mirror of
https://github.com/linuxserver/docker-nextcloud.git
synced 2026-06-03 09:57:35 +00:00
first commit
This commit is contained in:
+91
@@ -0,0 +1,91 @@
|
||||
FROM lsiobase/alpine.nginx
|
||||
MAINTAINER sparklyballs
|
||||
|
||||
# set nextcloud version and path
|
||||
ENV NEXTCLOUD_VER="9.0.51"
|
||||
ENV WWW_ROOT="/config/www"
|
||||
ENV NEXTCLOUD_PATH="${WWW_ROOT}/nextcloud"
|
||||
|
||||
# install build-dependencies
|
||||
RUN \
|
||||
apk add --no-cache --virtual=build-dependencies \
|
||||
autoconf \
|
||||
automake \
|
||||
file \
|
||||
g++ \
|
||||
gcc \
|
||||
make \
|
||||
php5-dev \
|
||||
re2c \
|
||||
samba-dev \
|
||||
zlib-dev && \
|
||||
|
||||
# fetch php smbclient source
|
||||
git clone git://github.com/eduardok/libsmbclient-php.git /tmp/smbclient && \
|
||||
|
||||
# compile smbclient
|
||||
cd /tmp/smbclient && \
|
||||
phpize && \
|
||||
./configure && \
|
||||
make && \
|
||||
make install && \
|
||||
|
||||
# uninstall build-dependencies
|
||||
apk del --purge \
|
||||
build-dependencies && \
|
||||
|
||||
# cleanup
|
||||
rm -rfv /tmp/*
|
||||
|
||||
# install runtime packages
|
||||
RUN \
|
||||
apk add --no-cache \
|
||||
curl \
|
||||
ffmpeg \
|
||||
libxml2 \
|
||||
php5-apcu \
|
||||
php5-bz2 \
|
||||
php5-ctype \
|
||||
php5-curl \
|
||||
php5-dom \
|
||||
php5-exif \
|
||||
php5-ftp \
|
||||
php5-gd \
|
||||
php5-gmp \
|
||||
php5-iconv \
|
||||
php5-imap \
|
||||
php5-intl \
|
||||
php5-ldap \
|
||||
php5-mcrypt \
|
||||
php5-openssl \
|
||||
php5-pcntl \
|
||||
php5-pdo_mysql \
|
||||
php5-pdo_pgsql \
|
||||
php5-pdo_sqlite \
|
||||
php5-pgsql \
|
||||
php5-posix \
|
||||
php5-sqlite3 \
|
||||
php5-xml \
|
||||
php5-xmlreader \
|
||||
php5-zip \
|
||||
php5-zlib \
|
||||
samba \
|
||||
tar \
|
||||
unzip && \
|
||||
apk add --no-cache --repository http://nl.alpinelinux.org/alpine/edge/testing \
|
||||
php5-memcached
|
||||
|
||||
# configure php extensions
|
||||
RUN \
|
||||
echo "extension="smbclient.so"" >> /etc/php5/php.ini
|
||||
|
||||
# configure php for nextcloud
|
||||
RUN \
|
||||
echo "env[PATH] = /usr/local/bin:/usr/bin:/bin" >> /defaults/nginx-fpm.conf
|
||||
|
||||
# add local files
|
||||
COPY root/ /
|
||||
|
||||
# ports and volumes
|
||||
VOLUME /config /data
|
||||
EXPOSE 443
|
||||
@@ -0,0 +1,6 @@
|
||||

|
||||
|
||||
## This is a Container in active development, and should not be used by the general public.
|
||||
If you are curious about the current progress or want to comment\contribute to this work, feel free to join us at our irc channel:
|
||||
[IRC](https://www.linuxserver.io/index.php/irc/) on freenode at `#linuxserver.io` or visit our website at [https://linuxserver.io](https://www.linuxserver.io/).
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
<?php
|
||||
$CONFIG = array (
|
||||
'memcache.local' => '\OC\Memcache\APCu',
|
||||
);
|
||||
|
||||
@@ -0,0 +1,108 @@
|
||||
upstream php-handler {
|
||||
server 127.0.0.1:9000;
|
||||
# server unix:/var/run/php/php7.0-fpm.sock;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name _;
|
||||
# enforce https
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name _;
|
||||
|
||||
ssl_certificate /config/keys/cert.crt;
|
||||
ssl_certificate_key /config/keys/cert.key;
|
||||
|
||||
# Add headers to serve security related headers
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
|
||||
# Path to the root of your installation
|
||||
root /config/www/nextcloud/;
|
||||
# set max upload size
|
||||
client_max_body_size 10G;
|
||||
fastcgi_buffers 64 4K;
|
||||
|
||||
# Disable gzip to avoid the removal of the ETag header
|
||||
gzip off;
