mirror of
https://github.com/linuxserver/docker-nextcloud.git
synced 2026-06-03 09:57:35 +00:00
Compare commits
21 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| bfa2633922 | |||
| 6fa720ddeb | |||
| 66e26d5abf | |||
| 1e95588765 | |||
| 27c5d7cfc7 | |||
| 72a2fb2e77 | |||
| 18e6a018b0 | |||
| f32f889748 | |||
| 2ff299799d | |||
| d80323cbd7 | |||
| 03a11ed3c2 | |||
| 7989e75d99 | |||
| 63ac413394 | |||
| 60ce804127 | |||
| 212f58793f | |||
| 87090fb6fa | |||
| 3943379ccf | |||
| 868122601b | |||
| a5008c1640 | |||
| ec4095c431 | |||
| f6fefcc0b8 |
@@ -96,7 +96,7 @@ If you are proposing additional packages to be added, ensure that you added the
|
||||
|
||||
### Testing your changes
|
||||
|
||||
```
|
||||
```bash
|
||||
git clone https://github.com/linuxserver/docker-nextcloud.git
|
||||
cd docker-nextcloud
|
||||
docker build \
|
||||
@@ -106,13 +106,14 @@ docker build \
|
||||
```
|
||||
|
||||
The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
|
||||
```
|
||||
|
||||
```bash
|
||||
docker run --rm --privileged multiarch/qemu-user-static:register --reset
|
||||
```
|
||||
|
||||
Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`.
|
||||
|
||||
## Update the chagelog
|
||||
## Update the changelog
|
||||
|
||||
If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-nextcloud/tree/master/root), add an entry to the changelog
|
||||
|
||||
|
||||
Vendored
+71
-17
@@ -55,7 +55,7 @@ pipeline {
|
||||
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT
|
||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/'
|
||||
env.PULL_REQUEST = env.CHANGE_ID
|
||||
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.md ./.github/ISSUE_TEMPLATE/issue.feature.md ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/greetings.yml ./.github/workflows/stale.yml ./.github/workflows/package_trigger.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/external_trigger.yml ./.github/workflows/external_trigger_scheduler.yml'
|
||||
env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.md ./.github/ISSUE_TEMPLATE/issue.feature.md ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/stale.yml ./.github/workflows/external_trigger.yml ./.github/workflows/package_trigger.yml'
|
||||
}
|
||||
script{
|
||||
env.LS_RELEASE_NUMBER = sh(
|
||||
@@ -307,22 +307,24 @@ pipeline {
|
||||
git commit -m 'Bot Updating Documentation'
|
||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git --all
|
||||
fi
|
||||
mkdir -p ${TEMPDIR}/unraid
|
||||
mkdir -p ${TEMPDIR}/unraid
|
||||
git clone https://github.com/linuxserver/docker-templates.git ${TEMPDIR}/unraid/docker-templates
|
||||
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
|
||||
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
|
||||
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
|
||||
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
|
||||
fi
|
||||
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
|
||||
cd ${TEMPDIR}/unraid/templates/
|
||||
if grep -wq "${CONTAINER_NAME}" ${TEMPDIR}/unraid/templates/unraid/ignore.list; then
|
||||
echo "Image is on the ignore list, skipping Unraid template upload"
|
||||
echo "Image is on the ignore list, removing Unraid template"
|
||||
git rm unraid/${CONTAINER_NAME}.xml || :
|
||||
git commit -m 'Bot Removing Deprecated Unraid Template' || :
|
||||
else
|
||||
cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml ${TEMPDIR}/unraid/templates/unraid/
|
||||
cd ${TEMPDIR}/unraid/templates/
|
||||
git add unraid/${CONTAINER_NAME}.xml
|
||||
git commit -m 'Bot Updating Unraid Template'
|
||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git --all
|
||||
fi
|
||||
git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/templates.git --all
|
||||
fi
|
||||
rm -Rf ${TEMPDIR}'''
|
||||
script{
|
||||
@@ -379,8 +381,21 @@ pipeline {
|
||||
}
|
||||
steps {
|
||||
echo "Running on node: ${NODE_NAME}"
|
||||
sh "docker build --no-cache --pull -t ${IMAGE}:${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
sh "docker build \
|
||||
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
|
||||
--label \"org.opencontainers.image.authors=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-nextcloud/packages\" \
|
||||
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
|
||||
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
|
||||
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.title=Nextcloud\" \
|
||||
--label \"org.opencontainers.image.description=[Nextcloud](https://nextcloud.com/) gives you access to all your files wherever you are. Where are your photos and documents? With Nextcloud you pick a server of your choice, at home, in a data center or at a provider. And that is where your files will be. Nextcloud runs on that server, protecting your data and giving you access from your desktop or mobile devices. Through Nextcloud you also access, sync and share your existing data on that FTP drive at the office, a Dropbox or a NAS you have at home. \" \
|
||||
--no-cache --pull -t ${IMAGE}:${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
}
|
||||
}
|
||||
// Build MultiArch Docker containers for push to LS Repo
|
||||
@@ -393,8 +408,21 @@ pipeline {
|
||||
stage('Build X86') {
|
||||
steps {
|
||||
echo "Running on node: ${NODE_NAME}"
|
||||
sh "docker build --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
sh "docker build \
|
||||
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
|
||||
--label \"org.opencontainers.image.authors=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-nextcloud/packages\" \
|
||||
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
|
||||
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
|
||||
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.title=Nextcloud\" \
|
||||
