Compare commits

...

22 Commits

Author SHA1 Message Date
LinuxServer-CI 23f762ff52 Bot Updating Package Versions 2020-02-07 03:27:29 +00:00
aptalca aad6bf2d92 Various php and nginx site conf optimizations (#133)
* php.ini and site config updates

* display real ip in nginx logs with rp

* fixed diffs w/ upstream nextcloud git (#129)

* Bot Updating Package Versions

* fixed diffs w/ nextcloud upstream

Edit line 53, 67 - ocs-provider + ocm-provider, one call:
https://github.com/nextcloud/documentation/commit/3206db9fb8290343753828b10f817cf066cf88bd
https://github.com/nextcloud/documentation/pull/1293

New line 55, edit 58 - try_files resets $fastcgi_path_info, fix so $path_info gets value:  
https://github.com/nextcloud/documentation/commit/8f6c1aa61aa3cd9d9e3e567c0afe4a822d3fc403
https://github.com/nextcloud/documentation/pull/1679

Co-authored-by: Evan Wade <evan+pgp@evanwade.com>
2020-02-06 19:22:05 -08:00
LinuxServer-CI c2ee37ff7f Bot Updating Package Versions 2020-02-05 07:58:49 -05:00
LinuxServer-CI 6baba71326 Bot Updating Package Versions 2020-01-29 12:44:41 +00:00
LinuxServer-CI 4e1380994e Bot Updating Package Versions 2020-01-22 10:13:45 -05:00
LinuxServer-CI c45992751d Bot Updating Package Versions 2020-01-15 15:31:41 +01:00
LinuxServer-CI 71924c6768 Bot Updating Package Versions 2020-01-08 07:37:19 -05:00
LinuxServer-CI c2fe0e9b57 Bot Updating Package Versions 2020-01-01 07:45:00 -05:00
LinuxServer-CI d0c8ae82b3 Bot Updating Package Versions 2019-12-25 13:36:43 +01:00
LinuxServer-CI 67c52786a7 Bot Updating Package Versions 2019-12-21 23:24:44 +00:00
LinuxServer-CI 5ba50704e9 Bot Updating Templated Files 2019-12-21 18:19:53 -05:00
thelamer 91d2482d3f Rebasing to Alpine 3.11 2019-12-21 15:18:51 -08:00
LinuxServer-CI 9c0fb97e11 Bot Updating Package Versions 2019-12-19 05:34:50 -05:00
LinuxServer-CI 3007775252 Bot Updating Package Versions 2019-12-18 07:43:14 -05:00
LinuxServer-CI d365d52999 Bot Updating Package Versions 2019-12-11 13:40:34 +01:00
LinuxServer-CI 5475c0e402 Bot Updating Package Versions 2019-12-04 07:37:42 -05:00
LinuxServer-CI 0e16c614d5 Bot Updating Templated Files 2019-12-04 07:33:48 -05:00
LinuxServer-CI 396cb03bc0 Bot Updating Package Versions 2019-11-20 12:38:25 +00:00
LinuxServer-CI 3ac5839861 Bot Updating Package Versions 2019-11-18 21:55:17 +01:00
j0nnymoe aa8ad8a32d Update site config for v17 (#120)
Update site config for v17
2019-11-18 20:51:10 +00:00
aptalca 86e1ecb3d6 Update site config for v17 2019-11-18 15:02:51 -05:00
LinuxServer-CI 2e52336bb6 Bot Updating Package Versions 2019-11-13 13:39:32 +01:00
8 changed files with 227 additions and 172 deletions
+5 -2
View File
@@ -1,11 +1,11 @@
FROM lsiobase/nginx:3.10
FROM lsiobase/nginx:3.11
# set version label
ARG BUILD_DATE
ARG VERSION
ARG NEXTCLOUD_RELEASE
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="sparklyballs"
LABEL maintainer="aptalca"
# environment settings
ENV NEXTCLOUD_PATH="/config/www/nextcloud"
@@ -82,6 +82,9 @@ RUN \
-e 's/;opcache.revalidate_freq.*=.*/opcache.revalidate_freq=1/g' \
-e 's/;always_populate_raw_post_data.*=.*/always_populate_raw_post_data=-1/g' \
-e 's/memory_limit.*=.*128M/memory_limit=512M/g' \
-e 's/max_execution_time.*=.*30/max_execution_time=120/g' \
-e 's/upload_max_filesize.*=.*2M/upload_max_filesize=1024M/g' \
-e 's/post_max_size.*=.*8M/post_max_size=1024M/g' \
/etc/php7/php.ini && \
sed -i \
'/opcache.enable=1/a opcache.enable_cli=1' \
+5 -2
View File