|
||||
|
||||
# Uncomment if your server is build with the ngx_pagespeed module
|
||||
# This module is currently not supported.
|
||||
#pagespeed off;
|
||||
|
||||
index index.php;
|
||||
error_page 403 /core/templates/403.php;
|
||||
error_page 404 /core/templates/404.php;
|
||||
|
||||
rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
|
||||
rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
|
||||
|
||||
# The following 2 rules are only needed for the user_webfinger app.
|
||||
# Uncomment it if you're planning to use this app.
|
||||
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
|
||||
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location / {
|
||||
|
||||
rewrite ^/remote/(.*) /remote.php last;
|
||||
|
||||
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
|
||||
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
location ~ \.php(?:$|/) {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param HTTPS on;
|
||||
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
|
||||
fastcgi_pass php-handler;
|
||||
fastcgi_intercept_errors on;
|
||||
}
|
||||
|
||||
# Adding the cache control header for js and css files
|
||||
# Make sure it is BELOW the location ~ \.php(?:$|/) { block
|
||||
location ~* \.(?:css|js)$ {
|
||||
add_header Cache-Control "public, max-age=7200";
|
||||
# Add headers to serve security related headers
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
# Optional: Don't log access to assets
|
||||
access_log off;
|
||||
}
|
||||
|
||||
# Optional: Don't log access to other assets
|
||||
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
|
||||
access_log off;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,38 @@
|
||||
#!/bin/bash
|
||||
|
||||
ocpath="${NEXTCLOUD_PATH}"
|
||||
htuser='abc'
|
||||
htgroup='abc'
|
||||
rootuser='root'
|
||||
|
||||
printf "Creating possible missing Directories\n"
|
||||
mkdir -p $ocpath/data
|
||||
mkdir -p $ocpath/assets
|
||||
mkdir -p $ocpath/updater
|
||||
|
||||
printf "chmod Files and Directories\n"
|
||||
find ${ocpath}/ -type f -print0 | xargs -0 chmod 0640
|
||||
find ${ocpath}/ -type d -print0 | xargs -0 chmod 0750
|
||||
|
||||
printf "chown Directories\n"
|
||||
chown -R ${rootuser}:${htgroup} ${ocpath}/
|
||||
chown -R ${htuser}:${htgroup} ${ocpath}/apps/
|
||||
chown -R ${htuser}:${htgroup} ${ocpath}/assets/
|
||||
chown -R ${htuser}:${htgroup} ${ocpath}/config/
|
||||
chown -R ${htuser}:${htgroup} ${ocpath}/data/
|
||||
chown -R ${htuser}:${htgroup} ${ocpath}/themes/
|
||||
chown -R ${htuser}:${htgroup} ${ocpath}/updater/
|
||||
|
||||
chmod +x ${ocpath}/occ
|
||||
|
||||
printf "chmod/chown .htaccess\n"
|
||||
if [ -f ${ocpath}/.htaccess ]
|
||||
then
|
||||
chmod 0644 ${ocpath}/.htaccess
|
||||
chown ${rootuser}:${htgroup} ${ocpath}/.htaccess
|
||||
fi
|
||||
if [ -f ${ocpath}/data/.htaccess ]
|
||||
then
|
||||
chmod 0644 ${ocpath}/data/.htaccess
|
||||
chown ${rootuser}:${htgroup} ${ocpath}/data/.htaccess
|
||||
fi
|
||||
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/with-contenv bash
|
||||
|
||||
# permissions
|
||||
chown abc:abc /config /data
|
||||
chown -R abc:abc /var/lib/nginx
|
||||
@@ -0,0 +1,13 @@
|
||||
#!/usr/bin/with-contenv bash
|
||||
|
||||
mkdir -p "${WWW_ROOT}"
|
||||
chown abc:abc "${WWW_ROOT}"
|
||||
|
||||
if [ ! -e "${NEXTCLOUD_PATH}/index.php" ]; then
|
||||
curl -o /tmp/nextcloud.zip -L \
|
||||
https://download.nextcloud.com/server/releases/nextcloud-"${NEXTCLOUD_VER}".zip
|
||||
cd /tmp || true
|
||||
unzip nextcloud.zip
|
||||
mv /tmp/nextcloud "${NEXTCLOUD_PATH}"
|
||||
rm -f /tmp/nextcloud.zip
|
||||
fi
|
||||
@@ -0,0 +1,5 @@
|
||||
#!/usr/bin/with-contenv bash
|
||||
|
||||
[[ ! -f /config/www/nextcloud/config/config.php ]] && cp /defaults/config.php /config/www/nextcloud/config/config.php
|
||||
|
||||
chown abc:abc /config/www/nextcloud/config/config.php
|
||||
Reference in New Issue
Block a user