--label \"org.opencontainers.image.description=[Nextcloud](https://nextcloud.com/) gives you access to all your files wherever you are. Where are your photos and documents? With Nextcloud you pick a server of your choice, at home, in a data center or at a provider. And that is where your files will be. Nextcloud runs on that server, protecting your data and giving you access from your desktop or mobile devices. Through Nextcloud you also access, sync and share your existing data on that FTP drive at the office, a Dropbox or a NAS you have at home. \" \
|
||||
--no-cache --pull -t ${IMAGE}:amd64-${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
}
|
||||
}
|
||||
stage('Build ARMHF') {
|
||||
@@ -407,8 +435,21 @@ pipeline {
|
||||
sh '''#! /bin/bash
|
||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||
'''
|
||||
sh "docker build --no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
sh "docker build \
|
||||
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
|
||||
--label \"org.opencontainers.image.authors=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-nextcloud/packages\" \
|
||||
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
|
||||
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
|
||||
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.title=Nextcloud\" \
|
||||
--label \"org.opencontainers.image.description=[Nextcloud](https://nextcloud.com/) gives you access to all your files wherever you are. Where are your photos and documents? With Nextcloud you pick a server of your choice, at home, in a data center or at a provider. And that is where your files will be. Nextcloud runs on that server, protecting your data and giving you access from your desktop or mobile devices. Through Nextcloud you also access, sync and share your existing data on that FTP drive at the office, a Dropbox or a NAS you have at home. \" \
|
||||
--no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
|
||||
retry(5) {
|
||||
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
|
||||
@@ -428,8 +469,21 @@ pipeline {
|
||||
sh '''#! /bin/bash
|
||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||
'''
|
||||
sh "docker build --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
sh "docker build \
|
||||
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
|
||||
--label \"org.opencontainers.image.authors=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-nextcloud/packages\" \
|
||||
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-nextcloud\" \
|
||||
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
|
||||
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
|
||||
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
|
||||
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
|
||||
--label \"org.opencontainers.image.title=Nextcloud\" \
|
||||
--label \"org.opencontainers.image.description=[Nextcloud](https://nextcloud.com/) gives you access to all your files wherever you are. Where are your photos and documents? With Nextcloud you pick a server of your choice, at home, in a data center or at a provider. And that is where your files will be. Nextcloud runs on that server, protecting your data and giving you access from your desktop or mobile devices. Through Nextcloud you also access, sync and share your existing data on that FTP drive at the office, a Dropbox or a NAS you have at home. \" \
|
||||
--no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} \
|
||||
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
|
||||
sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
||||
retry(5) {
|
||||
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
|
||||
@@ -740,7 +794,7 @@ pipeline {
|
||||
echo '{"tag_name":"'${META_TAG}'",\
|
||||
"target_commitish": "master",\
|
||||
"name": "'${META_TAG}'",\
|
||||
"body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n**Remote Changes:**\\n\\n' > start
|
||||
"body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
|
||||
printf '","draft": false,"prerelease": false}' >> releasebody.json
|
||||
paste -d'\\0' start releasebody.json > releasebody.json.done
|
||||
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
|
||||
@@ -765,7 +819,7 @@ pipeline {
|
||||
set -e
|
||||
TEMPDIR=$(mktemp -d)
|
||||
docker pull ghcr.io/linuxserver/jenkins-builder:latest
|
||||
docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH="${BRANCH_NAME}" -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest
|
||||
docker run --rm -e CONTAINER_NAME=${CONTAINER_NAME} -e GITHUB_BRANCH="${BRANCH_NAME}" -v ${TEMPDIR}:/ansible/jenkins ghcr.io/linuxserver/jenkins-builder:latest
|
||||
docker pull ghcr.io/linuxserver/readme-sync
|
||||
docker run --rm=true \
|
||||
-e DOCKERHUB_USERNAME=$DOCKERUSER \
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
<!-- DO NOT EDIT THIS FILE MANUALLY -->
|
||||
<!-- Please read the CONTRIBUTING.md -->
|
||||
<!-- Please read the https://github.com/linuxserver/docker-nextcloud/blob/master/.github/CONTRIBUTING.md -->
|
||||
|
||||
[](https://linuxserver.io)
|
||||
|
||||
@@ -12,13 +12,14 @@
|
||||
|
||||
The [LinuxServer.io](https://linuxserver.io) team brings you another container release featuring:
|
||||
|
||||
* regular and timely application updates
|
||||
* easy user mappings (PGID, PUID)
|
||||
* custom base image with s6 overlay
|
||||
* weekly base OS updates with common layers across the entire LinuxServer.io ecosystem to minimise space usage, down time and bandwidth
|
||||
* regular security updates
|
||||
* regular and timely application updates
|
||||
* easy user mappings (PGID, PUID)
|
||||
* custom base image with s6 overlay
|
||||
* weekly base OS updates with common layers across the entire LinuxServer.io ecosystem to minimise space usage, down time and bandwidth
|
||||
* regular security updates
|
||||
|
||||
Find us at:
|
||||
|
||||
* [Blog](https://blog.linuxserver.io) - all the things you can do with our containers including How-To guides, opinions and much more!