@@ -1,11 +1,11 @@
FROM lsiobase/nginx:arm64v8-3.10
FROM lsiobase/nginx:arm64v8-3.11
# set version label
ARG BUILD_DATE
ARG VERSION
ARG NEXTCLOUD_RELEASE
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="sparklyballs"
LABEL maintainer="aptalca"
# environment settings
ENV NEXTCLOUD_PATH="/config/www/nextcloud"
@@ -82,6 +82,9 @@ RUN \
-e 's/;opcache.revalidate_freq.*=.*/opcache.revalidate_freq=1/g' \
-e 's/;always_populate_raw_post_data.*=.*/always_populate_raw_post_data=-1/g' \
-e 's/memory_limit.*=.*128M/memory_limit=512M/g' \
-e 's/max_execution_time.*=.*30/max_execution_time=120/g' \
-e 's/upload_max_filesize.*=.*2M/upload_max_filesize=1024M/g' \
-e 's/post_max_size.*=.*8M/post_max_size=1024M/g' \
/etc/php7/php.ini && \
sed -i \
'/opcache.enable=1/a opcache.enable_cli=1' \
+5 -2
View File
@@ -1,11 +1,11 @@
FROM lsiobase/nginx:arm32v7-3.10
FROM lsiobase/nginx:arm32v7-3.11
# set version label
ARG BUILD_DATE
ARG VERSION
ARG NEXTCLOUD_RELEASE
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="sparklyballs"
LABEL maintainer="aptalca"
# environment settings
ENV NEXTCLOUD_PATH="/config/www/nextcloud"
@@ -82,6 +82,9 @@ RUN \
-e 's/;opcache.revalidate_freq.*=.*/opcache.revalidate_freq=1/g' \
-e 's/;always_populate_raw_post_data.*=.*/always_populate_raw_post_data=-1/g' \
-e 's/memory_limit.*=.*128M/memory_limit=512M/g' \
-e 's/max_execution_time.*=.*30/max_execution_time=120/g' \
-e 's/upload_max_filesize.*=.*2M/upload_max_filesize=1024M/g' \
-e 's/post_max_size.*=.*8M/post_max_size=1024M/g' \
/etc/php7/php.ini && \
sed -i \
'/opcache.enable=1/a opcache.enable_cli=1' \
Vendored
+3 -3
View File
@@ -617,7 +617,7 @@ pipeline {
docker manifest push --purge ${MANIFESTIMAGE}:latest
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG}
done
for LEGACYIMAGE in "${QUAYIMAGE}" "${GITHUBIMAGE}"; do
for LEGACYIMAGE in "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
docker tag ${IMAGE}:amd64-${META_TAG} ${LEGACYIMAGE}:amd64-${META_TAG}
docker tag ${IMAGE}:arm32v7-${META_TAG} ${LEGACYIMAGE}:arm32v7-${META_TAG}
docker tag ${IMAGE}:arm64v8-${META_TAG} ${LEGACYIMAGE}:arm64v8-${META_TAG}
@@ -731,12 +731,12 @@ pipeline {
sh 'echo "build aborted"'
}
else if (currentBuild.currentResult == "SUCCESS"){
sh ''' curl -X POST --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 1681177,\
sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 1681177,\
"description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** Success\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\
"username": "Jenkins"}' ${BUILDS_DISCORD} '''
}
else {
sh ''' curl -X POST --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 16711680,\
sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://wiki.jenkins-ci.org/download/attachments/2916393/headshot.png","embeds": [{"color": 16711680,\
"description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** failure\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\
"username": "Jenkins"}' ${BUILDS_DISCORD} '''
}
+15 -2
View File
@@ -5,7 +5,6 @@
[![Discourse](https://img.shields.io/discourse/https/discourse.linuxserver.io/topics.svg?style=flat-square&color=E68523&logo=discourse&logoColor=FFFFFF)](https://discourse.linuxserver.io "post on our community forum.")
[![Fleet](https://img.shields.io/static/v1.svg?style=flat-square&color=E68523&label=linuxserver.io&message=Fleet)](https://fleet.linuxserver.io "an online web interface which displays all of our maintained images.")
