr/share/zoneinfo
TZ=Europe/Berlin