|
||||
* [Discord](https://discord.gg/YWrKVTn) - realtime support / chat with the community and the team.
|
||||
* [Discourse](https://discourse.linuxserver.io) - post on our community forum.
|
||||
@@ -42,7 +43,6 @@ Find us at:
|
||||
|
||||
Where are your photos and documents? With Nextcloud you pick a server of your choice, at home, in a data center or at a provider. And that is where your files will be. Nextcloud runs on that server, protecting your data and giving you access from your desktop or mobile devices. Through Nextcloud you also access, sync and share your existing data on that FTP drive at the office, a Dropbox or a NAS you have at home.
|
||||
|
||||
|
||||
[](https://nextcloud.com/)
|
||||
|
||||
## Supported Architectures
|
||||
@@ -59,6 +59,40 @@ The architectures supported by this image are:
|
||||
| arm64 | arm64v8-latest |
|
||||
| armhf | arm32v7-latest |
|
||||
|
||||
## Version Tags
|
||||
|
||||
This image provides various versions that are available via tags. `latest` tag usually provides the latest stable version. Others are considered under development and caution must be exercised when using them.
|
||||
|
||||
| Tag | Description |
|
||||
| :----: | --- |
|
||||
| latest | Stable Nextcloud releases (currently php7) |
|
||||
| php8 | Experimental php8 based Nextcloud releases |
|
||||
|
||||
## Application Setup
|
||||
|
||||
Access the webui at `https://<your-ip>:443`, for more information check out [Nextcloud](https://nextcloud.com/).
|
||||
|
||||
Docker image update and recreation of container alone won't update nextcloud version.
|
||||
|
||||
In order to update nextcloud version, you have two options, firstly make sure you are using the latest docker image,then either
|
||||
|
||||
1. Perform the in app gui update.
|
||||
2. Use the CLI version by running `docker exec -it nextcloud updater.phar`
|
||||
(Both of these are described [here](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/update.html))
|
||||
|
||||
Note: Both `occ` and `updater.phar` can be run without prepending with `sudo -u abc php` or `sudo -u www-data php`
|
||||
|
||||
If you are not customizing our default nginx configuration you will need to remove the file:
|
||||
```
|
||||
/config/nginx/site-confs/default
|
||||
```
|
||||
Then restart the container to replace it with the latest one.
|
||||
|
||||
### Collaborative Editing
|
||||
|
||||
Nextcloud's built-in collaborative editing packages (Collabora/CODE and OnlyOffice) only work on x86_64 systems with glibc, and therefore they are not compatible with our images. You should create separate containers for them and set them up in Nextcloud with their respective connector addons.
|
||||
|
||||
If (auto) installed, those built-in packages may cause instability and should be removed.
|
||||
|
||||
## Usage
|
||||
|
||||
@@ -89,7 +123,7 @@ services:
|
||||
|
||||
### docker cli
|
||||
|
||||
```
|
||||
```bash
|
||||
docker run -d \
|
||||
--name=nextcloud \
|
||||
-e PUID=1000 \
|
||||
@@ -102,7 +136,6 @@ docker run -d \
|
||||
ghcr.io/linuxserver/nextcloud
|
||||
```
|
||||
|
||||
|
||||
## Parameters
|
||||
|
||||
Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate `<external>:<internal>` respectively. For example, `-p 8080:80` would expose port `80` from inside the container to be accessible from the host's IP on port `8080` outside the container.
|
||||
@@ -122,7 +155,7 @@ You can set any environment variable from a file by using a special prepend `FIL
|
||||
|
||||
As an example:
|
||||
|
||||
```
|
||||
```bash
|
||||
-e FILE__PASSWORD=/run/secrets/mysecretpassword
|
||||
```
|
||||
|
||||
@@ -141,46 +174,17 @@ Ensure any volume directories on the host are owned by the same user you specify
|
||||
|
||||
In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as below:
|
||||
|
||||
```
|
||||
```bash
|
||||
$ id username
|
||||
uid=1000(dockeruser) gid=1000(dockergroup) groups=1000(dockergroup)
|
||||
```
|
||||
|
||||
|
||||
|
||||
## Application Setup
|
||||
|
||||
Access the webui at `https://<your-ip>:443`, for more information check out [Nextcloud](https://nextcloud.com/).
|
||||
|
||||
Docker image update and recreation of container alone won't update nextcloud version.