[![GitHub](https://img.shields.io/static/v1.svg?style=flat-square&color=E68523&label=linuxserver.io&message=GitHub&logo=github&logoColor=FFFFFF)](https://github.com/linuxserver "view the source for all of our repositories.")
[![Podcast](https://img.shields.io/static/v1.svg?style=flat-square&color=E68523&label=linuxserver.io&message=Podcast)](https://anchor.fm/linuxserverio "on hiatus. Coming back soon (late 2018).")
[![Open Collective](https://img.shields.io/opencollective/all/linuxserver.svg?style=flat-square&color=E68523&label=Supporters&logo=open%20collective&logoColor=FFFFFF)](https://opencollective.com/linuxserver "please consider helping us by either donating or contributing to our budget")
The [LinuxServer.io](https://linuxserver.io) team brings you another container release featuring :-
@@ -22,7 +21,6 @@ Find us at:
* [Discourse](https://discourse.linuxserver.io) - post on our community forum.
* [Fleet](https://fleet.linuxserver.io) - an online web interface which displays all of our maintained images.
* [GitHub](https://github.com/linuxserver) - view the source for all of our repositories.
* [Podcast](https://anchor.fm/linuxserverio) - on hiatus. Coming back soon (late 2018).
* [Open Collective](https://opencollective.com/linuxserver) - please consider helping us by either donating or contributing to our budget
# [linuxserver/nextcloud](https://github.com/linuxserver/docker-nextcloud)
@@ -116,6 +114,18 @@ Container images are configured using parameters passed at runtime (such as thos
| `-v /config` | Nextcloud configs. |
| `-v /data` | Your personal data. |
## Environment variables from files (Docker secrets)
You can set any environment variable from a file by using a special prepend `FILE__`.
As an example:
```
-e FILE__PASSWORD=/run/secrets/mysecretpassword
```
Will set the environment variable `PASSWORD` based on the contents of the `/run/secrets/mysecretpassword` file.
## User / Group Identifiers
When using volumes (`-v` flags) permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user `PUID` and group `PGID`.
@@ -209,6 +219,9 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **17.01.20:** - Updated php.ini defaults and site config, including an optional HSTS directive (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **19.12.19:** - Rebasing to alpine 3.11.
* **18.11.19:** - Nginx default site config updated for v17 (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **28.10.19:** - Change cronjob to run every 5 minutes.
* **24.10.19:** - Nginx default site config updated due to CVE-2019-11043 (existing users should delete `/config/nginx/site-confs/default` and restart the container).
* **14.07.19:** - Download nextcloud during build time.
+156 -153
View File
@@ -1,199 +1,202 @@
alpine-baselayout-3.1.2-r0
alpine-baselayout-3.2.0-r3
alpine-keys-2.1-r2
alsa-lib-1.1.9-r0
alsa-lib-1.2.1.2-r0
apache2-utils-2.4.41-r0
apk-tools-2.10.4-r2
apr-1.6.5-r0