|
||||
|
||||
In order to update nextcloud version, you have two options, firstly make sure you are using the latest docker image,then either
|
||||
|
||||
1. Perform the in app gui update.
|
||||
2. Use the CLI version by running `docker exec -it nextcloud updater.phar`
|
||||
(Both of these are described [here](https://docs.nextcloud.com/server/latest/admin_manual/maintenance/update.html))
|
||||
|
||||
Note: Both `occ` and `updater.phar` can be run without prepending with `sudo -u abc php` or `sudo -u www-data php`
|
||||
|
||||
If you are not customizing our default nginx configuration you will need to remove the file:
|
||||
```
|
||||
/config/nginx/site-confs/default
|
||||
```
|
||||
Then restart the container to replace it with the latest one.
|
||||
|
||||
### Collaborative Editing
|
||||
|
||||
Nextcloud's built-in collaborative editing packages (Collabora/CODE and OnlyOffice) only work on x86_64 systems with glibc, and therefore they are not compatible with our images. You should create separate containers for them and set them up in Nextcloud with their respective connector addons.
|
||||
|
||||
If (auto) installed, those built-in packages may cause instability and should be removed.
|
||||
|
||||
|
||||
## Docker Mods
|
||||
|
||||
[](https://mods.linuxserver.io/?mod=nextcloud "view available mods for this container.") [](https://mods.linuxserver.io/?mod=universal "view available universal mods.")
|
||||
|
||||
We publish various [Docker Mods](https://github.com/linuxserver/docker-mods) to enable additional functionality within the containers. The list of Mods available for this image (if any) as well as universal mods that can be applied to any one of our images can be accessed via the dynamic badges above.
|
||||
|
||||
|
||||
## Support Info
|
||||
|
||||
* Shell access whilst the container is running: `docker exec -it nextcloud /bin/bash`
|
||||
@@ -197,6 +201,7 @@ Most of our images are static, versioned, and require an image update and contai
|
||||
Below are the instructions for updating containers:
|
||||
|
||||
### Via Docker Compose
|
||||
|
||||
* Update all images: `docker-compose pull`
|
||||
* or update a single image: `docker-compose pull nextcloud`
|
||||
* Let compose update all containers as necessary: `docker-compose up -d`
|
||||
@@ -204,6 +209,7 @@ Below are the instructions for updating containers:
|
||||
* You can also remove the old dangling images: `docker image prune`
|
||||
|
||||
### Via Docker Run
|
||||
|
||||
* Update the image: `docker pull ghcr.io/linuxserver/nextcloud`
|
||||
* Stop the running container: `docker stop nextcloud`
|
||||
* Delete the container: `docker rm nextcloud`
|
||||
@@ -211,24 +217,29 @@ Below are the instructions for updating containers:
|
||||
* You can also remove the old dangling images: `docker image prune`
|
||||
|
||||
### Via Watchtower auto-updater (only use if you don't remember the original parameters)
|
||||
|
||||
* Pull the latest image at its tag and replace it with the same env variables in one run:
|
||||
```
|
||||
|
||||
```bash
|
||||
docker run --rm \
|
||||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||||
containrrr/watchtower \
|
||||
--run-once nextcloud
|
||||
```
|
||||
|
||||
* You can also remove the old dangling images: `docker image prune`
|
||||
|
||||
**Note:** We do not endorse the use of Watchtower as a solution to automated updates of existing Docker containers. In fact we generally discourage automated updates. However, this is a useful tool for one-time manual updates of containers where you have forgotten the original parameters. In the long term, we highly recommend using [Docker Compose](https://docs.linuxserver.io/general/docker-compose).
|
||||
|
||||
### Image Update Notifications - Diun (Docker Image Update Notifier)
|
||||
|
||||
* We recommend [Diun](https://crazymax.dev/diun/) for update notifications. Other tools that automatically update containers unattended are not recommended or supported.
|
||||
|
||||
## Building locally
|
||||
|
||||
If you want to make local modifications to these images for development purposes or just to customize the logic:
|
||||
```
|
||||
|
||||
```bash
|
||||
git clone https://github.com/linuxserver/docker-nextcloud.git
|
||||
cd docker-nextcloud
|
||||
docker build \
|
||||
@@ -238,7 +249,8 @@ docker build \
|
||||
```
|
||||
|
||||
The ARM variants can be built on x86_64 hardware using `multiarch/qemu-user-static`
|
||||
```
|
||||
|
||||
```bash
|
||||
docker run --rm --privileged multiarch/qemu-user-static:register --reset
|
||||
```
|
||||
|
||||
@@ -246,6 +258,8 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
||||
|
||||
## Versions
|
||||
|
||||
* **21.03.21:** - Publish `php8` tag for testing.
|
||||
* **25.02.21:** - Nginx default site config updated for v21 (existing users should delete `/config/nginx/site-confs/default` and restart the container).
|
||||
* **21.01.21:** - Fix php iconv (was breaking the mail addon). If installed, attempt to remove broken CODE Server app during startup.
|
||||
* **20.01.21:** - Increase php fcgi timeout to prevent 504 Gateway timeout errors (existing users should delete `/config/nginx/site-confs/default` and restart the container).
|
||||
* **16.01.21:** - Rebasing to alpine 3.13. Users with issues on 32-bit arm, [see this article](https://docs.linuxserver.io/faq#my-host-is-incompatible-with-images-based-on-ubuntu-focal-and-alpine-3-13).
|
||||
|
||||
+69
-69
@@ -3,14 +3,14 @@ alpine-keys-2.2-r0
|
||||
alsa-lib-1.2.4-r2
|
||||
aom-libs-1.0.0-r1
|
||||
apache2-utils-2.4.46-r3
|
||||
apk-tools-2.12.1-r0
|
||||
apk-tools-2.12.5-r0
|
||||
apr-1.7.0-r0
|
||||
apr-util-1.6.1-r7
|
||||
argon2-libs-20190702-r1
|
||||
avahi-libs-0.8-r2
|
||||
bash-5.1.0-r0
|
||||
brotli-libs-1.0.9-r3
|
||||
busybox-1.32.1-r3
|
||||
busybox-1.32.1-r6
|
||||
c-client-2007f-r11
|
||||
ca-certificates-20191127-r5
|
||||
ca-certificates-bundle-20191127-r5
|
||||
@@ -18,7 +18,7 @@ cairo-1.16.0-r2
|
||||
cairo-gobject-1.16.0-r2
|
||||
coreutils-8.32-r2
|
||||
cups-libs-2.3.3-r1
|
||||
curl-7.74.0-r0
|
||||
curl-7.76.1-r0
|
||||
dbus-libs-1.12.20-r1
|
||||
expat-2.2.10-r1
|
||||
ffmpeg-4.3.1-r3
|
||||
@@ -27,13 +27,13 @@ fontconfig-2.13.1-r3
|
||||
freetype-2.10.4-r1
|
||||
fribidi-1.0.10-r0
|
||||
gdbm-1.19-r0
|
||||
gdk-pixbuf-2.42.2-r0
|
||||
gdk-pixbuf-2.42.4-r0
|
||||
ghostscript-9.53.3-r0
|
||||
git-2.30.1-r0
|
||||
glib-2.66.7-r0
|
||||
git-2.30.2-r0
|
||||
glib-2.66.8-r0
|
||||
gmp-6.2.1-r0
|
||||
gnu-libiconv-1.15-r3
|
||||
gnutls-3.7.0-r0
|
||||
gnutls-3.7.1-r0
|
||||
graphite2-1.3.14-r0
|
||||
harfbuzz-2.7.4-r1
|
||||
icu-libs-67.1-r2
|
||||
@@ -43,7 +43,7 @@ jansson-2.13.1-r0
|
||||
jbig2dec-0.19-r0
|
||||
lame-3.100-r0
|
||||
lcms2-2.11-r0
|
||||
ldb-2.2.0-r0
|
||||
ldb-2.2.1-r0
|
||||
libacl-2.2.53-r0
|
||||
libarchive-3.5.1-r0
|
||||
libass-0.15.0-r0
|
||||
@@ -53,8 +53,8 @@ libbsd-0.10.0-r0
|
||||
libbz2-1.0.8-r1
|
||||
libc-utils-0.7.2-r3
|
||||
libcap-2.46-r0
|
||||
libcrypto1.1-1.1.1j-r0
|
||||
libcurl-7.74.0-r0
|
||||
libcrypto1.1-1.1.1k-r0
|
||||
libcurl-7.76.1-r0
|
||||
libdav1d-0.8.1-r0
|
||||
libde265-1.0.4-r0
|
||||
libdrm-2.4.104-r0
|
||||
@@ -65,8 +65,8 @@ libgomp-10.2.1_pre1-r3
|
||||
libheif-1.9.1-r0
|
||||
libice-1.0.10-r0
|
||||
libintl-0.20.2-r2
|
||||
libjpeg-turbo-2.0.6-r0
|
||||
libldap-2.4.57-r0
|
||||
libjpeg-turbo-2.1.0-r0
|
||||
libldap-2.4.57-r1
|
||||
libltdl-2.4.6-r7
|
||||
libmagic-5.39-r0
|
||||
libmcrypt-2.5.8-r9
|
||||
@@ -75,18 +75,18 @@ libmount-2.36.1-r1
|
||||
libogg-1.3.4-r0
|
||||
libpciaccess-0.16-r0
|
||||
libpng-1.6.37-r1
|
||||
libpq-13.1-r2
|
||||
libpq-13.3-r0
|
||||
libproc-3.3.16-r0
|
||||
libressl3.1-libcrypto-3.1.5-r0
|
||||
libressl3.1-libssl-3.1.5-r0
|
||||
librsvg-2.50.3-r0
|
||||
librsvg-2.50.4-r0
|
||||
libsasl-2.1.27-r10
|
||||
libsm-1.2.3-r0
|
||||
libsmbclient-4.13.3-r1
|
||||
libsmbclient-4.13.8-r0
|
||||
libsodium-1.0.18-r0
|
||||
libsrt-1.4.2-r0
|
||||
libssh-0.9.5-r0
|
||||
libssl1.1-1.1.1j-r0
|
||||
libssl1.1-1.1.1k-r0
|
||||
libstdc++-10.2.1_pre1-r3
|
||||
libtasn1-4.16.0-r1
|
||||
libtheora-1.1.1-r16
|
||||
@@ -97,9 +97,9 @@ libva-2.10.0-r0
|
||||
libvdpau-1.4-r0
|
||||