apk-tools-2.10.4-r3
apr-1.7.0-r0
apr-util-1.6.1-r6
argon2-libs-20171227-r2
avahi-libs-0.7-r2
bash-5.0.0-r0
busybox-1.30.1-r3
c-client-2007f-r10
ca-certificates-20190108-r0
ca-certificates-cacert-20190108-r0
argon2-libs-20190702-r1
avahi-libs-0.7-r4
bash-5.0.11-r1
busybox-1.31.1-r9
c-client-2007f-r11
ca-certificates-20191127-r1
ca-certificates-cacert-20191127-r1
cairo-1.16.0-r2
coreutils-8.31-r0
cups-libs-2.2.12-r0
curl-7.66.0-r0
cups-libs-2.2.12-r1
curl-7.67.0-r0
db-5.3.28-r1
dbus-libs-1.12.16-r0
expat-2.2.8-r0
ffmpeg-4.1.4-r0
ffmpeg-libs-4.1.4-r0
fontconfig-2.13.1-r0
freetype-2.10.0-r0
fribidi-1.0.5-r1
gdk-pixbuf-2.38.1-r0
ghostscript-9.27-r4
git-2.22.0-r0
glib-2.60.4-r0
dbus-libs-1.12.16-r2
expat-2.2.9-r1
ffmpeg-4.2.1-r3
ffmpeg-libs-4.2.1-r3
fontconfig-2.13.1-r2
freetype-2.10.1-r0
fribidi-1.0.8-r0
gdk-pixbuf-2.40.0-r0
ghostscript-9.50-r0
git-2.24.1-r0
glib-2.62.4-r0
gmp-6.1.2-r1
gnutls-3.6.8-r0
gnutls-3.6.10-r0
graphite2-1.3.13-r1
harfbuzz-2.5.1-r0
harfbuzz-2.6.4-r0
icu-libs-64.2-r0
imagemagick-7.0.8.58-r0
imagemagick-libs-7.0.8.58-r0
imagemagick-7.0.9.7-r0
imagemagick-libs-7.0.9.7-r0
jansson-2.12-r0
jbig2dec-0.16-r0
jbig2dec-0.17-r0
lame-3.100-r0
lcms2-2.9-r1
ldb-1.5.5-r0
libacl-2.2.52-r6
libarchive-3.3.3-r1
ldb-2.0.8-r0
libacl-2.2.53-r0
libarchive-3.4.0-r0
libass-0.14.0-r0
libattr-2.4.48-r0
libblkid-2.33.2-r0
libbsd-0.9.1-r0
libbz2-1.0.6-r7
libc-utils-0.7.1-r0
libblkid-2.34-r1
libbsd-0.10.0-r0
libbz2-1.0.8-r1
libc-utils-0.7.2-r0
libcap-2.27-r0
libcom_err-1.45.2-r1
libcroco-0.6.13-r1
libcrypto1.1-1.1.1d-r0
libcurl-7.66.0-r0
libcrypto1.1-1.1.1d-r3
libcurl-7.67.0-r0
libde265-1.0.3-r0
libdrm-2.4.98-r0
libedit-20190324.3.1-r0
libdrm-2.4.100-r0
libedit-20191211.3.1-r0
libffi-3.2.1-r6
libgcc-8.3.0-r0
libheif-1.3.2-r2
libice-1.0.9-r3
libintl-0.19.8.1-r4
libjpeg-turbo-2.0.2-r0
libldap-2.4.48-r0
libltdl-2.4.6-r6
libgcc-9.2.0-r3
libheif-1.6.0-r0
libice-1.0.10-r0
libintl-0.20.1-r2
libjpeg-turbo-2.0.4-r0
libldap-2.4.48-r1
libltdl-2.4.6-r7
libmagic-5.37-r1
libmcrypt-2.5.8-r7
libmemcached-libs-1.0.18-r3
libmount-2.33.2-r0
libogg-1.3.3-r2
libpciaccess-0.14-r0
libmemcached-libs-1.0.18-r4
libmount-2.34-r1
libogg-1.3.4-r0
libpciaccess-0.16-r0
libpng-1.6.37-r1
libpq-11.5-r1
libressl2.7-libcrypto-2.7.5-r0
libressl2.7-libssl-2.7.5-r0
librsvg-2.40.20-r0
libsasl-2.1.27-r3
libpq-12.1-r0
libressl3.0-libcrypto-3.0.2-r0
libressl3.0-libssl-3.0.2-r0
librsvg-2.46.4-r0
libsasl-2.1.27-r5
libsm-1.2.3-r0
libsmbclient-4.10.8-r0
libsmbclient-4.11.5-r0
libsodium-1.0.18-r0
libssl1.1-1.1.1d-r0
libstdc++-8.3.0-r0
libtasn1-4.14-r0
libssl1.1-1.1.1d-r3
libstdc++-9.2.0-r3
libtasn1-4.15.0-r0
libtheora-1.1.1-r14
libtls-standalone-2.9.1-r0
libunistring-0.9.10-r0
libuuid-2.33.2-r0
libva-2.4.1-r0
libvdpau-1.2-r0
libuuid-2.34-r1
libva-2.6.0-r0
libvdpau-1.3-r0
libvorbis-1.3.6-r2
libvpx-1.8.0-r0
libwbclient-4.10.8-r0
libwebp-1.0.2-r0
libx11-1.6.8-r1
libvpx-1.8.1-r0
libwbclient-4.11.5-r0
libwebp-1.0.3-r0
libx11-1.6.9-r0