libvorbis-1.3.7-r0
|
||||
libvpx-1.9.0-r0
|
||||
libwbclient-4.13.3-r1
|
||||
libwbclient-4.13.8-r0
|
||||
libwebp-1.1.0-r0
|
||||
libx11-1.7.0-r0
|
||||
libx11-1.7.1-r0
|
||||
libxau-1.0.9-r0
|
||||
libxcb-1.14-r1
|
||||
libxdmcp-1.1.3-r0
|
||||
@@ -120,71 +120,71 @@ musl-utils-1.2.2-r0
|
||||
nano-5.4-r1
|
||||
ncurses-libs-6.2_p20210109-r0
|
||||
ncurses-terminfo-base-6.2_p20210109-r0
|
||||
nettle-3.7-r0
|
||||
nettle-3.7.2-r0
|
||||
nghttp2-libs-1.42.0-r1
|
||||
nginx-1.18.0-r13
|
||||
oniguruma-6.9.6-r0
|
||||
openssl-1.1.1j-r0
|
||||
openssl-1.1.1k-r0
|
||||
opus-1.3.1-r1
|
||||
p11-kit-0.23.22-r0
|
||||
pango-1.48.2-r0
|
||||
pcre-8.44-r0
|
||||
pcre2-10.36-r0
|
||||
php7-7.4.15-r0
|
||||
php7-bcmath-7.4.15-r0
|
||||
php7-bz2-7.4.15-r0
|
||||
php7-common-7.4.15-r0
|
||||
php7-ctype-7.4.15-r0
|
||||
php7-curl-7.4.15-r0
|
||||
php7-dom-7.4.15-r0
|
||||
php7-exif-7.4.15-r0
|
||||
php7-fileinfo-7.4.15-r0
|
||||
php7-fpm-7.4.15-r0
|
||||
php7-ftp-7.4.15-r0
|
||||
php7-gd-7.4.15-r0
|
||||
php7-gmp-7.4.15-r0
|
||||
php7-iconv-7.4.15-r0
|
||||
php7-imap-7.4.15-r0
|
||||
php7-intl-7.4.15-r0
|
||||
php7-json-7.4.15-r0
|
||||
php7-ldap-7.4.15-r0
|
||||
php7-mbstring-7.4.15-r0
|
||||
php7-mysqlnd-7.4.15-r0
|
||||
php7-opcache-7.4.15-r0
|
||||
php7-openssl-7.4.15-r0
|
||||
php7-pcntl-7.4.15-r0
|
||||
php7-pdo-7.4.15-r0
|
||||
php7-pdo_mysql-7.4.15-r0
|
||||
php7-pdo_pgsql-7.4.15-r0
|
||||
php7-pdo_sqlite-7.4.15-r0
|
||||
php7-pecl-apcu-5.1.19-r1
|
||||
php7-pecl-igbinary-3.2.2_rc1-r0
|
||||
php7-7.4.19-r0
|
||||
php7-bcmath-7.4.19-r0
|
||||
php7-bz2-7.4.19-r0
|
||||
php7-common-7.4.19-r0
|
||||
php7-ctype-7.4.19-r0
|
||||
php7-curl-7.4.19-r0
|
||||
php7-dom-7.4.19-r0
|
||||
php7-exif-7.4.19-r0
|
||||
php7-fileinfo-7.4.19-r0
|
||||
php7-fpm-7.4.19-r0
|
||||
php7-ftp-7.4.19-r0
|
||||
php7-gd-7.4.19-r0
|
||||
php7-gmp-7.4.19-r0
|
||||
php7-iconv-7.4.19-r0
|
||||
php7-imap-7.4.19-r0
|
||||
php7-intl-7.4.19-r0
|
||||
php7-json-7.4.19-r0
|
||||
php7-ldap-7.4.19-r0
|
||||
php7-mbstring-7.4.19-r0
|
||||
php7-mysqlnd-7.4.19-r0
|
||||
php7-opcache-7.4.19-r0
|
||||
php7-openssl-7.4.19-r0
|
||||
php7-pcntl-7.4.19-r0
|
||||
php7-pdo-7.4.19-r0
|
||||
php7-pdo_mysql-7.4.19-r0
|
||||
php7-pdo_pgsql-7.4.19-r0
|
||||
php7-pdo_sqlite-7.4.19-r0
|
||||
php7-pecl-apcu-5.1.20-r0
|
||||
php7-pecl-igbinary-3.2.2-r0
|
||||
php7-pecl-imagick-3.4.4-r7
|
||||
php7-pecl-mcrypt-1.0.4-r0
|
||||
php7-pecl-memcached-3.1.5-r2
|
||||
php7-pecl-redis-5.3.3-r0
|
||||
php7-pgsql-7.4.15-r0
|
||||
php7-phar-7.4.15-r0
|
||||
php7-posix-7.4.15-r0
|
||||
php7-session-7.4.15-r0
|
||||
php7-simplexml-7.4.15-r0
|
||||
php7-sodium-7.4.15-r0
|
||||
php7-sqlite3-7.4.15-r0
|
||||
php7-xml-7.4.15-r0
|
||||
php7-xmlreader-7.4.15-r0
|
||||
php7-xmlwriter-7.4.15-r0
|
||||
php7-zip-7.4.15-r0
|
||||
php7-pecl-redis-5.3.4-r0
|
||||
php7-pgsql-7.4.19-r0
|
||||
php7-phar-7.4.19-r0
|
||||
php7-posix-7.4.19-r0
|
||||
php7-session-7.4.19-r0
|
||||
php7-simplexml-7.4.19-r0
|
||||
php7-sodium-7.4.19-r0
|
||||
php7-sqlite3-7.4.19-r0
|
||||
php7-xml-7.4.19-r0
|
||||
php7-xmlreader-7.4.19-r0
|
||||
php7-xmlwriter-7.4.19-r0
|
||||
php7-zip-7.4.19-r0
|
||||
pixman-0.40.0-r2
|
||||
pkgconf-1.7.3-r0
|
||||
popt-1.18-r0
|
||||
procps-3.3.16-r0
|
||||
readline-8.1.0-r0
|
||||
s6-ipcserver-2.10.0.0-r0
|
||||
samba-client-4.13.3-r1
|
||||
samba-client-libs-4.13.3-r1
|
||||
samba-common-4.13.3-r1
|
||||
samba-libs-4.13.3-r1
|
||||
samba-util-libs-4.13.3-r1
|
||||
samba-client-4.13.8-r0
|
||||
samba-client-libs-4.13.8-r0
|
||||
samba-common-4.13.8-r0
|
||||
samba-libs-4.13.8-r0
|
||||
samba-util-libs-4.13.8-r0
|
||||
scanelf-1.2.8-r0
|
||||
sdl2-2.0.14-r0
|
||||
shadow-4.8.1-r0
|
||||
@@ -192,13 +192,13 @@ shared-mime-info-2.0-r0
|
||||
skalibs-2.10.0.0-r0
|
||||
soxr-0.1.3-r2
|
||||
sqlite-libs-3.34.1-r0
|
||||
ssl_client-1.32.1-r3
|
||||
ssl_client-1.32.1-r6
|
||||
sudo-1.9.5p2-r0
|
||||
talloc-2.3.1-r0
|
||||
tar-1.33-r1
|
||||
tar-1.34-r0
|
||||
tdb-libs-1.4.3-r0
|
||||
tevent-0.10.2-r0
|
||||
tiff-4.1.0-r2
|
||||
tiff-4.2.0-r0
|
||||
tzdata-2021a-r0
|
||||
unzip-6.0-r8
|
||||
utmps-0.1.0.0-r0
|
||||
|
||||
+6
-1
@@ -18,7 +18,10 @@ available_architectures:
|
||||
- { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
|
||||
|
||||
# development version
|
||||
development_versions: false
|
||||
development_versions: true
|
||||
development_versions_items:
|
||||
- { tag: "latest", desc: "Stable Nextcloud releases (currently php7)" }
|
||||
- { tag: "php8", desc: "Experimental php8 based Nextcloud releases" }
|
||||
|
||||
# container parameters
|
||||
common_param_env_vars_enabled: true
|
||||
@@ -75,6 +78,8 @@ app_setup_block: |
|
||||
|
||||
# changelog
|
||||
changelogs:
|
||||
- { date: "21.03.21:", desc: "Publish `php8` tag for testing." }
|
||||
- { date: "25.02.21:", desc: "Nginx default site config updated for v21 (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
|
||||
- { date: "21.01.21:", desc: "Fix php iconv (was breaking the mail addon). If installed, attempt to remove broken CODE Server app during startup." }
|
||||
- { date: "20.01.21:", desc: "Increase php fcgi timeout to prevent 504 Gateway timeout errors (existing users should delete `/config/nginx/site-confs/default` and restart the container)." }
|
||||
- { date: "16.01.21:", desc: "Rebasing to alpine 3.13. Users with issues on 32-bit arm, [see this article](https://docs.linuxserver.io/faq#my-host-is-incompatible-with-images-based-on-ubuntu-focal-and-alpine-3-13)." }