libxau-1.0.9-r0
libxcb-1.13.1-r0
libxdmcp-1.1.3-r0
libxext-1.3.4-r0
libxfixes-5.0.3-r2
libxft-2.3.3-r0
libxml2-2.9.9-r2
libxpm-3.5.12-r0
libxml2-2.9.10-r1
libxpm-3.5.13-r0
libxrender-0.9.10-r3
libxt-1.1.5-r2
libxt-1.2.0-r0
libzip-1.5.2-r0
linux-pam-1.3.0-r1
lmdb-0.9.24-r0
logrotate-3.15.0-r0
lz4-libs-1.9.1-r0
musl-1.1.22-r3
musl-utils-1.1.22-r3
nano-4.3-r0
ncurses-libs-6.1_p20190518-r0
ncurses-terminfo-6.1_p20190518-r0
ncurses-terminfo-base-6.1_p20190518-r0
nettle-3.4.1-r1
nghttp2-libs-1.39.2-r0
nginx-1.16.1-r1
openssl-1.1.1d-r0
linux-pam-1.3.1-r1
lmdb-0.9.24-r1
logrotate-3.15.1-r0
lz4-libs-1.9.2-r0
musl-1.1.24-r0
musl-utils-1.1.24-r0
nano-4.6-r0
ncurses-libs-6.1_p20191130-r0
ncurses-terminfo-6.1_p20191130-r0
ncurses-terminfo-base-6.1_p20191130-r0
nettle-3.5.1-r0
nghttp2-libs-1.40.0-r0
nginx-1.16.1-r6
openssl-1.1.1d-r3
opus-1.3.1-r0
p11-kit-0.23.16.1-r0
pango-1.42.4-r2
p11-kit-0.23.18.1-r0
pango-1.44.7-r0
pcre-8.43-r0
pcre2-10.33-r0
php7-7.3.11-r0
php7-bz2-7.3.11-r0
php7-common-7.3.11-r0
php7-ctype-7.3.11-r0
php7-curl-7.3.11-r0
php7-dom-7.3.11-r0
php7-exif-7.3.11-r0
php7-fileinfo-7.3.11-r0
php7-fpm-7.3.11-r0
php7-ftp-7.3.11-r0
php7-gd-7.3.11-r0
php7-gmp-7.3.11-r0
php7-iconv-7.3.11-r0
php7-imap-7.3.11-r0
php7-intl-7.3.11-r0
php7-json-7.3.11-r0
php7-ldap-7.3.11-r0
php7-mbstring-7.3.11-r0
php7-mysqlnd-7.3.11-r0
php7-opcache-7.3.11-r0
php7-openssl-7.3.11-r0
php7-pcntl-7.3.11-r0
php7-pdo-7.3.11-r0
php7-pdo_mysql-7.3.11-r0
php7-pdo_pgsql-7.3.11-r0
php7-pdo_sqlite-7.3.11-r0
php7-pecl-apcu-5.1.17-r1
pcre2-10.34-r1
php7-7.3.14-r0
php7-bz2-7.3.14-r0
php7-common-7.3.14-r0
php7-ctype-7.3.14-r0
php7-curl-7.3.14-r0
php7-dom-7.3.14-r0
php7-exif-7.3.14-r0
php7-fileinfo-7.3.14-r0
php7-fpm-7.3.14-r0
php7-ftp-7.3.14-r0
php7-gd-7.3.14-r0
php7-gmp-7.3.14-r0
php7-iconv-7.3.14-r0
php7-imap-7.3.14-r0
php7-intl-7.3.14-r0
php7-json-7.3.14-r0
php7-ldap-7.3.14-r0
php7-mbstring-7.3.14-r0
php7-mysqlnd-7.3.14-r0
php7-opcache-7.3.14-r0
php7-openssl-7.3.14-r0
php7-pcntl-7.3.14-r0
php7-pdo-7.3.14-r0
php7-pdo_mysql-7.3.14-r0
php7-pdo_pgsql-7.3.14-r0
php7-pdo_sqlite-7.3.14-r0
php7-pecl-apcu-5.1.18-r0
php7-pecl-igbinary-3.0.1-r1
php7-pecl-imagick-3.4.4-r1
php7-pecl-mcrypt-1.0.2-r1
php7-pecl-memcached-3.1.3-r2
php7-pecl-redis-4.3.0-r2
php7-pgsql-7.3.11-r0
php7-phar-7.3.11-r0
php7-posix-7.3.11-r0
php7-session-7.3.11-r0
php7-simplexml-7.3.11-r0
php7-sodium-7.3.11-r0
php7-sqlite3-7.3.11-r0
php7-xml-7.3.11-r0
php7-xmlreader-7.3.11-r0
php7-xmlwriter-7.3.11-r0
php7-zip-7.3.11-r0
php7-pecl-imagick-3.4.4-r2
php7-pecl-mcrypt-1.0.3-r0
php7-pecl-memcached-3.1.5-r0
php7-pecl-redis-5.1.1-r0
php7-pgsql-7.3.14-r0
php7-phar-7.3.14-r0
php7-posix-7.3.14-r0
php7-session-7.3.14-r0
php7-simplexml-7.3.14-r0
php7-sodium-7.3.14-r0
php7-sqlite3-7.3.14-r0
php7-xml-7.3.14-r0
php7-xmlreader-7.3.14-r0
php7-xmlwriter-7.3.14-r0
php7-zip-7.3.14-r0
pixman-0.38.4-r0
pkgconf-1.6.3-r0
popt-1.16-r7
readline-8.0.0-r0
samba-client-4.10.8-r0