|
||||
|
||||
+89
-70
@@ -25,98 +25,117 @@ server {
|
||||
# in all major browsers and getting removed from this list
|
||||
# could take several months.
|
||||
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
add_header Referrer-Policy no-referrer;
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
root /config/www/nextcloud/;
|
||||
# display real ip in nginx logs when connected through reverse proxy via docker network
|
||||
set_real_ip_from 172.0.0.0/8;
|
||||
real_ip_header X-Forwarded-For;
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
location = /.well-known/carddav {
|
||||
return 301 $scheme://$host:$server_port/remote.php/dav;
|
||||
}
|
||||
location = /.well-known/caldav {
|
||||
return 301 $scheme://$host:$server_port/remote.php/dav;
|
||||
}
|
||||
location = /.well-known/webfinger {
|
||||
return 301 $scheme://$host:$server_port/public.php?service=webfinger;
|
||||
}
|
||||
location = /.well-known/host-meta {
|
||||
return 301 $scheme://$host:$server_port/public.php?service=host-meta;
|
||||
}
|
||||
location = /.well-known/host-meta.json {
|
||||
return 301 $scheme://$host:$server_port/public.php?service=host-meta-json;
|
||||
}
|
||||
client_max_body_size 10G;
|
||||
# set max upload size
|
||||
client_max_body_size 512M;
|
||||
fastcgi_buffers 64 4K;
|
||||
|
||||
# Enable gzip but do not remove ETag headers
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 4;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||||
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||||
location / {
|
||||
rewrite ^ /index.php;
|
||||
|
||||
# HTTP response headers borrowed from Nextcloud `.htaccess`
|
||||
add_header Referrer-Policy "no-referrer" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
add_header X-Download-Options "noopen" always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||
add_header X-Robots-Tag "none" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
|
||||
# Remove X-Powered-By, which is an information leak
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
|
||||
root /config/www/nextcloud/;
|
||||
|
||||
# display real ip in nginx logs when connected through reverse proxy via docker network
|
||||
set_real_ip_from 172.0.0.0/8;
|
||||
real_ip_header X-Forwarded-For;
|
||||
|
||||
# Specify how to handle directories -- specifying `/index.php$request_uri`
|
||||
# here as the fallback means that Nginx always exhibits the desired behaviour
|
||||
# when a client requests a path that corresponds to a directory that exists
|
||||
# on the server. In particular, if that directory contains an index.php file,
|
||||
# that file is correctly served; if it doesn't, then the request is passed to
|
||||
# the front-end controller. This consistent behaviour means that we don't need
|
||||
# to specify custom rules for certain paths (e.g. images and other assets,
|
||||
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
|
||||
# `try_files $uri $uri/ /index.php$request_uri`
|
||||
# always provides the desired behaviour.
|
||||
index index.php index.html /index.php$request_uri;
|
||||
|
||||
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
|
||||
location = / {
|
||||
if ( $http_user_agent ~ ^DavClnt ) {
|
||||
return 302 /remote.php/webdav/$is_args$args;
|
||||
}
|
||||
}
|
||||
location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
|
||||
deny all;
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||
deny all;
|
||||
|
||||
# Make a regex exception for `/.well-known` so that clients can still
|
||||
# access it despite the existence of the regex rule
|
||||
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
|
||||
# for `/.well-known`.
|
||||
location ^~ /.well-known {
|
||||
# The following 6 rules are borrowed from `.htaccess`
|
||||
|
||||
location = /.well-known/carddav { return 301 /remote.php/dav/; }
|
||||
location = /.well-known/caldav { return 301 /remote.php/dav/; }
|
||||
# Anything else is dynamically handled by Nextcloud
|
||||
location ^~ /.well-known { return 301 /index.php$uri; }
|
||||
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/) {
|
||||
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
|
||||
|
||||
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
|
||||
|
||||
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
|
||||
# which handle static assets (as seen below). If this block is not declared first,
|
||||
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
|
||||
# to the URI, resulting in a HTTP 500 error response.
|
||||
location ~ \.php(?:$|/) {
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
set $path_info $fastcgi_path_info;
|
||||
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
fastcgi_param HTTPS on;
|
||||
fastcgi_param modHeadersAvailable true;
|
||||
fastcgi_param front_controller_active true;
|
||||
|
||||
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
|
||||
fastcgi_param front_controller_active true; # Enable pretty urls
|
||||
fastcgi_pass php-handler;
|
||||
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
fastcgi_read_timeout 3600;
|
||||
}
|
||||
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
|
||||
try_files $uri/ =404;
|
||||
index index.php;
|
||||
}
|
||||
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
|
||||
|
||||
location ~ \.(?:css|js|svg|gif)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
add_header Cache-Control "public, max-age=15778463";
|
||||
# Add headers to serve security related headers
|
||||
# Before enabling Strict-Transport-Security headers please read into this
|
||||
# topic first.
|
||||
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
#
|
||||
# WARNING: Only add the preload option once you read about
|
||||
# the consequences in https://hstspreload.org/. This option
|
||||
# will add the domain to a hardcoded list that is shipped
|
||||
# in all major browsers and getting removed from this list
|
||||
# could take several months.
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
add_header X-Download-Options noopen;
|
||||
add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-Permitted-Cross-Domain-Policies none;
|
||||
add_header Referrer-Policy no-referrer;
|
||||
access_log off;
|
||||
expires 6M; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
|
||||
|
||||
location ~ \.woff2?$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
access_log off;
|
||||
expires 7d; # Cache-Control policy borrowed from `.htaccess`
|
||||
access_log off; # Optional: Don't log access to assets
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php$request_uri;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
[[ ! -x /usr/bin/updater.phar ]] && \
|
||||
chmod +x /usr/bin/updater.phar
|
||||
|
||||
if occ app:list | grep -q richdocumentscode; then
|
||||
echo "Removing CODE Server"
|
||||
occ app:remove richdocumentscode
|
||||
if ( occ app:list --no-interaction | grep -q richdocumentscode) 2>/dev/null; then
|
||||
echo "Removing CODE Server"
|
||||
occ app:remove --no-interaction richdocumentscode 2>/dev/null
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user