samba-client-libs-4.10.8-r0
samba-common-4.10.8-r0
samba-common-libs-4.10.8-r0
samba-heimdal-libs-4.10.8-r0
samba-libs-4.10.8-r0
scanelf-1.2.3-r0
readline-8.0.1-r0
samba-client-4.11.5-r0
samba-client-libs-4.11.5-r0
samba-common-4.11.5-r0
samba-common-libs-4.11.5-r0
samba-common-server-libs-4.11.5-r0
samba-heimdal-libs-4.11.5-r0
samba-libs-4.11.5-r0
samba-server-libs-4.11.5-r0
scanelf-1.2.4-r0
sdl2-2.0.10-r0
shadow-4.6-r2
shared-mime-info-1.12-r0
sqlite-libs-3.28.0-r1
ssl_client-1.30.1-r3
sudo-1.8.27-r0
talloc-2.2.0-r0
tar-1.32-r0
tdb-libs-1.3.18-r0
tevent-0.9.39-r0
tiff-4.0.10-r2
shadow-4.7-r1
shared-mime-info-1.15-r0
sqlite-libs-3.30.1-r1
ssl_client-1.31.1-r9
sudo-1.8.31-r0
talloc-2.3.1-r0
tar-1.32-r1
tdb-libs-1.4.3-r0
tevent-0.10.2-r0
tiff-4.1.0-r0
tzdata-2019c-r0
unzip-6.0-r4
v4l-utils-libs-1.16.6-r0
v4l-utils-libs-1.18.0-r0
wayland-libs-client-1.17.0-r0
x264-libs-20180304-r1
x265-libs-3.0-r0
xvidcore-1.3.4-r1
x264-libs-20191119-r0
x265-libs-3.2.1-r0
xvidcore-1.3.5-r0
xz-5.2.4-r0
xz-libs-5.2.4-r0
zlib-1.2.11-r1
zlib-1.2.11-r3
zstd-libs-1.4.4-r1
+3
View File
@@ -60,6 +60,9 @@ app_setup_block: |
# changelog
changelogs:
- { date: "17.01.20:", desc: "Updated php.ini defaults and site config, including an optional HSTS directive (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "19.12.19:", desc: "Rebasing to alpine 3.11." }
- { date: "18.11.19:", desc: "Nginx default site config updated for v17 (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "28.10.19:", desc: "Change cronjob to run every 5 minutes." }
- { date: "24.10.19:", desc: "Nginx default site config updated due to CVE-2019-11043 (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
- { date: "14.07.19:", desc: "Download nextcloud during build time." }
+35 -8
View File
@@ -13,24 +13,40 @@ server {
server_name _;
ssl_certificate /config/keys/cert.crt;
ssl_certificate_key /config/keys/cert.key;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
fastcgi_hide_header X-Powered-By;
root /config/www/nextcloud/;
# display real ip in nginx logs when connected through reverse proxy via docker network
set_real_ip_from 172.0.0.0/8;
real_ip_header X-Forwarded-For;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
return 301 $scheme://$host:$server_port/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
return 301 $scheme://$host:$server_port/remote.php/dav;
}
client_max_body_size 10G;
fastcgi_buffers 64 4K;
@@ -49,12 +65,13 @@ server {
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|ocm-provider\/.+)\.php(?:$|\/) {
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
@@ -62,23 +79,33 @@ server {
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/(?:updater|ocs-provider|ocm-provider)(?:$|\/) {
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
location ~ \.(?:css|js|woff2?|svg|gif)$ {
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
try_files $uri /index.php$request_uri;
access_log off;
}